![grandma[1]](http://www.myextralife.com/wow/wp-content/uploads/2009/10/grandma1.jpg "grandma[1]")
Big News Of The Week
It’s Tricky To Walk Around
The yearly celebration of Hallow’s End is getting underway in The World Of Warcaft. Hallow’s End is the celebration of the break between the Forsaken and the Scourge. Many tricks and treats await adventurers seeking holiday fun, including defeating the Headless Horseman, visiting inns and cities for fun items such as masks and costumes, and eating way too much candy in one sitting.
The Royal Photographic Society of Azeroth has announced their seventh annual pumpkin-carving contest! Until 11:59 p.m. PDT on October 28, the RPSA will be accepting photographic evidence of your pumpkin-carving excellence. In addition, the crafters of the five most interesting, original, and well-carved pumpkin designs will each be recognized for their merits with a 32 GB iPod touch, courtesy of Apple.
Blizzard has pictures from the last five years of contest winners online: [2004], [2005], [2006], [2007], [2008]. Check out the contest page for additional details, including the official rules and submission form.
Rumors And Scuttlebutt
It’s An All-3.3 Rumors And Scuttlebutt
It’s been over two months now since patch 3.2 arrived in World Of Warcraft, bringing the Crusader’s Colosseum, Tier 9 epic gear, Isle Of Conquest battleground, and all of the other accouterments we’ve come to expect from a major patch to the game. Well folks, we reckon that we’re now less than 2 months away from the release of 3.3, which hit the Public Test Realm a couple of weeks ago and has started to generate buzz all over the WoW community.
Town Cryer
Kosuke from Aerie Peak writes: I just want to ask, which class do you guys’ know or think has the trouble pulling the most sustained DPS? With just in-game knowledge and seeing people play their characters during raids and looking at a damage meter such as Recount, could you guys add your thoughts into this?
Regur from the Azuremyst server writes: I recently had confirmed that I am on a horrible server for the horde. We are outnumbered 4:1 in the Alliance favor and I’m tired of always losing Wintergrasp. So I have decided to find a new server, but I’m not entirely sure how to go about finding one. What would you guys suggest?
Drop Of The Week
An Arctic Incentive
Blizzard is full of surprises. We’ve been talking about authenticators and Battle.net for over a year, but as everyone knows, security alone isn’t a perfect incentive to use them. This week, Blizzard sweetened the pot. It’s Mr. Chilly the penguin! He’s an in-game vanity pet available to every player of World Of Warcraft. All you have to do to get Mr. Chilly, if you have not already, is merge your account into Battle.net before it becomes mandatory on Nov. 11. After you do, you will receive his egg in your mail in-game.
Additional show content provided by Darrell the Tipgiver, Steve “Buxley” Pietrowicz and the outstanding Instance Community.
Special thanks to DogHouse Systems, FigurePrints!, TypeFrag and SquareSpace for sponsoring this episode.
- The RSS Feed
The MP3 File
- The iTunes Subscription
The Zune Feed
The Audible link on this page took me to a place that looks a little sus (advertising veneer).
Isn’t the link “www.audible.com”?
Ah crap! Meant to post the above comment on the latest ELR (had both sites open) and now I can’t delete it. Sorry.
In regards to security and built-in authenticators into the WoW client, it won’t work because anything that you ultimately have to install on someone else’s computer is always hackable over time. All it takes is someone with the knowledge, tools (many of which are freely available), and time to dig through your binary code until they find out where/how you’re storing the encryption keys. This is why most software companies are switching away from pre-generated license keys and using a subscription/registration model. The reason why the authenticator is secure is because it’s a seperate piece of hardware with built-in tamper-resistance, that a hacker must have physical access to.
Randy mentioned that he thought most accounts were getting hacked from brute-force attacks. While blizzard obviously won’t disclose that information to us, I seriously doubt that’s the case, since Brute Force attacks are a high-cost/low-reward/low-yield method as compared to Phishing or Keylogging. You’d need a stable/sustained network connection, a relatively fast system, and lots and lots of time. This is different than (say) hacking into an e-commerce website where all accounts are basically equal: i.e in wow you may get a few accounts that have thousands of gold, but a bigger majority of the accounts belong to casual players and probably have only net a few hundred. Even so, locking out an account simply pisses off your existing customers and does nothing to actually prevent Bruce Force attacks, since the attacker can simply try a different account name, try again later, or he may be just trying random login names. I suspect what Blizzard is doing, however, is looking at IP addresses and selective blocking them when they see lots of failed login attempts.
Similarly, “tricks” to get around a keylogger, like using an on-screen keyboard won’t be effective in the long run, because any malware program that can log keystrokes on your PC can also take a screenshot for every mouse click as well as check if WoW is running. There are several ways that can make keyloggers less effective (at varying annoyance levels to the user).
1) Captchas — Display some jumbled up bunch of letter and numbers and ask the user to correctly type it in, closing after a few failed attempts. This is mainly a deterrence against a brute force attack, since it’s very hard to automate a captcha reponse.
2) Personal Questions — These can be wow based, like which of these character names are yours? Out of these guild names, which one do you belong to? Out of these classes, which one of have you played in the last week? etc..
3) Biometrics — Most high-end systems now ship with some sort of built-in finger-print reader, there are USB devices that you can purchase for relatively low-cost.
When you guys were talking about tier 10 armor, Randy said he thought the rogue looks like a scuba diver. Personally, i think he looks like 9 from 9 (exact likeness, but with jkust 1 eye). either that or he looks like a scarecrow from hell. Just saying!
And why exactly does the paladin armor HAVE to look like caster armor? Personally i think paladins look much better with just their original style for the armor sets, with just plate armor that fits their character’s stature. However, i do like the look of it on Mages with tier 9 armor.