[TERA PC & Console] En Masse is closing, but TERA lives on! We will continue to support TERA PC (NA) and TERA Console until service is transferred. Stay tuned for more information.
[TERA Console] The Grotto of Lost Souls update (v85) is now live! Read the patch notes here: https://bit.ly/TERACon_v85
[TERA PC] The 64-bit update (v97) is now live. Check out all the changes delivered on August 11 here: https://bit.ly/tera64_patchnotes
[TERA PC & CONSOLE] Summerfest Part 2: The Beach Bash is on from August 11 until September 1! Participate in event activities to earn tokens redeemable for costumes, consumables, mounts, and more! Details: https://bit.ly/tera_sf20
The aftermath of xigncode3
This discussion has been closed.
Comments
I guess I'd be interested to know the combination of hardware/software; perhaps it has something to do with 32 vs. 64 bit Windows, the specific version of Windows, or who knows what else. (Maybe if it found a previous version already installed from a different game?) I can say that I tried on a few machines to check for this, and it didn't even ask for admin on any of them, but it doesn't mean it couldn't happen. Could be some reason.
In the end, as I said back in the day, given that the world's largest PC game of 2017 deployed XIGNCODE without the sky falling (and nearly all of the other Korean MMOs on the market here use it), the paranoia people were peddling was always hard to really buy into. On a certain level I get it, but I still feel we should have had a more reasoned discussion about it.
but sky will fall because korean rocket man deployed XIGNCODE missile, he promise us that
afaict it only installs the driver on our version if it can't get perms without installing the driver, so probably just for people who aren't running tera as admin and who have UAC turned up or w/e
windows 64 bit home edition, all updates installed.
I72600k CPU.
32gb ddr3 ram
gtx 780 GPU
MSI Z77A-G43 motherboard.
Prior to ssd destruction -single 500gb san disk ssd.
after ssd destruction-boot drive 500gb san disk ssd and 2 western digital 1 tb hard drives for back up and game storage.
gtx 1050 ti
and if i spent 100 more $ i could get 1060 , but was too greedy for that, so my graphic card is not ready for tera vr
windows home edition is a limited windows what i mean is some features are not available in it I suggest you all go to windows pro i have 64bit runs xigncode with no issues window pro.
Second, I'm a software developer who works in an industry with a high level of scrutiny on cyber security, privacy and data protection. What that means is that I'm basing my opinion purely on the potential concerns around a third party program that scans your files/data, created by an outside developer, who is located in another country that may/may not have the same kind of rules regarding privacy.
Put simply: I think it is completely and totally unacceptable for a program like XIGNCODE to be scanning your files, your history, or any of your other data besides looking at what active processes are running and might be hooked into the game or attempting to modify the game memory. Period. Any other data, files or scanning being done represents crossing a line that in today's world should be absolutely terrifying to anyone who knows the first thing about cyber security.
In my opinion: even if you're doing absolutely nothing wrong (in or out of game), it's completely unsafe to have any program on your computer that has the potential to access your most private data and send it somewhere. Especially if that program isn't made by the game developer or a major player (and recognized as such) in the world of data security. I.E. If Blizzard wants to install anti-cheat on my computer while I'm playing WoW or Diablo 3: I *TRUST* them not to cross a line and to follow industry best practices when it comes to data management and security.
I've never even *heard* of XIGNCODE or Wellbia.com Co., Ltd and from what I can see on their website it doesn't leave me very encouraged. So I, for one... have uninstalled and scrubbed XIGNCODE from my PC and I simply won't be playing Tera. I'm not going to "bypass" it (even if it's easy), because I don't want to risk getting banned even if it's a D3 TurboHud situation where realistically it wouldn't ever happen... because I shouldn't have to take measures to bypass an anti-cheat in a major online game due to there being even the *question* that it's doing something it shouldn't be.
Oh, and for the record: I understand it isn't a rootkit, nor does it get flagged by any of the major malware scanners. I'm not even suggesting that it's a malicious program or that the company behind it has ill-intentions, but to me it's not worth even the slightest risk that my data security could be compromised. If it happens it doesn't matter whether it was a fluke or through negligence. The fact is that some KR company isn't going to give two shits about a player in NA who gets their data stolen and even if they did it isn't much of a consolation getting credit monitoring after your identity gets stolen.
So chalk me up as another user opting not to play the game directly because of XIGNCODE.
P.S. Saying things like "But some of the biggest games in the world use it" isn't a valid argument for a bunch of reasons. Not the least of which is that nearly all of those games are KR/CN games, or that the largest portion of PC gamers are grossly ignorant about what is actually going on with their computer and data. Just because large numbers of people use it doesn't make it acceptable, particularly when they aren't even all using the same installation/version/options. That just introduces additional variables because it means they are taking what amounts to an "off-the-shelf" anti-cheat and modding it for certain games, and that's bad because it means it won't be robust and customized to the degree that something like a Blizzard anti-cheat would be.
I may still play on console here and there, but with as many other great games are available I'm not sure...
p.p.s. Where the hell did that awful username come from... when I made my PC account a few years ago the first time I tried Tera did it really just auto-generate it and not give me the option to select/modify one? Ugh. That's gross.
https://forums.enmasse.com/tera/discussion/20/setting-up-your-account-nickname#latest
And for what it's worth... Considering that Windows applications aren't sandboxed and that it doesn't take any special permissions to do this kind of read-only scan, I'd be much more worried about programs that do it without telling me (potentially anything installed ever) than ones that are announced. Really, your main hangup about it is just that it's by a Korean developer, but so is TERA itself, so I'm not sure I'm going to hold that against them now. But in any case, the decision is obviously yours.
(If people really have sensitive data on their hard drives they would not want leaked, they really need to be super-careful with their permissions, and not run apps as Administrator or as the same user as their sensitive data. And again, this is less because of programs that advertise they're going to scan files to look for known/flagged signatures -- like this one -- but because of programs that will never tell you.)
There's only 3 types of applications you should care about as a casual:
1) Applications that aren't sandboxed (by sandboxie or other means) and are "trusted", which should be BLOCKED by your firewall, permanently (no net access, end of story)
2) Applications that need internet access, such as TERA, which should be SANDBOXED, no exceptions, ever. Even if it's "trusted", security vulnerabilities are a thing.
3) Applications that are untrusted. You probably should run these in a Virtual Machine, if at all. Just don't run them to be safe.
Running a (2) app without a sandbox is just [filtered]. Just because you or Equitas or whoever else don't give a [filtered] doesn't mean others blow their PCs wide open to automated bot attacks, or data leak like you lot. Everyone and their mother said the same thing before the Facebook data leak fiasco, which is the most recent. And the problem is, they never learn no matter how many times it happens. New clueless people will be born, and the cycle continues: they label everyone else as paranoid and the cycle repeats itself, until it happens to them. By which point it is already too late. You can sue all you want but you're not going to get a time machine.
Then they become security/safety advocates while new clueless ignorants are born and the cycle repeats, again. This is by far not the first time I've been through this with ignorant shills.
This is not some theoretical thing, it's how anyone sane should utilize their PC. A PC is not a console, stop assuming everyone uses it that way just to play [filtered] [filtered] games.
So guess why XIGNCODE is bad.
PS: I'm actually shocked for real you thought nobody plays(ed) TERA with a sandbox. Seriously dude, even after the exploit with the chat? Blind shill.
The vast, overwhelming majority of people who play TERA do not use Sandboxie or any other similar program. You know this as well as I do. They just download programs from the Internet and install them. And they're being told to freak out now because XIGNCODE is a thing, even though they've never had any sandbox protections whatsoever all along. So unless you're going to go way back at the very start and get people to realize they've always been at risk inherent to the way they've been using their computers all along, pointing the finger at this is totally missing the forest for the trees.
Actually, no, I didn't think that. But the tiny minority who already practice sandboxing, and understand the reasons and principles behind it, are generally not going to be bothered by this sort of minor hurdle in the first place.
I'm in favor of teaching people how to properly secure their computer and their applications to reduce their security risk. But that's not at all the conversation that has been happening in these many threads. So your pretending like this has really been the issue all along and grandstanding by calling me a shill is pretty rich.
Sure, maybe it is a wonderful program and those dedicated to Tera will be so much better off with it in the game, but that could all change really fast. No one disputes that it opens up a backdoor to Wellbia. So, it's all safe and fine until someone finds that backdoor and starts exploiting it. You'll be like one of those guys with his pants around his knees to advertise the open back door.
No matter what evidence you have against it, nothing will change. Misty plastered the forum with pages and pages of evidence. It doesn't matter, because Xingcode isn't going anywhere. It could have caused loads of people to quit Tera (no, not saying it did), but that still doesn't mean it would go anywhere. It's here to stay, so either love it or leave it.
You know, people usually complain when they, personally, have an issue with something. They don't speak for someone else or the majority. But everyone does that of course, even people in the "majority camp".
Minor hurdle? You mean bypassing Xigncode? First, you assume that everyone who uses Sandboxie "must be cheating" (to consider it a minor hurdle, which it is, for cheaters), which is beyond absurd and fallacious.
Second, avoiding something bad doesn't make it less bad. So I'm calling it out for what it is: a pile of garbage.
Note that it doesn't matter if you trust Wellbia or not. It doesn't matter. I don't know how to emphasize this aspect. There are so many ways that even legit software can be malware. It's called security vulnerabilities, data leaks at Wellbia, hacks and compromised servers, etc. Paranoia? It has happened to far bigger companies, so no, it's pretty high likelihood. And that's just what you know, who knows how many vulnerabilities or breaches are hidden for now?
Trust is not just for malice. It also applies to incompetence.
But like I said, people will never learn, and even those who do learn will have to encounter the new people who didn't experience it yet, which ends in the same cycle all over again. Like they say, a sucker is born every minute.
Okay. If you think that I'm in favor of XIGNCODE or somehow think it's a good thing, you're wrong. I've been against it from the start, mostly because a) it doesn't solve the problem, b) it creates more technical issues, and c) it caused more tension/drama in the community.
What I'm against is arguments that make people who are against XIGNCODE (and this forum in general) sound like crazy/paranoid people. You can "call out" XIGNCODE for being a pile of [filtered] all you want, but what good does that do if you're literally yelling into the void?
Arguments framed as "XIGNCODE is bad because anyone at all sane runs each of their internet-facing applications in a sandbox or VM" are so completely detached from the average customer's reality that no one at EME or BHS will take it seriously. These companies do actually consider arguments like "widespread market adoption for similar Korean MMO projects" and "successful large-scale deployments on popular titles (like PUBG)" and "alignment of anti-cheat solutions across our portfolio of products" as arguments in the software's favor. You might think those are all "bad arguments for suckers," but if there's any chance of affecting a change, they're the ones we have to convince. People might say "it doesn't matter; the decision's already made and the discussions are all academic" -- but it does matter: it continues to set the tone for whether the forum will be taken seriously by anyone in power or not.
Like maybe, as I was trying to say in the first place, we should reframe the argument to start at step one. The first and most significant problem here is that Windows desktop applications aren't sandboxed by default, and people don't understand the inherent risk that poses for every program they install, not just something like XIGNCODE. If we can help people understand that first, then maybe they can get better habits in general. As sandboxing techniques become more popular, anti-cheat solutions will account for this (or even incorporate sandboxing principles as one of their techniques). Obviously that's a long game, but it's a heck of a lot more constructive and useful to people than yelling into the void about XIGNCODE when most people aren't even at the "basic hygiene" step. It's also a lot more likely to be seen as trying to be useful and worth listening to than screeds calling people shills, suckers, and clueless.
No, Misty plastered the forum with pages and pages of unrelated spam with NO evidence.
Misty willingly or not made a reverse campaign on his/her/it's XIGNCODE opinion entirely.
blind paranoid fear because you really don't understand anything AND/OR fear mongering because you hope whoever reads your drivel doesn't know anything. pretty common tactic when someone wants something or wants something done but doesn't have a legitimate avenue, facts, reality, evidence or anything else to make a coherent and persuasive argument.
oh, and nice slippery slope fallacy...just because someone CAN do something doesn't mean they WILL, just because SOME software can contain security flaws doesn't mean all software does. but hey, nice try, what else ya got kid?