filed in Uncategorized on 21st of January 2010, 01:33:28
I won’t really shut this down, but I’ve stopped actively raiding from a bit of time, and basically stopped playing WoW and any other MMO, so the very same existence of this blog makes no sense at all. Comments are also disabled from now on. But fear not, you can still talk/contact me on my main blog, www.underealm.com.
It’s been a crack.
Over and out
Skizo
filed in Northrend, Personal Posts, Screens, WoW, WotLK on 13th of August 2009, 00:34:12
I’ve been taking some random screenshots lately and decided to post a few.
Malygos patroling his ‘hood
Malygos’ Vortex
You can see on the sides his wings are skinless. He’s all bones :<
Malygos has just got pwnd by 10 allies
Malygos has just got pwnd by 25 allies
Fluffy Yeti, also known as Icehowl got a bad headache
Just too many walls.
Lord Jaraxxus has just got flamed and decided to leave zeh intertubes
Grindhel just didn’t care, showing his butt to the camera
Extraordinary bonus: my druid riding in the sun
filed in Uncategorized on 21st of December 2008, 11:02:33
Grindhel starts casting Yet Another Year Passed (Rank III)
Grindhel hits Skizo for 27 [Crit]
This is cryptic, isn’t it? No wait, probably it’s not :)
filed in Informations, Personal Posts on 16th of December 2008, 10:26:50
Yesterday I had the EMG test. Painful as planned, although I’ve been lucky as I could have get a 20cm needle in my muscles. The electric shocks kept me jumping from the chair, but anyway.
The little bastard nerve is quite self healing, probably was just stressed out due to god knows what. Over a few weeks it should get back as new, or so I hope. Also apparently there’s no need for surgery.
I’m close to getting back to normal. Hooray!!
filed in Informations, Personal Posts on 29th of November 2008, 16:21:29
It’s about time to tell you guys what’s currently happening to me.
You probably noticed I’ve not been around ingame much, and/or you are waiting for the DoR website to come up.
The fact which is refraining me from both atm is a personal injury: my ring & little left fingers are on a road to a (temporary) complete paralysis, which is obviously giving me a lot of troubles to even write this message.
I have the first diagnosis visit scheduled for 15th of December, and hopefully the surgery operation will come shortly after it.
Bear with me a little longer. It’s not like we’re missing epic raids anyway, right Blizz? ;)
filed in Informations, Personal Posts, Rants on 22nd of November 2008, 12:35:10
I’m about to start the NGMP Foundation: No Games for Mindless People.
I’ve always liked video games, from developing them to enjoying playing them. I liked the stories, the development, the ideas behind the games themselves. Then suddenly, everything started to collapse.
I was fine with the idea of giving casual gamers a great chance. Say, new instances hard as hell, requiring attunements and stuff, then nerfed and removing attunement after some months. It wasn’t that nice for hardcore gamers (hay! don’t give cookies to casuals), but overally was acceptable.
WoW now has become so sad I almost don’t play it anymore. After the rush in buying it I found out raiding is pathetic, mostly trivial, which saddened me. A lot. Even though I was struggling with raiding back at the times, I was fine with it, because it was challenging. It was normal. It was supposed to be so. Then the nerf came, and I was like, “fine, there is new hard content up, it’s ok to give free cookies to the late comers”. Then the expansion comes.
I was expecting some challenges. I found out that while I was trying to improve myself to be a better player, “no wait they nerfed everything no need lulz”.
The saddest little game.
So, so, so, so saddened.
Yes, they nerfed it too. Hey, what do we need a master for? Let’s roll and follow a table. Dungeons & Dragons without a Dungeon Master. It’s like playing Chinese Checkers in two. Doable, but where’s the fun?
Nobody will ever say that games shouldn’t be more accesible to the public. But in these days, I’m finding out that working is more fun than actually playing. And I wish I was kidding. Money is making companies forget that no matter the player base, what keeps paying the bills are good games. Take out Crayon Physics Deluxe for example. It’s one of the most awaited games ever. I’m even planning to buy a couple copies to send as gift and play it on my 20″ Cintiq.
No matter what the companies are more and more pushing toward the “I haz no brainz plz feed me” market, which is pretty wide, and forgetting that they made some good money starting with the people they should mainly think about. Natural Born Gamers.
We all know how this is gonna end. With a lot of real gamers who would like to play a game and finish it in just more than a-hour-because-time-has-changed-people-has-no-time-so-I-want-it-easy-and-quick-omg-I-just-finished-it-lulz. So called hardcore gamers will hate even more casual gamers, because they basically stole them the fun. Repeated complainings have brought the game to such an easy level to be ridicoulus for the good ol’ gamers. Which is only natural, but still sick in the way it has been done.
I’d like to end this harshly with an italian sentence: “Ma perché non ve ne andate ‘m’pò a fanculo?” (Why don’t you just go fuck off?).
It should pretty much state clearly what’s on my mind as of now.
filed in Informations, WoW, WotLK on 18th of November 2008, 18:36:08
Collector's Edition
It took me some time (a few days actually) and a bit of luck (and steady reflexes) to get my dirty hands upon a collector’s edition box (actually menaces also worked for me here).
I would also like to say sorry to the poor ally bloke from Jaedenar-EU who was like 15ms late reaching the box. Sorry dude, I think about you all the time while I play. Honest.
No, maybe not XD
Anyway, there are quite a few interesting things in it. Too bad it’s overpriced, but hey, that’s quite normal methinks. For the ones who don’t know already, Collector’s Edition was worth a whopping €70,00, while Standard Edition was €35,00. And no, I won’t mention the €0,01 change you get back :P
Back to the Collector’s Edition Box:
Collector's Edition Content
Content listed in no particoular order:
Isn’t that enough to pay double the price? Probably not. But still I did, who cares.
On a side note the Nihilum+SK team 25th November guild already cleared by a day or two all the PvE content out to date. Leaves me wondering.
filed in Informations, Videos on 9th of November 2008, 01:21:24
Screen, or it never happened.
Here’s a [LinK] to a high-def version. That way you can actually see that account names are different and the key is just the same.
filed in Informations on 6th of November 2008, 18:17:51
[LinK] WoW-Europe Forums discussion
[LinK] Versione italiana
Video, or it never happened.
Yes, I came to the conclusion I can’t keep my mouth shut any longer. Blizzard is probably still busy with the expansion, and I bet my socks they won’t spend any time fixing a security flaw nobody knows about. Which leaves me to options: wash my hand or inform the crowd and tell them how to prevent such a tragedy (been there, done that).
First off, let’s start with the e-Mail I’ve sent to the Blizzard.
Reference: http://forums.wow-europe.com/thread.html?topicId=6365388840&sid=1
So, basically I don’t know how you could ever mess up a thing like this, but ok, let’s explain.
Once you fire up the Blizzard Authenticator, you paste it in the login screen and that’s it, the number is saved and it can’t be used anymore. Also, if not used within a certain time will eventually expire. And we all know this. The problem is, how did you implement this?
Once you use the code, it gets saved to the account. And that’s what screws up the security. As long as you have a single Authenticator for a single account, you’re safe, but when you start to use a single Authenticator (as you all suggested aswell) for multiple accounts, you are screwed. Example:
Account 1, generated code 123321, I log in and write the code down.
10 minutes later, Account 2, another generated code 321123, I log in.
20 minutes later, Account 3, 123321 or 321123 doesnt matter, I log in.
Or Account 1 with 321123, or Account 2 with 123321 for the matter. It doesn’t matter, they all work.This is where your problem relies. You didn’t do the right thing. You didn’t have to save the generated codes by account, but by Key ID instead. If you don’t all the valid keys generated (and logged) for an account, may be used on the other account to. Authenticator beated by a keylogger, that’s the most ironic thing ever.
Here’s the deal: when a user logs in check the Authenticator ID saved with his account, and then in a new table save the code by AuthID, and not in the account data. This will probably increase collisions, but better having collisions than hacked accounts, don’t you think?
Looking for an early reply.
Sincerely yours,
Skizo
Now, you’re also thinking “so, you got an answer right?”. Excerpt from the automatic response:
Due to the volume of email received by the Hacks & Anti-Piracy team it is not always possible for us to respond to each report individually and this may be the only email you receive from us regarding this matter.
As you can see my only option was either to wait an e-Mail that would never arrive in the frightening that by the time it’s fixed it’s already too late, or spread the informations. With a journalist blood in my veins, I couldn’t do any less than this, I’ve already waited too long.
So, in short, what has all this have to do with me? On to explain.
Blizzard Authenticator, just like any other key-generator of its kind, works like this: generate a code, using the code, making impossible to use the same code once again. This prevents hacks due to keyloggers, because even if the hackers have your username & password, they can’t pass the final test, which is a one time generated key. The BA does just the same. The problem relies in the way it’s been realized.
If you have a single account and a single BA, you are safe. Sleep tight. If you use multiple accounts like me, you’re not allowed to sleep tight. Where did the security break? If you didn’t understand by the mail above I’ll explain in short terms:
This means that if the hackers become fast enough, while you log in on your main account, they could send through the net the generated key, and use it with your other account to do what they should. Sure, it requires some timing and some good skill, but I don’t think that’s a reason to be relaxed.
There are some workaround for this though. The first would be to make Blizzard fix their tables (as in data storage system, not furnitures). It should work like this:
Since this it’s unlikely to happen in a near future (you now, multinational corporations…) I came up with a couple suggestions that I use and may fix your problems most of the time (there are a few exceptions I’m aware of myself, so I know these are just temporary fixes).
There’s not much more to do. I personally use the second method described above.
The only thing I ask you at this point is to share the word. The only way to be safe in this world is to know what surrounds us. If you know where the problem relies, you know how to fix it. At the same time, if people get to know where’s the vulnerability they get to know how to get themselves safe.
In the hope it’s not already too late.
filed in Events, Informations, WoW, WotLK on 23rd of October 2008, 18:32:24
Yes, all caps. I’m unpolite. But really, FREAKIN’ ZOMBIES EVERYWHERE. It’s the beginning of the pre-WotLK event. And this time I will be there.
For the Blizzard Authenticators matter, I just talked today with Blizzard and told them what I had to. I will deploy the news in 24-48 hours.