These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE New Citizens Q&A

 
  • Topic is locked indefinitely.
 

Best Method of Checking API's
Author
Previous Topic Next Topic
Tsurpalen Tsurpalen
Dark Venture Corporation
Kitchen Sinkhole
#1 - 2011-11-19 05:18:53 UTC  |  Edited by: Tsurpalen Tsurpalen
I have been using EVEMon to check new members incoming API keys, but as of lately we have "misplaced" a few ships.

Was curious what other CEO's out there use to verify API's and what the resistance is from members if you require the full api key, which we are thinking about doing for additional security, to watch and see if any ships had been taken and sold.
Lukriss
Caldari Provisions
Caldari State
#2 - 2011-11-19 05:47:24 UTC
There's no limited/full api keys anymore, you can custom tailor what a key should be able to recieve of data. That being said, no corp will ever be allowed to view my assets.
Tsurpalen Tsurpalen
Dark Venture Corporation
Kitchen Sinkhole
#3 - 2011-11-19 05:57:20 UTC
Lukriss wrote:
There's no limited/full api keys anymore, you can custom tailor what a key should be able to recieve of data. That being said, no corp will ever be allowed to view my assets.


That just looks suspicious in itself, if you have nothing to hide, why hide it?
J'Poll
School of Applied Knowledge
Caldari State
#4 - 2011-11-19 11:06:21 UTC
New API's will let you shield anything you want shielded etc.

So API checks are way harder as they were also as you can make a API to show only 1 of your toons on your account.

So the whole API checks are needed to be thought over again.

Personal channel: Crazy Dutch Guy

Help channel: Help chat - Reloaded

Public roams channels: RvB Ganked / Redemption Road / Spectre Fleet / Bombers bar / The Content Club
KaarBaak
Squirrel Team
#5 - 2011-11-19 12:43:13 UTC

API checks won't solve your problem. You need slightly better **** Tracy skills to track down a Corp thief these days. And keep in mind, once he thinks you're onto him, he'll likely grab anything that's not locked down. There are few good long con thieves these days.

Dum Spiro Spero
SexTrader
LOst BrotherhoOd
#6 - 2011-11-19 16:43:29 UTC
Tsurpalen Tsurpalen wrote:
Lukriss wrote:
There's no limited/full api keys anymore, you can custom tailor what a key should be able to recieve of data. That being said, no corp will ever be allowed to view my assets.


That just looks suspicious in itself, if you have nothing to hide, why hide it?



I, too, would tell you to rotate if you wanted to view my assets.
If your worried about a player taking your corp assets, then don't give him access to your hangers.
Farrina
Doomheim
#7 - 2011-11-19 21:46:58 UTC
CAK let's you shield things, yes, but it doesn't let you hide the fact that you're shielding information...

For instance if I go to check someone's WalletJournal using a CAK and it returns "error: unavailable" then I know they're hiding that information and will not be entering my Corp.

Quote:
If your worried about a player taking your corp assets, then don't give him access to your hangers.


It's easy to blame the victim using the old 20/20 hindsight, however, in reality it usually works out to be the people you're least worried about being the players that steal your Corp.
Astrid Stjerna
Sebiestor Tribe
#8 - 2011-11-20 02:10:45 UTC
Tsurpalen Tsurpalen wrote:
Lukriss wrote:
There's no limited/full api keys anymore, you can custom tailor what a key should be able to recieve of data. That being said, no corp will ever be allowed to view my assets.


That just looks suspicious in itself, if you have nothing to hide, why hide it?


Information is power -- so give your enemy as little as possible. By looking at your assets, your enemy can better estimate what kind of valuable goods you might be carrying, and/or where you're likely to be in the near future.

I can't get rid of my darn signature!  Oh, wait....
Mocam
Aliastra
Gallente Federation
#9 - 2011-11-21 01:55:12 UTC
Tsurpalen Tsurpalen wrote:
Lukriss wrote:
There's no limited/full api keys anymore, you can custom tailor what a key should be able to recieve of data. That being said, no corp will ever be allowed to view my assets.


That just looks suspicious in itself, if you have nothing to hide, why hide it?



I snicker about that stuff at times.

In one RL youtube video I saw, a cop asked a property owner why he wouldn't allow an inspector on their property to go through all the barns and construction stuff - "If you have nothing to hide..." - my reaction to the cop would have been "Ok officer, strip naked. If you have nothing to hide..."

It's called privacy and most folks feel a need to have differing degrees of it, on an individual by individual basis. Telling someone to give up some of theirs for no good reason is a bit much so requests for divulging information should be held to the minimum needed.

Now - what is the minimum? That's a fun question but rarely will go beyond initial checks of their API info, then keep an eye on your corporation's assets.


As for your wondering who took what - there are API tools available that will let you check the audit logs and inventories of your containers - corporate assets style. If you are using hangars with audit logs, you should easily be able to spot who took what.

Who has what is far harder to look at. They may have traded it off and that won't show in an API check - simply dock a char from an alt account and station trade to them where that alt sells the stuff. Such trades won't show at all in the API so it's best to find who took what via audit logs and hold that person accountable for the assets.
Moistmuffin RKHT
My Little Uniponisus
#10 - 2011-11-22 00:48:04 UTC  |  Edited by: Moistmuffin RKHT
I'm new and there is no one in my corp but me, but that said if people started joining I'd never give anyone a role/access to stuff I didn't know IRL. So I'm not sure what checking an API would really do, unless I was actively trying to block a certain type of player/player style, though at this point I haven't cared. Gallente is all about freedom right, so I got to let people do what they want, when they want, how they want?

I created Ave Molech and I love ponies.
Gabbie Tinks
#11 - 2011-11-23 11:53:13 UTC
Moistmuffin RKHT wrote:
I'm new and there is no one in my corp but me, but that said if people started joining I'd never give anyone a role/access to stuff I didn't know IRL. So I'm not sure what checking an API would really do, unless I was actively trying to block a certain type of player/player style, though at this point I haven't cared. Gallente is all about freedom right, so I got to let people do what they want, when they want, how they want?



Would let you know if their alt were say in Corp that is at war with you, or know hostile, or known corp thief. just for starters.
Tsurpalen Tsurpalen
Dark Venture Corporation
Kitchen Sinkhole
#12 - 2011-11-30 03:39:04 UTC
Mocam wrote:
Tsurpalen Tsurpalen wrote:
Lukriss wrote:
There's no limited/full api keys anymore, you can custom tailor what a key should be able to recieve of data. That being said, no corp will ever be allowed to view my assets.


That just looks suspicious in itself, if you have nothing to hide, why hide it?



I snicker about that stuff at times.

In one RL youtube video I saw, a cop asked a property owner why he wouldn't allow an inspector on their property to go through all the barns and construction stuff - "If you have nothing to hide..." - my reaction to the cop would have been "Ok officer, strip naked. If you have nothing to hide..."

It's called privacy and most folks feel a need to have differing degrees of it, on an individual by individual basis. Telling someone to give up some of theirs for no good reason is a bit much so requests for divulging information should be held to the minimum needed.

Now - what is the minimum? That's a fun question but rarely will go beyond initial checks of their API info, then keep an eye on your corporation's assets.


As for your wondering who took what - there are API tools available that will let you check the audit logs and inventories of your containers - corporate assets style. If you are using hangars with audit logs, you should easily be able to spot who took what.

Who has what is far harder to look at. They may have traded it off and that won't show in an API check - simply dock a char from an alt account and station trade to them where that alt sells the stuff. Such trades won't show at all in the API so it's best to find who took what via audit logs and hold that person accountable for the assets.


What are these API audit logs you speak of?