Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Online Games a 'Playground' For Organized Crime

Soulskill posted about a year ago | from the criminals-need-to-level-their-death-knights-too dept.

Security 73

New submitter cadenceaniya sends this excerpt from Polygon: "Online games are a 'playground' for organized crime and cyber criminals, JD Sherry, vice president of technology and solutions at Trend Micro said following the news that League of Legends accounts were compromised. Earlier this week, account information — usernames, email addresses, salted password hashes, and some first and last names — for some North American League of Legends players were 'compromised' by hackers. Riot was also 'investigating that approximately 120,000 transaction records from 2011 that contained hashed and salted credit card numbers have been accessed.' The increase of free-to-play online gaming across all platforms over the years 'have opened the doors to micro-transactions in-game.' The simple and functional systems created so players can spend money effortlessly creates 'playgrounds' for cyber criminals take advantage of. 'Game platforms can have millions of users all storing sensitive information or code access for more features,' Sherry said. 'These are highly sought after in the cyber-crime underground for trading and selling in the black market. These platforms can fall victim to cyber-attacks just like any organization, especially if they have vulnerabilities that go unpatched.'"

Sorry! There are no comments related to the filter you selected.

I'm shocked!!! (3, Insightful)

Anonymous Coward | about a year ago | (#44655155)

VP of online security firm warns people the internet isn't safe.

What's next? Glock's VP says streets aren't safe?

Re:I'm shocked!!! (-1)

Anonymous Coward | about a year ago | (#44655679)

http://www.dnainfo.com/new-york/20130823/hamilton-heights/killing-of-transgender-woman-shocks-harlem-community

"Jenniffer was shocked when detectives from the NYPD came into the store this week, telling her that Nettles, 21, a transgender woman, had died from injuries sustained during a brutal beating just across the street in what police are investigating as a hate crime.

She was taken off life support Thursday at Harlem Hospital after being declared brain dead."

Perhaps, had Nettles been armed, she wouldn't be dead.

How do you shitbirds like that?

Re:I'm shocked!!! (0)

xevioso (598654) | about a year ago | (#44657037)

Armed with a gun or a knife? Guns kill 30,000 people a year. We don't need more guns, or people with them.

Less guns means less gun violence.

It's true.

Re:I'm shocked!!! (4, Insightful)

Nidi62 (1525137) | about a year ago | (#44657357)

Cars kill 30,000 people a year too. We don't need more cars, or people with them.

And there are fewer cars in the US than there are guns. That means more deaths per car than per gun.

It's true.

Re:I'm shocked!!! (1)

Anonymous Coward | about a year ago | (#44657677)

I bet you that all the cars in the US get more operation time than guns in the US.

Unless you believe the whole population shoots off rounds while driving to and from work everyday.

It's true.

Re:I'm shocked!!! (1)

sjames (1099) | about a year ago | (#44658411)

Road rage season already?!! BLAM! BLAM!

Re:I'm shocked!!! (2)

duke_cheetah2003 (862933) | about a year ago | (#44658031)

Why stop there? Giving birth is a death sentence. We should put a stop to it!

Re:I'm shocked!!! (0)

Anonymous Coward | about a year ago | (#44662105)

There should be a universal mandatory sterilization surgery at age 12. The only opt-out is to pass a not-a-fucking-pearbrained-moron test.

Re:I'm shocked!!! (1)

flayzernax (1060680) | about a year ago | (#44664747)

This one I think we should all be issued guns and teams and lined up in rows to shoot at eachother.

Spare no one.

Re:I'm shocked!!! (0)

Anonymous Coward | about a year ago | (#44658751)

What makes you think I'm not in favor of expanded public transportation? Cars destroy the environment, are a privacy risk to due being easily tracked by the government and require Islamic terror oil to even be usable.

So you're right, we don't need more cars or people with them.

Re:I'm shocked!!! (0)

Anonymous Coward | about a year ago | (#44694695)

I wholeheartidly agree. Sadly, I presume that your post was satyrical, and like most Americans you are incapable of imagining a world without cars.

Re:I'm shocked!!! (0)

Anonymous Coward | about a year ago | (#44657379)

Lol. Ignorance like that kills more people every year.

Re:I'm shocked!!! (1)

i kan reed (749298) | about a year ago | (#44657719)

Yep, nonspecific allegations of ignorance are a surefire way to demonstrate your case. Thanks, AC!

Re:I'm shocked!!! (0)

Anonymous Coward | about a year ago | (#44657811)

Less gun violence does not necessarily mean less violence.

Re:I'm shocked!!! (0)

Anonymous Coward | about a year ago | (#44658183)

You need to look up better statistics, shitbird.

Re:I'm shocked!!! (0)

Anonymous Coward | about a year ago | (#44658453)

If Nettles had a gun the NY Post headline would instead be "Psycho Black Tranny Killed In Shootout With NYPD"

When the NYPD sees a (black) person with a gun on the street they will shoot to kill and let Al Sharpton sort it out...

Re:I'm shocked!!! (0)

Anonymous Coward | about a year ago | (#44672243)

Perhaps, had Nettles been armed, she wouldn't be dead.

More likely that, had Nettles been armed, she would have been killed by her own gun. If I'm close enough to you for you to realise that I'm about to beat you and you pull a gun on me, I will kill you with it. It's very easy to do. Hell, at the kind of ranges you're talking about, it's simple enough to control the gun while subduing the wielder. I don't even need to take it from you to prevent you shooting me with it, while I kill you with my other hand.

How do you like that?

Way to sensationalize (5, Informative)

wbr1 (2538558) | about a year ago | (#44655181)

The headline makes it sound as if the criminals are -playing- the games to steal info. They are just stealing the info same as they would from any other company. It has absolutely nothing to do with the fact that it is a game, except for the fact that the amount of players and possibly lax security make it a valuable and vulnerable target.

Re:Way to sensationalize (4, Insightful)

RogueyWon (735973) | about a year ago | (#44655347)

Indeed. And it's more about accounts than it is about games (though of course most MMOs have issues with this).

If you have a Steam account these days and you aren't using the Steamguard added security, you're mad. The trade in compromised Steam accounts is quite terrifying (and unsurprising given the value of the games stored on many of them). The same is true for PSN accounts. It's even more true for XBox Live accounts where there are fewer additional layers of password security you can bolt on (unless they've added them since I last checked) and where there are FIFA Soccer DLC packs that are tradable and essentially allow "real money" to be laundered through the accounts.

Re:Way to sensationalize (1)

TheNastyInThePasty (2382648) | about a year ago | (#44655487)

All of the passwords and credit card information was hashed and salted which is way more than we've seen from the compromises of most "real" businesses. Take my bank, for example: the passwords do not allow special characters and they're not even case sensitive! I'm quite happy that Riot has at least taken some simple steps to protect our information in the event of an intrusion. I don't know what vulnerability they fell prey to but I do know that security is a generally hard problem to solve. I'd chalk this whole thing up to sensationalism.

Re:Way to sensationalize (2)

blueg3 (192743) | about a year ago | (#44656589)

Why on earth would one store hashed and salted credit card information? If you're going to bill people, you need the original credit card number, no? Hashing isn't reversible.

Re:Way to sensationalize (3, Insightful)

RaceProUK (1137575) | about a year ago | (#44655639)

Trend Micro saying "Online Games a 'Playground' For Organized Crime" is like ADT saying "Private Homes a 'Playground' For Organized Crime".

Re:Way to sensationalize (1)

SuricouRaven (1897204) | about a year ago | (#44655825)

When I was playing EVE, it was widely rumored that the Russian mafia were also playing - using game/real currency exchange as a form of money laundering to hide the income from their real-world criminal activities. Not sure how much truth there was to the rumors.

Re:Way to sensationalize (1)

Charliemopps (1157495) | about a year ago | (#44656359)

When cargo ships routinely get ganked with in excess of $15,000 worth of ISK or ETC I think it's rather obvious someones doing something other than playing the game with all that. The only logical use for all that ISK/ETC is money laundering. They're buying up ETC cards with illegal funds then selling them for ISK, then selling the ISK for cash on a website and count the proceeds as legitimate income.

Re:Way to sensationalize (2)

xevioso (598654) | about a year ago | (#44657085)

You know, this sounds like the beginning of a plot for a possibly amazing movie.

To wit: A teen and his friends gang up on a ship on EVE that is carrying an absurd amount of money. The Russian mafia tracks the IP of the teens and then goes after them, and the teens have to run for their lives.

Or even better, the Russians kidnap their parents or something, and hold them for ransom, and the kids have to go back online in EVE and capture even more ships to save their parents. Or something like that.

Re:Way to sensationalize (0)

Anonymous Coward | about a year ago | (#44657359)

Mick LaSalle has already recommended I see your movie.

Re:Way to sensationalize (1)

SuricouRaven (1897204) | about a year ago | (#44657469)

I suggest the 'something like that' is to have them forced to attack a rival syndicate - if they can destroy one money-laundering convoy, the operators might see how such skills could be put to use.

You can get a really triumphant finale when word gets out and a fleet of five legitimate thousand players descend to suicide-gank the laundering ships, costing the mafia so much they have no option but to abandon their money-laundering operation.

And the leader of the money laundering can then get killed by his boss for this expensive failure.

Re:Way to sensationalize (1)

Arancaytar (966377) | about a year ago | (#44659883)

Pretty much REAMDE.

(Apparently, Fox is going to adapt that as a TV series. Not sure if it'll be any good, but if it is, it'll probably get canceled early.)

(No, I'm not still bitter about Firefly, why.)

Re:Way to sensationalize (1)

SuricouRaven (1897204) | about a year ago | (#44657567)

They might buy the ISK for cash on the grey market too - it might offer a better exchange rate.

If you just buy and sell money with one character it's stand out like a sore thumb in the audit logs, and records could be easily subpoened. So they probably need to have multible accounts, and shift the value between them using in-game-legitimate operations like a hauler-full-o-goods. Simple matter of avoiding easy tracking by hideing it in the noise of EVE's frantic economy. Even if investigators work out which character is responsible for buying the ISK for real money, it could be very difficult to work out where that ISK eventually ends up before being sold to get the real money back.

There'd be some losses in the process - in-game fees, differing exchange rates, and perhaps the occasional lost hauler (very low risk - hisec travel only with a covert ops cloak, very few players could hope to catch that!). But I think it could be done at an efficiency competative with the even higher overheads of more traditional operations.

Re:Way to sensationalize (1)

duke_cheetah2003 (862933) | about a year ago | (#44658235)

Seems a dubious method to laundry money, at best.

CCP doesn't allow real-world transfers of ingame assets for non-game assets. Not everyone is caught, but its taken seriously and many are caught and removed from the game.

Such risks do not make EVE a very viable money laundering facility, sorry. I wouldn't do it there. Second Life maybe, but not EVE.

Re:Way to sensationalize (1)

Guppy (12314) | about a year ago | (#44657497)

It has absolutely nothing to do with the fact that it is a game

On the contrary, I think it has a great deal to do with it being a game. One of the problems with online crime involving MMOs, is that it is hard to get people in the real world to acknowledge internet spaceships as serious business; unfortunately this can include law enforcement. So even though hacked and looted accounts can be converted into real currency, it doesn't carry quite the same degree of real-world risk for the criminal.

As a result, an MMO operator may ends up needing better security practices than than an actual "serious" business. For instance, one of the MMORPGs I play offered 2-factor authentication tokens years before any of my bank did -- it was a matter of survival for the company, thanks to incessant attacks that were eroding the player base, combined with credit card fraud that was threatened their ability to do business with their payment processing company.

Re:Way to sensationalize (1)

s.petry (762400) | about a year ago | (#44658153)

There is rarely a single motive for obviously bogus claims like this. It also distracts from current criminal actions by the Government, distracts from police illegally arresting people for protesting, distracts from banking criminals, etc... In addition, it plays on the typical gamer stereo type adding suspicion to those "gamers" that must all be like the obese griefer with no life in South Park and generates some FUD regarding a certain type of person.

That'll happen. (0)

Anonymous Coward | about a year ago | (#44655373)

Game companies seem to do everything they can to piss players off. While charging them. Goes double for any so called 'free to play' games. The most scummy tactics ever. The most greedy underhanded should be criminal bullshit.

That creates alot of really unhappy people who hate your guts and want to see you burn.

And some of them are smarter than your security people.
Especially when companies won't do fuckall about security until after the fact because it costs them money and they are greedy.

You made it an adviserial situation of money vs players. And now you're suprised some of those players learned your lesson and broke into your company and made money off you.

Sounds like plain ol 'you reap what you sow'.

Oh shit, online fraud, news at 11!!!!! (-1)

Nyder (754090) | about a year ago | (#44655389)

Fucking stupid ass wankers that don't know shit wants to tell us what is up.

Dude who wrote article must play Captain Obvious in the DC Heroes Game...

Re:Oh shit, online fraud, news at 11!!!!! (1)

Anonymous Coward | about a year ago | (#44655583)

Fucking stupid ass wankers that don't know shit wants to tell us what is up.

Thank you, Nyder, for that report from Slashdot's Tourette Syndrome news desk.

Up next, authorities say a common network protocol used every day could kill you. Find out which one after this commercial break!

Re:Oh shit, online fraud, news at 11!!!!! (0)

Anonymous Coward | about a year ago | (#44655793)

Fucking stupid ass wankers that don't know shit wants to tell us what is up.

Yo dawg, I see you be speakin' all street and shit. You're all gangsta bro, and you've clearly got your shizzle in the hizzle. 'yo peeps must be proud.

Seriously man, learn how to write a fucking sentence.

Stephenson (2)

gmuslera (3436) | about a year ago | (#44655421)

Someone has been reading Reamde [wikipedia.org] lately. Anyway, that something that enables you to interact with other people can be used to interact in "wrong" ways is something that don't applies just to games, and yet, that argument is being used to demonize internet, games, even the Tor network [theregister.co.uk] . If you want to be free must accept that people could use that freedom to do bad things, and the solution is going after those people, not punishing everyone taking out freedom.

Well... (1)

BranMan (29917) | about a year ago | (#44655541)

At least they've got a hobby!

Scare tactics good for publicity. (0)

Anonymous Coward | about a year ago | (#44655569)

n/t

MADLIB TIME! (4, Interesting)

Ignacio (1465) | about a year ago | (#44655571)

Replace FOO with some type of online service in the following soundbite:

"FOO a 'playground' for organized crime."

Congratulations, you are now a security expert! Let's try it out:

"Social network services a 'playground' for organized crime."
"FTP servers a 'playground' for organized crime."
"VoIP providers a 'playground' for organized crime."

See! Wasn't that easy!?

Re:MADLIB TIME! (0)

Anonymous Coward | about a year ago | (#44656749)

New York social clubs a playground for organized crime.

Governments a playground for organized crime. (0)

Anonymous Coward | about a year ago | (#44656919)

Yup, it works.

hashed and salted credit card info (2)

rapiddescent (572442) | about a year ago | (#44655621)

why would you bother storing hashed and salted credit card information? The only thing you could do is match it against the credit card used on the next transaction - but what does that really get you? The hashed/salted card number would be usable again (if hashed+salted properly)

to authenticate in game purchases (3, Informative)

raymorris (2726007) | about a year ago | (#44655859)

One use would be for ongoing purchases in / for the game. When you sign up, they store the CC on a protected payment system that's not directly accessible from the internet. The internet-accessible server has only a secure salted hash of the CC. For a purchase, the client prompts for the CC to use, then sends the hash of it to the public server. That confirms that the user truly has presented the correct card number. The public server can then call the one and only function exposed by the payment server, billcard(hash,amount).

That way they can prove that the customer entered the card number into their game, without sending the card number over the internet.

Re:to authenticate in game purchases (1)

EmperorArthur (1113223) | about a year ago | (#44657015)

That would be too easy. It'll never work.

On a more serious note. While that is a good idea, the secure payment system would still need the whole CC. While you can harden a system that only does one thing much more thoroughly, you're putting all the valuable data in one place for the attacker. It's still a good idea though, and companies should something like this.

Here's another thought. While some larger corporations have lax security for no explainable reason, cough Sony cough, many games that are being targeted are small one to ten man operations. Most of the time the companies just don't care. The cost of good security is more than the fine if a data leak does occur. Of those that do, most don't have the expertise, or the money to hire an expert.

Think about your isolated system. You would have to own the box, and have a private network between it and a front end server. A game created by a single person in their spare time is probably going to just rent a server, or go with a cloud provider. That doesn't allow the freedom necessary for good security.

As much as I hate to admit it, the best option might be outsourcing. Put all the responsibility on a 3rd party. This is done by using Amazon Payments, Google Wallet, or PayPal. It's not the best solution, but it does avoid the liability of keeping customer CC numbers on file.

yes, normally experts 4 security sensitive stuff (1)

raymorris (2726007) | about a year ago | (#44661283)

Yeah, that's what the vast majority of web sites do. PayPal or Google checkout for one-time purchases, CcBill or Verotel for subscriptions. That's not a bad idea.

Most site operators truly need assistance just securing the interfaces to payment processors, and securing passwords. For example, most store passwords using DES hashes (1972) or plaintext until we fix it for them. I think they are correct to focus on their core competency and let professionals with time-tested solutions handle difficult issues outside their expertise. Especially so when the consequences of error can be significant.

Re:to authenticate in game purchases (0)

Anonymous Coward | about a year ago | (#44657331)

That's a horribly designed system because:
a) it still requires the CC details to be sent over the internet the first time. Since this has to be secure once, why not make it secure always?
b) it STORES unprotected credit card numbers somewhere.
c) what happens when the hashes dont match? I bet you dollars to donuts that the system falls back to using method a), again, raising the question of why not just use A all the time.

Now, instead of having one system that can be compromised (method A), they have 2 (method A and B).

I dont understand how designers can consistently royal screw up security.

Re:to authenticate in game purchases (0)

Anonymous Coward | about a year ago | (#44658223)

"I dont understand how designers can consistently royal screw up security."

A) You're giving too little time do implement a payment system that is both secure and fast.
B) A payment system that is insecure might get you in trouble some time in the future.
C) A payment system that isn't fast enough will get you in trouble right now.

not necessarily, by definition but secured, stoned (1)

raymorris (2726007) | about a year ago | (#44660559)

A) It doesn't necessarily require that the CC be sent over the internet. You COULD phone it in. On some sites, we used to have an applet for your modem to call the payment system directly. Today's version of that would befor the game setup to include a VPN-like client. That can be followed by a confirmation call or other one-time security measures. Even if it WERE sent over the internet with no extra security, doing that once is better than doing it every time you buy a game token.

B) unsecured? You oobviously haven't seen our payment server, or the PCI standards required for all systems that store CC info. Yeah, credit card billing requires storing credit card information. You do that on a hardened internal system, not a publicly accessible web server.

C) What?! It's a bad idea to follow secure procedures because not doing so would be bad? If they want to set up a new payment card, they go through the secure procedure again, which is allowed to include time delays, phone confirmation, etc. Those security elements are not then required each time you want to buy a game trinket.

To look at it another way, you're saying "it's dumb to have passports or driver's licences. Since you need to have security measures in place to acquire that identification, you should go through the same verification processes every time you want to buy a beer". That's actually a very powerful principle for security generally - do thorough verification ONCE, for good security, then issue a secure token for convenient use. That's the underlying reason sites protected by the Strongbox security system are so much more secure, for example. Competing systems do all their checks for every hit, dozens of times per page, so their verification can't be very thorough.

Not surprising ... (2)

gstoddart (321705) | about a year ago | (#44655723)

The increase of free-to-play online gaming across all platforms over the years 'have opened the doors to micro-transactions in-game.

I've always avoided any game which relies on these in-game purchases.

Firstly, because I'm cheap and have no interest in having to pay for baubles in a video game with real money. But second, because I don't necessarily trust that companies put enough effort into safe-guarding my financial information -- they put a lot of work in the glossy bits and setting up a way to get my money, but they're not as interested in keeping it secure.

If you know that a system has a vast number of credit card details stored in it, it's going to be an attractive target, because any exploit of it is going to yield a lot of stuff. In this case, it's a big giant database of credit cards and names, stored by a company who may or may not have put enough effort into protecting that.

This is why I'm of the opinion that companies need both restrictions on the kind of data they collect and use, but also some steep penalties for failure to safeguard it once they have it.

If someone can do an incompetent job of security and have their users be the ones affected by it, it has to be a lot more than "ooops, sorry".

Re:Not surprising ... (0)

Anonymous Coward | about a year ago | (#44656249)

Sony would likely be out of business after the PSN debacle...

Re:Not surprising ... (1)

Antipater (2053064) | about a year ago | (#44656307)

So...don't give the company your credit card number, then. You don't have to avoid the entire game just because it includes microtransactions.

Re:Not surprising ... (2)

cyber-vandal (148830) | about a year ago | (#44656387)

It's much harder to compete in pay to win games if you don't pay yourself. That's why I don't play them at all.

Re:Not surprising ... (1)

Antipater (2053064) | about a year ago | (#44657421)

Then don't play pay-to-win games. League of Legends, for example, is not a pay-to-win game.

Next headline from VP JD Sherry: (1)

Kyle Jacoby (2973265) | about a year ago | (#44655761)

Online retail stores are a 'retail shop' for organized crime and cyber criminals

No Security but Monitoring? (4, Interesting)

Sir Holo (531007) | about a year ago | (#44655891)

A bit off-topic, but if games with online playability lack security, it by their choice. They certainly spy on their players enough.

Get an IP sniffer.

When I play StarCraft II, which insists on being online even for single-player, I get tons of connection attempts going places other than Blizzard. I block them, and gameplay does not suffer.

* www.reuters.com
* www.googleanalytics.com
* akami (OK, that's for downloading updates)
* sevreral other all-digit IPs, which I also block.

Re:No Security but Monitoring? (1)

Anonymous Coward | about a year ago | (#44656489)

That's interesting. Infuriating, even. Fucking blizzard.

Re:No Security but Monitoring? (1)

Anonymous Coward | about a year ago | (#44656615)

A bit off-topic, but if games with online playability lack security, it by their choice. They certainly spy on their players enough.
Get an IP sniffer.
When I play StarCraft II, which insists on being online even for single-player, I get tons of connection attempts going places other than Blizzard. I block them, and gameplay does not suffer.
    * www.reuters.com
    * www.googleanalytics.com
    * akami (OK, that's for downloading updates)
    * sevreral other all-digit IPs, which I also block.

First, all IP's are all digits.
Second, you're seeing the connections to reuters and google because the launcher is just a wrapper which opens up a web site, it's the web site pinging those places for tracking purposes. (Side note- this is why it's better to do IP blocking on your firewall/router than using a blacklist plugin like adblock).
Third, you'll only hit Akamai servers if your ISP uses them for web caching. Mostly you're pulling updates from them, sometimes it's the web pages... either way that's not really any kind of problem. But if you want to avoid it, switch your DNS to a 3rd party server and in most cases you'll stop hitting the caching clusters.

Re:No Security but Monitoring? (2)

EmperorArthur (1113223) | about a year ago | (#44657083)

Out of curiosity, have you ever run a reverse DNS lookup on those IPs? Or is that how you figured out who the outbound connections were attempting to talk to to begin with? Google analytics sounds like SC2 is rendering a web page somewhere, and triggering the javascript. I don't own the game, so I can't check.

This is why per process firewalls are so important. I'm personally using Comodo Free myself. It pains me to admit it, but this is actually one area where Windows is ahead of Linux.

Yes, that's right, Windows is ahead of Linux when it comes to security.

We need to fix this.

Re:No Security but Monitoring? (1)

phantomfive (622387) | about a year ago | (#44658813)

Yes, that's right, Windows is ahead of Linux when it comes to security. We need to fix this.

Go for it, bro. Write one.

Re:No Security but Monitoring? (0)

Anonymous Coward | about a year ago | (#44657229)

Computer must scare the shit out of you.

It's like low-stakes gambling (0)

Anonymous Coward | about a year ago | (#44656005)

Nobody really gets hurt, trolls get their kicks from pissing off normal people, game companies get reminded again that security is important, and the criminals refine their skills.

Everybody wins.

Money Laundering (1)

Rinikusu (28164) | about a year ago | (#44656367)

Sounds like an excellent way to launder money, as well. Virtual goods with no real inventory....

Re:Money Laundering (1)

EmperorArthur (1113223) | about a year ago | (#44657345)

Sounds like an excellent way to launder money, as well. Virtual goods with no real inventory....

Not so much. It's easy to buy the things from the company, but as soon as you try to sell them it becomes "Real Money Trading." Game companies have always tried to stop RTM. Traditional games at least have a valid reason for this. RTM encourages criminals to use bot farming. Meanwhile, games with micro transactions don't like it because it's a secondhand market eating into there profits.

The ethics of RTM are actually quite interesting. For any game where you can buy something in game with real money, it's hard to see the problem. Secondhand markets are good for a variety of reasons that I'm not going to get into here. Suffice it to say that morally there's no difference between RTM in a game with micro transactions and buying used games. In both cases, the main thing stopping people is company policy. It'll be interesting to see how the European Courts decisions involving selling licenses applies to things like this.

The most interesting example to me is EVE Online. They were a traditional game trying to find a solution to bot farming. Their solution was nontraditional in the extreme, especially since they did it before pay to play was a thing. I say that, but it really is just a different pay to play system. What they did is allowed players to use game time as an in game item. Players can then sell this item for in game money. This solves the need some players have by providing a pay to play system. EVE balances this by having item destruction as a core game mechanic, and requiring players to level up skills to use more advanced items.

All the systems I've mentioned try to reduce demand to the point where a bot farmer would have to sell items ridiculously cheaply to justify the risk the players are taking. EVE's dynamic market helps to balance out cost vs reward for players who want to use real money. On the other hand, games that don't do this risk a situation where the deal is too good to miss. With the ethical question gone, it's a careful balancing act.

Or I could be talking out my a**. I'm not an economist. I just play one on TV*.

*Not really a TV actor.

gun logic (0)

Anonymous Coward | about a year ago | (#44656987)

The only way to stop a bad guy with a video game is a good guy with a video game

Why care? (2)

johnwerneken (74428) | about a year ago | (#44657139)

Any fool can learn a name a postal address an email address a birthdate a social security number. Those things therefor have no value and there is not much point in obscuring them. Passwords (disgusting method, relies on users and communication cryptography, neither of which is reliable) are perhaps another matter - but hopefully if the access a password guards matters, that password is NOT used elsewhere by that user. Well, one might hope I suppose.

Biometric has a chance, at least to guard access at the endpoints. Maybe the quantum folks will discover something that not only obsoletes existing cryptography (as it appears they basically have), but something reliable.

I suspect currency interchange by NFC might be the solution for money. I can think of no solution for privacy and reputation. Perhaps social and legal penalties for degrading someone based on information that in former times would have been private might help, but gossip control is contrary to human nature. We're in a village of a billion and climbing towards ten times that many, this is one of the ways things are and increasingly will be different.

Re:Why care? (1)

letherial (1302031) | about a year ago | (#44658567)

The passwords where hashed and salted, making them hard to crack and probably worthless, the same goes with the CC numbers. Its really a step up in security compared to other recent security breaches with other company's. I was glad to see that this company thought ahead and planned for a breach...The article doesnt mention how the breach happened and it doesn't mean that it was the company's fault.

Passwords are good if you know how to use them, biometric has the same disadvantage as a physical key does, it physically exists. While it doesnt realy matter for a game, but if i was hiding some truly secret information, i wouldn't hide it behind my fingerprint. A password in my head couldn't be compromised as nobody can read my mind.

One thing i will say is, this article makes a huge fucking leap trying to associate organized crime with online games, it talks as if they suddenly sprang into existence with online games. Clearly the person writing the article has a bias against online games and are attempting to discredit them.

That's not the half of it (0)

Anonymous Coward | about a year ago | (#44658243)

I am convinced World of Tanks is nothing more than a way for the Russian Mob to launder money. There is no way they have as many users as they claim.

Wrong impression (1)

asmkm22 (1902712) | about a year ago | (#44658331)

At first I thought they were talking about actual organized crime like the mafia "meeting up" in World of Warcraft or something, to setup hits on witnesses and stuff.

Frankie: "Hey Tony, I need to speak to you about last nights heist real quick."
Tony: "Yeah sure thing boss. Gimme a minute and I'll jump on my Paladin so we can do business."

An excuse for any kind of monitoring. (1)

flayzernax (1060680) | about a year ago | (#44658881)

Seriously, NSA, Really? Thanks for finding an excuse to monitor the potheads in my everquest chat box?

You guys are fucking pathetic.

Yakuza! (0)

Anonymous Coward | about a year ago | (#44661409)

I've been really enjoying On-Line Yakuza, but since I 'lost' several levels last month. I can't type QAZ or hit Caps Lock.

cheap jordan shoes jordan shoes wholesale handbag (1)

gaobiele (3047751) | about a year ago | (#44782119)

Hello, everybody, the good shoping place, the new season approaching, click in. ( http://www.sheptrade.com/ [sheptrade.com] ) (Discount Air jordan shoes) $36, (Air Max shoes) $35, (Nike shox shoes) $36, (Handbags) $39, (Sunglasses) $16, (wallet) $18, (Belt) $17, (T-shirts) $20, (Jeans) $37, (NFL/MLB/NBA)Jerseys $25, ( http://www.sheptrade.com/ [sheptrade.com] )
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?