Jump to content

Online gaming risks in swtor

TrixxieTriss

By TrixxieTriss
in General Discussion

 Share

Recommended Posts

TrixxieTriss

TrixxieTriss

Posted
Posted (edited)

Today’s announcement by the US, UK and even Australia, about Russian hackers, led me to the US-cert.gov website. While this site might be common knowledge or not to Americans, Australians don’t have something like this and have probably never heard of it.

After reading the hack news, I started to scroll through the site, browsing different topics and alerts (some of those are pretty amazing and eye opening). Maybe we should be wearing tin foil hats after all ;)

 

Anyway, I eventually came across a document about Online gaming risks. Now a lot of us know there are risks and accept them as being part in parcel of play online games. But I’m betting many people don’t know all of them and I’m guessing there are many who may never have thought about it.

I mean, SWTOR is run by a major studio and owned by a major company like EA. Why would it even enter our minds or why would we be be concerned.”it’s only swtor, who’d bother to hack swtor”. Surely EA make sure their servers are always 100% secure and their games have no vulnerabilities.

 

I can honestly say I’m one of those people who’ve never really thought about what sort of threat a game like swtor could be to my own systems at home.

I’ve always known that third party programs, especially voice chat ones can open your own network up to vulnerabilities, which is part of the reason I avoid them.

What I didn’t realise is in some cases, people can exploit vulnerabilities in the actual games servers without the studios knowing and they are able to access your own network or pc if it’s not secured properly or if the game has too many bugs or bad code, which swtor certainly doesn’t have :rolleyes:

Quote from CERT - For instance, a security research group called Independent Security Evaluators recently discovered two vulnerabilities in two popular MMOs, Age of Conan and Anarchy Online. Exploiting vulnerable code will allow attackers to read files from a gamer’s computer, crash the games during online play, and in the case of Anarchy Online, to gain full control of the exploited computer

To say my eyebrows raised when I read this is an understatement, it was more like, “are you f****** kidding me”.

Quote from CERT -

Insecure Game Coding

Some game protocols – the methods for communicating game information between machines – are not implemented as securely as other protocols. Game code may not be as well scrutinized as more popular commercial software. Consequently, game software may sometimes cause “buggy” behavior on your computer or introduce unknown vulnerabilities.

This actually didn’t surprise me at all. Just another reason for BIOWARE TO FIX THEIR BUGGY GAME ;)

 

Obviously there are other risks that most of us know or should know. Like social ones that can include Identity theft and social engineering (social hacking) to get access to your systems or your other online activities or even your real life.

 

If you want to read the full article, here is a link to the cert-gov.com info and also the article. I know it’s an older document, but the info in it are still relevant, especially when you consider games like swtor were released in 2012.

https://www.us-cert.gov/security-publications/playing-it-safe-avoiding-online-gaming-risks

https://www.us-cert.gov/sites/default/files/publications/gaming.pdf

While you’re at the site, I’d encourage people to look around and read some stuff. At the very least, you might find something you didn’t know before.

Edited by TrixxieTriss
Link to comment
Share on other sites
omaan

omaan

Posted
Posted
Today’s announcement by the US, UK and even Australia, about Russian hackers, led me to the US-cert.gov website. While this site might be common knowledge or not to Americans, Australians don’t have something like this and have probably never heard of it.

After reading the hack news, I started to scroll through the site, browsing different topics and alerts (some of those are pretty amazing and eye opening). Maybe we should be wearing tin foil hats after all ;)

 

Anyway, I eventually came across a document about Online gaming risks. Now a lot of us know there are risks and accept them as being part in parcel of play online games. But I’m betting many people don’t know all of them and I’m guessing there are many who may never have thought about it.

I mean, SWTOR is run by a major studio and owned by a major company like EA. Why would it even enter our minds or why would we be be concerned.”it’s only swtor, who’d bother to hack swtor”. Surely EA make sure their servers are always 100% secure and their games have no vulnerabilities.

 

I can honestly say I’m one of those people who’ve never really thought about what sort of threat a game like swtor could be to my own systems at home.

I’ve always known that third party programs, especially voice chat ones can open your own network up to vulnerabilities, which is part of the reason I avoid them.

What I didn’t realise is in some cases, people can exploit vulnerabilities in the actual games servers without the studios knowing and they are able to access your own network or pc if it’s not secured properly or if the game has too many bugs or bad code, which swtor certainly doesn’t have :rolleyes:

 

To say my eyebrows raised when I read this is an understatement, it was more like, “are you f****** kidding me”.

 

This actually didn’t surprise me at all. Just another reason for BIOWARE TO FIX THEIR BUGGY GAME ;)

 

Obviously there are other risks that most of us know or should know. Like social ones that can include Identity theft and social engineering (social hacking) to get access to your systems or your other online activities or even your real life.

 

If you want to read the full article, here is a link to the cert-gov.com info and also the article. I know it’s an older document, but the info in it are still relevant, especially when you consider games like swtor were released in 2012.

https://www.us-cert.gov/security-publications/playing-it-safe-avoiding-online-gaming-risks

https://www.us-cert.gov/sites/default/files/publications/gaming.pdf

While you’re at the site, I’d encourage people to look around and read some stuff. At the very least, you might find something you didn’t know before.

 

Reading your posts makes me think you have plenty of free time

Link to comment
Share on other sites
NHBabe

NHBabe

Posted
Posted
To be honest I'm not worried about this from a SWTOR perspective as I do feel their servers are pretty secure. I would be more worried about online games or MMO's that allow plugins as they are less secure and allow people to know back-end coding in order for them to work. SWTOR doesn't allow them or give out that information, so I feel pretty secure in playing this game opposed to others. But I could be wrong too. :p
Link to comment
Share on other sites
aerockyul

aerockyul

Posted
Posted
Reading your posts makes me think you have plenty of free time

 

Anybody posting on this site does. Just because you don't agree with a poster doesn't mean her posts are any less of a waste of time than yours, which contributed nothing at that

Link to comment
Share on other sites
Andryah

Andryah

Posted
Posted (edited)

1) Steer clear of very old MMOs, as they likely have a lot less rigorous code in terms of security. Anarcy Online being a great example.. and note the studio is the same one that owns Age of Conan. Red flag that studio, in my view.

 

2) DO NOT play all those FREE MMOs produced by Russians, at all costs.

 

3) Steer clear of the truly FREE MMOs in general, as there is little or no incentive for them to build secure code and interfaces.

 

4) Never, ever, play any MMO that uses a thin client through your web browser.

 

5) Small studios, and crowd funded efforts are more likely to be higher risk.. as the capital investment is simply not there for proper security protocols.. since they can barely get the base game code out the door to begin with.

 

In general, games with very large populations are more prone to be targeted... just as hackers tend to go after large merchant sites. They want maximum return for minimum effort. In addition, keep in mind that MMOs are a prime playground for subversive groups to communicate anonymously with each other... though I suspect the large counterintelligence organizations have these penetrated just as well as they penetrate actual live cells in real life.

Edited by Andryah
Link to comment
Share on other sites
xordevoreaux

xordevoreaux

Posted
Posted
1) Steer clear of very old MMOs, as they likely have a lot less rigorous code in terms of security. Anarcy Online being a great example.. and note the studio is the same one that owns Age of Conan. Red flag that studio, in my view.

 

2) Play all those FREE MMOs produced by Russians, at all costs.

 

3) Steer clear of the truly FREE MMOs in general, as there is little or no incentive for them to build secure code and interfaces.

 

4) Never, ever, play any MMO that uses a thin client through your web browser.

 

5) Small studios, and crowd funded efforts are more likely to be higher risk.. as the capital investment is simply not there for proper security protocols.. since they can barely get the base game code out the door to begin with.

 

Confused by 2). Did you mean play them or avoid them? It reads to play them at all costs.

Link to comment
Share on other sites
Tahana

Tahana

Posted
Posted

First and foremost, every interaction that you conduct online is at some risk. Period. There is no 'safe space' on the internet. Not anywhere, nor at anytime.

 

If you really want to get the hackles on your neck raised go ahead and read up about how the US NSA put back doors into routers so they could seamlessly access internet traffic information. And honestly I don't trust the intelligence level of my government enough to not speculate that these back doors are in fact in use by other hackers.

 

This is also why I won't use most public VoIP programs unless it is a guild to which I belong. I'll never connect to some pugs voice server. Things like Ventrillo, Mumble (I know skype used to) etc have logs (or easily accessible features) that capture the IP address of those logging onto the server or allow other users to view your IP address. Not sure about things like Discord as I haven't played with that specific one in an administrative capacity. Giving someone your IP info could allow them to perform a DoS attack on your connection.. etc.

 

I'm not suggesting you go all tinfoil hat or anything but you really just need to be careful. Make sure you have a good antivirus that constantly checks in the incoming data to your machine for intrusion detection and things like that. You can't ever be 100% safe, but you can protect yourself to a certain extent.

Link to comment
Share on other sites
SaerethDL

SaerethDL

Posted
Posted (edited)

3 games I know that have had data breaches that have leaked my personal information including my email address and the password associated with that account. all mmo's .Lord of the rings online, Warframe, and Wildstar. Do not ever think you're secure.. I found out the hard way not to use the same password on your accounts. It's getting a lot better now and safer though because of 2FA via text message and other methods.. always have different passwords on each accounts, even though it sucks.. change your passwords regularly if you want extra protection, which i did recently.. it took me all day, i have dozens and dozens of passwords. If you have played a lot of mmo's over the years and have used the same email just check haveibeenpwned.com website. You have probably already been compromised before.

 

I even get log in attempts from hackers trying to use those old passwords on the daily. A long time ago, one attempt was successful because I used the same password for that account with one account that was leaked, it was a different mmo than the ones listed above, and took all the currency and wiped out everything on that account. But like I said, now we are safer, most all things now use IP protection and one time passwords or 2FA via text message or emails. At any moment and any time a database can be breached and leak your information or sell it.. be prepared with 2fa.. if they don't have any form of 2fa, please remove any information or credit card you have on file and request to have your account deleted.

 

pro tip : DON't SAVE YOUR CREDIT CARD INFORMATION ON ANY SITE. Be it amazon, microsoft, playstation, walmart, bestbuy, swtor, steam or any other online store or game.. if your account gets compromised they WILL wipe your credit/debit card out! I've seen it happen so many times to people on the internet and those around me.. sometimes its even your family members, kids, or anyone else that has access to your computer or that account. Just stop being lazy and just enter your cc information in when you need to buy something. :D for example, my friend had an amazon account linked to her tablets that she has for her kids. Her kid went on amazon website and went on a shopping spree using the 1 click to buy feature.. had ordered so much stuff for himself without her permission :D

Edited by SaerethDL
Link to comment
Share on other sites
JamaicanCastle

JamaicanCastle

Posted
Posted
Not play any Russian MMOs? Like World of Warships or World of Tanks? If so, what is your reasoning?

There are good and sundry reasons not to play WoT or WoWS, although they have more to do with horrible monetization practices and matchmaking and generally being poorly designed than any potential security risks.

 

This is also why I won't use most public VoIP programs unless it is a guild to which I belong. I'll never connect to some pugs voice server. Things like Ventrillo, Mumble (I know skype used to) etc have logs (or easily accessible features) that capture the IP address of those logging onto the server or allow other users to view your IP address. Not sure about things like Discord as I haven't played with that specific one in an administrative capacity. Giving someone your IP info could allow them to perform a DoS attack on your connection.. etc.

Your IP address is only of marginal help for someone trying to attack you, in most cases. Most residential internet access these days uses dynamic IP mapping, so your ISP assigns you an IP address on an as-needed basis; this means that, within the block your ISP owns, your IP address can jump about from session to session. It's useful if someone wants to make you lag out of your arena match, but it's not any kind of long-term vulnerability. (FWIW, the last I recall is that Discord doesn't have that particular problem, although that was some years ago and I might be misremembering.)

Link to comment
Share on other sites
Tahana

Tahana

Posted
Posted
Your IP address is only of marginal help for someone trying to attack you, in most cases. Most residential internet access these days uses dynamic IP mapping, so your ISP assigns you an IP address on an as-needed basis; this means that, within the block your ISP owns, your IP address can jump about from session to session. It's useful if someone wants to make you lag out of your arena match, but it's not any kind of long-term vulnerability. (FWIW, the last I recall is that Discord doesn't have that particular problem, although that was some years ago and I might be misremembering.)

 

Depends on the ISP and the service. My own home connection hasn't changed IP addresses in over two years even with modem reboots. That seems to be the same with friends who are on either the same cable ISP or the only other local cable tv competitor in my area.

Link to comment
Share on other sites
TrixxieTriss

TrixxieTriss

Posted
  • Author
Posted
Depends on the ISP and the service. My own home connection hasn't changed IP addresses in over two years even with modem reboots. That seems to be the same with friends who are on either the same cable ISP or the only other local cable tv competitor in my area.

 

You can request it be changed and some ISPs can put you on a dynamic IP setup. In Australia, most ISPs seem to use the dynamic setup and you have to apply to get a static IP.

Link to comment
Share on other sites
CommunityDroidEN

CommunityDroidEN

Posted
Posted (edited)

Hi All,

 

We aren't closing this topic - but as a reminder: please try to avoid real-world political references/discussions.

 

We understand that some topics by their nature can closely hug this rule, but political discussions are always inappropriate for the forums.

 

Happy Posting,

CommunitySupport

Edited by CommunityDroidEN
Link to comment
Share on other sites
xordevoreaux

xordevoreaux

Posted
Posted (edited)

Gaming risks in SWTOR:

 

1. Getting overly excited that I finally got a 248 in a cxp crate that I spill my ice tea all over my desk

2. Eating way too many Little Debbie cakes while doing rampages for conquest, getting green, and having to log out

3. Drinking way too much coffee during an operation and having to call for bio in the middle of the last boss fight

4. Talking in both Discord and Mumble at the same time and confusing both the ops group and the FP group

5. Forgetting that my stearoids interact with my NSAIDS then failing to heal fast enough during an op

6. Chatting too much in gen chat while on Hoth and dropping 3,000 feet to my death off yonder cliff, resulting in:

a. spilling my tea again

b. opening the next box of LIttle Debbies

Edited by xordevoreaux
Link to comment
Share on other sites
fushnchips

fushnchips

Posted
Posted
Hi All,

 

We aren't closing this topic - but as a reminder: please try to avoid real-world political references/discussions.

 

We understand that some topics by their nature can closely hug this rule, but political discussions are always inappropriate for the forums.

 

Happy Posting,

CommunitySupport

 

Only if you spent as much time doing this in game because SWTOR is one giant toxic factory

Link to comment
Share on other sites
TrixxieTriss

TrixxieTriss

Posted
  • Author
Posted
Gaming risks in SWTOR:

 

1. Getting overly excited that I finally got a 248 in a cxp crate that I spill my ice tea all over my desk

2. Eating way too many Little Debbie cakes while doing rampages for conquest, getting green, and having to log out

3. Drinking way too much coffee during an operation and having to call for bio in the middle of the last boss fight

4. Talking in both Discord and Mumble at the same time and confusing both the ops group and the FP group

5. Forgetting that my stearoids interact with my NSAIDS then failing to heal fast enough during an op

6. Chatting too much in gen chat while on Hoth and dropping 3,000 feet to my death off yonder cliff, resulting in:

a. spilling my tea again

b. opening the next box of LIttle Debbies

 

LoL, What’s a little Debbie cake? I want one now :D

Link to comment
Share on other sites
TrixxieTriss

TrixxieTriss

Posted
  • Author
Posted

I read this article on wired.com yesterday about these guys who done a number on Microsoft and then ended up going down the hack rabbit hole to jail

https://www.wired.com/story/xbox-underground-videogame-hackers/

 

Then that story lead me to another one about the guys who were doing the massive DDoS attacks around the world that brought down the US east coast internet 18 months ago and had the potential to bring down the internet. The industry had never seen anything like it. The real twist in the story is they were originally just trying to take down Minecraft servers :eek: and created the worlds biggest DDoS WMD.

https://www.wired.com/story/mirai-botnet-minecraft-scam-brought-down-the-internet/?mbid=BottomRelatedStories

Link to comment
Share on other sites
TrixxieTriss

TrixxieTriss

Posted
  • Author
Posted (edited)
Little Debbie's are vital to good gaming sessions.

 

They look great, shame we don’t have those in Australia. The best I can hope for that look like those is crispy creme donuts and you can only eat so many of those.

 

My snacks are varied. Cheese+Gherkin on Jatz biscuits. Grapes. Banana (great for concentration). Donuts. Minities. Tim Tams, Jelly Bellies. Chocolate milk shakes. McDonalds. Pizza. Plus caffeine in many different forms and Water to stay hydrated.

Basically anything I can eat fast with one hand while I’m pvping ;)

Edited by TrixxieTriss
Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.