These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Information Portal

 
  • Topic is locked indefinitely.
 

New dev blog: Team Security - Banning Bad Guys and also Bad Guys

First post First post
Author
Anika Mobius
Solid State Security
#121 - 2012-03-01 20:46:20 UTC  |  Edited by: Anika Mobius
Wow, I'm impressed. I (as were many) of the mind that CCP was pro-botter since botters pay monthly fees too (or consume PLEX somebody else purchased). Really happy to see CCP doing something about botters.

What I would really like is to see CCP take legal action against botters who sell ISK outside of CCP sanctioned methods and publish information about it. Once you start to hit botters in the real world, fear goes up and the number of bots plummets. Also, the price of non-PLEX ISK would go up making PLEX the obvious choice; which could mean the end of botting all together. I know that's a pipe dream, but one can ask.

Finally, I'd like to see CCP issue awards to pilots who have routinely made efforts to hamper botters by destroying their ships. CCP could datamine account information of who has destroyed a known botter's ships and award in game metals or what not.
  • A.Mobius
Xorv
Questionable Acquisitions
#122 - 2012-03-01 20:57:58 UTC
Good that CCP is doing something, but still way too lenient. If you're sure someone is botting there should be no second, or third chance. character and all assets should be deleted and account banned. Doesn't sound like these people with temp bans are even losing their ill gotten gains, at least set their wallet to 0 and delete all assets.
FeralShadow
Tribal Liberation Force
Minmatar Republic
#123 - 2012-03-01 21:01:54 UTC
Woot Sreegs blogs are full of win. Never disappointed.

One of the bitter points of a good bittervet is the realisation that all those SP don't really do much, and that the newbie is having much more fun with what little he has. - Tippia

Anika Mobius
Solid State Security
#124 - 2012-03-01 21:02:08 UTC
Xorv wrote:
Good that CCP is doing something, but still way too lenient. If you're sure someone is botting there should be no second, or third chance. character and all assets should be deleted and account banned. Doesn't sound like these people with temp bans are even losing their ill gotten gains, at least set their wallet to 0 and delete all assets.


I agree with this so long as their is a method of recourse for those innocents flagged as botters. Nothing worse than being called a botter because you mine 12 hours a day for your corp/alliance; put in all that work only to be banned without recourse would be fairly unjust. CCP has a fine line to walk here: but I do agree that their initial reaction should be the ban hammer with an option to petition for a second chance.
  • A.Mobius
Carlos Aranda
Doomheim
#125 - 2012-03-01 21:21:59 UTC  |  Edited by: Carlos Aranda
blue cop day. 3strike my a_ss.

I see some bots banned - finally after countless petitions and report bot. You know, how frustrating it was, to see then online every day, though it is impossible to not see, what was going on, if you only ever checked once? I see a shitton still online.

I am not one of the usual credentulous players, who just believe it, if somebody once in a year writes: now he is really, really serious 1000+ banned blabla.

"haracter transfer privileges have been revoked in perpetuity"

That is good.

I will be satisfied, if I fly around and do no more see obvious bots. But I have already a bunch of new ones in my addressbook after just 1 new roam. They changed the system, they have some new very young tengus, the old ones are offline, so maybe banned. I reported them. These guys are still in the game and bot like they always did. So far this is not, what I call successful work.
CCP Sreegs
CCP Retirement Home
#126 - 2012-03-01 21:25:10 UTC
Vincent Athena wrote:
Gevlin wrote:
Playing with the numbers
so you say that only 3% of the accounts which used bots were perma band because they would not change their ways. And those 3% equal to between 1k and 2k of players. Also any player caught using a bot once can never transfer or “Sell” a character from their account.

This meant that be 33k to 67k players were caught using bots, and now have their character locked to their account.

Eve has a recovering 350k worth of subscribers, so 10% to 20% (Bold rounding) of eve's
player base has been caught using a bot and has stopped using these bots via one way or another.
To the looks of it 3 strikes would remove the possibility of False positives.

Unholy Rage banned 6200 Accounts in the summer 2009 requiring a lot of resources and had a few false positives that became public.

Not bad result from 1 team over a 3/4 of a year's worth of work. I am looking forward to the chart **** presented at Fan Fest.


I think he means 1000 to 2000 accounts received a ban of some sort. Most a 2 week ban, and 3% a perma-ban.


The 3% number was based on old data. I can't attest to the current attrition rate until we've had time to attrit. Tomorrow I'll take a peek at how many of those were final strikes.

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012

CCP Sreegs
CCP Retirement Home
#127 - 2012-03-01 21:28:53 UTC
Carlos Aranda wrote:

blue cop day. 3strike my a_ss.

I see some bots banned - finally after countless petitions and report bot. You know, how frustrating it was, to see then online every day, though it is impossible to not see, what was going on, if you only ever checked once? I see a shitton still online.

I am not one of the usual credentulous players, who just believe it, if somebody once in a year writes: now he is really, really serious 1000+ banned blabla.

"haracter transfer privileges have been revoked in perpetuity"

That is good.

I will be satisfied, if I fly around and do no more see obvious bots. But I have already a bunch of new ones in my addressbook after just 1 new roam. They changed the system, they have some new very young tengus, the old ones are offline, so maybe banned. This is not, what I call successful work.



The bannings were only off for a few months during the reorg. There's really not anything to not believe as the alternative would be to assume I'm just making up data and if you believe that there's nothing I will ever be able to do to please you.

You'll also note I use terms like "process" and "slow burn". If you think you're going to log in one day and everything that you've personally decided is a bot will be gone then there is also nothing I will ever be able to do to please you.

I'm not asking you to be happy or sad or really feel one way or another, but I'm trying to manage expectations and I'm going to be realistic about it.

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012

Camios
Sebiestor Tribe
Minmatar Republic
#128 - 2012-03-01 21:42:10 UTC
First, most important: CCP Sreegs looks like a seal being really happy about the fish.

Second: can you trace the money-asset stream between characters? Hard core botters use account registered with fake names and use various means to hide their main non-botting accounts, but their main accounts must get the money from the botting ones in some way. If you can trace movements, the botters are forced to launder the money in some way. There are many ways to do this in a sandbox, but this increases the effort needed to keep the "good accounts" clean; and you can anyway act on the laundry.
Vaerah Vahrokha
Vahrokh Consulting
#129 - 2012-03-01 21:57:16 UTC
Anika Mobius wrote:
Xorv wrote:
Good that CCP is doing something, but still way too lenient. If you're sure someone is botting there should be no second, or third chance. character and all assets should be deleted and account banned. Doesn't sound like these people with temp bans are even losing their ill gotten gains, at least set their wallet to 0 and delete all assets.


I agree with this so long as their is a method of recourse for those innocents flagged as botters. Nothing worse than being called a botter because you mine 12 hours a day for your corp/alliance; put in all that work only to be banned without recourse would be fairly unjust. CCP has a fine line to walk here: but I do agree that their initial reaction should be the ban hammer with an option to petition for a second chance.


This is exactly what I was trying to say some pages ago.

While I am sure CCP are putting all their efforts into being as accurate and as fair as possible I know of some past undeserved bans.
The more drastic measures CCP applies on the alledged botters, the more the potential damage done to people who just happened to fulfill a behavioral pattern by coincidence and the more a functioning and comprehensive tool to provide proof of innocence should be provided.

Some players have indeed huge amounts of time to play, what if someone does a bot-alike profession (i.e. mining) for 16h a day for 3 months while ALT tabbed doing WH / missions / exploration?
How would he prove his innocence when banned for "suspicious botting behavior for 16h a day for months"?
Aquila Draco
#130 - 2012-03-01 22:19:16 UTC
Vaerah Vahrokha wrote:
Anika Mobius wrote:
Xorv wrote:
Good that CCP is doing something, but still way too lenient. If you're sure someone is botting there should be no second, or third chance. character and all assets should be deleted and account banned. Doesn't sound like these people with temp bans are even losing their ill gotten gains, at least set their wallet to 0 and delete all assets.


I agree with this so long as their is a method of recourse for those innocents flagged as botters. Nothing worse than being called a botter because you mine 12 hours a day for your corp/alliance; put in all that work only to be banned without recourse would be fairly unjust. CCP has a fine line to walk here: but I do agree that their initial reaction should be the ban hammer with an option to petition for a second chance.


This is exactly what I was trying to say some pages ago.

While I am sure CCP are putting all their efforts into being as accurate and as fair as possible I know of some past undeserved bans.
The more drastic measures CCP applies on the alledged botters, the more the potential damage done to people who just happened to fulfill a behavioral pattern by coincidence and the more a functioning and comprehensive tool to provide proof of innocence should be provided.

Some players have indeed huge amounts of time to play, what if someone does a bot-alike profession (i.e. mining) for 16h a day for 3 months while ALT tabbed doing WH / missions / exploration?
How would he prove his innocence when banned for "suspicious botting behavior for 16h a day for months"?


Please shut up with stealth "my bot runs for 16 hours a day every day for months now - will it be banned"
No human will mine for 3 months every single day for 16 hours a day. LOL... you will oversleep some day in that 3 months or something i presume. And you will few msgs in local in that 3 months, or click wrong every now and then or something.

CCP Sreegs
CCP Retirement Home
#131 - 2012-03-01 22:21:57 UTC
Camios wrote:
First, most important: CCP Sreegs looks like a seal being really happy about the fish.

Second: can you trace the money-asset stream between characters? Hard core botters use account registered with fake names and use various means to hide their main non-botting accounts, but their main accounts must get the money from the botting ones in some way. If you can trace movements, the botters are forced to launder the money in some way. There are many ways to do this in a sandbox, but this increases the effort needed to keep the "good accounts" clean; and you can anyway act on the laundry.


There are lots of ways to trace lots of things. Giving specifics would be a bit silly this early in the game. There's also some newer tech coming into play I'll be talking about at fanfest that will make the ridiculous FAKE EVERYTHING EVER ON YOUR ACCOUNT anonymity vanish. I'm not saying what we're doing yet so don't ask, but merely pointing out that we know it's a problem and have for some time.

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012

Carlos Aranda
Doomheim
#132 - 2012-03-01 22:23:07 UTC

here is an extreme example:

http://eve-kill.net/?a=corp_detail&crp_id=113284&view=losses&m=11&y=2011

http://eve-kill.net/?a=kill_detail&kll_id=12237649

one of their transports to empire. Alloys worth 11 bil.

I know several guys, who passed them, tried to kill them and watched them. We were all very frustrated, that the GMs just closed our petitions and did nothing for so long, though it was so obvious. These were very good setup, almost impossible to catch. Now finally after several months, these bot tengus seem to be banned.

You need appr 7 months to check this and ban them?
Plz tell me, you did not ban them just 14 days?
What happened with all the ISK, they made in this months?
Why on earth should they get only a 1st strike and not right away a permaban + all ISK deleted?

If you fly around in their territory, you see the same human must still have tengus. They are online and out there. Just no more in this systems. These systems are atm. dead. By the time you realize, this must be bigger, you might consider some control, what is going on in that alliance: Who profited of this, too? Or did they sent you a petition, that something is going on in their space? I doubt that.
Xorv
Questionable Acquisitions
#133 - 2012-03-01 22:27:32 UTC
Vaerah Vahrokha wrote:

Some players have indeed huge amounts of time to play, what if someone does a bot-alike profession (i.e. mining) for 16h a day for 3 months while ALT tabbed doing WH / missions / exploration?
How would he prove his innocence when banned for "suspicious botting behavior for 16h a day for months"?


If someone is mining 16 hours a day for months they should be banned for their own good. Seriously though, it's hard to comment on false positives without knowing how exactly CCP identifies the botters, which obviously they're not going to say. However, yes there should be some sort of appeal process, but ultimately if your caught deliberately cheating such as using bots you shouldn't be getting any more chances, it should be game over.
Frabba
Perkone
Caldari State
#134 - 2012-03-01 22:31:26 UTC
I probably missed this earlier in the thread, but what happens to the other characters on the accounts which were banned for botting? Are they also going to be locked down?

its me im the best poster.

ps3ud0nym
Dixon Cox Butte Preservation Society
#135 - 2012-03-01 22:36:34 UTC  |  Edited by: ps3ud0nym
CCP Sreegs wrote:
Camios wrote:
First, most important: CCP Sreegs looks like a seal being really happy about the fish.

Second: can you trace the money-asset stream between characters? Hard core botters use account registered with fake names and use various means to hide their main non-botting accounts, but their main accounts must get the money from the botting ones in some way. If you can trace movements, the botters are forced to launder the money in some way. There are many ways to do this in a sandbox, but this increases the effort needed to keep the "good accounts" clean; and you can anyway act on the laundry.


There are lots of ways to trace lots of things. Giving specifics would be a bit silly this early in the game. There's also some newer tech coming into play I'll be talking about at fanfest that will make the ridiculous FAKE EVERYTHING EVER ON YOUR ACCOUNT anonymity vanish. I'm not saying what we're doing yet so don't ask, but merely pointing out that we know it's a problem and have for some time.


I know you keep telling us that you can't tell us anything... is this really the best course of action? Throw it open, let everyone see and figure out ways to make it better. Certainly would mollify some of these people's ideas that the bans and detection will be rather primitive and rely on anecdotal evidence. I understand the intial desire for secrecy, but in the end I am wondering if it is counter productive. Someone could reverse engineer your code and you would never know. If it is open to everyone to see, sure you can exploit it, but that exploit would be known widely almost immediately and could then be addressed.
CCP Sreegs
CCP Retirement Home
#136 - 2012-03-01 22:36:58 UTC
Carlos Aranda wrote:

here is an extreme example:

http://eve-kill.net/?a=corp_detail&crp_id=113284&view=losses&m=11&y=2011

http://eve-kill.net/?a=kill_detail&kll_id=12237649

one of their transports to empire. Alloys worth 11 bil.

I know several guys, who passed them, tried to kill them and watched them. We were all very frustrated, that the GMs just closed our petitions and did nothing for so long, though it was so obvious. These were very good setup, almost impossible to catch. Now finally after several months, these bot tengus seem to be banned.

You need appr 7 months to check this and ban them?
Plz tell me, you did not ban them just 14 days?
What happened with all the ISK, they made in this months?
Why on earth should they get only a 1st strike and not right away a permaban + all ISK deleted?

If you fly around in their territory, you see the same human must still have tengus. They are online and out there. Just no more in this systems. These systems are atm. dead. By the time you realize, this must be bigger, you might consider some control, what is going on in that alliance: Who profited of this, too? Or did they sent you a petition, that something is going on in their space? I doubt that.


I'm not a GM and never have been. I cannot speak to what may or may not happen with petitions. If our system for dealing with bots was to have a bunch of dudes sitting there staring at people when they get petitioned it would pretty much be the dumbest system to do anything anyone has ever implemented.

I've explained the three strike system already at least twice in this thread.

My point being that we didn't just now get to your petition. Your petition wasn't involved at all. We detected the bot using special secret tools and now it's gone along with however many thousand others decide to log in. I'm sorry you have some frustration regarding a past petition but I can assure you that has nothing to do with myself, my team or this system. :)

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012

CCP Sreegs
CCP Retirement Home
#137 - 2012-03-01 22:38:09 UTC
Frabba wrote:
I probably missed this earlier in the thread, but what happens to the other characters on the accounts which were banned for botting? Are they also going to be locked down?


Yes. The account itself will be unable to transfer characters.

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012

Vertisce Soritenshi
The Scope
Gallente Federation
#138 - 2012-03-01 22:42:33 UTC
Very good. Since the 3 strike rule wasn't going to change the idea to lock characters to the accounts is a great one. I wasn't aware that the initiative was put on hold for banning bots. I am sure there was a good reason but am happy to hear you have started it back up again. Should see a healthy change in the economy from this. Thank you for your efforts!

Bounties for all! https://forums.eveonline.com/default.aspx?g=posts&m=2279821#post2279821

CCP Sreegs
CCP Retirement Home
#139 - 2012-03-01 22:44:06 UTC
ps3ud0nym wrote:
CCP Sreegs wrote:
Camios wrote:
First, most important: CCP Sreegs looks like a seal being really happy about the fish.

Second: can you trace the money-asset stream between characters? Hard core botters use account registered with fake names and use various means to hide their main non-botting accounts, but their main accounts must get the money from the botting ones in some way. If you can trace movements, the botters are forced to launder the money in some way. There are many ways to do this in a sandbox, but this increases the effort needed to keep the "good accounts" clean; and you can anyway act on the laundry.


There are lots of ways to trace lots of things. Giving specifics would be a bit silly this early in the game. There's also some newer tech coming into play I'll be talking about at fanfest that will make the ridiculous FAKE EVERYTHING EVER ON YOUR ACCOUNT anonymity vanish. I'm not saying what we're doing yet so don't ask, but merely pointing out that we know it's a problem and have for some time.


I know you keep telling us that you can't tell us anything... is this really the best course of action? Throw it open, let everyone see and figure out ways to make it better. Certainly would mollify some of these people's ideas that the bans and detection will be rather primitive and rely on anecdotal evidence.


Based on my experience yes it is the best course of action. Plenty disagree but today bots are getting banned so I get to be right and anyone saying I should tell them every detail of everything we do is wrong. Twisted

I don't want to be dismissive because you're probably sincere. Were I to be trolling this thread I'd come in with something cool like SECURITY BY OBSCURITY because that's a catchphrase that people misinterpret as meaning that all systems need to be open or they're inherently insecure and I could probably argue with me for quite a while about it by taking that bait.

In this case it's a videogame universe with a very specific set of capabilities and a very small team of people working on a rather large problem. We're not going to waste even an ounce of our time satisfying curiosity if there's even a glimmer of a chance it will make us have to do more work getting back to zero. I'm happy to see some examples of anyone else in this industry who handles the situation differently though.

Hopefully that makes sense.

"Sreegs has juuust edged out Soundwave as my favourite dev." - Meita Way 2012

Marlona Sky
State War Academy
Caldari State
#140 - 2012-03-01 22:50:29 UTC  |  Edited by: Il Feytid
Is it possible for you to tell us what the botters primary activity was? In a percentage like "67% were miners, 12% were market...". As an example.