Science & Industry

Hey guys,

I have an unhealthy amount of BPOs and I want to start recruiting. Both the CEO and all the director characters are mine. I own 100% of the corporation shares. Assume no recruited players will be given the director role. Assume all BPOs are based in an NPC station.

Over the years I heard horror stories about BPO lockdown and theft. I just had a look and it seems the tedious process of locking everything down individually has been fixed (♥ whoever did that) so my sanity is safe, but are my prints?

A few Qs, would appreciate some As.

"Don't taze steal my **** bro!"
• Outside of the CEO & director roles can anyone affect the locked state of a BPO?
• Assuming that normal gameplay intends that locked BPOs stay where they are in the case of a theft can they be recovered via petition?

"Don't steal other people's **** either!"
• I see that someone with the factory manager & rent factory slot or rent research slot roles can deliver a third party's jobs. I see the you can set jobs to output into containers in the hangar. What are my risk mitigation options?
 ○ Is there a way to deliver to a locked container (my testing shows the container needs to be unlocked)
 ○ Is there a way to prevent a third party from stealing the containers themselves?
 ○ Is there a way to deliver the outputs to the member's hangar?

Are there any other considerations I should add to my threat surface analysis? General advice?

I love all the new content the past few patches added but man do I have a lot to catch up on...

Losing the BPOs would be crippling that's for sure, which is why I'm trying to cover all the angles.

How would you proceed, having them in a view only division and copied on request or literally just give a spreadsheet of available prints and store/copy them outside of the corp hangar?

I mean if that's the only 100% sure fire way I guess that'll be it, but I'd be a bit sad that assets I wish to provide to my corporation couldn't be more forward facing.

As long as a) it's expected game behaviour that no non-director characters be able to steal the BPOs and b) recovery over petition in case of irregular gameplay is likely I'm fine with having them in a "use but can't take" position.

I can't possibly use all of them even with a small battalion of alts and to be honest I don't want to keep a bunch of accounts up that only act as glorified corp photocopiers.

As CEO:
* Do not issue any shares, and claim the 1000 default shares from the corporation wallet.
* Do not grant the Director role to anyone.
* Do not grant the Config Starbase Equipment role to anyone.
* Place the BPO in a hangar has VIEW but not TAKE access.
* Never place BPO in containers.
* Use titles to grant roles and access. Avoid editing roles and access for individuals.

* I've previously issued an extra 999k shares, but the entire 1m block of shares is under CEO control.

If one share is out of your control, then bad things can happen.

* I will remove the director roles from my alts and re-role accordingly. Is there an issue with having some of my alts with the director role? I'm not seeing an issue but feel free to correct me.

Your own alts are fine. Directors are proxies for the CEO, and the only other people that can start a vote, like to create more shares, or can act on actionable items, like replacing the CEO after a vote.

Keep one alt without director, so you can TEST before assigning roles / titles to other people.

FYI, I am not a director (none of my alts are), but one of my alts is CEO. This also limits what my full API key can reveal about the corp.

* I'm guessing this is related to preventing people from unanchoring structures that are running jobs?

POS arrays have their own permissions, which can be changed if you have Config Starbase Equipment. The role also allows the tower to be off-lined and made vulnerable.

* I've seen various complaints about BPOs spontaneously unlocking, has there also been instances where a view only division revert to view and take? Also would the view only setting prevent people from using the print in the S&I tab?

View does not prevent use.

However, like space, nowhere in EVE is guaranteed to be safe (note the date):
http://community.eveonline.com/news/news-channels/eve-online-news/a-message-from-customer-support-concerning-the-corporate-role-defect/

* I take it that in a view only division you can open a container and pull out it's content? More on this a bit later.

The role to take containers is separate. There isn't a role to access containers.

https://wiki.eveonline.com/en/wiki/Roles_and_access_rights

That's just the basics of BPO safety. I didn't get into general corp management.

Example: You can create a "virtual director" title, if you think you really need it (that's still a risky amount of trust though, and not recommended).

A virtual director title has all roles (optional), but is not a director proper. They can do everything, EXCEPT stuff reserved for the CEO and real directors. Example: Virtual directors cannot start votes, nor perform sanctionable actions (i.e actions passed by a vote), nor declare war, etc. They can of course be limited in any way desired too; they don't have to have all the abilities as real directors.

Titles, roles, and access permissions are not something to taken lightly. Don't grant anything until you are sure you completely understand what you are granting and the consequences, and have tested it yourself.