Mobile Goldcard App
- Thread starter N. Radioactive
- Start date
AlphaGeek
Marauder
- Joined
- Feb 13, 2006
- Posts
- 6,004
- Location
- Central VA, US
- Society
- Freelancer
- Avatar Name
- Alpha AG Geek
A phone would be a lot easier to hack than the standalone smartcard & reader we're using.
While it's not as secure as a 1 time pad or other more extreme methods of data security/encryption, it is at least out of the reach of internet hack attempts.
While it's not as secure as a 1 time pad or other more extreme methods of data security/encryption, it is at least out of the reach of internet hack attempts.
psychnosiz
Stalker
- Joined
- Jul 7, 2005
- Posts
- 1,677
- Location
- Belgium
- Society
- Digital Resistance
- Avatar Name
- Randall Psychnosiz Flagg
More platforms = more insecurity.
A 0.00001% (hypothetical, dont quote me on this) would become atleast a 0.00003%.
So my vote is no.
Hacking phones is about a sport nowadays, you'd be throwing the app in the arena just because potential exploit damage could be so massive.
A 0.00001% (hypothetical, dont quote me on this) would become atleast a 0.00003%.
So my vote is no.
Hacking phones is about a sport nowadays, you'd be throwing the app in the arena just because potential exploit damage could be so massive.
endermigne
Elite
- Joined
- Apr 21, 2006
- Posts
- 4,127
- Location
- EU (either way)
- Society
- The White Dots
- Avatar Name
- ender endermigne migne
No!
- Cellphones get hacked easily
- Cellphones get lost easily
- Cellphones are dropped, overrun, smashed, broken easily
- People usually don't care about removing everything from a device, may it be as sensitive as you can think of (Ever went to a second-hand dealer and checked the phone-numbers, SMS and images on it? It's like 4chan revisited.)
- People write their username and password into a text-file to "make it less harder for the hacker"
- You can't actually play with the cellphone so this would have no use at all
- Reasons others have mentioned
5assedonkey
Provider
- Joined
- Feb 21, 2005
- Posts
- 127
- Society
- Fresh & Funky
- Avatar Name
- Ruby
I can't believe you guys.
This is fucking retarded.
Saying no to free security.
Look att blizzard, they have security tokens, they have iphone and android apps, it has lowered their account hijacks MAJORLY!
Seriously, what are you thinking when you say no?
You are wrong on SOOO many levels.
Hacked easily? I'm sure you've been there done that.
Lost easily, yes sure they are lost but that's really your fault.. And It's just as easy to forget logging out of EU, would you stop playing just because of the chance someone sees this and uses it to their advantage?
Cellphones are easy to break.
Yes they are infact, but what does that have to do with anything?
Really? It doesn't matter in this discussion, at all.
People don't remove all their stuff on their phones. So what?
If you sell your phone, with your stuff in it It's on you!
This doesn't make the system less secure, you are responsible for your account, not the goldcard system or application.. YOU!
Basically, a system like this adds security, doesn't remove any at all.
You log in with your username and password, then it asks for a one time code, you check your phone, you got it, type it in and bam you are online.
The app itself doesn't have any connection with your acccount, you can't see it in the app that "Oh, this particular app is put together with this particular Username and password."
Useless because you can't play on the phone....
You can't play on your goldcard, is it useless? No.
Seriously... What are you thinking!?
This is fucking retarded.
Saying no to free security.
Look att blizzard, they have security tokens, they have iphone and android apps, it has lowered their account hijacks MAJORLY!
Seriously, what are you thinking when you say no?
You are wrong on SOOO many levels.
Hacked easily? I'm sure you've been there done that.
Lost easily, yes sure they are lost but that's really your fault.. And It's just as easy to forget logging out of EU, would you stop playing just because of the chance someone sees this and uses it to their advantage?
Cellphones are easy to break.
Yes they are infact, but what does that have to do with anything?
Really? It doesn't matter in this discussion, at all.
People don't remove all their stuff on their phones. So what?
If you sell your phone, with your stuff in it It's on you!
This doesn't make the system less secure, you are responsible for your account, not the goldcard system or application.. YOU!
Basically, a system like this adds security, doesn't remove any at all.
You log in with your username and password, then it asks for a one time code, you check your phone, you got it, type it in and bam you are online.
The app itself doesn't have any connection with your acccount, you can't see it in the app that "Oh, this particular app is put together with this particular Username and password."
Useless because you can't play on the phone....
You can't play on your goldcard, is it useless? No.
Seriously... What are you thinking!?
Last edited:
endermigne
Elite
- Joined
- Apr 21, 2006
- Posts
- 4,127
- Location
- EU (either way)
- Society
- The White Dots
- Avatar Name
- ender endermigne migne
Your harsh blahblah doesn't add anything to the discussion. It only states that you avoid the big picture.
You make things very very easy for you just to put all the risks on all the others. Get your priorities straight and let others do the thinking.
Besides: not everybody has a smartphone or a cellphone that supports applications totally independent of with or without Internet access.
N. Radioactive
Prowler
- Joined
- Apr 25, 2009
- Posts
- 1,357
- Location
- St. Albert, Alberta
- Society
- Alluvial Peace Alliance
- Avatar Name
- Nicolas Radioactive d'Entremont
That's what I was talking about when I said "mmo who shall reamain nameless" My brother has the Blizzard authenticator app on his Ipod touch and it seems to be working great for him. Apparently it solved a lot of hacking problems and stuff like that. I just didn't want to say it was Blizzard cause... Well a lot of ppl here don't like Blizzard and WoW and all that.
When I made this post I didn't mean make this system replace the goldcard system. I ment have this as maybe a free alternative to the current system. It might not be 100% hack proof but it safer than nothing right?
5assedonkey
Provider
- Joined
- Feb 21, 2005
- Posts
- 127
- Society
- Fresh & Funky
- Avatar Name
- Ruby
Ofcourse it adds to the discussion.
You're "adding" humbug to it, and I'm making sure people know.
You make things very very easy for you just to put all the risks on all the others.
Elaborate, please.
Besides: not everybody has a smartphone or a cellphone that supports applications totally independent of with or without Internet access.
This is true, but for the people who do have it adds security, and there is nothing wrong with adding security.
This is like saying "I can't develop this game, it requires too much performance.. Not everyone has good computers." Don't you see this as well?
Get your priorities straight and let others do the thinking.
I don't agree with you, therefor I don't have straight priorities according to you?
That's just.. Childish.
endermigne
Elite
- Joined
- Apr 21, 2006
- Posts
- 4,127
- Location
- EU (either way)
- Society
- The White Dots
- Avatar Name
- ender endermigne migne
Ahh, one of those Internet forum discussions...
Yes, it is, isn't it?
5assedonkey
Provider
- Joined
- Feb 21, 2005
- Posts
- 127
- Society
- Fresh & Funky
- Avatar Name
- Ruby
I find it pathetic when people talks as if they got a clue, and they don't know anything at all about the subject.
And when he or she is proven to be extremely wrong he or she plays the "God, I don't even want to discuss this with your.. You are too stupid.."
This is so transparent and the fact that you can't admit defeat makes you less of a man.
I'm sorry for the loss.
And as I said before. Please elaborate about, if you don't want to discuss what are you doing on a forum?
You make things very very easy for you just to put all the risks on all the others.
And when he or she is proven to be extremely wrong he or she plays the "God, I don't even want to discuss this with your.. You are too stupid.."
This is so transparent and the fact that you can't admit defeat makes you less of a man.
I'm sorry for the loss.
And as I said before. Please elaborate about, if you don't want to discuss what are you doing on a forum?
You make things very very easy for you just to put all the risks on all the others.
Atalanta
Provider
- Joined
- May 30, 2006
- Posts
- 189
- Location
- Belgium
- Society
- Freelancer
- Avatar Name
- Atalanta "Ata" Avatarra
A Yes-vote from me.
In fact, the authentication company that's behind our Goldcards already seems to be offering a mobile solution. (hint : check the back of your reader to see the company that produces it - you didn't really believe that the Mindark Hamsters were producing these things, or did you ? )
http://www.todos.se/index.php/products/items/todos_onmobile/
The other-not-to-be-named-MMORPG uses a different authentication provider, but a similar concept. (yup, the Panda's don't assemble them either)
http://www.digipass.com/products/digipass/digipass_software/iphone_edition.aspx
I've seen those oh-my-god-it-will-be-insecure discussions before, on either side. If it really was insecure, the authentication providers would have been out of business by now since Mindark and Bl...eeep? are not their only customers
In fact, the authentication company that's behind our Goldcards already seems to be offering a mobile solution. (hint : check the back of your reader to see the company that produces it - you didn't really believe that the Mindark Hamsters were producing these things, or did you ? )
http://www.todos.se/index.php/products/items/todos_onmobile/
The other-not-to-be-named-MMORPG uses a different authentication provider, but a similar concept. (yup, the Panda's don't assemble them either)
http://www.digipass.com/products/digipass/digipass_software/iphone_edition.aspx
I've seen those oh-my-god-it-will-be-insecure discussions before, on either side. If it really was insecure, the authentication providers would have been out of business by now since Mindark and Bl...eeep? are not their only customers
JohnCapital
Slayer
- Joined
- Jul 19, 2006
- Posts
- 9,828
- Location
- Colorado
- Society
- Freelancer
- Avatar Name
- John Teacher Capital
Gold card is free after a certain amount of deposit. Neither me nor my wife paid for ours.
But the gold card IS 100% hack-proof, or as close to as possible atm.
Question: Will adding an alternative system INcrease security or DEcrease it? The more gates, the more chances to gate-crash.
Not broke. Don't fix.
ChairmanEdgewise
Elite
- Joined
- Nov 22, 2009
- Posts
- 4,817
- Location
- Sweden
- Society
- Freelancer
- Avatar Name
- Edgewise
I got that application, works amazing
Free as well, so double thumbs up for it.
However those who do not got an iphone or such to get it for that 'noname game')) cans till buy an authenticator just like the one we got for entropia, but for a small fee ofc (materials and shipping)
App should be free if released, protection = something good for costumers.
Free as well, so double thumbs up for it.
However those who do not got an iphone or such to get it for that 'noname game'
)) cans till buy an authenticator just like the one we got for entropia, but for a small fee ofc (materials and shipping) App should be free if released, protection = something good for costumers.
jenny ferr
Elite
- Joined
- Aug 25, 2008
- Posts
- 2,789
- Location
- Sweden
- Society
- Modified Perception
- Avatar Name
- Jennifer Jenny ferr
No from me first because it's a lot more insecure then our current GC...
Think how many times haven't you or someone you know lost his/hers cellphone at some bar or nightclub? Or at the gym or any other place for that matter.
And now think about how many times you brought your current GC outside your own house or outside the travel distance to your friends house...
Then I like to use a mobile phone instead of a mobile super uber bugging device, but thats just paranoid me (to most of you anyway..)
If it's such a hassle to use the current GC, why dont you just ask MA to disable it?
Dont fix stuff that works...
EDIT: just wait for the day the media gets a new cash cow from bank accounts cracked because the customers used their "100% secure" mobile apps instead of credit cards (M-Payment)
Think how many times haven't you or someone you know lost his/hers cellphone at some bar or nightclub? Or at the gym or any other place for that matter.
And now think about how many times you brought your current GC outside your own house or outside the travel distance to your friends house...
Then I like to use a mobile phone instead of a mobile super uber bugging device, but thats just paranoid me (to most of you anyway..)
If it's such a hassle to use the current GC, why dont you just ask MA to disable it?
Dont fix stuff that works...
Agreed....
EDIT: just wait for the day the media gets a new cash cow from bank accounts cracked because the customers used their "100% secure" mobile apps instead of credit cards (M-Payment)
Last edited:
*adding* another security feature wont make it any less secure, assuming its an addition. those that take up the offer get to apply two codes.
i just dont see thats its worth the hassle: like having two dead bolts on your front door, if someone can past one they can get past two, while you have to carry an extra key around all the time.
5assedonkey
Provider
- Joined
- Feb 21, 2005
- Posts
- 127
- Society
- Fresh & Funky
- Avatar Name
- Ruby
Not broken for you no.
And for you, gold card user nothing would change.
But for everyone who DOESN'T have a gold card and who havent deposited 5k ped could get a similar thing to your gold card but for cell phones.
You don't want more people to have secure accounts because YOUR account is allready secure?
Nice logic there mister.
while your logic is unquestionable. great feature for those with £30/mth phone contracts and a £300 phone but cant be arsed to spend £5 on securing their account.
Kerham
Elite
- Joined
- Sep 6, 2006
- Posts
- 4,892
- Location
- to the moon and back
- Society
- Project Y
- Avatar Name
- Kerawan Kerham Maddahy
Exactly. I payed for that. Not the free offer, I deposited especially for it before the said offer.
Now to try to answer to a small uneducated impolite and, quote, "retarded" kid like you:
*the goldcard system has two ends: a physical one and a logical one
The physical one is 100% safe in my hands, the logical one is 100% safe in MA hands. A phone app would mean opening the logical end to the possibility of decrypting. I am speaking of possibility, not probability, is irelevant wether or not an iphone app is easy hackable. I payed for security and I don't see any reasons that security should be compromised because an Iphone(!) user can't afford 20$ peds or what's a full cost of a gc.
P.S.: WoW is P2P, EU is F2P, security in WoW is anything but free.
roughrider
Old Alpha
- Joined
- Jul 21, 2008
- Posts
- 739
- Location
- Sweden
- Avatar Name
- Steven Talon Gates
I say NO. They WOULD be comprimized and as soon as they were there would be so much whining and bitching that it will cover the net with bad rep for the security of the game.
The reason MA uses a gold card is the same reason the banks in sweden do (most of them do allready and the rest are changing from other security systems) is because it is the safest there is today.
Now please put down your Iphones and stopp putting your whole life into a gadget that will be obsolete in a years time. The app frenzy is just ridiculous.
Funny. I only have a username and password for paypal. Never had or been offered anything else, thats why I never use it :/
The reason MA uses a gold card is the same reason the banks in sweden do (most of them do allready and the rest are changing from other security systems) is because it is the safest there is today.
Now please put down your Iphones and stopp putting your whole life into a gadget that will be obsolete in a years time. The app frenzy is just ridiculous.
Mindark could use a system similar to which is used by paypal. which it doesnt' have a card, only a "reader", and the "reader" has already the "card" already inside. (i.e., it's a little device with a screen that displays a code and a button)
You can search for yourself this security device.
(at least is not about a MMORPG)
Funny. I only have a username and password for paypal. Never had or been offered anything else, thats why I never use it :/
5assedonkey
Provider
- Joined
- Feb 21, 2005
- Posts
- 127
- Society
- Fresh & Funky
- Avatar Name
- Ruby
That's funny.
With your logic, It's safer to have just your password than your password + phone app.
How on earth do you even make that happen?
I payed for security and I don't see any reasons that security should be compromised because an Iphone(!) user can't afford 20$ peds or what's a full cost of a gc.
Why do you even think YOUR account would be compromised!?
Basically a mobile application (iPhone isn't the only phone with applications you know.) would just let people chose either phone app or gold card.
Staying with JUST password is LEAST safe way and yet this is what you prefer over using a mobile app?
And why this distrust for mobiles? Take a good look at the blizzard authenticator and tell me that's unsafe.
Every 10 seconds you get a one-time code, after those 10 seconds a new one appears, and when the new one is there the old one doesn't work anymore.
I just don't get it, people think a mobile application is unsafe.. So they want the people who doesn't have a gold card to just keep using a password and a password only.
That's clever.
roughrider
Old Alpha
- Joined
- Jul 21, 2008
- Posts
- 739
- Location
- Sweden
- Avatar Name
- Steven Talon Gates
My opinion is that someone elses account being hacked, whether probable or not, comprimises not only that persons security but other players too.
If someone hacks a players account and then uses that account to scam players who know and trust the person they think are playing then.........
And i do agree with JohnCapitol. If you can afford an iphone then u sure can afford 20$ for a gold card. Its just the iphone brain talking
Wody
Stalker
- Joined
- Aug 12, 2007
- Posts
- 2,259
- Location
- TI City Copper 13G (and F)
- Society
- Freelancer
- Avatar Name
- Joshua Jot Avarius
Using an iphone is perfectly safe! Just hold it at the bottom like you would any normal phone, and nobody can call/sms with it or contact it in any way!
(goldcard is not broken. does not need changing.)
(goldcard is not broken. does not need changing.)
jenny ferr
Elite
- Joined
- Aug 25, 2008
- Posts
- 2,789
- Location
- Sweden
- Society
- Modified Perception
- Avatar Name
- Jennifer Jenny ferr
Just go and check your local courthouse for some cases where mobile phones been used, and if it's not public like it is here in Sweden search the web.
And you should know that smart criminals are usually ahead of the law enforcement agencies...
(The ones you never read about or rarely read about)
what happens when you have some virus in it opening up all sorts of ports just like in your computer at home? I dont know iphone but does it came with a good and secure AV/FW?
A few years ago when bluetooth was the "new" we had a lively discussion about the safety of those phones here in Sweden as most people just had their phones wide open to the public
And as I said previously, cell phones have a nasty habit of getting lost and/or stolen frequently too also making them less secure just for that reason alone
EDIT: forgot one thing, who will pay for it?
People complain like crazy over sweaters stealing money from depositors, so I ask again where will the cash to this "app" come from?
surely you dont think it's free for MA?
Last edited:
Majandi
Dominant
- Joined
- Aug 16, 2007
- Posts
- 469
- Location
- ROCKTROPIA
- Society
- Serendipity
Yes. My bank uses a similar technology and I think it'd be a great free alternative to gold cards.
But please.. Not everybody likes touch screen phones. Hello? Any developer remember cross-platform solutions like Java or Python?
But please.. Not everybody likes touch screen phones. Hello? Any developer remember cross-platform solutions like Java or Python?
Wody
Stalker
- Joined
- Aug 12, 2007
- Posts
- 2,259
- Location
- TI City Copper 13G (and F)
- Society
- Freelancer
- Avatar Name
- Joshua Jot Avarius
With your iphone, nothing will happen! Like I said, nobody can even call you or sms you, so it can't contact anything! It is physically impossible! (hint: google iphone deathgrip)
sarcasm may be required
5assedonkey
Provider
- Joined
- Feb 21, 2005
- Posts
- 127
- Society
- Fresh & Funky
- Avatar Name
- Ruby
That's funny, If it's so insecure how come swedish banks use mobile apps?
One must think that they care more about safety than Mindark.
Ever had a mobile virus?
Have you ever considdered using a computer without AV/FW?
It's not hard at all to stay on without getting viruses, why would it be any harder on a cellphone?
I think you missed a large portion of this discussion.
The bluetooth cellphone exploit was only possible with a few older cellphones without any user interaction from the mobile owner himself.
All new phones require you to accept one or more things in order to give controll over bluetooth.
This was one of those cases where media took a shitty story, and made it huge as if it affected everyone.. When in reality it didn't even affect 1% of the population. :/
I've said this allready.
All you will see on the application is a one time number.
You wont see any login, you wont see any password.
Only a one time number.
It is up to you to hold your username and password safe, like everywhere else, but the one time number adds an extra level of security, how on earth is this concept impossible to grasp?
What is more safe.
A, Username and Password only
or
B, Username, password AND a mobile app which is connected to your account and the codes you see can only be used with your account?
What alot of people here are suggesting is that A is the most safest, but It's not!
Really, you end up paying for it.
Mindark is earning It's living on your money, and if you got safer accounts means less support issues meaning less need for support employees and therefor it is alot more cheap to give out a free app like this and not do it.
Blizzard has an enormous team working only with account hijacks and thefts, by giving out a free mobile app which secures your account makes the workload alot easier on them, thus saving them money.
Really guys? This is very simple logic.
password + mobile = safer than just password.
jenny ferr
Elite
- Joined
- Aug 25, 2008
- Posts
- 2,789
- Location
- Sweden
- Society
- Modified Perception
- Avatar Name
- Jennifer Jenny ferr
Because so far there haven't been any large breach of that system, just wait and I'm sure it will happen...
It's not that I doubt it's secure, I doubt it's secure enough the reason to I would never ever accept my bank to "force" me to use it.
No I haven't had a mobile virus just because I use old fashion phones not the fancy todays "toy of the day phones"
And yes I have tried using it without one, and first couple of minutes checking my outlook mail I got in trouble so no, these days I always install my AV before connecting the wifi or cable and first thing I do when thats done is updating the AV version
If you say you are using your computer without any AV and dont get viruses I think you're a naive moron(excuse my language)
(unless you use linux or some other OP then windows)
Sure I know media always say it's 10000times worse then it is, but seriously when I put on my bluetooth on my laptop at home I get my neighboors phone to show up, and if I want and am good enough on computers I promise you that getting into it woudn't be a problem and it's one of the resent Nokia phones too(not the current model but the one before or so)
What we are suggesting is you take your time to buy a GC or deposit so you get one for free, if you cant afford to buy a GC, do you really have value that need that kind of protection? (ped or rep doesn't matter)
Yes I end up paying for it but this is something I think are more "freeloading" then sweaters!
Less support lol, remember there is a huma behind the screen and human errors cant be avoided, thats proven daily all over the rl planet
Buy yourself a GC and stop freeloading off our depositing hands!
5assedonkey
Provider
- Joined
- Feb 21, 2005
- Posts
- 127
- Society
- Fresh & Funky
- Avatar Name
- Ruby
Just letting you know.
The same logic that are used in your little black box you got with your bank account, is used for the mobile app.
So basically in that sense they are just as secure.
I wouldn't accept it if my bank forced me to use a mobile app either, but if they provided it as an alternative I would be very pleased.
And noone here have ever talked about forcing, just because you get to choose between goldcard or mobile app doesn't mean anyone is forcing you to do anything, what is this nonesense dude?
You haven't had a mobile virus.
Just because you don't have a new phone?
You know what this implies don't you?
New phone = guaranteed exposure to mobile virus.
I'm sorry but this is so far from the truth that It's so unreal to even see a swede utter these words.
Basically, what you're saying here is that if you run Windows, you get viruses.
Period.
Let me give you some advice on how not to get viruses.
Don't open exe files you get in the mail. (This is what you must have done, because there is no other way you could get a virus just by looking through your mail via outlook, I'm sorry but this is your sheer stupidity and not windows fault.)
Don't browse porn.
Don't click yes on a popup.
Don't install software you are unsure about.
Don't trust everything you read and see, (ever seen a popup that looks like your windows firewall / security window? I'm sure you have.)
Oh and on a sidenote, an antivirus does in no way make you 100% secure as you seem to think.
The thing is, no system is bulletproof and you just have to live with that.
In the very same way that you can't go outside with a bulletproof vest, helmet, tinfoil hat etc etc. Yes all systems have potential exploits, but so does your car, your lock to your house (and for that matter... Even new locks are not that hard to pick, I used to do it as a hobby.)
And just because you see their names on your computers bluetooth list doesn't make them any more potential victim.
It's simply an option if you wish to be "invisible" in these lists or not.. But as long as your bluetooth is on, It's still possible to find you.
When I turn on my wifi on my computer I see my neighbours wireless network.
Does this mean that they are unsafe?
According to your logic, yes.
You are implying that I don't have a gold card, that I'm not depositing, that I'm a freeloading.
Based on what?
I do infact own a gold card, I do infact deposit but sure, I'm a freeloader.
Human errors can never be avoided and you are right, but added security would ease the workload of the support team.
How on earth can you deny this?
It's not like EVERY support case is about stolen accounts, because It's not.
But there are some, and those would be alot less if there was a free mobile app, but I suppose you would rather see MA spend money on a support team than developing the game.
Man come on, you gotta learn to man up and admit defeat, you are doing nothing but pulling strings here and it doesn't get you anywhere.
What is this!?
Are these words uttered by a grown man?
I doubt it.