Sugar Kyle from The Humbleless Crew did an extensive summary on the Eve Vegas presentations. You really want to read this one, specially the part where alliance leaders can be held accountable for their underling’s botting activities.
Please keep in mind these are mere “summaries” and “notes” of the presentations, written in haste and with a very vague sense of specificity on the mentioned subjects.
Eve Vegas – Bots and Security, leaders to be accountable for permitting renters/corps botting.
This will be interesting. I will be going just to watch. Hong is sitting beside me, writing ideas and comments to ask and stuff to blog about later using my pen and paper. This is after he laughed at me for being prepared and breaking out my entire setup. Then he leans back and goes, “I wish I had something to write this stuff down.” I handed him a pen and paper and now he writes away.
The player discussions I will lump together into a different blog set from the Devs for (hopefully) easier browsing.
CCP Stillman: Security and Bots
Past, present and future of Botting and RMT.
First bot released around Eve Online: Exodus around 2005. And then the trend went up by the graphics.
Unholy Rage:
First attempt to solve it. Back then they acknowledged the fact that Botting and RMT had become socially acceptable because of the inaction on the part of CCP. PLEX set the stage for an legitimate alternative to RMT. There was a focus to achieve a company wide understanding of the issue at hand. Also a company wide effort because before not one had paid attention or really cared. PLEX was a direct step to try to combat it.
The plan:
Everyone pitched in to try and contain the issue. Research and statics provided intelligence to Game Managers. A handful of GMs tasked with verification and laying down justice.
RMT temporary bans from 2009-2010 were hitting around 9,000 players a month and next month a perm ban would hit with that conformation giving them around 10,000 bans. As a result the RMT market dropped nicely. The bans dropped the isk brought in by botters and RMTers big time. He showed a graph that points how unholy rage did a big dent in the isk coming in from botters. Also the server load decreased with the ban on these bots.
Unholy Rage was not sustainable.
Shamefully, they couldn’t keep it up long term. The Unholy Rage was inefficient and heavy on man power. The need a more specialized effort was apparent and CCP tried to solve this. (quoting charts and power point).
In 2010 they hired CCP Sreegs. In March 2011 he put together the “task force” with Sreegs, Chronotis, Stillman, Masterplan, Grimmi, and Pollux combined in it. This “task force” made a cross functional team that had someone from each department to work on stuff in their free time. Their primary focus was and still is enforcing the EULA. CCP Sreegs and CCP Pollux are full time at this and everyone else is about 10%.
CCP Masterplan and CCP Stillman began to work on a prototype program to find bots. They targeted specific bots. One step at a time to prove that they could do it, bring successful at shutting it down specific bots. What wound up happening is every 7-14 days; they did do a ban wave with their three strike cases. The third strike also takes out every account that the person has, not just the botting accounts. According to Sreegs the impact was big. But again, it was not sustainable on the long run and Incarna’s development time plus end projects sucked up all of their allotted time.
This was something CCP Uniflex recognized and led to the creation of Team Security as we know it now, a team focused strictly on security with consolidated responsibility to avoid duplication of efforts. CCP Sreegs runs the team and CCP Stillman joined as an application security analyst. CCP Arkanon and Peligro are the AI guys.
Goals:
Better able to deliver internal tools, work together with other teams to deliver new features. Focus and devote chunks of time to security related projects, which also let them not to be dragged off into other projects.
Back on track they rewrote the systems conceived by the original Eve Security Task Force and made huge improvements on the botting detection rate. A ton of nobs and switches, easy to improve on. They also focused on a slow burn approach; to implement less one-time-events like the Unholy Rage type things and more of banning small groups of people on a constant and regular schedule.
Since team security has started banning people again, is not rare to see bans issued every 24 hours. At first a spike of bans was notorios, which has leveled off since then. Every couple of weeks they are detecting a couple hundred people botting (out of 350,000 active accounts). According to Sreegs said its a good level to be at from the thousands they used to be when botting wasn’t addressed.
There is also a focus to detect and ban market bots (this sparked some incredulity moans from the public), mining bots, mission bots, ratting bots as well.
Market bots are 2% of the people they ban
Market bots are indeed a big issue for CCP Games given the individual market bots have a per account large impact more so then others – processing wise. Mining and Ratting bots are the two biggest botting activities with mission bots coming after.
Over Three Trillion isk has been calculated to be seized from botting accounts this summer alone.
Team Security check the data and decide how much a person has made and then take it away. They do this on a daily basis.
The Future
Slow burn – gradual changes.
Watch numbers and impact to assess success or failure. Examples: Character transfer blocks. Size ISK automatically. Other bank end changes we can’t discuss. They make changes on a regular basis to change up their detection to avoid becoming to easy to avoid.
Ban related assets on characters.
RMT is a permanent ban as soon as detected. If a character’s wallet isk equals three trillion isk, but the total of his assets are about 11 trillion, corporation isk is about 909bil and corporation assets of 1.3tril. These are obviously the bot corps. Bots do such a tremendous amount of money that it is not easy to hide, much less justify.
Skillpoints:
Generally the people they are banning are people with low skill points. So most of the bans are new characters. Because they also ban all accounts they are not seeing that many bans across older accounts.
Ships types flying at the time.
Lots of tengus and macks are banned. Hulks, Navy Issues, lots of iterons from macro hauling missions. An interesting thing he noticed is that Nyx are represented. 32 of those bands. 8 aions, 3 avatars, and lots of other things.
He said that:
There are a few alliances that are big into botting but most are not.
Average botting income was around 200 billion
A detection improved, the average income has gone down to more like 50 billion due the inability to run the bots 24/7. Per account they are making less income. Botters are forced to make more accounts to spread botting should they wish to make as much isk as they once did, something which in turn makes them easier to detect and forces them to spend more money and isk.
At the moment, the ISK entering the economy from botters has decreased greatly. The ore mining chart shown by Sreegs also shows a decrease from 1k veldspar to hovering around 300. Graphs were hard to see, sorry. And really, really busy, but in general He is showing results out of anti-botting actions.
The future: Continue the Slow Burn.
Team Security will continue to improve the anti-bot measures and improve the tools at and for the job.
[Now a video about POSs and RMTs.]
Team Security will go after alliances with affiliated botting operations – if they have to – in order to mitigate rampant botting. Now is the time and this is their response.
After that shocker, Sreegs showed a video of them blowing up peoples POSs that harbor bots. They showed POSs they have gone and blown up every single thing there. The people who owned the POS were not RMT but let RMT people use the POS.
No more social acceptance of botting.
They said at fanfest they were going to look at it. Now they have dealt with the low hanging fruit and now they are taking the next step. Next Team Security is going after alliances and corporations hosting botting / RMT so they no longer be havens. They will make sure the alliance feels the pain from harboring ilegal activity. They won’t do anything like banning the entire alliance but they are going to go for a slow burn, taking small steps and see what happens, just the way they have done with individual botting. Entire alliances won’t be killed off overnight. (at least not initially)
Now for Players Q&A:
The reporting mechanism. Giving a bounty for reporting bots? Can we get some isk if we report them?
One of the things they are doing is that they don’t want a feed back mechanism in game to their detection. As soon as they offer bounties they are leaking to much information. While they want to reward people they have another mechanism for that. If you know a big op is going on mail security@ccp and you will get 2 plex if it turns out to be good intel.
How are they going to deal with rental alliances that have no impact on what is going on?
If at the end of the day if you are going to let people enter your alliance and you are receiving rent money from them you are on the hook as well. You may not know what is going on but he thinks that people need to do a bit more background. (but that switches enforcing what the renters are doing from CCP to the player but CCP is paid to take care of it and now making the player do their job). He doesn’t want to punish people for it. But there is word on the street that high end alliance leaders are involved and they are going to be affected. (if you have proof then kick them but dont make us do your job) We are not going to kill the alliance over night. We will talk and find out and seek. Its still up in the air.
Earlier said that the team has had several compositions before but they have died because of lack of manpower and teams and stuff. How does he feel about the current possible longevity of this time. From a player perspective it feels that CCP is not as serious as they say they are. What are you doing to make us happy?
He says that there is a lot to consider. CCP has seen that they are helping because they also solve other things like hacking problems and sever problems and such. That the slow burn is not as fast as people like as it gets deeper and burns in more the issue will snow ball and players will see a larger change. As they can address small problems better and reduce the background noise they will be more efficient.
Like plans to hold alliance responsible. When can they get CCPs tools to locate botters in their own alliances?
CCP ain’t giving out their tools. They will learn how to get around it. (but its not right to hold the alliance responsible for what they can’t detect). Yes if they think that the alliance is not clearly doing something wrong but its a focused problem they will reach out to you. (Will we get account names of the botters then?) They want to work and they will look into it. But no scarlet letter. Also this isn’t going to be an overnight thing.
Are they changing the EULA for alliance leaders that they have to be proactive to avoid the bans?
It sounds like we are not getting account info, tools, and CCP expects players to give them everything or they are gone! It seems unreasonable that alliance leaders are going to be on the hook for this corp coming in that is botting and no one even knows.
How does this fit into the EULA to make the alliance leaders responsible for botting on other players accounts?
Right now EULA says that if you knowingly interact with botters you are responsible. (But now he wants to know if they are going to suffer.) This isn’t going to be instant. (what is the time frame? What safeguards do alliances have from their bad seeds?) If CCP thinks something is up they are going to reach out. (Doesn’t that violate the EULA that CCP is giving the info?) They are not going to violate the EULA but they will reach out (Sounds like there needs to be more thinking. This just sounds bad on so many levels and CCP needs to think about). Stillman is handling this well. He continues to say that this is going to be slow and they are going to work on it and they have not built any policies yet.
Many other MMOs have similar problems but its often account hijacking. Does CCP have account hacking problems?
Stillman says that yes its also account hacking and other problems from the big RMT sites and they find out about that stuff as well.
Has CCP considered embracing it with a flag and penalties if people want to bot?
To accept it. It happens! They have the PLEX that people can use. They can buy game time. That is the embracement CCP has had. No botting is okay.
What sort of response would CCP be looking for from the alliance leaders?
They are not overly concerned about the alliances at the bottom. He will start with the alliances that are obviously botting and he can’t help but know that they know that there is botting. They will start with the biggest impact first. If they think it is unknowingly happening behind peoples back they are not just going to ban the innocent. They do want it addressed were obvious.
Account security? Two factor authentication?
There is a lot of backend work to this. The way that it will work is that the new system they are working is tied into the new third party functionality. They have to roll that out everywhere before they do the two part auth. Also they have to figure out distributions. They are working on it. Answer is ‘soon’ but they don’t have it all in place
Letting Eve handle Eve. Considered a script to allow PvPrs to go after bots and let us self police without suicide ganking or chasing down ratting ravens?
Players will kill them if CCP lets us! They have discussed the player enforcement aspect but they feel it is more of a game design issue.
It’s true that every alliance bots to some degree, right?
Yes
Is there anything proactive that has been considered?
There has been very little feedback to the community to show people that botting is bad? To teach people its wrong before they decide to do it? Um…. (long pause) we do have plans to do more proactive work and there is a technical perspective to it and social acceptance to it.
- Sugar Kyle