Hackers managed to figure out the algorithm used by Microsoft to generate promotional codes tied to XBox Live, costing Redmond an estimated $1.2m before it put a stop to the scam. The algorithm created 160 counterfeit MS points, the currency used on XBox Live, at each iteration. "Hackers found an algorithm to add to existing, …
That estimate of $1.2M has already been debunked: http://arstechnica.com/gaming/news/2011/03/xbox-live-points-hack-cost-microsoft-thousands-not-millions.ars
Thank goodness for that!
I was about to send poor Billy G a cheque to help him cover the costs.
If it's only thousands I reckon, if he tightens his family budget, starts shopping at Lidl etc. he should be able to cover it in a matter of months.
Did it really set them back anything?
Can these points be converted back to real dollars?
They do not have intrinsic value, it's just that Microsoft has chosen to allocate a value to them... So they've lost a potential $1.2M in revenue, but it certainly hasn't cost them $1.2M! I wouldn't expect a liability of $1.2M to suddenly appear on MIcrosoft's ledger for this.
I'd argue that it's cost them nothing. Mind you, I'm reading Cory Doctorow's For The Win at the moment, so that might explain this point of view!
A lot of the stuff available for points is other people's stuff, and Microsoft have to pay for it. The loss isn't the "buy" value of the points, but it could still be substantial.
Well thought out plan
Trying to reimburse forged codes to a personally identifiable account is pretty stupid. These idiots will be lucky if MS just resets their points to what they were. I expect the worst offenders will have their XBL account sent to banheim and will receive a knock on the door from Mr Plod.
It is akin to having a shop that uses its own currency, someone finding a way to counterfeit that currency, going and using it at that shop, but writing their real name and address on the back of every single note. You might as well just tattoo the word 'fraudster' on your forehead and be done with it.
Did the system actually record the legit codes that were generated and given out (and hence MS can just find anyone who used a code that wasn't officially issued), or did the system just regard every code as equal, provided it fit the algorithm?
If it's the latter, I don't see how MS could discriminate between people who used codes they got legally and those who used an illegal code. Sure, maybe if someone used 200 codes in a 10 minute timespan it'd be obvious, but if they just used the one?
But I got my code from completing an online survey...
...on some random site that looked genuine ;o)
Be careful out there...
I have to say that anyone falling foul of malware in an attempt to gain free MS points pretty much has it coming to them.
Grumble, I must be getting old or something...
Well, if you buy anything with MS Points, some of that obviously gets converted to hard cash for payment to the Publisher/Developer, so in theory it may have cost them something.
Probably not much in terms of real cash though
Hopefully they can come up with something for Farmville too ?
Load of crap.
Load of crap this is. They've made all that effort for a load of crap.
Did anyone else think...
Free money cheat?!
10 million Kinects Sold
Well congratulations to Microsoft!
They now have 10 million+ Kinect devices in the wild.
Apparently, Guinness has certified the sales within the first 6 weeks a world record, which is more than can be said about Move.
Suck it up, MS
Microsoft will potentially be screwing a lot of people over if it does eliminate all of the points created in this manner. And there is a perfectly valid defense for any customer accused of creating the points fraudulently, which is almost undoubtedly true in some of these cases.
It is very unlikely that someone did not take advantage of this code creation ability to sell discount microsoft points for real money. If a customer was duped in this manner, and Microsoft then takes the points from them, the customer will essentially be held responsible for Microsoft's security error. Not good business. If it really is only a few thousand dollars worth of liability, Microsoft can afford to suck it up to avoid a potential PR shitstorm when it takes a hundred dollars worth of MS points from a dyslexic kid who didn't know he was doing anything wrong...
- Apple stuns world with rare SEVEN-way split: What does that mean?
- Special report Reg probe bombshell: How we HACKED mobile voicemail without a PIN
- RIP net neutrality? FCC boss mulls 'two-speed internet'
- Sony Xperia Z2: 4K vid, great audio, waterproof ... Oh, and you can make a phone call
- Pic Tooled-up Ryobi girl takes nine-inch grinder to Asus beach babe