View Single Post

CaptRavenous's Avatar

04.11.2013 , 04:51 PM | #104
Quote: Originally Posted by Warwench View Post
So what i gather, is you expect to be able to take a security control like disabling cookies or disabling javascript (or disabling anything else that potentially adds risk while using rich experiences online) and get the same rich experience?

you sir have 2 problems, you don't know how security works and you dont know how the internet works.

You cannot blatantly apply a security control across something like the internet to disable the rich experience and then whine because it doesn't work. You've done none of YOUR due diligence to determine the risk of what the control works on for the site you are applying it against. You need to evaluate, are cookies on this site ok or not? Do i trust the site? Am I ok with the loss of functionality from disabling cookies? the same goes for anything else, java, javascript, flash etc etc.

There are a lot of place you absolutely DO want to disable all of it because the impact of untrusted code is high and the loss of functionality is something you don't care about. you have to evaluate the risk, the impact and the likelihood on a site by site basis.

You haven't done that though, you've just disabled things on all sites and said screw it, i don't care what loss of functionality I might suffer. Then you whine cos you lost functionality.

Website depend on good implementations of things like cookies/javascript to give their users a good experience. There is no way to examine who you are and determine that you don't need to be prompted without a little 2 way trust. If you wont trust SWTOR, they wont trust you. It's pretty simple and anyone with an OUNCE of actual security knowledge can see that.

Before you go off on tangents about cookie stealing and all that, be sure you REALLY understand how those things are done.

p.s. I do have quite a bit of security experience and can debate this and anything else around security all day if you like.
I have no problems on any other websites, MMOs, or forums like I've been having here since they implemented the changes. I keep my cookies disabled and temp files cleared out as a precautionary measure, just in-case myself or someone in my family does accidently come across a blind link or ad that installs a virus. I have had 2 viruses in 15 years of being online, both of which were a minor threat, because there was no important info to steal from my PC in the way of cookies of temp files. Windows remembers NONE of my passwords, I keep those in a safer place, off my PC.

I've played other MMOs, and still do. I've not had any troubles with their security as I am now having here. Same with other forums I visit, no problems, just here.

I've lost no functionality in doing things the way I do. I can visit any other websites, everything that should work, does work. Except here.

I never get prompted for a OTP when logging into the game, only when signing into the forums. These new security measures were poorly implemented, and aimed at players who know next to nothing about IT security, or its a ploy to get us all to buy security keys, probably both.

If I know nothing about IT security, then my PCs should be royally screwed with viruses, Trojans, and keyloggers. They're not. I own 3 PCs and a laptop, and have never had any major problems with security, just the 2 viruses, as stated earlier. My track record with PCs and keeping them secure speaks for itself. I used to do government IT security. No PC or network was compromised under my watch.

Bottom line, my internet works just fine everywhere else, just not here with the stupid implementation of this OTP feature.

P.S. You'll note I didn't personally attack you.