These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Information Portal

 
  • Topic is locked indefinitely.
Previous page123Next page
 

Dev Blog: This is (Team) Security!

First post First post
Author
Previous Topic Next Topic
stoicfaux
#21 - 2014-04-09 23:52:55 UTC
So if I sell my watch isk for WoW gold to buy my wife a brush mount in WoW and my wife sells her gold gold to buy my character a watch chain monocle, Team Security could leave us both disappointed?

Pon Farr Memorial: once every 7 years, all the carebears in high-sec must PvP or they will be temp-banned.
Era Gray
Republic Military School
Minmatar Republic
#22 - 2014-04-10 00:12:39 UTC
CCP Eterne wrote:
Security is very important to CCP. Our Security Team does a lot of things, such as targeting evil RMTers and botters and making sure they don't negatively impact EVE Online. It's been a while since their last dev blog and the team has undergone many changes since. CCP Bugartist, the Director of Information Security, comes forward with this new dev blog to update everyone on what's going on on the security front!


Great, so I guess you guys found time to write this dev blog while fixing that OpenSSL heartbleed bug, right?
Antihrist Pripravnik
Scorpion Road Industry
#23 - 2014-04-10 06:41:58 UTC
Era Gray wrote:
CCP Eterne wrote:
Security is very important to CCP. Our Security Team does a lot of things, such as targeting evil RMTers and botters and making sure they don't negatively impact EVE Online. It's been a while since their last dev blog and the team has undergone many changes since. CCP Bugartist, the Director of Information Security, comes forward with this new dev blog to update everyone on what's going on on the security front!


Great, so I guess you guys found time to write this dev blog while fixing that OpenSSL heartbleed bug, right?


They don't need to as Eve is not using OpenSSL.

Anyway, thanks for the dev blog. It's nice to hear from the security team(s) when there is actually no big threat Smile

I just have one question... does bot hunting ever look something like this?Cool
Efraya
V0LTA
WE FORM V0LTA
#24 - 2014-04-10 08:06:19 UTC
Security team of my heart.

[b][center]WSpace; Dead space.[/center] [center]Lady Spank for forum mod[/center][/b]
Prince Kobol
#25 - 2014-04-10 10:04:29 UTC  |  Edited by: ISD Ezwal
Angry Mustache wrote:
contrary to what others might think, i believe that "isk seized" chart is on the low side.

that looks like 19 trillion in 7 months, roughly 210 days.

That's on average 90 billion per day, which, considering the scale of the game's income (In march 2012, an estimated 1T enters the game per day, I would assume it's safe to say that number is much higher now, maybe 1.5).

90 billion out of 1500 billion per day doesn't sound nearly as impressive.




The stop doing so much RMT then !!!!



(just joking Big smileBig smileBig smileBig smile)



Edit: I'm not. Please don't distort the forum lay-out. ISD Ezwal.
Kubiq
State War Academy
Caldari State
#26 - 2014-04-10 10:33:08 UTC
+1 for Two factor authentication
Freelancer117
So you want to be a Hero
#27 - 2014-04-10 12:13:19 UTC
With so much isk being seized/impounded, how large an influence does this have on the inflation of isk in the game ?

Eve online is :

A) mining simulator B) glorified chatroom C) spreadsheets online

D) CCP Games Pay to Win at skill leveling, with instant gratification

http://eve-radio.com//images/photos/3419/223/34afa0d7998f0a9a86f737d6.jpg

http://bit.ly/1egr4mF
Meytal
Doomheim
#28 - 2014-04-10 12:26:17 UTC
Freelancer117 wrote:
With so much isk being seized/impounded, how large an influence does this have on the inflation of isk in the game ?

This is where a graph showing ISK created vs ISK destroyed over time would be VERY interesting. It would also be interesting to see the same kind of numbers for PLEXes.
Gizznitt Malikite
Agony Unleashed
Agony Empire
#29 - 2014-04-10 13:48:30 UTC

Thank you very much for your hard work, maintaining balance in our game, and generally preventing its degradation by cheaters.

Dinsdale Pirannha
Pirannha Corp
#30 - 2014-04-10 15:16:12 UTC
And once again, CCP refuses to outline who and where the ISK was impounded from, because protecting the privacy of a fictional character is critical.

Also, how much was impounded from buyers, and how much from sellers?
What was the breakdown on where the ISK was generated? High sec, null sec, low sec, wormholes?
Surely if CCP is sophisticated enough to track this stuff, they can track the activity history of the people they impounded the ISK from.

But instead, CCP has to protect even that information, because heaven forbid the subscription base get a clear picture of the situation.
Weaselior
GoonWaffe
Goonswarm Federation
#31 - 2014-04-10 15:18:46 UTC
Dinsdale Pirannha wrote:
And once again, CCP refuses to outline who and where the ISK was impounded from, because protecting the privacy of a fictional character is critical.

Also, how much was impounded from buyers, and how much from sellers?
What was the breakdown on where the ISK was generated? High sec, null sec, low sec, wormholes?
Surely if CCP is sophisticated enough to track this stuff, they can track the activity history of the people they impounded the ISK from.

But instead, CCP has to protect even that information, because heaven forbid the subscription base get a clear picture of the situation.

past team security presentations have shown there's more bots in the forge than all of nullsec

best of luck with your insane delusions

Head of the Goonswarm Economic Warfare Cabal Pubbie Management and Exploitation Division.
CCP Bugartist
C C P
C C P Alliance
#32 - 2014-04-10 15:44:46 UTC
Dear Capsuleers,

we really appreciate your interest in the topic and we know that a lot of you are hungry for details.

Quote:
No security related dev blog without a graph

In order to follow this age-old tradition, here’s a brief teaser of what’s coming at Fanfest below...


We are going to provide much more detail about this graph/data and many more at Fanfest. Even if you cannot make it in person you are welcome to join the stream. Also, we plan to provide a written summary of our Fanfest talk afterwards including the outcome of the security round-table.

As we still have a bit of time left until Fanfest I kindly ask you to post your information requests to this thread. We are monitoring this thread and I promise that at Fanfest we will address as many topics mentioned in here as possible.


All of our team members (InfoSec and Team Security) will be around at Fanfest. If you have any special topic you want to discuss with us and you feel it requires a scheduled time slot, just drop us an email at security@ccpgames.com and we will get back to you with a suggested FF day and time. Please understand that these special sessions are limited.


Thanks for your support,
CCP Bugartist
voetius
Grundrisse
#33 - 2014-04-10 16:19:39 UTC
Dinsdale Pirannha wrote:
And once again, CCP refuses to outline who and where the ISK was impounded from, because protecting the privacy of a fictional character is critical.

Also, how much was impounded from buyers, and how much from sellers?
What was the breakdown on where the ISK was generated? High sec, null sec, low sec, wormholes?
Surely if CCP is sophisticated enough to track this stuff, they can track the activity history of the people they impounded the ISK from.

But instead, CCP has to protect even that information, because heaven forbid the subscription base get a clear picture of the situation.



I would like to see some information along the lines that Dinsdale has asked for as well. There is a large amount of speculation and anecdotal evidence on the forums and virtually nothing in the way of facts from CCP. As I don't have a horse in the race I would be interested in knowing some breakdowns based on security status and on activities (ratting, mining, missioning, etc.).


Thanks for all your efforts Bugartist and Team Security, it's appreciated.
Bethan Le Troix
Krusual Investigation Agency
#34 - 2014-04-10 16:30:21 UTC  |  Edited by: Bethan Le Troix
Is there any chance that use of ISBoxer or similar 'botting' software within EVE Online can be made illegal under the EULA Question

PS I almost forgot. It's much appreciated to see a dev blog from you guys. It would be great to see dev blogs from other CCP staff like Dr Eyjo as well. Big smile
Zappity
New Eden Tank Testing Services
#35 - 2014-04-10 20:40:08 UTC  |  Edited by: Zappity
How about some tools for a player to actually challenge a potential bot? We would like to help. I have no idea what this would look like. In terms of information:

Maybe one of CCP Quant's graphs for botting? I'd very much like to see actual numbers of bots and ISK sellers caught.

Edit: bot-hunting! Make it a new profession supported by challenge tools prior to lodging a bot ticket with rewards for each bot caught!

Zappity's Adventures for a taste of lowsec and nullsec.
Audrey Koshka
Ministry of War
Amarr Empire
#36 - 2014-04-10 20:53:30 UTC
Another person interested in two factor authentication checking in.
Aalysia Valkeiper
Imperial Shipment
Amarr Empire
#37 - 2014-04-11 21:21:20 UTC  |  Edited by: Aalysia Valkeiper
As somebody who is presently studying network security under scholarship (2 semesters to grad... yayyyy), I have some inkling how difficult your jobs are.

Security is a dynamic enterprise because those who want to 'get in' are never resting on their laurels and are always adapting to their success (getting in) or your success (stopping them).

If you stopped one attempt, they're adjusting to how you stopped them and trying something else. If you didn't stop them, you have to discover they are there, stop them, and close the hole they found to get in.

Since EvE online is played internationally, your efforts are hampered by the fact some countries don't have laws against cybercrime and some countries even SUPPORT cybercrime (as crazy as that seems).

The very type of operation Eve online is (a 'open-ended' game) also hampers security concerns since you have to be extremely careful what you are observing is not some new tactic cooked up by a legitimate player, but an actual bot or a RMT.

I am also very much aware you can't give all your details because those sneaky guys and gals will use the details to adjust their attacks. I have noted several times sudden lag spikes and almost always suspected DDoS attacks, then.

I, for one, appreciate what you're doing and wish you the best of fortune.
Aalysia Valkeiper
Imperial Shipment
Amarr Empire
#38 - 2014-04-11 21:39:03 UTC
Zappity wrote:
How about some tools for a player to actually challenge a potential bot? We would like to help. I have no idea what this would look like. In terms of information:

Maybe one of CCP Quant's graphs for botting? I'd very much like to see actual numbers of bots and ISK sellers caught.

Edit: bot-hunting! Make it a new profession supported by challenge tools prior to lodging a bot ticket with rewards for each bot caught!


To give the players such a tool would also give the bot-makers the same tool. The tool's effectiveness may last a week (at most).

If such a tool were made available, it would be a help while it was effective, but it would then open other security measures to being tampered with.

If real life money can be made from it, there will be some cyber genius doing it and waiting for such a break.
Prince Kobol
#39 - 2014-04-11 21:55:02 UTC
Weaselior wrote:
Dinsdale Pirannha wrote:
And once again, CCP refuses to outline who and where the ISK was impounded from, because protecting the privacy of a fictional character is critical.

Also, how much was impounded from buyers, and how much from sellers?
What was the breakdown on where the ISK was generated? High sec, null sec, low sec, wormholes?
Surely if CCP is sophisticated enough to track this stuff, they can track the activity history of the people they impounded the ISK from.

But instead, CCP has to protect even that information, because heaven forbid the subscription base get a clear picture of the situation.

past team security presentations have shown there's more bots in the forge than all of nullsec

best of luck with your insane delusions



As much as we laugh at dinsdale with his crazy ass theories that there is some massive conspiracy going involved most of null sec and CCP, for once he has actually made a good point.

Would be great if CCP produced what he has asked for.

Now fair enough if CCP did produce such a break down and it showed that the vast majority of botting / RMT came from HS based players he would scream "lairs" and that its part of a conspiracy Big smile
Rosewalker
Khumaak Flying Circus
#40 - 2014-04-11 23:02:19 UTC
Welcome CCP Bugartist! Could you answer a couple of burning questions?

1. Could you please post an updated guide on how to detect bots?

2. Is it a EULA/ToS violation if someone continuously kills/pods a bot if the bot is stupid enough to keep coming back to the same spot? I once heard that it was.

3. Is it true that CCP Blofeld is so bad at PvP that you won't let him have an avatar?

Thanks!

The Nosy Gamer - CCP Random: "hehe, falls under the category: nice try, but no. ;)"
Previous page123Next page