Blizzard Announces a Physical Token for World of Warcraft Account Authentication
Theft of World of Warcraft accounts is a huge problem. The perception is that gold farmers are finding it much more lucrative to simply hack people’s accounts by tricking them into to installing keyloggers rather than actually use in-game bots to farm resources. There is an entire class of trojans now aimed largely at WoW players.
So Blizzard recently announced a forthcoming Authenticator product which looks to be a rebranded RSA SecurID. The device will costs $6.50 and asks the user to link the serial number of the device to the WoW account. From then on, when you want to log in you enter your username and password, then press a button on the Authenticator which generates a number that has to be entered as well. The number is essentially a rolling one time pad, and that specific number is only good for 30-60 seconds. So someone who manages to grab all three pieces of data has a very small window in which to gain access to your account.
As some have noted on WoW-related sites, this sort of scheme is still vulnerable to man-in-the-middle attacks. Think of this being used to authenticate login to a bank website. I put my server in between you and the bank. You think your data is going to the bank, but its really going to my server, then I’m passing it on to the bank, and then passing the bank’s response on to you. You never even know you’ve been hacked until I log in with your password and ID later and clean out everything.
Assuming that the Authenticator is ever owned by a large percentage of users — and I’m skeptical it will be — it will be interesting to see if the hackers turn to man-in-the-middle style attacks or simply turn their attention to an easier target.
Tags: Blizzard, Privacy, Security, World of Warcraft
What If Nerds Were Obsessed With Cookbooks Rather Than Dungeons & Dragons?
Lore Sjoberg answers that question at Wired with an imaginary thread of commentary to remark the release of a new edition of a cookbook (4th edition perhaps?)
Posted: 2:12 a.m. by Herodotus I just have to laugh at the recipe for Beef Wellington. In Wellington’s day, ovens didn’t have temperature settings! And pate de foie gras certainly didn’t come in cans. It’s like the authors didn’t even care about replicating authentic early 19th century cooking techniques!
Tags: Role Playing Games
Of Atheists, Vegetarians, and the Pesky Meaning of Words
The Pew Forum on Religion and Public Life recently published the results of its survey of 36,000 people regarding their religious views. Unfortunately, the report doesn’t break out what percentage of respondents were atheists but rather lumps them into the 16.1 percent of Americans who didn’t express any religious affiliation.
Of those who do call themselves atheists, however, 21 percent said they believed in God. Three precent of the atheists told Pew that religion plays a very important part of their lives. Pew chalks this up to Americans being “non-dogmatic.” I guess…if “non-dogmatic” is the new synonym for “clueless.”
This reminds me of similar surveys which ask people about their dietary habits. In a 2003 survey of UK consumers, for example, fully 25 percent of people who identified themselves as vegetarian also reported that they ate red meat on occasion. Perhaps they were simply “non-dogmatic” about their vegetarianism, but more likely — much like the “atheists” in the Pew survey — they simply weren’t paying attention or have a different meaning for the words in question other than the common usage (one hypothesis about vegetarians who eat report eating meat is that there are people who think the word “vegetarian” means little more than “I like to eat vegetables.”)
I guess if Pew ever calls me, I’ll describe myself as an Evangelical Christian who just happens to not believe in God. After all, I end up in a church once a year or so for a wedding, funeral or some other ceremony. That qualifies me, right?
Tags: Atheism, Christianity, Religion, The Pew Forum on Religion and Public Life
Real Life Mooncloth Bag for Sale at Etsy
A clever Etsy seller has crafted a real life Mooncloth bag. Its a bit pricey at $180, but then its got 16 slots. What did you expect?
Tags: World of Warcraft
Gallery 2 and WPG
Gallery is a free, open source photo sharing web application which is a bit like saying a Ferrari Enzo is just another car. Gallery 2 pretty much lets the user set up a photo gallery from as simple as a couple pages of photos to as complex as dozen of albums and sub-albums, with dynamic keyword-based albums and other features thrown in for fun. It has options for password protected albums, RSS feeds, a commenting system, etc. There’s no feature I can think of that I really wanted that wasn’t already part of the core system or easily added on through a plugin.
Like WordPress, Gallery benefits from an active community of plugin developers who have extended the features of the software. One of the nicer features for WordPress users is the WPG2 plugin which integrates Gallery with WordPress so, for example, my Gallery pages use the same theme as my WordPress blog and appear to be simply pages under WordPress. Additionally, individual images can be easily inserted into WordPress pages or posts using a special WPG tag.
If you’ve got your own server, Gallery is a cheap and highly flexible way to host a medium to large photo site.
Tags: Digital Photography, Gallery, Wordpress
Jungle Disk 2.0
Jungle Disk recently announced its 2.0 release. If you’re looking for a secure, online data backup system, this is hands down the best consumer-level one. It is also the best for price/reliability, since it uses Amazon’s S3 storage which is 10 cents/gigabyte for data uploads and 15 cents/gigabyte/month for storage. There are cheaper options out there that will promise unlimited data backup for very small monthly charges, but their reliability and long-term fortunes are, at best, suspect.
With Amazon and Jungle Disk, the only thing limiting online backups is the anemic upstream bandwidth that most of us have (I feel lucky to have 2 megabits/second up). Even at 2mb/s, that’s a long time to upload the hundreds of gigs of data I need to back up.
Tags: Amazon.Com, Backups, Data Storage, Jungle Disk
Yahoo! Raising Domain Name Renewal Costs?
Web Worker Daily is the latest to report that Yahoo! is going to increase domain renewal costs to $34.95/year effective July 1. Can you blame them? They need to raise revenue somewhere. If I were Jerry Yang, I’d start charging $20/Yahoo! search. That should bring in revenue, and give the DIY Yahoo! Resignation Letter generator more material.
Tags: Domain Names, Yahoo!
Is There Another Word for ‘Synonym’?
That was my favorite one-liner from George Carlin, who died over the weekend.
And it turns out the answer is yes, there is a synonym for synonym … poecilonym, which is defined as “a word that means the same thing as another.”
Tags: George Carlin
World of Workcraft
Ever wonder what sort of MMO World of Warcraft toons might play? World of Workcraft has the answer.
Tags: World of Warcraft
Ball Buster, the Boardgame
One of my favorite blogs, The Booberry Alarm Clock, reminds us that once upon a time (i.e, the 1970s) there were actually TV ads for Ball Buster, the game for the whole family!
The back story on this is that this game was a product of Mego, the action figure company that at that point was at the height of its success. The fact that they chose to pour their money into “Ball Buster” shows the decision making process that led to their decline shortly thereafter (and certainly explains why the action figures were all neutered!)
According to Everything2.Com,
For some reason Mego thought it could get away with the product’s name. When the time came to screen the game’s TV commercial to buyers from toy and game stores, the audience was stunned silent.
Shortly after “Ball Buster”, Mego made another classic well thought out decision when it rejected a licensing deal for some film called “Star Wars” (though it did later snag the “Star Trek: The Motion Picture” license!)