Getting real tired of your s*%t EA

[THE_EVIL_RAPIER]

don't need to prove it EA already did FIFA coins are tied to the account they where created from so either he sold them or was using a script to farm them

Maybe... Maybe not.... I'm going on the assumption here that EA are not perfect, But they may have made a mistake. Again what gain would he have by posting here? None that I see.
And calling someone a scumbag is still not really the way to get your point across.
Anyway. I'm not going to argue with anyone over this. I was merely making an observation.

 

[Frick]

snip

Thanked for the disruptive hilarity.

 

[z1tu]

don't need to prove it EA already did FIFA coins are tied to the account they where created from so either he sold them or was using a script to farm them

EA for all there other problems does hand check accounts before closure if somebody had indeed hacked the account EA would have caught it believe it iv had it happen and if his FUT account was set up properly the would be "hackers" would have had to know his security question before they would have been allowed to login from a new location
http://www.easports.com/fifa/news/2014/fifa-ultimate-team-account-safety-us

Are you for real? Have you even researched this at all? I've found people from 2012 and 2013 who had the same problem. Heck one of them only played 3 matches with the AI and had his account blocked because of this even though he hadn't even played online at all (http://teamipx.net/blog/somtin/2013/04/13/ea-fucked-up-again), the guy had 193 hours of playtime on his account when he only played 3 times...But yeah, you know better, someone can't hack into your account unless they know your security question, this never happened before, with anything ever...I mean, my wow account probably wasn't even broken into back in the day and had been farming gold...yeah I was probably doing that too, what an idiot I must be...

 

[z1tu]

"New to FUT?

To create your Secret Question and Answer on Xbox 360, Xbox One, PlayStation 4, PlayStation 3 and PC, you must first create a FIFA Ultimate Team (FUT):

1. Select ‘Ultimate Team’ from the Main Menu within the game and proceed through the Tutorials.
2. Then setup a Secret Question & Answer the second time you login to FUT. "

I never did this, I never had to create a FUT account, nor have I ever played it, I don't know if you create a separate account for ultimate team but if you have to setup a security question just for this I would assume that you would receive an email, like any other security measure and accounts creation? I received no such email, ever, because I never played FUT, how could they not see that on the account?

 

[FordGT90Concept]

I'm thinking what most likely happened is information was stolen from EA and EA didn't detect it and/or admit it. So they're permabanning all of the accounts that violate TOS no-questions-asked/no-answers-given.

EA deserves that poo award they earned two years running.

 

[z1tu]

I'm thinking what most likely happened is information was stolen from EA and EA didn't detect it and/or admit it. So they're permabanning all of the accounts they violate TOS no-questions-asked/no-answers-given.

EA deserves that poo award they earned two years running.

Man, I swear, if it would've been just fifa to be blocked, I wouldn't have gone this far because I stopped caring about it when I stopped playing, I was sick of the bugs and also not a very good player to begin with. But this is just too much...

 

[FordGT90Concept]

I'd feel the same in your shoes. EA's policy of banning the entire Origin account instead of just FIFA-related content is bull.

BBB might be an option for you:
http://www.bbb.org/greater-san-fran...ts-in-san-francisco-ca-64196/file-a-complaint

All complaints are processed by local BBBs, most often the BBB where the company is located.

Electronic Arts is in Redwood, CA. Romania isn't an option though. There is a "Federal or no state speci" which I assume is supposed to be "specified." That may be applicable in your case.

 

[z1tu]

I'd feel the same in your shoes. EA's policy of banning the entire Origin account instead of just FIFA-related content is bull.

BBB might be an option for you:
http://www.bbb.org/greater-san-fran...ts-in-san-francisco-ca-64196/file-a-complaint

Electronic Arts is in Redwood, CA. Romania isn't an option though. There is a "Federal or no state speci" which I assume is supposed to be "specified." That may be applicable in your case.

Hmm, never thought about threatening with the BBB, thought it was exclusive to the US citizens. I'm going to explore that too, thanks.

 

[newtekie1]

"New to FUT?

To create your Secret Question and Answer on Xbox 360, Xbox One, PlayStation 4, PlayStation 3 and PC, you must first create a FIFA Ultimate Team (FUT):

1. Select ‘Ultimate Team’ from the Main Menu within the game and proceed through the Tutorials.
2. Then setup a Secret Question & Answer the second time you login to FUT. "

I never did this, I never had to create a FUT account, nor have I ever played it, I don't know if you create a separate account for ultimate team but if you have to setup a security question just for this I would assume that you would receive an email, like any other security measure and accounts creation? I received no such email, ever, because I never played FUT, how could they not see that on the account?

Probably because a hacker using your account looks just like you using your account if you never set up the security. At this point it is pretty obvious that your account was used to violate the EULA an the ban was justified. Again, it is your responsibility, not EAs, to make sure your account is secure from being hacked and mis-used.

I'm thinking what most likely happened is information was stolen from EA and EA didn't detect it and/or admit it. So they're permabanning all of the accounts they violate TOS no-questions-asked/no-answers-given.

I don't really see any evidence of that. I just see a bunch of people getting their account hacked by using weak passwords and then trying to shift the blame.

I'd feel the same in your shoes. EA's policy of banning the entire Origin account instead of just FIFA-related content is bull.

Steam uses the same policy. In fact they state very bluntly that VAC bans are permanent, and they won't even consider un-banning the account. If you cheat in one game, your entire account is gone, with all your games. They are a little bit lax on suspended account due to things like payment disputes and stuff, but serious violations gets the entire account permabanned.

The world we live in has forced it so you are responsible for your accounts actions. Claiming a hacker did it is not a valid excuse anymore. This is why 2-Step verification exists on both Origin and Steam. With 2-step verification it makes it extremely difficult to hack into an account. The hacker would not only have to know your Username and Password, but break into your email account as well. And if you are using gmail with 2-step verification then it is pretty much impossible for them to get in.

And of course the reason for all of this is that it is no longer a simple thing to say "The IP address that 'hacked' into my account was from a different country. The IP address from the other country is the one that did the bad things, it wasn't me I swear." There are so many services, some even free, that mask your real IP address and make it appear like you someplace different. That is why the burden has switch to the user to secure their account and make sure it isn't used for things that violate the TOS/EULA. It is too easy for a user to hop on one of the services, make it look like they are in a totally different country, violate the TOS/EULA, then when the account is banned say it wasn't them just look, the IP was in a different country. I'm not saying that is what has happened in this situation, I'm just saying that is why the burden is now on the user and they won't unban an account just based on the IP that accessed it being different.

Yes, they could just ban the account from the one game, but their policy is to ban the entire account. And I can see why. If you are willing to violate the TOS/EULA in one game, you're likely willing to do it in all the games, so banning the whole account is the smart thing to do from a company standpoint.

 

[FordGT90Concept]

If you are willing to violate the TOS/EULA in one game, you're likely willing to do it in all the games, so banning the whole account is the smart thing to do from a company standpoint.

Except it is not you, it is a criminal. Exceptions must be made for identity theft and automated systems (like Steam's new computer verification) should be able to prevent identity theft.

Even so, consumer protection laws forbid what these businesses are doing which is effectively seizing property without compensation. Even if you use a weapon to commit a crime, that weapon still has value and they do not have the authority to seize it without warrant (see 4th amendment). Yes, yes, it's a subscription and all but if you're paying a fee for a specific product on a service and the service decides to deny you access to said product, you should be reimbursed (at least in part) the fee you paid them. This doesn't apply to subscription services with regular service charges (e.g. Netflix) where you're paying for access to an entire library, not just a single product on the library. I don't think this subscription model (like Steam) has been challenged in court. I doubt it would stand if tried.

 

[z1tu]

Probably because a hacker using your account looks just like you using your account if you never set up the security. At this point it is pretty obvious that your account was used to violate the EULA an the ban was justified. Again, it is your responsibility, not EAs, to make sure your account is secure from being hacked and mis-used.



I don't really see any evidence of that. I just see a bunch of people getting their account hacked by using weak passwords and then trying to shift the blame.



Steam uses the same policy. In fact they state very bluntly that VAC bans are permanent, and they won't even consider un-banning the account. If you cheat in one game, your entire account is gone, with all your games. They are a little bit lax on suspended account due to things like payment disputes and stuff, but serious violations gets the entire account permabanned.

The world we live in has forced it so you are responsible for your accounts actions. Claiming a hacker did it is not a valid excuse anymore. This is why 2-Step verification exists on both Origin and Steam. With 2-step verification it makes it extremely difficult to hack into an account. The hacker would not only have to know your Username and Password, but break into your email account as well. And if you are using gmail with 2-step verification then it is pretty much impossible for them to get in.

And of course the reason for all of this is that it is no longer a simple thing to say "The IP address that 'hacked' into my account was from a different country. The IP address from the other country is the one that did the bad things, it wasn't me I swear." There are so many services, some even free, that mask your real IP address and make it appear like you someplace different. That is why the burden has switch to the user to secure their account and make sure it isn't used for things that violate the TOS/EULA. It is too easy for a user to hop on one of the services, make it look like they are in a totally different country, violate the TOS/EULA, then when the account is banned say it wasn't them just look, the IP was in a different country. I'm not saying that is what has happened in this situation, I'm just saying that is why the burden is now on the user and they won't unban an account just based on the IP that accessed it being different.

Yes, they could just ban the account from the one game, but their policy is to ban the entire account. And I can see why. If you are willing to violate the TOS/EULA in one game, you're likely willing to do it in all the games, so banning the whole account is the smart thing to do from a company standpoint.

I already have a security question on my origin account and a strong password. I don't know why you would assume I have a weak password, just because I got hacked. My wow account got hacked many years ago when I had an authenticator on my phone, 2 tier verification system, so how do you explain that? It's easy for people to say "it's your fault you got hacked, you deserve this, just like with the recent icloud scandals. I really hope something like this never happens to you, but let me tell you, it sucks. It sucks to know I paid someone money to provide me with a service, went through the steps to secure my account and then have my account hacked and blocked at the same time. I don't understand why people say that if you have a strong password and 2-tier verification system, your account is hacker proof, that's not how it works. Sure, your account is much safer but it's still not impossible to hack. Yeah, there are services which mask your IP, so what, now companies have to go by "guilty until proven innocent"? Why are you so quick to throw the blame on me? I have a life, a job, I want to relax and play some games in my spare time among other things, should I just live in a bunker with my own ISP in my own network and not have to rely on the service providers to help me when one of their paying customers has their account hijacked by someone who probably has more knowledge about hacking into an account then you or I? So, at this point, everyone should take responsibility of every service they purchase, the provider isn't responsible for anything, not even to actually provide the service(as stated in the EULA)?

 

[newtekie1]

Except it is not you, it is a criminal. Exceptions must be made for identity theft and automated systems (like Steam's new computer verification) should be able to prevent identity theft.

Even so, consumer protection laws forbid what these businesses are doing which is effectively seizing property without compensation. Even if you use a weapon to commit a crime, that weapon still has value and they do not have the authority to seize it without warrant (see 4th amendment). Yes, yes, it's a subscription and all but if you're paying a fee for a specific product on a service and the service decides to deny you access to said product, you should be reimbursed (at least in part) the fee you paid them. This doesn't apply to subscription services with regular service charges (e.g. Netflix) where you're paying for access to an entire library, not just a single product on the library. I don't think this subscription model (like Steam) has been challenged in court. I doubt it would stand if tried.

Prove it wasn't you. That is my point. You can't.

From the companies stand point you broke the rules, and the consequences were you loose access to your games. There is absolutely no way to prove it wasn't you.

That is why my Steam password is 35 characters long and I have 2 step verification enabled linked to an email account with another 35 character long password. In fact, none of my passwords are less than 25 characters long.

People need to brush up on what a strong password is, and 8 characters with a number and a symbol is NOT a strong password.

I already have a security question on my origin account and a strong password. I don't know why you would assume I have a weak password, just because I got hacked. My wow account got hacked many years ago when I had an authenticator on my phone, 2 tier verification system, so how do you explain that? It's easy for people to say "it's your fault you got hacked, you deserve this, just like with the recent icloud scandals. I really hope something like this never happens to you, but let me tell you, it sucks. It sucks to know I paid someone money to provide me with a service, went through the steps to secure my account and then have my account hacked and blocked at the same time. I don't understand why people say that if you have a strong password and 2-tier verification system, your account is hacker proof, that's not how it works. Sure, your account is much safer but it's still not impossible to hack. Yeah, there are services which mask your IP, so what, now companies have to go by "guilty until proven innocent"? Why are you so quick to throw the blame on me? I have a life, a job, I want to relax and play some games in my spare time among other things, should I just live in a bunker with my own ISP in my own network and not have to rely on the service providers to help me when one of their paying customers has their account hijacked by someone who probably has more knowledge about hacking into an account then you or I? So, at this point, everyone should take responsibility of every service they purchase, the provider isn't responsible for anything, not even to actually provide the service(as stated in the EULA)?

It is your fault. I never said it was hack-proof, just a lot harder to hack.

And yes, because there is no way for you prove it wasn't you, you are guilty until proven innocent. Since when do you think innocent until proven guilty applies to civil matters? Hint: It doesn't. You can try taking them to court, but since you have absolutely no way of proving it wasn't you that logged on, you're basically wasting your time.

 

[z1tu]

Prove it wasn't you. That is my point. You can't.

From the companies stand point you broke the rules, and the consequences were you loose access to your games. There is absolutely no way to prove it wasn't you.

That is why my Steam password is 35 characters long and I have 2 step verification enabled linked to an email account with another 35 character long password. In fact, none of my passwords are less than 25 characters long.

People need to brush up on what a strong password is, and 8 characters with a number and a symbol is NOT a strong password.



It is your fault. I never said it was hack-proof, just a lot harder to hack.

And yes, because there is no way for you prove it wasn't you, you are guilty until proven innocent. Since when do you think innocent until proven guilty applies to civil matters? Hint: It doesn't. You can try taking them to court, but since you have absolutely no way of proving it wasn't you that logged on, you're basically wasting your time.

So the part where i told you about my 2 step verification account was hacked was completely overlooked by you? A little empathy goes a long way, if not, why comment at all?

 

[newtekie1]

So the part where i told you about my 2 step verification account was hacked was completely overlooked by you? A little empathy goes a long way, if not, why comment at all?

Not overlooked, just not relevant to my point. WoW's security is garbage, the 2-step verification was a half hearted attempt to improve it, but it was easily bypassed. Just having a strong password was a better security measure than their 2-Step Verification.

It isn't that I don't feel sorry for you, like I said, I totally believe your account was hacked. However, EA doesn't have room to be empathetic. They have to follow their policy in every instance with no exception. Otherwise, like I said, people would very easily get away with violation the rules. It is the sad world we live in.

 

[z1tu]

Not overlooked, just not relevant to my point. WoW's security is garbage, the 2-step verification was a half hearted attempt to improve it, but it was easily bypassed. Just having a strong password was a better security measure than their 2-Step Verification.

It isn't that I don't feel sorry for you, like I said, I totally believe your account was hacked. However, EA doesn't have room to be empathetic. They have to follow their policy in every instance with no exception. Otherwise, like I said, people would very easily get away with violation the rules. It is the sad world we live in.

Well if the 2 tier verification was garbage in wow, why not origin? I've worked in customer service and billing and if the customer would threaten with BBB, we would have to give them what they wanted(more or less) and there were very few who abused the system in this way so I don't see where the problem would be. They just don't care and their departments are set-up so that they don't care either.

 

[newtekie1]

Well if the 2 tier verification was garbage in wow, why not origin? I've worked in customer service and billing and if the customer would threaten with BBB, we would have to give them what they wanted(more or less) and there were very few who abused the system in this way so I don't see where the problem would be. They just don't care and their departments are set-up so that they don't care either.

Origin's 2 step verification isn't garbage because there aren't easily well known ways to bypass it.

And EA doesn't give two hoots about a BBB strike. People aren't checking the BBB listing before they do business with EA. Hell, they've got almost 2000 complaints with the BBB for problems with their products. And a lot of the complaints are from people being banned. EA's response is generally

We have looked into the players ban and found he violated the terms of service by [Insert Reason Here]. This is against our TOS.

It does seem like they at least respond to each claim though, so maybe you'll get lucky and get their attention enough to get the ban reversed, but I doubt it.

 

[FordGT90Concept]

Prove it wasn't you. That is my point. You can't.

I presume these coins means real money was stolen/exchanged, yes? You can prove that bank account/credit card/or whatever was used was not yours. The only reason why you can't prove it wasn't you is because they are withholding the alleged evidence against you. They won't present that evidence unless a judge forces them to so that's why this will probably only be resolved in court. If EA refuses to present the evidence (for any reason be it not showing up at all in court or privacy policy forbids it), the court will rule in favor of the plaintiff because the plaintiff presents evidence they were damaged and not compensated.


Edit: I'm trying to update my password across all major accounts and guess what? Origin forces you to use a weak password with 8-16 characters in length and alphanumeric only. It is impossible to create a strong password for EA accounts. And remember, security questions can also be a huge vulnerability.

Edit: Outlook/MSN/Live/Hotmail also have a 16 character maximum but do allow symbols.

Only Steam accepts ridiculously strong passwords (>16 characters in length)

 

[Solaris17]

still dont know what a fifa coin is or why its being mined EA in the crypto currency market or what?

 

[FordGT90Concept]

http://news.futhead.com/posts/fifa-15/29378-fifa-15-ea-crack-down-on-coin-selling-and

Assuming the same policy applies to FIFA 14, the account was used for selling and/or farming FIFA coins. It does have this link but I presume that has already been explored:
http://help.ea.com/ca/article/information-about-banned-or-suspended-accounts/


I think the ultimate solution is to simply not buy any games that can be abused in this way. If you do have one and you care more about the other games on your account than the game with the currency, you should maybe request EA remove that game from your account so the risk of it happening is removed. You may even be able to request a refund citing EA's policy.

 

[OneMoar]

do I buy the excuse that the ops account was hacked NOPE not for a second and assuming that it was it was still his fault for not securing his account with either two step or a secrete question witch btw IS mandatory and the option is presented again at login of FIFA: FUT coin selling/buying is expressly forbidden ea started cracking down on it in august there are varying level of infractions and it takes 3 strikes before they will close the account and a REAL person does indeed check before swinging the perma-ban hammer

so ill bottom line this
you are banned permanently and forever with no chance of appeal DEAL WITH IT
and the rest of you take your EA hatemail over to the battlefield 4 thread where its deserved ...

 

[FordGT90Concept]

As I already pointed out:
a) Secret questions are huge vulnerability because they're often far less secure than passwords. The only way the security question can be secured is if you can create your own question and answer. Virtually no services allow this so the hole is intentionally gapping.
b) EA mandates a maximum password length of 16 characters. That's not very secure especially in this day where cyber security threats vastly outweigh most others in terms of likelihood to occur.

The hate/distrust towards z1tu is misplaced. EA's security policy makes it possible and EA's terms of service is unreasonable for cases involving identity theft. z1tu is a victim, not a perpetrator. The punishment is being carried out on the wrong individual. If EA was serious about getting the perpetrators, they would cross reference log in locations with other accounts and potentially find the true criminal and/or criminal ring doing this. This leads to better outcomes not only for end users but also EA. EA is taking the easiest approach for them which also alienates them from legitimate customers that were victimized.

 

[Divide Overflow]

The hate/distrust towards z1tu is misplaced.

The hate is definitely misplaced. The distrust, not so much.

 

[FordGT90Concept]

Fair point.

I'm operating on the assumption that people wouldn't complain on a tech forum if they knew they were guilty of the alleged crime.

 

[newtekie1]

As I already pointed out: a) Secret questions are huge vulnerability because they're often far less secure than passwords. The only way the security question can be secured is if you can create your own question and answer. Virtually no services allow this so the hole is intentionally gapping. b) EA mandates a maximum password length of 16 characters. That's not very secure especially in this day where cyber security threats vastly outweigh most others in terms of likelihood to occur.

A: Only if you make the answer something simple. If the answer to your security question is 4 letters, then you shouldn't be using it.

Example:
Q: What street did you grow up on?
Bad Answer: Garfield
Good Answer: I grew up on Garfield Avenue.

B: 16 characters is pretty secure. Not unhackable, but pretty secure. But damn, even Yahoo lets you use any length password you want. I will give that EA(and Hotmail/Outlook) should be allowing stronger passwords.

The hate/distrust towards z1tu is misplaced. EA's security policy makes it possible and EA's terms of service is unreasonable for cases involving identity theft. z1tu is a victim, not a perpetrator. The punishment is being carried out on the wrong individual. If EA was serious about getting the perpetrators, they would cross reference log in locations with other accounts and potentially find the true criminal and/or criminal ring doing this. This leads to better outcomes not only for end users but also EA. EA is taking the easiest approach for them which also alienates them from legitimate customers that were victimized.

I'm not really hating or distrusting z1tu, I'm just explaining why things are the way they are.

Cross referencing the log in location/IPs would likely be impossible. If these hackers were even half intelligent, they are never going to use the same IP twice so the hacks will never come from the same location twice. I would bet my life they are using TOR or some similar service changing IPs/Location every few minutes.

 

[FordGT90Concept]

Q: What street did you grow up on?
Bad Answer: Garfield
Good Answer: I grew up on Garfield Avenue.

Best Answer: r{R8kt_1>nKiJv~Ube,qmJ^CXS7VCjV9P]Sj|O)!j,L&Q!j{4xQN5

B: 16 characters is pretty secure. Not unhackable, but pretty secure. But damn, even Yahoo lets you use any length password you want. I will give that EA(and Hotmail/Outlook) should be allowing stronger passwords.

It should also be noted that what matters most is how it is stored in the database. It could be 1000 characters long but if it is using a 128-bit MD5 hash behind the scenes, it still isn't very secure.

Cross referencing the log in location/IPs would likely be impossible. If these hackers were even half intelligent, they are never going to use the same IP twice so the hacks will never come from the same location twice. I would bet my life they are using TOR or some similar service changing IPs/Location every few minutes.

That's easy to detect too. Few people change IPs so frequently and if they do, it is usually under the same ISPs. The point is, it doesn't appear they're trying at all to isolate the criminals. They're just terminating all of the accounts no matter what the background is.