I have a Question about DDOS attacks

[Kirsten_Rev]

Is this the players fault or a SE thing? See I'm a paying customer like everyone else that plays this game. I was kicked out of Place of the dead floor 172 during this attack. Where we was told we got killed before we was kicked out which was bogus. I've been looking at several posts. Seems like you got crafters losing mats. Seems to me like players are being given the brush off. Now it seems like the only time SE acts like they care is when a huge chunk of the player base talks about quiting. Example like the housing issues a few patches back. Do we always have to moblize the player base just for you to see us? I wasted 8 hrs in potd for a item to give my gf. We didnt fail. The server did! How is this fair? I pay 30 dollars a month to get the brush off? The players that was in there represent close to $100 a month not counting mogstation item buys. If ddos attacks arent the players fault you have failed your player base and something needs to be done! More then we are "Trying to fix the problem." A concern and not happy player

DDoS attacks cannot be perfectly defended against, and are the result of third-party actions. They're not the player's fault, nor are they SE's fault.

That said, one thing that gets missed a lot is that SE has made XIV particularly vulnerable to them. There are a number of ways in which disconnects are more harmful or inconvenient than they need to be for players (certain content like PotD or Uznair will simply kick you out and cost you your progress; being mid-craft will cost you the materials; the game client will often kick you all the way out to the desktop instead of simply returning to the login screen). The error codes that players get when the servers are being hit are unhelpful, and have spawned countless threads about what's causing the issue, with many 'solutions' suggested that incline people to think it's a client-side issue (just why does an HTTPS System Error show up when the login server is down, for instance?). It's brutally clear they never considered the possibility of DDoS attacks when building the game client.

I'd be stunned if this general lack of consideration didn't extend to the server architecture, too, which is almost certainly placing them at unnecessarily high levels of risk. So there's that.

----------

All that said, seeking to assign blame for DDoS attacks really misses the point, in my estimation. The core issue is that SE is a company providing a product, a product which is not working properly, resulting in upset customers. Regardless of why the product isn't working, if it starts leading to player retention issues, it's in SE's interest to do what it can to mollify the affected players. It's not that they're obligated to, nor that they're at fault and should be made to atone - it's that they're a business, and at the end of the day, they need people to stay subscribed. At a certain point, you eat the cost and lay the groundwork for handling the situation better in the future.

[RitsukoSonoda]

Well if you want anyone to legitimately blame for DDoS attacks...
1. the person or persons that initiated it.
2. people that do not maintain a secure computer by keeping their OS and security software up to date while foolishly downloading things they shouldn't be or visit websites they shouldn't be. DDoS attacks are often executed by computers that have downloaded unwanted software the user isn't aware of.