«

»

RealID on Forums is an Identity Threat

Micah Whipple, aka Blizzard CM Bashiok, made the mistake of giving out his name on the WoW forums. He has since been e-stalked, voraciously, on Facebook, Myspace, Photobucket, and other such sites. His address and phone number have been publically released and his home has been called, repeatedly, ever since.. They are no longer answering their phone. Micah's Facebook has also been locked down.

This topic has been talked to death already, so I won’t rail on it too hard. I don’t like it. Even though I believe that it probably will decrease the amount of forum trolls, it’s still too big of a risk for me to be able to support.

From a former banker’s perspective, it’s absolutely short sighted. I’m talking, of course, about the risks for identity theft. Keen and others might think it’s silly but they’re not getting the whole picture. With just your name, it’s unlikely you’ll have anything happen to you. But, add into that, say, an address and you have a whole different can of worms.

It’s amazing the paid services you can rack up with just someone’s name and address. From there, it’s as simple as running a computer program to spoof an account number or debit card– usually a card, the big issuers algorithms have been broken for a long time (I was surprised to see a detailed description of how to spoof a Visa in a recent edition of the 2600 – available at a grocery store near you!). When we’d take fraud claims, it wasn’t uncommon for someone to have simple information stolen from them and find themselves getting mysteriously billed later that month. And, let me tell you, those people had an uphill battle ahead of them to fix their credit.

Let me preface the following statement with this one: most forum users will never have a problem. But, if your name is listed in the phone book, you’re putting yourself at risk.

In a world where Blizzard exists in a vacuum, they can claim to have thought this through. Right about now, though, I’d rather keep the rolls than switch to a Real ID forum. At least now they can’t give out my address and phone number when they get mad.

PS: I found this thread at WoW Riot pretty interesting. It seems one of Blizzard’s CMs decided to prove how safe it was to give out his real name. The ever diligent trollbase was quick to expose just about his entire personal life and harass his family (tsk, tsk… working at Blizzard means unlisting your phone number it seems). I wonder how much his mother supports the move? Seriously, they have pictures of his house. But, hey, once people get your name and address, looking them up on Local.Live is only natural, right?

Hey Gordon, I think I see your house. And your pool. And… naked Gordon! Skinny dipping! Must cleanse eyes! Baah!

PPS: Looks like Keen tested the system and failed too. I’m glad to see him acknowledge the privacy concerns.

5 comments

4 pings

Skip to comment form

  1. Chris "Syeric" Coke

    A thought occurred to me after posting this article: what about tech support? To get proper support, we’re required to opt-in to this “service?” I resent that. What’s worse is that, most times, calling their phone support line for computer questions results in being directed to the forums. I don’t like being forced into sharing my personal information because I can’t get my MMO to work right. That’s just shy of mandating anyone without a wealth of computer knowledge to use RealID.

    Someone at Blizzard must have realized that giving out your name is like giving out your mailing address. I don’t know about you, but if this goes through, I’ll never touch their forums again.

  2. KalibreOnline -Games, Life and Ent

    I had to post something about this on my blog as well. Could it be that they are aiming to have their own social networking portal?

  3. We Fly Spitfires

    This is where I reveal that my real name isn’t Gordon and actually it’s all just fictitious guise in order to reserve my online privacy!! :D

  4. Victor Stillwater

    I found this link on Blizzard and Facebook interesting, but I don’t understand all the portents it could hold. Care to simplify it for me?

    http://content.usatoday.com/communities/gamehunters/post/2010/05/blizzard-and-facebooks-friendly-social-networking-deal-launches-with-starcraft-ii-/1

    1. Chris

      Wow. That’s actually pretty funny. We all said they were trying to tap into the Facebook money, and they’re LITERALLY tapping into the Facebook money! Hah! Well, maybe not quite, but it’s still pretty interesting.

      On one hand, I don’t like RealID in general, and definitely not the forums change, but I like the idea of Battle.net checking which of my FB friends has a b.net account. On the other, I don’t necessarily think expanding the scope of WoW’s player relationships is such a great idea. If people want it known that they’re a big WoW player, they’ll do that on their own without Blizzard’s Draconian auto opt-in practices.

      It also seems to me that this will probably just be a start. It took them two months to make the first step. From here, I’d bet we see more integration. Pretty soon we may be getting our own WoW facebook addon.

  1. Pay For Your Trolling With Your Good Name « Procrastination Amplification

    [...] the security risk of giving away your real name art all.There are enough real names to be had anywayChris “Syeric” Coke talks about how real names in combination with other information such as an address can be used for [...]

  2. LAGWAR | GAMING'S BEST IN TOP NOTCH MEDIOCRITY » Blog Archive » SAR: Warcraft – Merging With the Network

    [...] everyone is comfortable letting the world know their name. I wrote on my personal blog about the added risks of identity theft. That doesn’t even consider the potential power trolls can wield over users [...]

  3. The Best Of The Rest: Real ID Forum Fiasco Edition | We Fly Spitfires - MMORPG Blog

    [...] Chris thinks it’s an identity risk. [...]

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

CommentLuv badge