Slashing Hackers: Diablo’s RMAH Requires Authenticator

By Nathan Grayson on June 12th, 2012 at 9:00 am.

Roses are red/that laser is, too/this room is green/and my impending death makes me blue.

If Diablo III‘s real money auction house wasn’t in direct opposition to the spirit of its own game and also an incredibly prominent representation of modern PC gaming’s most deadly sins, I’d find this whole thing kind of inspirational. I mean, Blizzard’s stared down the demons that are abysmal server stability and account hack outbreaks, yet its progress has only been delayed – not deterred. And now, the heavyweight champion of all things hack ‘n’ slash is gearing up for a high-stakes rematch against the hacking menace. Its secret weapon? Very small pieces of plastic.

Blizzard explained its policy change in a forum post:

“With the introduction of the real-money auction house, account security will become more important than ever. To help ensure that players have a positive experience when using the real-money auction house, we’ve made some adjustments to how players can use and access their Battle.net Balance.”

“Starting today, in order to add to your Battle.net Balance, players will be required to have a Battle.net Authenticator or Battle.net Mobile Authenticator attached to their Battle.net account. For clarity, this means you’ll need to have an Authenticator to add to your balance via Battle.net Account Management or to send the proceeds of your real-money auction house sales to your Battle.net Balance… While we understand that this creates an extra step for players during the login process, we believe this added layer of account protection will help foster a safer auction house environment for all of our players.”

When reports of hacking first arose, a few victims claimed that account-swiping ne’er-do-wells had tunneled right through their Authenticators. Blizzard, however, more or less shot down those accusations, noting that it hadn’t investigated a single hack tied to its tiny, easily swallowed last line of defense.

That said, I have friends who’ve been hit by WoW hacks in spite of their Authenticators, so I still find that a bit hard to believe. Moreover, even if Blizzard’s telling the truth, this still comes as yet another knock against its “always online” policy. Between this new wrinkle and connection issues that both bewilderingly and infuriatingly continue to this day, “games-as-a-service” seems to be anything but. After all, services, by definition, are helpful and convenient. And sure, Battle.net adds some neat multiplayer functionality, but only after we’ve peeled back layer upon layer of complication.

It could be worse, though. The real money auction house, at least, is completely optional. And, seeing as I plan on both keeping my cash far from the clutches of crafty thieves and starring in the first episode of Hoarders dedicated to loot in a videogame, I’ll be steering clear.

__________________

« | »

, .

203 Comments »

  1. CaspianRoach says:

    If you don’t have a compatible phone for it or can’t order an authenticator (Blizzard don’t ship in some countries), you can get an unofficial PC-version (this one), but there’s a big IF: It will only provide reasonable protection in case you install it on another machine, preferrably with no internet connection or you can install it on a virtual machine.
    You can also use official mobile version with Android SDK Tools, it includes a phone emulator.

    • Metonymy says:

      Why does this require another news post? (referring to the article)

      We’ve mostly agreed that this is hardly a great game, a 8/10 maybe.
      We’ve all played T2 and PoE, so we know there are more solid 8-9s coming, in this genre.

      Why are you continuously drawing attention to one small aspect of this average game? Did I read correctly when you wrote that this game is committing “sins?” Don’t you want it to fail? The way to assist in the failure of an idea is to never draw attention to it for any reason. Like it or not, you validate this garbage every time you write another article about it. Just let it die, already.

      • Sheng-ji says:

        Hmmmm, why would relevant news be of interest to players of the best selling PC game in a long time? The thing is, YOU want it to fail, hence why YOU don’t want anyone to write up D3 news, however RPS has a much larger than average dose of journalistic integrity, which means that if they personally want D3 to fail, they put that to the side when it comes to what they publish and instead publish articles that are of interest to millions of readers.

        • Metonymy says:

          There was an RPS article on the subject of “journalistic integrity” recently. “How often should we have kickstarter articles?” Answer: not as often as Diablo 3 articles.

          I wouldn’t be here at all if I didn’t trust these writers, which makes my question about why they are pushing this game so hard something that everyone can ask, without hypocrisy or contempt.

          • MadTinkerer says:

            Obviously they’re covering something interesting happening with a major PC game because SOMETHING INTERESTING IS HAPPENING WITH A MAJOR PC GAME.

            I don’t have Diablo III. I don’t intend to get Diablo III. I am still interested in this article.

            You might as well be whining about coverage of World of Warcraft. I played WoW very briefly, for the free month, and didn’t subscribe. I don’t intend to subscribe in the near future, and in the unlikely event the official servers go away, my heart won’t break. This does not mean WoW is unimportant, or that RPS shouldn’t cover WoW news.

            I don’t whine about coverage of farm or train simulators. I don’t whine about The Flare Path, even though I’m not interested. I don’t even whine about coverage of F2P games even though I think F2P is a cancer that is potentially ruinous on a large scale (because it’s a marketing paradigm that seriously warps game design, and makes entire genres unfeasible: thus if the wrong executive thinks it’s the answer to reviving a franchise, it will poison the franchise’s chances at getting a non-F2P game; e.g. Lords of Ultima fucking up the chances of ever seeing a good Ultima game again).

            So stop the bitching.

        • alundra says:

          What are you talking about?? It sold millions but it already is a failure, one of epic proportions:

          http://youtu.be/8NUQTATy5dc

      • Zanchito says:

        Metonimy, that post might appear harsher / whinier than you intended, just saying.

        As for the relevancy, I think it’s okay, as many, many eyes are closely examining all the commercial and technical results of D3, and those eyes will influence future games. It’s not important per se, it’s important because someone might try to copy / cancel a similar feature in other games.

      • blind_boy_grunt says:

        man do i hate people who cut in line

      • Shortwave says:

        It’s sort of big news and quite an annoyance to a lot of gamers.
        So yea’ it’s worth talking about.
        I count one article on the front page that mentions Diablo.
        No need to be so dramatic! : P

      • frenz0rz says:

        Because its news. Shut up.

      • lociash says:

        >Why does this require another news post? (referring to the article)

        Because stories on D3, get hundreds upon hundreds of comments and ergo traffic compared to any other news stories on the site, you can just glance over the frontpage whenever a D3 story is posted to confirm.

        I guess people like talking about a bad game.

  2. PodX140 says:

    So wait, they require you to purchase on of their overpriced hunks of plastic in order to even start the RMAH?

    Suddenly, their business model is making a lot more sense.

    • Torn says:

      No, just get the free Android or iPhone app, or emulate these (riskier if your pc is compromised).

      Better to demand security than have to deal with the incredible amount of hacking-for-profit that would be going on.

      • SanguineAngel says:

        Well I have several friends who own Diablo 3 but do not have smart phones because they do not like them. So I doubt they’ll be getting that.

        • Torn says:

          I believe Blizz aren’t making money on the physical authenticators — they’re sold at cost.

          It’s the same premise for secure online banking services or a company VPN: you need a two-factor authenticator mechanism i.e. a thing with a code that changes every 60s. If you don’t have one then all that’s stopping people logging in as you is your password, which for a lot of people won’t be strong enough, will be shared between other sites, and is a massive target for viruses / keyloggers.

          What I’m trying to get across here is that it’s not some huge conspiracy for Blizz to make money, rather, I think it’s just simpler to require an authenticator if you want to sell / buy items for real money.

          If you friends don’t want to get an authenticator, they’re free to use the gold AH.

          • RvLeshrac says:

            You’re aware that when RSA was hacked, every single device they’d ever produced up to that point was compromised, right?

          • mr.ioes says:

            They are making quite a buck with authenticators, this has been proven for more than a year now.
            http://daeity.blogspot.co.at/2011/02/profit-from-blizzard-authenticators.html

            tl;dr: Authenticators cost 2-3$ and they sell them for 10€ (8€ without shipping costs I suppose) in EU.

          • SanguineAngel says:

            I guess I am thinking that Blizz have overestimated technological availability/use in general. They seem to think the world and his dog uses superfast broadband when actually that is far from the case. They also seem to think that everyone uses an expensive smart phone. Although granted they are selling (at cost or otherwise) the fobs for those that don’t but I would resent having to pay to pay if you see what I mean. Especially since the game costs so damn much in the first instance. Banks don’t sell you those btw they absorb that cost.

            I’m glad there is an in-game gold AH but really I think the entire concept is a bit broken from the get-go and does alienate people.

          • HothMonster says:

            @Rv

            They are Digipass not RSA

        • acheron says:

          Well, they probably figure that the Amish aren’t going to be buying their game anyway.

    • Subatomic says:

      Nope, the one for phones is free (and even the physical ones are, at least according to Blizzard, sold at cost).

      • Mungrul says:

        It doesn’t matter if they’re sold “At Cost”; it’s still another cost to the customer on top of the $60 they’ve already paid for the game.
        In addition, the whole “Just get the free app for your smartphone” crowd really annoy me with their privileged ignorance of the fact that not everyone can afford smartphones, which are substantially more costly than the physical authenticator.

        • acheron says:

          Then they probably shouldn’t be spending $60 on a video game, then, either.

          • ancienttoaster says:

            Oh come on now, the two are hardly comparable. The yearly cost of an iPhone 4S is around $840. Diablo III is a one-time cost of $60.

            I hate Dialbo as much as the next man, but comparing a minor splurge on a video game to a major outlay on a smartphone is ridiculous.

          • Hoaxfish says:

            $60 one time purchase is not anywhere near as expensive as a smartphone, of course some of that cost can be mitigated by your specific phone-contract, but those are often quite expensive unless you have a lot of phone usage… nobody is handing out free smartphones, or even for a “low price” of $60.

          • SanguineAngel says:

            That and you know, being able to spend your disposable income as you see fit is a pretty basic right. This is effectively a hidden cost for people who already bought the game and wanted to get in on the auctionhouse. Sure, they were going to spend more of their disposable on the game but they were not aware that they might have to spend more money in order to do so.

          • Persus-9 says:

            The iPhone is hardly the cheapest smart phone on the market though. You can get an brand new android phone for about $100 these days, at least in the UK (Samsung Galaxy Y is £71 at Phones4U). Having said that I completely agree that this is a total dick move and unless they listed “smartphone” in the system specs then Blizzard don’t morally have a leg to stand on regarding their treatment of customers who don’t own smartphones. I’m wondering whether they legally have a leg to stand on since they advertised certain features, sold a product on that basis and now are requiring something extra from the consumer before providing those features. I dare say it is all covered by the EULA though.

          • Somerled says:

            Overreaction crowd: you can still afford the authenticator. And so what if it’s an additional cost on top of a game? We’re talking luxury items here. Suck it up and pay. Or don’t; none of this is really that important.

          • RandomGameR says:

            Or, better yet, then don’t buy in-game items for real money?

            You people are ridiculous.

        • Snakejuice says:

          I paid less for my “smart”phone than I paid for Diablo 3, and I bought D3 at the most cheap retailer I could find in my country. That said I still use my old phone because I’m getting old and hate learning new things, might be starting to use it for just the auth tho!

      • mr.ioes says:

        As I posted above, they aren’t sold at lost at all. This myth has to die at some point.
        They are a business and not caritas, they won’t ever sell anything at a loss.

        • rokahef says:

          There’s an important distinction between ‘sold at cost’ and ‘sold at a loss’.

          • mr.ioes says:

            Well, neither is true. Blizzard makes good money with them.

        • iucounu says:

          A business will sometimes happily sell hardware at a loss to build market share for a platform. Furthermore, selling an authenticator at a loss makes perfect sense if the effect is to reduce fraud which might cost them more in the long run.

          • mr.ioes says:

            It’s still a busted myth, no idea why you would defend Blizzard anyway. I expected people to be suprised (which I was) that the auth costs 10€ which is like 3 or 4 times the price Blizzard gets them for.

          • iucounu says:

            Perhaps (and here’s a novel idea on the internet) – just perhaps, I don’t analyse every issue in terms of tribal loyalty to one company or the other. Perhaps me wandering in to correct your assertion that no business would ever sell a product below cost is less to do with me wanting to ‘defend Blizzard’, and more to do with, you know, correcting your false assertion. A clue is that I don’t mention Blizzard in my post or express any kind of judgement, approving or otherwise, about this move.

            I frankly don’t give a shit about Blizzard per se – Diablo is the only Blizzard series I’ve ever played, and I’ve enjoyed all three of them. I’m also somewhat fascinated by the economy of a game like this, though I’m unsure whether it’s one I want to participate in. So it’s interesting to talk about, at least until you realise you’re talking to people who are so invested in one partisan viewpoint or another that they’re not actually listening to anything you’re saying.

          • derbefrier says:

            @mr.ioes

            i checked that blog you linked about authenticators. i really hope you don’t take that as gospel. he seem to be making a lot of his own conclusion with the little information he has. when will people learn random blogs are not the NY times and are not credible and why on earth would anyone believe something like this which is mostly speculation? you may be right that they make a little money off this but you must also realize this guy isn’t seeing the whole picture here and has no idea how much it actually costs blizzard to produce these as there are always added costs such as paying employees to package and ship them and probably some more stuff we are not thinking about so yeah this guy is pretty much full of it. All he has is the bulk cost from the distributor the rest is speculation on his part.

          • FD says:

            There is a lot of conjecture in that blog but as far as his analysis goes he is probably correct. The internal components of an authenticator are cheap however that isn’t the only cost. There is also the software back end to support the authenticator, not hugely expensive but not free either and finally and perhaps more importantly shipping. When I bought my authenticator it was 6.50 with free shipping. Clearly shipping on those isn’t free, I suspect Blizzard has opted, for simplicity, to sell them all at a fixed price. Once you factor in those costs while I doubt Blizzard is selling them for a loss or exactly at cost they are hardly making money hand over fist on the authenticator.

          • Vorphalack says:

            Worth considering that the authenticators Blizzard get are very similar, if not more basic than, the ones used by most major banks to support online banking. It is widely publicised that they cost pennies to make and are given away for free.

            Also worth considering is that when Blizzard ship you an authenticator, it takes a long time to arrive. It is going snail mail. You can get goods shipped from the US to Europe, first class, for less than the amount Blizzard claims it spends shipping the things over 2 weeks.

        • TheSporkWithin says:

          They are sold to Blizzard for a profit by the manufacturer. Blizzard doesn’t make them, they make software. That entire post is proving that a company that is not Blizzard makes money on selling authenticator tokens to Blizzard, at the same cost that Blizzard charges the end user. This is stupid.

  3. Dina says:

    The real problem, which I have yet to see covered elsewhere, is that setting the clock back on your OS made it possible to dupe money (basically you put up an auction for a few million, a friend bids, you set the clock back and cancel the auction, the buyer gets his money back, but you get the item AND the bidded money, thus duplicating that million).

    It’s embarrassing that Blizzard linked auctions to the client’s OS clock, but there you have it.

    It has basically tanked the entire economy of the game. It was fixed in Asia and hotfixed in America and Europa somewhat later, but not before a few select souls made millions off it. It’s unknown how long this exploit has been doing the rounds, also. Here is someone with more than 4 billion in gold. http://i.imgur.com/5NT2r.jpg

    Now, the chance of getting banned is extremely high, but that still won’t prevent off-loading all that gold to seperate accounts, or just buying exceptional quality items off the AH and shipping that around.

    I don’t know what Blizzard will do now, but a rollback seems likely. There’s way too much money going around in the economy and the prices of items, which were already steadily climbing, are off the charts now.

    edit: oh yes, I wouldn’t bid on anything in the meantime. There’s still reports of people losing their bid without getting an item.

    Here’s a giant reddit post about it all: http://www.reddit.com/r/Diablo/comments/uxgjg/major_gold_dupe_exploit_happening_right_now/

    • Torn says:

      We still don’t know it’s true.

      Post by Bashiok saying they’ve not seen anything of the sort: http://us.battle.net/d3/en/forum/topic/5760137425?page=3#51

      I suspect it’s just Kripparrian (a prolific streamer) just trolling. The images floating around are likely ‘shops, and the video of the Korean guy with craploads of gold may just be from botting.

      If it is true, Blizz are in all kinds of pain right now — if they take no action the economy’s screwed, if they rollback then they’ll be harming legit players caught in the crossfire. They (IMO) would need to go through the logs and ban any players doing the rollbacks/cancelling from the AH, permenantely.

      Come to think of it, a Ladder system like D2 had, where each ladder is a fresh / reset economy, would be a good idea.

      • RvLeshrac says:

        What’s that, you say? The company is claiming that the INCREDIBLY EMBARRASSING FLAW doesn’t exist?

        What’s next, people who are actually guilty pleading “Not Guilty” in court? Nah, of course not, no one would ever lie about anything to cover their asses.

        • weego says:

          They have been open about the dupe problem on the Korean servers and have always been as open as you could expect about issues in WoW so while it may have been pleasing to type that rhetoric I really don’t think history proves it correct.

          • byteCrunch says:

            Yes they may have been open, it is kinda hard taking down all the Korean servers without someone noticing. Duplication could destroy their money making scheme when they launch the RMAH, that is the only reason they took it down.

        • weego says:

          Should I expect to be dismissed as a fanboy now?

          • derbefrier says:

            yes, generally people that rail against blizzard are immune to reason and would rather believe their silly conspiracy theories than admit they are acting irrational. The same thing happened with the whole “session spoofing” hack. All these idiots came out of the woodwork claiming to be IT geniuses and when asked for proof by blizzard and us so called “fanboys” well as you can guess none was ever given. Same thing with the “I had an authenticator and got hacked” crowd. PROVE IT or shut up.

            I understand why Blizz did this. It seems a good portion of their use base is stupid when it comes to account security and with real money involved they have to protect their customers from themselves. This means i wont be using it since i don’t have an authenticator though but i was planning on sticking with the GAH anyways.

        • Torn says:

          Bli$$ard tin foil hattery woo!

          • byteCrunch says:

            Well in the case of Diablo 3 a major security flaw would undermine their already rocky launch. Blizzard need to convince people to use the RMAH, if people think there is a security issue they will not use it.

            So it makes perfect sense to deny it being an issue. It is already quite clear the breach had nothing to do with user error.

    • D3xter says:

      Not only that, but Koreans actually found at least 2 other dupe methods for items already and had been doing it for at least a week:
      http://www.youtube.com/watch?v=vjIdTQetPo0
      http://www.youtube.com/watch?v=cohsGbA_9-A

    • reggiep says:

      “It has basically tanked the entire economy of the game.”

      Exaggerate much? What economy? That implies that there is a finite limit on money in the environment. There’s not. As far as we are concerned, we all have magic wallets where all we have to do is kill some demons to generate money out of thin air.

      I’m not even sure what you think you mean by “tanked the entire economy”. When you have a magic wallet, the economy can never tank. Economies in real life tank when people don’t have money to spend to keep the flow going. That is not even remotely the case in Diablo. Even the items being sold are generated from thin air rather than physical raw materials that are subject to market forces. There are no market forces or supply limits in Diablo.

  4. Flukie says:

    Just use an Android phone or phone emulator, quit whining.

  5. KikiJiki says:

    It’s more secure than it would be otherwise, but if RSA can get hacked and have to reissue fobs for their system (which works the same way as the system used by Blizzard) then Authenticators aren’t totally safe either.

    I hope this is the first step in a series of measures designed to secure the RMAH.

    EDIT: Honestly though I think the RMAH is going to be seen as a total failure in approx 12 months time. It hasn’t eliminated the grey market of item trading via third parties, just given them some competition.

    • SanguineAngel says:

      With you on this one KikiJiki. I suspect these delays won’t have helped.

      Still, I think it’ll be a retrospective failure from the outside but financially it’ll probably do well enough. I mean, DIII itself looked to fall flat on it’s face right out of the gate and still sold more than anyone else. So to the outside world it was a technical failure but to Blizzard the only real stat that counts is that big long number that comes after the $ on their bank account

  6. Was Neurotic says:

    But you can still play the whole thing and have a good solo experience without ever touching the AH, right?

    • Toberoth says:

      I believe so!

    • CaspianRoach says:

      The game is built in such way that the only efficient and reasonable way of getting loot is buying it, not hoping for a drop. Drop chances are miniscule because of millions of players rolling the dice every second.
      You can go through Normal no problem but if you want to have a chance on higher difficulties you have no chance but to go to AH.

      • Subatomic says:

        I played through normal, nightmare and hell without touching the AH once. Inferno is another story though, you won’t get very far without extremeley good items (to which the AH is the easiest way). By then however, there’s a decent chance you aren’t really motivated to continue playing anyway.

      • weego says:

        If you assume that you should be able to “beat the game” in under 100 hours then sure. If you want to play and do it yourself then the game lets you do that. I don’t see where an efficiency metric is valuable here.

      • MrMud says:

        I’m in Hell on Hardcore without having used the AH once.

    • Calabi says:

      You cant though because its required to use the AH because you dont get decent drops. The AH is calculated into the drop rates.

      It basically contradicts the whole idea of the game.

      • KikiJiki says:

        This is incorrect and the confusion stems from a post Bashiok made that was later corrected by both himself and Jay Wilson on the Reddit AMAA.

        The Auction house does not influence the quality of items dropped.

        • Milky1985 says:

          Oh becasue they said its true it must be true, theres no chance that they would chance the loot drops based on whats going on at the moment, no chance what so ever that the loot would be skewed away from your current class.

          I think it pays to be slightly cynical with this sort of thing tbh :P

          • KikiJiki says:

            I think you need to take your tinfoil hat off for a second and open your dictionary to RANDOM.

            The human brain is hard wired to see patterns, and random systems (or those that are as truly random as we can make them) confuse the hell out of us and cause us to perceive patterns where none exist.

            You can put your hat back on now, the CIA almost have your brainwaves pinpointed to the nearest metre.

          • Milky1985 says:

            I bet you think that the video poker machines are random as well :P

            Its not tinfoil hat, its knowledge of computers, anythign that we see as random can easily be manipulated (and true randomness is actually hard to get in the computing world as well, look up some white papers), being cynical and question the drop rates (whcih is something lots of peopel did before and during release as the details fo the AH came out) is not a bad thing.

            So less tinfoil hat insults please

          • KikiJiki says:

            Video poker machines are a form of gambling, an activity designed to take your money. You can’t compare gambling to a Random X Generator because the principles behind them are different. One is designed to win, the other is designed to be as random as possible.

            I’m a software engineer for a living, and I’ve developed randomisers before. ‘True’ random is actually impossible to create because it’s impossible to prove, but you can create something that’s far more random than you need by using simple seeding, no white papers needed.

            I think I’ll stand by my tinfoil hat comment. You’re quite obviously not knowledgeable about this and are falling into the trap of seeing patterns where there are none.

          • Grargh says:

            So, a game with randomized loot drops designed around a RMAH is not a form of gambling? How can you believe this system was not made to take your money?

            And yeah, of course randomness can be simulated easily enough, but as you said youself it’s hard to determine whether something is truly pseudo-random or has been fiddled with. That said, I don’t think cheating with the randomness is even necessary for their profit, same as with online casinos.

          • ReV_VAdAUL says:

            Engineering a need (or at least a strong encouragment) for people to use the RMAH is as much about making money as Video Poker Machines.

            Can me a tinfoil hat if you like but is it really so crazy to be very cynical about what Blizzard clearly hope will be a major revenue stream?

          • KikiJiki says:

            @Grargh: The RMAH is not gambling, you know exactly what you’re paying for and there is no randomisation of what you buy from it. The random loot system and the RMAH are seperate entities for the purpose of your point. A better comparison would be buying gold from the RMAH to use in crafting.

            @ReV_VAdAUL: There’s a gold AH, how do you assume that Blizzard are engineering a need to use the RMAH specifically? Where does your assertion that it’s intended to be a major revenue stream come from?

            I’m all for discussion about the nature of the loot system and how people use the Auction Houses but come on people, at least have a decent point.

          • piratmonkey says:

            I’m not seeing the “gambling” comparison. One is about random chance determining whether you win or lose, with money being used for each go. The RMAH is about buying/selling items at a market price for money.
            Edit: Ah you beat me to it.

          • Grargh says:

            Point taken, the gambling comparison was rather flawed. I still believe that the auction house is intended as a cash-cow, and that other aspects of the game were designed to cater to that, maybe including the distribution of loot. We are talking about an absolute industry giant with all the higher ranks consisting of profit-first businessmen.

          • Milky1985 says:

            @ KikiJiki

            There were stories before Diablo 3 was coming out about the Real world acution house and them having to check local laws because of gambling laws, in fact the Real world RH had to be dropped (not sure if it was reinstated) from the korean release because the korean government said it was close to gambling.

            http://uk.pc.gamespy.com/pc/diablo-iii/1216555p1.html

            Am also a software developer so i understand how random works and also how it could be abused, so I suggest you stop with your tin foil hat comments, as there is a fair bit of discussionon the internet about the points i’m making from a variety of other sources. I see some poeple here agree with me about being cynical based on this (and lets be honest the current business practices of the gaming industry gives people reason to be cynical) so i’m not the only one.

            You might trust them, I don’t, they are also currently denying that the auction house exploit worked.

            We will never know for sure if it is trurly random unless the code is leaked however. (or someone starts documenting the drops for each character on a massive scale)

            Basically calm down and stop being insulting.

        • fish99 says:

          Well it is a fact that if you gear up your character from the AH with the gold you would otherwise have spent on the blacksmith, the jeweler and buying in-game gear from merchants, you’ll probably be 2-3x harder. I know because I’ve done it. Plus the game lets you buy gems on the AH which are impossible to craft at your current difficulty.

          Whether the games is too difficult if you ignore the AH, I’d say that depends on your class (the melee classes have a lot more survivability), your skill at the game, and whether you find dying an acceptable part of the game. I’d say the AH is pretty much essential for hardcore though.

      • frightlever says:

        Somebody must be getting decent drops or where is the AH loot coming from? I rapidly embraced the Auction House but now I’ve hit 60 it’s a different economy. Possibly related to this gold dupe mentioned above. I’ll be grinding for gold to improve my gear at this point, so… I’ll probably retire and wait for the expansion soon. Soon.

        edit: Just FWIW I haven’t equipped a rare drop I’ve gotten myself since late lvl 40s, all my gear has come off the auction house – funded by a Boj Anglers drop I made a couple of million gold off. In that time I haven’t seen a single rare fist or dagger drop (I play monk). When I think about it that does seem odd. I mean I had about thirty rares drop yesterday evening alone and I wouldn’t look twice at any of them even for my ALTS.

        If they’re tweaking drops to make RM gold buying more attractive, and fuelling an AH price boom, then it’s pretty much against the spirit of Diablo, where half and possibly most of the fun was finding your own gear. I’m not a conspiracy theorist in general but that does seem plausible.

        • KikiJiki says:

          It really depends on where you’re farming and your %magic find. I’ve found a few really nice drops, a lot of nice but really cheap drops, and an enormous amount of vendor trash/salvage fodder.

          The good stuff only really starts dropping in Act 3 Inferno, so the people who have been farming Seigebreaker, Cydea/Azmodan or content after that are the ones getting the best loot. Coincidentally that content is harder to farm than Act 2 and a lot harder than Act 1 Warden/Butcher runs.

          The upcoming changes improve the quality of items that CAN drop overall, but of course, random system is random.

          (I wouldn’t rely on specific weapon types on your monk either. Current monk builds revolve around Attack Speed and Life on Hit so just grab the highest dps weapon you can afford with those stats.)

        • fish99 says:

          “Somebody must be getting decent drops or where is the AH loot coming from?”

          Farming with high MF gear.

    • Was Neurotic says:

      One day I will probably get this, but until then, I’ll bide my time with TII.

  7. kikito says:

    I take this opportunity to recommend all of you tired of mindless clickery to give a look at a real roguelike.

    Lots of them are free. I’ve been playing Dungeons of Dredmore, which isn’t, but it’s got a 70% discount right now. The complete game plus expansion probably costs less than a lot of equipment in the Diablo Auction House (I have not checked this. But it’s damn cheap). And will give you much more entertainment.

    • Toberoth says:

      DoD is absolutely fantastic, indeed. I’m just about to descend to level 10 and I’ve loved every minute. Despite being turn-based and a bit silly, it channels the original Diablo far better than D3 seems to (judging from my experiences with the beta and starter edition, that is).

      • SanguineAngel says:

        Actually now I think about it. Yes it translates my old diablo experiences far better than D3 does. Plus i love that game anyway

        • Toberoth says:

          Yeah! I mean the storyline of DoD is basically nonexistent, whereas the Diablo I story was actually pretty cool (the manual was a great read!), but in terms of gameplay rather than trappings, DoD really nails it. Both Diablo I and DoD gave me the sense that I was testing my wits and endurance to explore perilous dungeons packed with great rewards. Neither game holds your hand (a trait carried over from roguelikes I suppose), and they both force you to make extremely difficult decisions about where to put your skill points, making you feel a true sense of pride at the character you’ve created, which is uniquely yours in a way that D3 characters just can’t be, due to the way you can swap builds around on a whim.

          I’m rambling because it’s early and I’m full of beans, but basically DoD > D3 4eva omg lol1

    • eks says:

      While I have played the shit out of, and love DoD it’s strange that you would use that as an example of a “real roguelike” or implying it’s some sort of “purer” dungeon crawler when compared to Diablo. Dungeons of Dredmor is suppose to be “babies first roguelike” and a way to try and introduce someone to the genre. Large parts of it have been simplified compared to traditional roguelikes.

      There is a “major” roguelike list over on roguebasin if anyone is interested in looking into some traditional roguelikes.
      http://roguebasin.roguelikedevelopment.org/index.php/Major_roguelikes

      • Was Neurotic says:

        I understand what you’re saying, but I’d hesitate to say that DoD is in any way a ‘My First RL’ type of thing, mainly because it’s so very different from any kind of ‘proper’ RL. I mean, the differences go way beyond just nice graphics and cimplification of the controls etc. I’ve always thought of DoD as being inspired by RLs, rather than trying to be any kind of RL itself.

        • Toberoth says:

          I agree with you there. Seems to me that DoD and Diablo (1 and 2) take the basic roguelike formula of dungeon delving and looting but then add or remove elements until it’s hard to claim that they’re still part of the genre. “Inspired by” is a good compromise imo.

      • Toberoth says:

        Thanks for the link! I ended up downloading Dungeon Crawl Stone Soup just now (the tileset version, I’m not quite ready for ASCII just yet). Looks great :-D

      • kikito says:

        DoD is not the first roguelike I’ve played. Mechanics-wise, DoD is a full roguelike.

        It just that it has a good user interface. IMHO that’s not “simplification”; it’s “improvement”.

        • Kaira- says:

          I personally felt otherwise – the UI, while more visualizing than normally in roguelikes, was still a mess which required way too much clicking.

          And oh, mechanically the game threw out so many good things that I’m surprised it hasn’t received a bigger public flogging yet. No diagonal movement and no time system (everyone, and I meanabsolutely everyone, moves one square per turn ) are some design choices which make no sense and make the experience worse for me.

          • kikito says:

            I personally think that diagonal movement/attack and timed actions are not “critical parts” of a roguelike. With this I mean that a game is no less roguelike for not having them. Yet, DoD has some things to say about those.

            There are several teleportation spells that will give you diagonal-ish movement in a limited way. The “knightly leap” ability allows the character to move in “L”, like the chess piece. A lot of enemies also teleport. Melee attacks are axis-based, but ranged attacks can be done in any direction. So, there is some degree of liberty there. I prefer this over “everybody moving diagonally all the time”.

            On the speed side, everything has the same speed, but certain abilities & items make enemies lose turns, which is very near. The abilities are triggered randomly, and the items are consumed, so you can’t “turn dance” around enemies and not be hit at all. I consider this an advantage, since I don’t like counting turns.

            DoD has other features that others don’t. For example, a sizeable crafting system, and a moderate set of rules regarding hit/counters/armors. None of thise I consider “critical” in a roguelike, but they add to the complexity you imply the game lacks.

          • kikito says:

            Oh, and regarding the clicking: there are some options to activate in the “ESC” menu that alleviate this. Move with WASD, and pick items automatically.

    • ReV_VAdAUL says:

      I know it makes me very shallow but while I have played and enjoyed DoD the fact my loot doesn’t show up on my character is a real drawback for me. I guess I just really like playing dressup.

  8. philbot says:

    This, and they have also prevented people with russian CD-keys from playing in english, creating a massive backlash from some distributors- see diabloclaim.com for extra details.

    It’s pretty disgusting how they are now preventing players with legitimate CD keys from playing, weeks after they would have purchased them. So glad I didn’t get into D3, it just seems like a massive DRM fail.

    • CaspianRoach says:

      They stated that from the beginning that russian keys will only be able to play with russian language locked in. It’s the people’s who wanted to “fool” Blizzard problem for buying product they weren’t supposed to have otherwise at a russian price (retail keys from russian boxes).

      • SanguineAngel says:

        On the one hand there’s that. On the other hand I still can’t see how it matters. If you buy a product you buy a product, it doesn’t matter where you buy it. It’s not cheating the system. No one stops you buying cheap clothes when you go abroad or says you can’t bring them home with you. Region locking is, in my view, morally dubious at best.

        • KikiJiki says:

          Region locking is done because the real world economy of a country like Russia is very different to that of the UK or US.

          If Blizzard wants to sell their product in Russia the price point needs to be lower. It’s not practical from a business POV to offer this price point to consumers with a lot more disposable income, so they region lock it.

          You can love/hate region locking for whatever reason, but it’s more about offering the product to everyone at the same percentage cost relative to income than it is trying to ‘screw over’ people with more money. The alternative would probably leave the game far too expensive for people in Russia or parts of Asia to afford.

          • SanguineAngel says:

            or small percentage of customers would end up buying the game for cheap in Russia or elsewhere.

          • KikiJiki says:

            If the possibility for people to do that exists, why would the product be offered in English in that region?

            Answer: It wouldn’t, which is exactly what’s happened.

            People bought a Russian client for cheap, thinking they had cheated the system somehow. Now they’re mad because the Russian game they bought only has the Russian language.

            Nothing about their game is broken, they’re just idiots for thinking they could get something for nothing, figuratively speaking.

          • SanguineAngel says:

            or literally speaking they wanted something for cheap. If they wanted it for nothing they might have tried to pirate it – which would also not have worked.

            Of course, it could be that you are an English speaker living in Russia, or on holiday in Russia and you see a bargain.

            “If the possibility for people to do that exists, why would the product be offered in English in that region?”

            Because you may not be aware of this but English is a major language. When I last visited Moscow I went to a school where all lessons were taught in English. And people in all areas of the world speak all sorts of languages. Did you ever wonder why your software offers you a choice of languages? It is because some people who live here (England) do not speak English as a first language. Likewise, some people in Russia do not speak Russian as a first language (for a variety of reasons). When standard practice is to offer multiple languages, even within that very same product elsewhere, it is discrimination to allow only Russian language within Russia.

            Edit: Also it is not illegal to buy things abroad.

          • nil says:

            It is about capital wanting to have its cake and eat it, too – exploiting wage arbitrage while ensuring consumers can’t exploit the price arbitrage it entails.

          • ReV_VAdAUL says:

            Exactly Nil, I can never understand why people will think it is reasonable for big companies to make / keep as much money as possible but decry consumers (such as themselves) trying to make / keep as much money as possible is somehow cheating and iffy behaviour.

            If global markets mean my wages can be undercut by the labour of people in poorer countries why on earth shouldn’t I try and undercut local prices by buying products from foreign countries?

        • Sheng-ji says:

          Yeah, exactly! There have been a few similar cases in England recently and in every case the judge supported the person who purchased a product or service from a different region. Whilst Diablo 3 may not be expressly breaking the law, I wouldn’t rate their chances if someone insists on a refund via small claims.

    • D3xter says:

      Not only Russian version, but apparently Spanish, Portuguese and a few other countries too: http://www.kotaku.com.au/2012/06/error-82-blizzard-now-forcing-users-to-play-the-game-in-their-native-language/
      “If you are experiencing an error 81, 82, 83 or 84 when trying to log in to the game, it’s possible that you are attempting to log in using a language that you are not authorized to use. The Russian, Spanish, and Portuguese versions of Diablo III are among some of the versions that can be language-limited.

      Your game language and interface will remain the same when you change regions. If you purchased the full-language version of Diablo III, you will be able to play in all available languages in all regions. To play in a different language, you will first need to download the Diablo III game client for that language from Battle.net.”

      http://diablo.incgamers.com/blog/comments/blizzard-suddenly-decides-to-lock-down-russian-language-version
      This one even says they changed what they said regarding the issue afterwards e.g.:
      “Yes this should be possible, you should be able to choose your language normally once the Russian version is released.” got changed to:
      “Update: 08/06

      The Limited Russian version is separate to the other versions, if you have a Limited Russian key on your account, you will need to play using the RU language pack
      Sorry for any confusion over this issue.
      Please note: the full EU version is available on the Blizzard Store which allows all languages and full region support via the Global Play feature (including Russian language support)”

      Apparently they want all those people to rebuy the EU version of the game so they can play in every language xD

  9. Moraven says:

    The RMAH always required the Authenticator.

    What is new is the requirement of it to use Battle Bucks.

    • RvLeshrac says:

      We have always been at war with Eastasia!

      (Just in case you missed it there, that was my way of saying “No, it never required the Authenticator.”)

      • Toberoth says:

        Noice.

      • Moraven says:

        Oddly, they had it on Beta patch 14.

        They added the requirement of it to have a large Battle Buck pool. (limited to $100 before you add auth, which seemed rather high still)

        I think I got it mixed with the security requirements with Paypal link up. You had to have some additional security to get real money out.

        “You will be required to sign up for the Mobile Alerts service in order to use PayPal to buy or sell items in Diablo III’s real-money auction house.”

        Original details on RMAH:
        “As part of our commitment to account security, players who wish to use Diablo III’s real-money auction house MAY be required to use one of the following security measures:”

        So, I was half wrong. :)

        Sounds like the last thing to stop someone using your CC is the security code? Anyone would need more than just access your account to use your funds.

    • Torn says:

      Pretty sure battle bucks are the RMAH currency — you convert to/from real money into Battle Bucks.

      They’ve been saying the RMAH would require an authenticator for a good while now.

      • Jarenth says:

        Please tell me Blizzard’s made-up currency is actually called Battle Bucks. That that’s not just some quickly made-up name, but actually, really what they’re calling it. Please.

        I need this to be real.

    • pkt-zer0 says:

      Yeah. So I suppose it’d be like Steam requiring you to use SteamGuard for the SteamWallet. I don’t really see how this is a big deal.

      • Milky1985 says:

        Steamguard is free for anyone with a email address (minimum requirement for having a steam account), authenitcators are not free, unless you have a smart phone or are willing to use a emulator and thus defeat the point of the whole sodding thing anyway.

      • jrodman says:

        I’m confused. I believe I have steamguard turned off, and I believe I put money onto my steam wallet.

      • Moraven says:

        WoW has Steamguard like lock out.

        Oddly D3 does not seem to have it.

    • Milky1985 says:

      Why battle bucks, why not quality quids or something!

  10. Web Cole says:

    “Untouchable” Blizzard fast losing that shine.

  11. mr.ioes says:

    If only they’d drop the DRM, we’d have great mods already. Their game feels like Torchlight 1 to me. A nice basegame that I can only enjoy with certain mods, adjusting the game to my likes. Replace ‘adjusting’ with ‘fixing’ for D3 though.

  12. hellboy says:

    We hate technology here in RPS

  13. Lajcik says:

    So why is it a sin to embrace what has been going behind the scenes in almost every successful online-enabled game? People will always buy gear/accounts for money on ebay and such, so why is it a sin to incorporate such trades in game, officially?

    • Milky1985 says:

      You could say that ever other company have come out and said that this sort of thing is bad and shouldn’t be done.

      So incorperating it into your game and saying “well people were going to do it anyway” kinda validates what was begin done before and says that actually it was fine :P

      • Lajcik says:

        That’s a valid point. On the other hand, in diablo what gear other people have has little (if any) effect on yourself. It’s not like they can use that to ruin your enjoyment of the game in any way. It might become more of an issue once pvp goes live, depending on how blizzard handles that. But until then why should anyone care how others play their game? :)

        • Milky1985 says:

          There is no issue with what other people are doing, the point i simply made was that all the other companies say its bad and wrong (including blizzard with wow gold selling) to buy gold from third parties.

          But now its perfectly fine cause they get there cut :P

          • Stromko says:

            Well, yeah. Monetizing game-time turns it into a job, it essentially ceases to be a game for many people, while also encouraging bad behavior that harms those just trying to play normally (IE, accounts hacked and virtual goods stolen on an industrial scale). But, so long as the people running the servers are making a lot of money off it, it’s all gravy.

    • Moraven says:

      EQ2 did this, restricted to only certain servers.

  14. Belsameth says:

    I find this an extremely good move on blizzards part.
    The real money AH is *entirely* optional and nobody is holding a gun to your hand if you want to use it.
    If you do, however, they want you to add a layer of extra security to *help* you keep your financial data safe.

    If you don’t want an authenticator, don’t use the RM AH.

    Or is the bank evil as well, for forcing you to use an authenticator?

    • RandomEsa says:

      Both authenticator and RMAH are completely optional but what If you would want to use RMAH but didn’t want to buy an authenticator, because you feel completely safe without it? Considering that RMAH was one of the key features of the game and marketed as such without a word of needing an authenticator to use it before just few days ago.

      If you don’t have an iphone / pad or an android ( or emulator) you have to pay atleast 6$ extra to use a feature that was promised to you when you bought the game. Simply giving out every person who has a diablo 3 on their bnet account a free authenticator would be a ‘right’ thing to do.

      ps. When I give out my details to a company that deals especially with my money I want THEM to keep my information safe on THEIR system.

      • Belsameth says:

        Yes, and luckily there’s no such things as keyloggers, so you have no responsibility in it.
        Following your logic it’s also bullshit for banks to require an authenticator. It is, after all, their responsibility to keep your details safe.

        Also, RMAH was never a *key* feature and always mentioned as completely optional.

        • RandomEsa says:

          Because keyloggers are the only thing how hackers get in to people’s account. I’m first to call out users responsibility to keep his login information safe, but when I do get hacked even though its not my fault ( see the “phishing” incident) I will obviously call them out on that. I’m not saying everything is blizzards fault, but instead it goes both ways.

          I don’t know what bank you use or where you live but I got my bank authentication free of charge when I opened an account with my bank + an optional netbank linked to my account. See this is fine, I get an authentication for my bank account free of charge which I use to authenticate myself when I login to pay some bills from home or I buy something from the internet. I signed up for it before my initial purchase and was completely fine with it.

          http://us.blizzard.com/en-us/games/d3/

          1 out of the 4 features presented by blizzard itself is the auction house and the real-money aspect of it. Blizzard is pushing it like it is a key feature and I will consider it as such.

          ( I also think its worth mentioning that I haven’t bought Diablo 3 but I do have an authenticator linked to my bnet account. Gotta keep those purplz safe).

        • kud13 says:

          wtf are you smoking?
          Always online was a major thing mentioned in every pre-release.. the reason always online exists is because of the sodding RMAH. Of course, it’s a huge feature, and everyone knew about it.

      • pkt-zer0 says:

        “Considering that RMAH was one of the key features of the game and marketed as such without a word of needing an authenticator to use it before just few days ago.”

        It was in the AH-related FAQ from the start, as far as I remember. This was certainly not news to me.
        As for proof, while the Wayback Machine has no records for the FAQ page, there’s an entry in Google’s cache from May 31 that does contain it (search for “diablo rmah faq”).

  15. jrodman says:

    On the plus side this might be a drag on the success of the scheme.

    Okay, schadenfreude aside, it actually makes me think the whole thing is a bit less dishonest and mercenary than I was assuming.

  16. Xaromir says:

    What progress? That company and it’s games are stuck in the 00′s

    • jrodman says:

      I assume this is a joke. Is there a stock phrase or idea being cannabalized here? Or just the absurdity of it? All of the above? TOO MANY QUESTIONS??? **KILLING THE JOKE***!!!!!!!!!!!!

  17. Drake Sigar says:

    Maybe they should have an authenticator for the authenticator.

  18. sophof says:

    The whole thing doesn’t make sense to me. There’s thousands (probably more) sites dealing with people’s money. Significant hacks resulting in stolen money/property are so rare that they tend to be worldwide news and none of them require an authenticator. Why is everyone suddenly so paranoid when dealing with this? Why is everyone so convinced that hacking-for-profit would be some sort of rampant problem?

    • ecbremner says:

      The answer to your question is World of Warcraft. Hacking was (and is) still rampant in WoW and that involves an extra step from hack to real world money. The RMAH is a direct step….. Blizzard knows their games are lightning rods for this sort of behavior.

    • Hallgrim says:

      The main difference is that nobody gets sent to prison for hacking WoW/D3 accounts. Stealing from credit card companies is serious business. There is a reason why WoW account info is more valuable than credit card numbers on the black market.

    • psyk says:

      “Significant hacks resulting in stolen money/property are so rare that they tend to be worldwide news”

      LMAO you can’t be serious.

  19. SirDimos says:

    Anyone else think it’s dumb that they’re going to require an authenticator for the RMAH, but passwords still aren’t case sensitive?

    • Hoaxfish says:

      I don’t worry, because Blizzard says that whole uppercase/lowercase thing is just a false sense of security… also, I don’t have a blizzard account.

    • jrodman says:

      There are so many steps blizzard could take to increase security, but don’t.

      - forgoing a ‘noreply’ address for mass spam emails, and making sure that their customers are clear that all emails can be responded to, if only by roboservice. This would make phishing a *lot* harder
      - using authenticators that do one-time credentials, with login over ssl — meaning all network attacks will fail
      - offering services that get people away from places like curse, where most information leaks and attacks occur on their customers
      - integrating rootkit/malware detection services into the client downloadable. Companies already specialize in this stuff and I’m sure would be happy to take a small sliver of blizzard’s endless piles of money
      - dropping the EMAIL ADDRESS as the visible identifier for communication in-game (this one is crazy that it ever went live this way)
      - support for ssh-style secrets unpacked with passphrases — beats a password hands down and is easy to use
      - transparent settings for authenticator — allow users to set their account to always require it, for example
      - changing their website to not require users to have attack vectors wide open like flash and permissive javascript

      Some of these have some profitablity ramifications, some are tricky or only would help the minority, some are dead simple though (go back to usernames). That they don’t do any says your security is not really important to them.

      • Hoaxfish says:

        did they fix the whole “can infinitely attempt & fail logins without even getting temporarily blocked” thing. Last I heard, WoW has a timeout after X amount of failed attempts, but they hadn’t implemented a similar thing for Diablo 3.

        • marcusfell says:

          Problem there is you can lock accounts just by spamming them.

          • Hoaxfish says:

            even something like a 20min lock-out (so you’re not screwed until you phone support), with maybe captcha until the next successful sign-in…just enough to disrupt brute force attempts running 100s per second.

          • HothMonster says:

            They don’t lock you out for manually failing but that doesn’t mean they won’t lock an account or block an ip for doing a 100-1000 attempts per second. There is a big difference between the speed a person screwing up his password hits connect and script trying to brute force its way in attempts to connect.

          • FD says:

            There is no failed login lockout exactly but each login attempt takes about 1 second so brute-forcing is pretty well throttled.

            Really brute-forcing isn’t an efficient option in the long run when phishing scams and keyloggers are still so effective. I doubt more then 1% of all account compromises in a given year come from actual brute-forcing and I suspect the number is a lot smaller then that.

      • FD says:

        FYI, you can require authenticator on every log in. On Battle.net click manage autheticator settings and you can set it there.

  20. Artificial says:

    I don’t have a smart phone, nor do I have an authenticator, nor do I want to purchase one. Not that I planned on using the RMAH anyway. Infact, I haven’t even touched Diablo III for a couple of weeks now,m it got boring extremely fast.

  21. piratmonkey says:

    Fine with me. Curious about what the average price for drops will be though.

  22. rocketman71 says:

    The RMAH (and Diablo 3 itself) also requires a complete lack of self-respect as a gamer.

    • piratmonkey says:

      How dare people enjoy things I dislike!

      • RandomEsa says:

        I think its more hypocritical than anything. Ubisoft had their run with always-online on their singleplayer games and they paid for it with sales dropping for pc even though some of the titles were really good ( Driver: SF for example). Ubisoft was shunned by users and critics alike for their practice and stamping everyone ( even their customer) as a pirate.

        Then Blizzard jumps in and their always-online drm is hailed as a next step in to the right direction not just by users but by critics themselfs who just year or two go were boycotting ubisoft games just because of their policies on pc-games. While the official explanation is dupers and botters who would ruin diablo 3′s economy ( and didn’t that turn out well) It was to protect their income from the RMAH.

        Not saying the plan isn’t genious. If this succeeds they pretty much secured themselfs thousands or even hundreds of thousands free workers who will happily “work” for some pocket change. Funny thing is they will get away with this and be praised for it.

        • piratmonkey says:

          I’m not sure what point you’re making beyond “always-online DRM is bad” (which I sort of agree with).

          • RandomEsa says:

            That the gamers are hypocrites and way too brand loyal ( including myself).

          • Belsameth says:

            This. But I also think it has to do with a level of trust.

            We can *trust* Ubisoft to make a mess of things, like when all their recent titles went dark because of a servermove without ETA while Blizzard, even if it makes *very* dumb mistakes, really do try to make it the best for gamers. They’re still supporting D1 and D2, for instance.

            I’m not making a judgement call on wether that trust is warranted or not, merely that I think that’s the overall perception of gamers (and journalists), even if subconcious.

  23. Skystrider says:

    Is the auction house even legal though? The whole thing sounds a lot like black gambling to me; people get some randomly generated items that can be sold for profit, but what does society get out of it? Does the common good get a share? Taxes? Fees?

    I still don’t have Diablo 3 and have no intension of buying it before Blizzard gives me a proper offline mode, but I really wonder what national and international law has to say about their auction house thing.

    • alundra says:

      It isn’t in korea and who knows where else, it all boils down to two questions, which country puts civil law above corporate (purchased) rights, and who is going to take them to court.

      Pretty much why corporations are doing what they want nowadays, they have the millions to purchase congressmen and to ruin anyone trying to take them to court.

      Supposedly there a few class action lawsuit brewing, one of them confirmed to be in korea, but so far the rest won’t amount to anything more than rumors.

  24. Phoenix says:

    “I have friends who’ve been hit by WoW hacks in spite of their Authenticators, so I still find that a bit hard to believe” No you haven’t. Not if they have a proper keychain authenticator or a smartphone app. Dial-In doesn’t count. Everyone who claims they have been hacked through their proper authenticator has always turned out to be lying, because no one wants to admit they were dumb enough not to download a free program to protect themselves.

  25. phenom_x8 says:

    http://www.vg247.com/2012/06/12/borderlands-2-like-and-unlike-diablo-iii-in-all-the-best-ways/
    We still have this game, don’t worry! Diablo III alike (at least from what the author have wrote)

    • Hoaxfish says:

      funny thing about Borderlands… I’m looking forward to it simply because I find FPS controls much cleaner than Diablo’s clicky clicky-ness (no accidentally running into melee with a ranged character, or running passed them with a melee character, just because you clicked 5 pixels off the hit-box).

      • Euphoric says:

        That’s why they have nifty keybindings. One for “Move” which will ignore enemy hitboxes so you can move out of the way. And one to Force you to stand still, hold the key while you’re attacking and you won’t run forward when they die.
        Nice job hating a game for being uninformed, or even trying to find a solution. That’s the way to solve problems, because whining is so much easier than Googling – or even looking in the games own damn settings.

        • Hoaxfish says:

          No, I’m aware of both Attack (without move) and Move (without attack) possibilities… but personally they are not “clean” UI. FPSes, platformers have all managed to develop a “language” that separates the very common actions into two different “zones” (WASD + mouse, Z/X + arrow keys, etc) rather than overlapping functions on a single mouse press.

          Having to use two hands (key+mouse) to perform the common specific move or attack action, or contextually juggle both with mouse-click accuracy does not make it a “good” answer any more than Mac’s Control+click is as good as Right-click.

          The nearest other example of this sort of “bodged” control system is “Attack Move” command in RTSes (i.e. move to target point, but stop to attack if enemy is in range).

          A possible “solution” is something along the lines of twin-stick shooters (WASD to move, mouse to show directionality and attack).

          They probably have enough money to have a go at re-thinking it, but if they can’t come up with a better solution, then I can still play Borderlands with my “issues”.

          No hate intended, I just don’t like the current state.

          • Euphoric says:

            The Force Stay keybind is the most important out of the two, but regardless – I have both of those bound to mouse keys, M4 and M5. So effectively I’m not using two hands, holding M4 in with my thumb and clicking – I really don’t see the issue.
            In FPS games, I hold a key to crouch – or hold a key to “aim down sights” or look through a scope – at the same time I’m firing with M1. I hold M2 for run forward in FPS games, using S,D,F for strafe left, back, strafe right respectively…I guess I don’t see how you can play any game without using combination KB+mouse for certain controls, all performing either a movement function or a attack function.

          • Hoaxfish says:

            My mouse only has 2 buttons (ignoring the mouse-wheel acting as a 3rd)… obviously I’m not “hardcore” enough.

            Scoping, and crouching can both be designed as toggles… as far as I’m aware, Diablo-likes require the key-combination every time you attack/move… I’m not against key-combos, but I dislike it for the two very common actions of basic movement, and basic attacking… especially in a “button mashing” style game (it’s a “softer” issue for turn-based, auto-attack, etc).

            WASD movement, at the same time as shooting in an FPS is not a key-combo in the sense that you are using both hands to perform a single action… you are performing multiple different actions (your left hand is controlling movement, while your right hand is controlling your attacks, and even then both hands are performing multiple individual actions). Diablo says you use both hands to perform a single action (ignoring 4+ button mice)

          • Euphoric says:

            I see your point, yes in FPS games you have an option to keybind a toggle for crouch etc., I don’t use the toggle. And that it’s that choice vs. being required to hold a key/attack to not move in D3. I guess I just see it as adapting to what I’m dealt – within reason of course. Played Torchlight over the weekend and it had the same exact controls. I’m not sure I’d call a 5 button mouse “hardcore” though.
            My comment on FPS KB+mouse was more towards movement, considering I hold M2 to run forward and while running am strafing/jumping using KB keys and also attacking with M1. But you are correct, it does come down to choice, Force Stay would be nice as a toggle.

  26. Yargh says:

    If Blizzard are selling you lot a service (not me, I opted out of Diablo III due to unreliable internet access and was lucky enough to be able to cancel my pre-order in time) then maybe they should also enter into a Service Level Agreement with you. With pre-set expectations of service and pre-agreed levels of compensation if these expectations are not met.

  27. Kinch says:

    I think it’s sad Blizzard are so focused on their approach of “gear equals skillz”. WoW is a grindfest for better and better items – the same applies to DIII. WoW is boring as fuck, so is Diablo III. Rinse and repeat, rinse and repeat. Ssssshiny itemshssssss…

    RMAH in itself looks like a ridiculous idea. I’m pretty sure the real money AH won’t be available in all countries in the EU as some have quite restrictive regulations regarding “online gambling” (Poland, for example).

  28. FD says:

    There is a very obvious reason Blizzard is doing this. They want to be protected from liability if there is an account compromise and someone loses a lot of real money. Blizzard can claim, correctly, that the steps they are taking are greater then some banks and get a fleet of security experts to say that two token authentication is quite adequate.

    • Vorphalack says:

      Blizzard would still be liable for the lost balance even if the account was authenticator protected. Banks can’t get out of the liability that way and neither will Blizzard.

  29. alundra says:

    Pretty misleading headline, if anything, big time hackers will benefit from small time hackers getting curbed:

    Also, be very, very, very wary of the Real-Money Auction House. All of the account infiltrations are allegedly being stored for the Real-Money Auction House. Mr. Gold wants to make sure that his gold farming institution has a monopoly on Legendary item drops, so that’s another reason he wants Blizzard to update Warden so that they can maintain a steady stream on both selling gold and manipulating commerce for the RMAH. I think the golden nugget of the interview was when Mr. Gold says from their gold farming “Blizzard makes money, too”. It’s true, they will, since they get a 15% cut of all virtual good transactions that are changed into real-money transactions.

    http://www.cinemablend.com/games/Diablo-3-Gold-Farmers-Infiltrate-Countless-Accounts-Saving-Up-RMAH-43343.html

  30. chase4926 says:

    I wish they would stop using the incorrect definition of “hacking” or a “hacker”.
    http://en.wikipedia.org/wiki/Hacker_(programmer_subculture)

    • jrodman says:

      They are both correct definitions, because the word is used to mean both things.

      Unfortunately.

      I’m mostly with you.

  31. Deano2099 says:

    Slightly misleading headline there? And story for that matter?

    You don’t need an authenticator to use the RMAH as far as I can tell.

    You need one to deposit or withdraw money to it.

    It’s a massively crucial difference, because I’d bet that at least half of the people that do use the RMAH would not be doing this. You can sell an item on it, get ‘money’, and use that ‘money’ to bid on other items. It’s just like gold, but it has a direct real-word equivalence IF you have an authenticator.

    • Vorphalack says:

      The RMAH credits your battle.net account, and you cannot add credit without an authenticator. Not misleading at all.

  32. Hug_dealer says:

    Something that has bugged me and my friend confirmed is that the game aalmost requires you to play the auction house. The sheer amount of useless loot you find means for serious grinding without progress. People not using rmah will find themselves way below the curve. Esp because the loot in d3 is the real power of your character. In other games skill and your build points determined alot. Nowits pure loot to build your character nothing else. Blizzard designed the game. Around the rmah and its beginning to show.

    • FD says:

      Exactly how much ends up on the RMAH is an interesting question. I suspect that only the rarest of the rare will go up on the RMAH whereas most of the those second and third tier level 60 items will be available on the regular AH. Especially with the incoming nerfs to inferno I suspect those second and third tier items will be sufficient for clearing inferno.

      • Vorphalack says:

        Considering the number of ways people have already found to dupe gold, and the fact that gold can be farmed indefinitely with little risk, you can expect to see anything worth more than a few cents up on the RMAH. There is literally nothing stopping people camping the gold AH to find things to re-sell, and with the rampant hyper inflation the average gamer will soon find the gold AH prices too high to be reasonable.

  33. Torgen says:

    How does anything except the physical authenticator insure against account hacks? Emulating the smartphone app on your hackable computer isn’t a secure solution. I don’t have a smartphone, much less know how to program for one, so don’t know if trojans are a problem or not. Seems someone could make an app that would look for authenticators on any smartphone it was installed upon, then sent that info to its evil master.

    • Torgen says:

      Ah, it’s one of those synched key generator thingies, like used by Realtors to access the MLS. While it seems emulating this on your computer is still dangerous, the only way I can think off-hand to crack the smartphone version would be to have malicious code giving the hacker remote real-time access to the authenticator on your smartphone.

  34. Moraven says:

    For those that missed the Station Exchange in 2005, Everquest 2s RMAH.

    Paper & Interview going over the 1st year of transactions.

    http://www.gamasutra.com/view/feature/1716/soes_station_exchange__the_.php

    They only had it on 2 servers (not sure how much they expanded it to). Interesting read.

Comment on this story

XHTML: Allowed code: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>