Pages: 1 [2] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
zuckas
|
Posted - 2011.03.16 05:24:00 -
[31]
Originally by: Cipher Jones
Originally by: zuckas Full api is my buisness.
People i trust get my limited api.
My parents dont get my financial transactions in real life, why in a game like eve would i trust anyone to complete and full disclosure?
If a corp needs your full api, then dont join that corp its headed by controll freaks who are paranoid of everyone and you will just be a grunt forever with no say in anything and they will never trust you ever anyways.
For a company in real life to hire me they dont ask to see my finacial information and all my personal mail and e-mail... why the hell would in eve a game, people need to know that stuff about your character? unless they are paranoid control freaks.
Dont give out your full api...
You don't work in a 1st world country then, because you would have to give up your SS# or the equivalent to get a job.
You are right, the company that i provided my SS number to has full access to all my e-mail, and finacial transactions. They can type that number in and see if i purchased milk this week, or transfered some cash to a friend...
Dumbass
|
Lexa Hellfury
Stimulus Rote Kapelle
|
Posted - 2011.03.16 05:38:00 -
[32]
Originally by: Helicity Boson But generally speaking; unless you truly have something to hide, your full api key is mostly harmless.
This. --------------------------------------------------------------------
|
Kogh Ayon
|
Posted - 2011.03.16 05:42:00 -
[33]
Originally by: zuckas
Originally by: Cipher Jones
Originally by: zuckas Full api is my buisness.
People i trust get my limited api.
My parents dont get my financial transactions in real life, why in a game like eve would i trust anyone to complete and full disclosure?
If a corp needs your full api, then dont join that corp its headed by controll freaks who are paranoid of everyone and you will just be a grunt forever with no say in anything and they will never trust you ever anyways.
For a company in real life to hire me they dont ask to see my finacial information and all my personal mail and e-mail... why the hell would in eve a game, people need to know that stuff about your character? unless they are paranoid control freaks.
Dont give out your full api...
You don't work in a 1st world country then, because you would have to give up your SS# or the equivalent to get a job.
You are right, the company that i provided my SS number to has full access to all my e-mail, and finacial transactions. They can type that number in and see if i purchased milk this week, or transfered some cash to a friend...
Dumbass
What if they found I bought too many milk?
|
Abdiel Kavash
Caldari Paladin Order Fidelas Constans
|
Posted - 2011.03.16 06:48:00 -
[34]
Because surely every recruiter needs your full API to steal your market secrets and read your love letter mails. Surely they wouldn't be interested in anything as trivial as whether you have received a large donation from an enemy alliance or whether the three thousand kills in a Rifter you brag about are real.
The only full API I would have concerns about is a CEO/director API, as it lists all the corporation assets, including POSes in space and their defenses.
Other than that, the only reason for not willing to give your API to a moderately trusted person (surely if you wouldn't trust them you wouldn't join their corp) is that you have something to hide. In that case, feel free to stay in an NPC corp. I'm not willing to risk letting an enemy spy in just because you are a douchebag. ---
Originally by: Sporked EVE IS DYING RUN TO THE HILLS! WE MIGHT HAVE TO ENGAGE WITH OTHER PEOPLE IN THIS MMO! THEY MIGHT SHOOT AT US WHILE WE ARE BUSY HOLDING HANDS AND FROLICKING! AAAAAAAAAAAAAAA
|
Cyaxares II
|
Posted - 2011.03.16 09:10:00 -
[35]
Edited by: Cyaxares II on 16/03/2011 09:16:30
Originally by: Abdiel Kavash Because surely every recruiter needs your full API to steal your market secrets and read your love letter mails. Surely they wouldn't be interested in anything as trivial as whether you have received a large donation from an enemy alliance or whether the three thousand kills in a Rifter you brag about are real.
If you have sth serious to hide you will take care to separate accounts anyways and if you absolutely have to transfer cash or assets do it in a way that does not show up in the API records (secure containers, dividend payments, private contracts, fake scams/lucky trades, using 3rd party services, ... there are enough ways to launder ISK/assets that a recruiter most likely won't notice and that have plausible explanations when discovered). The EVE metagame is one in which spies rent VPN access to keep their IPs on different forums (or voicecomms) clearly separated. Someone having a large donation from an enemy corp in his wallet record is more likely to be innocent than a (laughably incompetent) spy.
(Actually it would be fun to follow the open recruitment forums of hostile alliances and send promising applicants some medium-sized donations )
If I were to join a new corp today I would ask the recruiter not to check my evemails (as they contain private RL information and I won't delete them prior to an API check) - if I find out he did check them (I am probably the only person who takes a look at his API access logs every now and then to make sure nothing dodgy is going on, lol) it's "bye, bye corp" (and in that case I would probably feel justified to betray any trust that corp might have placed in me the same way he betrayed my trust).
In my personal opinion any information below FC/director level will be compromised and effectively public anyways - no matter the precautions you take and the checks you implement.
On FC/director level people have usually invested such an amount of time and effort in your corp/alliance that a disgruntled vet is a much more likely source of damage than a hostile spy that was planted in your corp in order to infiltrate it.
|
Sentient Blade
|
Posted - 2011.03.16 09:50:00 -
[36]
Edited by: Sentient Blade on 16/03/2011 09:50:43 So far as I am concerned a persons full API key should never be used by any human other than the original player.
This of course allows exceptions for trusted websites which deal with the full API and have strict policies on which information is extracted and displayed.
But other players can be, and often are, malicious in nature. A person only needs the full key for 30 seconds for them to be able to download a list of anything and everything you have in the game and once it's been downloaded you can't ask for it back.
CCP also doesn't appear to have any code of conduct regarding out-of-client meta-gaming, even when it deals with account-specific authentication.
Hopefully CCP will introduce some middle ground in its new API system.
|
El'Niaga
Minmatar Republic Military School
|
Posted - 2011.03.16 10:10:00 -
[37]
There is not danger in giving out your full api unless as stated you are the CEO or Director of a corp as it would also compromise corp assets.
Killboards require a full api from a director or ceo in order to pull kills from the corp properly. Changing the api after this will cause auto pull of kills to fail.
As for in the application process the Full API can serve in the same stead as many common searches for people in real life.
It is common to pull financial records today (most major companies pull your financial history today and you usually give them permission if you don't read those applications carefully), check a persons background (including searches for their name on facebook, myspace and other social sites which can reveal associations they did not disclose..incidentally claiming to be married/single on your app and having something else on your social profile can cost you a job), criminal records check (yes those evemails from your victims are about the same since there is no real legal system in EVE, sometimes you are aware they pull these and sometimes not but it is not uncommon), etc. All are common practices utilized to protect corporations in real life, its just taken EVE a few years to catch up.
|
ArtieLange
|
Posted - 2011.03.16 10:13:00 -
[38]
Originally by: Sentient Blade Edited by: Sentient Blade on 16/03/2011 09:50:43 So far as I am concerned a persons full API key should never be used by any human other than the original player.
This of course allows exceptions for trusted websites which deal with the full API and have strict policies on which information is extracted and displayed.
But other players can be, and often are, malicious in nature. A person only needs the full key for 30 seconds for them to be able to download a list of anything and everything you have in the game
Because when a website says it can be trusted, and has strict policies, it's guaranteed to be so.
And having a list of your stuff, well, that lets people steal said stuff through some slash command, presumably.
A full api stops the lazy spies, or just people with chars in other corps, aligned or not.
The hardcore ****s will be hard, if not impossible, to track down. But still, full api can weed out a lot of them.
|
Val'Dore
Word Bearers of Chaos Word of Chaos Undivided
|
Posted - 2011.03.16 10:24:00 -
[39]
Nobody that will actually do any damage will EVER be discovered via full API. That said, Chaos does not require APIs at all.
~No matter what happens, somebody will find a way to take it too seriously.~
Tiericide |
Noun Verber
Gallente
|
Posted - 2011.03.16 10:34:00 -
[40]
Originally by: Val'Dore Nobody that will actually do any damage will EVER be discovered via full API. That said, Chaos does not require APIs at all.
Counterpoint: PoS locations are listed
You just gave them the exact spot to attack, what the loot is and how hard it will be to get.
__________ A note on voting for CSM 6: Do not vote for someone just because they named issues that you support, instead try to gauge the thinking behind them and try to vote for someone who w |
|
Sentient Blade
|
Posted - 2011.03.16 13:35:00 -
[41]
Originally by: ArtieLange Because when a website says it can be trusted, and has strict policies, it's guaranteed to be so.
Something like Battleclinic is not going to abuse API logins otherwise they would immediately find themselves on the receiving end of a hundred thousand changed keys and a complete loss of one of their most prized features.
Unlike in EvE, they can't just create a new profile and start again.
|
Cipher Jones
Minmatar
|
Posted - 2011.03.16 16:32:00 -
[42]
Originally by: zuckas
Originally by: Cipher Jones
Originally by: zuckas Full api is my buisness.
People i trust get my limited api.
My parents dont get my financial transactions in real life, why in a game like eve would i trust anyone to complete and full disclosure?
If a corp needs your full api, then dont join that corp its headed by controll freaks who are paranoid of everyone and you will just be a grunt forever with no say in anything and they will never trust you ever anyways.
For a company in real life to hire me they dont ask to see my finacial information and all my personal mail and e-mail... why the hell would in eve a game, people need to know that stuff about your character? unless they are paranoid control freaks.
Dont give out your full api...
You don't work in a 1st world country then, because you would have to give up your SS# or the equivalent to get a job.
You are right, the company that i provided my SS number to has full access to all my e-mail, and finacial transactions. They can type that number in and see if i purchased milk this week, or transfered some cash to a friend...
Dumbass
They can. I know I certainly can. If they do or not is up to them. .
|
Impact1983
Merchants Exports Rising Phoenix Syndicate
|
Posted - 2011.03.16 17:18:00 -
[43]
Originally by: Cipher Jones
Originally by: zuckas
Originally by: Cipher Jones
Originally by: zuckas Full api is my buisness.
People i trust get my limited api.
My parents dont get my financial transactions in real life, why in a game like eve would i trust anyone to complete and full disclosure?
If a corp needs your full api, then dont join that corp its headed by controll freaks who are paranoid of everyone and you will just be a grunt forever with no say in anything and they will never trust you ever anyways.
For a company in real life to hire me they dont ask to see my finacial information and all my personal mail and e-mail... why the hell would in eve a game, people need to know that stuff about your character? unless they are paranoid control freaks.
Dont give out your full api...
You don't work in a 1st world country then, because you would have to give up your SS# or the equivalent to get a job.
You are right, the company that i provided my SS number to has full access to all my e-mail, and finacial transactions. They can type that number in and see if i purchased milk this week, or transfered some cash to a friend...
Dumbass
They can. I know I certainly can. If they do or not is up to them.
With direct deposit a company has the ability to add and withdraw funds from the account. So SS gives them the ability to pull your credit scores and the deposit the ability to see how much is in your account; so yea they can keep an eye on you if they wanted.
Also with background companies they can dig up more info on a person and the company asking, paying, just has to say they have had you signed the right for them to dig into your financial history. Only way to call them out on it is to sue and that isn't practical.
Also I am more worried about the US companies taking out life insurance policies on their workers and naming the company as the beneficiaries than them snooping into my financials. Nothing says we are out to get you like putting a policy on your head and trying to work you to death, also explains the dangerous clients and places they try to send you.
|
Val'Dore
Word Bearers of Chaos Word of Chaos Undivided
|
Posted - 2011.03.16 18:46:00 -
[44]
Originally by: Noun Verber
Originally by: Val'Dore Nobody that will actually do any damage will EVER be discovered via full API. That said, Chaos does not require APIs at all.
Counterpoint: PoS locations are listed
You just gave them the exact spot to attack, what the loot is and how hard it will be to get.
I was talking about the practice of corps requiring a full API for recruitment. Nobody that is actually a threat will be discovered that way.
~No matter what happens, somebody will find a way to take it too seriously.~
Tiericide |
|
|
|
Pages: 1 [2] :: one page |
First page | Previous page | Next page | Last page |