Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
ThorTheGreat
Caldari GoonWaffe SOLODRAKBANSOLODRAKBANSO
|
Posted - 2010.04.28 20:36:00 -
[1]
The creation of this thread is one that amuses me as this particular candidate cannot currently post on these forums but is no less deserving of a candidacy thread than any other. It is because of this that I will post on behalf of Big D and relay his answers to your various queries concerning his candidacy for the CSM.
DJ's Eve Resume (D Facts):
Darius JOHNSON is best known as the former and current CEO of the alliance formerly known as Goonswarm. He has been playing full time since 2005.
DJ served on CSMs 1 and 2. He championed a number of issues including The Incentivization of 0.0 proposal which had a significant impact on, if it was not the impetus for, the revamp of sovreignty in the Dominion expansion. Unfortunately DJ hit a term limit and was unable to see this through to completion.
While DJ is known best as a champion of 0.0 concerns people from past CSMs can attest to his willingness to work towards the concerns of other playstyles. DJ has a varied voting record which is public and has supported industrial, lowsec and empire concerns as well as forum-related issues.
DJ is a technical person, serving as a security expert for a large multinational corporation. His daily work requires him to not just be able to understand technical jargon and issues, but to translate those issues to laymen.
The Platform:
To put it quite simply there is none. DJ's experience from the first CSMs is that having a platform is largely political crap that never gets followed through on or is not deliverable. Running on a platform such as FIX LAG is ridiculous because A) everyone knows it's a problem and B) you can't deliver it. DJ's finest attribute as a CSM was his ability to take a multitude of various ideas from the community and coalesce them into acceptable issues that can be raised to the devs. A prime example is the Incentivization of 0.0 issue. This issue was not DJ's idea, but rather was a combination of ideas taken from discussing the 0.0 problems with players on multiple forums and at roundtables at fanfest. DJ's role was to translate the ideas, ensure their passage through the CSM, then champion these ideas to the dev team in Iceland.
In short, while it would be nice to say something like "Darius JOHNSON - HE WILL FIX WHATEVER YOU WANT *OBVIOUS THING GOES HERE*, that is just BS fed to the masses in order to solicit votes from gullible people. Nobody likes lag. Nobody likes useless ships. Nobody likes useless space. Making a platform of these issues is pandering.
DJ's ~Issues~:
So having said there's no platform here are the issues DJ is currently most concerned about -
Tuning Sovreignty - DJ feels that the vast majority accept that Dominion was an improvement over POS warfare, but it is not completed yet. DJ would like to advocate for you in order to better flesh out the gaps and deliver something more palatable. It seems the "incentivization" was left out of the "Incentivization of 0.0" proposal.
Forum Policies - This may seem a bit self-serving but the forum policies on Eve-o are considered by DJ to be draconian. This is a video game forum not a super serious forum that merits 6 month bans for silly posts or jokes, which scale up but never down... for life. Certainly there is a necessity to moderate the forums and there should certainly be time outs, but what merits these actions needs to be visited as well as some scaling for offenses in relation to severity.
Lowsec - It's useless. Everyone knows it's useless. We need to think long and hard as a community to squeeze some water from this stone and develop a niche.
Alliance Standings - They suck. They're being worked on. DJ would like to be able to be your voice into this process.
Landlords Online - It seems that someone things playing space landlord as a source of income should be a standard. It's boring. We need alternatives. |
ThorTheGreat
Caldari GoonWaffe SOLODRAKBANSOLODRAKBANSO
|
Posted - 2010.04.28 20:41:00 -
[2]
Landlords Online - Cont. - While being a space landlord may be attractive to some, it is the lazy man's way out to others. There needs to be actual in-game mechanics to support alliance level activities other than trying to wrangle people (without a mechanic hilariously enough) into paying you rent.
Security - DJ believes CSM4 dropped the ball on additional authentication factors or the use of tokens (like WoW has) for additional account security. The statements that were made were technically inaccurate and ignorant. He would like to revisit and rectify this.
That serves as enough information to begin a dialogue I believe. I look forward to your comments and conversation. |
TeaDaze
Agony Unleashed Agony Empire
|
Posted - 2010.04.28 21:19:00 -
[3]
Originally by: ThorTheGreat Security - DJ believes CSM4 dropped the ball on additional authentication factors or the use of tokens (like WoW has) for additional account security. The statements that were made were technically inaccurate and ignorant. He would like to revisit and rectify this.
I would be interested to hear DJ's analysis of this because a) it is a subject I am interested in and b) it was mostly the goon candidates in CSM4 who played devil's advocate and opposed any additional :effort: to logging in
Of course I agree that having to go through pages of username, password, numeric code, captcha, fingerprint, retina scan etc would be a PITA but there has to be a happy medium in there somewhere between convenience and security.
Vote TeaDaze for CSM5!
|
ThorTheGreat
Caldari GoonWaffe SOLODRAKBANSOLODRAKBANSO
|
Posted - 2010.04.28 21:56:00 -
[4]
Originally by: TeaDaze
Originally by: ThorTheGreat Security - DJ believes CSM4 dropped the ball on additional authentication factors or the use of tokens (like WoW has) for additional account security. The statements that were made were technically inaccurate and ignorant. He would like to revisit and rectify this.
I would be interested to hear DJ's analysis of this because a) it is a subject I am interested in and b) it was mostly the goon candidates in CSM4 who played devil's advocate and opposed any additional :effort: to logging in
Of course I agree that having to go through pages of username, password, numeric code, captcha, fingerprint, retina scan etc would be a PITA but there has to be a happy medium in there somewhere between convenience and security.
DJ - "Additional effort is always the tradeoff when one is discussing security. Additional security, by nature, tends to add levels of complexity that make your ability to achieve the secured end result more difficult. The underlying challenge therefore is to add layers which achieve that additional security while having the smallest possible impact on productivity. The fingerpointing aside (I had heard from at least one goon CSM that it was others who didn't "get it"), the fact is that simply adding items of the same factor to an authentication mechanism adds the same level of interaction complexity as adding an additional factor with SIGNIFICANTLY less of an increase in overall security. Let's break the problem down into laymen's terms with a quick lesson on authentication factors.
A "factor" is a piece of information which must be verified in order to authenticate a person or process. There are currently three accepted factors for authentication. Something you know (a password), something you have (a token) or something you are (a biometric). Simply piling up multiples of the same factor have a limited impact on overall security while adding the same barriers to interaction. In the current system, which is identical in practice to the one employed in guildwars, you are required to answer an additional question once you've presented your password. In essence an additional field pops up which asks you for an additional piece of information you "know", namely the name of a character on the account. If one accepts that the largest risks people are currently facing are keystroke loggers and social engineering how does this defeat that? The answer is that it doesn't, it may buy a window of time, but it is a small one before the malicious actor's strategies adapt, at which point you're up a creek. A keystroke logger will log the account name in the additional field. A fake login page will simply pop up an additional menu with the same question then capture that as well. I am actually unable to play guildwars at the moment because I can't remember the name of any of my characters. A problem I suppose which is of my own creation, using gimmick names such as teh awesome wizard or WeedKing420 makes it hard for me to recall them all.
So to defeat the two arguments I recall against a second factor of authentication. The first was that it will be a PITA to log in. Well, you have exactly the same amount of additional interaction now with the additional knowledge request. The second was that there would be little adoption, which is an argument of OPINION with no basis whatsoever in fact. If one WERE to want to do that research one should look at the trends WoW has had in adoption of their authentication tokens. Goons at least have had a high adoption rate. Why? Because it's EASY and it has a BIG impact. The time-based token completely defeats key loggers and fake login pages (social engineering). I say that the industry via WoW has recognized the account hacking problem, and has crafted a strong authentication solution that is accepted across the security spectrum, which meets that test of |
ThorTheGreat
Caldari GoonWaffe SOLODRAKBANSOLODRAKBANSO
|
Posted - 2010.04.28 21:59:00 -
[5]
providing greater security while also not interfering enough with the authentication process as to be over-burdensome. Hell, if you have a smart phone it's even possible to implement at no cost. Is there a cost to CCP or Blizzard? Certainly, but does it outmeasure the cost in internal investigations of hackings, reimbursements and the loss of customers? Blizzard has determined that the answer is "yes". I can't answer for CCP except to say that I'd love to learn otherwise. If you have additional questions on specifics I'd be happy to answer them." |
Marlona Sky
D00M. RED.OverLord
|
Posted - 2010.04.28 22:00:00 -
[6]
The guy in the picture looks like a total ****ing tool bag. Where did you get it?
|
ThorTheGreat
Caldari GoonWaffe SOLODRAKBANSOLODRAKBANSO
|
Posted - 2010.04.28 22:04:00 -
[7]
Originally by: Marlona Sky The guy in the picture looks like a total ****ing tool bag. Where did you get it?
That's a photoshop Stahlregen made of DJ's head in his Aeronaut hat from the fanfest presentation on Napoleon's body. I'll try to find a more attractive man than DJ the next time I make a thread for him in order to please you. |
TeaDaze
Agony Unleashed Agony Empire
|
Posted - 2010.04.28 23:21:00 -
[8]
Originally by: ThorTheGreat The fingerpointing aside (I had heard from at least one goon CSM that it was others who didn't "get it"), the fact is that simply adding items of the same factor to an authentication mechanism adds the same level of interaction complexity as adding an additional factor with SIGNIFICANTLY less of an increase in overall security.
In seriousness and credit where it is due Zastrow did a good job at the Summit and not just in this particular discussion Playing devil's advocate was valid as it was a reminder that not everybody gives a stuff about the security of their internet spaceships. At least not until they lose them and proceed to tie the petition system in knots...
The :effort: argument was valid because for many people even remembering a non trivial password is a PITA. Forcing them to have a better password than "bond007" or having them dig out a token to type in a "random" number within X seconds will just annoy them further. Of course these people need to HTFU
The argument about adoption was valid too because those people who don't give a stuff about security are least likely to buy a token. If you don't get a decent adoption rate then it becomes extra expense for no significant reduction in support costs. I make the assumption that the people who most care about security would snap up tokens but they were probably the least likely to be hacked in the first place.
However if CCP ran some kind of promotion (token plus bonus game time) or even provided an option to buy them with isk then adoption would likely ramp up pretty quickly. Getting more drastic CCP could after a period of time state that without an auth token any account hack petitions will not be processed. I'm not sure how far they would want to go, but I doubt they would want to make them mandatory.
I would love to have an RSA style token (as long as once token can be used for multiple accounts) and I hope that CCP can be pushed into providing this option going forward. I'm also still in favour of an optional system to only allow known IPs to login to an account. This would only be for people with fixed IPs or who know the issues.
Perhaps CSM5 will have a few more delegates supporting security issues, votes permitting
Vote TeaDaze for CSM5!
|
ThorTheGreat
Caldari GoonWaffe SOLODRAKBANSOLODRAKBANSO
|
Posted - 2010.04.29 02:35:00 -
[9]
Originally by: TeaDaze
In seriousness and credit where it is due Zastrow did a good job at the Summit and not just in this particular discussion Playing devil's advocate was valid as it was a reminder that not everybody gives a stuff about the security of their internet spaceships. At least not until they lose them and proceed to tie the petition system in knots...
The :effort: argument was valid because for many people even remembering a non trivial password is a PITA. Forcing them to have a better password than "bond007" or having them dig out a token to type in a "random" number within X seconds will just annoy them further. Of course these people need to HTFU
The argument about adoption was valid too because those people who don't give a stuff about security are least likely to buy a token. If you don't get a decent adoption rate then it becomes extra expense for no significant reduction in support costs. I make the assumption that the people who most care about security would snap up tokens but they were probably the least likely to be hacked in the first place.
However if CCP ran some kind of promotion (token plus bonus game time) or even provided an option to buy them with isk then adoption would likely ramp up pretty quickly. Getting more drastic CCP could after a period of time state that without an auth token any account hack petitions will not be processed. I'm not sure how far they would want to go, but I doubt they would want to make them mandatory.
I would love to have an RSA style token (as long as once token can be used for multiple accounts) and I hope that CCP can be pushed into providing this option going forward. I'm also still in favour of an optional system to only allow known IPs to login to an account. This would only be for people with fixed IPs or who know the issues.
Perhaps CSM5 will have a few more delegates supporting security issues, votes permitting
From DJ "One known quantity about the knowledge factor is that forcing complexity or hard passwords seldom works. Many people are lazy or have a hard time remembering these things and therefore will find ways around it. The beauty of adding a second factor is that this now becomes less of a concern. I personally find it easier to key in a number displayed on a screen in front of me on either a token or phone than I do to remember a password at times. Your phone also tends to be something you constantly have with you.
Re: adoption there's no way to tell and any guesses at it are only that. There's no data that's been shown to speak one way or another about it, though my gut is that if the Blizzard money machine found the investment to be of value there's probably a way they're not losing money on it. I don't think it wise to automatically assume that someone who would purchase or install a free token on their phone is automatically unlikely to have needed one in the first place. Virtually everyone at some point has put themselves in a position to have fallen victim to a keylogger or is a liar.
I wouldn't recommend they be mandatory, but I do agree with the possibility of incentives or perhaps some changes in reimbursement policies to increase adoption. Known ips is an intriguing option, but not as secure as a time-based authenticator and in actuality perhaps even more burdensome.
If I'm on CSM5 and the makeup is what I believe it will likely be I don't believe getting the votes will be an issue. Getting CCP to implement will be the largest hurdle."
|
Bunyip
Gallente Center for Advanced Studies
|
Posted - 2010.04.29 07:13:00 -
[10]
Edited by: Bunyip on 29/04/2010 07:13:13 As to DJ's willingness to support other playstyles, he has refuted this statement in person while we were in Reykjavik. He is PvP to the core.
That being said, he was a hard worker in CSM 2 and put a lot of effort into the sovereignty changes. As we all wait with baited breath for the rest of the promises to be fulfilled (gate guns, missions, treaties, et al), his ideas helped form the core of this concept.
As a carebear with some PvP training, I cannot support him myself. However, I'm sure many others agree with his viewpoints, and he is a great candidate for 0.0/PvP concerns.
"May all your hits be crits." - Knights of the Dinner Table. |
|
Ben Derindar
Dirty Deeds Corp.
|
Posted - 2010.04.30 00:25:00 -
[11]
Correct me if I'm wrong, but doesn't applying for the CSM require a character/account relatively free of warnings/bans? If this still the case, then why was Darius accepted as a candidate at all, given that he can't even post his own plug thread?
/Ben
|
ThorTheGreat
Caldari GoonWaffe SOLODRAKBANSOLODRAKBANSO
|
Posted - 2010.04.30 17:31:00 -
[12]
Originally by: Ben Derindar Correct me if I'm wrong, but doesn't applying for the CSM require a character/account relatively free of warnings/bans? If this still the case, then why was Darius accepted as a candidate at all, given that he can't even post his own plug thread?
/Ben
Your forum account and your Eve account have two separate restriction structures. I'm assuming this has much to do with the relative looseness with which forum bans are applied. In any case the standing of your forum account has no impact whatsoever on your standing as a CSM candidate. Darius's in-game account has never been actioned against. Darius was actually banned from the forums for a time during his first stint in the CSM.
I think the problem lies more with the ridiculous applications of the rules by the moderation team. Darius's forum bans have been applied for rather silly things and unfortunately the forum "rules" in place mean that each one scales up. The latest 6 month ban was for a single posting of the phrase "solodrakban" in a thread celebrating the creation of the alliance. Certainly not a contributing post, but also certainly not worthy of a 6 month ban.
|
Fliko
|
Posted - 2010.04.30 19:15:00 -
[13]
Do you have any ideas on how to fix lowsec, and I hear a lot of people screaming Gallente (and Amarr) are broke (surprise surprise), what's your opinion on the status of balance between all the factions.
|
ThorTheGreat
Caldari GoonWaffe SOLODRAKBANSOLODRAKBANSO
|
Posted - 2010.04.30 20:19:00 -
[14]
Edited by: ThorTheGreat on 30/04/2010 20:21:04
Originally by: Fliko Do you have any ideas on how to fix lowsec, and I hear a lot of people screaming Gallente (and Amarr) are broke (surprise surprise), what's your opinion on the status of balance between all the factions.
DJ - "This is an interesting two part question. I'm usually loathe to put myself in a game designer position. A little known fact about the CSM that many still don't seem to grasp (including those running for CSM) is that you are not a game designer. You are an advocate for players in a representative democracy. Thankfully lowsec has been an issue for some time and there are quite a few ideas for me to borrow from.
An idea I've always found extremely attractive insofar as lowsec is concerned was presented as a quick idea at Eve Vegas last year by The Mittani. At a high level what he presented, which is something I agree with implicitly, is that something needs to be done to make lowsec unique and not just in ruleset. He proposed a giant drug production capability culminating in the creation of a capital class ship termed "The Methnaught". While taken as a whole this may sound someone fanciful, the core concept, and one I believe we can achieve buy-in for will revolve around the creation of some aspect of gameplay unique to lowsec that gives it an additional reason for being. One such idea is that of the methnaught but I would go so far as to combine some additional ideas. One is an idea that went through CSM 1 which was presented by Ankh, related to a different class of deployables. Not so much POS, though they could be used with unique modules, but smaller deployables for smaller groups of people to use for a specific purpose. I also have a problem with the fact that there's rarely a financial advantage to killing a POS in lowsec. I'd like to see some more variety in structures and perhaps something similar to the salvaging concept. The ability to gain some form of salvage or revenue from a structure when you destroy it serves a multitude of purposes not the least of which is garbage cleanup. I believe this would also serve to shake things up in lowsec as it gives people a reason other than "I don't like those guys" to start and engage in protracted struggle.
The main aspect of attracting people to perform in any area of space in my opinion is incentivization and I believe the above, taken in part with what I'm sure will be many other good ideas to be discussed, will go a long way in spicing things up in lowsec.
As regards your balance question I have to say that specific balance issues have tended to not get much leverage within the CSM. What we can do is state that we believe there's not parity and ask the balance team to look long and hard at the issue and justify their response. That's the route I'd take. I fly every race and I use them all for different things but I won't profess to be the be all and end all in knowledge. I'd probably go the route of opening a thread for balance changes and let the matter percolate among the masses, creating a checklist, then asking CCP to respond to the items as noted."
:edit: To add to the above, I believe lowsec should serve as a different ground for smaller groups to grow and profit without the need for the gigantic numbers required to engage in sov warfare. A niche needs to be carved out there and I believe all that's missing is the tools for the players to do so. |
Volir
Dot.
|
Posted - 2010.04.30 22:51:00 -
[15]
Edited by: Volir on 30/04/2010 22:50:47
Originally by: ThorTheGreat
I fly every race and I use them all for different things but I won't profess to be the be all and end all in knowledge.
I was under the impression that Darius JOHNSON was a PVP expert.
|
ThorTheGreat
Caldari GoonWaffe SOLODRAKBANSOLODRAKBANSO
|
Posted - 2010.05.01 20:37:00 -
[16]
Originally by: Volir Edited by: Volir on 30/04/2010 22:50:47
Originally by: ThorTheGreat
I fly every race and I use them all for different things but I won't profess to be the be all and end all in knowledge.
I was under the impression that Darius JOHNSON was a PVP expert.
He is but he is also humble
|
Kul'them
|
Posted - 2010.05.05 18:08:00 -
[17]
Any reason why DJ is not on the list of candidates you can vote for?
|
Le Skunk
Low Sec Liberators
|
Posted - 2010.05.05 19:52:00 -
[18]
Edited by: Le Skunk on 05/05/2010 19:52:04
Originally by: ThorTheGreat Running on a platform such as FIX LAG is ridiculous because A) everyone knows it's a problem and B) you can't deliver it.....
....Lowsec - It's useless. Everyone knows it's useless. We need to think long and hard as a community to squeeze some water from this stone and develop a niche.
So instead you promote running on a platform of "LOWSEC - WE NEED TO DO SOMETHING WHAT QUITE I DONT KNOW BUT REST ASSURED SOMETHING WILL BE DISCUSSED SOMEWHERE BY.... WELL.. LOTS OF PEOPLE.
SKUNK
(o)
|
Le Skunk
Low Sec Liberators
|
Posted - 2010.05.05 19:58:00 -
[19]
Originally by: Kul'them Any reason why DJ is not on the list of candidates you can vote for?
LOL
Good work OP
SKUNK (o)
|
Avalloc
|
Posted - 2010.05.05 19:58:00 -
[20]
Originally by: Kul'them Any reason why DJ is not on the list of candidates you can vote for?
He withdrew due to RL issues.
|
|
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |