Skip to Content
2-28-2010 @ 2:07PM
Encrypting the login session doesn't not protect against man-in-the-middle attacks. Sorry.Yes, it is still better than plain text data, without a doubt. But thinking this would solve the problem is just plain wrong.Actually, there is more than one way to compromise that kind of connection. Session Hijacking is another method that might prove to be a valid attack.In a nutshell, once the user's computer gets compromised, there is nothing Blizzard can do to assure the WoW account won't be also.
First time? A confirmation email will be sent to you after submitting.
Members enter your username and password.
Enter your AOL or AIM screenname and password.
Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.
When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.
To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.