Saturday Superstar: Authenticators

| Saturday, February 13, 2010
Alternate title: Don't look so smug.

I use firefox. And noscript. And antivirus software. It watches for other baddies as well. I don't download random crap. I watch what sites I go to. I've never bought gold, never used a leveling service, never shared my account info.

I'm safe, right? Well, I've never been hacked.

I got an authenticator anyway. And here's where the smugness comes in.

On one side there are the authenticator elitists. They say you deserve to get hacked if you don't have one. You're stupid. You're a moron. You're cheap and lazy and undeserving to even play WoW.

I'd be one of these, except that I am given some modesty by recognition of my privileged situation. I never bought an authenticator. Never spent a dime on it. Never had to wait for shipping. I got an iPod Touch for graduation and got the mobile authenticator. Free and instant.

In a sense I inherited the authenticator. So for me to say that those without authenticators are stupid and lazy is pretty stupid and lazy. For five years I did not have one; they weren't always available, but you get the point. It was not my own intelligence and initiative that caused me to have an authenticator.

I suspect many people are like this. They never had to really choose to have an authenticator because it's a simple app to get. It's the worst sort of elitism: the undeserved sort; a rich son insulting the commoners when he has shown no more initiative than any of them.

On the other side, there are the smug "I've never been hacked crowd". Good for you. But just by the odds, you're not likely to get hacked. You have to get a keylogger, which is much harder than the forums would make you think; it's not as if the first website you click will hijack your computer. Whoever gets that information has to know what to do with it: remember that people are mostly after credit card info, not WoW accounts. Mere luck is protecting a lot of people; not their brilliant internet security skills.

The worst though are the ones who are vehemently against Blizzard adding $5 to the next expansion and making them mandatory. Well, okay there are arguments about the inconvenience, those aren't the ones I mean. Instead I mean the "why should I pay $5 because other people are stupid?" crowd. These are the true idiots. They're so wrapped up in their own selfishness that they cannot see that the $5 cycles back to them in the form of shorter GM queues, lower costs of Blizzard which mean more money to make awesome stuff for us, and greater overall security which means less spam, and a better economy.

Maybe people are just stupid to not have authenticators yet. So what? I'll trade $5 and my moral outrage for a better game experience.

Both sides are being arrogant and attributing entirely to their own actions what is mostly luck and circumstance.


Eversor said...

Agreed. It's a small price to pay. That being said, our guildmaster, who just got an authenticator because he was hacked, just got hacked again. lol
The best fix I think is to up the cost of the expansion (a small price) and have it be a part of it. That will save Blizz and us much time. Otherwise you will have people who continue to think "I haven't been hacked, why do I need one?" I never wore a cup in lacrosse because I never got nailed in the crotch (whew!!!). Preventative thinking is not normal mode for most people, so Blizz should be proactive and not give us no cup weares a choice.

Shintar said...

At the moment I just find the notion a bit bizarre to go out of my way to get higher security for a gaming account than many "serious" websites have, sites where I enter my credit card number, my bank details and the like. Though obviously I won't mind if Blizzard includes authenticators with their next expansion or whatever as a standard feature.

As it is, they currently actually enable a new kind of abuse, as account thieves attach authenticators to stolen accounts to make it harder for the owner to get them back (had this happen to a guildie recently), which I find more disturbing than anything else!

Klepsacovic said...

@Eversor: Lots of people see

@Shintar: If you could get an authenticator for your banking and credit card websites, would you? That means you're not trying to protect your account any more than your credit card, but that the credit card company isn't giving you as good of a tool. Or to look at it another way, is your account worth $10?

The most effective way to block the hackers doing it is to get one first. The Chinese are endorsing the effectiveness of it. :)

Shintar said...

I actually don't know if I would, Klep! The thing is that I would expect the companies to make sure my stuff is secure to begin with, not admit three years later that it actually isn't and that I should pay more (regardless of amount) to actually *make* it secure. That feels like a cop-out to me.

Also, I don't like the idea of having to lug around too much security crap - be that three different passwords or an authanticator - on principle, simply because it gets cumbersome.

Post a Comment

Comments in posts older than 21 days will be moderated to prevent spam. Comments in posts younger than 21 days will be checked for ID.

Powered by Blogger.