Skip to Content

WoW Insider has the latest on the Mists of Pandaria!
BlogComments
Card Squad4 Comments
Joystiq1 Comment
Engadget1 Comment
AOL TV2 Comments
Joystiq Nintendo1 Comment
WoW27 Comments
Joystiq Xbox1 Comment
Massively1 Comment

Recent Comments:

Breaking: Sign up to test The Old Republic {Massively}

Sep 29th 2009 12:48PM The website pulled an alderaan!

The Queue: Shields, forums, and more on raid difficulty {WoW}

Dec 4th 2008 12:49PM "Increases the black value of your shield by ##."

LMAO

Around Azeroth: Super-size me {WoW}

Oct 23rd 2008 10:30AM I think wow insider just got punked by a crappy photoshop job.


Nice!

Spellpower 101, or how I learned to love unified attributes {WoW}

Oct 14th 2008 11:47AM That's not what he said, he said the holy/resto crowd will be able to dps better "in general" as their + spell damage (now spell power) will be increased.

Take my paladin for example. His Gladiators Salvation currently has 375 healing and 175 damage. After patch it will have 199 Spell power. That's going to equal the same amount of Healing power, and increase my damage by 24 on that one item. Now take all my healing gear i have and add it all up, i'm getting a big spell damage boost!

Lake Wintergrasp: Balance, badges, bosses, and bling {WoW}

Oct 13th 2008 9:12AM Yea i got the same feeling when i first did AV, but i just followed people around and payed attention for one game and got the hang of it.

The Engineer's dilemma {WoW}

Sep 23rd 2008 3:06PM OMG what if you ran out of gas in say the middle of nagrand? Would you have to leave the bike there and hearth to the AH to buy more gas?

The Engineer's dilemma {WoW}

Sep 23rd 2008 2:58PM Maybe blizz will make it so we can sell cool accessories to get the buyer to keep coming back for more!

Such things like saddle bags, windscreens, rims, exhaust kits, performance upgrades, biker jackets from tailors, etc.

??

Ask a beta tester: Let's get this party started! {WoW}

Jul 28th 2008 11:50AM I'd like to know about re-speccing, Blizz has stated they want to make it easier for classes to re-spec. Any word on this?

Authenticators sold out, for now {WoW}

Jul 3rd 2008 10:22AM Ok Mort, i'm not sure what your background is on internet security but you don't sound very informed.

Lets ask a question here, what is the #1 way your account gets hacked? The answer is KEYLOGGERS. SecurID tokens do have vulnerabilities, and the #1 vulnerability to a SecurID two-factor authentication token is the man-in-the-middle type of attack. Since you are putting in a one time password and that gets logged, it will be utterly USELESS to a keylogger type of attack.

Man in the middle type of attacks work like this. You log into the game, it sends your username/password/ and one time 6 digit code out on to the internet. The "man in the middle" intercepts this data from you, then forwards the same info to the blizzard servers. Now they are logged in as you. For this type of use (a video game) this also would be useless. Why? Well think about it. Lets say you are plugged into a network in a college dorm and some Computer hacker geek type saw you playing wow saw your L33t gear and decided he wants to hack your account. He performs a man in the middle attack on you and logs into the game. In the mean time you have hit submit on the log-in page and are now waiting to log in. The client never gets the response from the authentication server and times out. He is running your toon to the bank intent on selling all your phat loot. You say, oh well let me try again and you submit again, this time you log in and he will be logged out. If he tries to use that 6 digit code you originally sent again it will not work as it will time out after about 60 seconds when the token code changes. Again the hacker fails, next time he'll just come steal your token off your desk :)

Lets say someone does know the algorithm that they use in the blizzard tokens. Again even if they had your account password (from say a keylogger) they would still need to get the (typically 128bit) key associated to your token. This is only stored on the host server and inside the token and you will never be sending this key out over the internet. So when you send your login/password and 6 digit code to the server, the server knows which 128bit key is yours (from the username/password you sent) and plugs that into the time based algorithm to check if your 6 digit code was correct.

Please unless you know what you are talking about do not post crap like "oh these will be hacked in three weeks" it really makes you sound dumb. Blizzard could not have picked a better layer of security to add to the game IMHO.

Reading between the lines: are more PvE to PvP transfers possible? {WoW}

Jun 16th 2008 10:40AM I have 2 70s on a PVE Server, and 3 on a PVP server, i'd love to have them all on the PVP server. I played PVE first, and rerolled for the open world PVP. I desperately miss my mage and palading and would love to part with 25$ each to move them to my current home on a PVP server.

Have had both leveling experiences, i feel it took less time to level on the pvp server since i had done it twice before. I also enjoyed the increased challenge of the PVP side.