First a note for legal reasons: There is no attempt to place any blame on Trion Worlds or any other party and any concerns raised are quite possibly based on paranoia. I am merely pointing out some concerning facts that are likely to be coincidence so that people with more security knowledge than myself are aware of them. I AM NOT A SECURITY EXPERT AND DO NOT CLAIM ANY SUPERIOR KNOWLEDGE. and advice is welcome.
Rift is a new MMO from Trion Worlds (a relatively new company). I actually like it and would very much like to play it. If it is safe. I played it in Beta and headstart but due to some concerns have not picked up my pre-order. Headstart was on the 24th Feb, US release was 1st March, UK release was 4th March.
1. The patcher behaved oddly. It attempted to connect to the internet while already patching (I noticed this on the 1st of March)... I blocked this second attempt and it nad NO EFFECT on the patching or running of the game. So why was it doing it? Additionally that was the last time that my previous laptop was working. I have so far put this down to coincidance. I had it checked out and it appears to be a motherboard problem. It had been running hot and the fan was quite dirty.
2. There have been a lot of hacked accounts reported on the Rift forums. Unusually high in my opinion. I have played MMOs at release before and have never seen anything like it. Many of the people hacked claim to have been playing MMOs for many years without difficulty, some had multiple layers of security including noscript on Firefox (this is relevent as most MMO compromised accounts are due to keyloggers.) At least one I recall reported System Tool. I don't have any figures but from the number of complaints it appears to be outside of what I would expect is the standard deviation for these attacks. It doesn't seem fair to just put it down to user error. (to the best of my knowledge my account was not compromised)
3. Headstart was on the 24th of Feb. I noticed something on the bleeping computer front page about a massive increase in System Tool infections from the 25th of Feb onwards.
4. Trion World's security doesn't seem to handle brute force attacks too well (there doesn't appear to be a limit on number of login attempts). They are working on increasing security. Additionally if a player is kicked out due to another login they can reconnect without putting in a password. This obvioulsy applies to hackers too. so even changing password while being hacked and disconecting the hacker by logging in doesn't work. (and wouldn't be effective if you had a keylogger anyway).
So is there a link between System Tool and all these 'hacks'? I don't know anything about System Tool other than it spoofs a security alert.
Is there any chance that there is a security issue with the game itself? Chances of a patch having been infected? Chances of an inside man...? (Ok, getting into conspiracy theory territories with that one
) Some people a blaming the forums for having the same login details as the game account and that the username is the linked email address.
Are all the hacks just from brute force attacks? Or are they just from some new worm slipping a keylogger past everyones security (or however these things are implanted)? Any recomendations on securing accounts/computers? People have suggested things like copy pasting passwords but as I understand it that doesn't actually work against a keylogger. I'm not too good at remembering my passwords at the moment so having a huge list of unintelligable passwords doesn't seem like a good idea either (unless I want to reset my password evertime I log in anywhere).
I have said, my previous computer is dead so I have a new one. I really can't afford to take risks with my computer. I would like to play Rift. (I also just don't like not knowing... so would like answers just for curiosity's sake.)
Any comments on my comments or advice would be appreciated. I'm hoping someone knows more than I do about this.
ps. I do not and have not had Rift installed on any currently working computer so can not provide further details on the actions that its components take.