I thought… therefore I knew….
And what do I know? I know I'm not buying Minecraft until Notch ups his security.I don't want my account information (Username AND password) being sent unencrypted; easy pickings, even for me. Also, bypassing Server Auth was a piece of cake. I can now log into any server (Besides servers with a whitelist) without needing an account on minecraft.net, And how did I do this? Completely by accident (OK, not completely. I knew the auth codes). I installed Apache httpd to use for php practice, made a fake file that Minecraft 'reads' it's authorization from (It only looks for 'ok' and 'YES', dammit XD)During the process, I touched not one of the Minecraft files. Medium-long story short, I'm not buying Minecraft until Notch starts adding some proper authentication.
Note: Be glad it doesn't work with Bukkit. hey0 and the default server are vulnerable, and I had great fun today kicking people off various servers (You have logged in from another location).
You speak as if hacking others' accounts is actually beneficial in Minecraft. When you can have as many worlds as you want, I doubt people are going to be getting into your account just for another one. You can't steal items or anything, just save yourself $20 if you haven't bought it yet.
Then again, you guys play online.lmao very professional of Notch. sounds like a ton of fun for hackers though. (which means disaster is right around the corner)
Kilin: Minecraft worlds are stored offline, not online.
Don't make me hack your blog!
Just looking at the minecraft's payment and account system looks like it would be vulnerable. What fascinates me is that with all the money pouring into them they cant add some more security to it…
Ah well.Doesn't he just have to add a few more blocks here and there, and BOOM thar be your security?
It'll be done with a redstone circuit.
Cool, so when do we intend to convey the message to notch by buying me 10,000 Minecrafts?