These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

 
  • Topic is locked indefinitely.
 

Full API to join Corps

First post First post
Author
James Amril-Kesh
Viziam
Amarr Empire
#21 - 2014-06-07 09:25:25 UTC
Here's one thing I've wondered about this. I gave my corp full API (and alliance some API details too, don't remember exactly what though). So at the very least my corp can read my mail.

I have two messages from GMs in my mailbox. It's against the EULA to share GM correspondence. So if someone pulls a GM mail from my API (and I know you can since I can see them in EVEMon) and posts it somewhere, does this mean that I've violated the EULA? Even if it doesn't, is some trigger happy GM going to assume that it was me who shared it, and bring the hammer down anyway?

I think I'll file a support ticket.

I could just delete the message but any rule that says I'm obligated by EULA to delete private correspondence is a rule that needs revision.

Enjoying the rain today? ;)

Jandice Ymladris
Aurora Arcology
#22 - 2014-06-07 09:27:45 UTC
James Amril-Kesh wrote:
Here's one thing I've wondered about this. I gave my corp full API (and alliance some API details too, don't remember exactly what though). So at the very least my corp can read my mail.

I have two messages from GMs in my mailbox. It's against the EULA to share GM correspondence. So if someone pulls a GM mail from my API (and I know you can since I can see them in EVEMon) and posts it somewhere, does this mean that I've violated the EULA? Even if it doesn't, is some trigger happy GM going to assume that it was me who shared it, and bring the hammer down anyway?

I think I'll file a support ticket.

I could just delete the message but any rule that says I'm obligated by EULA to delete private correspondence is a rule that needs revision.


You're making a good point here, unless CCP already thought of this and excluded GM mail from the API? (I doubt they thought if it, but you never know!) Still a support ticket for clearance on the matter is a good idea!

Providing a new home for refugees in the Aurora Arcology

James Amril-Kesh
Viziam
Amarr Empire
#23 - 2014-06-07 09:28:49 UTC
Jandice Ymladris wrote:
You're making a good point here, unless CCP already thought of this and excluded GM mail from the API? (I doubt they thought if it, but you never know!) Still a support ticket for clearance on the matter is a good idea!

They didn't, because as I said I can see them in EVEMon. I checked that as I was writing that post.

Enjoying the rain today? ;)

Silvetica Dian
Imperial Shipment
Amarr Empire
#24 - 2014-06-07 09:34:33 UTC
Conrad Lionhart wrote:
Sher Rayet wrote:
If you give away full API they read your mails and transactions etc. Go ahead...


But is it standard practice?
Would you do it if you wanted to join a new corp?


i require full api before i let people join manson.
can't speak for others.

Money at its root is a form of rationing. When the richest 85 people have as much wealth as the poorest 3.5 billion (50% of humanity) it is clear where the source of poverty is. http://www.theguardian.com/commentisfree/2014/jan/20/trickle-down-economics-broken-promise-richest-85

Solai
BreadFleet
Interstellar Triglavian Collective
#25 - 2014-06-07 09:34:46 UTC
Nevyn Auscent wrote:
Solai wrote:
Snip.

Except nowhere in there did you actually explain a single thing about how a FULL API rather than a partial actually changes anything. Nor what bits actually help you in checking for spies or running a corp. You just trotted out the old passed down and horribly flawed argument.

I'm not about to explain all the details of the API combing process or spy-hunting tactics, if that's what you're fishing for.

The assumption is that if it's not full, then the recruit wants to omit some information, such as their eve mails, wallet transactions, assets, etc, for whatever reason. All of those can be used to assess risk, and weed out BadSpies. Any item that any player would logically wish to hide, for innocent reasons or otherwise, is useful info for risk assessment.

Will it make your recruitment airtight? No, of course not, and no one thinks so. But it does make it easier for a spy to make a mistake. And they do make mistakes, regularly, giving you the opportunity to see them. As opposed to never having the opportunity to see that data.

I've seen it argued that since full API info does not assure you will catch all the spies, then it's worthless. That's a logical fallacy that shouldn't require explaining.

If you believe that a limited API offers equivalent security opportunities, then would you mind giving an example of which elements you'd propose a recruit ought to be able to omit?
Jandice Ymladris
Aurora Arcology
#26 - 2014-06-07 09:43:40 UTC
James Amril-Kesh wrote:
Jandice Ymladris wrote:
You're making a good point here, unless CCP already thought of this and excluded GM mail from the API? (I doubt they thought if it, but you never know!) Still a support ticket for clearance on the matter is a good idea!

They didn't, because as I said I can see them in EVEMon. I checked that as I was writing that post.


Roger that! Then it's a fully legitimate concern, and considering how dirty some people play this game (meta or otherwise) it would be good to get a CCP reply on this.

Providing a new home for refugees in the Aurora Arcology

Eternus8lux8lucis
Duckzer Mining Corporation
RAZOR Alliance
#27 - 2014-06-07 10:21:27 UTC
In 10 years Ive never given my full API nor will I ever to any corp no matter how good they think themselves.

Have you heard anything I've said?

You said it's all circling the drain, the whole universe. Right?

That's right.

Had to end sometime.

Doreen Kaundur
#28 - 2014-06-07 10:46:09 UTC
Conrad Lionhart wrote:
Hey all,

I just came back to the game after being away for over a year.

There is a corp that talked to me about joining, but before I could join, they requested my FULL (not partial) API.

I want to know whether this has become standard practice nowadays for corps recruiting new members.

Back in the day, I just joined a corp without such need for an API, and the only time they needed my API was for teamspeak, and even then a limited API was enough.

So is it safe to give my full API?
Is it now standard practice to give your full API to corps that you want to join?


Pfft. That's nothing. One corp asked for my first born.

[center]1. Minor navigation color change. 2. Show bookmarks in the overview.[/center]

Adriana Nolen
Sama Guild
#29 - 2014-06-07 11:09:34 UTC
Doreen Kaundur wrote:


Pfft. That's nothing. One corp asked for my first born.


W-space corps are another beast in it's entirety.
Adriana Nolen
Sama Guild
#30 - 2014-06-07 11:12:10 UTC
James Amril-Kesh wrote:

I think I'll file a support ticket.

I could just delete the message but any rule that says I'm obligated by EULA to delete private correspondence is a rule that needs revision.


I think CCP Punkutris does API stuff.
Kiwi Kurenai
Doomheim
#31 - 2014-06-07 13:03:58 UTC
Sucks I'm struggling with this nearly full API just to join a Corp's Teamspeak. They switched from Mumble to Teamspeak and now require I think its a nearly Full API just to join the Teamspeak.

Still in the corp but thats cuz they haven't kicked the people who haven't registered yet.

I'd prolly be fine with a Full APi to the CEO of the Corp but clearly some of his officers are shadey, and less than polite about the trash talking on teamspeak and in game Corp channels.

4ish month old account speaking.
Dinsdale Pirannha
Pirannha Corp
#32 - 2014-06-07 13:15:57 UTC
Yup, thank that wonderful meta in the game where "be the villain" has spread everywhere, and no one can trust anyone.
In a game where spies, theft, and general asshattery is celebrated at such a high level, every smart corp has to protect themselves.

Of course, just to shoot myself in the foot, full disclosure: What got me interested in Eve was reading about Guiding Hand Social Club's timed theft of a corp's hangars and the destruction of one of the royal battleships, which are so incredibly rare. I did not start playing Eve because I wanted to do the same thing, but Eve showed up on my radar because of the article.
Andski
GoonWaffe
Goonswarm Federation
#33 - 2014-06-07 14:46:18 UTC
oh look a heist in a video game

i'm going to play that video game to moan on the forums about how these things shouldn't happen

Twitter: @EVEAndski

"It's easy to speak for the silent majority. They rarely object to what you put into their mouths."    - Abrazzar

Lisa Gentilette
The Scope
Gallente Federation
#34 - 2014-06-07 14:57:23 UTC
Standard reply from me, 'full api is ok if I get the full api of the CEO first'.



Guess how many times that went well. P
Subject 4927
AwoxxowA
#35 - 2014-06-07 15:06:05 UTC
I only join corporations that don't require a full API. So that tells you something.

http://subjectandfriends.wordpress.com

Immortal Chrono Pimpin
Codename-47
Avocado Cartel
#36 - 2014-06-07 17:00:42 UTC
CEOs and Directors are under the false impression that a full API will do jack **** for anyone thats actually serious about joining to do damage.
Isabela Valentine
Caldari Provisions
Caldari State
#37 - 2014-06-07 18:32:49 UTC
Depending on your corp history, KB information, and other factors, it's not unrealistic for a corporation to ask for a full API key. They can't do anything with it other than make sure you're not an alt or lying to them so it's not like there's much of a risk. If you don't like it then feel free to not join that corporation. API checks don't eliminate the possibility of corp thieves or awoxers but it makes them work harder to conceal themselves. Teamspeak API's arent usually full api's. Its just used so that when you leave the corporation you're no longer able to hold any rights on that TS server or join their Jabber server (if they have one).



Like I said though, if you don't want people snooping then dont join/apply to them.
Marc Durant
#38 - 2014-06-07 19:00:35 UTC
They can have mine, if I can have theirs.

Yes, yes I am. Thanks for noticing.

Alexander Thorsen
The Scope
Gallente Federation
#39 - 2014-06-07 19:01:07 UTC
I would be hesitant for a couple reasons. One, most counter-intel types don't know the difference between a spy and a saboteur. If you're not competent enough to begin to do a proper risk assessment, because spies and saboteurs will have different behavior patterns, who says you're competent enough to keep an API secure? Also, a lot of CI types don't seem to understand Federal privacy laws and where the line is between metagaming and committing a crime that will result in hard time (not to mention a complete ban from ever owning a computer that can connect to the internet).
Adira Nictor
Sebiestor Tribe
Minmatar Republic
#40 - 2014-06-07 21:36:19 UTC
Giving your Full API is only a bad idea when you have something to hide. Thankfully it doesn't matter most of the time because the recruiters don't know what they are looking for, or even how to access the info.