0. Battle.net Mobile Authenticator News 17/06/2009 10:21:34 PDT
If you use the Battle.net Mobile Authenticator and intend to update your iPhone or iPod touch to iPhone OS 3.0, we would like to highly recommend that you first back up your iPhone or iPod touch to your computer using iTunes prior to performing the update. By taking this important precaution, you will be able to quickly restore your previous install of the Battle.net Mobile Authenticator if you encounter any issues during the update process.
For more information, refer to the Battle.net Mobile Authenticator FAQ here: http://eu.battle.net/bma
Community Team - English - ♪~ ( ̄。 ̄ ) . . . Can't keep my eyes from the circling skies, tongue-tied and twisted just an earth-bound misfit - I
3. Re: Battle.net Mobile Authenticator News 21/07/2009 09:53:51 PDT
Let's speculate a bit shall we?
The Mobile Authenticator
---------------------------------
Pending on the available phone list the authenticator is based on embedded Java. Naturally Blizz decided to use embedded Java since it can "bind' the application to the phone's imei address without much security risk.
and the Iphone? (guessing)
----------------------
With the Apple app-store the imei is stored into the program before it is sent to the iphone. This makes swapping impossible even when the phone is jailbroken.
Why not WinMo and/or Andoid phones (prolly)?
----------------------------------------------------------------
WinMo and Android phones have another implementation of Java. Even though it is usually shipped as part of the firmware it's not embedded in the OS. Which means the user can easily install another instance of Java and use that to "fool" the authenticator software or prevent it from binding the correct imei address. This means the authenticator becomes interchangable between phones which makes it a lot less functional as security precaution.
Can we expect WinMo / Android Authenticators? (looking in glass ball)
-----------------------------------------------------------------
Not having Java as a resource is a big disadvantage. Blizzard has to release a .cab file instead which makes the files too vulnerable for modification. Think about it; why isn't the authenticator simply availabe in the game itself? The same answer applies on WinMo and Android.
Some means to surpass that issue is to create a client that uses the internet (umts/edge/etc) to get a generated number. However this is all but safe and that is something you don't particulary want for a mobile authenticator.
What's left?
SMS system? Secure but costly.
Branding an existing smartphone with Mobile Authenticator on it? Lol.. I would surely buy one...
Use a pigeon to retreive your code all the way to Paris? With 11+ mil. players imagine the pigeon poo!!
Soo??!!
-----------
So far of being smart with a smartphone, but there is some light at the horizon. As smartphone owner you are most probably fond of little gadgets. Thingies that are special. Well, be happy... you get to wear 2 special thingies with you.. ur mobile AND the mobile authenticator keychain thingy... well... when they are not sold out that is....
5. Re: Battle.net Mobile Authenticator News 06/08/2009 03:25:24 PDT
On Android, if you buy an app is that app not then linked to your google account? Could they not do something along those lines to make it work for android phones?
6. Re: Battle.net Mobile Authenticator News 06/08/2009 04:01:24 PDT
Q u o t e: On Android, if you buy an app is that app not then linked to your google account? Could they not do something along those lines to make it work for android phones?
The idea behind applications like the authenticators is that they're linked to a single physical device. You'll need to get your hands on the device to get a code. Linking it to an online account instead leaves it open to the same kind of vulnerability that accounts have without an authenticator; the only difference is they'll need to know your google account name and password in addition to your WoW account name and password.
