Keylog Attack ~How My Story Ended~Follow

While I totally agree with you here, the issue isn't a matter of FF/POL being hacked into, but a matter of Hiro's login info being transferred to another person through the use of a 3rd party program which he activated. He even said he was going blow for blow with this guy trying to re-take the account. Now if the thief had hacked the POL servers to steal this information, that would be a different story, then I would hold SE totally acountable.

I think there's one thing that may be being over-looked. For example:

A user has an account, and decides he needs more gil/items etc... Said user creates a scenario to make it appear as if his account is being stolen with the hopes he can sell off the items, retain the gil, and convince SE to re-instate his character, at which point he would transfer all the gil/items from the previous character to the current one.

I'm sure this isn't the case in this situation, but that could be yet another reason SE is standing so firm on this. I'm sure once they see his persistance, they will do something. It would be a nice gesture on their part.

reading this thread, I noticed soemthing people were suggesting to help stop this problem...save your password info. Well, that is the worst idea from a security perspective I have ever heard. If you pick up a data miner, a worm, or just a hack that lets someone take limited control of the PC (or just have someone get access to it at all) then they can use a program called SIS to see your "hidden" password right through those *******. I use it at work to unlock things when users forget a password I can not change. You are better off with a good firewall, antivirus, and Spy ware detection program. Personally, I have a seperate PC for FFXI and avoid at all cost doing any other type of I-Net activity on it. I still use all the security software. Had the OP gone to a different PC, he might have lost some personal info, but the logger would not have been able to access FFXI. Anyway, I believe many do not realize that the pass word save protection feature of windows is so easily overcome.

BTW, sorry you got so nailed OP. Even the most careful and aware users can get caught off guard and make a mistake. A few of my LS on Cerberus got a similar /t or shout. I encouraged them to make a Gm call or send an email to SE at least. I doubt your the only person out there who got caught in this one.

On a separate note, has anyone tried using FFXI through "Virtual PC" on a MAC? I may have to give it a try, but dont really have a use for VPC unless it can run ffxi. If you did this, then any logger would be deleted simply by not saving Windows when you exit the program. Then, the next time you log in to Windows and FFXI, the logger would be gone. At least, that is how I uderstood it from the Macintosh Rep. I don't completely trust sales people though LOL.

SE makes it clear, at no point do you own your account, you pretty much rent it, they own it. You can not, as such, have it "stolen" from you. Ya, ya I know some of you will say, but what if you rent a car, it's still theft. Ya it is, but from the car rental agency. SE never really had it stolen from them, just a transfer of renters. You can complain about theft all you want, and talk about lawsuits against them, but they are smart in one thing, the writing of the agreements that you agree to every time you log on.



Can't sue em either.

They may have horrible customer relations, but they have smart lawyers.


Edited, May 17th 2007 1:12pm by Bacchusthegreat

If you don't have an anti-virus program how do you know you haven't gotten one?

Hey now, no need for name calling, this is just a friendly discussion :)
I didn't say I agree with SE, or that I am happy with the way they treat their customers. I was just pointing out the fact that there isn't much we can do about it except stop being customers.

Some companies just have horrible customer relations, but have a great product everyone wants, we just have to put up with them for our crack.

Well... about "ethical and moral responsibility", the extent of that is somewhat vague and unclear. However, legal responsibility is concise and exact. If someone would not take responsibility of their own action, that someone can demand other to take extra responsibility to them? The moment you demand "ethical and moral responsibility", you lose all the creditability for such demand.

You can appeal for "ethical and moral help", but you cannot demand it. There is a difference between using angry and strong language for help, then using softer language for that. I bet the angry way Stubs talk always will make customer representatives, complaints units being no less angry as Stubs himself.

Being helped extra for ethical and moral reasons should be considered a favor, not a demand. May be if you talk to a CS in equal and calm manner is a better way, things will work out better. CSs should not be punching bag for angry people.

Edited, May 17th 2007 2:42pm by scchan

If S.E. holds current credit card information to be the trump card for character ownership, then it seems like they bear some responsibility to safeguard that information somehow. A previous poster's suggestion that previous credit card info be required to change the current credit card seems like a good start. If the person wants to change the c.c. number but for some reason doesn't have it on hand, then there should be a waiting period where the account is suspended for a few days to ensure that the request is legitimate.

Edited, May 17th 2007 2:45pm by GarudaEban

The same way I have for the past 3 years. Scanning once every 6 months, setting up your PC properly (not using your admin acount for everything) and avoiding suspicious things on the internet.


As a bit of a derail, Vista is trying to move people more to the model of having a user account and an admin account. The current pop up warnings when you try to do anything is a temporary measure until software companies start writing their software properly (SE THAT MEANS YOU TOO!) I hate very much having run anything as admin. If you can't make it work with safe computing practices, such as limited user accounts, you need to go back and hit your programmers again untill they smarten up!

So noted.

*grabs a bat and heads off towards Microsoft HQ*

Because I know my computers, all 4 of them, inside and out. I do periodic scans for different types of viruses/keyloggers/spyware with some inexpensive, but efective scanning programs that I have, but no 'active' anti-virus programs.

I was wrong in saying that I've never had a virus though. About a year ago I did get a virus from downloading a program from an untrusted site. I should have known better, but thought, what are the odds, lol. Well apparantly pretty good. It installed a trojan, that kept prompting me to go to their website and buy this anti-virus program because it scanned my PC and listed a bunch of viruses. Some were bogus, and others were from this program itself. Well, obviously I didn't go to their site, but in my searches I found the necessary tools to remove it from my computer. Basically, I didn't go with my better judgement in that case, and I screwed myself. Was an easy fix though.

As much as I hate to admit, they are at least taking steps in the right direction finally. Any straight out of the box MS apps do work with my limited user account, and that's just by making them only use the my documents folder, which is in the user's home directory, the only place a limited user can make any changes. The big trouble is all the damned holes people keep finding. Lord there is a lot of them. Of course there are a lot of people looking for them, as breaking MS stuff means more targets. :)

Then again, I'd like to see how apple or some flavour of linux would fare if they were the top dog. I wonder how many holes in them would be found. It would be interesting to see. My bet is they would be almost as bad as Windows, but we're not likely to see for a long time, if ever.

I don't know about that. I won't say that they are un-hackable, but I feel thay are a bit more secure. Also more stable. I hate Windows with a passion, always have, and now with Vista I'm just pissed that I'm going to have to learn that crap. We're already being flooded with calls at work here from Vista users having issues with our programs running properly for them. 90% of them are because they need to run the program as administrator to get them to work.