test content
Logo
What is the Arc Client?
Install Arc
Protection from hackers
sakuda13
Member, Neverwinter Beta Users, Neverwinter Guardian Users Posts: 242 Arc User
Hi all..
I was just wondering if this game will have good hack protection.. Man when GW2 came out i got hacked. Don't want that to happen to me again. Sucked big time
I was just wondering if this game will have good hack protection.. Man when GW2 came out i got hacked. Don't want that to happen to me again. Sucked big time
[SIGPIC][/SIGPIC]
Post edited by sakuda13 on
0
Comments
to answer your question though: i believe nothing has been announced as far as authenticators ect... if they do add them it would likely be for PWI account as a whole and not just for the single game.
This is the only security options I know of at this moment but if you look to other Cryptic Games the security measures will likely be the same if not similar.
Would love to see this game thrive, but we all know how the issue of hacking game-models like this can be one of the main reasons for a fail simply because it discourages "others" to spend money on the game. Of course i don't want to spend money if it can be taken away from me, from a hacker or unjustified banning (suspected hacking or whatnot, 3rd party progs like fraps or teamspeak or stuff like that).
Let's hope they try their best to keep NeverWinter secure.
I wanna live there for a while!
The best way that PW can make their game secure is to give tools to the users that protect them from themselves.
The majority of "hacks" on accounts that occur are because of two things:
- Successful phishing attacks (click here for free games/gold/etc, just enter your username/password)
- "Hacking" community sites, and stealing usernames/passwords and logging in (this is what happened with GW2)
You have to take responsibility for your own account. Companies like Cryptic/PW can assist users in this (password strength feedback, email validation on any account changes/logins from new computers, authenticators, etc), but ultimately users need to take responsibility for their own actions.
It's difficult to protect stupid from itself though. Reminds me of the old software developer saying:
Software development is the race between Engineers building bigger and better idiot proof programs, and the Universe building bigger and better idiots. So far, the Universe is winning.
That and "What do drug dealers and software developers have in common? Both call their clients 'users'." But that is somewhat unrelated...
Cheers,
That being said, Account Guard as well as what mrsnakeg said (perhaps worded a bit friendlier) is Neverwinter's Security Measures.
As mean as it sounds the simple truth is that it is almost guaranteed any time a person says 'my account got hacked' the cause of the hacking is the user themselves. Either from picking an easy password or more likely losing security to a phishing site or keylogger users are virtually the only reason their accounts get compromised.
I will be writing up a guide on how to design a secure, memorable password and get the most security possible with Account Guard (there are only two ways 'hackers' can beat the system and one way will probably never occur) a bit closer to launch but for now I can only state my own personal experience...
I have been gaming online for 15-20 years. That's actually a good majority of my lifetime and I have never been hacked on any game. If game companies were hacked left and right like some people seem to believe I would have lost all my items on one game or another by now.
Game account security is very much like treating a sickness. The number one way to not get sick is to get educated on how to stay healthy.
At the end of the day no matter what security measures are put in place server side it will mean nothing unless players take the time to secure themselves.
I should have been more specific, sorry about that. I meant the inGame hacking (as well as account hacking of course), like dupes, speed-wall-hacks, things like this that give an unfair advantage, better gear etc. The NeverWinter model is basically a "feel free to test your hacks" invitation, don't you think?!
Maybe i'm too pessimistic about all this. Hopefully it won't be that bad and they've got security measures already in place to deal with these things beforehand.
Many of those kinds of exploits work in non-MMO games, or in large-scale MMOFPSes, because the client makes the decisions, and the server only serves as a lobby. It's less prevalent in MMORPGs, where many of the decisions are made on the server. For instance, it's hard to get away with duplication of items, because the server creates non-debris items, not the client. Every once in a while a specific combination of bugs allows it, but historically they get fixed fairly quickly.
True....to a point at least. No matter how responsible an account owner is with their security, it's still only as secure as the tools they're given by the devs. I would very much like to see at least the option of being able to use a mobile authenticator. Account guard is great and all, but any hacker worth their salt isn't going to just try to log into the game using a stolen account name and password, they first sign into your account on the website and change the account email address, thus allowing them to authorize their machine when signing into the game.
And why aren't you using an authenticator with THAT?
I saw nothing in the account guard docs that said anything about authenticator support. Regardless, are you saying that account guard also requires the random code when signing into your account through the website on an unrecognized machine? If so, then good, that's at least another layer of protection.
IE 10 has awesome security and protected layers and apps, and the OS has kernel and hardware protection ,privacy mode and boot protection, even if u managed to get a virus, when it loads into memory space w a preprogrammed addressen location when u reboot
win 8 will re allocate and shuffle and reorder all memory spaces randomly so the malware cant load again
Windows 8 can keep your PCs and data safe by making them more resistant to all forms of malware, including those that use phishing attacks and rootkits. To help resist malware, Windows 8 supports the following features:
Secure Boot
Bootkits are the most dangerous form of malware; they start before Windows and hide themselves between the hardware and operating system where they are virtually undetectable and have unlimited access to system resources. With Secure Boot, the PC’s UEFI verifies that the Windows bootloader is secure before loading it. If the bootloader has been modified (for example, if a bootkit is installed) or replaced, Secure Boot will prevent execution. For more information about secure boot, see the article Secure Boot Overview.
Trusted Boot
Windows continues the chain of trust started by Secure Boot by verifying the integrity of Windows startup files. Trusted Boot also includes an Early Launch AntiMalware (ELAM) capability that enables the antimalware software to start before any third party software. By starting the antimalware solution early and within the protected boot process, the operation and integrity of the antimalware solution can be better guaranteed. As part of the boot process, Windows also runs Measured Boot, which allows third-party software on a remote server to securely verify the security of every startup component in a way that would be very difficult for malware to forge. If any tampering with the Windows boot process or the antimalware’s ELAM driver is detected, Trusted Boot will repair the system by restoring the original files.
Windows 8 Apps
Windows Store apps dramatically reduce the risk of malware. Users can only install Windows Stores apps that have been approved by Microsoft or your organization, reducing the risk that an app will have malware hidden within it. Windows 8 runs Windows Store apps with very limited privileges and no system-level access, reducing the ability of malware to exploit a vulnerability in an app.
AppLocker
AppLocker in Windows 8 gives IT complete control over which desktop and Windows Store apps users can run, and Windows Store apps are even easier to manage than desktop apps. AppLocker rules for Windows Store apps automatically apply to the app installer and all files included with the app, and you create only simple publisher rules, instead of error-prone hash- or path-based rules. Additionally, a single AppLocker rule can contain rule collections for both desktop apps and packaged apps, making it easy to manage your new packaged apps alongside your existing apps. You can use AppLocker to reduce the risk of malware by only allowing users to run approved apps. For more information about AppLocker improvements, visit AppLocker Technical Overview.
SmartScreen
Starting with Internet Explorer 8, SmartScreen has helped protect you from malicious websites and applications coming from the web using SmartScreen’s application and URL reputation services. To help protect people who use different web browsers, Windows 8 extends SmartScreen’s application reputation services to the operating system. The first time you run an app that originates from the Internet, no matter how it got copied to the PC, SmartScreen checks the reputation of the application based on digital signatures and other factors. If the app lacks a reputation, or it is known to be malicious, SmartScreen warns you or blocks execution entirely. If you trust the app, you can choose to run it anyway. For more information about SmartScreen, see SmartScreen Application Reputation.
Windows Defender
In Windows 8, Windows Defender has been upgraded from antispyware to a full-featured antimalware solution capable of detecting and stopping a wider range of potentially malicious software, including viruses. Windows 8 users no longer need Microsoft Security Essentials, because Windows Defender is now just as powerful. While Windows Defender is primarily intended for unmanaged PCs, more and more people are using their home PCs for work and to connect to the internal network. Therefore, it’s good to know that Windows 8 includes powerful and free anti-malware that is enabled by default. For more information about Windows Defender, visit Protect your PC.
Kernel Improvements
Windows 8 includes low-level improvements to make it more difficult for malware to gain unauthorized access to system resources. A much improved version of Address Space Layout Randomization (ASLR) makes it even more difficult for malware to predict where Windows 8 stores vital data. Apps are no longer allowed to allocate the lowest 64k of process memory. The Windows heap (which stores some app data) now has additional integrity checks. Data Execution Prevention (DEP) is now required and the feature is more accessible to app developers. Each of these low-level changes eliminate exploit techniques that malware has used in the past to gain higher privileges to PCs. Additionally, these improvements can dramatically reduce the likelihood that newly discovered vulnerabilities will result in a successful exploit.
Windows 8 gives you complete control over the software that runs on your PCs. Malware risks are dramatically reduced by eliminating known exploit techniques and making it more difficult to create new ones. Boot and Rootkits have literally been designed out of the threat landscape and in the increasingly unlikely event of a malware intrusion, Windows is more capable to detect and remove it. To your organization, this means improved client uptime, reduced support costs, and reduced security risks.
Pervasive Device Encryption
When users go mobile, they take your organization’s confidential data with them. BitLocker has been your solution for encrypting that confidential data, and Windows 8 improves BitLocker by simplifying provisioning and compliance management of encrypted devices on a variety of PC form factors and storage technologies. See What's New in BitLocker for more detailed information about the following improvements that Windows 8 makes to BitLocker:
Encrypted Hard Drive Support
BitLocker in Windows 8 supports a new type of hard drive: the Encrypted Hard Drive. When a PC is equipped with an Encrypted Hard Drive, BitLocker offloads the cryptography to the Encrypted Hard Drive’s processor, instantly encrypting the drive and improving desktop performance by decreasing the PC’s processor utilization. Security can be stronger, too, because the drive uses the highly regarded Opal Storage Specification standards. In a nutshell, Windows 8 PCs with an Encrypted Hard Drive can give you the ultimate data security without any performance penalty or management headaches.
BitLocker Pre-provisioning
With Windows 8, you can now turn on BitLocker and the TPM from within the Windows Preinstallation Environment (WinPE) before installing Windows, without any end-user interaction. Because Windows is not installed yet and the drive is nearly empty, enabling BitLocker takes only a few seconds.
Used Disk Space Only Encryption
BitLocker in earlier Windows versions could take a long time to encrypt a drive, because it encrypted every byte on the volume (including parts that didn’t have data). For new PCs, it is a waste of time to encrypt the unused portions of a disk, so BitLocker in Windows 8 lets you choose to encrypt just your data. This can reduce the encryption time and provisioning time by several hours.
Standard User PIN and Password Change
With Windows 8, users can update their BitLocker PINs and passwords without opening a help desk ticket. Not only will this reduce your support costs, but it could improve your security, too, by enabling users to change their PINs and passwords more often.
Network Unlock
Requiring a user to type a PIN to start a BitLocker-protected PC helps ensure the PC is in the hands of an authorized user. However, it prevents PCs from restarting automatically—a problem when you install apps and updates after hours because PCs restart automatically but wait for a user to type a PIN before starting Windows. Network Unlock allows BitLocker-protected PCs to start automatically when connected to your local wired network. Anytime the PC isn’t connected to the network, a user must type a PIN to unlock the drive. For more information, see BitLocker: How to enable Network Unlock.
Each Windows version has improved on BitLocker, and Windows 8 is no exception. As a result of these improvements, you can more easily provision and management BitLocker on your Windows 8 PCs.
Note: Part of the Microsoft Desktop Optimization Pack, Microsoft BitLocker Administration and Monitoring (MBAM) makes it simple to manage and support BitLocker and BitLocker To Go. MBAM 2.0 adds several features to take advantage of the new Windows 8 BitLocker features, provide self-service to users, maintain compliance, and to integrate MBAM with your existing management tools, such as System Center Configuration Manager. For more information about MBAM, see Microsoft BitLocker Administration and Monitoring.
Modern Access Control
Modern users aren’t tied to a desk. They are mobile, and their mobility helps them be responsive and productive. However, modern users need modern access control, which Windows 8 provides while increasing data security within the enterprise. In particular, we recommend you explore the following:
Virtual Smart Cards
Smart cards provide more secure, strong multifactor authentication by requiring users to authenticate using a smart card (something they have) and a PIN (something they know). With virtual smart cards, Windows 8 stores the smart card certificate in the PC and protects it with the TPM. In this way, the PC actually becomes the smart card. The user still needs to type a PIN, but they no longer need to physically connect a smart card or carry a smart card reader. Without a physical smart card, there’s also one less item for users to lose or forget. Because users still need a PC with their certificate (something they have) and a PIN (something they know), virtual smart cards can fulfill two-factor authentication requirements for some scenarios including remote access. For more information about virtual smart cards, see Understanding and Evaluating Virtual Smart Cards.
Picture Passwords
It can be hard to type a password on a touch screen because you can’t see the letters as you type them. In Windows 8, picture passwords provide a touch-friendly way to sign-into your device. Instead of typing a password, users draw a combination of three gestures, which can include dots, lines, or circles, which they apply to points of interest on the picture. Most pictures have the potential for millions of different picture passwords, making the authentication technique secure enough for many organizations. If a user forgets her picture password, she can type their conventional password to log onto her PC. See the blog post Signing in with a picture password to learn more about picture passwords.
DirectAccess
DirectAccess keeps your users securely connected to your internal network any time they have an Internet connection. If they have Internet access, they can access internal email, files, and apps, and IT can manage their PC. To the user, it’s that simple. With Windows Server 2012 and Windows 8 Enterprise, it’s almost that simple for IT. With just three clicks, you can configure a DirectAccess infrastructure, even if your network uses Network Address Translation (NAT) and IPv4. With additional configuration, DirectAccess can support clients running Windows 7. For more information about DirectAccess, see Work Smart: Connecting Remotely Using Windows 8 DirectAccess.
Dynamic Access Control
With Windows Server 2012 and Windows 8, you can use Dynamic Access Control to provide access control to shares, folders, and files based on dynamic rules based policies, rather than static user lists and security groups. You can create policies that allow or deny access based on combinations of user, device, and data properties. To compare the two access control methods, imagine how you might restrict access to confidential personnel records: File permissions. You restrict files and folders so that only members of the Human Resources security group can access them. IT needs to maintain the group membership over time.
Dynamic Access Control. You create a policy that allows only members of the Human Resources organization with classified security clearance to access confidential personnel records with Personally Identifiable Information (PII) from secured, on-premises PCs. IT just maintains Active Directory properties about the user, which is something most organizations do already.
Clearly, Dynamic Access Control policies are a more powerful and flexible way to control authorization, and they’re particularly useful for meeting regulatory requirements. For more information about Dynamic Access Control, see the blog post Introduction to Windows Server 2012 Dynamic Access Control.
To recap, Windows 8 modernizes access control to help you provision strong multi-factor authentication and better manage access to resources with reduced cost and impact on end users. Virtual smart cards make multi-factor authentication easier to use and deploy. PCs can be secure, always connected, and always managed from everywhere with Windows 8 and Server 2012’s improvements in Direct Access. Finally, Dynamic Access Control in Windows 8 and Server 2012 provides an access control option that automatically adapts to changing environments.
Conclusion
Security is a top feature area in every Windows release and Windows 8 is no exception. Improvements to malware resistance are arguably revolutionary in Windows 8, providing protection right out of the box. Modern access control helps you better manage resource access and provide always-on access to healthy and secure PCs in changing environments. Last, improvements that Windows 8 makes to BitLocker can help you more easily and quickly provision drive encryption across the enterprise. Are you interested in learn more about how Windows 8 can help improve security in your enterprise? See Secure Windows 8 in the TechNet Library.
and security that win xp and vista don't
for u to say the OS is a POS is pretty ignorant since u have not even run it,,sounds like ur another MS hater for no logical or practical reason other than to be a rebel or ignorant about its capabilities
I have run about ever OS made since DOS 3 including OS 2 ,Next , all NT builds , up through win 7-8
and I can tell u win 8 is the fastest more stable OS i have seen
it boots almost 2 times faster than vista, win 7 , my laptop from off boots in 7 seconds lol
the security alone is worth it,, not the mention it syncs and works flawlessly w windows Phone and XBOX all on a TV and trades files between PC XBOX ,WIN phone all seemlessly
the upgrade is $18-29 dollars,, Im sure u can afford it
kinda makes no sense not to really especially if u dump $60-200 on a game lol