Dev Blog: Security: Different times - Different ways

teamsecurity
bots
eula

(CCP Guard) #1

Please check out the latest blog from Team Security about the the ongoing battle against bots and what you can do to help us help you.

https://www.eveonline.com/article/p41kbx/security-different-times-different-ways


(Rath Valent) #2

You forgot to mention another important security setting: Set your EVE account to use MFA in addition to your email.

It will save your ass.


(Rosov Aulmais) #3

Macro use/modified client

1st offense – 3-day temporary ban. 2nd offense – Permanent ban

Though Chinese localizaton’s current state is a shame, still: is that gonna be bad news for fellow Chinese players who try to access Chinese localization?


CCP closed the client loophole to Chinese localization, perhaps because of me
(Arya Alderian) #4

ExCSM Gelvin Goblin /Riptard Teg did some data analysis and number crunching and found non of this makes any sense about BANS

Aka Ccp isn’t banning bitters via data analysis proof.

But yeah, nice blog there. Sure we believe those words this time.


(Lady Ayeipsia) #5

Yeah cause Goblin has always been such a credible source. :roll_eyes:


(slphy vansyl) #6

nice to see 1880 accounts banned (perma od just 30 days) but when you see how many newborn there’s by day…
http://www.eve-offline.net/?server=tranquility
it’s an endless war…
even ipban cant be used as VPN help to round this
good job anyway and it’s a good thing to see CCP take attention to this plague!


(JC Mieyli) #7

why even bother with a first offense rule when you can just permaban on first offense
maybe pcu numbers


(Piugattuk) #8

Mining bots, I wonder where in new eden this is a thing.


(Sentient Blade) #9

That dev blog was pretty weak sauce. People are going to read it, take the opportunity to plug the EVE account 2FA and while you’re at it add backup codes.


(CCP Peligro) #10

I do not think that localizing the client language provides an unfair advantage. Macro use in this context refers to automation of game play.

In other words: speak whatever language you prefer, just don’t bot!


CCP closed the client loophole to Chinese localization, perhaps because of me
(Julien Brellier) #11

I welcome our new Chinese bot overlords

*and Goon bot overlords, since Mittenz has just told Goons not to report other Goons for botting.


(Arrendis) #12

Gevlon is not Ripard Teg, and his data analysis skills have always been skewed heavily toward the tinfoil.


(Matthias Ancaladron) #13

What’s mfa


(CCP Peligro) #14

The two-strike policy is specifically for “the players” - if you are using your accounts for business purposes, such as for example in the context of a RMT network, they will all be permanently banned - “nuked from orbit” as it were.

The two-strike policy is intended to give our players one chance to “go legit” - we’d obviously prefer not to have to ban anyone at all, but that isn’t realistic. CCP does not view bots as an asset; they are a liability, and they have a negative impact on the user experience.


Capsuleers This is your game!
(CCP Peligro) #15

MFA = Multi-Factor Authentication or “2FA”


(Zircon Dasher) #16

@CCP_Peligro Would it be possible to see a graph of bans by month at fanfest? I think that players being able to see just how many macro/bot accounts are punished each and every month would go a long way towards mitigiating the efficacy some of Team Security’s detractors and (potentially) negative PR from industry mags.


(CCP Peligro) #17

About that: very disappointed… I urge all players to report any suspicious behavior through every available channel. We appreciate your help in keeping New Eden clean.

…and we don’t appreciate people who knowingly harbor bots, so please, if you have any information about that, feel free to contact the security team directly: security AT ccpgames.com


(Nolak Ataru) #18

You still haven’t fixed the false ban given to oodell for bombing runs, and you still haven’t hosted a talk with anyone on the other side regarding multiboxing. Why should we care what you’re doing now?

E: And holy ■■■■, do you not remember why GSF trusts CCP less than North Korea? Here’s a history lesson:

A number of years ago, there were some pretty blatant ratting bots running around in PL allied space. They made almost no effort to disguise themselves, they ran 24/7, and they were all untouchable. They were reported with video evidence, screenshots, logs, you name it. Nothing happened. Tickets were filed, devs were asked, and the resounding response was “I see nothing” and “Everything is fine, comrade.” So, what else is there to do, but take that as tacit approval from CCP devs that botting is allowed? Threads were made on the goon forums detailing exactly how to download, install, and run these bots, as well as the best fits and settings to use (same stuff as you could find on PL’s forums). With lightning speed, CCP banned the top directorate of GSF. But the bots were banned too, you might ask? No, they were not. They kept going right along, farming ISK.

It took a massive backlash to get the directorate unbanned, and to get CCP to actually give a flying ■■■■ about the bots. Since then, it’s been GSF policy to not help CCP with that sort of thing.

That is why we tell people to not report to you. GSF multiboxers get banned, while PL and Horde botters keep on trucking.


(violator2k5) #19

sending people to https://haveibeenpwned.com/ to check their email addresses can be a good thing however that site is not entirely correct. 2 out of 4 of my old email accounts were only noticed as being breached whereas I know for a fact all 4 of the email accounts were breached at some time during the last 20 years. The hotmail accounts were done due to the hotmail site actually getting hacked back in the day and lost a large portion of information on their users that was obtained by the attackers. That information was not shown on the website which leads me to believe that there is a date limit on the information that is shown to the users.

as for the two gmail accounts that were identified, it was interesting to see that they were both compromised due to adobe… I cant help myself, I got a thing for dreamweaver and photoshop :stuck_out_tongue:


(Rivr Luzade) #20

Good blog. A bit light on info. Would have been nice to see where most bot accounts come from, which regions they are active in and so on. :>