Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dark Age of Camelot European Server Compromised

Posted by simoniker on from the some-implication-of-an-inside-job? dept.

Revz writes "The company in charge of the Dark Age of Camelot servers in Europe finally admitted they have been having security problems, after over a week of unusual happenings for the players of this PC MMORPG. Unknown people have been causing havoc with GM admin tools on live servers and have potentially gained access to account passwords. Sanya (the community relations manager from Mythic, who run the servers in the US) has commented on the whole thing in this thread on the DAoC Catacombs site, saying 'server security has never been compromised... there is an explanation for this that doesn't involve anybody breaking into databases or servers'. Pictures and videos of the situation on the European servers where multiple high level creatures were spawned can be found in this thread on an unofficial forum."

3 of 24 comments (clear)

  1. These guys don't understand "security" by tc · · Score: 4, Interesting
    These guys clearly don't understand the meaning of the word 'security'. Literally. They say that security has not been compromised because there was no server break-in, and yet all these game-wrecking events are happening. Sounds like a security problem to me.

    The deal here is that security is an end-to-end process. It's not a single lock that gets picked, or a server that gets hacked. It's a whole system, which may involve a large number of human factors. It doesn't matter how security was breached, but if the assets are compromised (in this case game integrity), then there has been a security failure. Even if this didn't involve a direct attack on the server, it's no less of a security failure.

  2. It's even worse by Yomar · · Score: 4, Interesting

    If you check out Barrysworld (http://forums.barrysworld.com/forumdisplay.php?s= b74713e616fe7316d4cbdc2f9963005d&forumid=160) you will notice that many users will never be able to retrieve their passwords, because they cannot update their e-mail addresses. After all, when RightNow (their customer support tool) will be up again they can't gain access to it, because the passwords have changed. So to get their password, these people need to change their profile. To gain access to their profile, they need to know the password. But they don't know the password, because the password was changed.

  3. Re:In Mythic's defense... by PainKilleR-CE · · Score: 4, Informative

    So far there have been no serious security compromises on the US DAOC servers, mostly just the occasional dupe item bug, player radar, or 'speed hack', which are almost always dealt with quickly

    I'm amazed they have problems with speed hacks after these were so well publicized in fps games (Half-Life, Quake 3, and other Quake-based games, UT managed to escape it due to player location synchronization and speed limitation being built into the server before the hacks even started). Radar and occasional dupe-item bugs are going to be problems for some time, but speed hacks, especially extreme cases, can be easily stopped.

    --
    -PainKilleR-[CE]