Authenticator fails, removed from account without user's permission

Reader Comments (Page 1 of 1)

7-25-2008 @ 10:26AM

Feldur said...

Say what? Addons are incapable of doing I/O except to saved variables, and they don't load until well after you've typed the password and the authenticator code. Whatever happened in the case cited in the article, it wasn't the fault of an addon.

The *closest* your comment gets to being on topic is that there have and can be problems with the automatic updaters some sites promote, and some of the addon sites have had malware injected (such as through hosted advertising). If you use an autoupdater, which is an exe on a PC, you're an idiot asking to be owned. That exe could contain anything, and you have no way to know.

Beyond that, Blizz would only be better protected aginst malware injection if they're site staff is well trained in security procedures. There's nothing inherent in owning the game IP that would make their site more secure.

My vote for what happened is a combination of a keylogger and a mistake by a support rep.

Add your comments

Your comments:

Remember me

E-Mail me when someone replies to this comment

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.