11-July-2009 Jagex Security Key Response

[obfuscator]

I'm glad he clarified, I was a little confused about their motivation for this.

[strilmus]

But my newest computer is also over 3 years old and all my others are frankenstiens of other people "no longer working computers" that I've cobled together into linux desktops or servers. You would be suprised how many people will throw out a computer just because the hard drive fails, or the video card burns up, or ram fails. You can take all the other bits of those computers, put them together, and actually have a computer that works, if you have a little know-how. Cutting edge computers, they aren't, but I can surf the internet, read forums, blog, and play rs. Without these cobled together pieces of junk, I could barely play at all. Don't discount those of us truly on dinosours of computers.

 

 

 

Yeah, I've "received" quite a few choice bits of hardware over the years due to people not caring enough about their computer to just replace one part.

[Lets_3ekout]

I honestly think that its [cabbage] that members have to pay for this. #-o

 

Are you serious? You expect jagex to just hand out hundreds of thousands of these as freebies? They've already stated it's non-profit, but handing them out to every single member for free (who wouldn't ask for it? It'd be free, after all) would just be begging to break their bank.

[jettrider]

 

-I noticed he skated over mentioning the $20 price, which WILL make Jagex profit comfortably (if $10 can almost break even by buying in bulk, $20 definitely can)

 

 

 

So you know how much it would cost to deploy it, right? I really, really don't think that $20 would let them make any kind of profit.

 

 

 

You're right, I'm guessing. But when he says that "to be able to get it down to $10 we would have to sell it for a loss or buy so many than they would never sell," it sure makes me think that setting the price as double the amount would eliminate the loss. Besides, if they want to run RuneScape long-term, buying hundreds of thousands of these things doesn't seem as bad when the game has many years of life in it.

 

 

 

Perhaps they could sell the basic one with a less complex algorithm for $10 and offer a $20 one with a more advanced algorithm, extra bank space, and perhaps an avatar on the official forums.

 

 

 

-It does not make any sense that fuller banks are richer. The richest players have only the necessities. Just admit that bank space was the only thing you could sell to keep a straight face and maintain that you don't sell in-game advantages.

 

 

 

Is it not true that if you have lots of items, you have some semblance of value? We're not talking wealth, per se, but sentimental value. Wouldn't it suck to lose something sentimental to you, that you know you couldn't get back? (E.X. Faladian Knights' Sword)

 

 

 

Yes, I didn't think of that. I've always found it disgusting that hackers drop charms, fire capes, quest items, etc. I know for sure that if I could get my bull roarer back, I could, because swinging it and making an odd noise in the middle of w2 GE is priceless. Though this is a rather minor complaint, because it's doubtful that the hundreds of excess spaces we already have are filled with sentimentality.

 

 

 

-Common sense > all security. Before you visit any webpage, hover your mouse and, if necessary, do a google search on it to see what the deal is. He makes it sound like a person using common sense could still get a virus. Of course, not all of us use common sense 24/7, but if we did, we would be completely safe.

 

 

 

I laughed out loud so hard at this. Familiarize yourself with Murphy's Law - if it can go wrong, it will.

 

 

 

You should also know that common sense alone isn't going to save you from getting a virus. Sure, it'll prevent some of the more obvious instances, but all it takes is one wrong click. Not even common sense could save you then.

 

 

 

If a single person could truly practice common sense 24/7, they would be completely safe (ie, they wouldn't make that "one wrong click" and if they did, they would fix it before entering their password because they would have thoroughly scanned and checked their computer). However, none of us can do that; I know I for one deviate from common sense several, if not many, times per day.

[strilmus]

Incidently, you can get your bull roarer back by trading in a cooked oomlie wrap with any of the jungle foresters.

 

 

 

It was a minor update a while back.

[jettrider]

Incidently, you can get your bull roarer back by trading in a cooked oomlie wrap with any of the jungle foresters.

 

 

 

It was a minor update a while back.

 

 

 

I know, but I cba to get it anymore. It was years ago and my friend was doing it and I thought it was hilarious. Now I have better things to do and I like having a smaller bank anyways.

[Zepheras]

I still don't see what's the big deal about this new security key. If Jagex makes one, puts a price tag on it, those who think it's worth the money can always buy one, those who don't can always keep away from it. Extra bankspace for people who purchase one isn't negative at all.

 

 

 

Why are there people questioning about the MOTIVE behind this? It's not up to us to worry whether this product would fall into the wrong hands, whether you can type faster than the time given for each code etc, this are problems for the makers. Or whether they are trying to make more money, and how this is all a hoax to start selling bank spaces.

 

 

 

 

 

Besides, the fact that such a product already exists, and Blizzard is also employing it as a form of security measure, so why not us? :wall: :wall:

[Plugpoint]

Still hasn't persuaded me, lol

[Randox]

The system will only work for people who still have secure accounts. You are going to need to give them your mailing address at least. There will probably be a code mailed tpo you that will allow you to change you mailing address. For compromised accounts, it is likely some of them will have the device sent to the 'hacker' and have the account lost for ever.

[Omali]

For compromised accounts, it is likely some of them will have the device sent to the 'hacker' and have the account lost for ever.

 

 

 

That's like saying if someone tries to steal your credit card, they'll easily be able to get a new one shipped to the theif's address just because he provided some login details. They aren't stupid enough to fall for that kind of trick, and will require a lot more information than just username/password.

[Sy_Accursed]

It makes me laugh so hard how many people are dumb enough to dismiss this as nothing but a profit ploy.

 

 

 

Given that like 75% of the worlds banks use a similar system for online banking, with reduced the hacking of them like tenfold.

 

 

 

Plus most top end accounting and shares firms use these.

 

 

 

Companies that are soloely devoted to dealing with MONEY and keeping it SAFE use them and have had huge amounts of success at reducing hackings with them, so clearly Jagex using the same thing is gonna be worthless and have absolutely no impact at all.

 

 

 

This is a very valid and very high end security measure that does cost a fair bit and does have a proven impact, as it subverts all relation to the computer and internet, meaning unless you are like right there in the room with someone and nick te thing you CANNOT get the codes you need to hack the account. It makes it literally 95% impossible to hack someone, opposed to maybe the 30% or so safety of passwords and pins behind decent virus protection.

[Pie Naple]

My only small concern is if we will be able to use one security key with more than one accounts. Like actually set the key to work with multiple ones. I know there are many problems with this, but if they thought it through it would work. But meh, if you have to buy one for every account - i don't really mind.

[Maximusa]

This isn't actually a USB device, it is just USB sized. It WILL work with Linux and Mac. It is a little device with a small LCD screen (like a calculator has) which displays a 6 digit number which changes every minute. If you buy the key, then then you have to type that number in (As well as your password) to login. Because the number continually changes, and because each number can only be used once it defeats keyloggers and other password stealer.

 

 

 

Its like a minute to hop but for the number to change will also be s a minute so there be a bit of waiting for the login timer and then also being allowed to put the code in basically at the end of the timer. A little annoying if you wish to hop.

 

 

 

I think thats how the technology works on a timer but maybe 30 seconds would be nice and allow us to put the code in before the login timer. HOWEVER would that mean you have to type in it really quickly before its invalid lol.. Even a minute would be short time to some people but for others its an eternity if you want to hop.

 

 

 

Obviously its still up in the air whatever and might allow you more freedom than that.

 

 

 

I would hope for more freedom but I dont know how it works exactly and I guess I would take a little inconvenience for the extra security in this case as it pays off more.

[Makoto_the_Phoenix]

Its like a minute to hop but for the number to change will also be s a minute so there be a bit of waiting for the login timer and then also being allowed to put the code in basically at the end of the timer. A little annoying if you wish to hop.

 

 

 

I think thats how the technology works on a timer but maybe 30 seconds would be nice and allow us to put the code in before the login timer. HOWEVER would that mean you have to type in it really quickly before its invalid lol.. Even a minute would be short time to some people but for others its an eternity if you want to hop.

 

I think that scenario is unlikely, since you have to actually log in anyway before you can hop. We just don't know the nuisances yet to be afraid of anything like that, though.

 

 

 

 

I laughed out loud so hard at this. Familiarize yourself with Murphy's Law - if it can go wrong, it will.

 

 

 

You should also know that common sense alone isn't going to save you from getting a virus. Sure, it'll prevent some of the more obvious instances, but all it takes is one wrong click. Not even common sense could save you then.

 

 

 

If a single person could truly practice common sense 24/7, they would be completely safe (ie, they wouldn't make that "one wrong click" and if they did, they would fix it before entering their password because they would have thoroughly scanned and checked their computer). However, none of us can do that; I know I for one deviate from common sense several, if not many, times per day.

 

 

 

Using common sense all the time is simply wishful thinking when it comes to computer security. Not everything we trust is really safe, and not everything we use is bulletproof. Fact of the matter is, common sense really can't do much for you if you go to a seemingly harmless site, and wind up with a rootkit on your machine.

[Kill_Life]

Might buy one:

 

1) Depending on the cost

 

2) If one key works for all my accounts

[Rainy_Day]

I'd contemplate buying one, though I keep my laptop and computer very secure regardless, so owning one would only provide that tiny bit more protection. It seems like I would have to log into that, then log into my account, then on my account enter my bank pin. It seems to be a bit too much of an inconvience security wise.

[canadiansmurf]

The reason is simple, we're in this for the long run, not for a quick buck, and therefore player satisfaction is extremely important to us. And a player who has had their account stolen (even though due to a keylogger/virus on their own computer) is generally not very satisified!

 

 

 

Players who lose items due to Jagex bugs aren't satisfied either. Having this key means nothing if we aren't guaranteed our lost items back due to glitches from new updates to the game.

 

 

 

Also why not give this key to long-term members as a bonus. Just have us pay for shipping, if you've been a member for a year you automatically get a key if you want one.

 

 

 

The $10 cost is deceptive as it doesn't include shipping and handling and international postage could easily double the cost.

 

 

 

I do see the extra bank space "incentive" as jagex breaking the promise they made when they changed the game due to RWT. They did say that they had considered selling RS gold or items themselves but chose not to as they thought the RS community would not like that. Now they are just using words to twist around what they are doing. Today it's bank space as an "incentive" and what will it be next time? RS gold?

 

 

 

This is my personal opinion, as I see them changing their mind all the time. They say one thing and than do another. I remember pre-trade restrictions that a jagex mod posted on forums promising that there would be no trade restrictions.

[Bauke]

That's a big "up yours" to all the haters. Good job on his part, too.

 

Indeed, that's exactly what I thought. Good post from Andrew :thumbup:

 

 

 

The reason is simple, we're in this for the long run, not for a quick buck, and therefore player satisfaction is extremely important to us. And a player who has had their account stolen (even though due to a keylogger/virus on their own computer) is generally not very satisified!

 

 

 

Players who lose items due to Jagex bugs aren't satisfied either. Having this key means nothing if we aren't guaranteed our lost items back due to glitches from new updates to the game.

 

 

Jagex doesn't claim to solve the item loss problem due to bugs. This key is ment for preventing accounts to be stolen. Nothing more.

[canadiansmurf]

Jagex doesn't claim to solve the item loss problem due to bugs. This key is ment for preventing accounts to be stolen. Nothing more.

 

 

 

Yes, but if their logic is that customers are unsatisfied if they lose items due to hackers, than why not address the game glitches that cause players to lose items?

 

 

 

Hackers are somewhat preventable, game glitches are out of players hands.

 

 

 

Currently if a player loses items due to Jagex glitches, its basically oh well, too bad but items aren't returned if lost to glitches.

[Bauke]

I bet, if they could make a system that could check whether a player is legitimate and did lose an item due to a bug, they would implement it. I reckon it's not that easy.

[canadiansmurf]

I bet, if they could make a system that could check whether a player is legitimate and did lose an item due to a bug, they would implement it. I reckon it's not that easy.

 

 

 

On another thread people came up with lots of logical ideas:

 

 

 

The best idea was to charge real money to put in an item lost due to bug report. $5 towards this could well cover the costs of labour, as well if it is a fake report than Jagex could keep the $5 but if it's legit than that $5 could be applied to membership.

 

 

 

 

 

It's very easy for them to see what happens with our accounts, this is how they go about banning people who abuse glitches.

 

 

 

Their policy to not give back items due to glitches is outdated, before people could trade items to other accounts and then claim it as lost, now with trade restrictions this is impossible.

[Bauke]

I think charging money to let people inform you about bugs is quite inappropriate...

[Michaael]

Any sort of bug replacement system would be nice, although charging money for retrieval could very well be an excuse for them to keep making sub par content. I would gladly pay $5 if I lost a substantial amount of money to a glitch though.

 

 

 

Maybe apply the blackmark system to bug investigation. False reports of item loss = ban, and any items returned by Jagex can't be talked about or they take them back.

[canadiansmurf]

I think charging money to let people inform you about bugs is quite inappropriate...

 

 

 

Jagex has no customer service, I'd pay money if I could get the items I've worked hard for back and that have taken a long time to get, it's better than being told, no sorry we don't give back items lost to glitches.

 

 

 

I think it's inappropriate that they can consider advanced anti-hacking technology while avoiding and ignoring the players who lose items due to Jagex's own glitch.

 

 

 

To me the two should go hand in hand.

 

 

 

What will happen the next time someone pays $10+ for this security device but ends up losing items due to a Jagex bug? I bet they won't stop complaining.

[Michaael]

I think charging money to let people inform you about bugs is quite inappropriate...

 

 

 

Jagex has no customer service, I'd pay money if I could get the items I've worked hard for back and that have taken a long time to get, it's better than being told, no sorry we don't give back items lost to glitches.

 

 

 

I think it's inappropriate that they can consider advanced anti-hacking technology while avoiding and ignoring the players who lose items due to Jagex's own glitch.

 

 

 

To me the two should go hand in hand.

 

 

 

What will happen the next time someone pays $10+ for this security device but ends up losing items due to a Jagex bug? I bet they won't stop complaining.

 

 

 

I agree with you there. If they're so concerned with customer satisfaction and keeping our accounts safe from other players, why aren't they concerned about our safety and satisfaction regarding bugs and problems that are our of our hands?