[Patcher] A few things for SE to consider

[Delsus]

If you know how to open the ports, you should know how to close them when you are done.

I can bet that 90% of people dont bother though, whether they dont know about the security problems or just dont want to for conviniance, even still you can tell malware that once ffxivboot.exe or ffxivupdater.exe is opened then transmit the data, admittedly this can be done for any program, but the common ports should be monitered for any suspicious traffic, the ports that are normally closed may not be, so untill all your accounts have been hacked you may not know anything

[Molly_Millions]

I can bet that 90% of people dont bother though, whether they dont know about the security problems or just dont want to for conviniance, even still you can tell malware that once ffxivboot.exe or ffxivupdater.exe is opened then transmit the data, admittedly this can be done for any program, but the common ports should be monitered for any suspicious traffic, the ports that are normally closed may not be, so untill all your accounts have been hacked you may not know anything

I think you are overstating the risk to try to prove your point. Preventing keyloggers and spyware from getting onto your system in the first place just takes a bit of common sense. I do realize common sense isn't common, but we can't blame SE for that.

[Delsus]

I think you are overstating the risk to try to prove your point. Preventing keyloggers and spyware from getting onto your system in the first place just takes a bit of common sense. I do realize common sense isn't common, but we can't blame SE for that.

What I am saying is there is no need to open ports for a game to take less than 24hrs to update (which is what we could see from 1.18)

You cant keep any computer completly secure, all you do is make malware between definition updates and lauch a fast attack before any anti-spyware will beable to detect it. If you think your PC is 100% secure, you are prime for an attack.

I have been studying networking and network security, and I know about attacks and vulerabilities, its all about compromise, anything you do for conviniance will lower security and you have to evaluate the risks against the differant possibilities, unless there is a delcleration from SE that if you get hacked via the ports needed to be opened for the patcher they are not liable, all you need to do is prove that an attack came through the ports opened and they should be liable because they ask you to open the ports.

Ports are one of the biggest security risks because apart from closing them there isnt alot of security to put on them, also its not just keyloggers that can utilise open ports for malicious activities, how about a DDOS attack on SE, or just a hacker accessing your PC through the open ports.

All ports are, are back doors into your PC, its the same as leaving your front door wide open over night, any burgalar would see you as a prime target.

As I said common ports like 80 (for http) have some security on because they need to be open, however unless you buy software (free software will probably just be a port scanner) there is absolutly no security on the uncommon ports, its just a dorr wide open to the internet

[Molly_Millions]

What I am saying is there is no need to open ports for a game to take less than 24hrs to update (which is what we could see from 1.18)

You cant keep any computer completly secure, all you do is make malware between definition updates and lauch a fast attack before any anti-spyware will beable to detect it. If you think your PC is 100% secure, you are prime for an attack.

I have been studying networking and network security, and I know about attacks and vulerabilities, its all about compromise, anything you do for conviniance will lower security and you have to evaluate the risks against the differant possibilities, unless there is a delcleration from SE that if you get hacked via the ports needed to be opened for the patcher they are not liable, all you need to do is prove that an attack came through the ports opened and they should be liable because they ask you to open the ports.

Ports are one of the biggest security risks because apart from closing them there isnt alot of security to put on them, also its not just keyloggers that can utilise open ports for malicious activities, how about a DDOS attack on SE, or just a hacker accessing your PC through the open ports.

All ports are, are back doors into your PC, its the same as leaving your front door wide open over night, any burgalar would see you as a prime target.

As I said common ports like 80 (for http) have some security on because they need to be open, however unless you buy software (free software will probably just be a port scanner) there is absolutly no security on the uncommon ports, its just a dorr wide open to the internet

This is common sense stuff again, if someone is leaving their ports open after the patcher is done and somebody takes advantage of that, it's not SE's fault, It's the fault of the end-user.

[Delsus]

This is common sense stuff again, if someone is leaving their ports open after the patcher is done and somebody takes advantage of that, it's not SE's fault, It's the fault of the end-user.

Yor average end user isnt usually educated about ports because there is no reason for an average end user to open them, most just think there is no problem leaving them open, common sense is things that everyone knows not just professionals and people who play ffxiv. Most people dont care how computers work as long as they do.

Name 5 other programs you need to go into your router, and open ports to use to its fullest, and dont say a torrent client because they can get 1Mb/s without opening ports

[Molly_Millions]

Yor average end user isnt usually educated about ports because there is no reason for an average end user to open them, most just think there is no problem leaving them open, common sense is things that everyone knows not just professionals and people who play ffxiv. Most people dont care how computers work as long as they do.

Name 5 other programs you need to go into your router, and open ports to use to its fullest, and dont say a torrent client because they can get 1Mb/s without opening ports

There are plenty of reasons one might need to open router ports such as other games (FFXIV is not the first I've had to open ports to update or even play in some cases), shoutcast servers, ventrillo servers, dedicated servers for games, etc. While it's a bit outside the norm to need to do so, it's something any gamer should know how to do.

[Delsus]

There are plenty of reasons one might need to open router ports such as other games (FFXIV is not the first I've had to open ports to update or even play in some cases), shoutcast servers, ventrillo servers, dedicated servers for games, etc. While it's a bit outside the norm to need to do so, it's something any gamer should know how to do.

They arent things that everyone uses though, what I am looking for is things that everyone uses, and talking about ventrillo and shoutcast servers, most people I have know just pay to rent them rather than set up their own because it is alot easier.

How many people do you know that host their own games, because I know no one.

And the amount of games that you do need to forward ports for are few and far between. So I stand by what I say, that you should not need to forward ports for optimal performance, also I can get 1Mb/s downloads in utorrent for alot of things, the SE patcher uses the same protocols, so the reason for slow downloads is a mix of SE not using 3rd party seeds and programming issues, I can get peers and seeds through closed ports in utorrent so the programming for the patcher should also allow that.