After Hours

Top RPG player kidnapped and tortured for password


The Inquirer reports that an armed gang of four kidnapped one of the top RPG gamers in the world and psychologically tortured him for almost five hours. The purpose of this exercise - to get him to divulge the login password for his account.

The game in question is called GunBound, and according to Gizmodo:

... the captive is the world leader in GunBound, a turn-based RPG-style multiplayer online game. Developed in South Korea, in this artillery game you get more experience points, offensive and defensive capabilities depending on your skills during battle, as well as money to buy more weapons, armor and all kinds of gear for your multiple avatars.

You can only play with one of your avatars each time, but all of them belong to a single account.

Like a plot straight out of a B-grade movie of yesteryear, the gang used one of their girlfriends as a honey trap to entice the victim to meet up for a date using Orkut, Google's social network. The girl never turned up, but her boyfriend, Igor, certainly did.

After sequestering him in Sao Paulo, they held a gun against the victim's head for five hours to get his password, which they wanted to sell for $8,000. The plan was to relay the password to their mates, using a cell phone to hijack and presumably sell off the account before the victim could do anything about it.

Surprisingly, the guy didn't utter a single word. Eventually the crooks gave up and released him. The suspects have since been caught by the Brazilian police, aged 19 to 27. There you have it, folks - technology, girls, and violence, and your ex-girlfriend thought computers were boring?

Against a backdrop of questions about whether this chap is really a hero, heartbroken into dumbness, or just plain stupid, I can't help but ask.

Being stewards of the many passwords in your company - of which most of them would be suspiciously similar, I reckon -  what would it take to compel you to divulge the passwords in your head?

--------------------------------------------------------------------------------

Stay on top of the latest tech news

Get this news story and many more by subscribing to our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

98 comments
nyabdns
nyabdns

Having been carjacked at gunpoint and having had my life threatened in another situation, I can tell you that what you think you will do and what you really will do can be two different things. I know what I did, would you be willing to kill another human being in self defense?

royhayward
royhayward

If my life or the life of others is threatened. But for a game or email account, I will give up pretty fast. ATM or bank, I will resist a bit more, but I probably won't kill on purpose to defend money. I can just get more.

PhilippeV
PhilippeV

It's legitimate to hesistate at the begining, but this time must be profitable to you to realize that you are forced to enter a game where you don't know the rules accepted by players. They have a gun, you don't. They have already violated law (one of the necessary rules of any game), you don't. They can kill you at any time (whever you give the secret or not), you can't kill them (because you have legitimate resistance to respect the law). They are acting in group and can assist each other, you are alone. So what do you have to protect here? only your life; you can't escape easily without risking your life immediately. You hesitation is just enough time to realize that you can loose much more than what they want immediately. So even if they wanted money or a credit card number, I would give them in such situation. ------------ And I know what i'm speaking about, for having been kidnapped myself for three days, in 1989 by my boss forcing me to sign some documents for an action involving its commercial partners. I signed everything he wanted, just in order to stop being alone, and get assistance from my co-workers that initially did not know my situation. My boss was arrested in the next days after we collectively complained at the police, and all what I signed was voided. A kidnapping is not something you can forget easily in your life. I confess that I personnally had doubts about my actions in these moments, and that after some time being I could find excuses to my kidnapper. That was an excellent reason for me to stop any work for that company, and I would not even accept to meet my old boss today (that has been released) because I know that, alone, I would find some sympathy for him (a sort of Stockholm syndrom, I know). Yes, I did not risk my life immediately (there was no gun pointed on my head), but I risked my professional career (because my boss had some influence in the city where I was living at that time). This convinced me leaving that city and working elsewhere (I moved far away and definitively one month after that event). In other words, in such situation what I have learnt is that in such situation, you must do everything that will allow you to be assisted. If I had resisted longer, I would have finally become volontarily a complice of the illegal action. What was really important for me is the assistance by the police, and my co-workers, and I made all what was possible to get this assistance. Now the time has passed, I can return in that area. My old boss hasnomore influence locally. I know that he's working now, but legally he is forbidden of driving any company (in France at least, probably too throughout Europe due to his judiciary records). So the justice had the last word, and that's the most important for me, i have nothing to regret, even if this caused me to loose immediately my job. I arranged with the company to leave them immediately with excellent and reasonnable financial compensations, and it was quite easy to find a new job elsewhere, where I've been employed for more than 13 years. Today, the company for which I worked has stopped all its past activities, because it had lost its trust from providers and customers when they finally heared about the judiciary story of its past boss. ------------ In another situation, I've already been caught by a gang after I left a party. I risked being hit by violence (there was apparently no firearm, but they were a group and I was alone, they could steal me just my jacket with my credit cards and some money. Here again, I gave them all what they wanted. I have lost almost nothing, and was not severely hurt. After being released, I called a toll free emergency number to block the credit cards in the following hour, and I complained to the police. THE POLICE CONFIRMED ME THAT IT WAS EXACTLY WHAT IT WAS TO BE DONE IN SUCH SITUATION. The gang was arrested in the next days, but I had already new credit cards. I had nearly immediate compensation by my insurance company, plus one year later, I got some additional fines paid by the arrested gang after they were judged and condemned. They did not go in jail, but they had to pay for the judiciary suite, for my attorney, and directly for me (and for some other victims in the same trial). I have no idea what they have become since then, I have never met them after that and never seeked after them.

links
links

Guess you are unlucky...but in another way you are lucky that you have survived without any major damage to person or property... What you did was logical, but criminals are not logical and they will do whatever they want to do without a thought for the consequences... You could just as easily have been killed or hurt, I have known friends who when in groups are willing to beat up people on the basis of nationality, religion, etc. But individually, these people are just like you and me... It is sad to see people you know do such things but you've got to deal with it, I moved on...ditched those people and chose my friends more carefully...These people don't realize that what they are doing is wrong...they have to quote from an earlier post "a definite lack in gray matter"... What I'm trying to say is that it is futile to believe that by behaving in a logical manner you are effectively safe...chances are that by handing over whatever the aggressor wants, you are convincing him that he is stronger or that you fear him and he can do whatever he wants... Sony AIT1

robert_devery
robert_devery

Are you telling us you have killed in self defense? I find that hard to believe! On another point. THis happened in San Paulo. 8k is alot of money to these people, they are willing to risk all for what seems to us to be very little cash.

DanLM
DanLM

I can talk a line of crap, but if chit hit the fan. Like what occurred to you. I have no idea what I would do. None, not a clue. Dan

NGENeer
NGENeer

I hope you DID kill the SOB. ;-)

richard.stroud
richard.stroud

RPG Player never has a BFG when he needs one! Ask what John Mclain would do.

BorgInva
BorgInva

Stupid people! Over a bloody game. All people care about is money in this world and this is how bad it is getting? Know what? Stupid is too good of a word for these so called kidnappers. I can not even come up with the proper adjective to describe them. I do hope the victim is okay and did not experience anything permanent.

DanLM
DanLM

[i]All people care about is money in this world and this is how bad it is getting?[/i] I can honestly say that I chose IT for two reasons. 1). I'm a geek, love putzen with computers. Hell, I do it at home for fun. 2). I am in it for the money also. Sure beats working 3 jobs to make a decent living. How many people work jobs they can't stand, but stay with it because the money is good. So, who are we to throw stones in glass house's with regard to what people will do for money. Dan

BorgInva
BorgInva

Earning something morally is right. Stealing is wrong.

frank.huminski
frank.huminski

For some reason, I can't help but think of Sam Kinison at this moment: "Torture? I was MARRIED for 5 *bleep*ing YEARS! Torture would be like Club Med!!! AUGHH! AUGHHHHHHHHH!!" Seriously, it depends. The game passwords they can have. The work ones (since I work for the Gov't), not so much.

PhilippeV
PhilippeV

I would give also information for the gov't work, as long as I have not been trained officially (and payed accordingly) to resist safely to such attack. Why resisting when you are alone face to a gang? You need personal assistance in such a case, and without it you must not resist. My own obligation would only be to reveal as soon as possible that such work has been stolen by force, and to complain officially to the police. Then it will be to the gov't to take the measures to protect its assets. It's up to the government to assist their employees in case of such criminal offense. Thanks an employee has the laws in favor of him, even if he works for the gov't (and even if he works for the police forces: they are trained to not act isolately, and also need assistance when they risk something alone).

NGENeer
NGENeer

PhilippeV . . . What you, and others, have missed is what one other person explained in an early post. Someone pointed out that kidnappings and murders were not unusual in SaoPaolo. If this person had surrendered his password, the next thing would be - BANG! Then he couldn't report the "robbery" to the gamesite, or the police. I'll bet the only reason he was let go was because after 5 hours Igor was getting very nervous and thought the gang could figure out another way to get the password. NGENeer

PhilippeV
PhilippeV

"Someone pointed out that kidnappings and murders were not unusual in SaoPaolo." If you look into the list of messages, you will see that that "someone" was me! So I have certainly not missed this point. In fact, you'll immedately realize that most of the crimes in Sao Paulo are from gangs trying to REVENGE because of somesort of frustration for NOT obtaining what they wanted. They don't kill gratuitously for the pleasure of killing. And that they flee immediately after their crimes or robberies. I still think that giving them immediately what they want was MUCH less risky: they would have fleed as well with their robbery, with little risk of being caught (immediately), and they would have given not enough time to be clearly identified. The more time you'll pass woith them (by resisting), the more you'll learn about them so the deadly risks are constantly growing, because you give them more reasons to kill you anyway (even if they don't have the result of their robbery). So I would not call that victim a "hero". His "game" with players that did not fix any prior rule and that even violated the first rule, the law, before forcing you into a game that you did not chose, was quite stupid.

PhilippeV
PhilippeV

if you have followed a training for life saving, the first thing you are tought is that you can't act if there's a reason that your life of the life of other unassisted persons would be placed at risks. This does not mean you cannot do anything. The first thing is to protect your own life, then make sure that others are not exposed to the same risks. ONLY then you can take the immediate life preservation measures, while still making sure that no additional risks comes or returns. Then you can call emergency services for assistance as soon as possible. Yes, this means that you won't be able to help someone immediately, but at least you'll help others. When the risk is only on you, the only thing you can do is to evaluate that yourlife is more precious than what criminals want you to do, so give them all they want. You'll get assistance later only if you escape the immediate personal risk.

paulmah
paulmah

What will it take to compel you to divulge the passwords in your head?

Oz_Media
Oz_Media

First of all when it comes to an EMPLOYER, I couldn't give a damn. IF it was a security password, bag of money for a bank deposit etc. I would give it up in a heartbeat. I don't put my personal safety on he line for an insured employer, and nobody should have to or be expected to, that's ridiculous. So for a password to a GAME, sure you want it? Here it is. WHo teh hell cares, it's a game. It wouldn't take long to notify the entire network that the password had been breached anyway, who the hell cares? Putting your personal safety in front of meteraial BS is absolutely nuts. Only an idiot would put up any kind of fight on that one. So the guy never gave his password and they eventually let him go. He STILL hd a gun to his head for 5 hours, when he could have used that 5 hours to notify the gaming community that his pasword was breached instead. What a tool! Reminds me of the two Chinese guys who drank EACH OTHERS urine when trapped for a day under a collapsed highway overpass. First of all, why tell the reporters that?!?! Secondly, why wouldn't you drink your OWN urine. Lastly, it was only a day! They were rescued the next afternoon. Survival is one thig, that's just lunacy. People do the stupidest things sometimes. It would be nice to see someone with a thought process again one day.

Chilly Willy the First
Chilly Willy the First

After reading all of the following threads I have but one question...... What ever happened to PONG ?? :)

phasley
phasley

With me it would depend on what they were asking for. Most of the passwords that I have they could have if they put a gun to my head. In that I mean my normal accounts such as email, WoW and such it would not bother me to hand them over. I but like to believe that faced with a situation such as this, if they were asking for anything important such as my domain account for work that I would refuse no matter what. There has always been and will always be an implied level of trust and security when it comes a system administrator. Whether you work for a private corporation or the US government if your account has any privileges that could cause harm to the system I believe that it is part of your responsibly to protect that information to the best of your ability. In my opinion if you are a system administrator and are willing to give up that information at the drop of a hat you need to find another line of work where you have less responsibility. The bottom line though is that no one knows for certain what they are capable of doing or withstanding until they are in that kind of situation.

enriquehernz
enriquehernz

Wow, nerds are getting really violent these days. Who knew a fat geek would stoop so low as to kidnap his/her rival and extort his ass for his password.

links
links

...stop calling people names...people who play games aren't nerds...come to think of it...you should look up the definition of nerd and look at the people who play games...everyone plays games...and uninformed people like you should lose the stereotypical view that these people are nerds or geeks...gaming is a multi-billion dollar industry nowadays Sony AIT1

SkySharkDude
SkySharkDude

I would not give the password. #1. They could kill me even if I gave it. #2. I despise evil people. I don't fear death, as I have a relationship with my Lord & Savior, Jesus Christ, therefore I would do my best to convince them that they need to repent and return to reality.

PhilippeV
PhilippeV

Whatever your Lord says and the confidence you have with Him, he has also stated that life was to be preserved first, and that money or personal terrestrial assets are nothing face to the price of life. You can effectively not fear death, but only if your Lord takes it from you ar your due time. If you are believing in Him, you must know that it's not up to you to decide when you can return to Him. So give the chance to your life, and God will help you protecting it. Risking his life stupidly is acting irresponsably with the present of God. Your time to meet your Lord will come, but he does not authorize you to play poker with it. Nothing forbids you to tell your agressor that the Lord is seeing what they make and that they should repent, but this is not a reason for you not giveing them what they want in such "game". Don't participate this game. Please reconsider this. Your Lord is not encouraging your intended practice. And before you return to Him, you must respect the justice of men, which is most often based on the universal laws that He has given them, even when they trust Him in different religions applying the same laws (Christians, Judes, Muslems, Buddhists, ... and even Atheists that just believe in the Universal Declaration of Human Rights).

SkySharkDude
SkySharkDude

I would not be holding the information for the earthly value of holding it, but mainly because I feel the need to resist ignorant evil people.

nickpostill
nickpostill

Wouldn't take much... A 2 Litre bottle of coke, a Mars Bar and a date with Scarlet Johansson and Milla Jovovich. I think I'm easy to please. Obviously if it was the key to World dommination, they'd have to throw in Emilie de Ravin & Evangeline Lilly (Claire & Kate from Lost) otherwise it wouldn't be worth my while. :-)

nickpostill
nickpostill

Wouldn't take much... A 2 Litre bottle of coke, a Mars Bar and a date with Scarlet Johansson and Milla Jovovich. I think I'm easy to please. Obviously if it was the key to World dommination, they'd have to throw in Emilie de Ravin & Evangeline Lilly (Claire & Kate from Lost) otherwise it wouldn't be worth my while. :-)

cmachadoc
cmachadoc

It would be harder than giving up cash to the common thug. d'.'b

Kapil_chopra
Kapil_chopra

Give an offer to create a new account and build it up with great characters by playing through thr game in a month's time. That should do it. Noone gets hurt. Play the game!

mjwx
mjwx

give them the card. 9 times out of 10 they will take it and run, the vast majority of thieves are gutless. After they do that, I ring the bank and cancel the card with WOW there is a financial transaction that can be traced to the original owner.

mark
mark

OMG ;) how many have actually read the google translation? Let me just say im glad my laptop keyboard survived the coffe spray out my nose !

links
links

It is an auto-generated translation, its not like someone sat down and translated it...The translation software probably just replaces each word with the closest possible match in English... It was quite funny though, but not hilarious enough for me to spray coffee out of my nose (now that would have been hilarious, especially if it wrecked the keyboard :P) Sony AIT1

bcroner
bcroner

Now we have brute-force social engineering being used to bypass security.

mhbowman
mhbowman

the game account is associated with the billing information, and that is a seperate authentication. He should have just given them the password. Then called the company, confirmed his ID through THAT info. At that point he could login and change the password to lock them back out. There's been instances of people selling accounts on Ebay, and then ripping off the buyers by changing the pass, and then selling them again.

CharlieSpencer
CharlieSpencer

How do you make money off this? I don't game, so tell me if I'm out to lunch. Say you have the guy's password. What do you do with it, offer it up on e-Bay? He's going to change it as soon as he can get to a computer. Say you buy it. You're not going to be able to maintain the character's ranking. If you had the game skills to do that, you wouldn't need to buy the p/w in the first place.

shardeth-15902278
shardeth-15902278

As I recall, when Diablo II was released some guy sold a veteran character he had built up on a sneak preview copy for a couple thousand $. There are people out there with plenty of money and a definite lack of grey-matter...

PhilippeV
PhilippeV

If selling personal accounts is forbidden, it's also because the only thing that can identify someone's secret is its billing info which is strictly personal. Those that are attempting to sell their account are acting against the site policy, as the site currently has no other ways to identify you online, out side of the billing information that protects your access password. The thing that is really valuable is not your password, but the "universal" credit card info, used to reserve and renew the account and its associated usage rights. The credit card info itself is protected by law on your bank. Here again you can reveal it if you are threatened by a firegun. The law provides you the right to permanently block a credit card (it is free of charge in many countries, provided that you take the simple legal actions required if you have been victim of a theft, and the associated costs supported by banks is paid by the insurances we are all financing as part of the costs we pay for any credit card). So what? Giv'em the passwords, and even your credit card info. Once the credit card has been blocked by all banks, you can easily prove that fact to the service provider and retreive your personal accounts back. But don't attempt to sell these accounts on eBay (a buyer cannot prove to the service that he has legal rights on the service account, so the sale would be unfair, unless the service has organized itself a fair and verifiable account transfer system, based on something else than just the usual "authentication" and credit card info that he cannot keep legally for long)

PhilippeV
PhilippeV

For the gaming industry in general, it's not their interest to allow their users compete unfairly: too many of their users will abandon and stop paying for a game were they can never win. The only way to allow this is to make sure that all online gaming services are strictly for personal use. This could be an interesting project to start by the industry as a whole; they are grouped into many commercial associations and syndicate their content with Internet access providers. This could be sped up by making a common charter for fair gaming and pressing game producers to adopt it and making it a mandatory condition to accept by online sites reselling these games. Everybody will win: * gamers because they will all know that they each have a fair chance for winning * the industry, because if will allow more users to play online I'm saying that because I've tried several times to play online, and I have always abandoned very soon because it was too frustrating being "killed" after only a few minutes. For the best fair gamers, that also spend a lot online, it is in the interest of the industry to offer other places to meet each other with more relaxed rules. For this, there already exists conventions worldwide for gamers and hackers, with indoor competitions (no way to cheat, unless this is part of the allowed rules in hackers conventions, and no more allowed abuse of the online gaming service).

PhilippeV
PhilippeV

May be it's time for the websites proposing access to "Final Fantasy XI and World of Warcraft" to reenforce their site license, in a way that grants access only for strictly personal usage, explictly forbidding offsite sales of the associated online gaming valuables. This way, any sale of such valuables in vending sites will become illegal and those vending places will be closed by the vending sites that will also block the associated online merchants because of their illegal offers. It will be easy for example to prove that a vending offer is illegal (and justify the fact that they are blocking a merchant), if the online gaming services are publishing their usage licenses... And the gaming site owners could then initiate their own searches in eBay (and others) for detecting those illegal offers: they will signal them to eBay, instead of starting a costly legal suite against eBay or sending "cease and desist" judiciary orders to eBay. If things like this can be solved in an extra-judiciary place, simply by reenforcing the site licenses, it will cost less to everyone, and gamers will be more protected.

PhilippeV
PhilippeV

If someone can prove that his account was compromized so that its associated "valuable" were sold offsite by the offender, then those that have bought these assets offsite are also abusing the license. When there's evidence that a justice action was taken against the offender, all the valuables sold by him should be taken by the justice, and returned to the legitimate owner (in addition to judiciary fines). But anyway, the gaming service provider should also take action against those that accepted the offsite deals with the offender, because they have also violated the site license which is strictly personal. So in addition to judiciary investigations against the kidnappers, their own bank accounts should be scrutinized, and if they received payments (through PayPal accounts for example), the service provider should become an interested party to the trial, and will offer assistance to resolve the issue, by returning the online assets to his legitimate owner that have been proven to having been exchanged for real money in online commercial galeries like eBay. According to eBay, selling illegal products like valuables on a gaming site whose license says that the site credentials are strictly personal, is also violating the eBay site license. Such online sales being illegal, and buyers knowing that their purchase were also illegal, should be sanctioned too (meaning that eBay should block their eBay accounts too). Given these facts, eBay could then immediately start a database lookup for such valuable tools that are illegal to sell, canceling all the associated merchant galleries. Such joined actions between service providers, making things that are easier to perform themselves according to their own licenses, will help them meet a common security standard that will help protecting all their legitimate users. I would be eBay, I would immediately scan the merchant galeries for offers realted to online services that are illegal for sale according to online service site licenses. It should be noted that this is the first event that is largely mediatized. Such event will probably folled by similar events in many other places, so it's time to consider that as a newly discovered online risk. If all major online merchants services are collaborating this issue could be minimized, and it will bemuchmore difficult for offenders to "attack" other users, because they will profit less easily from their actions. I really fear that the next events will not involve kidnappings, but more common Internet threats against users of valuable gaming services, just to get their credentials and sell their online assets in eBay galleries or similar. If you look where the online gamers are spending the most, this grings you immediately to Japan: the many Japanese online hardgamers may become preferred victims of viral spywares trying to steal their online credentials, whose local value is quite high (and where the online gaming services are more expensive, because gamers there can spend more for these online services, and could also buy gaming valuable in sites like eBay Japan...)

MyLittleMansAnIdiot
MyLittleMansAnIdiot

There are several ways the kidnappers can profit from accessing the account itself. As highlighted by James, the items belonging to the avatar can have significant real world market value, but the real value would more likely be in the ingame currency. Thanks largely to games like Final Fantasy XI and World of Warcraft, online gaming currency vending sites are a real and profitable business (although FFXI and WoW aren't where these businesses first started to crop up, they have brought them into the mainstream). Refered to as "gold farmers" (a WoW related term, as the top currency used in WoW is gold, in FFXI they were refered to as "gil farmers"), players spend hours everyday (upwards of 12 hours a day) gathering items ingame that can be then sold to other players for ingame currency, this currency is then purchased by larger "gold sellers" which maintain websites devoted entirely to the sale (for real world money) of ingame currency (items are also up for grabs on these sites, but the would represent only a tiny percentage of the "profit" reaped by the site owners). Popular belief (and it's not entirely unfounded) is that the "gold farmers" are generally from china, but they are infact quite widespread throughout most of Asia, and even the US. The gold venders are able to purchase lots of, say, WOW1000G (World of Warcraft gold) for around US$8, which they then resell on their websites for somewhere in the range of US$120-US$200. As you can see, it's quite a profitable business (particulary considering the oveerheads, which would be negligible). And most gold farmers are capable of gathering upwards of WOW1000G per day. The top players in WoW would have in access of WOW10000G in their possession, so the latest craze is for gold farmers to "hack" (it's more likely the victim's user name and password are phished, or obtained via a trojan) into peoples WoW accounts and transfer the gold they have to another account, allowing the "hacker" to then sell the gold. The next logical step for the idiotic criminal is direct physical intervention I guess. I wonder how long before we see a rash of online gaming password home invasion occur. :p

JamesRL
JamesRL

While I don't play those types of games, I know those who do. Here is what I can see happening, if its like some of the games my kids play. The kidnapper logs on while the player is still tied up. The kidnapper makes a "deal" with a third party to trade all their valuables to another player for very little in return. Then they let the victim go. The player who now has all the valuables makes side deals with others for cash/paypal etc. My wife has risen high up in one of those MMORPGs and she gets offers to buy and sell her "valuables" for real $$ all the time, but she refuses. If a less skilled player has them, they can rise up the ranks faster. In the games I play, people sell cheats online - programs that hack the game code and allow you to see through walls, highlight all of your enemies in red(no matter how well camoflaged they are) etc. I hate people who use them, it spoils the game. James

CharlieSpencer
CharlieSpencer

So it's not the game account they're after, it's the associated billing / credit card info. Why go after a great gamer? Just because a guy can game doesn't mean he's got a high credit limit. Do your research and go after a rich one. Of course, if you could do that kind of research you probably wouldn't have to be pulling third-rate kidnapping schemes in the first place.

bhhaught
bhhaught

The guy is an expert at RPGs (i.e., probably better at psychology than they are), so he probably sized them up VERY quickly and decided that there was no real threat, so he just had to wait. Remember that this was psychological, not physical torture.

LocoLobo
LocoLobo

Having a gun pointed at your head starts the "Fight or Flight" response. The emotional response is anger or fear sometimes both. It is not something that is easily controlled. I tend to agree with those who say give up the password. Especially a "game" password. But for the gamer how much of his life is invested in those accounts? For him at that time maybe he felt it was worth the risk. Irrational? Sure. But human too.

PhilippeV
PhilippeV

Sure it is humane. The offended kidnapped person is reacting when she is alone and left in a situaiton where irrationality is not easily controled. But here again, rationality can help: the critminals are also constantly evaluating more or less rationaly the risks they take. This is due to the fact that, the more they will commit criminal actions, the more they risk face to justice; thanks for us, this scale in criminal charges is helpful because it is also helping criminals limiting themselves their actions. But imagine what would be their final reaction if they realize that, not only they have kidnapped someone, and stolen him, but also tortured him? If there was something that would avoid them committing the fatal crime, letting them add torture to the list of their crimes will not help the victim. It would be in fact the opposite. One other reason why it's best not to resist at all, as it will help solving the critical situation faster, with less risks later. It won't eliminate the fact the fact that two crimes were already made (and you have the right to complainto the police), but at least you'll have avoided torture. If a criminal is determined to kill you after the first two crimes when he gets the secrets, then why do you think that he would not perform his final fatal crime after applying the torture? Really, in sucha situation reevaluate: * you have been already the victim of two criminal offenses (kidnapping and racket). If you give the secret there's still less risks being killed after that * if you resist, then you are victim of the third (worst) crime: torture. The risks at that time are higher for your life, because the criminals already know the gravity of their acts and may want to "eliminate" a "dangerous" testifier. Now about the risks of being killed: who will take the decision? not you, but the criminals. and if you are alone face to a gans, you should know that the reaction of a gang is far from geingfully rational, and that the risks are very high that one takes the decision, and the others execute it (they will feel they they are not individually responsible for this act). Nothing is more dangerous than a gang. If someone keeps some rationality here, it's not them (because of the aleas of the "group effect"), but you, the isolated victim. And giving time to a gang to perform their act, by resisting for hours, is really EXTREMELY dangerous for you (and there's no guarantee finally that they will not have what they wanted first). The more you'll wait, the more they will act irrationally, and the more you are exposed to the risks, and the less you'll be able to defend yourself (notably after you have been tortured). So unless resisting would help others to assist you (if they know you are kidnapped), or your secret may expose others (family, coworkers, friends, neighbours...) to risks (something that will really help you to support it and remain under self-control in such situation), there's no reason to resist.

LocoLobo
LocoLobo

I've seen people snap when looking down the wrong side of a gun or knife. When asked after they would say that they didn't know they were going to do it. "It just happened." You can argue that this is the same irrational behaviour as the criminals. But they weren't criminal nor did I think of them as violent people either before or after. I think sometimes people's emotions kick in and fear and anger are two sides of the same coin. I could be wrong.

JohnMcGrew
JohnMcGrew

You wouldn't be surprised to see this as part of a James Bond plot, where the password is for the launch codes or something. But the idea that a password to a video game should be worth enough to commit a felony is just insane. Too many people need to get some lives.

ShockRide
ShockRide

If he gave out his password, then what is to keep his kidnappers from doing the same thing again and again to others? It sounds stupid for a game password, but then again, what if he did give out the password? If he gave out the password, then the kidnappers have what they want and they could kill him. Without the password, they have nothing if they kill him.

PhilippeV
PhilippeV

Whever the gang repeat or not their illegal action is NOT based on the fact that they got what they wanted or did not get it. The only relevant fact is that they have ALREADY violated the law, and that their action is already ignoring it. So they can repeat it at any time, until they get caught. And no, they will have less reasons to kill you if you give them what they want. But if you resist and they ignore the law once again by maintaining you "jailed" illegaly andby applying torture, the number of law violations is increasing; they have then more reasons to violate the fundamental law. Don't give them this chance of repeating their illegal acts. You don't know the rules and you don't know what they are ready to do in addition to their kidnapping. But what they will do is not based on your acceptation of their rules. They will do it anyway because they already know that they have accepted to violate the first laws without immediate risks for them. The situation would be quite different if this was not a gang, but a unique agressor, because ALL his illegal actions would be based on HIS own decisions, and it will be much more difficult for a single man to cross each legal line. In a group, things are really different: one of them can decide but not act, another will act but will justify his action based on what another has decided. A group is ALWAYS much more dangerous than a single man, not because of their intrinsic combined force (which is not additive because this force is not combined efficiently and their actions are not fully coordinated), but because of the dillution of responsability "felt" by each of its members. The most dangerous groups can be as large as a whole country (this gives wars) or community (this gives genocides), following the orders of a single recognized head (that directly makes nothing himself).

steve
steve

I hold my passwords sacred and they would have to torture me. sort of like Ask Me three times from Austin Powers. Even ask me with a mean voice and I roll like a marble on a San Francisco street

PhilippeV
PhilippeV

I would not risk anything; I would reveal immediately the password they want, then I would complain to the police and would contact the service to have my account secured and the password changed again. I can't believe that someone can resist to hours of torture just, when there are easy ways to escape it and remain safe, and giving the password will not cause you serious troubles, and no serioustroubles for the service as well. A life is more precious than any password, and we should act exactly like with the protection of our credit cards.

Your Mom 2.0
Your Mom 2.0

Either the gamer in question is Jack Bauer, or he knew that there wasn't much of a threat in holding out. 5 hours of 'torture'? Like what, threatening to sign the gamer up for SPAM? Blaring out Celine Dion through loudspeakers on a loop ala Panama? My guess is that the facts have been exaggerated. Probably no bamboo under the fingernails involved. If someone held a gun to my head, I'd certainly have no problem giving them my GAME password. However I would probably resist if there was something 'real' at stake. But I guess how long I held out depends on the level of torture applied. There again, holding out might keep one alive in that situation. Just have a hard time trying to fathom anyone kidnapping and torturing someone for a game account password (and for that matter, someone resisting 5 hours of torture to protect it). Something isn't what it seems to be. That's a good one for Snopes to investigate.

PhilippeV
PhilippeV

Even if it is bluff, accepting to engage ourself in a poker game by entering such "Bluff" would be a no-option. The game is tweaked from the start: you can't play fairly poker with a gun pointed to your head, if you don't have the same gun pointed to the headof your opponents. You can use bluff when playing poker, only because you can loose the same thing as your opponents. With normal poker rules, no one risks his life. Really NO NO! I would not accept such unbalanced "game rules", so I would not use bluff.

DanLM
DanLM

So, I just don't know. Thats why I asked though. My loss for never getting into it. ;o( Dan

JamesRL
JamesRL

In many online games, despite the best efforts of the game developers, people will figure out a way for others with money to cheat. In WoW and Runescape, you can earn valuable objects and trade them to others. So people make deals through email, and send each other money through paypal. And then in the game they exchange something fo value for something of much value. But it would be difficult to "legislate" or program this out without imposing really strict rules on trading and ruining the free wheeling aspects of the game. In other words, being able to negotiate a good trade is part of the game. Negotiating for real world $$ is for lazy stupid players. :) James

DanLM
DanLM

But didn't the original blog say that this gaming profile was worth several thousand dollars? Which is why they wanted it? I would have still given the password, but there was a monetary value to the gamer here that he just might not have wanted to lose. If I'm wrong, I apologize. Dan

Shellbot
Shellbot

but if they started blaring Celine Dion..I'd have to kill myself

nhahajn
nhahajn

There just video games, I would of given it to them on the spot. These people need to get a life

CharlieSpencer
CharlieSpencer

A couple of slices of cold pepperoni pizza will get you a game password without any problems at all. A entire hot pie will get you the password to my network account; it doesn't have any privs anyway. Two tickets to the Miami-Homestead NASCAR weekend will get you my ATM PIN. Has anybody bothered to check this report with other sources? No complete names, no dates. The Inquirer isn't exactly the Wall Street Journal or the New York Times.

LocoLobo
LocoLobo

I would want a root beer with my pizza. LOL But then nobody wants my 9th level Wuss character! :)

CharlieSpencer
CharlieSpencer

All I have are the passwords to the 5th, 9th, 13th, 17th, and 20th levels of Pipe Dream.

paulmah
paulmah

Which I don't exactly know how to read. Someone at the Gizmodo does apparently (Link in the article itself). But it is your cup of tea (or coffee), you can check out Folha Online at http://www1.folha.uol.com.br/folha/cotidiano/ult95u312691.shtml :)

PhilippeV
PhilippeV

Now with the details it's clear: the gang was armed. I would not even have resisted this way. Particularly in Sa? Paulo where kidnappings are so frequents and often fatal (Sa? Paulo is one of the most dangerous cities of the world with so many kidnappings, ransums, gangs... and many deads just for a handful of reals or dollars). The firearms are "speaking" very fast there.

johnfelizardo
johnfelizardo

Original in Portuguese checks with English version. It provides the full names of all involved. Igor's girlfriend attempted to buy the account online prior to the kidnapping. When she failed to secure the purchase a meeting was setup at a Sao Paulo mall. Igor was waiting and you know the rest of the story.

DanLM
DanLM

Want my passwords, sure. All yours. My life isn't worth a password. Dan

Absolutely
Absolutely

"My life isn't worth a password." A password isn't worth your life. Is it?

Absolutely
Absolutely

For example, imperative sentences all contain an implied "You", as in "(You) give me your password or I pull the plug on your computer." In this case, the implied words are "as much as": "My life isn't worth (as much as) a password." As Dan has already explained, he did in fact mean the opposite of what he originally posted.

PhilippeV
PhilippeV

OK. "A password isn't worth my life". This is a minor confusion (English is a secondary language for me, in French we typically say this in a reversed order). I could have said more precisely that "my life has a higher value than a password". It's not really a ordered comparison, it is just a difference comparison to say that their relative values are different and unrelated.

DanLM
DanLM

I will not die over a password if I can help it. I will gladly provide the password. Dan

Locrian_Lyric
Locrian_Lyric

As soon as they get what they want, you're DEAD. This guy was SMART!

MyLittleMansAnIdiot
MyLittleMansAnIdiot

..and yet they released him. I get the feeling he probably knew his captors and knew them to be incapable of going through with their threat. This is assuming this even happened.

trent
trent

True - anyone who would commit a felony to get a gaming password they thought was worth $8k would probably be dumb enough to kill you to eliminate the witness. Having worked with law enforecement I have seen the truth in the statement that criminals usually do dumb things because they are.

deepsand
deepsand

In general, the threat of harm to one held dear is much more effective.

deepsand
deepsand

The necessities of business took me away from TR from a while. If you like, you can PM me via the link on my profile.

meryllogue
meryllogue

That makes me wonder... which wall? There are a few that can put one in the state you describe in so very few words. Would you like to talk?

AlphaW
AlphaW

Take my passwords, it is just a game after all. "I want your World of Warcraft password" "I want your Gmail password too" Take em. Just put the gun away.

PhilippeV
PhilippeV

Take example on bank employees: they are told not to resist when they are faced to a threat to their life; It'snot their job, and they are not equipped and safely trained to resist to such attacks, despite the banks are severely secured. That's why we have police forces, insurances, and a justice. for just a game password, what is the interest of resisting to torture? The gang needs anyway to be prosecuted. what they did (if this is true) is a severe criminal offense. They merit jail and fines, and some other sanctions like forbidding them any futural personal access to a computer, the Internet or a gaming room.

links
links

"...they wanted something else that was damaging to the person's life (raped?)" Bright little ray of sunshine aren't you?

PhilippeV
PhilippeV

It's much easier to apply a sanction like forbidding any personal access to a computer or Internet, than forbidding them to carry a firearm (especially in Sao Paulo where firearms are everywhere, and their traffic is quite high and at very low cost). The interest of such sanction is that this will void their initial interest in online gaming. And if they even retry, getting proof about this forbidden usage by them becomes easy (given that these where hard gamers, they won't resist playing for hours from easily identifiable places). Indirect sanctions like this have shown their interest, they don't cost a lot to the community (unlike jails...), and can be quite easily controled later at any time (it's hard to hide a computer, especially if you want to play with it for hours,or to hide the fact that you are present in an external gaming room for hours and days, where you are easily recognizable by the workers and other clients in that shop).

Locrian_Lyric
Locrian_Lyric

mmmm.... beat them to death with colorful electric signs?

Neon Samurai
Neon Samurai

"They merit jail and fines, and some other sanctions like forbidding them any futural personal access to a computer, the Internet or a gaming room." Either way.. it's organized crime on one hand and *way* too much personal importance placed on gaming on the other. The victim was lucky to get away mostly. As for the attackers, well, what do you figure I'd do with them based on my chosen alias?

PhilippeV
PhilippeV

Here again, the good question to ask is: * who is exposed to risks? If there are other people exposed if you reveal your secret, that's a good reason to resist (even to some level or torture, as much as you can) and try to escape later, or trying to convince the gang that they have what they felt was needed when in fact what they get has limited usage (in that case you reveal only a part of the secret and don't reveal all what you can still do later). But if your own personal life only is exposed, there's no value to resist. Now, i'm feeling that if the person was kidnapped and resisted for 5 hours, it's not only because the gang wanted the gaming password, they wanted something else that was damaging to the person's life (raped?)

AcesKaraoke
AcesKaraoke

I like to think of myself as tough, but I don't think I could hold up to much torture from a really focused and/or creative individual. For most all of my passwords... you can have 'em. I don't have that much credit, savings, or secrets anyway... I'll keep my health, thanks. If somebody's life was at stake, I would endure all that I could short of my own death (except for my family and kids, then I plain hold out no matter what... at least I would like to think I could)

dliles
dliles

Linux passwords are encrypted so that even if crooks get then they will not work.

jalee1011
jalee1011

You kind of sound like my ex boss... Who "voluntarily" quit after making comments like this for a while. :) Id try to get that post removed.. friendly suggestion!

PhilippeV
PhilippeV

Even a very secure network using the most secure OS will not protect it from unauhtorized access by people getting the right digital credentials. So protecting only the network with technical measures, even if it is the most secure system, will not work alone if the values to protect on the network are not ALSO protected by a humane assistance of its granted users. A machine can't know really who's behind a credential, it only grants access according to the exposed digital credentials, not according to physical humane grants. What this means is that every network protected because of the high value of its data and services needs also a humane plan to resolve humane issues. This includes: * possibility given to users to cancel their existing grants at any time. * possibility (and requirement) given to users to contact the administrator to inform him that a security issue has accured, and that valued data or services may be exposed to risks. * assistance to users for any question related to their granted access. * internal management of risks that have occured, or about seinsible data that has been exposed (including coverage by insurances for associated risks, and a judiciary plan prepared in advance) * training users (necessary and mandatory if those users are using thr network for work) about their rights and obligations. * revizing the plans after evaluating the newly discovered exposure risks, and working with legal authorities for any risks or consequences of illegal accesses. * informing other users and let them know when their personal data has been exposed, allowing them to take part of a joint legal action if needed, but also to allow to take other personal preventive measures that they will consider useful for their personal protection...

jpb
jpb

I want to make sure I don't invest in that company.

SoftwareMaven
SoftwareMaven

I don't think I want this guy administrating my network. "Here you can have my password because it is encrypted. Oh, by the way, you can telnet in, because Linux is secure." Oh, brother. tj http://cmssphere.blogspot.com/

royhayward
royhayward

So what! They don't want the encryption key, they want the password! Doh!

GoodOh
GoodOh

I type in a user name and the correct password and somehow Linux encryption is going to stop the log-in from proceeding? Do you really handle a network? Scary! (Or were you very tired when you posted this?)

PhilippeV
PhilippeV

No technical system will protect you: if a gang really wants a password, they will want something that work, and so they will want you to share all the secrets that allows the password to be usable by you. Even if the kidnapped person had his system highly secured by military-grade securitysystems, it would not have avoided the illegal access. As long as the security system only depends on YOU and nobody else trusted to share parts of the needed secrets with you, YOU are the weakest element of the security chain, and if YOUR life is exposed to a risk, NO technical system will provide a security to make the password unusable. The most valuable secrets are ALL protected by multiple independant persons; even a country's President with the nuclear power forces cannot enact it only with his personal keys. He has the right to decide, but his security requires that his personal secrets are secured by other trusted people (that he has the right to choose using some long selection procedures).

AcesKaraoke
AcesKaraoke

Somehow I'm not seeing how Linux would've helped in this situation... If you, the actual honest-to-goodness user are being totured for the username and password (which you know, or they wouldn't be toruring you)... how would Linux password encryption, or any type of encryption, help? Nearly as effective as having physical access to the box is having coercive access to the user ('cept for the whole 'witness' thing)... If you are able to access the system, then your attackers could extract the info necessary to also gain access... short of biometrics (though they could even do that if they're not very sqeamish, or you are).