Вход
Регистрация
Разбито на слайды, под каждым и картинка, и то, что Сригс-Стилман говорили
Видео с ФФ
Слайд 1
Происшествия за последний год. LulzSec устроила на нас аттаку DDoS. В новых форумах кто-то такой хитрожопный нашёл способ замаскироваться под других юзеров и постить кагбэ от их имени. Ну и конечно же мы начали по-настоящему воевать с ботами. Товарищ с блога "The Nosy Gamer" собрал замечательную коллекцию слёз и гнева ботеров с различных ботофорумов.
Слайд 2
Изменения произошли в структуре компании вообще, и в частности так же в роли и структуре команды по обеспечению безопасности и защиты от всяких нехороших елементов. До 2010-го года толком ничего не было, собиралась "команда" как попало, что-то делала и разлеталась. Типа раз в год собрались ГМы и т.д., забанили 10 тыщ человек, погладили себя по головке и разошлись на год или даже больше. Это было неплохо конечно, но хотелось бы постоянного такого эффекта, а не весьма и весьма эпизодического. Для этого в 2010 году начали собирать команду для постоянной поддержки секьюрити, но толком до конца 2011-го года ничего не вышло (в особенности с учётом полной реорганизации компании ближе к концу года). Но зато была создана настоящая эффективная группа, и размером побольше чем раньше, и самое главное, полностью направлена на вопросы типа боты, секьюрити и т.д.. Боты и общая безопасность--это тесно связаные задачи, в обоих дело заключается в охоте за теми, кто вредит игре и игрокам.
Слайд 3
В нашей команде сейчас четверо. Я, CCP Sreegs--Секьюрити Папко, типа начальник. CCP Stillman--эксперт по оценке уязвимоасти програм и технологий (например, его задача сделать так, что некоторые вышеуказаные хитрожопы не могли устроить беспредел на форуме маскируясь под других пользователей). И ещё двое--это аналитики внутренних дел, они помогают с расследованиями. Стоит заметить, что тут совершенно без разницы, на каком уровне находится какая-то проблема безопасности. Что бот, что хакер, что нехороший дев, всё это касается в первую очередь нас, отсюда уже начинаются дальнейшие разборки.
Слайд 4
Хочу добавить, что теперь мы активно занимаемся вопросами РМТ. Ещё раз отмечу, что фокус на ботах и РМТ не идёт взамен другим обязанностям тех, у кого задача в обеспечении секьюрити для игры и игроков. Просто вдобавок ко всему теперь ещё и РМТ.
Слайд 5
Боты в 2011. Сделали програмы и скрипты по автоматическому поиску ботов в игре, это более эффективно (по-моему) чем если кто-то будет сидеть и ручками жмякать мышкой, следить вручную за каждым подозрительным игроком. Система предупреждения игроков обвиненных в ботоводстве это немного спорно для некоторых, именно для тех, у кого мнение типа "бот = бан сразу и навсегда". Я ботов тоже не люблю, но считаю, что предупреждения работают лучше, когда два раза дают шанс исправиться, и только на третий в пермабан. Заметили, что рецидивизм составляет всего 8.5%. Всё же лучше, если, в случае когда игрок не совсем уж бессовестный, он подумает и решит продолжать играть, но по-честному, без нарушения правил. Ведь в Еве каждый друг другу помогает как может, да? гыыыы. А вообще, естественно, чем меньше ботов, тем лучше жизнь. Они отбирают ресурсы, которые нужны нормальным игрокам, так как средний бот активнее среднего игрока и занимает больше "места" на сервере. Хочу сразу сказать, что вопрос о том, что боты--хорошо потому, что они нам платят деньги, у нас вообще не стоит. Нам важны живые, нормальные люди ради которых мы стараемся, а боты--зло, которое только отбирает у всех СPU и фан.
Слайд 6
В 2012 мы вернулись к использованию и улучшению уже разработаных подходов к изничтожению ботов. Stillman вам всё наглядно покажет в виде таблиц и графиков.
Слайд 7
Вот картиночка спец для Стилмана. Туманность похожа на динозавра.
Слайд 8
Сригс уже сказал, что баны ботов освобождают кучу ресурсов на сервере для живых игроков, это одно уже замечательно. Вот график, на котором можно рассмотреть эффекты ботов на сервере, до и после банов. Жёлтая черта--в это время было забанено много-премного ботов, красная полоса--нагрузка на сервер до банов. Как видите, после жёлтой черты стало больше свободного места. Причин здесь несколько. Во-первых, средний бот более активен, чем человек, больше чего делает за онлайн, и делает это зачастую постоянно. Во-вторых, есть куча криво написаных ботов которые работают не очень-то оптимально. Например, они спамят команды серверу хотя кроме того, что это пожирает больше ресурсов, толку от этого нет. Меньше ботонарода--больше кислорода.
Слайд 9
Ещё боты часто спамят логин даже когда забанены. Пытаются залогиниться считаю что сервер просто недоступен из-за ДТ или ещё чего. Смишно, сидят и тупо логинются безрезультатно. Например, красная стрелочка показывает ошалевшие 30тыщ попыток залогиниться. Так кстати мы удостоверили ботность одной группы, которую забанил наблюдательный ГМ. Жёлтая стрелочка--попытки 7-ми ботов залогиниться. Явно, что живой человек так тупо не стал бы спамить логин.
Слайд 10
Распределение скилпойнтов у забаненых ботов. Как видите, у большинства довольно мало СП, где-то около 20-ти милионов. В основном потому, что часто приходится палить персов и заводить новых, банят же иногда. Обратите внимание на одного игрока с 140КК СП. Ёп. Ну, нечего было ботоводить…
Слайд 11
Вот где водятся боты. В Калдарии их больше всего, а в нулях относительно мало. Пока неясно, либо причина в том, что в нулях всё-таки не так уж и много ботов, либо они просто прячутся лучше.
Слайд 12
А вот кто ботоводит, разборка на алли. Только без названий
Специально, конечно же. Вывод такой, что есть конечно же выдающиеся ботоводы, но вообще-то ботят очень и очень многие алли. Пальцами тыкать потише.
Слайд 13
Кораблики-любимцы ботов. Интересно, чтоТеньга является самым популярным шипом для ботов (напоминаю, что у большинства не более примерно 20КК СП). То есть, скилы для эффективного Теньговождения особо какие не нужны, по-сравнению с КНР например. И ещё заметил, что примерно 1% ботов летают на Никсах. Жаль все остальные 99%! И еще 1% на Магнатах, вот уж ума не приложу зачем!
Слайд 14
Интересные наблюдения если рассмотреть как игроки делают миски. Например 24-го января резко упало количество миссий. Почему? А потому, что вышел патч который временно сломал кучу ботов, вот и остались в основном живые игроки. Жёлтая стрелочка--первая волна банов в 2012 году, тоже заметно упало количество выполняемых мисок. Зелёная стрелочка--вышел лаунчер, который тоже многим ботам подгадил.
Слайд 15
Примерно то же самое отслеживается и для баунти. Зелёная стрелочка--первые баны 2012-го года, значительное уменьшения вливания исок в игру, красная--патч который поломал ботов на пару дней. Интересно, что после нескольких регулярных банов после выпуска лаунчера количество исок вливаемых через баунти уменьшилось и уже не вернулось к начальному уровню на этом графике.
Слайд 16
Здесь примерно то же самое, что и с баунти
Слайд 17
На этом графике указана руда, выкопаная в игре (ботами и не ботами). Опять же, ползёт вверх и вдруг внезапно хлопается. Как и догадались, всё дело в банах и патчах. После последних банов количество выкопаной руды значительно уменьшилось, и по замечанием настоящих живых майнеров в импе это очень даже заметно им.
Слайд 18
А это очень интересный график активности лучшего майнера в игре. Только о-па, что-то он перестал совсем работать в период банов, обозначеный чёрной полосой (тут линия должна в принципе прерываться, но так уж график построился). Оказалось, что лучший манйер в игре это бот. Жаль!
Слайд 19
Не помню, почему выбрал эту картинку
Слайд 20
Позорное клеймо для ботов. Лично я считаю, что это излишне и толку от этого не будет. Получится только срач по поводу "весь этот алли--ботоводы", и т.д. Поэтому мы не клеймим обнаруженных ботов, пользы игре никакой. НО! Я не на сто процентов уверен в том, что это правильное решение, поэтому у вас будет возможность убедить меня. Я открою какой-нибудь тред на оффоруме или напишу блог по этому поводу, и вы сможете поделиться своими мнениями и доводами. Вполне возможно, что если на самом деле будет очевидна польза от такой системы, то мы что-то подобное сделаем. А пока… как например не было на графике алли-ботоводов тикеров, так и не будет. А то начнётся тыканье пальцами друг в друга, обзывательства, всякий срач и т.д.
Слайд 21
Изменения в подходе к ботам. Основное заключается в том, что персов теперь с акков, получивших хоть один бан за ботоводство, теперь легальным способом не продать. До этого можно было сколько угодно палиться и просто передавать персов, покупая или делая при этом новых, и ботить до бесконечности. Ещё, боты теперь банятся ежедневно, а не раз в год или в месяц. То есть, пусть ботоводы каждый день просыпаются и боятся, что это их последний день без банана. И начиная с прошлой недели мы стали отбирать иски у ботов. Сколько наботил--столько же у тебя сняли с валета, тю-тю. То же самое относится к РМТшникам и всем, кто с ними связаны хоть каким образом. Все нечестно заработаные денюжки теперь отбираются и смываются в унитаз, откуда обратной дороги нет. Даже если вы покупали иски за деньги у левых торговцев в течении трёх или пяти там лет и вас до сих пор не тронули, не волнуйтесь, достанем и отберём все эти иски и у вас, и у ваших партнёров. Бежать некуда, это вопрос времени теперь. У майн-ботов будет отниматься сумма исков равная накопанному. В дальнейших планах отнимать помимо бабла ещё и барахло, тетанчики всякие там. Покупайте плекс.
Слайд 22
Изменения по подтверждению ваших данных при логине, защита от хакеров и т.п.. Пока ничего толком не сделано, здесь просто много слов
И да, при регистрации желательно использовать нормальный адрес, в июле где-то начнём подтверждение и адресов, и других личных данных.
Слайд 23
Много чего ещё есть о чём пока рано говорить, в основном в борьбе с РМТ. Здесь совсем серьёзно, без предупреждений сразу смерть аккам (всем аккам РМТшника, которые всплывут), отбирается бабло у всех причастных, и вообще все участники будут плакать, желательно. Не покупайте иски кроме как через плекс, не берите денег взаймы у подозрительных "богачей", и вообще осторожно с исками, а то останетесь в лучшем случае в глубоком минусе на валете. Это просто не стоит последствий. Мы вас найдем в конце концов если есть, за что наказывать.
Слайд 24
Вопросы-ответы
В общем, если вас поймают как ботовода-РМТшника, то отберут всё, даже если попытаетесь спрятать фигню в контах, ангарах, у со-корпов и со-аллийцев.
Ещё вопрос про нехорошие алли-корпы вормхольные, которые инжектом занимаются для составления карты, типа, чё с ними будете делать
(имена-названия не указаны). Ответ: ну короче инжект--очень плохо, пермабан с первого раза. За "иформацию" об инжекто-юзарах намёком обещано что-то положительное.Чат спам ботов будут бить, но Сригс заметил, что их он как настоящих ботов не считает. Но всё равно обещал почистить Житу.
Маркет-ботов будут продолжать бить и улучшать способы по их определению. Это конечно радует, маркет-пвп против ботов это геморр.
Вот транскрипт видео с ФФ по теме секьюрити, боты, баны, РМТ и прочее, "оригинал" типа, инглиш, перевод выше, а это так, для справки кагбэ. Запись довольно дословная, некоторые вещи подчищены, но в основном--где криво было сказано, там и криво написано точно так же
Устная речь такая устная речь, да.Видео с ФФ
СОВ СЕКРЕТНО
Slide 1
We did have a little bit of a busy year. I'm going to go over some of what we see up here. In the upper left we had earlier this year a series of denial of service attacks by a group known as LulzSec. They hit us 2 days in a row, we made some changes and then they decided they wanted to play instead of making it not work, so we no longer had that problem. we had some issues with some data walking out the door that shouldn't have. a really creative individual figured out how to change some numbers in a cookie thereby completely becoming someone else on a forum which has lead to some internal changes. and then we actually had our kick-off initially a little earlier in the year in a war on botting. A gentleman forum poster by the name of "butt" was not very fond of something we had done, and a gentleman who i believe is in the audience if i read correctly who writes a blog called "the nosy gamer" had been following it fairly closely. he's written some really nice things but one of the things I really appreciated the most about the writing that he had done was that he spent a lot of time on botting sites, cutting and pasting all the juiciest of the angry comments. It's worth a read if you get a chance. I'm not getting paid to plug somebody's blog but it was really worth it. And also if you do searches it's interesting, he's one of the first hits that comes up in relation to this stuff so i was pretty pleased to at least see the attention it was being given.
Slide 2
One of the things that happened this year as well is we've kind of changed the way we do business at ccp from a security perspective. prior to 2010 it was kind of an ad hoc thing, it wasn't really anything we were doing in a dedicated fashion. i think what we did have done was gm's and customer support staff spending some time building up big campaigns like you remember "unholy rage" and some of the others where what we would do was we would kinda wait and catch a whole bunch of guys through whatever mechanisms and then we'd ban like 10000 people at once and be like "yeah, high five". i think that over the long run, while i think those were really cool and people really liked them and we did see some of the performance metrics work the way that we're going to see them work when you look at some of our numbers, i think that what we ended up with is a whole bunch of bumps, and what we'd really like to see is something that's a lot flatter where we're changing behavior over long term, not making people's day a little hard once a year. In 2010 they hired myself and someone else. I've spoken about this before, but for those of you who don't know, we formed an internal task force specifically to essentially write a lot of the things we're utilizing now. It was a group of people that was essentially just meant to deal with the problem of botting. So internally we would get together, we would have a meeting. Expcept mine really, it wasn't any of our day job, it was just something that had to be done and we were given the time to focus on that. That went pretty well and then somebody said "Hey, we should really focus on this and make a team that's just dedicated to handling these issues", and then our re-organization happened and the team kinda wasn't there for a little bit and then was back. So it was part of the re-organization, we now actually have a larger team that's complete mandate as far as the EVE project and the company is concerned is only to deal with security issues. Security issues from our perspective extend beyond things like infrastructure hardening and firewalls and all those fancy security things, but I believe that they also extend to the RMT and botting situation. I think that that's a security problem. Catching bad guys is catching bad guys, I don't see it as a customer service thing.
Slide 3
Right now the Security Team is four people. Me, I'm the Security Dad which is a creepy way of saying whatever I really am, I think it's "product owner". Then we have CCP Stillman which is what I would consider an application vulnerability expert, so we're dealing with things like analyzing web applications before they go out the door to make sure you can't change a number and become someone else on the internet and actually the EVE client as well, there's some things that need to be looked at there. So we're getting to a position where we're, over time, spending more time hardening our applications the way we should be. And then our two IA analysts who've moved over as well, they help with investigations and that activity, so, bad guys doing bad things. An investigation for the most part, when you're trying to catch someone doing something they don't want you to know they are doing, whether they are a bad guy who's doing evil things on the internet or whether they are a guy who's working for your company doing evil things; whether they are an internal or external threat, finding them is essentially the same skillset. So what we do is kind of combine that and leverage that already existing investigative tool set in order to do a better job.
Slide 4
One of the things I haven't mentioned is that we also have a focus on RMT and we'll touch on that a little bit today when we talk a little bit about some of the changes we made to what we're doing with botting as well that I saved just for this special occasion for all you fine people. We're still tasked with handling internal investigations so if you send an e-mail to Internal Affairs, it still goes to Internal Affairs, they still do the same job, there's just a little more responsibiity in some areas.
Slide 5
Botting 2011, so this is last year I hope. ESTF was the small task force that was introduced to build detection mechanisms for catching people doing bad things. Instead of having a person actually actively tasked with following people around and using some kind of magic barometer for determining whether or not that person is a computer program or a person, we have developed and leveraged other methods. I don't think having a person there sitting and clicking on something is the most efficient way to determine whether activity is happening beyond the scope of what it should be. The three strike rule... Some people really hate bots, and I don't disagree with them, and some of you who are perhaps here are a little vocal about that three strike rule and say "just ban them all the first time". Whether I have the graph or not, I don't recall, but our numbers do show that at least in the original instance of the detections when we started them earlier in the year, we were only seeing an 8.5% recidivism rate, which means that while I agree that these people are doing bad things and they are having a negative impact on the game itself when they are originally doing the botting, if we can take them and convert them into a good person (-lololol-), then I think we all win. It's more people doing good things in good ways. What's an EVE player if not someone to help his brother along, right? (-j/k lololol-) We did see some sharp reductions in activity, Stillman will show us some of the graphs related to that, but essentially the fewer botters there are in pretty much every way, including server resources, the fewer botters there are, the more stuff there's for you guys. If we don't have bots running, you can have bigger fleet fights, there's more CPU available for things like that. So there's a lot of reasons for us to do that, a lot of people ask sometimes or theorize sometimes like "this guy that's running a 7-bot farm, he's paying his subscription, so (CCP) don't want to ban him, (CCP) just like money so much!" I do like money, I like it a lot, but the fact of the matter is, they are utilizing more than their reasonable share of stuff and so it is worth it to us. If you're trying to have a fight and it's laggy due to CPU issues, we find that 10% of that is devoted to people who are botting, we'd rather give that 10% to you, that's a better experience. I'd give you all of my CPU if I could. (-dawwwww-)
Slide 6
2012, we've reinstituted in the past... x number of weeks, i don't remember exactly, some of the mechanisms we had. We tuned them a little bit. I'm going to let Stillman talk about some of the numbers because you guys really love graphs and stuff, and I'm gonna come back and I'm gonna explain a little bit about how we've changed what it is we're doing and how the punitive actions are being adjusted and things of that nature.
Slide 7
So I've put a picture here just for Stillman, I found this on reddit the other day. If you're not familiar with the original picture, there's a dinosaur walking on the moon, a t-rex, and this nebula just happens to look exactly like that, so. With that I'll turn it over to Stillman.
Slide 8
So as Sreegs discussed, one of the things we've noticed really quickly when we start banning people we see a pretty sharp decrease in the CPU load on our service, which means that there's more of it for you guys. On the left axis you can see it is an arbitrary metric as far as I understand, but it gives a good idea about the load per user and you can see it goes from the red line and then we have the yellow line which means that's where we've banned a lot of players, that was the first strike we did as of this round of bannings. We see a drop of by about 6 of the total server load per user. Several reasons for this as I said. Bots are much more active, there's a lot of really bad bot codes as we've seen lately where they will try and spam commands thinking that it makes a difference; it doesn't actually. And then we can see also from the graph that on the weekends where you have the spikes at the top, we do see load actually increase on the cluster which is because on the weekends of course you guys are playing more which is the legitimate traffic load that goes on.
Slide 9
Another thing we see is that when you authenticate to the cluster it will check if you're active or not. If you're banned then you're not active which means that we have really funky things like this where you can see for instance here (red arrow), this was the first wave of bans we did and you can see you have some 30,000 attempts of connecting. And again this is just poorly coded bots so will try to re-authenticate thinking that well if they don't get in, it's because the cluster is still down or it's still coming up from downtime and they will keep authenticating and we can sort of sit there and laugh at them, connecting and it's getting nowhere. Another funny thing we have here (yellow arrow), and it's actually not anything to do with what we did, turns out to be we have found as a result of a big bot farm we banned, a GM, a very clever GM, went and saw and we have another one over here, we failed to connect the dots with, they banned that group and suddenly these 20 accounts, they started completely spamming the cluster with connect attempts which didn't actually get them very far, which is a shame for those guys.
Slide 10
In terms of the people we banned, you can see the distribution they have according to skill points on their main character account we banned. As we would expect, a lot of these people are low skill points. We do have a bit of a spike in terms of skill points, we have a 140mil SP character I feel sorry for, but he probably shouldn't have botted. But a lot of the characters are below of about 20, that's a majority. That's often because they recycle characters, because we catch them once in a while, so they don't have time to skill up which is good, and it increases the barrier to entry which is always nice.
Slide 11
In terms of where these guys are botting, you can see The Forge is a pretty popular area, as is the Citadel and Lonetrek, it's all the northern parts of high sec areas. We do see some 0.0 regions, but it's the minority basically. Which suggests that either the 0.0 are more clever than empire guys, or they're just not botting very much in 0.0.
Slide 12
In terms of alliances (-boohissawwwwaudience-) ... We seem to have a few alliances that account for a large portion but actually what we're finding is that while there's some people that stick out, the distribution is actually fairly even once you get into it. There are some less known alliances, and it's really hard to say like "The Russians are bad people" because it's really not what we're seeing.
Slide 13
Another interesting thing, and this connects back to skillpoints. The majority of the people are low skillpoints, but what we're also seeing when we look at the ships they are flying is that actually the Tengu is the most popular ship which I find interesting in that it seems like the requirements for flying a Tengu effectively for ratting and mission running seem to be lower than for instance than the Raven Navy Issue. I mean it's not like these guys have a problem with ISK, but they seem to prefer the Tengu which is very interesting (IB4 NERF TENGU). And one interesting thing I noticed was the Nyx. It seems like 1% of botters actually use the Nyx and the 99% doesn't (-audiencelawl-). So sad. And then again 1% use Magnates, don't know why..!
Slide 14
So we can look at some things like the missions that are run, we see a couple of interesting things. The Crucible, we had a lot of people who had to patch and such things, so we see a lot of activity around there, we have the random spikes, that's for weekends and things like that. And we have this thing here, which is January 24th (red arrow). January 24th we put out a small incremental patch. The interesting thing about that one was that we made some changes to the python binaries we ship, where these guys had a bit of trouble figuring out what's going on because we did some changes. As you can see it didn't really last more than a couple of days until everyone patched up to the newest injection tools and whatnot, but it was a bump in the road and we can see it had a certain impact. Next of that sort of thing was this one (yellow arrow), that was the first wave of bans we did in 2012, which is continuing. You can see the activity going from there, it was kind of going up for a while, it dips to a lower level, you can see it actually has an impact in terms of, we catch a bunch of guys, the graphs correlate to lower activity. And then we had this one here (green arrow), this was actually just the launcher shipping which these bots didn't deal very well with.
Slide 15
So we see the same here, ISK bounties that are given out (red arrow), we do have the patch that broke a bunch of bots for a couple days, then we have the first ban wave (green arrow) which put a big dent in the ISK that goes into the economy, and again we have the launch (..?). So again we have the launcher which is the dip, and then we see you assume they come back very shortly after but actually what we're seeing is the day after as well, we put out a bunch of bans and it didn't recover to the full level of activity we saw before that, which suggests that we did something.
Slide 16
We see the same thing going on here, we have dips when we ban people and we have high activity on the weekends from, we assume, you guys playing.
Slide 17
This graph is kind of funny to look at. What this is is ore mined and each individual line represents a type of ore. what we can see is that we had a steady increase from early January this year until the arrow. The arrow is when we started with the new banning system that we have and we can see from then that this is grouped by week and it's the relative amount across time and you can see it's a pretty steady decrease in terms of the ore mined which means--and this is actually one of the feedback things we saw from the forum--that people are actually able to find ore in Empire which is nice for the people who want to mine in Empire. The bots aren't taking it all up instantly after downtime which leaves players to do fun stuff.
Slide 18
We have a graph, activity across people and things like that, and this is one of the interesting things I saw when I was just looking for what kind of data we have. This is one of our top miners we have in the game, and the interesting thing that you might be able to see, which isn't that clearly presented because it's a continuous line… But actually it's discontinuous right there (black segment on graph), which means it actually was a bot which is a shame because I really thought that people really like mining. It's not like that. And back to Sreegs.
Slide 19
I don't remember why I picked this picture.
Slide 20
Scarlet letters. For those of you who are not fervent readers like myself, what a scarlet letter refers to is a novel, and I'm probably going to get it wrong becaus I looked it up on the Internet or something. But the "scarlet letter" is actually a novel about a woman who does something naughty and has to wear a scarlet letter so that everyone knows she's naughty, and this was a way to punish them in those days. In this particular case people ask questions like why don't we, when we catch someone botting, why don't we just put a mark on their account for everyone to see and kind of put them in stockades in the town square and whatever, you can all come and throw tomatoes at them. There's a couple reasons for that, and one of them is that I'm not convinced that would be at all helpful. Going through these slides, it is a discussion we have internally, and the only benefit that I can see to actually naming and shaming people, whether it be an alliance… I apologize that the words fell off that particular graph, but were that filled in, those are real numbers, I don't really see a benefit to anybody other than "I'm really mad at someone and I can now use this as a way to go after them outside of the scope of what it is". Now, that's not to say that I'm a really firm believer in it, so what I'm asking for today is, if this is something that interests you, send us an e-mail, post on the forums, I'll try to maybe make a blog and give a thread that makes sense, or maybe I'll just make a forum post so it's a place where we can at least manage the thread a little bit, and I want your ideas and your reasons for why this should be this way because, frankly, this is all I've been able to come up with, and I don't really see it having an impact for anything other than "that alliance is a bunch of jerks and look, they had seven guys who did something bad". I don't see what that does to solve the actual problem, it's kind of what I'm getting at. But I can be convinced. Also, bribed, maybe. So let's chat.
Slide 21
These are our new botting changes. So there are some things that we did recently. One of the things we noticed when we did the last iterations of the botting stuff was that… and it was a theory that players called out immediately, so it's not like we weren't paying attention. What people would do is they would realize we would put a mark on the account so they would transfer the character, then we would in theory lose track of the character and they would be back in business. So the theory was if you were the worst of the worst type of guys you would essentially be able to be in a constant state of your first strike. It would cost you twenty bucks every time you got one, or whatever the cost of the character transfer is, but you could do that conceivably. That doesn't happen anymore. If you're caught botting, whether it's a first strike, second strike or whatever, you would have foregone your transferring character privileges in perpetuity. So the first time that account gets marked, you can't move the character. You could always break the rules and give someone your login and try something that way, but the legal method for transferring characters will no longer be possible.
This is new stuff for you guys, I think. Bannings are done daily. If they are not done daily today, they will be in the next week or two. In essence what that means is, instead of there being a magical day when everyone is really upset, it should be every day. And in essence what we'll have is, I want to get away from this idea that there might be a window whether they know what it is or not, where you're somehow still profitable. I want to kind of remove that. This will be a daily thing if you screw around one day you're gone the next. So again, I don't like the idea of these big "Moses coming down from the mountain" events. It should be a process, it should be something that's repeated, should be something that's fairly automated and it should work. Just going "bam" and banning two thousand people I don't think historically was shown by anybody as having been all that successful.
Starting like last week, we're also taking away all the money (-audienceclappityclap-). What we've started running is, we've engineered a way to… part of what we're doing with our detection is sorting out how much money was gained from it and then that's going back away. So right now what we're seeing is a whole lot of ISK being manufactured out of mid-air, kind of injected into the economy. That's bad. I don't know anything about money, no more than Alan Greenspan at any rate, so the best I can do is listen to the economist and believe that that's bad. Printing money--not a good thing unless you're the fed. So what we're going to do is, we'll reverse all that, and the same thing goes for RMT. If we find a ring and something else is going on we're going to reverse it. The timings and things of that nature may not be spot on immediately… In other words, if someone's been buying ISK for twenty years or whatever period of time works, their wallet is probably not going to go in a negative trillion, but there will be a day when we'll say that this is… the amnesty ended, which has already passed, and we're going to start removing income from wherever it came from whenever it shouldn't have. That happens in perpetuity. And that applies to income made from botting and income made from RMT. With botting, I know what you're thinking: how do you handle mining? Because it's mining and it's not ISK. What we're actually doing is we're calculating the ISK value of the ore and so we'll just negative your wallet, we're not going to waste our time trying to find all your ore stashes.
Slide 22
This is two factor authentication. Some of you were here last year, and if you were here last year, you might have gotten a (security token) that you push and it doesn't work on your account. That's changing. I want to do two things for you. I want to tell you when it's going to start working, and I'll also give you an explanation in a second for why it took so long, there were some issues we weren't quite ready for. One of those is the fact that, as great as EVE is and as much as we keep it fresh and everything else, some of the infrastructure and some of the ways we handle things didn't quite work the way it would work if we were sitting in a room, designing a game today. There were some changes that we needed to make to the way we handle identification, and there were some changes we needed to make from just the way we authorize, like the way we handle the authentication process anyway. Simply taking it and plugging in some magic box that magically now makes your EVE client work with a piece of plastic with a number on it provided by Vasco to log into your account… that secret box doesn't exist for software this complex. So we had to make some changes in the way we're handling authentication routines and things of that nature in order to make that even possible. The other thing that we don't have today which I always found interesting is that we don't actually validate any of the identifying information you give us when you create an account. If you're not validating any information that you provide me when you give me an account, it makes it very difficult for me to give you a magic device that makes it really hard to get into your account. So what we've had to do is go through and very shortly we're going to be essentially validating e-mail addresses on every single EVE account. That will be compulsory whether you get a token or not. Token's still optional, validating an e-mail address is not so much. And in this particular case that's just to make life easier for you. If you lose your token, how do I communicate with you? It's a little difficult. Believe it or not, I'm not creepily following you around all night. We're looking at a time frame of July-ish for this to be working. There might be another slide at the keynote that will be more serious. If I put a date down I'm kind of making it up "educatedly" if that's a word.
Slide 23
We've established some early really interesting things that we're not ready to show you yet, but as far as some things that we're doing to help us identify in the long term patterns of real money trade related activity… This is kind of a fluff slide because basically all I'm going to do is tell you it's really cool. There's no three strikes rule for RMT, you're just dead immediately. You and anybody you associate with and "everyone eats dirt" means all money comes away. If you buy ISK from someone, I'm taking your money away and I don't really have a whole lot of pity for that because you could just buy PLEX. So there's really no reason. And when you look at the margins, the things that I'm seeing is people are really chintzing in a lot of cases, and the risk that you take in doing that, it will become more apparent very near in the future. The risk is significant and one thing that people seem to not recognize is the fact that computers have this ability to actually exist in multiple points in time. If you buy ISK from someone 3 months ago, I can still find that, it's not your bank, they don't lose everything; it exists and I can figure this out. People should be cognizant of that. Because you haven't been tagged and you bought something two weeks ago, there's no such thing as a bank error in your favor, it's not Monopoly. It'll come back to get you.
Slide 24
And now I have some Q&A because I'm sure you have some, I tried to save plenty of time.
Q1: CSM Krutoj; this is not Alcoholics Anonymous, is it? I've been banned for RMT and have to go back to what we discussed on CSM. You said that RMT, well, botters will be banned, and all the ISK removed, right? What about all the assets that they have, POSes, all that stuff? For example in Drone Regions, if you change it to bounties, they have alloys in their corporate hangars and stuff, what happens to all of that?
A1: We still have to make a decision as far as how far back in the timeline we go with it. I mean what's bad is already what's bad, what we can do is fix a problem going forward. What I will tell you is that when look at a situation from a point in time where we are willing to action, that if you've hidden your investments in an alliance or a corporation I don't see anything different. That'll go away. Whether I'll go back and retroactively destroy alliances because we didn't catch them a year ago--I sincerely doubt, I'll be a realist about it. That damage is done. But going forward, if I do see an organization where you're clearly doing bad, then I have no problem taking the assets instead of the money. Also, that's more work and I'm more likely to be angry while I do it, so…
Q2: My question is about the red mark of shame. You said you wanted a good reason to allow it. How about allowing CEOs to protect their corps by knowing that the person applying to them has a mark against them?
A2: That is one thing that I considered in the discussion, and it's not really a question I can answer right now purely because I agree with you, and it makes sense, and if I was a CEO, that would be a tool that I might think would be useful, but what I'd really like to do with that particular question is have a really good thread about it and get a lot of different perspectives.
Q3: Two things. First, I don't know if you mentioned, did you mention anything about an iPhone app or anything?
A3: No… One thing that one can assume is that if we're going to be doing to be doing what other people in the industry are doing with two-factor authentication that we would at the very least try to "keep up with the Joneses". That's not a promise, it's common sense. I don't have an app right now.
Q4: You mentioned taking away assets, or giving those assets an ISK value, like minerals and stuff. Is it just going to be straight negative ISK? What about the guys that are buying PLEXes, and then jet canning them, and then switching them to another account and then selling said PLEXes?
A4: Assets are assets. We know what they are doing and those are their assets, so assets get seized. Essentially what I'm going to do is I'm going to find a place where I can make you feel the most pain, and that's where we'll remove it from.
Q5: I had two questions. One is really simple, are you going to do anything about Jita local spam? I know that no one cares about it, but there's obvious botters doing it every thirty seconds, posting whatever.
A5: Everyone asked about it, I think we also have a "report spam" button that… it does work. There may be some issues with timing for a little while, but my understanding is that first off there's people that are recognizing that there's a lot of chat in Jita local. It's been recognized and we've been looking at it. What that looks like today I'm not really sure because I don't really consider chat spam botting, but there is something to handle that problem, that system was recognized to not be catching some stuff that it should have, so that's being tweaked a little bit. The best thing you can do is report the spam because that's how that logic gets built.
(CCP Stillman chimes in)
I should mention something about that. The "Report ISK Seller" button, only use it for actual ISK spammers, not for scammers. If you see a scammer repeteadly do things, they are either a botter so report for bot, or file a petition. The ISK spammers, we only look at actual ISK spammers, we'll ignore every other report.
Q6: The other question was associated with breaking authentication and authorization concert. Currently the EVE client goes ahead and authenticates you when you first log in, but then you're kind of authorized to use these characters. Are they ever going to go ahead and break these two into two different pieces so that way when you want to switch characters, you need to authenticate again, as yourself.
A6: I couldn't speak to that right now. It's a good question, and I'm sure we're recording and I really like to watch myself in videos so I won't forget and I'll try to find an answer for you.
Q7: Are you doing something about market bots? Some of them are freaking annoying.
A7: What you saw if you followed the thread when we did the dev blog about this, people really actually noticed right away, like "wow, what did you do because the market is so much not poopy today". What we did find is that essentially ten market bots made the market bad for a lot of people. Yes, we are catching market bots. We may have to work on some things to make that more efficient.
Q8: I run a few websites and one thing we do when people spam and stuff is when they log in, they can still log in and do stuff, but nothing they do is visible, so they think they are spamming our site, and all their code and everything is working just fine, and they can go for weeks and weeks and weeks thinking that they are posting millions of comments, but none of that actually happened. Why in EVE can't you send them off to Sisi or…
A8: In a way, without getting into too much detail, that's kind of how chat spam works.
Q8: Chat spam works, but how about like the bots? They are working and months later, look, I have trillions of ISK but I can't do anything with it.
A8: re-routing them in that particular way is not something that I see as feasible, spoofing function calls and things of that nature to make the client think it's still talking to a server… It's interesting and I'll give it some thought.
Q9: I have a question not about botting or RMT, but about some other injection into the client. It's widely known that wormhole corporations and alliances uses some additions to the EVE client that helped them build… They have a current alliance wormhole map with roads from one wormhole to another. Do you do something about it?
A9: Injection, we consider it as much of a problem as anything else, it's just a method of doing something we don't want you to be doing, and there are no three strikes when it comes to injection that's altering the client as permanent. What we'd be doing in any specific instance I couldn't speak to. If you have information and you feel we're missing something, anyone in this room can send a "not really anonymous but I'm the only one who reads it" e-mail to security@ccpgames. Try to keep it clean and I'll look into whatever it is you feel is going on.
Q10: In security systems where you have a small number of violators, percent-wise, false positives are a pretty significant issue. Do you have a way of figuring out your false positive rates? Out of curiosity, can you tell what they are?
Q10: One person, one person in the past year. I'll give a caveat to that. Everybody in prison is innocent, so you do have to take it with a grain of salt, but we have run into one… actually, it might be two now, situations where SkyNet went self-aware and snagged two people. To be honest with you, we really do take that seriously, and we do dig into it, and in cases where you've lost time or effort or whatever else, we take care of that as well. So you don't have to worry about my crazy script killing you from the server and me eating fifteen dollars of your cash.
Q11: This is actually for your statistics guy over here. He came up with some very sexy pie charts, some of them were lacking maybe a little bit of detail around alliance names, but something maybe a little bit better than names since in this case people can't get too ragey. Would you be able to show by country where you have banned these individuals from?
A11: Yes, we would be able to show that… You can bring that up in the name and shame thread that I'll make because I find it interesting, but I'm not sure. I think that those fall along the same lines as… really, all i'm giving you is a metagaming thing like "Americans suck, you bot too much, fatso's" What you're giving people is the capacity to ostracize an entire nation.
Q12: If we could get something broken down by type of botting, mission running, anomalies…
A12: That we have, I'm surprised it wasn't on here. We'll make a dev blog and based on these questions include some of this stuff.
Сообщение отредактировал Miriena: 06 April 2012 - 23:58
Наверх
