These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Information Portal

 
  • Topic is locked indefinitely.
 

New dev blog: Team Security - Now with 100% more Anti-RMT

First post First post First post
Author
Previous Topic Next Topic
CCP Sreegs
CCP Retirement Home
#201 - 2012-04-03 21:07:07 UTC
Z2ZzzzZ2Z wrote:

wow...nice answer. sounds to me like some1 with a legit concern...in fact it sounds like the same concern i have. you'll forgive the /b/ if we don't just passively accept that ccp will take care of it... because ccp doesn't. your customer service/customer care is the issue here. i'm a customer with a bunch of accounts. none of which have been affected by this in any way. nor do i want them to be affected. Vaerah Vahrokha's question is a legit one. your refusal to properly answer, and answer with such ( i hate to say such tone but u basicly told them to "shut up" and me as well) shows just that deficiency


I've actually given the only answer I can give multiple times. I'm not dealing in hypotheticals. If something happens we'll look at it. That's the only answer and insisting that it's not an answer doesn't make it so. I'm sorry if this doesn't please you but that's all there is to say.

I don't find limiting myself to answering the same question asked 7 different ways three times is really all that great a sin.

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012
CCP Sreegs
CCP Retirement Home
#202 - 2012-04-03 21:09:12 UTC  |  Edited by: CCP Sreegs
Vaerah Vahrokha wrote:
CCP Sreegs wrote:
You're wrong. We can move on.


This looks like a bit of an elusive reply.


CCP Sreegs wrote:
Z2ZzzzZ2Z wrote:
re:Vaerah Vahrokha

exactly my point. i'm sorry ccp, i'm all for catching those cheaters but you need to be more clear. this game means a great deal to some of us...many of us...because of the time we spend. we can't effectively play the game if we don't know the rules. effectively you'd shut a lot of useful people out of the game with your knee jerk reaction.


When this happens is the time I'd recommend getting mad about it. In all seriousness I can't defend a position that hasn't occurred.


But it had occurred, I even mailed about it at the address you provided (which I suppose by now is in some endless queue?).


Edit: I tried contacting *anyone* at CCP who had any tiny bit of power about customer care, all I got is endless circles of people pointing and escalating at each other. Nobody to frankly speak at their presence and be heard.


That's where you're wrong. I'm not getting into specifics as I said. I won't discuss hypotheticals as I said. As I said there have been no instances where people were flagged erroneously who weren't involved in something else. If you choose to believe otherwise then that's your choice but if it has happened we haven't seen it yet and until we do I'm not discussing what could potentially maybe happen. That's it.

If something happened with you related to a GM matter then I can't help you there because I didn't do anything. Unless you were banned today or Friday then "wasn't me" unless it was for botting and there's absolutely nothing I can say about it.

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012
Jim Luc
Deep Core Mining Inc.
Caldari State
#203 - 2012-04-03 21:10:12 UTC
CCP Sreegs wrote:
Jim Luc wrote:
By the way, is there any way we can put an end to the endless "Player Transfer" phishing spam? I've been getting lots of it and forward each to security@ccpgames.com - usually it all goes to the trash anyways. I generally don't even click any links in an Eve-related email, even if it's from CCP. They're offering free time but I won't take their survey simply because I don't trust any emails from ccp or related anymore.

Is there a way we can determine if an email link is authentic, and each email that's sent from CCP also be accessible via logging into our accounts without clicking through a link? It would be nice to see all CCP correspondence, even marketing & such, in our Account Settings pages. Just a thought - keep up the tremendous work Sreegs!


I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved.



Ha, yes I realized after sending that you can't control all the spam of course LOL - just that there might be some IP addresses that you could release as being on a public watchlist from known phishers. Idunno - just throwing ideas out there Big smile
Vaerah Vahrokha
Vahrokh Consulting
#204 - 2012-04-03 21:10:46 UTC  |  Edited by: Vaerah Vahrokha
CCP Sreegs wrote:

I don't find limiting myself to answering the same question asked 7 different ways three times is really all that great a sin.


Therefore I will trust about a reply on the specific case I emailed to you. And no, since I am posting here you did not ban me Twisted

EvE Online portal | EvE markets tutorials
CCP Sreegs
CCP Retirement Home
#205 - 2012-04-03 21:12:35 UTC
Merin Ryskin wrote:
CCP Sreegs wrote:
2) I've already explained this. In most cases thus far people knew. I already told you to vet the people you lend isk to. The last time I checked making loans wasn't something we insure. If you lose your loan you can't tell a GM to give it back. Your other risk is that they're crooked. I don't see why this is an issue to be frank with you.


Ok, it seems like we're thinking of two different scenarios here. What I thought you were originally suggesting was the following:

A loans money to B. B is a RMTer, and gets caught. A suffers a punishment for being associated with RMTing (whether it's a ban, additional ISK removed, etc).

However, that quoted statement sounds like you actually meant this:

A loans money to B. B is a RMTer, and gets caught. A does not get any kind of reimbursement, but suffers no CCP-imposed penalties beyond the fact that the person who borrowed their money no longer has it (just like if the person took the loan and refused to pay it back).

If you would confirm that you're only talking about the second scenario, then I agree that there is no issue with the policy.

Quote:
We will deal with situations as they arise and each one will be unique. That's the nature of this business.


And this is why many people are not happy with your GM actions: the fact that there's too much personal judgement and little confidence that rulings are consistent. Just look at this thread even, with people expressing (reasonable) concerns about favoritism and different punishments for different people. You know why that is? Because you haven't considered all of these hypotheticals and published clear procedures for how these cases will be handled.


I'm not a GM. "Many people" may be unhappy about something but I'm doing my job and that's to catch badguys. If you have beef with something the GMs did then I can't help you there as I don't work in the GM department. I'm confident in my work 100% and that's all I can attest to.

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012
Plyn
Uncharted.
#206 - 2012-04-03 21:15:44 UTC
Sreegs and his team have made me a happy man!

Keep up the good work Lol
Ranger 1
Ranger Corp
Vae. Victis.
#207 - 2012-04-03 21:16:26 UTC
A few points, from my point of view, about some of the comments made above.

1: Odd ball cases will be looked into on an individual basis. If CCP Sreegs gets too specific on how the details are aquired and analyzed... or gives an official "forumula" on how all cases fo this nature are going to be handled... all he has done is given ammunition to those who will gladly find a way to abuse the procedure.

2: If you loan ISK it is your responsibility to be very sure the person receiving the loan in trustworthy. Any loans of ISK are in no way protected. If you loan to the wrong person (as in RL) you may very well lose your investment.

3: I think you can be fairly certain that purchases made off of the market are secure. However, if you have a habit transacting with someone caught RMTing you will likely be investigated closely.

4: In the supposed case of two people being banned, then one got his ban lifted right away while the other one has been waiting 3 weeks... you need to consider these people may very well not have been up front with you. I think it is quite likely that one of them might have deserved the benefit of the doubt, but the other one needed a complete (and time consuming) investigation. 3 weeks seems to not be an uncommon amount of time if the investigation is complex. You might also keep in mind that a time consuming investigation (when warranted) is undertaken in the interest of trying to be fair instead of simply "ban and forget".

5: You can "what if" this situation to death, but really it is a pointless excercise... and not giving to many particulars is important in a situation like this. If you know exactly what the boundries are, you can figure out where the loop holes are.

View the latest EVE Online developments and other game related news and gameplay by visiting Ranger 1 Presents: Virtual Realms.
corestwo
Goonfleet Investment Banking
#208 - 2012-04-03 21:17:20 UTC
CCP Sreegs wrote:
Jim Luc wrote:
By the way, is there any way we can put an end to the endless "Player Transfer" phishing spam? I've been getting lots of it and forward each to security@ccpgames.com - usually it all goes to the trash anyways. I generally don't even click any links in an Eve-related email, even if it's from CCP. They're offering free time but I won't take their survey simply because I don't trust any emails from ccp or related anymore.

Is there a way we can determine if an email link is authentic, and each email that's sent from CCP also be accessible via logging into our accounts without clicking through a link? It would be nice to see all CCP correspondence, even marketing & such, in our Account Settings pages. Just a thought - keep up the tremendous work Sreegs!


I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved.


You may want to look into the company my wife works at if you're looking for a solution to this. Interested to know more? ;)

This post was crafted by a member of the GoonSwarm Federation Economic Cabal, the foremost authority on Eve: Online economics and gameplay.

fofofo
Merin Ryskin
Peregrine Industries
#209 - 2012-04-03 21:18:23 UTC  |  Edited by: Merin Ryskin
First, I'd still appreciate confirmation that your mention of "loans" was only about the fact that loans to RMTers will not be reimbursed, not additional punishments being made on the premise that anyone who loans money to an RMTer is guilty of being involved in RMTing themselves.

CCP Sreegs wrote:
I'm not a GM. "Many people" may be unhappy about something but I'm doing my job and that's to catch badguys. If you have beef with something the GMs did then I can't help you there as I don't work in the GM department. I'm confident in my work 100% and that's all I can attest to.


Not you personally, you as in CCP in general. Way too many people feel that punishments/reimbursements/etc are not handled consistently, whether out of favoritism or simply different GMs doing things different ways. And it really doesn't help when you say that considering hypothetical situations is a "waste of time". Without considering those scenarios and making public rulings on how they will be handled, how are we supposed to have any confidence that the outcome will be fair and consistent?

Whether or not it's strictly necessary, it's throwing fuel on the fire of alliance drama, especially combined with the fact that your refusal to comment on specific cases allows speculation to run out of control.
CCP Sreegs
CCP Retirement Home
#210 - 2012-04-03 21:19:40 UTC
corestwo wrote:
CCP Sreegs wrote:
Jim Luc wrote:
By the way, is there any way we can put an end to the endless "Player Transfer" phishing spam? I've been getting lots of it and forward each to security@ccpgames.com - usually it all goes to the trash anyways. I generally don't even click any links in an Eve-related email, even if it's from CCP. They're offering free time but I won't take their survey simply because I don't trust any emails from ccp or related anymore.

Is there a way we can determine if an email link is authentic, and each email that's sent from CCP also be accessible via logging into our accounts without clicking through a link? It would be nice to see all CCP correspondence, even marketing & such, in our Account Settings pages. Just a thought - keep up the tremendous work Sreegs!


I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved.


You may want to look into the company my wife works at if you're looking for a solution to this. Interested to know more? ;)


Send an email to the security email address. We've looked into a lot of things but ultimately none of what we've seen in pretty much any case fits our unique environment and situation with this particular spam.

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012
Aamrr
#211 - 2012-04-03 21:21:52 UTC
Well done. While we obviously don't have any way of validating your zero-false-positives claim, it's nice to see that you're at least looking into the issue. A measure of transparency would be nice, but I'll concede there are legitimate reasons you can't give that to us.

Keep us updated.
Florestan Bronstein
Ministry of War
Amarr Empire
#212 - 2012-04-03 21:22:51 UTC  |  Edited by: Florestan Bronstein
CCP Sreegs wrote:
Florestan Bronstein wrote:
CCP Sreegs wrote:

2) I've already explained this. In most cases thus far people knew. I already told you to vet the people you lend isk to. The last time I checked making loans wasn't something we insure. If you lose your loan you can't tell a GM to give it back. Your other risk is that they're crooked. I don't see why this is an issue to be frank with you.

because you as the one who gives the loan are looking like an isk seller on ethe other party comes under scrutiny which means you do not only stand to lose your money but also your eve account


When this happens we'll talk.

I recognize that you do not want to discuss mere hypotheticals - but I'll ignore it.

When you investigate RMT you can only see one side of the transfers - what assets changed hands in EVE.
The other side of the transaction - real world assets changing hands - which defines RMT is something you usually have no direct knowledge of.

So you are not handing out bans based on any sort of "proof" but have to resort to very fuzzy "evidence" - does the EVE side of the transaction look as if real life assets might have changed hands alongside or not...
You have to infer this real-life side of the transaction by arguing along the lines of "well, those two players do not seem to have had any previous interactions that make the in-game transaction look plausible/justified" - but given the prevalence of 3rd party communication methods like forums, jabber/IRC, voicecomms, ... an in-game paper trail justifying the transaction often does not exist even for legit business.

There is literally no way to prove innocence in that case - how am I to demonstrate that I did not receive money for the ISK I sent to some random guy? fax you my bank statements? screenshot some jabber conversation that I might just as well have faked after the fact?

The knowledge that an investment of years might hinge upon a situation in which you cannot demonstrate your innocence makes people nervous.


Maybe the problem is that we automatically assume that you try to catch all sorts of RMT behavior - and that we know or at least assume that there is a lot of small scale/casual RMT going on which cannot be reliably identified from your POV.

(case in point: a few years ago I petitioned a guy who auctioned off one of his characters for RL money within the alliance; the character transfer was to take place via the CCP sanctioned means, the real life money was to change hands beforehand; afaik nothing happened as result of my petition - and how could the investigating GM ever have known for sure that RL money changed hands alongside the in-game transfer? a donation of a character to an alliance mate would have been just as plausible).

I guess that as long as you only stick to big/commercial RMT operations with many customers and a relatively tight net of suppliers most cases should be relatively clear cut.
Buzzy Warstl
Quantum Flux Foundry
#213 - 2012-04-03 21:24:26 UTC  |  Edited by: Buzzy Warstl
CCP Sreegs wrote:
Jim Luc wrote:
By the way, is there any way we can put an end to the endless "Player Transfer" phishing spam? I've been getting lots of it and forward each to security@ccpgames.com - usually it all goes to the trash anyways. I generally don't even click any links in an Eve-related email, even if it's from CCP. They're offering free time but I won't take their survey simply because I don't trust any emails from ccp or related anymore.

Is there a way we can determine if an email link is authentic, and each email that's sent from CCP also be accessible via logging into our accounts without clicking through a link? It would be nice to see all CCP correspondence, even marketing & such, in our Account Settings pages. Just a thought - keep up the tremendous work Sreegs!


I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved.

CCP has already done something so you can tell if an e-mail is from an authorized sender:
eveonline.com descriptive text "v=spf1 mx ip4:87.237.32.0/24 ip4:87.237.38.0/24 ip4:87.237.37.32/28 ip4:87.237.39.0/24 mx:mail.global.frontbridge.com mx:ymir.ccpgames.com include:spf.frontbridge.com -all"

This is a "Sender Preferred From" record and includes all the addresses authorized to send e-mail as eveonline.com under any circumstances. The -all at the end means you reject any mail that doesn't match.

Not all mail providers use it, but it's there.

Additional:
Not all bans are for RMT or botting.

Just because someone you know got banned recently doesn't mean CCP Sreegs or his team had anything to do with it.

http://www.mud.co.uk/richard/hcds.htm Richard Bartle: Players who suit MUDs
Jita Alt666
#214 - 2012-04-03 21:24:38 UTC
Saying it again. Great stuff Sreegs, Stillman and all your little minions.

To all the folks crying about false positives in here - wrong department, wrong format. My ISP, mobile, landline, PPV TV are all from the same provider, guess how useful it is talking to the mobile department about PPV?
corestwo
Goonfleet Investment Banking
#215 - 2012-04-03 21:25:11 UTC  |  Edited by: corestwo
CCP Sreegs wrote:
corestwo wrote:
CCP Sreegs wrote:
Jim Luc wrote:
By the way, is there any way we can put an end to the endless "Player Transfer" phishing spam? I've been getting lots of it and forward each to security@ccpgames.com - usually it all goes to the trash anyways. I generally don't even click any links in an Eve-related email, even if it's from CCP. They're offering free time but I won't take their survey simply because I don't trust any emails from ccp or related anymore.

Is there a way we can determine if an email link is authentic, and each email that's sent from CCP also be accessible via logging into our accounts without clicking through a link? It would be nice to see all CCP correspondence, even marketing & such, in our Account Settings pages. Just a thought - keep up the tremendous work Sreegs!


I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved.


You may want to look into the company my wife works at if you're looking for a solution to this. Interested to know more? ;)


Send an email to the security email address. We've looked into a lot of things but ultimately none of what we've seen in pretty much any case fits our unique environment and situation with this particular spam.


Will do :toot:

e: Check your email!

This post was crafted by a member of the GoonSwarm Federation Economic Cabal, the foremost authority on Eve: Online economics and gameplay.

fofofo
CCP Sreegs
CCP Retirement Home
#216 - 2012-04-03 21:25:27 UTC
Merin Ryskin wrote:
First, I'd still appreciate confirmation that your mention of "loans" was only about the fact that loans to RMTers will not be reimbursed, not additional punishments being made on the premise that anyone who loans money to an RMTer is guilty of being involved in RMTing themselves.

CCP Sreegs wrote:
I'm not a GM. "Many people" may be unhappy about something but I'm doing my job and that's to catch badguys. If you have beef with something the GMs did then I can't help you there as I don't work in the GM department. I'm confident in my work 100% and that's all I can attest to.


Not you personally, you as in CCP in general. Way too many people feel that punishments/reimbursements/etc are not handled consistently, whether out of favoritism or simply different GMs doing things different ways. And it really doesn't help when you say that considering hypothetical situations is a "waste of time". Without considering those scenarios and making public rulings on how they will be handled, how are we supposed to have any confidence that the outcome will be fair and consistent?

Whether or not it's strictly necessary, it's throwing fuel on the fire of alliance drama, especially combined with the fact that your refusal to comment on specific cases allows speculation to run out of control.


I won't confirm that. We don't regulate loans. We won't have people funding RMT operations claiming they were making loans and wasting our time. The scenario you are painting hasn't occurred but I'm not going to personally underwrite individual's spaceloan businesses on the off chance something that hasn't occurred may. We can see what goes on and that's all there is to it. If something goes south we'll look at it. Hasn't happened. It's like developing a contingency for earth's gravity failing. Sure it COULD happen but I'm not paying someone to think about it.

I'm not in the GM department so I cannot attest to what they may or may not have done. Have a problem with the wave from today or last Friday? Email me. Otherwise I'm off the hook.

I don't make people speculate it's an activity you choose to engage in. I do my work regardless of whether people choose to invent alternate realities or not otherwise nothing would ever get done. I'm not in the habit of spending oodles of time defending our work against every conceivable nightmare scenario painted on the internet.

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012
Vaerah Vahrokha
Vahrokh Consulting
#217 - 2012-04-03 21:25:54 UTC
Ranger 1 wrote:
A few points, from my point of view, about some of the comments made above.

1: Odd ball cases will be looked into on an individual basis. If CCP Sreegs gets too specific on how the details are aquired and analyzed... or gives an official "forumula" on how all cases fo this nature are going to be handled... all he has done is given ammunition to those who will gladly find a way to abuse the procedure.



No they are NOT LOOKED into an individual basis. All you get is a default copy and paste GM reply. If you escalate it you will ALWAYS get replied the first GM was right within 1 hour (I mean, they did not even have the time to double check it).

This is a classic case of "left hand does not know what the right hand does".

CCP Sreegs will become a force of nature, an "evil guys bane" producing zillions of bans.
Yet nobody on the GM section is *as* capable nor *as quick* to handle the load.

I mean they hired a CHAMPION of security, the best ever. I really worship CCP Sreegs about how effective he is. But then the other employees have to follow suit else it just ends in a bloody mess.


Ranger 1 wrote:


2: If you loan ISK it is your responsibility to be very sure the person receiving the loan in trustworthy. Any loans of ISK are in no way protected. If you loan to the wrong person (as in RL) you may very well lose your investment.



How do I know this person is trustworthy? In EvE none the less? It could be (and in my case was) a very trusted MD forum investors known for years by everyone as upstanding and clean.

I did all my duties yet he ended up being somewhat related to a RMTer.

Teach me how to avoid this, I am all ears.

EvE Online portal | EvE markets tutorials
corestwo
Goonfleet Investment Banking
#218 - 2012-04-03 21:30:47 UTC
Vaerah Vahrokha wrote:
Teach me how to avoid this, I am all ears.


Just stick to the technical analysis you're so fond of. Lol

This post was crafted by a member of the GoonSwarm Federation Economic Cabal, the foremost authority on Eve: Online economics and gameplay.

fofofo
Tyke Orlieveit
Republic Military School
Minmatar Republic
#219 - 2012-04-03 21:30:51 UTC
CCP Sreegs wrote:
corestwo wrote:
CCP Sreegs wrote:
Jim Luc wrote:
By the way, is there any way we can put an end to the endless "Player Transfer" phishing spam? I've been getting lots of it and forward each to security@ccpgames.com - usually it all goes to the trash anyways. I generally don't even click any links in an Eve-related email, even if it's from CCP. They're offering free time but I won't take their survey simply because I don't trust any emails from ccp or related anymore.

Is there a way we can determine if an email link is authentic, and each email that's sent from CCP also be accessible via logging into our accounts without clicking through a link? It would be nice to see all CCP correspondence, even marketing & such, in our Account Settings pages. Just a thought - keep up the tremendous work Sreegs!


I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved.


You may want to look into the company my wife works at if you're looking for a solution to this. Interested to know more? ;)


Send an email to the security email address. We've looked into a lot of things but ultimately none of what we've seen in pretty much any case fits our unique environment and situation with this particular spam.


Stupid question: Simply signing the email content with a Publicly available PGP/GPG key is out of the window I guess? The recipient isn't affected by this, and the people with the capability or desire can confirm the signature?

I guess formatting issues might be a hurdle, I've not really experimented with anything but plain-text email being signed though.
Mioelnir
Brutor Tribe
Minmatar Republic
#220 - 2012-04-03 21:31:24 UTC
CCP Sreegs wrote:
I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved.


One doesn't need to own the internet for that. For example the CCP bulk mta often used for surveys and stuff is run under the cocos islands domain ccp.cc which - while it does indeed belong to CCP - is never ever used anywhere else that customers see, so it probably looks fishy to most users.

Then again, if you read your mails with full headers, you are probably already sufficiently paranoid.