AnalogHype:"Jason Coutee returns to demonstrate the changes Microsoft made since the Xbox.com security flaw was exposed and how its still not enough to stop hackers."
At least they did something to try stop it. But at least I know that no one can hack my account. I bet you guys here can't even hack into it. Prove me wrong.
Of course not, N4G is a site for fans of gaming, it's hardly a source of 'hackers' is it. Think about it. Either way, play the numbers game, even if a few get hacked, it's highly unlikely to be you. Be smart with your details etc, you should be fine.
You seem a little over confident of a security system you have very little control of. If Visa, Paypal and the Pentagon can get hacked, no security is 100% safe. Yes I am aware this is likely all due to phishing scams, but don't think for one moment you could never get scammed.
It's that sort of devout faith people put in company's who are primarily geared up to extract money from your wallet and maximising profit, that leads to complacency and ultimately getting ripped off.
If there's anything that I've learned from the Interwebs is that there is always a way around an obstacle. Build a security firewall and people will find ways to circumvent it. Take the SOPA thing for example. These guys think that doing a little thing such as blocking DNS or banning certain IP addresses will do the trick. They aparently never heard of proxy servers. Telling people that no one can hack your account is like saying that you've hidden the keys therefore no one can steal your car. You and your Intentions have to get real.
Lol can't believe people took my comment seriously.
Check your bank account :D
You could use brute force to break CAPTCHA. Let alone a simple user and password security schem. If someone use this script on other sites like Google or PSN, they will get access eventually. That's the motivation for Google 2-step verification: http://support.google.com/a...
To call this 'hacking' gives far too much credit, and diminishes the skills and talent real hackers have (not condoning hacking, but there are some seriously talented people out there). MS had / have a minor flaw in their security set up - part of which is to cause less inconvenience to the end user (i.e. it doesn't lock the account after X number of failed attempts). Security will always be a balance between restricting the end user and potentially leaving a hole that malicious people will exploit.
Agreed. It's only a stupid way and ubiquituous to get account credentials.
Except that it is not a minor flaw. Any web designer will tell you that was a major flaw in their system. Nobody should be able to retry as they wish until they found the right solution. Are you telling me it's alright that xbox.com was /is vulnerable to brute force attacks ?
They have limited the attempts requiring more time and using captcha. There's a compromise you could treat to your users. If they do more, legitimate users will have a non desirable expericence.
Would love to read this article except for the large SOPA black thing is kind of in the way so have to comment based on the title Finally doing something about it. Taken quite a while
I have read it before anti-SOPA blackout. He used a Visual Basic Script to automatize brute force login attempts. After MS changes to the login process, he have changed the delay to more seconds. This brute force method, after the MS changes, will only get very poor created passwords and only will work if people know a possible username (e-mail) used for Xbox Live.
Thanks a lot +bubs. So it isn't totally fixed. Microsoft need to get on this.
It's impossible to fix to any company is more correct. Only thing will work is change the amount of time neccessary to brute force a password and use other methods to increase security. MS did that.
Yep everything is hackable. I laugh when I hear people say that their system is unhackable. Sony said such things and now it's the most hacked games console. Its the most openly moddable console. Titanic said the same thing... that ended well. Another big online game Habbo Hotel. They said their game was unhackable until their whole system was compromised a few years back. While I think Xbox Lives service is very secure and people think hacking as a general term it isn't 100% as no system is.
People are disregarding EA here as well as MS, thankfully I had no CC info on my XBL account, but I did have around 1600 MSP which the hacker used to buy Ultimate Team Gold Packs for FIFA 12 and he stole all the players, contracts, couch's,etc from my Ultimate Team also. Although in saying that it was a pretty poor team and I never intended on using it, but I digress.
N4G is a community of gamers posting and discussing the latest game news. It’s part of NewsBoiler, a network of social news sites covering today’s pop culture.