@insanejedi: @insanejedi said:
So if idiot's are driving toyota's and blaming toyota for something like failed brakes it's somehow magically toyota's fault when the facts and studies just show that these people are idiots? The social engineers would have only gotten your secret question if it was true and if you let it out somewhere to someone. If you had a facebook page where you advertised that your dog name was "bill" or your mom connected you Via facebook and also had other relatives that don't have their last name changed so you got her maiden's name.
Stop being entitled asshats and blaming that it's everyone's problem but your own. The suggestions you give could be some of the most sophisticated encryption and security entry ever, and it won't give two shits if the man behind the computer is a dumbass and gives out his personal information that links to the secret question or just blatantly gives out the password. Worst yet are people who don't even know that their doing this. Like I said if you have a facebook page with your mom on it, and your mom links to relatives on her side, you could find out what her maiden's name is as just one example. It's impossible to make anything foolproof because you'll just make better fools.
You realize that they can't simply remotely delete the download from your account. Even if they could would you really want Sony, Nintendo, Steam, MS to have that ability to kill whatever you have from your 360, PS3, or even PC hard drive remotely? A: The money has changed hands from MS to whoever other company which is EA at the moment. B: The download has been made and if there was a policy like that, no one would pay for content ever because they would simply download it, report to MS that they didn't actually buy it, and then keep the DLC on their hard drive.
At the end of the day, so long as the database has not been compromised which I have yet to see evidence of, YOU picked the password, YOU picked the answers the questions.
You really are a prize idiot - I'm not even sure why I reply to fanbois like you, utterly convinced of something which you know NOTHING about whatoever.
I know for a 101% solid fact that no-one got my password or secret question from me - that means whoever broke into my account either
a - did so using a brute-force attack (something only Microsoft can prevent)
b - did so via a means which has nothing to do with my password or secret question whatsoever
Even if I'm unique and everyone else is handing out their login details willy-nilly - that means you need to tighten up security MORE - not less.
MS can do MUCH MUCH more to reduce these issues. Requiring additional authorisation before moving accounts between devices (ala Steam's system) - requiring backup authorisation before allowing purchases (just asking for a card's CVC code before authorising a purchase would totally cripple the FIFA Points scam overnight).
They could upgrade login security to use an Authenticator-like code (see Blizzard, Google and most Banks for such systems) which would render phishing completely and totally obsolete (and costs next to nothing as you just release free Apps/desktop tools to do the Authentication)
Why don't MS do these things? My guess is that they think putting any other 'hurdles' in the path of people buying stuff will reduce their income - kids will have to bug parents for the code, adults will have to go find their card and might lose interest and not login - but it would increase security IMMEASURABLY from where it is now.
Given that MS make having a card on your account pretty-much mandatory for most Gold Subscribers (and I'm pretty sure XBLIG developers need to keep payment details up-to-date also) - it's not like most people have a choice about risking their account being hacked and money charged to their account.
The FIFA scam gives hackers a way of making money - so it's not just amusement and vandalism, they're doing this before it's FREE MONEY and thus it will continue until MS do something (or law enforcement gets sick of them doing nothing and starts kicking-in doors)
Log in to comment