Pages: [1] 2 3 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 4 post(s) |
MooKids
Caldari The Graduates Morsus Mihi
|
Posted - 2010.08.19 16:07:00 -
[1]
Yeah, I know, I'm paranoid, but it just got me wondering when I went to the EVE Account Management site to buy a couple PLEXes and it said it wanted to install the program from the title. I just found it odd since I've never seen this program want to install before for other things, like character transfer. Is this just an IP checker since it says on the page to disable any maskers? -------------------------------- CCP can patch away bugs, but they can't patch away stupidity. |
|
CCP Zymurgist
Gallente C C P
|
Posted - 2010.08.19 17:11:00 -
[2]
You shouldn't have to download or install anything to buy PLEX. It is just a web purchase then the PLEX is put on your account. Make sure you are at this url, https://secure.eveonline.com/PLEX.aspx.
It kinda sounds like you may of picked up some malware or spyware somewhere. Try running a virus scanner and malware remover before trying again just to be on the safe side.
Zymurgist Community Representative CCP Hf, EVE Online Contact Us |
|
|
CCP Alice
Caldari C C P Alliance
|
Posted - 2010.08.19 17:13:00 -
[3]
Hi MooKids,
We take the security of our websites very seriously, so we would really appreciate if you could take some screenshots of what you are experiencing and submit those to us via a petition so that we can investigate this further. You can file it under Technical Support - Website.
Thanks :)
|
|
WillusKillus
Gallente Qualinet Enterprises PodLife
|
Posted - 2010.08.19 18:53:00 -
[4]
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1369382
|
Syberbolt8
Gallente The Sacred Order of the Space Weasels Industrial Spearhead Alliance
|
Posted - 2010.08.20 02:35:00 -
[5]
Edited by: Syberbolt8 on 20/08/2010 02:41:14 Seems to be related to using Internet Explorer I don't get it with Firefox or chrome.
http://gentec.eve-host.com/img/Iovation.jpg
Edit:
Petition with picture submitted, petition tracking id is 2116109. The Resurrection: Support the Revised Dead Horse Pos thread in Assembly Hall |
scrambled
|
Posted - 2010.08.20 06:33:00 -
[6]
Cache cleared. |
scrambled
|
Posted - 2010.08.20 06:35:00 -
[7]
@Syberbolt; you might want to amend your petition and tell the GM to talk to the web team @ CCP. The web team that needs a very harsh beating with a clue-by-four.
|
Marko Riva
Adamant Inc.
|
Posted - 2010.08.20 06:50:00 -
[8]
Punkbuster for websites, is what it is.
|
scrambled
|
Posted - 2010.08.20 07:03:00 -
[9]
Wonderful, but that still doesn't explain why installation starts itself - neither does it show any messages prior, and judging from the javascript that's loaded, it's triggered when you submit the form.
The reason it works with IE only is because it's trying to load an ActiveX control; which means that this software isn't *required* for the site to function - and as such should at the very least be clearly marked as an optional installation - and a link for people to click it to install it themselves.
Attempting to automatically install things (and believe me, many people will just click "Yes" when prompted) is stupid on an epic scale. On one hand, CCP is warning everyone to check the links they go to, they have a jump page for external links on the forums, and at the same time they go and put this kind of **** on a *secure* website without any indications as to what the hell it is, what it does, who it's from, and what it's for. Let alone the fact that this happens on a page where you just entered your CC details.
Way to go, CCP!
I'm willing to bet that this situation is going to either get downplayed, or the offending bits of HTML are very quietly going to vanish from the page. Given previous history of CCP being found with their fingers in the cookie jar.
|
AtheistOfFail
Caldari
|
Posted - 2010.08.20 07:16:00 -
[10]
There's already another thread indicating this is from a company Intel's invested 10 million dollars into, so it could be just a layer of extra safety or something. I honestly would agree it's a bit wierd to randomly install stuff without asking but mistakes have happened before.
|
|
zombiedeadhead
Minmatar Online Dating For Single Men
|
Posted - 2010.08.20 07:28:00 -
[11]
Edited by: zombiedeadhead on 20/08/2010 07:31:24
Originally by: Marko Riva Punkbuster for websites, is what it is.
Exactly this. Look at this statement, this goes a long way beyond securing transactions. Don't want this on my PC thanks.
Oh, and they claim Battleclinic as one of there users.
|
Katy Karkinoff
Minmatar Psycho Chicks
|
Posted - 2010.08.20 07:35:00 -
[12]
Originally by: zombiedeadhead Edited by: zombiedeadhead on 20/08/2010 07:31:24
Originally by: Marko Riva Punkbuster for websites, is what it is.
Exactly this. Look at this statement, this goes a long way beyond securing transactions. Don't want this on my PC thanks.
Oh, and they claim Battleclinic as one of there users.
Pardon my language, but that seems kinda ****ed up tbh. Sure the intention is good and all... but talk about privacy violation
|
Darth Kilth
Minmatar Daisho Syndicate
|
Posted - 2010.08.20 07:41:00 -
[13]
Originally by: Katy Karkinoff
Originally by: zombiedeadhead Edited by: zombiedeadhead on 20/08/2010 07:31:24
Originally by: Marko Riva Punkbuster for websites, is what it is.
Exactly this. Look at this statement, this goes a long way beyond securing transactions. Don't want this on my PC thanks.
Oh, and they claim Battleclinic as one of there users.
Pardon my language, but that seems kinda ****ed up tbh. Sure the intention is good and all... but talk about privacy violation
"iovation ReputationManagerÖ goes deeper to identify the computer being used"
I wonder how deep it goes and what it records, this almost feels like spyware.
Originally by: CCP Capslock OH GOD THE TESTING
|
scrambled
|
Posted - 2010.08.20 08:04:00 -
[14]
Originally by: Darth Kilth "iovation ReputationManagerÖ goes deeper to identify the computer being used"
I wonder how deep it goes and what it records, this almost feels like spyware.
The funny thing is that this only works with IE. So all those people using Firefox, Chrome, or Safari on their respective platforms aren't even checked. So either those people will be denied their purchase, or nothing happens because that reputation manager doesn't run.
Regardless of that though, the sheer balls of having this crap pop up *without* any indication as to who it is, where it's from, and what it will be doing is a big red flag at the very least. What's even funnier is that the script referenced from iovation is called "snare.js" - right, so what's in a name?
The question begs asking, is CCP getting a kickback per installation here? That's the only reason I could see them putting this on the site and doing a rather fine job of hiding the thing.
|
Lost Hamster
Hamster Holding Corp
|
Posted - 2010.08.20 08:07:00 -
[15]
Edited by: Lost Hamster on 20/08/2010 08:08:09 Sooo.. maybe CCP website got compromised, and it wants to download a spyware?
Edit: PS: If this is intended, then You should kick in the ass the developer who put that into the code.
|
Pan Crastus
Anti-Metagaming League
|
Posted - 2010.08.20 08:11:00 -
[16]
Awesome. Not only does this seemingly legitimate tool exclude about 40-50% of the users (non-MSIE browsers, depending on where you live), it also trains users to accept websites installing software of unknown legitimacy (the user cannot tell from the popup window) ... A good day for malware producers everywhere. :-/
How to PVP: 1. buy ISK with GTCs, 2. fit cloak, learn aggro mechanics, 3. buy second account for metagaming
|
CyberGh0st
Minmatar Ara Veritas
|
Posted - 2010.08.20 09:09:00 -
[17]
Originally by: scrambled
Originally by: Darth Kilth "iovation ReputationManagerÖ goes deeper to identify the computer being used"
I wonder how deep it goes and what it records, this almost feels like spyware.
The funny thing is that this only works with IE. So all those people using Firefox, Chrome, or Safari on their respective platforms aren't even checked. So either those people will be denied their purchase, or nothing happens because that reputation manager doesn't run.
Regardless of that though, the sheer balls of having this crap pop up *without* any indication as to who it is, where it's from, and what it will be doing is a big red flag at the very least. What's even funnier is that the script referenced from iovation is called "snare.js" - right, so what's in a name?
The question begs asking, is CCP getting a kickback per installation here? That's the only reason I could see them putting this on the site and doing a rather fine job of hiding the thing.
It does not install itself tho, I just closed it and came here to check it out ...
So it is still entirely up to you wether you install it or not.
But I agree that it is borderline spyware.
http://www.mmodata.net Favorite MMO's : DAoC Pre-TOA-NF / SWG Pre-CU-NGE |
Nikolai Kondratiev
|
Posted - 2010.08.20 09:32:00 -
[18]
Was going to reply that you guys seeing the popup probably have infected browsers, but I checked it with Chrome & Firefox and I see the iovation stuff in source too ...
So kudos to CCP for ****ing up with people using Internet Explorer. OTOH, I really hope your website got compromised and no one at CCP thinks almost automatic installations via a web browser are anything close to nice
|
Mara Rinn
|
Posted - 2010.08.20 09:38:00 -
[19]
Yet another case of security circus gone wrong. The only people this "security" interferes with are gormless IE users. ReputationShield is too harsh a penalty for simply using IE. -- [Aussie players: join ANZAC channel] |
Halcyon Ingenium
Caldari Bene Gesserit ChapterHouse
|
Posted - 2010.08.20 10:14:00 -
[20]
People still use IE?
|
|
Akita T
Caldari Caldari Navy Volunteer Task Force
|
Posted - 2010.08.20 10:14:00 -
[21]
Originally by: Pan Crastus Awesome. Not only does this seemingly legitimate tool exclude about 40-50% of the users (non-MSIE browsers, depending on where you live), it also trains users to accept websites installing software of unknown legitimacy (the user cannot tell from the popup window) ... A good day for malware producers everywhere. :-/
Now, that explains why I never saw it even when trying to trigger its appearance, since I use Opera
_
Beginner's ISK making guide | Manufacturer's helper | All about reacting _
|
Lost Hamster
Hamster Holding Corp
|
Posted - 2010.08.20 10:42:00 -
[22]
Wondering why it takes 14+ hours to get an official answer from CCP.
You know CCP.. communication.. it's not so hard. Or you did not learned anything from the past?
If no one knows what is that doing there, then remove it ASAP. Any decent admin can remove it in less than a hour.
|
Caeltrayian
Reliables Inc
|
Posted - 2010.08.20 11:52:00 -
[23]
It's taking them forever cause they are too busy *face palming* to answer.
|
JC Anderson
Caldari State Protectorate
|
Posted - 2010.08.20 12:04:00 -
[24]
Likely trying to figure it out themselves.
This isn't the first thread or first person I've seen report this in the last couple days.
|
scrambled
|
Posted - 2010.08.20 12:04:00 -
[25]
Originally by: Caeltrayian It's taking them forever cause they are too busy *face palming* to answer.
Nah, they're pretending to go through the logs to come out with a statement along the lines of "our data shows that everything is working as intended, please move along".
You know, sometimes I wish he-who-cannot-be-named (but starts with k) was still around; he might've been a **** but at least he kept CCP honest.
|
Rematusen
|
Posted - 2010.08.20 12:05:00 -
[26]
well this wasnt in place a few days ago it is something they just did like lets say or 2 days ago maybe... either way im sure they in some way are bieng paid per download and they are possibly selling our infomation. CCCP this is unacceptable. i think its time we watch them as hard as they watch us.
|
|
Chribba
Otherworld Enterprises Otherworld Empire
|
Posted - 2010.08.20 12:11:00 -
[27]
This was probably added during the scheduled DT's for the web on Aug 17.
Secure 3rd party service | my in-game channel 'Holy Veldspar' |
|
|
CCP Wrangler
|
Posted - 2010.08.20 13:04:00 -
[28]
This was some form of fraud prevention tool that got in by mistake, we're in the process of removing it and if it's not gone by now it should be gone from the site soon.
Wrangler Senior Community Manager CCP Hf, EVE Online Contact us
If it's stupid but works, it isn't stupid. |
|
Serpents smile
|
Posted - 2010.08.20 13:08:00 -
[29]
Originally by: CCP Wrangler ....that got in by mistake,.....
Lies! CCP is uber ebil!
It's a TARP! I tell you.
|
Elaynee
|
Posted - 2010.08.20 13:09:00 -
[30]
Hmm...
# Virtual Asset Theft # Gold Farming # Chat Abuse # Cyber Bullying
Isn't this what EVE is about?
|
|
|
|
|
Pages: [1] 2 3 :: one page |
First page | Previous page | Next page | Last page |