Mobile Phones

Faltering Facebook phone's Europe launch delayed

On 27 May 2013 |0 comments

The European launch of the "Facebook phone" has been delayed following disappointing US sales and negative feedback. The HTC handset runs Facebook's enhan

MWC: Top 10 mobile industry insights from Barcelona bash

On 04 Mar 2013 |0 comments

Mobile World Congress (MWC) has been and gone, giving the mobile community a chance to come together and show off their latest products in Barcelona, while no

Tablets

Nook tablets join Barnes & Noble's UK line-up

On 26 Sep 2012 |0 comments

US book chain Barnes & Noble plans to launch new Nook tablets alongside its e-readers in the UK later this year. They will compete against products

South Korea rules Apple and Samsung infringed patents

On 23 Aug 2012 |0 comments

A South Korean court has ruled that Apple and Samsung both infringed each other's patents on mobile devices. The court imposed a limited ban on national sal

Cameras

Olympus TG-1, toughest ever compact camera?

On 08 May 2012 |0 comments

Waterproof, crushproof, freezeproof Olympus has officially unveiled a compact camera that the manufacturer promises will deliver expert shots at up to 12 m

TIPA Names 2012 Award Winners

On 19 Apr 2012 |0 comments

The Technical Image Press Association (TIPA) has announced the winners of its annual Awards for the best photographic and imaging products of 2012. Headlin

Laptops

Google Chrome OS computers updated with faster processors

On 30 May 2012 |1 comments

Google has announced new computers running on its Chrome operating system.   The Samsung-manufactured laptop and desktop PCs include processors base

Apple's Tim Cook rejects idea of laptop-tablet hybrids

On 25 Apr 2012 |0 comments

Apple's boss has dismissed the idea of mixing laptops and tablets into a hybrid product.   Chief executive Tim Cook said the idea of combining the iPa

Other Recent Articles

Amazon signs lease on 210,000 sq ft central London offices

On 31 May 2013 | 0 Comments

Amazon has signed the lease on prime central London offices to accommodate 1,600 staff as it expands further into sectors such as book publishing and televisio

Microsoft 'U-turn' sees Start button back on Windows 8

On 31 May 2013 | 0 Comments

Microsoft has confirmed a Start button is returning to the desktop mode's taskbar of its Windows 8 operating system. The lack of the facility - which had be

Apple 1 from 1976 signed by Wozniak sells for $650,000

On 27 May 2013 | 0 Comments

An original Apple 1 computer from 1976 - one of only six still in working order - has sold at auction in Germany for more than 500,000 euros ($650,000). Th

Faltering Facebook phone's Europe launch delayed

On 27 May 2013 | 0 Comments

The European launch of the "Facebook phone" has been delayed following disappointing US sales and negative feedback. The HTC handset runs Facebook's enhan

MWC: Top 10 mobile industry insights from Barcelona bash

On 04 Mar 2013 | 0 Comments

Mobile World Congress (MWC) has been and gone, giving the mobile community a chance to come together and show off their latest products in Barcelona, while no

Burger King's Twitter account hacked

On 18 Feb 2013 | 0 Comments

Burger King's Twitter account appeared to have fallen victim to hackers on Monday as it began sending out pro-McDonald's messages and the occasional rap video

Xbox.com has been hacked claim users - update: Microsoft response

By Anonymous on Sunday, January 15, 2012 0 comments

Possible evidence that Xbox.com has been hacked has emerged in the US, suggesting that the Microsoft Points scandal really does have more to it than just phishing scams.


Despite hundreds of users - including many writing into the Inbox - reporting that their accounts have been illegally accessed, Microsoft has claimed that the problem is due to phishing scams, malware and other indirect methods.

Most Xbox Live users are convinced that it’s more serious than that, and that Xbox Live has been hacked, but up until now there’s been no evidence of that – from either Microsoft or independent investigators.

But now website AnalogHype is claiming that the problem is with Xbox.com and that accounts are being hacked. A network infrastructure manager called Jason Coutee contacted the website after 8,000 Microsoft Points were purchased on his account by persons unknown.
Microsoft support didn’t prove much help and so he investigated the problems on his own, concluding that website Xbox.com is the root of the problem. According to him hackers have been googling gamertags mentioned on Facebook, Twitter and the like to uncover valid Windows Live IDs.

Once they find a valid one they then use an automated script to discover the password, via what sounds like a pretty sloppy bit of security on Microsoft’s part.

Whether any of this is true we’ve no idea, we’re certainly not network infrastructure managers, but we’ve put a call into Microsoft to see if they’ve got any update. Coutee’s investigation makes no mention of EA or FIFA 12, which are commonly reported as being somehow involved, so whether this is the whole story or not is also unclear.

UPDATE: The following response is the current official line from Microsoft:

'Microsoft can confirm that there has been no breach to the security of our Xbox Live service.The online safety of Xbox Live members remains of the utmost importance, which is why we consistently take measures to protect Xbox Live against ever-changing threats. Security in the technology industry is an ongoing process, and with each new form of technology designed to deter attacks, the attackers try to find new ways to subvert it.

We continue to evolve our security features and processes to ensure Xbox Live customers information is secure. Online fraud and identity theft are industry-wide problems, and as such people using any online services should set strong passwords, not share those passwords across multiple services and refrain from sharing any personal details that could leave them vulnerable.

As always, we highly recommend our members follow the Xbox Live Account Security guidance provided at http://xbox.com/security to protect your account.'

Additional Q&A

Q: Why did Microsoft not listen to Jason Coutee when he called to talk about this issue?

A: For security reasons, we do not publicly discuss the architecture of the Xbox Live system or account security. We direct concerned customers to the forums where we monitor for topics such as security concerns. Security in the technology industry is an ever-changing process. With each new form of technology designed to deter attacks, the attackers find new ways to subvert it. We continue to evolve our security features and processes to ensure Xbox Live customers information is secure.

Q: Any comment from Microsoft on the loophole identified on Xbox.com?

A: This is not a 'loophole' in Xbox.com. The hacking technique outlined is an example of brute force attacks and is an industry-wide issue.

Q: Is this indicative of an increase in Microsoft’s security risk?

A: No. We place great importance on the privacy of our customers’ information and the safety of their experience online. We investigate all reported cases and resolve issues as quickly as possible.

Q: How can people avoid this type of thing from happening?

A: We take great measures to improve the security of customer information and as with any online service we recommend customers set strong passwords and refrain from sharing any personal details that could leave them vulnerable. You can find more information on improving the security of your information at http://support.xbox.com/en-us/pages/xbox-live/how-to/account-security.aspx.

Q: It seems like Microsoft has known about account hijackings for years, but is unwilling or unable to build in steps to prevent it from happening. What is taking you so long to fix this issue?

A: Security in the technology industry is an ever-changing process. With each new form of technology designed to deter attacks, the attackers try to find new ways to subvert it. Over time account security features have been added to help protect our customers' accounts (such as Trusted PC and Strong Secondary Proofs available from Live.com) and we will continue to add features and processes that help protect our problems. People attempting to hack someone’s account need to be aware that engaging in identity theft, trading in stolen accounts, and committing credit card fraud is all illegal, and those involved in this activity risk criminal prosecution.




By GameCentral - 13th January, 2012
http://www.metro.co.uk/tech/games/887330-xbox-com-has-been-hacked-claim-users-update-microsoft-response

Category: Gaming News

0 comments:

Post a Comment