| Pages: 1 [2] 3 4 5 6 7 8 :: one page |
| Author |
Thread Statistics | Show CCP posts - 1 post(s) |
Regat Kozovv
Caldari
Alcothology
   |
Posted - 2009.07.28 18:04:00 -
[31]
 Originally by: Agent Known
Maybe now's also the time to restart Linux support. No more keyloggers! 
Just a clarification, If I remember correctly, linux support was removed because EVE running under Wine was actually better than the Cedaga solution CCP was pushing.
You can certainly play EVE under Linux still, it just didn't make sense for CCP to fund an effort that was inferior to a free solution.
But yeah, I doubt they wrote a keylogger for Linux as well. But don't all of you switch to that, less they port one to that platform as well. =P
|
DasDizzy
Guiding Hand Social Club
|
Posted - 2009.07.28 18:14:00 -
[32]
Cant you get the icelandic government to invade china or somesuch?
[SIG START]
Everything i say is the view of the rest of the eve cluster, IM THE PRESSDUDE FFS
|
Mashie Saldana
BFG Tech
|
Posted - 2009.07.28 18:24:00 -
[33]
Originally by: iP0D
Originally by: Tiny Tove
Separate passwords for forum/website and game server please.
Indeed.
It wont do much good tbh considering the keylogger will grab any password you enter, regardless if it is in the browser or in the EVE client.
|
KardelSharpeye
Gallente
Totally Abstract
O X I D E
|
Posted - 2009.07.28 18:26:00 -
[34]
I doubt they you can get a keyloger on linux without your knowledge i think everything like that will require you to enter a password.
|
Satynic
|
Posted - 2009.07.28 18:52:00 -
[35]
To be honest. If you want to buy some isk, just dish out the extra few bucks and get yourself a GTC. Its worth the money to be done legally and you know some other eve junkie out there got a 60 day fix for your efforts. Fly safe.
|
Reandom Traas
|
Posted - 2009.07.28 19:36:00 -
[36]
Originally by: Agent Known
Maybe now's also the time to restart Linux support. No more keyloggers!
While Windows is still attacked without mercy, the Flash based attack of a couple of weeks ago that affected ALL OS's that use Flash (Mac/Linux included) show the days of Mac and Linux users not having to worry are drawing to a close. All should be vigilant.
|
Mme Pinkerton
Caldari
|
Posted - 2009.07.28 19:42:00 -
[37]
Originally by: KardelSharpeye
I doubt they you can get a keyloger on linux without your knowledge i think everything like that will require you to enter a password.
IIRC XQueryKeymap can be used without being root (or the "owner" of the xserver you are connected to), so one could write a keylogger running without root privileges.
If you could sneak it in through some browser bug, it could be installed into your home directory and executed at each login/xserver start (e.g. via .profile).
" Credit is the economic judgement on the morality of a man. " |
Kaylan Jahlar
Minmatar Industrial Limited
|
Posted - 2009.07.28 20:03:00 -
[38]
Edited by: Kaylan Jahlar on 28/07/2009 20:03:55
The only way they'll completely get rid of keyloggers is by offering a hardware authenticator. Anything else is digital and can be hacked or sniffed easily. A keylogger wouldn't be able to do any harm if you're using an authenticator. I think it's time for CCP to get their head out of their butts and do it!
----
Advanced combat probing guide: A clever use of the directional scanner |
shuckstar
Gallente
Hauling hogs
|
Posted - 2009.07.28 20:16:00 -
[39]
Edited by: shuckstar on 28/07/2009 20:16:21
Originally by: Gone'Postal
Who would have guessed??  with all the forum crap thats been going on of late.
Sep passwords for site and game please.
Yep atleast it be a start.
|
N0R0X
S.K. Astronautics
|
Posted - 2009.07.28 20:36:00 -
[40]
Originally by: Tiny Tove
My online bank has two passwords for my account.
One password is plain typed. So I might have to type in "mybankpassword" during the first part of the login process.
The other is entered on the next page, but they do not ask me to type anything.
Instead they ask me to use drop-down boxes to select letters.
Suppose my 2nd password was "can1hazyourstuff" they might say:-
"Please select the 2nd, 4th and 11th letters of your 2nd password"
And I would use the 3 drop down boxes to enter "a", "1" and "r"
In that way, somebody would have to physically record me visually logging in many times to get my 2nd password.
Whether this is suitable for game server access... I don't know.
Actually I kind of agree on this method. It does not take huge amounts of code to implement, not that it's easy though. Maybe a dual password with the second password only asking for snippets via drop down boxes. It won't be impossible to fool but does make it hard.
At least in my opinion return on investment on this method could be pretty high in a sense
- Norox |
Kahega Amielden
Minmatar
Suddenly Ninjas
|
Posted - 2009.07.28 20:36:00 -
[41]
Originally by: Maria Kalista
Originally by: Agent Known
Maybe now's also the time to restart Linux support. No more keyloggers!
Luckily Mac support still exists. No keyloggers here either. 
Bragging that you're immune to keyloggers because you use a Mac is like bragging that you're immune to robbery because you're dirt poor and own nothing worth stealing.
Anyway...Looks like the ISK sellers found a new way to make money. Maybe it'll work less if people use google to search for **** instead of the EVEO forums.
|
Blane Xero
Amarr
The Firestorm Cartel
|
Posted - 2009.07.28 21:06:00 -
[42]
You would have to be terribly careful of any IP stuff. My ISP leases me a new IP every 2-3 days. Dynamic IPs Ftl
_____________________________________
Haruhiist since December 2008
Originally by: CCP Fallout
:facepalm:
|
Nova Fox
Gallente
Novafox Shipyards
|
Posted - 2009.07.28 21:17:00 -
[43]
Hardware Authenticators are not sure fire, I mean cmon hardware authentications failed for centuries in keeping the most determined out(and if im not mistaken for at least one millenia) now in the digital era replicated the exact specifications of the 'hardware' can be easily acheived and the determined individual knows how it works and how to break it.
You make a better lock somone else is going to make a better lockpick.
Pre-order your Sisters of ≡v≡ Exploration ship today, Updated 17JUL09 |
Regat Kozovv
Caldari
Alcothology
|
Posted - 2009.07.28 21:22:00 -
[44]
Originally by: Nova Fox
Hardware Authenticators are not sure fire, I mean cmon hardware authentications failed for centuries in keeping the most determined out(and if im not mistaken for at least one millenia) now in the digital era replicated the exact specifications of the 'hardware' can be easily acheived and the determined individual knows how it works and how to break it.
You make a better lock somone else is going to make a better lockpick.
True, but in this case, hardware authentication is not the same. They're not locks.
http://en.wikipedia.org/wiki/SecurID
|
LordSwift
Caldari
|
Posted - 2009.07.28 22:40:00 -
[45]
I would happily pay for one off those. for both my accounts
Join the brown Coats today!!! |
Iria Ahrens
Amarr
101st Space Marine Force
Libertas Fidelitas
|
Posted - 2009.07.28 23:34:00 -
[46]
I'll add myself to the seperate passwords for forum and game please group.
as for keyloggers, a few years ago I installed roboform, which is a key generator, there are other brands that do the same thing I assume, but never tried any others because roboform fits my needs so well, so anyone wanting to protect themselves from keyloggers might consider getting some passkey program.
I don't want to make a mini-add for it, but it uses a master password that is good up to 256 AES encryption of the keys. It autogenerates passwords so they look like this "g1ik's?6jkAe%=6!yPoz}q1R0i&D\x4dGwi%KfQ4Zv" so I don't even know my passwords anymore because they are a mess of random crap. I've one copy stored on my computer, another on my flash drive, another off site so I don't need to worry about losing my stuff. Anyway, I suggest getting a good password manager program. It might take a few days getting used to it, but You'll love it the more you use it.
--
Nobody expects the Amarr Inquisition!
|
Vyktor Abyss
Gallente
The Abyss Corporation
Abyss Alliance
|
Posted - 2009.07.29 00:20:00 -
[47]
Just wondering if this is solely a trend in Eve or if generally internet/e-crime is on the rise...
It certainly feels as a lay person hearing stories of online thefts that the security industry is outgunned by the criminals.
Time to go play ping pong instead?
|
Gin G
Halls Of Valhalla
|
Posted - 2009.07.29 00:35:00 -
[48]
this is your karma ccp you now have to repent for you sins
Please refrain from editing a moderator's warning. Zymurgist |
Fortuna Cournot
Caldari
Perkone
|
Posted - 2009.07.29 00:51:00 -
[49]
Originally by: Regat Kozovv
Absolutely. In that case it would just be a matter of how much collateral damage CCP would be willing to take as there's the risk of blocking legitimate attackers as well. The answer to that really depends on where the attacks are originating from compared to where the player base largely originates from.
But the real kicker is whether or not the attacker is using any methods to hide his true origin, and unfortunate this is relationally easy to do. Packet forging is one method, but the possibility of botnets or otherwise remotely controlled machines/proxies makes it difficult. Color me unsurprised if one did a traceroute on the origin of some of these logins and found that the originated from ISP networks in the U.S, Western Europe, or other markets with large gaming communities. =(
Perhaps you got me wrong. I didn't say "block the ISP of attacker"s, i said "make it possible for players to force logins from their own ISP".
Keyloggers will spread the collected information to somewhere on the internet. You can't block that part, so they may get your password... 
But to use it they need to login from a client at the ISP. Forging IP packets is one thing. But what if the server opens a new backward connection for checking ? I don't think it is possible to cheat that.
------
ineve.net Character Skill Showroom |
Orb Lati
Minmatar
ANZAC ALLIANCE
Southern Cross Alliance
|
Posted - 2009.07.29 01:02:00 -
[50]
I think the simplest precaution to take is next time you see "Naked Woman Caught By Satellite watch!" spammed across the forums is to resist temptation and not click the link.
Stupid perverts. 
"We worship Strength because it is through strength that all other values are made possible" |
Gunnanmon
Gallente
UNITED STAR SYNDICATE
|
Posted - 2009.07.29 01:37:00 -
[51]
Originally by: Leaving Eve
buying isk is for losers
Or winners (in the RL world) that have no interest in the mundane farming required to make isk.
Hating is for losers.
Signature locked for discussing moderation. Navigator
|
Iria Ahrens
Amarr
101st Space Marine Force
Libertas Fidelitas
|
Posted - 2009.07.29 01:46:00 -
[52]
Originally by: Orb Lati
I think the simplest precaution to take is next time you see "Naked Woman Caught By Satellite watch!" spammed across the forums is to resist temptation and not click the link.
Stupid perverts.
I remember seeing that thread and wondering what it had to do with EVE. I ignored the thread, then downloaded google earth :P
--
Nobody expects the Amarr Inquisition!
|
Junkzinat0r
Minmatar
Owwww My Eye
|
Posted - 2009.07.29 02:29:00 -
[53]
Curiously.. another MMO company *cough*myth1c*cough* have a 2-tier password system. A primary account and the game account which are linked together but require seperate passwords.
Also the above stated mobs website warns you when you click off an external link (not sure if its true for their forums) static that you are leaving their domain...
At least a 2 tier account system would be an improvement...
Lastly... it's not entirely CCP's fault when users are clicking willy-nilly on random links from what is from what I've seen to be blatant trolling attempts from blatantly fake accounts with **** like 'naked grl caught on sattelite' and assorted cr4p.
my 2c.
... |
Gealla
|
Posted - 2009.07.29 03:12:00 -
[54]
Originally by: Kaylan Jahlar
Edited by: Kaylan Jahlar on 28/07/2009 20:03:55
The only way they'll completely get rid of keyloggers is by offering a hardware authenticator. Anything else is digital and can be hacked or sniffed easily. A keylogger wouldn't be able to do any harm if you're using an authenticator. I think it's time for CCP to get their head out of their butts and do it!
This ^^
Blizzard has had authenticators for quite some time, and the folks that use them don't get hacked. Peroid. They're something like $6.99 US to buy and provide a unique code everyime you log into your account......
|
Gin G
Halls Of Valhalla
|
Posted - 2009.07.29 04:29:00 -
[55]
what ccp should ask us is are we willing to pay a few quid extra every month or risk loosing your last week/month/6 months or many years of work
Please refrain from editing a moderator's warning. Zymurgist |
Verx Interis
Amarr
SkyNet.
Cruor-Salax Legion
|
Posted - 2009.07.29 05:17:00 -
[56]
Originally by: Kaylan Jahlar
Edited by: Kaylan Jahlar on 28/07/2009 20:03:55
The only way they'll completely get rid of keyloggers is by offering a hardware authenticator. Anything else is digital and can be hacked or sniffed easily. A keylogger wouldn't be able to do any harm if you're using an authenticator. I think it's time for CCP to get their head out of their butts and do it!
If this = Eve support for my laptop's fingerprint reader, I'm for it.
----
Logins required for this post: 760110 |
Lance Fighter
Amarr
|
Posted - 2009.07.29 05:42:00 -
[57]
Originally by: Verx Interis
Originally by: Kaylan Jahlar
Edited by: Kaylan Jahlar on 28/07/2009 20:03:55
The only way they'll completely get rid of keyloggers is by offering a hardware authenticator. Anything else is digital and can be hacked or sniffed easily. A keylogger wouldn't be able to do any harm if you're using an authenticator. I think it's time for CCP to get their head out of their butts and do it!
If this = Eve support for my laptop's fingerprint reader, I'm for it.
Id totally go for that too
And somehow relevant to the situation at hand - what if the save password checkbox was brought back? Perhaps in that case a keylogger would need to actually do some work figuring out the password..
Originally by: Akita T
Seriously ?
...wow... I'm such a forum ho' !
|
JamesTalon
Caldari
The Knights Templar
|
Posted - 2009.07.29 05:48:00 -
[58]
Originally by: Lance Fighter
Originally by: Verx Interis
Originally by: Kaylan Jahlar
Edited by: Kaylan Jahlar on 28/07/2009 20:03:55
The only way they'll completely get rid of keyloggers is by offering a hardware authenticator. Anything else is digital and can be hacked or sniffed easily. A keylogger wouldn't be able to do any harm if you're using an authenticator. I think it's time for CCP to get their head out of their butts and do it!
If this = Eve support for my laptop's fingerprint reader, I'm for it.
Id totally go for that too
And somehow relevant to the situation at hand - what if the save password checkbox was brought back? Perhaps in that case a keylogger would need to actually do some work figuring out the password..
I'd love to use my fingerprint scanner as well. Be somewhat harder to crack I'd imagine.
"Till shade is gone, till water is gone, into the Shadow with teeth bared, screaming defiance with the last breath, to spit in Sightblinder’s eye on the Last Day." - Robert Jordan |
Valator Uel
Caldari
N'Th'Rack Squadron
Tau Ceti Federation
|
Posted - 2009.07.29 06:25:00 -
[59]
The best solution I've seen in this thread is for CCP to approve only certain website links (eveonline, eve-search, ect) and validate links in corporation/alliance profiles that can be posted on the forums. Any other link will not be high-lighted and people will need to copy and paste the link if they wish to visit it, in which case if people are stupid enough to copy/paste the link, visit the website AND not have a competent anti-virus they deserve to have their isk stolen for stupidity. Hell, the eve-client could even refuse to allow you to input your password should you not have an anti-virus.
|
Rordan D'Kherr
Amarr
|
Posted - 2009.07.29 08:14:00 -
[60]
Buying ISK should lead to a ban. No demand will stop the supply.
|
| |
|
| Pages: 1 [2] 3 4 5 6 7 8 :: one page |
| First page | Previous page | Next page | Last page |