Skip to Content
5-13-2010 @ 1:51PM
On the test realm forum a topic came up that the "Blue" advised would better be served if posted in another area, since the "Blue's" on the test realm forums don't do Dev work.With the new Battle.net chat features I have to give my E-mail address to someone so they can add me or they have to give me theirs. This is fact as posted by Dresorull a Blue on the test realm forums.This breaks account security by giving someone your account user name since battle.net requires the use of a e-mail address as a username.Granted it's only part of the equation, but it is still giving away "Sensitive" information. Anyone with any sort of a security consciousness about them will use a unique e-mail address that was created specifically for this use, and for nothing else, and it's probably a random string to prevent guessing.Handing it out to people this defeats this purpose.So either Blizzard either:A) Doesn't take account security as seriously as they say they do. Or B) Doesn't really want this "Feature" used.This isn't a potential problem, it's a full scale IT security calamity in the making and Blizzard is blindly stumbling forward without even considering that there could even possibly be a problem with it.
5-13-2010 @ 2:20PM
Lee, I can think of several options off the top of my head. Blizzard signed a deal with facebook, the only way that will work is if they tie your in game name to your real name for use in facebook. There probably have been several problems over the years due to accounts being virtually anonymous, by starting this up in a seemingly innocuous way it makes future changes more tolerable by the player base. Blizzard doesn't like account sharing or selling, with Real ID enabled it makes more obvious when that occurs. Blizzard probably has several future game features designed with Real ID in mind... Maybe a iPhone Premium App of some sort. Just guessing. By starting with this and sticking to it the way they have, it's saying that Real ID is important to Blizzard, which scares me. Don't get me wrong, the x-game, x-realm chatting is aweome and I wantz it!! But it is very dangerous to use Real ID.
5-13-2010 @ 5:07PM
This is a very valid and real concern considering there may be Facebook and other "social network" connections. Facebook is currently coming under fire for making marketing preferences (as AOL did years ago) and profile visibility/activity visible by default. When I joined Facebook I made everything in my profile except my name Friends only. After recently reading that they'd changed these things to open to the web, I went back and learned that not only was Name, Location, Age visible to web searches, but Friends of friends, and applications like Docs.com could pull all the other information out BY DEFAULT. It's a maze to try and go back and reset all of these things to the way they originally were.It becomes more than a question of the security inherent in Real ID, but also that of the network they're connected to. Blizzard always suggests not to give your real email address out, but if another app or social network can pull that data automatically and that other app or network gets hacked....
First time? A confirmation email will be sent to you after submitting.
Members enter your username and password.
Enter your AOL or AIM screenname and password.
Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.
When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.
To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.