Pages: 1 2 3 :: [one page] |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Mister Short
|
Posted - 2011.04.12 01:55:00 -
[1]
Just wondering if he was unbanned. If not, what will this mean for future petitioners?
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.12 01:59:00 -
[2]
That's not QUITE how it happened. IF he would have ONLY reported it, he would not be banned now. _
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST ! "New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Awesome Possum
Original Sin. PURPLE HELMETED WARRIORS
|
Posted - 2011.04.12 02:00:00 -
[3]
the "gagged in local" guy? ♥
|
Sam Akiga
|
Posted - 2011.04.12 02:01:00 -
[4]
Why is everyone jumping on board with these threads? Yes, he tried to help out but instead of petitioning the GMs with the details, he decided to make some noises and violate a couple rules in the EULA.
Yes, he sent a petition. But did he provide evidence or details as to how he done it? No, he even commented on leaving CCP to do the leg work to find the bugs... and you ask why CCP didn't shut down their forums immediately.
I've dealt with game servers like this in the past where someone finds a security loop-hole in a game mode you've created, makes a public speech announcing he's a white knight rather than quietly informing us and reeking the "fame" and entertainment from the havoc that it 'causes.
Stop portraying him as some kind of hero.
|
Mister Short
|
Posted - 2011.04.12 02:10:00 -
[5]
thnx for the info
|
Hieronimus Rex
Minmatar Infinitus Sapientia New Eden Research.
|
Posted - 2011.04.12 02:13:00 -
[6]
Banned from the forums isn't such a terrible thing is it?
|
Mister Short
|
Posted - 2011.04.12 02:14:00 -
[7]
it was an ip ban from the game from what i heard
|
Shar Tegral
|
Posted - 2011.04.12 02:16:00 -
[8]
Originally by: Mister Short it was an ip ban from the game from what i heard
Considering your OP, you are a reliable source of information indeed!
Wealth, howsoever got, in Eve makes Lords of morons and gentlemen of thieves; Aptitude and intellect are needless here; 'Tis impudence and money that grants fame. |
Elyssa MacLeod
|
Posted - 2011.04.12 02:16:00 -
[9]
Originally by: Mister Short it was an ip ban from the game from what i heard
ah the kug treatment
then again apparently what he supposedly got banned for is OK now
|
Hieronimus Rex
Minmatar Infinitus Sapientia New Eden Research.
|
Posted - 2011.04.12 02:18:00 -
[10]
Originally by: Mister Short it was an ip ban from the game from what i heard
Why would they ban you from the game for exploiting the forums?
Forum pvp exploits are totally different from ingame pvp exploits.
|
|
Elyssa MacLeod
|
Posted - 2011.04.12 02:20:00 -
[11]
Edited by: Elyssa MacLeod on 12/04/2011 02:22:19 Edited by: Elyssa MacLeod on 12/04/2011 02:20:57
Originally by: Hieronimus Rex
Originally by: Mister Short it was an ip ban from the game from what i heard
Why would they ban you from the game for exploiting the forums?
Forum pvp exploits are totally different from ingame pvp exploits.
theyve game banned ppl for forum stuff before, its not new
IE the supposed reason they game/forumbanned Kug and made it so you cant say his name on the forums even four years later
|
Mister Short
|
Posted - 2011.04.12 02:22:00 -
[12]
Originally by: Shar Tegral
Originally by: Mister Short it was an ip ban from the game from what i heard
Considering your OP, you are a reliable source of information indeed!
Going in to this, all I heard was his side. I am just supplying the info I know. Now I am getting some different viewpoints.
|
Dr BattleSmith
PAX Interstellar Services
|
Posted - 2011.04.12 02:36:00 -
[13]
lol
So lets get this straight.
* CCP fail web team convinces management they are awesome with hubris and garbage. * CCP commence using MS tech to write a "social network" (term used loosely). * CCP fail to check their new website with google ratproxy. * Obviously the code contains exploitable holes. A) MS B) CCP web team. * A random script kiddy finds the glaring holes. * Security through obscurity isn't good for CCP or us so some details are posted. * CCP kills the messenger.
Fail CCP. Fail CCP web team.
CCP Nathan "the data does not seem to support that polished quality sells" Evelgrivion "each passing year, each failure to deliver on expectations of basic competence" |
Shar Tegral
|
Posted - 2011.04.12 02:38:00 -
[14]
Originally by: Mister Short Now I am getting some different viewpoints.
And this needed it's very own special individual thread for??? Let me do the sums for you: Why join into some sort of drama storm when you only have one person's side of a story? What winds up happening is that you look like a sucker, the other person gets to laugh, and nothing worthwhile gets down. Not to mention you'll probably get a forum warning for bringing this subject up - yet again. You may not have been repeating the topic but it has been oft repeated in a troll campaign. People who get hammered for being jackasses usually spawn such things. CCP's side of matters is this guy was no hero. From experience, CCP is possibly over reacting (not unheard of) but in equal measure past history for such unique moments/individuals demonstrates that the punishment usually fits the infraction. Contrary to popular belief - Being a jackass in the process of doing something marginally good doesn't change the fact that you were being a jackass. People need to stop defending such jackasses but then most who do defend them identify with them. Three guess why?
Wealth, howsoever got, in Eve makes Lords of morons and gentlemen of thieves; Aptitude and intellect are needless here; 'Tis impudence and money that grants fame. |
Diomedes Calypso
|
Posted - 2011.04.12 02:40:00 -
[15]
The devil is in the details.
Going in and leaving a calling card or two and reporting the failure is one thing (and I'd support that sort of thing if the person doing it had a good faith concern that things were in a dangerous state which warranted a drop everything now and handle it approach)
Logging in and spending hours tooling around in internal forums isn't needed to call attention to a problem and is indeed a criminal act (I can forgive someone taking a quick sneaky look like seeing an open page of a diary through a car window, but opening an unlocked door and reading the diary is an entirely different thing).
The second deserves to be punished...
however.. did he post any juicy info anywhere and can I have the link ? (I didn't do the stealing and heck i'll breach that level of moral highground if stuff is common knowledge to other players now.
|
Steve Thomas
Minmatar Sebiestor Tribe
|
Posted - 2011.04.12 02:40:00 -
[16]
more like trolles making up facts that sound good in order to bash CCP.
but dont let me stop you
.End of line. ----------------
http://desusig.crumplecorn.com/sigs.html Crumplecorn's DesuSigs
|
Obsidian Hawk
RONA Legion RONA Directorate
|
Posted - 2011.04.12 02:47:00 -
[17]
Originally by: Dr BattleSmith lol
So lets get this straight.
* CCP fail web team convinces management they are awesome with hubris and garbage. * CCP commence using MS tech to write a "social network" (term used loosely). * CCP fail to check their new website with google ratproxy. * Obviously the code contains exploitable holes. A) MS B) CCP web team. * A random script kiddy finds the glaring holes. * Security through obscurity isn't good for CCP or us so some details are posted. * Script kitty forgot to read the EULA that exploiting bugs is a bannable offence * CCP Proves that he indeed abused the exploit and by not reporting it properly on how it happened he did infact violate the EULA worse than others. * CCP kills the messenger.
Fixed,
Even though they super derped that still doesnt give players the right to exploit them and prove them wrong. That's just asking for a perma ban.
So if you find a bug, report it and the proper steps on how you re-created it. That way the bug gets fixed and you avoid the gallows when CCP secret GM police come for the exploiters.
|
Guilliman R
Gallente Northstar Cabal R.A.G.E
|
Posted - 2011.04.12 02:49:00 -
[18]
Originally by: Mister Short it was an ip ban from the game from what i heard
Lol ip ban, how 90's
------
|
dexington
Caldari Baconoration
|
Posted - 2011.04.12 02:52:00 -
[19]
Original post...
Originally by: William Loire
Of what Catari told us:
-He petitioned his findings with CCP.
-He realized he could not only pose as any character, but edit any post, login in as a GM, access moderator controls and see invisible forums such as the private CSM forums.
-He was taunted by one SHC member to prove it. Which he did by posting as said SHC member. Said customer then proceeded to say "brilliant" and showed no issue with the post.
- Looked over CSM topics related to the forums. (Worthy of a temp ban)
- Received his ban. Then upon the return of the forums following the hotfix, he posted in the dev thread showing that he could easily skirt his IP ban. - He never received an explanation for his ban or a time frame for how long it will last. He probably received a permanent ban even though he deserves a medal from CCP for revealing such a obvious hole that could have literally ****ed over thousands of customers.
- He never revealed how either exploit works to anyone on SHC or EVEO.
|
Dr BattleSmith
PAX Interstellar Services
|
Posted - 2011.04.12 02:56:00 -
[20]
Originally by: Obsidian Hawk * Script kitty forgot to read the EULA that exploiting bugs is a bannable offence
Personally I was going to do a security appraisal of the new forums before release.
However I thought CCP would be morons and respond in this way to someone doing the testing they obviously failed to do.
EULA is one thing, "no one ever test our ****" is another thing entirely.
CCP Nathan "the data does not seem to support that polished quality sells" Evelgrivion "each passing year, each failure to deliver on expectations of basic competence" |
|
Liang Nuren
|
Posted - 2011.04.12 02:56:00 -
[21]
TBFH, even he says his petition didn't include enough information to be useful or construct an actual bug report. Of course, he thinks that people should be able to auto ****ing magically construct a solid reproducible bug report out of something containing not much more than "yo dawg u suk a dik lmao losers i can excalate mah privs ur forum broke *****es"
Read it from the horse's mouth here
-Liang -- Eve Forum ***** Extraordinaire On Twitter
|
dexington
Caldari Baconoration
|
Posted - 2011.04.12 03:05:00 -
[22]
Originally by: Dr BattleSmith However I thought CCP would be morons and respond in this way to someone doing the testing they obviously failed to do.
On one hand i feel they should give him a break and just remove the ban, the bugs was very obvious, had be not found them someone else would have. On the other hand he did decide to exploit the security flaws, which was pretty stupid when he knew CCP would be looking into the issues.
You can't both petition a problem and at the same time use it to get access to off limit areas, and not except it to have some consequence.
|
Sam Akiga
|
Posted - 2011.04.12 03:15:00 -
[23]
Originally by: dexington Original post...
Originally by: William Loire
Of what Catari told us:
-He petitioned his findings with CCP.
-He realized he could not only pose as any character, but edit any post, login in as a GM, access moderator controls and see invisible forums such as the private CSM forums.
-He was taunted by one SHC member to prove it. Which he did by posting as said SHC member. Said customer then proceeded to say "brilliant" and showed no issue with the post.
- Looked over CSM topics related to the forums. (Worthy of a temp ban)
- Received his ban. Then upon the return of the forums following the hotfix, he posted in the dev thread showing that he could easily skirt his IP ban. - He never received an explanation for his ban or a time frame for how long it will last. He probably received a permanent ban even though he deserves a medal from CCP for revealing such a obvious hole that could have literally ****ed over thousands of customers.
- He never revealed how either exploit works to anyone on SHC or EVEO.
First things first, this is CCP's house and they can throw anyone out for any reason, another thing... don't discuss moderation, these threads are a violation of the forum rules.
So, let me summarise what he done.
-He found a loophole.
-Exploited said loophole to prove it was possible to himself
-Petitioned CCP(*)
-It was obvious he wanted fame or to discredit the new forums or something, so he decided to cause a public stir and draw the public eye's attention to the fact the forums had security loop holes. Anyone with a background in web development or a computer course now has the ability to have a look for themselves.
-With an alibi of him proclaiming to be a white knight and a petition, he probably thought it was safe to demonstrate it / show off as well as still intrude upon the forums that aren't normally visible to players. This itself is a computer felony.
-Get banned for continuous use of the forums he wasn't allowed access to, not being helpful in the investigations (CCP said two other people helped expose loopholes, he didn't), etc.
-In the end, he was trying to bash CCP and get some e-fame.
-Two people were rewarded for their help, he deserved what he got. The (*) is where he should have stopped and gave CCP more information.
Look at this way, if you left your door unlocked and I decided to call/text you to tell you that your door is unlocked. You wouldn't be happy to come home to me sitting in your sofa watching tv.
|
dexington
Caldari Baconoration
|
Posted - 2011.04.12 03:31:00 -
[24]
Originally by: Sam Akiga Look at this way, if you left your door unlocked and I decided to call/text you to tell you that your door is unlocked. You wouldn't be happy to come home to me sitting in your sofa watching tv.
depends.. are you a hot chick who likes to watch tv naked?
|
Elyssa MacLeod
|
Posted - 2011.04.12 03:32:00 -
[25]
Originally by: Sam Akiga
First things first, this is CCP's house and they can throw anyone out for any reason, another thing... don't discuss moderation, these threads are a violation of the forum rules.
Right! they can even permaban someone for something thats become commonplace since sreegs told us his name (used to be if you posted a RL name of a CCP on the forums you got permabanned and yer name stricken from the forums for years afterwards)
|
dexington
Caldari Baconoration
|
Posted - 2011.04.12 03:38:00 -
[26]
Originally by: Elyssa MacLeod
Right! they can even permaban someone for something thats become commonplace since sreegs told us his name (used to be if you posted a RL name of a CCP on the forums you got permabanned and yer name stricken from the forums for years afterwards)
They have the right to ban anyone without any given reason, they don't have to follow any "rules". The rules are there to tell you what you should and should'nt do, not who they can or can't ban.
|
Shar Tegral
|
Posted - 2011.04.12 03:40:00 -
[27]
Originally by: Elyssa MacLeod Stuff
See, another fine example of someone being a jackass in defense of another jackass. You had your say. It was deleted, the thread locked, and you get to still post. A wise person would say, let it go. Me otoh would like you to continue. Nothing thrills me like watching someone self destruct - but only the intellectually challenged ones.
Wealth, howsoever got, in Eve makes Lords of morons and gentlemen of thieves; Aptitude and intellect are needless here; 'Tis impudence and money that grants fame. |
Elyssa MacLeod
|
Posted - 2011.04.12 03:44:00 -
[28]
Originally by: Shar Tegral stuff
I like it when ppl call ppl jackasses and make jackasses out of themselves for talking to obvious trolls
though the double standard is still there and I still have a point. Sticking up for them for breaking their own rules... lol is it possible to tell where your lips end and their buttocks start at all anymore?
|
dexington
Caldari Baconoration
|
Posted - 2011.04.12 03:49:00 -
[29]
Originally by: Elyssa MacLeod Sticking up for them for breaking their own rules... lol
They can't break the rules, when the rules don't apply to them.
|
Diomedes Calypso
|
Posted - 2011.04.12 03:53:00 -
[30]
Originally by: dexington
Originally by: Sam Akiga Look at this way, if you left your door unlocked and I decided to call/text you to tell you that your door is unlocked. You wouldn't be happy to come home to me sitting in your sofa watching tv.
depends.. are you a hot chick who likes to watch tv naked?
A better analogy to me is that if you rented a room from a friend in his house in a reasonably high risk neighborhood.
He promised to lock the doors and wash hish share of the dishes when you moved in. He's been letting you down on the dishes consistentlym, only getting around to washing his share after they've stunk up the house for a few days. You were going out of town for a weekend and you specifically remind him to lock the house.
You come back and find the house unlocked. You're ****ed and you violate his privacy , go into his seperate room, get on his computer and change his screen save to say "Loser" on it.
Sure you could eventually move out...but you've invested some time and effort to move your stuff in in the first place and made some plans according to where you're living...might be the best decision long run but he's still messed with you, and he's an overall good guy who would be fine to live with if he just took a few important things to you more seriously.
Now, if when you went into his room and got on his computer you started looking at his browsing history, documents, logged on to his email etc....that level of violating his priavcy is an entirely seperate thing.
If the neighbor left his door unlocked and you didn't rent from him, your analogy would fit.. you can't just walk inot his house.
|
|
Liang Nuren
|
Posted - 2011.04.12 03:56:00 -
[31]
Edited by: Liang Nuren on 12/04/2011 03:57:28
Originally by: Diomedes Calypso If the neighbor left his door unlocked and you didn't rent from him, your analogy would fit.. you can't just walk inot his house.
So if my land lord doesn't fix a leaky tap in 1 day after I say "yo dawg some **** broke in my hizouse", I can bust into his house and steal his toilet and take it to my house?
-Liang -- Eve Forum ***** Extraordinaire On Twitter
|
Siiee
Recycled Heroes
|
Posted - 2011.04.12 04:00:00 -
[32]
Originally by: Liang Nuren
So if my land lord doesn't fix a leaky tap in 1 day after I say "yo dawg some **** broke in my hizouse", I can bust into his house and steal his toilet and take it to my house?
I don't know about you, but I don't normally wash my hands in the toilet
|
Diomedes Calypso
|
Posted - 2011.04.12 04:05:00 -
[33]
Originally by: Liang Nuren Edited by: Liang Nuren on 12/04/2011 03:57:28
Originally by: Diomedes Calypso If the neighbor left his door unlocked and you didn't rent from him, your analogy would fit.. you can't just walk inot his house.
So if my land lord doesn't fix a leaky tap in 1 day after I say "yo dawg some **** broke in my hizouse", I can bust into his house and steal his toilet and take it to my house?
-Liang
You obviously didn't read my post. I explained what I thought was an acceptable scenario.
You can dispute what I thought were acceptable actions in my scenario.
You con't need to agree that my analogy is the MOST apt ...but my analogy specifially made it clear only under very limited circumstance where a person broke a commitment of trust that directly put your at risk that in a very limited fashion you could stretch normal boundries of behaviour to make a statement.
A broken pipe and another house is a pretty big stretch from someone opening a security risk and opening a roomates door to demonstrate the point that you're afraid about people coming in and touching your stuff
|
Julyan Fox
Caldari
|
Posted - 2011.04.12 04:10:00 -
[34]
Edited by: Julyan Fox on 12/04/2011 04:10:30 The guys saying those security bugs are inadmissible, CCP sucks; well to me those guys are naives. I mean look at Microsoft, my windows XP still get critical updates YEARS after the release.
Time to wake up.
You've been using programs, are using programs, will use programs, with security holes ; it's not the dev who are incompetents, it's those dudes that exploit these holes, for money, fame, that are incompetents at enjoying their life.
|
Liang Nuren
|
Posted - 2011.04.12 04:14:00 -
[35]
Originally by: Diomedes Calypso
A broken pipe and another house is a pretty big stretch from someone opening a security risk and opening a roomates door to demonstrate the point that you're afraid about people coming in and touching your stuff
The problem is that's not at all what he did - not by a long shot.
-Liang -- Eve Forum ***** Extraordinaire On Twitter
|
Shar Tegral
|
Posted - 2011.04.12 04:18:00 -
[36]
Originally by: Elyssa MacLeod I like it when ppl call ppl jackasses and make jackasses out of themselves for talking to obvious trolls
I dunno, the more I respond to you the more vitriol you spew. One of us will self obsolete ourselves and I'm betting it is not me. So who is the bigger fool? As to ass kissing, I'm not the one butt hurt enough to waging a troll war for someone not really all that worthwhile. CCP needed to be outted, Amen. But you can't white wash disruptive behavior as anything other than disruptive behavior. I think that's the part that many don't understand. Being a part of a society brings with it a contract of mutual acceptance. There are means and methods of dissenting, even upto rebellion and revolution, but each comes with a price that must be paid. In the real world, it is usually jail or even death depending on the severity of the situation. Here it is simple: You get ban-hammered. I've yet to earn a perma-ban but I'm not ashamed of the bans I've gotten in my time. Equally I understand what I did and where I took it. I'm not fool enough to try to foist off some idea that just because I was right excused me going over the lines. You do the deed, you pay the fines and you move on. So stop being a total ass and move on. Ooops, you can't. Again, who is the defective one?
Wealth, howsoever got, in Eve makes Lords of morons and gentlemen of thieves; Aptitude and intellect are needless here; 'Tis impudence and money that grants fame. |
dexington
Caldari Baconoration
|
Posted - 2011.04.12 04:22:00 -
[37]
He found a security flaw, told CCP about it and used it to do thing he shouldn't be doing...
Had this happend in-game, eg. someone finds an exploit tells ccp about it and at the same time use it to blow up some titans, then people would be screaming for his head on a stick. When he decided to access parts of the forums he shouldn't have access to, he knew he was doing something he shouldn't be doing.
|
Diomedes Calypso
|
Posted - 2011.04.12 04:43:00 -
[38]
Originally by: Liang Nuren
Originally by: Diomedes Calypso
A broken pipe and another house is a pretty big stretch from someone opening a security risk and opening a roomates door to demonstrate the point that you're afraid about people coming in and touching your stuff
The problem is that's not at all what he did - not by a long shot.
-Liang
True ... I suspect that the behaviour crossed the line in a big way but the calling card wasn't the part that crossed the line.
I was disputing a crappy analogy equating the issue of responding in a completely unnconneted ay. and defending the leaving of a calling card... while specifically making the distinction bettween a calling card (screen saver) and going further and abusing privacy (checking your roomates email which I said crossed the line)
I like analogies.
As for your landlord not fixing your leak, if it was the 5th time he blew fixing it off (yeah this Doesn't apply to the eve case...not a 5th time for the forums) I'd say going over to his house and drowning his petunias with the hose in his front yard would be a justified level of response that still officially broke the law in terms of trespassing and destruction of property.
Now, probaly not a great idea because he might raise your rent or evict you, but the point made would be in scale with the harm done and if you were going to leave and wanted to make a point on the way out, it certainly wouldn't be out of line.
Not all trespassing is equal. Not all destruction of property is equal. Going onto his yard and running his hose ruininng some potted perenial flowers bough for 99cents at target is a whole different thing than breaking into a house and ripping out a toilet that would take real money to put right.
No big bright line Crime/no crime.... there are times laws can be crossed in low harm way to make a statement without saying that all crime is justified
|
Q Command
|
Posted - 2011.04.12 04:46:00 -
[39]
Originally by: Dr BattleSmith
Originally by: Obsidian Hawk * Script kitty forgot to read the EULA that exploiting bugs is a bannable offence
Personally I was going to do a security appraisal of the new forums before release.
However I thought CCP would be morons and respond in this way to someone doing the testing they obviously failed to do.
EULA is one thing, "no one ever test our ****" is another thing entirely.
Keep in mind who they have hired to do their security.
The old saying of 'you get what you pay for' comes to mind.
It should be an interesting to see what crops up for 'issues' in the next bunch of releases.
Hint #1: You should do background checks on potential employees regardless of how little you pay them Hint #2: You should hire a reputable firm to do a code review as that is what real companies do these days
|
gargars
|
Posted - 2011.04.12 04:50:00 -
[40]
Edited by: gargars on 12/04/2011 04:55:34 OK I admit I am not the most knowledgeable person on this even after 4 years in the game, but I was in the new forums and watched this debacle unfold until the end.
As I understand it yah, he went a bit too far, but....
He petitioned it and waited and for a response... how many of us have had to wait hours / days / weeks for a petition to be read and responded to? It's one of the universal fails of Eve support.
Yes they seem to have a special email address for reporting security issues, but how many of us ever heard of it before this event? 1/10th of 1%? Where is it posted and how hard is it to find if you even guess where to look?
End result - he tried to do the right thing and got frustrated. IMO. I know the feeling. After that yah he may have done 'the wrong thing' but...
What he did got the forum and any possible nefarious breech taken down.
I really thought about this. He could have done so much worse - you have to admit that. He didn't.
IMO he deserves kudos for trying... and showing how disfunctional our ability to communicate with 'the powers' really is.
To me - one has to ask, if he waited for an answer to his petition - how many of us might have been 'hacked' by now because the 'shiny new forums' would still be up and running?
I know there are things about this I don't understand - flame me if you wish - but I think that covers most of us - I personally thank him. CCP obviously would not have figured it out on it's own in a timely manner. The fact there was still a problem after they claimed to have fixed it sort of says it all.
|
|
dexington
Caldari Baconoration
|
Posted - 2011.04.12 04:51:00 -
[41]
Originally by: Q Command
Hint #2: You should hire a reputable firm to do a code review as that is what real companies do these days
lulz
|
Misanth
RABBLE RABBLE RABBLE
|
Posted - 2011.04.12 04:52:00 -
[42]
Poor judgement gets fitting reward. -
|
Dr BattleSmith
PAX Interstellar Services
|
Posted - 2011.04.12 04:56:00 -
[43]
Originally by: gargars
IMO he deserves kudos for trying... and showing how disfunctional our ability to communicate with 'the powers' really is.
To me - one has to ask, if he waited for an answer to his petition - how many of us might have been 'hacked' by now because the 'shiny new forums' would still be up and running.
Truth.
Really they were told the new forums need another few months of dev by the chorus of "testers" who were ignored.
100% CCP's fault.
CCP Nathan "the data does not seem to support that polished quality sells" Evelgrivion "each passing year, each failure to deliver on expectations of basic competence" |
Montevius Williams
|
Posted - 2011.04.12 05:08:00 -
[44]
Originally by: gargars Edited by: gargars on 12/04/2011 04:55:34 As I understand it yah, he went a bit too far, but....
He petitioned it and waited and for a response... how many of us have had to wait hours / days / weeks for a petition to be read and responded to? It's one of the universal fails of Eve support.
That's irrelevent - I dont care if he had to wait a month for a response, he still violated the EULA. CCP took action. Period. End of story.
|
gargars
|
Posted - 2011.04.12 05:20:00 -
[45]
I get ya I do. I just think perhaps minimizing the number of people effected is more important than some rigid rule that might take days/weeks/months to take effect. I realize that is a fine line to walk. Some may prefer the EULA to be god. Some may prefer a case by case basis. Not slamming you, just my opinion. I prefer the way it went down compared to 1000 people being possibly hacked by a slow moving bureaucracy. To each their own.
Originally by: Montevius Williams
That's irrelevent - I dont care if he had to wait a month for a response, he still violated the EULA. CCP took action. Period. End of story.
|
Desert Ice78
Gryphon River Industries R-I-P
|
Posted - 2011.04.12 05:35:00 -
[46]
Originally by: gargars I prefer the way it went down compared to 1000 people being possibly hacked by a slow moving bureaucracy. To each their own.
I'm finding it a bit difficult to decide the rights or wrongs of all this, but I think Gargars has hit the nail on the head right here.
We all know how hard it is to get CCP's attention, endless miles of forum posting and petitions have little or no effect, they ignore the most persistant wailing and screaming. You want to get CCP's attention, then light a bonfire under their collective asses. And boy, did Catari light a bonfire....
CPP might of banned him, but the other 300,000 subs really need to thank him.
Ah, damn it...
(me/ gets off the fence)
...Free Catari
CCP: Consistency since 2003 |
Diomedes Calypso
|
Posted - 2011.04.12 05:40:00 -
[47]
Originally by: Montevius Williams
Originally by: gargars Edited by: gargars on 12/04/2011 04:55:34 As I understand it yah, he went a bit too far, but....
He petitioned it and waited and for a response... how many of us have had to wait hours / days / weeks for a petition to be read and responded to? It's one of the universal fails of Eve support.
That's irrelevent - I dont care if he had to wait a month for a response, he still violated the EULA. CCP took action. Period. End of story.
There is nothing wrong with CCP handling it this way.... btw.. I can justify much of the guys actions in terms of My perception of right and wrong but my justifications about the "morality" of his actions are a seperate matter than how ccp should respond.
If he was especially rude about it, there is no reason that they should give him the benefit of the doubt even from my sense of "morality" .....so both can be right in how they acted in my mind and the result would be that he no longer played the game but shouldn't be disparaged.
BUT I 100% do think that CCP needs to take a message from how he responded .... that somehow their past actions have sent a message that they will not respond quickly or show any friendly gratitude for the advice people offer. If people feel like they'll be snapped at, not thanked for sharing an exploit, CCP has got to address that heads on, even if that still means he gets banned. They should look at the fact they needed to ban him as a failure, not as a proud response.
And Screggs has said exactly that. He abosolute hit head on the point that his departmenent needs to be more welcoming and appreciative to help in spotting breaches from the players.
He's a good guy and I'm confident that he undestands the nuances of the situation and that there were many levels of failures for the thing to happen. Personally I believe that the problem stems more from a system of corporate process but...plenty about that in other threads.
|
gargars
|
Posted - 2011.04.12 05:55:00 -
[48]
For me the problem is - I have seen CCP folks admit the same thing many many many times over four years... but it NEVER seems to change or any paradigm shift to occur... just admissions of 'yeah we need to do better on that' and singular apologies and promises it will change "soon" ... as a diet - over the years - it's sort of meaningless by now. No offense to Sreggs... I felt bad for his having to take all the abuse. I don't know what the answer is per se... just that year after year it gets old and does bother people who love the game.
Originally by: Diomedes Calypso
They should look at the fact they needed to ban him as a failure, not as a proud response... And Screggs has said exactly that. He abosolute hit head on the point that his department needs to be more welcoming and appreciative to help in spotting breaches from the players.
|
Florestan Bronstein
Test Alliance Please Ignore
|
Posted - 2011.04.12 06:59:00 -
[49]
Originally by: Sam Akiga Stop portraying him as some kind of hero.
confirming Catari is an Hero.
|
Patient 2428190
DEGRREE'Fo'FREE Internet Business School
|
Posted - 2011.04.12 07:16:00 -
[50]
Edited by: Patient 2428190 on 12/04/2011 07:18:55 Even if he had the purest of intentions, he still exploited a security loophole, and from that standpoint, he will stay banned.
I, do however, fully believe we wouldn't have gotten the quick CCP response to the security loopholes if he hasn't exploited them. If he would have sat on his hands after submitting his bug report/petition like they would have wanted... It would have been filed in the petition system clogged with "LOLOL U **** SUX" and would have been gotten around to much, much later. Oh irony.
He'll stay banned because he broke CCP's "cutting edge web project" with a security loophole. ...Then when you stopped to think about it. All you really said was Lalala. |
|
Liang Nuren
|
Posted - 2011.04.12 07:23:00 -
[51]
Edited by: Liang Nuren on 12/04/2011 07:24:02 I'd have a hell of a lot more sympathy for him if he'd filed a ****ing bug report with any sort of details about the bug. Apparently he feels doesn't get paid to write bug reports, but he does (somehow??) get paid to pen test the forums for lulz and exploits.
-Liang -- Eve Forum ***** Extraordinaire On Twitter
|
|
Chribba
Otherworld Enterprises Otherworld Empire
|
Posted - 2011.04.12 07:38:00 -
[52]
Just turn off the interwebs already!
Secure 3rd party service | my in-game channel 'Holy Veldspar' |
|
Pod Amarr
|
Posted - 2011.04.12 07:53:00 -
[53]
Edited by: Pod Amarr on 12/04/2011 07:56:23
Originally by: Dr BattleSmith lol
So lets get this straight.
* CCP fail web team convinces management they are awesome with hubris and garbage. * CCP commence using MS tech to write a "social network" (term used loosely). * CCP fail to check their new website with google ratproxy. * Obviously the code contains exploitable holes. A) MS B) CCP web team. * A random script kiddy finds the glaring holes. * Security through obscurity isn't good for CCP or us so some details are posted. * CCP kills the messenger.
Fail CCP. Fail CCP web team.
Pretty much this If some of my developers delivered this kind of garbage he would be packing his stuff in 15 minutes from the time I would find out. Reason being I would need 3 smokes so I do not choke him/her on the spot.
The ban of the guy I understand on the forums the IP ban is just pathetic.
On the other hand google nbusr123 Now that is pathetic :D What some people call security. Pod |
Lt Angus
Caldari the united Negative Ten.
|
Posted - 2011.04.12 07:56:00 -
[54]
maybe not the best way of getting CCP attention but it damn well works
Shhhh, Im hunting Badgers |
Furb Killer
Gallente
|
Posted - 2011.04.12 08:03:00 -
[55]
Originally by: Akita T That's not QUITE how it happened. IF he would have ONLY reported it, he would not be banned now.
If he would have instead of exploiting the forums a bit for the lulz, exploited the game with some python injection and botting he would not be banned now and would be spacerich.
Just saying...
|
Aldo Bridger
|
Posted - 2011.04.12 08:11:00 -
[56]
Originally by: Liang Nuren
So if my land lord doesn't fix a leaky tap in 1 day after I say "yo dawg some **** broke in my hizouse", I can bust into his house and steal his toilet and take it to my house?
Pretty much this. He made a minimal effort to report and put maximum smug in all the while exploiting his newly found loopholes. He might have been the messenger, but he was burning bags of **** all over their doorstep rather that simply inform them of the fire hazard.
Originally by: Lt Angus maybe not the best way of getting CCP attention but it damn well works
OTOH, this is absolutely true.
|
Gavjack Bunk
Gallente Genos Occidere HYDRA RELOADED
|
Posted - 2011.04.12 08:15:00 -
[57]
Force CCP to act. Get banned.
It's a policy that has been in place since the beginning, he should have known better. In future, let CCP deploy their crap and let them slowly figure out how crap it is and then find somebody to blame before finding somebody to clean it up.
|
JitaBUGz TheGreat
|
Posted - 2011.04.12 08:23:00 -
[58]
FREE HAT!!!!
Oh sorry, wrong genre
Drama queens get there drama due's.
|
Tyburn Stannis
Caldari Xenon Salvage Inc.
|
Posted - 2011.04.12 08:59:00 -
[59]
Originally by: gargars
He petitioned it and waited and for a response... how many of us have had to wait hours / days / weeks for a petition to be read and responded to? It's one of the universal fails of Eve support.
Yes they seem to have a special email address for reporting security issues, but how many of us ever heard of it before this event? 1/10th of 1%? Where is it posted and how hard is it to find if you even guess where to look?
Answering those two points specifically - petitions can be answered in moments IF they are submitted on the correct category, are sufficiently serious issues, and contain facts about the incident. I have seen reports of very serious in-game issues with details of what, how, and where replied to within 20 minutes or even less if you get lucky. If you just send "something broken fix it NAOW!!!!" you quite rightly get shunted down the queue.
Secondly, there are people who give a damn about the game they play, and when reporting a serious issue ask the question "is there a better way to send this information". at which point you get referred to email address such as the security@ one. If they widely publicised these as you suggest, all that would happen is the petulant children and pranksters swamp them with "I can has my spaceshipz back pls it was killed by exploit hax!!111" instead of using the petition system.
|
Mister Short
|
Posted - 2011.04.12 17:40:00 -
[60]
Originally by: Desert Ice78
Originally by: gargars I prefer the way it went down compared to 1000 people being possibly hacked by a slow moving bureaucracy. To each their own.
I'm finding it a bit difficult to decide the rights or wrongs of all this, but I think Gargars has hit the nail on the head right here.
We all know how hard it is to get CCP's attention, endless miles of forum posting and petitions have little or no effect, they ignore the most persistant wailing and screaming. You want to get CCP's attention, then light a bonfire under their collective asses. And boy, did Catari light a bonfire....
CPP might of banned him, but the other 300,000 subs really need to thank him.
Ah, damn it...
(me/ gets off the fence)
...Free Catari
THIS
|
|
|
|
|
Pages: 1 2 3 :: [one page] |