| Pages: 1 2 3 [4] 5 6 7 8 9 :: one page |
| Author |
Thread Statistics | Show CCP posts - 1 post(s) |
Zaphod Jones
Celtic Anarchy
   |
Posted - 2006.08.15 10:30:00 -
[91]
So have ISSN stopped using it as well now ?
pics of Eris without her pink bits
Sig Removed. Please keep it within the 400*120 pixel and 24000 byte limit. -ReverendM ([email protected]) |
Mason Sledge
Caldari
Caldari Provisions
|
Posted - 2006.08.15 10:34:00 -
[92]
Add these options:
Would you like to remain hidden in Local Chat? [_]YES [_]NO
Would you like to announce you entering/departure of a system? [_]YES [_]NO
Problem solved.
|
nahtoh
Caldari
Bull Industries
|
Posted - 2006.08.15 10:52:00 -
[93]
 Originally by: Sovy Kurosei
Edited by: Sovy Kurosei on 15/08/2006 10:20:19
Originally by: FireFoxx80
If you put unmodified images in (the way Eve intended), then I can't see a problem.
Alright, lets say I log onto Eve then, but the portraits I used are two weeks old. It does a cache check on my portraits but finds that a portrait on my client does not match with the one on the server? Why? Because the user changed his portrait during the two week wait. I get permabanned.
What if I did use an unmodified image of an angry Brutor lacking Aviators with a red background but have him copy & pasted on avatar IDs that are my known enemy?
Actually, that is a very good question. What do you do when a user changes his portrait? What if the portrait incorrectly renders on my end or gets corrupted somehow? Tough cookies, you're permabanned because we cannot risk the thought of having somebody tampering with their cache for whatever reason, benign or malign?
Nope, you guys just wanna ban, ban, ban. 
Good game.
Whats the chances of you running into a number of people in the same corp/allaince that have changed their portrait?
Why would GMs not check to see if a portrait change had taken place with that onecharacter beore the banstick is used?
=========
"I am not saying there should be capital punishment for stupidity, but why can`t we just take the safety labels off everything and let the problem fix its self |
Zaphod Jones
Celtic Anarchy
|
Posted - 2006.08.15 11:05:00 -
[94]
direct quotes from ISSN
"The Portrait Cache is love and will help you pwn your enemies with 100% more pwnage and jobbie."
"I did not come up with this idea myself. ISSN cribbed it from Goonfleet and Goonwaffe, the biggest corp / two corps in the game. They live in Syndicate and have collected a gazillion character numbers (ok, 3100) to put on their list. "
So are ISSN still using this tool ?
|
FireFoxx80
Caldari
E X O D U S
Imperial Republic Of the North
|
Posted - 2006.08.15 11:23:00 -
[95]
So if GS and ISSN are using it, can we see two major alliances (well, 2 alliances and a corporation) slapped on the wrist? Or are CCP just going to allow every web developer who has a brain to go off and create their own version, due to the seeming inaction to do anything about this EULA breaching act?
I mean, there is no way of tracing it (yes, I can see corruption and backsup issues here), but there are now 4 pages and several threads discussing just how it is done.
|
Matthew
Caldari
BloodStar Technologies
|
Posted - 2006.08.15 11:33:00 -
[96]
Originally by: Inanna Sumer
Originally by: Dark Shikari
Better yet, have the header code be a salted hash of 10 specific pixels from the image. Then it would be impossible to fake.
Due to some wonderful bugs on some systems, portraits are not always rendered exactly as intended (for example my laptop at work doesn't display hair for asian bloodlines characters) so this would hardly be a foolproof method of detection.
This is the main problem with checking of portraits, as I understand it. They are not just an image file downloaded from the server. Instead, the server sends you the "pose" data for the character (hair type, eye colour, angle of eyes etc), and your client then uses that to render you an image. It's probably done this way because the pose information is smaller than the images themselves, which helps bandwidth and server storage space. Unfortunately, this means that there is no guarantee that two PC's will generate the exact same portrait image, due to differences in the way different hardware performs the render. Hence any sort of hashing on the rendered images is going to be useless for verification.
Either they'd have to move to making the rendered portraits stored and sent server-side, or they need to find a way to encrypt the cache.
-------
There is no magic Wand of Fixing, and it is not powered by forum whines. |
Vargrh
Gallente
Stupid People Always Need Killing
|
Posted - 2006.08.15 11:37:00 -
[97]
So what is being said? Any large alliance can carte blanch exploit as they please as CCP wouldnt ban 2000+ players knowing its $$$$$$ flow would be hit?
Goonfleet cheat and exploit, duh, wasnt that the whole point of their origin via something awful. They're here purely to do so.
|
Tachy
|
Posted - 2006.08.15 11:42:00 -
[98]
ccp has currently no way to check the portraits and obviously doesn't even warn or ban people found posting client screenshots with changed portraits.
This discussion is moot.
--*=*=*--
Even with nougat, you can have a perfect moment. |
Avon
Caldari
Black Nova Corp
Band of Brothers
|
Posted - 2006.08.15 11:44:00 -
[99]
Originally by: Matthew
Either they'd have to move to making the rendered portraits stored and sent server-side, or they need to find a way to encrypt the cache.
Or just cache the pose data, or store the rendered image in a custom format which includes digital watermarking.
The Battleships is not and should not be a solo pwnmobile - Oveur
|
Zaphod Jones
Celtic Anarchy
|
Posted - 2006.08.15 11:45:00 -
[100]
IF YOU FIND A NEW HOSTILE, please add them to your address book so you can keep track of them so you can add them to the cache later.
Q4. This is stupid, there aren't any icons for most of the people in my address book.
A4. I only had about 150 hostiles in my address book. All of them have been added to the cache. Gaul has 500 in his address book, so he's probably not impressed. The reason this tool shines is that if one ISSN has caught a hostile's name, everyone that synchs against the cache will be updated almost immediately.
|
Zaphod Jones
Celtic Anarchy
|
Posted - 2006.08.15 11:45:00 -
[101]
Edited by: Zaphod Jones on 15/08/2006 11:46:57
ISSN certainly did use this a while ago, if they use it still, I don't know.
I'm waiting for some feedback from them on this thread,
For the devs, this is how it was done with URLs and file names removed so that it cant be done again.
One. Download and install Python 2.4. Get it from this link: http://www.python.org/ftp/python/2.4.3/python-2.4.3.msi
Two. Make sure that c:\python24\python.exe is in your path. Right click on My Computer, hit Properties. Click the Advanced tab, then click on the Environment Variables button toward the bottom. Under System Variables, find Path, click on it to highlight it, and click Edit. Put the string:
C:\Python24\;
At the front of your path (not deleting what you already have in it) and press OK. Press OK to close out of the Environment Variables window, then press OK again to close out of the Properties window.
Three. Download and install the tool. Get it from URL Removed. Unzip the contents of this folder into the C:\Program Files\CCP\EVE\cache\Pictures\Portraits directory, assuming you installed EVE in the default location. (Make sure that you unzip the files directly into that directory rather than unzip them into a folder.)
Four. Run the update program. Run Filename removed in your Portraits directory to run the update program. It should run for less than 30 seconds. Update your portrait cache each time you run EVE to ensure that you have the latest portraits, because war intelligence will be integrated into the portrait cache.
Q3. I see a hostile that doesn't have an icon! How do I make sure you add them to the cache?
A3. It's easy, just follow these steps.
One: Open EVE and Notepad.
Two: Open a file manager window to the C:\Program Files\CCP\EVE\cache\Pictures\Portraits folder. Select to view the contents of that directory as a list. Sort the contents of that folder by date descending (so you always see the newest files on top of the list).
Three: Back in EVE, hit the ESC key and go to the Graphics tab. Under Portraits, click the option by "Generate Portraits when Clicked".
Four: Here's the fun part. Open your address book (which presumably has a huge long list of hostiles). Right-click on a hostile and hit "Show Info". Verify that the player in question is actually in a hostile corp. If he is, go back to your file manager window in the Portraits directory. Hit the F5 key to refresh the directory listing. After a few seconds, you should have two new files in this directory:
<characterNumber>_256
<characterNumber>_64
These should both be at the top of the directory -- this is because they were just generated by your EVE client.
Note: the <characterNumber>_128 pictures are created by address book notifications. You don't want to get these.
Five: Copy the Character Number (everything leading up to the _256 or the _64) and paste it in Notepad. Beside this number, put the corp ticker and the character name like this:
123412341 ISSN (Jacob Majestic)
Be sure to mention with each corp ticker whether that corp is Friendly, Neutral, or Hostile.
Six: Repeat this for everyone in your address book. It will only take 30 minutes or so to do 100 names, so even if you have a lot of people in your address book it won't take very long.
Seven: Once you're done, post the contents of your Notepad to this thread. the person involved constantly trolls the ISSN forums, so they'll see it almost immediately, update the cache, and post that the cache is updated.
Eight: Once the cache is updated, delete the contents of your Portraits directory (except for the Filename removed, UFilename removed, and the two config files) and rerun Filename removed to reupdate your cache. You'll see the new entries show up immediately.
Nine: Delete all the hostiles in your address book, cause you don't want them lagging you anymore.
|
Vargrh
Gallente
Stupid People Always Need Killing
|
Posted - 2006.08.15 11:47:00 -
[102]
Edited by: Vargrh on 15/08/2006 11:47:21
Originally by: FireFoxx80
It's not an exploit to take CCP byproducts and do with them what you wish. By this I mean the contents of the cache folder. Looking at the code itself or in any other location is a no-no.
Putting content into these folders however, in an attempt to modify how the game references these byproducts, is an exploit. As the goon thing of editing character portraits.
That's how I interpret it.
Obviously IMHO CCP have dug themselves this hole as people have been asking for overview/standing indications in the chat channels for months now.
Thats all very well if its implemented via a patch so its accessible to everyone in game equally. For example where you could asign coloured tabs to each person in your address book for a quick 'friends, enemies' list etc. The problem stems from people making these things and only distributing them within one alliance, giving people an unfair advantage in game based on running something out of game. To be honest the current 'risk' of being caught by hostiles or catching hostiles in a new system adds to the spice of the game, if we had sa***uard after sa***uard telling everyone where all other pilots are and who they are, it would weaken pvp encounters and be a bad thing. I like the idea of having 0.4 systems and below not showing who is in local unless they are in your corp or alliance. you can only see people in local outside of high sec empire who are in a relationship to your character via corp/alliance. This would improve pvp significantly. 
|
K Shara
Caldari
Contraband Inc.
Mercenary Coalition
|
Posted - 2006.08.15 12:15:00 -
[103]
basically what he said
Thing is guys, if we dont let the powers that be know that we are unhappy with this issue then it wont get fixed.
There are a few fixes that are possible including checksums and encrypted files etc
However teh best would be a short term fix that prevents the use of this exploit until they can fix it. Release a client micro patch that blocks the display of portraits. so everyone is blank. and even cached portraits wont work.
|
Itzena
Amarr
OtakuDyne Corporation
|
Posted - 2006.08.15 12:25:00 -
[104]
Edited by: Itzena on 15/08/2006 12:24:58
The problem for the 'zomg banz0r it!!' crowd: If CCP starts tracking client modification like you demand, all it will do is shift the actual identification from a client mod to a third party 'packet sniffer' mod...which are very difficult to track outside of CCP adding spyware to the game.
--
I want my people to reclaim their rightful place in the galaxy... I want a rebirth of glory, a renaissance of power...
I want us to be what we used to be. |
Dukath
|
Posted - 2006.08.15 12:30:00 -
[105]
This is yet another excellent reason why local should be changed from a free overpowered intel system to a chat only system where you are announced only when you talk.
|
TheBelgarion
Caldari
Kinetic Vector
Freelancer Alliance
|
Posted - 2006.08.15 12:44:00 -
[106]
Originally by: Dukath
This is yet another excellent reason why local should be changed from a free overpowered intel system to a chat only system where you are announced only when you talk.
as said be4 it all depends on which side you are ...
it definitly works for the pirates ...
as it works against any body else mining,ratting whatever and its not only about jumping in through a gate .. same applies for login/logoff in system ... so even watching gate doesnt work too much ...
so removing local ... priates can just jump into a system .. using a covo to sneak on miners .. and than jump the rest off the fleet onto em ...
NO BALANCED !!
|
Antetma
University of Caille
|
Posted - 2006.08.15 12:56:00 -
[107]
I'd imagine if the goons are using something like this, and CCP decides to punish them for it, then you could always just do the addressbook trick.
You can add everyone in your alliance or friendly to your alliance to your addressbook, allowing you to notice if local is friendly or not in 0.0 space. I'm pretty sure BoB does something like this.
However, this would fall under the insta category, as in using an in game mechanic for something completely outside its purpose and tying up the server way more (imagine 3000 players each adding 3000 players to their addressbook and having the server check that all the time for each person).
As much as it sounds like a cheat, I think something that changes the portraits is a pretty good idea, assuming it's entirely client side. However, CCP should offer something like this to everyone so that it's fair.
|
Omegamale
|
Posted - 2006.08.15 12:57:00 -
[108]
How about info in the top left of the screen which would update live when people jumped in, showing number of people in system,
Make local only show which char it is when they speak/type?
|
Dark Shikari
Caldari
Imperium Technologies
Firmus Ixion
|
Posted - 2006.08.15 12:58:00 -
[109]
Edited by: Dark Shikari on 15/08/2006 12:57:51
Originally by: Inanna Sumer
Originally by: Dark Shikari
Better yet, have the header code be a salted hash of 10 specific pixels from the image. Then it would be impossible to fake.
Due to some wonderful bugs on some systems, portraits are not always rendered exactly as intended (for example my laptop at work doesn't display hair for asian bloodlines characters) so this would hardly be a foolproof method of detection.
That has nothing to do with it.
It would be a hash of 10 pixels *after the computer has rendered them*.
The purpose of the hash would not be to ensure the image is exactly how it should be, but to prevent people from creating their own images. That's why its a SALTED hash, where nobody outside of CCP knows the salt.
--[23] Member--
Originally by: DB Preacher
The only time BoB's backs are to the wall is when Backdoor Bandit is in local.
|
Matthew
Caldari
BloodStar Technologies
|
Posted - 2006.08.15 13:21:00 -
[110]
Originally by: Avon
Originally by: Matthew
Either they'd have to move to making the rendered portraits stored and sent server-side, or they need to find a way to encrypt the cache.
Or just cache the pose data, or store the rendered image in a custom format which includes digital watermarking.
If you cached the pose data rather than the image, you would then have to re-render the portrait. Go to jita, clear your cache, and try generating every portrait in local. See why this is a bad idea.
Watermarking the image could work though.
Originally by: Dark Shikari
That has nothing to do with it.
It would be a hash of 10 pixels *after the computer has rendered them*.
The purpose of the hash would not be to ensure the image is exactly how it should be, but to prevent people from creating their own images. That's why its a SALTED hash, where nobody outside of CCP knows the salt.
I'm not entirely familiar with the properties of a salted hash. Are you suggesting that instead of checking "Is this the correct image for this char?", you instead check "Is this an Eve Character portrait?". The question then is how similar a hacked image would need to be to get through such a check. If it's flexible enough to tolerate mis-rendered hair, would it then also miss a small icon inserted in the top left corner?
Would probably be enough to stop the current goon's full-pic replacement though.
-------
There is no magic Wand of Fixing, and it is not powered by forum whines. |
Vargrh
Gallente
Stupid People Always Need Killing
|
Posted - 2006.08.15 13:32:00 -
[111]
Originally by: TheBelgarion
Originally by: Dukath
This is yet another excellent reason why local should be changed from a free overpowered intel system to a chat only system where you are announced only when you talk.
as said be4 it all depends on which side you are ...
it definitly works for the pirates ...
as it works against any body else mining,ratting whatever and its not only about jumping in through a gate .. same applies for login/logoff in system ... so even watching gate doesnt work too much ...
so removing local ... priates can just jump into a system .. using a covo to sneak on miners .. and than jump the rest off the fleet onto em ...
NO BALANCED !!
Again, if you have a mining op in local, why not have a scout that checks for incoming hostiles.... the reason. GREED. I've seen 10 barges mining in a 0.1 with 1 bs for defence before, which warped out when a cruiser engaged it, leaving the barges to be killed. 2 or 3 ships in defence and less mining would have resulted in a differant outcome. There is balance, its just peoples own greed to maximise isk profits as fast as possible negates it.
|
Alex Harumichi
Gallente
Gradient
Namtz'aar k'in
|
Posted - 2006.08.15 13:44:00 -
[112]
Originally by: Matthew
This is the main problem with checking of portraits, as I understand it. They are not just an image file downloaded from the server. Instead, the server sends you the "pose" data for the character (hair type, eye colour, angle of eyes etc), and your client then uses that to render you an image. It's probably done this way because the pose information is smaller than the images themselves, which helps bandwidth and server storage space. Unfortunately, this means that there is no guarantee that two PC's will generate the exact same portrait image, due to differences in the way different hardware performs the render. Hence any sort of hashing on the rendered images is going to be useless for verification.
Either they'd have to move to making the rendered portraits stored and sent server-side, or they need to find a way to encrypt the cache.
I don't really see this as being too difficult, technically. Have the each client digitally sign (watermark) the portraits with a client-specific key (generated at install time, or something). When it loads the portraits from disk, check that the watermark matches. If not, quietly send report to CCP. Pretty simple, and not that trivial to get around, assuming the watermark is hidden in some spare bits here and there.
Someone using a cheat tool like the ones described will generate a *lot* of reports, and makes banning people very, very easy. Give them a bit of rope to hang themselves with, and then permaban the whole alliance, if needs be. It that's what it takes to make people not cheat, fine. I think EVE can get along just fine without the Goons and ISSN, and I think most people want to pvp versus people who don't win by cheating.
|
FireFoxx80
Caldari
E X O D U S
Imperial Republic Of the North
|
Posted - 2006.08.15 13:54:00 -
[113]
Ok, playing devil's advocate here for a moment, and speculating if someone were to make such a tool public (and indeed open source):
If there was a central server, which people could register with using the IGB (currently the only method to link Character IDs to Corporation/Alliance).
Then a simple client which modified (note, not replace) the portrait images to have a red/white/blue banner, based upon standings defined by each corporation.
Only to be as granular as Alliance-vs-Alliance standings.
Would people still use it? Despite it being against EULA?
|
Halafian
Eve University
|
Posted - 2006.08.15 14:27:00 -
[114]
If they can't enforce this, they should just offer the functionality to everyone. Honestly that'd be better anyway, since the current mechanisms are kludgy, slow, and stupid. There's no skill or anything interesting involved. The Goonfleet solution is a better solution for the game in general. Either enforce the rule or make it a general feature, which would be my preference.
|
Dark Shikari
Caldari
Imperium Technologies
Firmus Ixion
|
Posted - 2006.08.15 14:30:00 -
[115]
Originally by: Matthew
I'm not entirely familiar with the properties of a salted hash. Are you suggesting that instead of checking "Is this the correct image for this char?", you instead check "Is this an Eve Character portrait?". The question then is how similar a hacked image would need to be to get through such a check. If it's flexible enough to tolerate mis-rendered hair, would it then also miss a small icon inserted in the top left corner?
What happens is that the EVE client hashes the image itself (not the header that's being written to). It uses a salt added to the hash, which means that one cannot reproduce the hash unless one knows the salt. This is a very common practice to prevent people from using pre-calculated tables to ***** hashed passwords.
Thus, no image can be used in EVE except one that was processed by the EVE client in this manner. The processing itself would be extremely fast, and would hardly use any processor power.
--[23] Member--
Originally by: DB Preacher
The only time BoB's backs are to the wall is when Backdoor Bandit is in local.
|
Maya Rkell
Sebiestor tribe
|
Posted - 2006.08.15 15:20:00 -
[116]
Aeina Caeraen, not at all.
I'm perfectly happy to allow, and there are very few implications, of a program scanning inside its own directory, which is all that would be needed to check against this sort of hack. And you can work on image hashes, which is far quicker.
Wild Rho, because logging and vanishing is RP-friendly! Oh wait, it's not, it's a way for people to have a life AND play Eve!
FireFoxx80, yea, the IGB thing IS fine. I know of at least one corp who had a IGB system which could check corp names/tickers against a standings database. And they checked with the GM's on it.
Sovy Kurosei, ONE picture, or even a few? np. ALL of them, or a deacent and persistant percentage across several server-forced cache clearences? There is NO benign reason to "tamper" with their cache itself. Using a deacent (NOT the MD5, that's SO to break) checksumming program solves it.
Mason Sledge, sure. And if you pick "no", then you drop to -10, concord headhunters attack you at random intervals, your picture flashes red in the entire constellation's "local" when anyone NOT using that gets a visual on you, etc...and you're MAYVE to 25% of the disadvantages you'd need on it.
Dukath, this is nothing to do with that, and I'm disgusted that you are using hacks and exploits in order to further your agenda.
|
Sir Juri
Caldari
Federation of Freedom Fighters
|
Posted - 2006.08.15 15:59:00 -
[117]
Everyone using it is a cheater and should be banned, local is allready to good and by cheating your making it freakin' uber. Blah bla all you want about local and try all you want justifying your right to exploit and cheat. You are still a bunch of cheaters. What?, your so lazy you cant bother rightclicking a person's name?
damn need to make a new sig... |
Ghen
Caldari Provisions
|
Posted - 2006.08.15 20:09:00 -
[118]
Well, if the game already generates the portrait images on the client side, instead of whining about people modifying the cached portraits, why not ask for an update to the generation procedure wherein any personal, corp or alliance standings will imprinted on the 64 pixel image for example?
|
Sovy Kurosei
Amarr
Therianthropic Technologies
|
Posted - 2006.08.15 20:13:00 -
[119]
Originally by: Maya Rkell
Sovy Kurosei, ONE picture, or even a few? np. ALL of them, or a deacent and persistant percentage across several server-forced cache clearences?
So there would be no problem if Joe tampers with a couple of them?
Originally by: Maya Rkell
There is NO benign reason to "tamper" with their cache itself.
Sure there is. I'm pretty sure it has gone through some peoples minds just how neat it would be to have their own avatar instead of the silly one that is provided by Eve. Quality of life and that shinazz.
___________________
|
K Shara
Caldari
Contraband Inc.
Mercenary Coalition
|
Posted - 2006.08.15 23:35:00 -
[120]
I wish we could have a nice official post from the powers
the same way they posted about the drone sploit at pos's
|
| |
|
| Pages: 1 2 3 [4] 5 6 7 8 9 :: one page |
| First page | Previous page | Next page | Last page |