riots new payment system isnt secure. dont use it.

First Riot Post
Comment below rating threshold, click here to show it.

Master Yi is UP

Senior Member

08-20-2013

Quote:
Originally Posted by Vesh View Post
Some clarification here - the transaction IDs are randomly generated guids and do not contain any information about credit cards or other billing info.

this is entirely separate from the hashed cards that were used for a specific payment system in 2011. these transaction IDs do not reveal anything about your billing or payment information. they are basically equivalent to receipt numbers.
Also, Jason is about to come to the GD, to shatter the veil of lies.

Mark my words.


Comment below rating threshold, click here to show it.

pld96

Senior Member

08-20-2013

Quote:
Originally Posted by Vesh View Post
Some clarification here - the transaction IDs are randomly generated guids and do not contain any information about credit cards or other billing info.

this is entirely separate from the hashed cards that were used for a specific payment system in 2011. these transaction IDs do not reveal anything about your billing or payment information. they are basically equivalent to receipt numbers.
First of all, if someone has access to the transactions IDs, can't they trackback the buyer's and the seller's IDs (aswell as the product bought, the date, the buyer's address...)?
Secondly, a breach into one of your storage means it might open a path into a more sensitive storage(like players accounts). I know you will say ''there is no data at risk at the moment...'' but is there extra security in place to make sure all the breach is isolated and won't open a path into another storage( yes, that's implying there is a breach into the transactions IDs storage)


Comment below rating threshold, click here to show it.

orghak 6

Member

08-20-2013

Quote:
Originally Posted by pld96 View Post
First of all, if someone has access to the transactions IDs, can't they trackback the buyer's and the seller's IDs (aswell as the product bought, the date, the buyer's address...)?
Secondly, a breach into one of your storage means it might open a path into a more sensitive storage(like players accounts). I know you will say ''there is no data at risk at the moment...'' but is there extra security in place to make sure all the breach is isolated and won't open a path into another storage( yes, that's implying there is a breach into the transactions IDs storage)
Isn't it funny how this Riot post is so bad yet it still gets mindlessly upvoted?


Comment below rating threshold, click here to show it.

Foredoom098

Member

08-20-2013

Quote:
Originally Posted by orghak 6 View Post
You're to uneducated on this to even post. Lemme guess, this is the first time you see those Riot posts? Do you even know who Devil/PvP/Jason is?

Attachment 762876
I do actually, despite my low post count I do visit these forums quite often and read.

Your just pissed I just mind ****ed your head to the point you mad that im right. The main point of that post, and yes im dumbing this down for you so your third grade IQ can understand, "We cannot trust Riot but we have to trust them as they are the only ones they will be able to fix this **** mess and we will just have to ride it out"

That better for you honey bun? Or do i need to airplane spoon feed you this **** as well?


Comment below rating threshold, click here to show it.

Shiister

This user has referred a friend to League of Legends, click for more information

Senior Member

08-20-2013

Quote:
Originally Posted by orghak 6 View Post
How do we know we can actually trust you? There have been so many false Riot posts on this issue it's nauseating.

i.e. http://forums.na.leagueoflegends.com...=#post40782722
I rather trust Riot's word than assumptions


Comment below rating threshold, click here to show it.

Jayarrrrr

Member

08-20-2013

Quote:
Originally Posted by orghak 6 View Post
How do we know we can actually trust you? There have been so many false Riot posts on this issue it's nauseating.

i.e. http://forums.na.leagueoflegends.com...=#post40782722
With proof like this, why are people still upvoting the reds who are continuously, and belligerently still trying to cover this up/deleting threads/manipulating posts to try to make it look like they weren't just trying to cover this whole thing up a mere few days ago? The only thing more disgusting than the way Riot is handling this are the idiots who are believing and supporting them after coming into the discussion several days late only to see what Rioters are posting now opposed to what was posted last week. The only difference between then and now is that Riot now realizes this is too big to cover up. Now they are trying to deflect.


Comment below rating threshold, click here to show it.

orghak 6

Member

08-20-2013

Quote:
Originally Posted by Foredoom098 View Post
I do actually, despite my low post count I do visit these forums quite often and read.

Your just pissed I just mind ****ed your head to the point you mad that im right. The main point of that post, and yes im dumbing this down for you so your third grade IQ can understand, "We cannot trust Riot but we have to trust them as they are the only ones they will be able to fix this **** mess and we will just have to ride it out"

That better for you honey bun? Or do i need to airplane spoon feed you this **** as well?
http://forums.na.leagueoflegends.com...=#post40782722

All claimed to be Riot, all were lies. Quite possibly the hacker himself. All were extremely vague. You're wasting your time mate, clearly you're a couple of crows short of a murder.


Comment below rating threshold, click here to show it.

Zoram

Senior Member

08-20-2013

@vesh does this mean I can get 1000rpandsilentnightsonaNEVERFORGET? :P

No but really I am scared and have no freaking idea what any of this security breach mumbo jumbo means. Its just insult to injury since I've been unable to play ranked due to unstable connection to the servers with this whole comcast thing that no one has done anything about.

It is all just culminating into a mess. I'm really freaked out. Is my account safe, is my email safe, is my paypal safe, is my credit/debit card safe? What is going ON? the announcement just confused and scared me.


Comment below rating threshold, click here to show it.

Fan Weilin

Senior Member

08-20-2013

Quote:
Originally Posted by Vesh View Post
Some clarification here - the transaction IDs are randomly generated guids and do not contain any information about credit cards or other billing info.

this is entirely separate from the hashed cards that were used for a specific payment system in 2011. these transaction IDs do not reveal anything about your billing or payment information. they are basically equivalent to receipt numbers.
Thankfully from all the red posts across the forums I'm able to get a clearer picture, and for the most part my fears have been allayed.


Are the GUIDs being stored in a plaintext format? It would make sense if this was salt/hashed and hopefully it was a one way encryption IE a SHA-2 not a SHA-1 or woe is me just an md5().....


I remember reading an article on a new encryption solution that was designed to ruin brute force attacks. I'll try to find it.


not sure if you can even answer this due to exposing security hooks.

but meh... <3


Comment below rating threshold, click here to show it.

marisgard

Member

08-20-2013

Challenge me futher and witness your fall.

-Jason