Guild Wars 2

Looks like this was fixed in a recent build. Password is now star-ed out.

Would be nice if they acknowledged the report.

I have multiple accounts, hence -password and -email.

Yes, doing this is extra risk, but a crash reporter sending the full command line without cleaning up fields it knows are sensitive is sloppy.

Also I would hope that Anet do NOT store my password. They should be storing a salted hash of my password (seems they bcrypt from reading the crash log), not the password itself.

Besides that, my login data would be on a secure system without general access, while a crash report would be send to their QA system. I expect the security levels of these two systems to be very different.

Not to mention there are plenty of cases of people pasting the crash logs to the official forums or reddit – if someone did that without realising the command line is included in the crash output it would be Very Bad.

As an aside, wonder if GW2 needs to comply with GDPR and what (if anything) Anet are doing about it.

My game client just crashed (Windows 10, 64 bit client), and I took a look at the details of the crash report and it included the full command line, which in my case includes -email and -password (for auto login). Sanitized output below:

Anet – please tell me your crash reporter does not send my password to you in plaintext?

*--> Crash <--*
Assertion: Validate(id) 
File: ..\..\..\Engine\Frame\FrMsg.cpp(604)
App: Gw2-64.exe 
Pid: 9600
Cmdline: -email user@domain.com -password <my_actual_password> -nopatchui
BaseAddr: 00007FF6A2820000
ProgramId: 101
Build: 78457
When: 2017-06-24T14:45:23Z 2017-06-25T00:45:23+10:00
Uptime:   0 days  2:09:37
Flags: 0

The problem is that the wildcard certificate that Anet are using for their cloudfront distribution d3jsmr1fz3257o has expired. Looks like they renewed their own hosted services, but forgot to update the AWS one.

Cert details are:

$ openssl x509 -text -noout -in guildwars2com.crt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:27:bd:fa:df:67:79
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2
        Validity
            Not Before: Apr 11 23:51:50 2014 GMT
            Not After : Apr 11 23:51:50 2017 GMT
        Subject: C=US, ST=Washington, L=Bellevue, O=ArenaNet, CN=*.guildwars2.com

Interested in this as well. I guess we can drive victory points by calculating the winners ourselves on the same time period, but I fear this is racy on close skirmishes (i.e. clock synch problem). Best would be if Anet provided the authoritative VPs directly.

WvW’s reset time will be changed to be 24 hours later in NA and EU. It will now occur on Saturdays instead of Fridays.

Could you please elaborate on why this is being done? Without some context it just seems to be a bad thing for OCX and SEA players.

I updated my game client today, post the feature patch, and attempted to log in. No luck. I get the generic “couldn’t login” page: http://imgur.com/now3862

Downloaded a fresh client, thinking something went wrong with the patch, but still the same issue.

I tried updating my Mac client, and it can log in fine. So it’s not a network / router thing.

I did some debugging, and it looks like the client is not talking to the login server correctly. Here is a tcpdump of the traffic:

http://pastie.org/9541895

The login server is returning a 400, so once again confirming it’s not a network problem.

ANet or community, any ideas?

Jessica Boettiger
WvW/PvP/Skills Principle QA

I think you mean Principal.

You’re welcome.

Any specific jewellery that you use on this build? I’m currently using the rabid karma set.

What jewels do you use? Exquisite Ruby Jewels for their crit damage? Or Exquisite Chrysocola Jewels for Condition?

Same problem here as well. Got the completion UI, but no achievement.

I completed the molten facility dungeon, got the reward popup, with XP etc, but the Living Story achievement (Rage Against The War Machine) did not update.

I got a screenshot of the dungeon end dialogue.

Anyone else run into this issue before? It’s been over an hour since I did the run, so it doesn’t look like some delay in processing. Also tried logging out, logging in different characters etc.

This bug is still going on. Could someone from Anet at leat acknowledge this? It’s stopping progress in my story.

Reported in game as well.