Forums

Can runescape.com get hacked?

Quick find code: 278-279-107-66102773

of 3
NexOrigin

NexOrigin

Posts: 1,320Mithril Posts by user Forum Profile RuneMetrics Profile
When Mark Gerhard took position of CTO of Jagex, he noted how secure the internal servers were in comparison to what he had been previously working with (banking servers, etc).

Keep in mind, Mark was one of the founders of The Ministry of Data, and worked with quite a few highly secure systems before joining Jagex.

This is a quote from way back when he first took position as Jagex CTO:

Original message details are unavailable.

I heard about the vacancy for a CTO (Chief Technical Officer) at Jagex, but I was also looking at other roles around that time. I tried the game to better understand what Jagex did and was really impressed with the technology and game – the more I found out about Jagex like the platform, proprietary in-house tools, languages and systems, the more I was intrigued. I had a 3 hour interview with Andrew [Gower] which ended up being a being an in-depth IT Security debate and suffice to say I was blown away to learn that Jagex’s approach to IT Security was more rigorous than some of the banks I had consulted for or even the lottery systems we had architected. I instantly realised this was an incredible company with so many high calibre staff at the very cutting edge of so many technology fronts - I just simply had to work for Jagex.

28-May-2019 16:43:29

CM Nick

CM Nick

Local Moderator Posts: 3,603Adamant Posts by user Forum Profile RuneMetrics Profile
NexOrigin said:
When Mark Gerhard took position of CTO of Jagex, he noted how secure the internal servers were in comparison to what he had been previously working with (banking servers, etc).

Keep in mind, Mark was one of the founders of The Ministry of Data, and worked with quite a few highly secure systems before joining Jagex.

This is a quote from way back when he first took position as Jagex CTO:

Original message details are unavailable.

I heard about the vacancy for a CTO (Chief Technical Officer) at Jagex, but I was also looking at other roles around that time. I tried the game to better understand what Jagex did and was really impressed with the technology and game – the more I found out about Jagex like the platform, proprietary in-house tools, languages and systems, the more I was intrigued. I had a 3 hour interview with Andrew [Gower] which ended up being a being an in-depth IT Security debate and suffice to say I was blown away to learn that Jagex’s approach to IT Security was more rigorous than some of the banks I had consulted for or even the lottery systems we had architected. I instantly realised this was an incredible company with so many high calibre staff at the very cutting edge of so many technology fronts - I just simply had to work for Jagex.


Oh wow, this is really interesting, thanks for digging up this quote!
Community Manager for Jagex

| Forum Help | Account Security |

28-May-2019 20:33:29

JoaoNoFind
Dec Member 2018

JoaoNoFind

Posts: 2,629Adamant Posts by user Forum Profile RuneMetrics Profile
In theory? Yes.

In practice? Well, nobody's managed yet, so it must be pretty darn hard, anyway Jagex would probably just lock the accounts of anyone who's ever logged in to the forums, and require a password change for those users.. In addition, if a second password not required to log in to the website (Part of a security thread found here.) were implemented, as well as prevention of simple bank pins (More information found here.), then it might not even be all that damaging!
I made a video game, check it out!
https://discord.gg/KswK8wa https://onelastlight.weebly.***/ http://onelastlight***************/ https://onelastlight-onelastlightwiki.pbworks.***/w/page/134447487/FrontPage

28-May-2019 20:59:51 - Last edited on 28-May-2019 21:00:02 by JoaoNoFind

NonMax Jake
Nov Member 2018

NonMax Jake

Posts: 6,675Rune Posts by user Forum Profile RuneMetrics Profile
2_Tron said:
NonMax Jake said:
Mod Lyon said:
Original message details are unavailable.
Can runescape.com get hacked?


Yes.

Jeremy Cheng said:
Not encouraging it, but I'm wondering if the website's security is 100% safe or there has been data leaks from hackers and players lost bank. Because if the site got hacked jagex keeps tight lipped about it.


Its as safe as can be, to my knowledge there have been no successful attempts on our systems as of yet. Players do not "lose bank" because of database breaches (for example).
To build on this, players "lose bank" because of database breaches occuring outside of Runescape itself. Not Jagex's databases.
What you are suggesting, to my knowledge, is only possible if you use third party software or access a hackers computer thinking that you actually are in contact with Jagex's servers, which is not.
If and when you are in direct contact with Jagex's servers without any inteference of third party software nothing is getting inbetween stealing your data.
I'm suggesting that most accounts that are hacked are a result of some other database leak occuring that's linked to your email. Not a leak or Jagex's databases. This is especially a problem for people with recovery questions that were set a long time ago, as if this information is leaked from a database (you may have used these same questions and answers for an account on some non-runescape related service), your account can be easily recovered (and you can't do anything about it other than ask Jagex to put a note on your account which has not helped in the past).

But just in terms of database leaks finding email addresses, this is an issue. And due to no authenticator delay as well as a lot of people not having 2fa on emails + account + having bank pins, this can be an issue.
Please remember that the forum is not for debating. It is for echoing views only. If you see someone opposing someone else's views, please report this so it can be dealt with.

29-May-2019 11:19:14

Never RIP

Never RIP

Posts: 1,273Mithril Posts by user Forum Profile RuneMetrics Profile
^thats the problem!!!

I'm sick of my emails having complete security over my rs accounts and rs bank.

Why can't ya make an rs auth? Only works with rs accounts.. Unlockable via sms code (which is the security on my email anyway), and bring back JAG! I like those recovery questions (I've still got the answers to my old JAG questions for other accounts written down and saved too).
Skillet? Skill no.

So much moot.

31-May-2019 09:03:57 - Last edited on 31-May-2019 09:09:53 by Never RIP

The contents of this message have been hidden

03-Jun-2019 08:30:00

The contents of this message have been hidden

04-Jun-2019 11:23:40

Scouse
Feb Member 2018

Scouse

Posts: 27,122Sapphire Posts by user Forum Profile RuneMetrics Profile
I doubt anyone would be bothered to hack rs but interfering with the game to cause upset and inconvenience by DDoS'ing would be seen and the "more fun" thing to do by anyone that has a little tech knowledge and lives with their parents and has a basement
Sometimes there is more to life than a computer game, R.I.P, YNWA, Never Forgotten
#JFT96
August 15th 2017, the day Jagex freed me
Liverpool is love, Liverpool is life

07-Jun-2019 22:49:42

Quick find code: 278-279-107-66102773Back to Top