| Pages: 1 2 3 4 [5] 6 7 :: one page |
| Author |
Thread Statistics | Show CCP posts - 8 post(s) |
Denidil
The Graduates
Morsus Mihi
94
   |
Posted - 2011.09.20 21:37:00 -
[121] - Quote
Karbowiak wrote:
You should just tell me what your IP is so i can ban you, so we can get it over with..
Seems like a much better option
or you can grow up and stop acting like a ***** about someone asking you if you've been sharing keys.
i guess your immature behavior has determined whether or not i'll be issuing anything on eve-kill a new key.
WiS is kinda cool and all, but FiS is more important.-á More FIS WORK!
Nerf Supers, get the new backgrounds, buff assault ships, do the 0.0 balance, buff lowsec. and make a space pony!
DUST SHOULD BE ON THE PC (a real platform!) GDI! I WILL NOT BUY A FQNG PS3 |
Herbstleyd
Atrocity.
0
|
Posted - 2011.09.20 21:38:00 -
[122] - Quote
EveWho.com - Atrocity endorsedGäó
Dec plox. |
Peter Powers
FinFleet
Raiden.
14
|
Posted - 2011.09.20 22:44:00 -
[123] - Quote
Joyana Dakota wrote:I'm sorry but this website is breaking some rules in one form or another since I just created a new Corporation yesterday on an alt and it's already showing up on the website, I have never given my API away and I have never conducted any sort of PvP with that character so the information is not coming from random killboard information.
This should be illegal !
You put in the corp name to the search box and send it to the server,
server makes request to eve api, asking the api to give the corporation id for the corporation name
(public API, as it should be, without it and its reverse it would be *impossible* to compare api style killmails with killmail style killmails for example).
with that information he then knows that the corporation exists,
now its quite simple to find it ingame through the search,
or for Squizz_Cs app the API the public information of the corp
like.. founder, ceo, description text...
this is neither a new functionality nor worth the outrage, all those information
Squizz_C uses are information that are essential to build 3rd party applications,
and none of it reveals any damn secret.
You don't want anyone to know that a corp 'exists'?
don't create it.
An existing Corporation is a corporation, that means it is in some sort of corporate register, which usually is public, you can not create a corporation and expect no one to know about it, its legally not a corporation if its not in such register. |
Arkady Sadik
Gradient
Electus Matari
44
|
Posted - 2011.09.20 22:46:00 -
[124] - Quote
Our forums currently authenticate using the CharacterInfo call. We require an API key for the initial authentication, but once we have established that the forum account is indeed belonging to the same person as the API key holder, we do not need the API key anymore - we can simply call CharacterInfo and see if they're still in the alliance.
Likewise, there are lists like the FacWarTopStats that give you characterID but no further information about them. We use CharacterInfo to check which corp these people belong to. This is very useful as well.
Please do not remove this functionality. It's really, really useful. |
Morganta
Peripheral Madness
The Midget Mafia
39
|
Posted - 2011.09.20 23:04:00 -
[125] - Quote
Miilla wrote:How about this for an idea, NO API INFO without a valid KEY. Period. NOTHING; absolutely ZERO output.
If they have a valid reason to query the API, they would have a key.
this is how it should be
The American public's reaction to the change was poor and the new cola was a major marketing failure. The subsequent reintroduction of Coke's original formula, re-branded as "Coca-Cola Classic", resulted in a significant gain in sales, leading to speculation that the introduction of the New Coke formula was just a marketing ploy |
Miilla
Hulkageddon Orphanage
54
|
Posted - 2011.09.20 23:10:00 -
[126] - Quote
CCP Stillman wrote:Miilla wrote:Are you going to require that applications be "authorised" by some kind of unique APP certificate so you can tell which apps are putting what loading on the servers etc?
I can't speak in certain terms, as the plans aren't done at this point. But does it make sense to me? Yes.
So a likely future direction of the Eve API.
1) Paid for license App certificate / key to allow full access API's or perhaps priority queued and full query capabilities
2) Free license App certificate / key to allow basic API's and perhaps a slower secondary priority access, after paid for apps have got their share of calls completed and perhaps even limited in number of queries or time between queries.
I can see managing those app certificates being very messy, especially when those certs have been compromised, and they will, if there is a tiered API service. |
seany1212
The Scowling Men
The Laughing Men
2
|
Posted - 2011.09.20 23:21:00 -
[127] - Quote
Karbowiak wrote: That said, you trying to get the EVSCO API banned by CCP, wouldn't be in anyones interest, since without it - EVE-KILL wouldn't recieve any mails via the API.
At which point, you hunting Squizz around ingame will be the least of your troubles :D
This **** just got real 
|
Peter Powers
FinFleet
Raiden.
14
|
Posted - 2011.09.20 23:27:00 -
[128] - Quote
Morganta wrote:Miilla wrote:How about this for an idea, NO API INFO without a valid KEY. Period. NOTHING; absolutely ZERO output.
If they have a valid reason to query the API, they would have a key.
this is how it should be
thats not how it can or should work,
there are information that *need* to be public available which will lead to some things exposed - for once that is the ID to name conversion.
if i have the name "Peter Powers" and i want to display the character portrait for example i need to be able to find the ID 179004085 somehow, otherwise i cannot show character pictures in my application.
Now for some use cases that might sound irrelevant, but if i have a software like a killboard for example, i really want those portraits there.
something similar goes for corporations, to display the logo of a corporation, i need to be able to retrieve the corporation information, since those contain the data needed to display the logo (or the corp description, or the ceo's name, or any other random public information).
Without all those information you end up with pretty horrible looking third party tools that have a horrible usability,
rather than the rich and colorfull environment of tools and ideas put to tools you have nowadays.
And honestly,
let me assure you that the API exposes no intel with any real meaning without a proper API key; and that eve-who, as nice as it is has a pretty limited set of data available compared to what some alliances / corps have in tools that dont even use the EVE API.
|
seany1212
The Scowling Men
The Laughing Men
2
|
Posted - 2011.09.20 23:50:00 -
[129] - Quote
Peter Powers wrote:Morganta wrote:Miilla wrote:How about this for an idea, NO API INFO without a valid KEY. Period. NOTHING; absolutely ZERO output.
If they have a valid reason to query the API, they would have a key.
this is how it should be thats not how it can or should work, there are information that * need* to be public available which will lead to some things exposed - for once that is the ID to name conversion. if i have the name "Peter Powers" and i want to display the character portrait for example i need to be able to find the ID 179004085 somehow, otherwise i cannot show character pictures in my application. Now for some use cases that might sound irrelevant, but if i have a software like a killboard for example, i really want those portraits there. something similar goes for corporations, to display the logo of a corporation, i need to be able to retrieve the corporation information, since those contain the data needed to display the logo (or the corp description, or the ceo's name, or any other random public information). Without all those information you end up with pretty horrible looking third party tools that have a horrible usability, rather than the rich and colorfull environment of tools and ideas put to tools you have nowadays. And honestly, let me assure you that the API exposes no intel with any real meaning without a proper API key; and that eve-who, as nice as it is has a pretty limited set of data available compared to what some alliances / corps have in tools that dont even use the EVE API.
Agreeing with Peter Powers on this situation and confirming theres too many whiney bitches in this game. Dont want your character to be known, dont create one. Simple. |
Guillame Herschel
NME1
1
|
Posted - 2011.09.20 23:54:00 -
[130] - Quote
CCP Stillman wrote:Scraping through characterIDs hoping to hit a valid one is NOT allowed. Doing so will get your IP blocked from the API. But if you do valid calls because you know it's a valid ID is fine. But generating excess errors will get your IP blocked.
It is trivial to avoid any IP-based blockade. Your API is broken. That is the problem. That you can close one barn door after one horse has gotten out is beside the point.
|
Shionoya Risa
The Xenodus Initiative.
46
|
Posted - 2011.09.21 00:12:00 -
[131] - Quote
Right, new alt created and logged off before anything loaded. If this character appears on EVEWho, something is clearly not right. |
Mehrdad Kor-Azor
Iure Divino
33
|
Posted - 2011.09.21 00:23:00 -
[132] - Quote
Big Brother is watching. |
Kronus Heilgar
Dark Orbit Media
2
|
Posted - 2011.09.21 01:07:00 -
[133] - Quote
Bahaha I love how this website gets the rage thread, but I didn't get any when I released my earlier version of the same thing a couple months ago (EVE Central Intelligence)
I know he's not scraping the API with random guesses so you can all stop bitching about that (you'd be amazed how fast the CCP API folks can go get that banhammer). He's in bed with EVSCO / eve-kill, so he gets every character name from every kill that goes through there, and probably also uses the API keys eve-kill users have given to get names from wallet transactions. In addition, the new RSS feed for the forums makes it easy to scrape those too.
So it's not against CCP regulations. But it's definitely an abuse of the API keys people have trusted to EVSCO / eve-kill.
After building an initial database it's quite the chain effect, you can see every corp the characters have been in, then see the CEO's of each of those corps, then see the corps that those CEO's have been in, and so on. All chat logs are automatically saved, so he can process those (just stay logged in while sitting in Jita and the noob systems).
So grow up. It's not going to change now. Best thing you can do is go change all your API keys. |
Simetraz
State War Academy
Caldari State
54
|
Posted - 2011.09.21 05:45:00 -
[134] - Quote
Kronus Heilgar wrote:Bahaha
So grow up. It's not going to change now. Best thing you can do is go change all your API keys.
Change your API keys and don't give out.
That means no killboards, evemon, etc etc etc.
It was only a matter of time before someone put all this information together.
Be thankful they don't list the ISK in your account and what skill your training as well.
By the way I find it interesting that it is illegal to list NPC corp members but not player corps.
Capitals (Balancing and Roles) |
Sable Blitzmann
Massively Dynamic
Reverberation Project
13
|
Posted - 2011.09.21 05:58:00 -
[135] - Quote
I find it funny that people are getting up in arms about people knowing what corp they're in. It's a video game, people, privacy laws don't come into effect with virtual people. Don't like it? Don't play the game (I'm looking at you Miilla) |
Xercodo
Xovoni Directorate
57
|
Posted - 2011.09.21 06:04:00 -
[136] - Quote
My first thought is "They can just show info on you in-game and know what corp your in anyway...."
The Drake is a Lie |
Arkady Sadik
Gradient
Electus Matari
45
|
Posted - 2011.09.21 08:00:00 -
[137] - Quote
The only people this is actually useful for are smaller groups in high/low-sec for war decs, so they can identify and hunt targets. Every halfway competent group did create member lists of their targets anyhow, this site makes that process much easier - a bit annoying, because it takes away some of the edge some groups have.
On the other hand, I do not see how to remove the functionality that enables this site without making a lot of API tools really u seless (see my last post, or Peter Powers' post above). So, better this way than the other. |
malaire
43
|
Posted - 2011.09.21 08:05:00 -
[138] - Quote
Simetraz wrote:By the way I find it interesting that it is illegal to list NPC corp members but not player corps.
Why would it be illegal? I believe both are allowed.
Carebear -á* -áTrader -á* -áPerfect Music-á-á* -áNever Scamming -á* -áNever Pirating |
C4LYP50
Solarwind Interstellar Mining and Production Ltd
0
|
Posted - 2011.09.21 08:51:00 -
[139] - Quote
Othran wrote:CCP Navigator wrote:I have spoken with the developers who manage and maintain the EVE API. They have assured me that evewho is not conducting any illegal or underhand method of obtaining API information. All information gathered has been posted publicly in one form or another. We maintain a very close eye on what is happening with the API information and will continue to do so. Ummm no. As I said earlier I have a character who has never done anything. No information was "posted publically" at all. The fact that the API calls confirm or refute the existence of a character based on a random charID suggests you're running damage control here Spitfire. I would strongly suggest you don't. Any system which confirms or refutes the existence of a user (or character) based on the user (char) ID and no key/pw is broken. Simple as.
This guy is exactly right. Alts who've never undocked, or had any impact (no buying/selling, speaking in local, etc.) on the game at all, are being shown here. This, to me, represents a prime example of API info gone way wrong. When all other options have been argued and refuted, this fact remains: You (CCP) changed the way the API works, and what can be gleaned from the data dumps. Now someone has datamined through your security hole, and I'm not appreciating your feeble attempt at damage control. As for the often used "its all information that you can glean ingame, publically available", I call BS. If this were true, it would have been done by someone long before now.
Just once, I'd like to have confidence in CCP to actually test stuff before it's pushed out live. Honestly............when are you people going to LEARN? |
Miilla
Hulkageddon Orphanage
57
|
Posted - 2011.09.21 10:27:00 -
[140] - Quote
THE END IS NIGH!!
NIGH!
|
Karbowiak
Sniggerdly
Pandemic Legion
19
|
Posted - 2011.09.21 10:27:00 -
[141] - Quote
Kronus Heilgar wrote:Bahaha I love how this website gets the rage thread, but I didn't get any when I released my earlier version of the same thing a couple months ago ( EVE Central Intelligence) I know he's not scraping the API with random guesses so you can all stop bitching about that (you'd be amazed how fast the CCP API folks can go get that banhammer). He's in bed with EVSCO / eve-kill, so he gets every character name from every kill that goes through there, and probably also uses the API keys eve-kill users have given to get names from wallet transactions. In addition, the new RSS feed for the forums makes it easy to scrape those too. So it's not against CCP regulations. But it's definitely an abuse of the API keys people have trusted to EVSCO / eve-kill. After building an initial database it's quite the chain effect, you can see every corp the characters have been in, then see the CEO's of each of those corps, then see the corps that those CEO's have been in, and so on. All chat logs are automatically saved, so he can process those (just stay logged in while sitting in Jita and the noob systems). So grow up. It's not going to change now. Best thing you can do is go change all your API keys.
Thing is tho, no information besides the pilot list that you also got, are being shared.
Only one using the API keys given to EVE-KILL is EVE-KILL and its hosted killboards.
The only thing we share with EVEWho and EVEChatter are the API proxy, since we both benefit from having an api proxy that's "warm". EVE-KILL benefits from it when its showing stats on corps/alliances, and EVEWho can ask the API 500 times a second for the same thing, with only one hit to the CCP API (not that he does, but he could in theory)
The only way we are "in bed" is that Squizz is the guy who helped create the new source for EVE-KILL, and also created our new API mod, and a whole slew of other things.
But at no point in time, did he missuse his powers to give information from EVE-KILL to EVEWho.
All of this said, none of you will believe me, so i don't know why i even bother.. lol |
Miilla
Hulkageddon Orphanage
57
|
Posted - 2011.09.21 10:29:00 -
[142] - Quote
I suggest EVERYBODY makes at least 1 call that generates an error using EVSCO API proxy cache :)
|
St Mike
LoneStar Industries
Comatose Alliance
0
|
Posted - 2011.09.21 10:30:00 -
[143] - Quote
You might even be providing your own Char ID with the request
1. You enter the name in that site
2. it cross checks the name with something like http://eveolution.de/portrait.php?user=miilla
3. the jpegs have your charID in the name ...
4 ...
5. Rage at CCP
|
Karbowiak
Sniggerdly
Pandemic Legion
19
|
Posted - 2011.09.21 10:30:00 -
[144] - Quote
Miilla wrote:I suggest EVERYBODY makes at least 1 call that generates an error using EVSCO API proxy cache :)
Im afraid your plead has not been heard by anyone but your multiple personalities.. |
Karbowiak
Sniggerdly
Pandemic Legion
19
|
Posted - 2011.09.21 10:34:00 -
[145] - Quote
St Mike wrote:You might even be providing your own Char ID with the request 1. You enter the name in that site 2. it cross checks the name with something like http://eveolution.de/portrait.php?user=miilla3. the jpegs have your charID in the name ... 4 ... 5. Rage at CCP
Also, ingame, all portraits are loaded from http://image.eveonline.com/Character/externalid_size.jpg
So your CharacterID is also ingame  |
Miilla
Hulkageddon Orphanage
57
|
Posted - 2011.09.21 10:41:00 -
[146] - Quote
All this MAYBE ingame, so what, if they want it IN GAME, they can LOG IN to the game and PLAY THE GAME.
Not automate it, that is something we are always told, CCP want people to LOG INTO the game to PLAY THE GAME to get info etc.
|
Karbowiak
Sniggerdly
Pandemic Legion
19
|
Posted - 2011.09.21 10:45:00 -
[147] - Quote
Miilla wrote:All this MAYBE ingame, so what, if they want it IN GAME, they can LOG IN to the game and PLAY THE GAME.
Not automate it, that is something we are always told, CCP want people to LOG INTO the game to PLAY THE GAME to get info etc.
Thing is my dear friend, the image server is made so that this forum can show images from ingame in an easy way, and evegate, and eveonline.com, and all 3rd party sites aswell.
Its used in EVE aswell, cause the client shouldn't render the images like it used to do, took too much time.
But isn't it awesome spouting nonsense without having the faintest clue how it works, or why its done this way ? i wish i could do that  |
Jackk Hammer
Caldari Provisions
Caldari State
1
|
Posted - 2011.09.21 10:45:00 -
[148] - Quote
This is the reason I never give my api key to anyone except trusted sites like Chribba's eveboard or pandemic-legion.com |
Miilla
Hulkageddon Orphanage
58
|
Posted - 2011.09.21 10:48:00 -
[149] - Quote
DoooooooooooooooooommmmM!!! |
Karbowiak
Sniggerdly
Pandemic Legion
19
|
Posted - 2011.09.21 10:48:00 -
[150] - Quote
And with that last remark, i think we can call this rage thread for over.
Toodles o/ |
| |
|
| Pages: 1 2 3 4 [5] 6 7 :: one page |
| First page | Previous page | Next page | Last page |