First of all: I also wouldn't entirely dismiss the possibility of accounts being compromised due to the fault of Blizzard. I just argue that it is pretty improbable and that the blog article is rather shady in its argumentation.
Most of it is not solid proof but just educated guesses.
Originally Posted by Fenixhawk
1. There is no increase in hacking of WoW accounts - google search trends showed that more people were having hack issues, increased forum activity, and Blizzard themselves confirmed that there was an increase.
|
While I actually believe that a increase in hacked WoW accounts is probably true (why else would Blizzard have started to push authenticators, even givng away a ingame pet to attract users?), the argumentation is not solid.
1.) Illogical reversion of an implication: an increase in hacking is only a very weak support for security issues on Blizzard's side. Would that cause a increase? Yes. Does an increase mean it is the case? Not necessarily.
2.) Google searches about account hacking might very well be corraleted with actual hacks happening. Again, correlation is not causality - and even if it would prove a significant increase, 1.) still holds.
Originally Posted by Fenixhawk
2. Users said that "Blizzard is required by law to notify everyone of any such breach. Since there has been no notifications, no breaches have occurred." If you search the forums you can see that this is true, and he showed the data breach laws (but you skimmed over them) that confirmed they don't have to do anything.
|
This is something that I don't have enough experience to judge by myself, but at least it contains a link to what seems to be a scientific article. I can live with that and the initial argument "nothing was supported, thus nothing happened" is actually also crap. Blizzard might still cover it up or even not be aware of it at all, even IF Blizzard was forced by law to report such occurrences. HOWEVER, this just supports the general notion, that it is POSSIBLE that Blizzard COULD be compromised.
Originally Posted by Fenixhawk
3. Users said "Blizzard's systems are foolproof". How would you recommend a person proof that nothing is foolproof if the company hides all breaches?
|
Again, this is just an argument against a statement that is inherently wrong from the beginning and thus trivial to disprove. The author is right: no system is foolproof, even cryptographic systems that can be mathematically proven to be secure sometimes fail in practice, because of the physical implementation or human failure. But again, just an argument against "It's impossible that Blizzard is hacked." Still, Blizzard probably uses much more security measures than the typical WoW-Player, thus it is quite a bit more probable, that the player was hacked, not Blizzard. This is however downplayed by the author.
Originally Posted by Fenixhawk
4. Users and even a Blizzard employee said that they do not employ fraud spe******ts. So they linked a copy of the job posting and links to people who are still employed by Blizzard as internal affairs.
I'd say everything provided was pretty good (and publicly available) evidence!
|
And I thought employing fraud spe******ts to counter inside jobs would be a good thing. If they didn't hire such people, the argument would probably be: "Blizzard does not investigate internal security breaches at all!!! This means they don't care or even support them!!!11"
The point is, while the "evidence" was nice to read, it does only prove, that there is indeed the POSSIBILITY of security issues on Blizzard's side. As I understand, you are saying that revealing this possibility was the intention of the blog author.
Originally Posted by Fenixhawk
He was an IT Professional and is very uncertain now and fearful of what else could be on his PC.. all because everyone was telling him that his PC is infected.
|
I would, too. And not, because I think it is impossible to hack blizzard. Being a professional does not make you immune to attacks. This is not irrational fear, he actually has a pretty good reason to think he overlooked something in his security measures. Maybe even his mail account could be compromised which can have much more serious implications than losing some WoW characters.
Originally Posted by Fenixhawk
Here is what was summarized in that article by the way: "I'm not saying that all of these account hacking incidents were as a result of internal theft, but atleast be OPEN to the possibility that it's not always the users fault."
It's not an attack on Blizzard, it's just trying to make people aware and to open their minds to possibilities.
|
This is a responsible way of interpreting this blog articles. But I guarantee, that is not how most people read it and that is not surprising, because of the tabloid-nature of the whole article... "What Blizzard doesn't want you to know!" Really? Come on, even the title smells of "unveiled corporate conspiracy" and, more importantly, the author suggests that there IS a security breach AND that it is responsible for the suggested increase in account hacks. He does this by citing a short comment on reddit.com that supplies no sources at all. It's just a rumor.
And what will most people make out of that? "OMGWTF Blizzard was teh haxxored!!!! I knew it, it's their fault, not mine! I will not use an authenticator because Blizzard is hacked anyway and it will not help!" And I am not making this up, I heard this quite a lot in the last few months. (Only anecdotal evidence, I know). But this was the core of Bluespacecows message and I still think there is a very big difference between what he is saying and what the blog is saying.