Pages: 1 2 3 4 5 6 7 [8] 9 10 11 12 13 14 15 16 17 18 19 .. 19 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 100 post(s) |
Aamrr
267
|
Posted - 2012.04.03 21:21:00 -
[211] - Quote
Well done. While we obviously don't have any way of validating your zero-false-positives claim, it's nice to see that you're at least looking into the issue. A measure of transparency would be nice, but I'll concede there are legitimate reasons you can't give that to us.
Keep us updated. |
Florestan Bronstein
Ministry of War Amarr Empire
507
|
Posted - 2012.04.03 21:22:00 -
[212] - Quote
CCP Sreegs wrote:Florestan Bronstein wrote:CCP Sreegs wrote: 2) I've already explained this. In most cases thus far people knew. I already told you to vet the people you lend isk to. The last time I checked making loans wasn't something we insure. If you lose your loan you can't tell a GM to give it back. Your other risk is that they're crooked. I don't see why this is an issue to be frank with you.
because you as the one who gives the loan are looking like an isk seller on ethe other party comes under scrutiny which means you do not only stand to lose your money but also your eve account When this happens we'll talk. I recognize that you do now want to discuss mere hypotheticals - but I'll ignore it.
When you investigate RMT you can only see one side of the transfers - what assets changed hands in EVE. The other side of the transaction - real world assets changing hands - which defines RMT is something you usually have no direct knowledge of.
So you are not handing out bans based on any sort of "proof" but have to resort to very fuzzy "evidence" - does the EVE side of the transaction look as if real life assets might have changed hands alongside or not... You have to infer this real-life side of the transaction by arguing along the lines of "well, those two players do not seem to have any previous interactions that make the in-game transaction look plausible/justified" - but given the prevalence of 3rd party communication methods like forums, jabber/IRC, voicecomms, ... an in-game paper trail justifying the transaction often does not exist even for legit enterprises.
There is literally no way to proof innocence in that case - how am I to demonstrate that I did not receive money for the ISK I sent to some random guy? fax you my bank statements? screenshot some jabber conversation that I might just as well have faked after the fact?
The knowledge that an investment of years might hinge upon a situation in which you cannot demonstrate your innocence makes people nervous.
Maybe the problem is that we automatically assume that you try to catch all sorts of RMT behavior - and that we know or at least assume that there is a lot of small scale/casual RMT going on which cannot be reliably identified from your POV.
(case in point: a few years ago I petitioned a guy who auctioned off one of his characters for RL money within the alliance; the character transfer was to take place via the CCP sanctioned means, the real life money was to change hands beforehand; afaik nothing happened as result of my petition - and how could the investigating GM ever have known for sure that RL money changed hands alongside the in-game transfer?).
I guess that as long as you only stick to big/commercial RMT operations with many customers and a relatively tight net of suppliers most cases should be relatively clear cut. |
Buzzy Warstl
The Strontium Asylum
89
|
Posted - 2012.04.03 21:24:00 -
[213] - Quote
CCP Sreegs wrote:Jim Luc wrote:By the way, is there any way we can put an end to the endless "Player Transfer" phishing spam? I've been getting lots of it and forward each to [email protected] - usually it all goes to the trash anyways. I generally don't even click any links in an Eve-related email, even if it's from CCP. They're offering free time but I won't take their survey simply because I don't trust any emails from ccp or related anymore. Is there a way we can determine if an email link is authentic, and each email that's sent from CCP also be accessible via logging into our accounts without clicking through a link? It would be nice to see all CCP correspondence, even marketing & such, in our Account Settings pages. Just a thought - keep up the tremendous work Sreegs! I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved. CCP has already done something so you can tell if an e-mail is from an authorized sender: eveonline.com descriptive text "v=spf1 mx ip4:87.237.32.0/24 ip4:87.237.38.0/24 ip4:87.237.37.32/28 ip4:87.237.39.0/24 mx:mail.global.frontbridge.com mx:ymir.ccpgames.com include:spf.frontbridge.com -all"
This is a "Sender Preferred From" record and includes all the addresses authorized to send e-mail as eveonline.com under any circumstances. The -all at the end means you reject any mail that doesn't match.
Not all mail providers use it, but it's there. |
Jita Alt666
987
|
Posted - 2012.04.03 21:24:00 -
[214] - Quote
Saying it again. Great stuff Sreegs, Stillman and all your little minions.
To all the folks crying about false positives in here - wrong department, wrong format. My ISP, mobile, landline, PPV TV are all from the same provider, guess how useful it is talking to the mobile department about PPV? |
corestwo
Goonfleet Investment Banking
133
|
Posted - 2012.04.03 21:25:00 -
[215] - Quote
CCP Sreegs wrote:corestwo wrote:CCP Sreegs wrote:Jim Luc wrote:By the way, is there any way we can put an end to the endless "Player Transfer" phishing spam? I've been getting lots of it and forward each to [email protected] - usually it all goes to the trash anyways. I generally don't even click any links in an Eve-related email, even if it's from CCP. They're offering free time but I won't take their survey simply because I don't trust any emails from ccp or related anymore. Is there a way we can determine if an email link is authentic, and each email that's sent from CCP also be accessible via logging into our accounts without clicking through a link? It would be nice to see all CCP correspondence, even marketing & such, in our Account Settings pages. Just a thought - keep up the tremendous work Sreegs! I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved. You may want to look into the company my wife works at if you're looking for a solution to this. Interested to know more? ;) Send an email to the security email address. We've looked into a lot of things but ultimately none of what we've seen in pretty much any case fits our unique environment and situation with this particular spam.
Will do :toot:
e: Check your email! |
|
CCP Sreegs
C C P C C P Alliance
714
|
Posted - 2012.04.03 21:25:00 -
[216] - Quote
Merin Ryskin wrote:First, I'd still appreciate confirmation that your mention of "loans" was only about the fact that loans to RMTers will not be reimbursed, not additional punishments being made on the premise that anyone who loans money to an RMTer is guilty of being involved in RMTing themselves. CCP Sreegs wrote:I'm not a GM. "Many people" may be unhappy about something but I'm doing my job and that's to catch badguys. If you have beef with something the GMs did then I can't help you there as I don't work in the GM department. I'm confident in my work 100% and that's all I can attest to.
Not you personally, you as in CCP in general. Way too many people feel that punishments/reimbursements/etc are not handled consistently, whether out of favoritism or simply different GMs doing things different ways. And it really doesn't help when you say that considering hypothetical situations is a "waste of time". Without considering those scenarios and making public rulings on how they will be handled, how are we supposed to have any confidence that the outcome will be fair and consistent? Whether or not it's strictly necessary, it's throwing fuel on the fire of alliance drama, especially combined with the fact that your refusal to comment on specific cases allows speculation to run out of control.
I won't confirm that. We don't regulate loans. We won't have people funding RMT operations claiming they were making loans and wasting our time. The scenario you are painting hasn't occurred but I'm not going to personally underwrite individual's spaceloan businesses on the off chance something that hasn't occurred may. We can see what goes on and that's all there is to it. If something goes south we'll look at it. Hasn't happened. It's like developing a contingency for earth's gravity failing. Sure it COULD happen but I'm not paying someone to think about it.
I'm not in the GM department so I cannot attest to what they may or may not have done. Have a problem with the wave from today or last Friday? Email me. Otherwise I'm off the hook.
I don't make people speculate it's an activity you choose to engage in. I do my work regardless of whether people choose to invent alternate realities or not otherwise nothing would ever get done. I'm not in the habit of spending oodles of time defending our work against every conceivable nightmare scenario painted on the internet. |
|
Vaerah Vahrokha
Vahrokh Consulting
493
|
Posted - 2012.04.03 21:25:00 -
[217] - Quote
Ranger 1 wrote:A few points, from my point of view, about some of the comments made above.
1: Odd ball cases will be looked into on an individual basis. If CCP Sreegs gets too specific on how the details are aquired and analyzed... or gives an official "forumula" on how all cases fo this nature are going to be handled... all he has done is given ammunition to those who will gladly find a way to abuse the procedure.
No they are NOT LOOKED into an individual basis. All you get is a default copy and paste GM reply. If you escalate it you will ALWAYS get replied the first GM was right within 1 hour (I mean, they did not even have the time to double check it).
This is a classic case of "left hand does not know what the right hand does".
CCP Sreegs will become a force of nature, an "evil guys bane" producing zillions of bans. Yet nobody on the GM section is *as* capable nor *as quick* to handle the load.
I mean they hired a CHAMPION of security, the best ever. I really worship CCP Sreegs about how effective he is. But then the other employees have to follow suit else it just ends in a bloody mess.
Ranger 1 wrote:
2: If you loan ISK it is your responsibility to be very sure the person receiving the loan in trustworthy. Any loans of ISK are in no way protected. If you loan to the wrong person (as in RL) you may very well lose your investment.
How do I know this person is trustworthy? In EvE none the less? It could be (and in my case was) a very trusted MD forum investors known for years by everyone as upstanding and clean.
I did all my duties yet he ended up being somewhat related to a RMTer.
Teach me how to avoid this, I am all ears. Auditing | Collateral holding and insurance | Consulting | PLEX for Good Charity
Twitter channel |
corestwo
Goonfleet Investment Banking
133
|
Posted - 2012.04.03 21:30:00 -
[218] - Quote
Vaerah Vahrokha wrote:Teach me how to avoid this, I am all ears.
Just stick to the technical analysis you're so fond of. |
Tyke Orlieveit
Republic Military School Minmatar Republic
4
|
Posted - 2012.04.03 21:30:00 -
[219] - Quote
CCP Sreegs wrote:corestwo wrote:CCP Sreegs wrote:Jim Luc wrote:By the way, is there any way we can put an end to the endless "Player Transfer" phishing spam? I've been getting lots of it and forward each to [email protected] - usually it all goes to the trash anyways. I generally don't even click any links in an Eve-related email, even if it's from CCP. They're offering free time but I won't take their survey simply because I don't trust any emails from ccp or related anymore. Is there a way we can determine if an email link is authentic, and each email that's sent from CCP also be accessible via logging into our accounts without clicking through a link? It would be nice to see all CCP correspondence, even marketing & such, in our Account Settings pages. Just a thought - keep up the tremendous work Sreegs! I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved. You may want to look into the company my wife works at if you're looking for a solution to this. Interested to know more? ;) Send an email to the security email address. We've looked into a lot of things but ultimately none of what we've seen in pretty much any case fits our unique environment and situation with this particular spam.
Stupid question: Simply signing the email content with a Publicly available PGP/GPG key is out of the window I guess? The recipient isn't affected by this, and the people with the capability or desire can confirm the signature?
I guess formatting issues might be a hurdle, I've not really experimented with anything but plain-text email being signed though. |
Mioelnir
Cataclysm Enterprises Ev0ke
67
|
Posted - 2012.04.03 21:31:00 -
[220] - Quote
CCP Sreegs wrote:I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved.
One doesn't need to own the internet for that. For example the CCP bulk mta often used for surveys and stuff is run under the cocos islands domain ccp.cc which - while it does indeed belong to CCP - is never ever used anywhere else that customers see, so it probably looks fishy to most users.
Then again, if you read your mails with full headers, you are probably already sufficiently paranoid. |
|
|
CCP Sreegs
C C P C C P Alliance
714
|
Posted - 2012.04.03 21:32:00 -
[221] - Quote
Tyke Orlieveit wrote:CCP Sreegs wrote:corestwo wrote:CCP Sreegs wrote:Jim Luc wrote:By the way, is there any way we can put an end to the endless "Player Transfer" phishing spam? I've been getting lots of it and forward each to [email protected] - usually it all goes to the trash anyways. I generally don't even click any links in an Eve-related email, even if it's from CCP. They're offering free time but I won't take their survey simply because I don't trust any emails from ccp or related anymore. Is there a way we can determine if an email link is authentic, and each email that's sent from CCP also be accessible via logging into our accounts without clicking through a link? It would be nice to see all CCP correspondence, even marketing & such, in our Account Settings pages. Just a thought - keep up the tremendous work Sreegs! I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved. You may want to look into the company my wife works at if you're looking for a solution to this. Interested to know more? ;) Send an email to the security email address. We've looked into a lot of things but ultimately none of what we've seen in pretty much any case fits our unique environment and situation with this particular spam. Stupid question: Simply signing the email content with a Publicly available PGP/GPG key is out of the window I guess? The recipient isn't affected by this, and the people with the capability or desire can confirm the signature? I guess formatting issues might be a hurdle, I've not really experimented with anything but plain-text email being signed though.
What percentage of people do you suppose would actually use that? It's certainly feasible but adoption rates are abysmal out in the world. |
|
|
CCP Sreegs
C C P C C P Alliance
714
|
Posted - 2012.04.03 21:33:00 -
[222] - Quote
Mioelnir wrote:CCP Sreegs wrote:I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved. One doesn't need to own the internet for that. For example the CCP bulk mta often used for surveys and stuff is run under the cocos islands domain ccp.cc which - while it does indeed belong to CCP - is never ever used anywhere else that customers see, so it probably looks fishy to most users. Then again, if you read your mails with full headers, you are probably already sufficiently paranoid.
The bulk mails use both SPF and DomainKeys (however it's been rebranded) so you can certainly verify the authenticity of those. Unfortunately not every mail we send is sent through this system. |
|
Captain Thunk
Sniggerdly Pandemic Legion
13
|
Posted - 2012.04.03 21:34:00 -
[223] - Quote
CCP Sreegs
Will Corporation CEOs be allowed to request a list of their members who've had Transaction reversals through RMT with the amount?
I'm pretty sure some corps would like to kick them.
|
corestwo
Goonfleet Investment Banking
133
|
Posted - 2012.04.03 21:34:00 -
[224] - Quote
Tyke Orlieveit wrote:Stupid question: Simply signing the email content with a Publicly available PGP/GPG key is out of the window I guess? The recipient isn't affected by this, and the people with the capability or desire can confirm the signature?
I guess formatting issues might be a hurdle, I've not really experimented with anything but plain-text email being signed though. The problem with a solution like this is that your average internet goer doesn't even know to check the sig much less how. Any such solution to this kind of problem is passive in the ideal case - as far as the recipient is concerned, the email should always be trustable.
Now, that's a very high ideal standard, but you get the idea - I shouldn't have to do anything to be sure my mail is from who it claims it's from.
CCP Sreegs wrote:Mioelnir wrote:CCP Sreegs wrote:I'll look into this. I hadn't thought of it actually and I think it's a good idea. Unfortunately we don't own The Internet so we can't stop people from sending mails. We're working on the problem but there's no really easy solution given the technology involved. One doesn't need to own the internet for that. For example the CCP bulk mta often used for surveys and stuff is run under the cocos islands domain ccp.cc which - while it does indeed belong to CCP - is never ever used anywhere else that customers see, so it probably looks fishy to most users. Then again, if you read your mails with full headers, you are probably already sufficiently paranoid. The bulk mails use both SPF and DomainKeys (however it's been rebranded) so you can certainly verify the authenticity of those. Unfortunately not every mail we send is sent through this system.
Welp. I am now, perhaps, not quite so sure how helpful what I sent you will be. Worth a shot anyway. |
EvilweaselFinance
BUTTECORP INC Goonswarm Federation
4
|
Posted - 2012.04.03 21:35:00 -
[225] - Quote
Vaerah Vahrokha wrote:How do I know this person is trustworthy? In EvE none the less? It could be (and in my case was) a very trusted MD forum investors known for years by everyone as upstanding and clean.
I did all my duties yet he ended up being somewhat related to a RMTer.
Teach me how to avoid this, I am all ears. you could audi... oh wait only an idiot would trust your audits my mistake |
|
CCP Sreegs
C C P C C P Alliance
714
|
Posted - 2012.04.03 21:36:00 -
[226] - Quote
Captain Thunk wrote:CCP Sreegs
Will Corporation CEOs be allowed to request a list of their members who've had Transaction reversals through RMT with the amount?
I'm pretty sure some corps would like to kick them.
Not at this time. You're welcome to comment in the scarlet letter thread linked in the blog though as this would probably qualify. |
|
Buzzy Warstl
The Strontium Asylum
89
|
Posted - 2012.04.03 21:36:00 -
[227] - Quote
CCP Sreegs wrote:Tyke Orlieveit wrote: Stupid question: Simply signing the email content with a Publicly available PGP/GPG key is out of the window I guess? The recipient isn't affected by this, and the people with the capability or desire can confirm the signature?
I guess formatting issues might be a hurdle, I've not really experimented with anything but plain-text email being signed though.
What percentage of people do you suppose would actually use that? It's certainly feasible but adoption rates are abysmal out in the world. Debian signs their security announcements.
They are completely accessible to people not using PGP/GPG and are authenticated for people who are using them. |
Myz Toyou
Bite Me inc Exhale.
46
|
Posted - 2012.04.03 21:36:00 -
[228] - Quote
I would like to see those faces when previous super pilots now suddenly have to downgrade to Drakes given by kind Alliance members |
Jim Luc
Rule of Five
28
|
Posted - 2012.04.03 21:38:00 -
[229] - Quote
CCP Sreegs wrote:
....LONG QUOTE
What percentage of people do you suppose would actually use that? It's certainly feasible but adoption rates are abysmal out in the world.
Personally I take a look at any outgoing links, and manually type them in as long as they have the correct subdomain in the url. Mostly though, and this is an unfortunate side-effect, I generally don't really bother with any links from an email.
|
|
CCP Sreegs
C C P C C P Alliance
714
|
Posted - 2012.04.03 21:39:00 -
[230] - Quote
To clarify on the ETC question regarding Shattered Crystal and our other resellers from earlier.
You may purchase 60 day ETCs from official resellers: https://secure.eveonline.com/etc.aspx
Those may then be converted for PLEX. They cannot be converted directly into isk. Only PLEX may be converted to isk. The only place to buy PLEX is from the account management section of our website or ingame for is.
I hope that helps. |
|
|
Merin Ryskin
Peregrine Industries
59
|
Posted - 2012.04.03 21:40:00 -
[231] - Quote
CCP Sreegs wrote: I'm not in the habit of spending oodles of time defending our work against every conceivable nightmare scenario painted on the internet.
This is hardly "every nightmare scenario" we're talking about. I was able to think up these scenarios in just a few minutes while writing the post, so it doesn't exactly inspire confidence to hear that you (or anyone else at CCP) haven't considered them yet. Instead, it gives the impression that you are too focused on punishing the guilty and haven't spent enough time preparing for how to handle the consequences of those punishments.
This kind of vague "we'll deal with it as it happens" might have been fine when you were just handing out individual account bans on clearly guilty ISK sellers, but now you're talking about "ending alliances" and having a much bigger impact on the sandbox. |
|
CCP Sreegs
C C P C C P Alliance
714
|
Posted - 2012.04.03 21:40:00 -
[232] - Quote
Buzzy Warstl wrote:CCP Sreegs wrote:Tyke Orlieveit wrote: Stupid question: Simply signing the email content with a Publicly available PGP/GPG key is out of the window I guess? The recipient isn't affected by this, and the people with the capability or desire can confirm the signature?
I guess formatting issues might be a hurdle, I've not really experimented with anything but plain-text email being signed though.
What percentage of people do you suppose would actually use that? It's certainly feasible but adoption rates are abysmal out in the world. Debian signs their security announcements. They are completely accessible to people not using PGP/GPG and are authenticated for people who are using them.
Yeah I know some people sign their emails, what I'm saying is given the work that would go into implementing such a system how many people would actually gain benefit from it.
PGP signing adoption rates are terrible or were at least the last time I checked. |
|
|
CCP Sreegs
C C P C C P Alliance
714
|
Posted - 2012.04.03 21:41:00 -
[233] - Quote
Merin Ryskin wrote:CCP Sreegs wrote: I'm not in the habit of spending oodles of time defending our work against every conceivable nightmare scenario painted on the internet. This is hardly "every nightmare scenario" we're talking about. I was able to think up these scenarios in just a few minutes while writing the post, so it doesn't exactly inspire confidence to hear that you (or anyone else at CCP) haven't considered them yet. Instead, it gives the impression that you are too focused on punishing the guilty and haven't spent enough time preparing for how to handle the consequences of those punishments. This kind of vague "we'll deal with it as it happens" might have been fine when you were just handing out individual account bans on clearly guilty ISK sellers, but now you're talking about "ending alliances" and having a much bigger impact on the sandbox.
Then I guess we're just going to have to agree to disagree and leave it at that. :) |
|
DeODokktor
Dark Templars The Fonz Presidium
4
|
Posted - 2012.04.03 21:41:00 -
[234] - Quote
Regarding the loans.
Secured loans are an easy fix. Add a contract section for Loans. Sadly CCP tried this but as it wasnt combat related it was utter shite.... Much like the auction system of contracts are.
There's a lot of key things ccp has not fixed that are things that isk sellers are no doubt using. Adding a Secure Loan (Where the game holds all ITEMS in Escrow until the loan is repaid according to terms) would mean that all of my loans are 100% secure. On top of that it would remove any risk that someone will use this method for transferring goods from char to char.
Getting rid of the trade window (Hello private contracts, derrrr) is a no-brainer; but again, CCP has left this system in place for so long now that you have to question why it's there.
Character trades should have the same SecureTrading system that SecureGTC uses.. Character to CHARACTER and not requring users to supply account names (How dumb is that??). The isk should be held in escrow for say 24 hours after the deal is done (this would KILL character scamming and also add a lot of hassle those who manage to steal account details, with the plus side of hiding the account name making account details more secure).. For anyone who wants to know my account name might be something like mephysto_luvsme_even_tho_he_says_no .....
What also happens when (like recently) my pal who was on military deployment had his account hacked. I am sure that it was a breach of his email due to the fact that they logg'd into more than one of his accounts, but his isk would have been moved off for RMT, does this mean he's now under a perm ban and will never be able to return?... |
Buzzy Warstl
The Strontium Asylum
90
|
Posted - 2012.04.03 21:45:00 -
[235] - Quote
CCP Sreegs wrote:Buzzy Warstl wrote:CCP Sreegs wrote:Tyke Orlieveit wrote: Stupid question: Simply signing the email content with a Publicly available PGP/GPG key is out of the window I guess? The recipient isn't affected by this, and the people with the capability or desire can confirm the signature?
I guess formatting issues might be a hurdle, I've not really experimented with anything but plain-text email being signed though.
What percentage of people do you suppose would actually use that? It's certainly feasible but adoption rates are abysmal out in the world. Debian signs their security announcements. They are completely accessible to people not using PGP/GPG and are authenticated for people who are using them. Yeah I know some people sign their emails, what I'm saying is given the work that would go into implementing such a system how many people would actually gain benefit from it. PGP signing adoption rates are terrible or were at least the last time I checked. True, I'd be surprised if the Debian security mailing list had more than a few thousand subscribers, and that may include everyone who uses GPG who isn't on FreeBSD. |
Merin Ryskin
Peregrine Industries
60
|
Posted - 2012.04.03 21:46:00 -
[236] - Quote
DeODokktor wrote:Adding a Secure Loan (Where the game holds all ITEMS in Escrow until the loan is repaid according to terms) would mean that all of my loans are 100% secure.
And also 100% pointless, since if I can allow you to hold on to items worth what you're loaning me then I can just sell those items on the market myself (other than rigged ships, I suppose) and get the money.
|
Vaerah Vahrokha
Vahrokh Consulting
493
|
Posted - 2012.04.03 21:47:00 -
[237] - Quote
corestwo wrote:Vaerah Vahrokha wrote:Teach me how to avoid this, I am all ears. Just stick to the technical analysis you're so fond of.
Another elusive reply to a concrete RMT affected case (Cosmoray).
Auditing | Collateral holding and insurance | Consulting | PLEX for Good Charity
Twitter channel |
Tyke Orlieveit
Republic Military School Minmatar Republic
4
|
Posted - 2012.04.03 21:47:00 -
[238] - Quote
CCP Sreegs wrote:Buzzy Warstl wrote:CCP Sreegs wrote:Tyke Orlieveit wrote: Stupid question: Simply signing the email content with a Publicly available PGP/GPG key is out of the window I guess? The recipient isn't affected by this, and the people with the capability or desire can confirm the signature?
I guess formatting issues might be a hurdle, I've not really experimented with anything but plain-text email being signed though.
What percentage of people do you suppose would actually use that? It's certainly feasible but adoption rates are abysmal out in the world. Debian signs their security announcements. They are completely accessible to people not using PGP/GPG and are authenticated for people who are using them. Yeah I know some people sign their emails, what I'm saying is given the work that would go into implementing such a system how many people would actually gain benefit from it. PGP signing adoption rates are terrible or were at least the last time I checked.
Aye, even with GPG as a free alternative, it's not exactly something a basic end-user can easily configure and get going I suppose.
Shy of having something in the actual Character management section as a list of emails sent to the email address as a secondary verification, but again would be a possible pain to implement for a limited benefit :( |
orphenshadow
Easy Co. Fatal Ascension
57
|
Posted - 2012.04.03 21:49:00 -
[239] - Quote
Sounds sexy..
One thing I'm curious about.. It's kind of a hypothetical scenario but...
How does one figure out what isk was generated with a bot vs actual work..
For instance. If a player spent a lot of time actually ratting and doing stuff. But decided to run a bot for a few hours while he/she goes pvp on another toon..
How would CCP know that x isk was from bot, and y isk was legit?
Not that this scenario is even realistic. I'm pretty sure those with access to bots would never have the desire to rat :P |
Shandir
Ferocious Felines
105
|
Posted - 2012.04.03 21:49:00 -
[240] - Quote
CCP Sreegs wrote:To clarify on the ETC question regarding Shattered Crystal and our other resellers from earlier. You may purchase 60 day ETCs from official resellers: https://secure.eveonline.com/etc.aspxThose may then be converted for PLEX. They cannot be converted directly into isk. Only PLEX may be converted to isk. The only place to buy PLEX is from the account management section of our website or ingame for is. I hope that helps. I believe this is inaccurate given there's a GTC > ISK trading forum and feature in account management on EVE's site.
Legal ways to get 3rd party GTCs into ISK. Either GTC > PLEX conversion feature in game > ISK, or GTC > GTC trading feature on EVE's site > ISK. |
|
|
|
|
Pages: 1 2 3 4 5 6 7 [8] 9 10 11 12 13 14 15 16 17 18 19 .. 19 :: one page |
First page | Previous page | Next page | Last page |