Lt. Commander
Join Date: Dec 2007
Posts: 120
# 301 A security concern
04-25-2012, 03:01 PM
As a council member of a fleet that has just suffered a user account compromise which lead to some thefts from our fleet banks, which whilst we're not too concerned about because it was all material things that we can get back,

what I am concerned about is the poor user in question who has therefore suffered that hack.

** THIS THREAD IS NOT TO TALK ABOUT THE EXPERIENCE BUT PREVENTATIVE ACTION, SHOULD CRYPTIC/PWE TAKE IT **

So, as a ticket is raised, I won't be drawn into ANY details,

My concern and therefore question is this;

with the launch of free-to-play and therefore the rise in the game's popularity, would it not be prudent for a relatively small investment in an RSA server? granting us the ability to have RSA token clients on our smart phones (iOS/Android) as other big titles do?

As a gold member, I would like to ensure that my account is as safe as possible, and if need be, I'd be happy to pay a little premium to have said insurance policy,

so, as this is a discussion, people play nice :-)

** Looks like my thread was moved to "PC & Technical Issues", which it has nothing to do with! **
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 302
04-25-2012, 03:07 PM
Cost of CS staff dealing with hacks < cost of RSA server implementation

if that ever changes the other way they will do it
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 303
04-25-2012, 03:10 PM
I'm pretty sure, if PWE put some weight behind it to use for all their titles, that cost would be negligible and give them a lot of good brownie points for being proactive;

there are clients for nearly all types of mobile devices;
http://www.emc.com/security/rsa-secu...mobile_devices
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 304
04-25-2012, 03:20 PM
Quote:
Originally Posted by Dyce9984 View Post
I'm pretty sure, if PWE put some weight behind it to use for all their titles, that cost would be negligible and give them a lot of good brownie points for being proactive;
But you should ask this question first... Why haven't these measures been implemented for on-line Bank and Financial transactions, when they have such higher stakes to lose...

(The answer is that the costs are not 'negligible'....)
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 305
04-25-2012, 04:42 PM
For folks who haven't seen this announcement yet....

Quote:
At Cryptic Studios, your privacy and security is important. As part of our ongoing efforts to monitor and enhance security, we recently detected evidence of an unauthorized access to one of our user databases. The unauthorized access occurred in December 2010, and evidence of this has just been uncovered due to increased security analysis.
So it looks like people affected were probably like me. I hadn't changed my password since playing the beta. I just didn't think anyone would bother stealing it, it's just a game, there's almost no profit to be had. Well whatever. I'm glad they found the problem.

Now I expect the righteous rants to merge from "don't hand out your information" and "choose a good password" to "change your password more often".
Lt. Commander
Join Date: Dec 2007
Posts: 120
# 306
04-26-2012, 12:08 PM
Quote:
Originally Posted by Grouchy.Otaku
But you should ask this question first... Why haven't these measures been implemented for on-line Bank and Financial transactions, when they have such higher stakes to lose...

(The answer is that the costs are not 'negligible'....)

In my previous job as a sys-admin (aka an IT department) we implemented RSA tokens ourselves for our 1000 user workforce, it's not that hard, nor expensive in the grand scheme of things, but that's all besides the point,

it can and is done for corporations all over the world
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT -7. The time now is 09:13 PM.