| Author |
Thread Statistics | Show CCP posts - 63 post(s) |
Florestan Bronstein
   |
Posted - 2010.12.10 18:40:00 -
[1]
Edited by: Florestan Bronstein on 10/12/2010 18:40:43
 Originally by: Kalle Demos
How the hell do you manage todo a combat mission and do laundry & dishes anyway, besides I said this should affect ratting / mining bots
activate perma-tank, pull aggro, deploy drones
edit. wrong character, Cyaxares is my alt
|
Florestan Bronstein
|
Posted - 2010.12.10 21:40:00 -
[2]
Edited by: Florestan Bronstein on 10/12/2010 21:42:59
Originally by: Kalle Demos
Edited by: Kalle Demos on 10/12/2010 19:23:39
Originally by: Florestan Bronstein
edit2: how exactly do you imagine this bot detection would work? not exactly hard for the bot author to introduce substantial randomization of bot behavior.
I dont think you get this still, if this was an idea I created, I probably would agree with you but theres already a nice and effective way in dealing with bots and techniques that I have mentioned are being used and have been effective for many years, other games do this, who openly announce they check bots to understand their enemy.
My rule on all programming/CS-related claims is - either I understand how the described service/mechanic/feature/... can work in principle or I believe the claim to be fake until I have been convinced.
You wrote that the captcha is only displayed when a suspicion has already been established.
The question is - where does this suspicion come from?
A good bot should be indistinguishable from a real player after all.
One solution is to install spyware on your customers' computers and monitor what programs they run besides your own (you have to add rootkit-like features, too, to make sure that spyware is not easily bypassed). That's extremely ugly, doesn't work when the bot is changed and because said spyware runs on the customers' PC he can analyze and bypass it without too much troubles.
Otherwise how do you detect a bot? do you suspect every player who earns a certain amount of ISK per week from mining to be a bot and give him some sort of Turing test? do you suspect every character who is actively logged in for more than <x> hours?
or do you go after actual behavior (as you seemed to suggest)? because in that case you get into problems.
you say "but a bot is predictable, he always does the same things" - well, instead of waiting 2 seconds before going to the next step the bot good as well wait for a random amount of seconds drawn from some distribution with mean 2. The bot can warp to random belts, change the order of some actions (why always activate the first and then the second mining laser?), take random breaks to check out 4chan with the IGB, ... all without much effort to the bot writer.
If the bot writer wants to be serious about this he could even create a database of recorded actions by real players and select from these (or do variations on these).
So unless you go for the crude "everybody who is playing for more than <x> hours per day" metric (which basically only says "hey, extreme botting is not good for you") how do you establish that initial suspicion?
Every game company will tell you that they can detect bots somewhat reliably because the first step to prevent botting in your game is to scare people away from using bots (read Akita's posts on that matter). But unless you provide more specific information I have no reason to believe that the bot detection system you describe (before the actual captcha is presented) is really that good.
Originally by: Kalle Demos
EVE isnt the only game out there but by the looks of it is the only one that doesnt do anything against non-RMT botters, sounds to me your concerns are more todo with your afk income than anything else.
no I don't play actively atm - I am just concerned because lots of know-it-alls are rallying up on this matter without giving much thought to the possible consequences of their demands ...
|
Florestan Bronstein
|
Posted - 2011.02.17 16:15:00 -
[3]
Edited by: Florestan Bronstein on 17/02/2011 16:15:27
If you would work at CCP and you had the choice between banning 20% of bots and reducing all bots efficiency by 20% what would you do?
|
Florestan Bronstein
|
Posted - 2011.02.21 12:26:00 -
[4]
Originally by: Consortium Agent
The choice we have as players is one of the following:
1. Stop playing Eve (yeah, right, that's going to happen... NOT!)
2. Start using bots to level the playing field.
3. Start resolving the problem ourselves.
4. put pressure on CCP to take action against bots or face massive negative media fallout.
riverini is currently contemplating the "Pros and Cons of Putting a Botting Guide in EN24.com" on kugu - idea is to set CCP a 30 day ultimatum "to release a blog where they explain what they have been doing to drive the botting issue down" and publish extensive botting guides on EN24 if the ultimatum is not met (to "level the field" and put further pressure on CCP).
|
Florestan Bronstein
|
Posted - 2011.02.21 20:12:00 -
[5]
Edited by: Florestan Bronstein on 21/02/2011 20:15:24
Originally by: Sullen Skoung
Originally by: Florestan Bronstein
4. put pressure on CCP to take action against bots or face massive negative media fallout.
Funny thing about that, as has already been said, Bots are in EVERY MMO.
Most MMOs however dont have the player run economy (hah) that we do so bots arent an issue, and so noone cares about them. So unless youre already in this game, and know the issue is a problem, then reading about how EVE is bot riddled isnt gonna matter.
lol, that's pretty much exactly what I wrote in the kugu thread.
Originally by: Sullen Skoung
On the other hand, also, as previously stated, making the issue more well known will drive people that would be interested in the game away.
"Yes, but that will put pressure on CCP"
Yes, but that will damage EVE in the process. Google the term "Pyrrhic victory"
What makes you assume that I have no general education and have to google that term? (the grammar school I did attend had a focus on classical languages)
The victory wouldn't be in causing damage to CCP, the victory would consist of the prospect of damage to CCP forcing them into action to prevent said damage.
If they fail to do this and it becomes necessary to turn the mere threat of damage into actual damage, then both sides have failed to achieve their respective objectives.
That would be a bad outcome but it has to be accepted as a possible outcome for the threat to be credible. If you aren't ready to ruin the game, there is no incentive for CCP to fix it.
|
Florestan Bronstein
|
Posted - 2011.02.24 18:31:00 -
[6]
Edited by: Florestan Bronstein on 24/02/2011 18:32:48
Originally by: Rent Buzzline
It's never too late to get straight.
I don't think the majority of posters in this thread agrees with your opinion.
Consensus seems to be that botters should get permabanned at first offense (instead of giving them temp bans of increasing duration) or that their skills and assets should be reset.
|
Florestan Bronstein
|
Posted - 2011.02.27 14:01:00 -
[7]
Originally by: Consortium Agent
I have it on good authority that CCP *will* accept petitions for bots. How those petitions are generated is not CCP's problem, but they will accept petitions. Amazingly, reportbots.com generates them. Who'd have thunk it? A third-party site designed to work in conjunction with CCP towards putting a dent in this problem. Wow. F'ing amazing!
why so angry?
From what I have heard so far both of you are right.
CCP won't ban anyone based on data collected by a third party.
But they will look into petitions (and then ban or not based on their own internal data) and collecting data might help a 3rd party to decide whether to bother with writing a petition or not.
|
Florestan Bronstein
|
Posted - 2011.03.01 22:28:00 -
[8]
Edited by: Florestan Bronstein on 01/03/2011 22:28:05
The only way to do client-side bot detection/target bans based on client-side info somewhat reliably is to adopt some form of trusted computing.
As long as the user is in full control of his machine, he can fool any client-side checks (such as banning certain MAC addresses, OS serials, ...).
But in that case the cure would imho be worse than the disease.
|
Florestan Bronstein
|
Posted - 2011.03.02 12:06:00 -
[9]
Originally by: CCP Sreegs
What being rude does do however is make it less likely that I'll take your thread or post seriously and attempt to give you what information I can.
Now that's some professional customer service.
You could have just told us in very broad terms what you are working at (hardening the client?, better server-side detection routines?, more/better trained GM staff to deal with the issue? how confident are you that you fully understand the impact of botting on the economy of EVE? maybe you can provide us with some figures that convince us it is in CCP's own financial interest to get rid off bots? ...) and this thread would only be half its size.
Most people actually want to believe that CCP does care but you simply don't give them much opportunity to do so.
Every comment by CCP seems to be designed to pour some additional fuel into the fire of customer rage.
CCP has designed this great game that is all about risk vs reward, moral ambiguity and an "ends justify the means" approach to PvP - the perception that EULA rules on botting are not strictly enforced could have a much bigger impact on the average EVE player's behavior than it would have on the typical player of most other MMOs.
|
Florestan Bronstein
|
Posted - 2011.03.02 13:21:00 -
[10]
Originally by: CCP Sreegs
...
just want to say "thank you" for that reply 
|
Florestan Bronstein
|
Posted - 2011.03.03 13:03:00 -
[11]
Edited by: Florestan Bronstein on 03/03/2011 13:06:25
Originally by: Kogh Ayon
With the combination of these two, what? A bot-generated(random) reading content? Yes, If the coder could't get a stable copy/image of words there is no way to let the bot to "read".
you realize that mission instructions, dialog boxes, ... etc. are just HTML formatted pieces of text that can easily be searched for keywords?
Here's a nice (real world) example of a bot "reading" the mission description to determine the enemy faction:
Quote:
private DamageType GetMissionDamageType(string html)
{
// We are going to check damage types
var logoRegex = new Regex("img src=\"factionlogo:(?<factionlogo>\\d+)");
var logoMatch = logoRegex.Match(html);
if (logoMatch.Success)
{
var logo = logoMatch.Groups["factionlogo"].Value;
// Load faction xml
var xml = XDocument.Load(Path.Combine(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location), "Factions.xml"));
var faction = xml.Root.Elements("faction").Where(f => (string) f.Attribute("logo") == logo).FirstOrDefault();
if (faction != null)
return (DamageType) Enum.Parse(typeof (DamageType), (string) faction.Attribute("damagetype"));
}
return DamageType.EM;
}
The bot just uses a search pattern (aka regular expression or short: regex) to look for the filename of the small image indicating the enemy faction.
Then it decides which damage types to use for ammo based on that information.
(@mods please understand that this sample of code was taken from a public website and is completely useless in itself - my intention is to demonstrate a point and that's best done by referring to real-world samples instead of made-up pseudocode
@world obviously I cannot give copyright attribution without violating the forum rules)
Even if your bot had no way to hook into the EVE client OCR on machine-written pieces of text is easy (even more so if you know the font that has been used and can train the OCR algorithms accordingly).
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.06 07:47:00 -
[12]
captchas are a completely unacceptable solution from a game design POV as they #1 immersion breakers.
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.06 09:05:00 -
[13]
Edited by: Florestan Bronstein on 06/03/2011 09:15:15
Originally by: Zophos Akratos
Are you sure that missions can be macro'd aswell? I was actually hoping that that was one of the few things besides actual PvP that cannot be dominated by macro's :[?
Missions can be automated as well - currently there are at least two mission running bots on the market (both are free & sourcecode is publicly available but they require subscription-based software to work).
The one I had a closer look at seems to have a few limitations (purely drone based setups don't work well, omni tank is required) but is able to pick up missions, select suitable ammo, execute missions (including non-combat actions like fetching stuff from cans), warp into safety when tank or capacitor is low, prioritize tackling ships (and webbing ones if you run a speed tank), do looting and salvaging either on the fly (Marauders) or with a dedicated salvaging ship once the mission is completed, and hand in missions.
Mission actions are read from XML files, if no specific actions have been defined the tool just waits 15s for aggression, then continues to clear the room, looks for the next acceleration gate and repeats until no acceleration gate is left.
The mission definition XML files basically give a description of the mission actions like "kill every ship except for Kruul; kill Kruul; kill every ship that has spawned; shoot the Pleasure Hub but stop once attackers appear and kill these before resuming to shoot the Hub; loot the Damsel from one of the cargo cans; return home".
Typical ships seem to be Marauders and Tengus - a larger operation would obviously benefit from fleet boosting alts in the most common solar systems. Unlike ratting bots you can of course put any amount of mission bots into a single solar system without experiencing diminishing returns. On the other hand due to the "only omni-tanking" limitation fairly expensive ships and/or high SP characters seem to be required.
Mission running is done in deadspace pockets and as such much further from the public's eyes than belt mining. Therefore it is very hard to estimate how many people use mission bots - but the necessary software does exist and is only a google search away.
edit: as for actual pvp - there's no plausible reason why you couldn't automate large fleet pvp as long as FC orders are consistently relied through fleet broadcasts.
"align there", "shoot this", "give this ship some RR", ... are all actions that could easily be executed by a bot.
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.15 08:24:00 -
[14]
Edited by: Florestan Bronstein on 15/03/2011 08:31:24
Originally by: PC l0adletter
Heya, Sreegs,
Can you comment on the six bots in ETO-OT, Spire, that have been merrily logged in 23/7? They were petitioned and discussed over a month ago in the EN24 article. Here's the screenshot with the names: http://evenews24.com/riverini/other_guys/fromage/2011.02.06.05.59.jpg
They're still there, farming away.
Looking at his prior posts he probably does not care.
... at least not in the way you want him to care.
5 bots are just a drop in the ocean and how does manually banning them solve the problem of botting? it doesn't.
A few days ago I spent about 30 minutes to write a Python script that solved a task I could have done manually in 5-10 minutes.
It even is relatively unlikely I will have to do the same task again in the near future (as the task was fairly specialized) but now I feel like I have truly "solved" the problem (I even included error handling for errors that I knew would not happen in that one specialized set of data) whereas doing the same stuff manually would have felt like a cheap workaround.
Of course you can spend a lot of man-hours on investigating and banning bots manually but as long as you think you have a good idea how to automate this process you won't - and from a purely technical perspective it doesn't really matter whether you need 1 week, 1 month or half a year to implement this solution as long as you know that it can be done.
Throwing bandaids at the problem might provide some temporary relief but it won't solve the problem at all - so why bother spending your resources on the development of bandaids when you can spend the same time on the development of a solution?
Now you will bring up tons of reasonable arguments about banning these bots having a high symbolic value, of EVE bleeding to death before a solution can be found if no bandaids are applied in time, ... but it is not my purpose to convince anyone that the approach outlined above is the right one to take, I just want to illustrate a certain train of thought that tends to be very popular with programmers (imo partly due to them often having a strong maths/applied maths/CS background).
If I look at the problem of botting I see three main challenges:
(a) create gameplay incentives that discourage botting
(b) identify bots
(c) link bots to larger botting/RMT operations
(a) is the job of the game designers
(c) does probably involve a lot of manual work (that is assisted by automated auditing tools).
(b) is an interesting challenge.
You can either concentrate on automated identification of bots or you can concentrate on handling reports by players in the most efficient manner possible (you can't do everything at once as resources are always limited).
In my pipe dreams I would want to design a system that takes reports from players, looks for any patterns in the reported character's actions (much, much harder than it sounds), if it finds any "meaningful" (but what would make them meaningful?) patterns compares these to its set of already known patterns and if new "learns" them to use them in its own automated scanning sweeps for bot activity. (With different patterns having different weights based on GM experience, analysis of bots and prevalence of these patterns in user reports).
Humans (players, GMs) are really good at pattern detection but using humans for detection is a solution that won't scale all that well (automated solution: high initial investment but low marginal cost).
... but that's just my rather lengthy 2 cents.
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.20 07:57:00 -
[15]
Originally by: CCP Sreegs
Originally by: Consortium Agent
A big post that I can't quote :(
Hey guy thanks for the kind words. I didn't run away from the thread or anything there's just
A) Only so much to say at the moment with Fanfest a week or so away
B) A lot more of you guys than there are of me
C) I was traveling last week which minimizes my posting time
I was aware of your site and found it very useful from a few perspectives that if I don't remember to mention at Fanfest I'll be happy to discuss with you in person if you're attending. If not just bump the thread after or post in the dev blog and I'll get into some more detail.
Linkage
So the talk on bots has been masked (again!) as a presentation on "Security"? or has CCP decided that the issue of botting is not of sufficient interest to the EVE audience that it warrants a livestream?
looking forward to no mention of bots and plenty "evil RMTers will steal your account details" propaganda.
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.21 22:33:00 -
[16]
Edited by: Florestan Bronstein on 21/03/2011 22:33:29
Looking at implant prices in Jita we have seen a steady decline during the last month (after a short period of rebound/stabilization before).
Up to anyone's guess if this is due to botting becoming rampant (on buy orders we are nearing pre-unholy rage levels of sell orders) or botters slowly liquidating stock as they are scared of CCP action.
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.24 10:15:00 -
[17]
Originally by: auropobia
I put in a buy order higher than the current sell order the first bot responded before the order showed up on my screen and the order was filled in seconds. The Trade bots are getting worse than the mining bots.
CCP bots, best bots.
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.25 18:30:00 -
[18]
Edited by: Florestan Bronstein on 25/03/2011 18:35:03
tl;dr of the presentation - feel free to bot until you receive the first-strike (temp) ban. [if the 2nd ban is 30 days, first ban will probably be between 5-10 days, so no big deal]
How anyone can read this as "now is the perfect time to stop botting" is beyond me... now botters have the explicit assurance they won't get permabanned on 1st or 2nd detected offense.
So the logical thing to do is bot shamelessly until you receive the 1st ban, then sell your botting characters for ISK (or the tainted account for RL money), open a new account, funnel the ISK of the character sale from the tainted to the new account and leave the old account alone.
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.25 18:55:00 -
[19]
Originally by: Chesty McJubblies
Edited by: Chesty McJubblies on 25/03/2011 18:53:17
Originally by: Devil's Call
Watching the live stream as we speak ye.
Is the bald guy Andy Parsons from Mock The Week?
nah... he's just a funny goon.
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.27 06:43:00 -
[20]
Edited by: Florestan Bronstein on 27/03/2011 06:44:16
Originally by: Grey Stormshadow
Yep... player driven economy has no place for bots.
it's a CCP driven economy anyways.
Sreeg's answer to "won't banning bots cause all kind of economic problems in EVE" was basically "no big deal, if that happens we'll just adjust spawn rates to compensate"
I think players tend to take the "sandbox" much more seriously than CCP (EyjoG buying your PLEX, trolololol  ).
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.27 10:17:00 -
[21]
Edited by: Florestan Bronstein on 27/03/2011 10:17:38
Originally by: Othran
Sreegs said several hundred in the presentation and then at another point mentioned RoidReaver and 1000. Can't remember whether it was in response to a question on forums or live.
there are some complaints on the (public) forums of a popular mining bot with a name that is similar to RoidReaver but the whole thread is only about 30 posts with about 5-10 people complaining about having some of their accounts banned.
Interestingly enough the bot author announces that he has "been given a general sense of the detection routines currently used" by his "source".
(never heard of a bot called "RoidReaver" so either it's some obscure mining bot or CCP just uses it as a generic name so as not to advertise specific bots)
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.29 08:00:00 -
[22]
Originally by: Widemouth Deepthroat
Originally by: Nikita Keriget
Sreegs, I noticed in the presentation you mentioned the focus on programs that mess with the Eve client - does that include bots that use OCR to read the screen and emit mouse/keyboard input, or only ones that hack the process directly? (Please be both!)
Oh, and keep up the good work. I've been wanting two-factor authentication and a crackdown on bots for a while now. You're like my fairy godmother.
Definitely both since the recent bans focused on an OCR bot.
2 different issues.
Speculation is that the recent bans were mainly based on online times - most of the people telling they got banned had bots running on an humanly impossible schedule for extended amounts of time (though not necessarily during the last few days).
Hardening the client is a more long-term project that should shield the client against several methods that bots use (hooking directly into the EVE client, Python injections, maybe reading/manipulating memory contents directly) - as these methods are also likely to be used to discover & make use of exploits this is a good idea, anyways.
From what I understood the focus won't be on detection (CCP already permabans on first-offense if they find out you have tinkered with the client - clever botters make of course sure CCP never receives exception logs, stacktraces, ...) but on prevention.
Like any client-side technique this hardening will ultimately be overcome (e.g. botter doesn't inject directly into the EVE client but into some windows library the EVE client makes use of and works his way from there, manipulates memory from outside the VM, ...) but for some time CCP will certainly be able to get some impressive successes this way.
There is no way to detect OCR/keyboard&mouse macros reliably client-side as they are really easy to run from outside a VM (guess you could forbid EVE to run inside a VM [as most virtualization products make no effort at all to hide themselves from the guest system] and basically install a rootkit on the customer's computer to prevent any unwanted software from running & monitor Win32 API calls typically used by this type of bot - but that would be hugely intrusive and not very practical).
"Hardening" the client against these OCR bots is afaik not really possible if you want the protection to be unobtrusive (no captchas, silly minigames, ...).
So for these types of bots the focus will be more on server-side detection than client-side prevention.
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.29 13:08:00 -
[23]
Edited by: Florestan Bronstein on 29/03/2011 13:08:05
Originally by: Da_Teach
Once your done with that, here's another simple step. Obfuscate your Python code already, but not in the traditional way. Randomize your byte code! Yes, you have the source for both the Python compiles as you do for the Python runtime. Every patch you change this bytecode and RE'ing the python code has become near impossible.
According to information on some forum that has been mentioned earlier in this thread CCP used to do this but abandoned it when migrating to Python 2.5 (this would be summer 2007).
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.29 18:58:00 -
[24]
Originally by: dexington
They can ban all accounts connected to the running the bots, i can't see how it's humanly possible for them to do more.
there's a difference between "can" and "do".
What could they do more? they could for example exclude characters that have been flagged for botting from being sold on the character bazaar.
Of course some people would still their character on 3rd party websites for RL cash or ISK but there's no reason to make it that easy for them as it currently is.
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.03.30 17:56:00 -
[25]
Edited by: Florestan Bronstein on 30/03/2011 17:59:54
you won't get a comprehensive whitelist as much software is ok when used to do one thing and not ok when used to do sth else or used in a different context - usually my G15 is perfectly fine to use with EVE but there are ways to use my G15 that the GM staff wouldn't agree with.
You can use ISBoxer just to duplicate keystrokes across clients - but you also can use it to construct fairly potent macro bots (not 100% sure for EVE but I know that ISBoxer has some amazing support for WoW).
It's less about what software you use but what you use it for and for that EULA + commonsense is the best guide (and with the commonsense added in it's a guide that contains no loopholes  ).
|
Florestan Bronstein
Amarr
Taishi Combine
|
Posted - 2011.04.03 09:05:00 -
[26]
Edited by: Florestan Bronstein on 03/04/2011 09:09:38
Originally by: Xylengra
Originally by: Chesty McJubblies
As stated ... they said they banned up to 1000 accounts. So it was probably more like 14 accounts.
This, and even that grain of salt rubs the wrong way.
Since when did we all just fall down and start accepting whatever word comes out of whatever dev as gospel? A quick review of the integrity of CCP pronouncements might be in order for the true believers.
well, reading other forums it seems obvious that CCP has been handing out 14 day bans to quite a few detected botters (who try to overwhelm CCP customer support by disputing every single temp ban via petition in return).
The problem is that training a Hulk-ready character is very cheap (using promotions like power of 2 and/or the buddy program and paying with PLEX) compared to the ISK income that a mining bot can generate per month. The time to break even for running a mining bot seems to be very short - and CCP has to detect & ban these bots faster than they break even.
Also CCP explicitly allows you to open new accounts if your old ones have received permabans.
|
Florestan Bronstein
Element 115.
Test Alliance Please Ignore
|
Posted - 2011.04.06 07:13:00 -
[27]
Edited by: Florestan Bronstein on 06/04/2011 07:17:01
Originally by: GregorClegane
1. Could you confirm that you are aware of what a widespread bot maker said? It may help your team.
said bot maker may know his way around the "process injection"-type of bots but most of the stuff he suggests to combat python injection is either already done & circumvented (python call stacks being sent to CCP), has been done in the past and was not successful (bytecode randomization) and/or is already theorized about on publicdemands (and thus not a new idea).
Instead of asking CCP for a job with ideas that are not new at all, he should go back to hacking Rift
edit: I also think he may underestimate how much of the EVE client relies on Python and how much is c++.
|
Florestan Bronstein
Test Alliance Please Ignore
|
Posted - 2011.04.06 11:24:00 -
[28]
Edited by: Florestan Bronstein on 06/04/2011 11:25:51
Originally by: CCP Sreegs
To add to this most of the botmakers, to my experience, are abject liars who wish only to keep making money from their product and frequently sell each other out in order to increase their own personal profits. I've seen some of them log chat channels and I've seen others steal from wallets. These aren't nice dudes. They're not ROBIN HOOD HACKERS just out to help the little guy or MAKE INFORMATION FREE MAAAAAAAAAN. They're in essence, malcode authors trying to make a living selling a product. Once you stop paying for that product they really don't care what happens to you, despite the attempts of some to offer "free" levels of their products or posture otherwise. You're a cash machine, not a brosef or a partner.
very bad example as the hacker GregorClegane referred to appears to be pretty much the opposite to what you describe.
read his forums and you'll see he is getting flamed by his own users for providing his bot (along with the code containing the bot logic) free of charge - the perception being that a "for pay" bot is safer as its user base is more limited and it can stay low-profile for far longer than a fairly potent bot that is provided free of charge.
read his blog and you will find a very valuable resource on reverse-engineering techniques in general - my impression is that his motives are neither commercial nor some strange conception of freedom (and tbh looking at the availability of decompiled EVE client code CCP is already pretty good at making information free) but just the joy of working your way through intellectual challenges.
My only serious endeavor in that direction so far has been to modify part of an obfuscated java program and, man, the thrill when you have worked your way through the obfuscation, did finally "get" the program logic, have realized that all you need is change just a few bytecodes in the right places in your hex editor and see your modifications working for the first time... that's just amazing.
It's the pvp of programming so to speak, not really comparable to just writing your own stuff.
nice to see we're back to scare-mongering, though 
|
Florestan Bronstein
|
Posted - 2011.04.24 08:00:00 -
[29]
Originally by: riverini
Originally by: Opertone
ban their Device ID, serial numbers... permanently
I guess u mean local MAC address? if so I approve! armchair hackers, please name countermeasures and how hard could they be?
sudo ifconfig eth0 hw ether 01:02:03:04:05:06
|
| |
|