Best fix for bots, make them unable to dock, unable to cloak, and attackable by anyone in high sec. Then place a Botter tag on their portrait similar to the current Wanted tag. This would punish botters severely while keeping botter money because you haven't banned their account. Perhaps make a 1 hour timer that would let them dock for 5 minutes every hour or so in order for them to fit a new ship to be blown up.

I'll bite. What is CCP doing about the selling of Bot characters to other bot accounts?

What about my suggestion in the previous thread about adding a bit of text across the profile images of those caught botting. I mean it doesn't have to be permanent, only for the duration of their ban.

So how come the ability to remotely send targetted python code to any connected client is not mentioned/documented anywhere? :P

A few weeks ago I got me a prowler. Sexy ship If i do say so myself. Took it on one of those fancy low sec courier missions. When I got to the station I made myself a safespot for launching.

Sitting there XXXK away from the station was mortifying. Nothing but courier bots to be seen. Names like 39r6yfhebv, oqei7rg-9f8 etc etc. No pirates in the system because the courier bots carry no valuable loot. Level 4 quality 20 agent in lolsec just giving out loyalty points by the zillions to bots. This was not for SOE but I can see why their probe market is crappy these days.

Anyway, on the big thread from the old forums, they had not said much about, or rather said nothing about courier bots. so here are my questions:

1. Is CCP aware of the courier bot situation?
2. Is there a plausible fix for this?
3. Do you think the agent quality changes will help ebb the flow of these bastards?

Thanks.

I would very much prefer to see this thread be used to report on the impact being made by CCP against botting. Basically, just like Ninjaspud's old thread in which he was giving us intel on what the botting community is up to and how much they're squirming to the will of those that want to ban them for good.

Don't know if you ever answered this durring fanfests posts or if it got 'missed' but will we have the option such as blizzard gives to use our Iphones etc rather then give you extra $$ for an authenticator?

Also who punched your avatar Sreegs.. damned.. i can't tell if he has a broken jaw.. or if he's trying to blow rasberry's..

At this point in time all we have planned is physical tokens, but the back-end system is the same so it's not a huge leap to think we may at some point be able to offer this service.

He's trying to look sexy.

As per the topic: Courier bots have been ignored for years. CCP says they are working on catching the people behind the bots, but it's just month after month of empty promises. Mission runners and ratters are just the tip of the ice berg.

Ok, here's a ridiculously better question. Why are courier bots in low sec being rampantly ignored?
Here's an example: http://eve-kill.net/?a=system_detail&sys_id=2560 and some more specific km whoring example http://kb.pleaseignore.com/?a=system_detail&sys_id=2560
(You need to copy and paste the URLs above because it seems somebody broke the url handler for the redirect and html entified the ampersands like a boss).


Having that many haulers being killed in a system is EXTREMELY abnormal. A large chunk is NPC corps and their cargo contains mission items.

I actually like that botter tag across your picture like the most wanted, i think it would be funny.......i still would not mind some looking into if stuff like synergy isbox and pwnboxer are legal to use :)

There's not a whole lot I can respond to with a question like this. I say we're focused on bots and that courier bots are a part of the problem, then you say we're ignoring it. All I can do is say that we're not, though it may take some time for massive results to be evident. I can also say that having haulers killed in a system isn't necessarily an indicator of bot-related activity.

In reply to what is being said in some of the bots/macro forums.

Mostly its people who use these bots saying that threads like these are fail and that we do not understand how they are helping the economics of the game and that eve would fail if the use of bots was stopped.

I'm not sure what the guide lines are for actually mentioning the names of these bots so I will go ahead anyway and I am sure CCP will let me know if it is not allowed :)

Roidripper is no longer available for download.

The last ETA was a few days.

The admin/dev of the program called Daredevil comes across quite confident that nothing that is done will stop bots.

As for the TinyMiners forums, other then people saying how great it is not much on there to be honest.

EvE-Bot forum, again not much being said there either.

The general feel appears to be that CCP does not care about botters and that so long as you find a quiet area you will never be bothered.

What many of these people who use bots do not realise is that they all require you to run eve in a certain way, i.e windowed mode, certain general and graphic settings, having your in game windows configured in a certain way etc etc.

I imagine that all these settings are recorded somewhere and accessible to CCP.

Also I must say I love the idea that if you are caught botting that a overlay will appear on your avatar for the duration of your ban so people will know what a loser you are :)

I has looking at the "hello world" example of eve client code injection, and to me it look like you are deploying the python compiler/parser with the eve client. Is there any reason why you don't deploy you python scripts as intermediate bytecode, and remove the parser/compiler from the deployed version of your python system?

While it's not impossible to write bots in python bytecode it would be a lot more time consuming.

Is there a status update on the "Report Bot" functionality and feedback processes? Has the process been created but the software modifications necessary haven't been made yet? Is the process still being created?

We're not going to come out the gate and shut down every single program on day one. That roidripper was targeted was not an accident. Were my primary business to deliver a product I'd appear confident in it as well. I'm confident we'll solve the problem. v0v

Regarding the economy... I believe that bots have a negative impact on the economy so there it is. Looking for moral equivalency is pretty silly in the face of a big giant EULA they've all agreed to.

I wasn't having a go and I apologise if my post came across that way.

I know how difficult of a job it is to stop these guys and I hope that in the coming months you give these guys a damn good spanking :)

We'll have an official response on that in the next two weeks or so, probably in the form of a blog.

Haulers killed in a system while being ****-fit and carrying mission loot is an indicator. :P Normal haulers tend to be fit properly.

You can also see the same player corps or NPC corps being the only ones being killed. They all use t1 gear as well for the most part. This is a large statistical anomaly you can't deny :P

your logic is seriously flawed....

All I can say about this at the moment is that it's an intriguing idea that has a lot of pros and cons.

How so?

You are assuming that people that are not bots do not fit their haulers stupid, or keep going out of station in a hauler and getting killed. The truth is that people can be very stupid.

I can also say that having haulers killed in a system isn't necessarily an indicator of bot-related activity.

Good stuff :) thats what i like to hear. By the way if they do get banned from being used maybe ccp could incorporate the function of positioning clients in one screen or multiple screens in a certain grid like these programs do thats the most usefull function for them in my opinion.

How so?

Screegs --

Would you be able to elaborate on your views of the cons of the bot flagging of profile images?

Not right this moment but I'll be happy to have the discussion at a later date.

Wouldn't putting such a tag on a player's avatar violate CCP's own policy of not disclosing or discussing/elaborating why accounts where banned?

If you need to be instructed on why your logic is flawed, then the explanation will probably only boggle your simple mind even more so.

Take a step back, read what you said, and then think in a closed room with no distractions so that you can concentrate.

I think the discussion is more around whether allowing people to multibox isn't an unfair advantage rather than whether we think the software is malicious.

*
Haulers getting killed no, but I've seen the types of systems he's talking about. Non stop haulers, back and forth from a mission hub, fail fit with nothing but mission items. And I mean non stop, if you kill the ship, they continue on in a pod, they just keep coming and going, knowing (well, if there was a person there they would know) that there is a gate camp -right there-. Go to the systems and watch them, get a player or two to sit there and kill them and just watch them keep going. You don't need metrics or complicated software to see that there's nobody behind the controls. That's why players are frustrated after all this time.

I do feel like you guys are finally picking up the ball on botting, and as I understand it, you haven't been in charge of this specific area for long, but previous statements by CCP, and then what players construe as a clear lack of action has left you in a tight spot. People don't and won't trust you unless they see results and clear action. Do us a favor though, you say that it may take some time for massive results to become evident. Show us these. In a month or two come back and point to that system and say "see? We found the program that was running courier bots and close that one", show us the figures on how many bots have been banned, how many programs aren't working. PLEASE show me that and tell us all how wrong we were! I know you can't give details and specifics, but until the players see this, we will continue to be skeptical.



*Full quote https://forums.eveonline...sts&m=8839#post8839

I think the discussion is more around whether allowing people to multibox isn't an unfair advantage rather than whether we think the software is malicious.

when do we get the report bot button I suspect a few bots but not bothered to petiton them yet due to waiting for this button.

I think the discussion is more around whether allowing people to multibox isn't an unfair advantage rather than whether we think the software is malicious.

Another fun topic of discussion bots in null and the russians knowlingly recruiting them.

Heres a screenshot from a forum where it was being done
http://i.imgur.com/YrglP.png
(Mind you I removed all styling from the page and it's only the content visible :P)

This one in particular is a renter alliance of xxdeath

Not sure I understand this comment, are you saying that it's possible that running multiple clients would be frowned upon at some point?

Not sure I understand this comment, are you saying that it's possible that running multiple clients would be frowned upon at some point?

My take is that it's assisted multiboxing using synergy, etc. that is being looked at not just running two clients.

Ya i think he meant multi accounts when used in combination with those programs. Lol i was too slow ^ ^

I'm referring to it specifically in the context of using software to allow you to control multiple clients at the same time.

Ya i think he meant multi accounts when used in combination with those programs. Lol i was too slow ^ ^

I actually think he means controlling more than one client at the same time using a singular control gesture. CCP need to be carefull when drawing the fine line as i guess most people are using synergy etc as a simple KVM switch and nothing more?

To some extent yeah, most people use it to bind specific keys to be sent to another client, I use my gkeys to send commands to my laptop for playing EQ2, and can't imagine going back to the days of keeping one hand on my laptop keyboard and the other clicking furiously on my desktop to box in EQ2.

Not just that, i use synergy at work as i have 2 pcs on the one desk. When i can get away with it, i'll fire up an EVE client on ONE of the pcs. At this point, i'm using synergy to control the client but its only a single client. What would CCP do about that scenario? It gets tricky.

I think the discussion is more around whether allowing people to multibox isn't an unfair advantage rather than whether we think the software is malicious.

Good god, I hope not.

We can always debate whether multibox / multiaccount (who uses multiple machines, really) is "fair".

But programs that "assist" in running multiple accounts, do in superhuman ways enhance the amount of chars one can control.
You can control a higher count, than doing it manually.
You can can do it faster, than doing it manually.
You can do it more efficiently, than doing it manually.
You can do it longer, than doing in manually.

Where is the line going to be drawn?
One guy running a 10man mining fleet of his own (low attention, "parallel" action)
while also running a pair of tengus farming anoms (where most of his attention will be)
and having a freighter pilot or 2 running stuff in hisec (ultra low attention)
and bashing a pos with a couple dozen battleships and dreads. (low attention, "parallel" action)
total maybe 36acc.
It may be exaggerating now, but technology is moving towards being able to run more and more clients on a given number of computers and input multiplying alone can hypothetically scale those 4 simultaneous jobs up to any number, without even going into true bot territory.
After all, they are all highly dependent on human input. It just happens to be like a drillseargant shouting instructions to a couple of platoons. Or like the relation between a botnet server and its army of zobies ready to spam/ddos on demand.

Good god, I hope not.

We can always debate whether multibox / multiaccount (who uses multiple machines, really) is "fair".

But programs that "assist" in running multiple accounts, do in superhuman ways enhance the amount of chars one can control.
You can control a higher count, than doing it manually.
You can can do it faster, than doing it manually.
You can do it more efficiently, than doing it manually.
You can do it longer, than doing in manually.

Where is the line going to be drawn?
One guy running a 10man mining fleet of his own (low attention, "parallel" action)
while also running a pair of tengus farming anoms (where most of his attention will be)
and having a freighter pilot or 2 running stuff in hisec (ultra low attention)
and bashing a pos with a couple dozen battleships and dreads. (low attention, "parallel" action)
total maybe 36acc.
It may be exaggerating now, but technology is moving towards being able to run more and more clients on a given number of computers and input multiplying alone can hypothetically scale those 4 simultaneous jobs up to any number, without even going into true bot territory.
After all, they are all highly dependent on human input. It just happens to be like a drillseargant shouting instructions to a couple of platoons. Or like the relation between a botnet server and its army of zobies ready to spam/ddos on demand.

It's a catch-22 to try to ban only specific uses of an application. In you're case, i'm not sure the bot-detection algorithm would be able to tell what is running on the other Synergy clone to indicate that you aren't having 4 multiboxed Arty thrashers ganking someone as opposed to at work running just a single client. I think it would have to be all or nothing. (I don't use Synergy so I don't really know what the application CAN do versus what it tends to be USED to do)

At work Synergy emulates a hardware KVM switch that would otherwise cost money. Whats CCP's stance on KVM switches then?

I am going to claim ignorance on what Synergy can do since I have never used it. I would think a KVM switch would be fine because there is no duplication of inputs.

Thats what i'm hoping too. CCP? Screegs?

At the end of the day i'd rather not have to pay but KVM switches are relatively cheap.

@ CCP Sreegs

Can you please update your first post with link to the main botting thread on old forum so that ppl have direct link on history of this problem...

Not cheap at all when your input's are USB and vid is DVI or HDMI.

Being able to use my laptop and desktop both with a single kb/mouse is the only reason I pay for 3 accounts instead of 2, or 1 even. I would readily cease payment and go buy that Ducati I've had my eye on for a few years.

What client side implementations are you striving for? Where do you plan on fixing the "the holes"?

Why not undertake current systems in use EG: punkbuster, VAC. What plans do you have for MACRO type bots EG: Mouse tracing etc? (Why is not not possible to implement "monitors" akin to what browser analytics use? Essentially take a fingerprint of actions and movements taken?

I see the largest problem as the client side python injections...as people can upload their own scripts to program their own AI.

What sort of security features are there for packet transfers?

Granted there will always be exploits, but to reiterate whats the overall plan?

Some courier bots run on trial accounts with virtually untrained pilots. A ban of such an account seems like it would not be a deterrence, even if you upped it all the way to a one strike perma-ban. The botter can easily start a new trial. Any ideas on what would be a deterrent to these botters? All I can think of is isk removal from whatever account collects the isk.

In the security panel, something was mentioned about besides attacking bots directly(which is good), to alter content.

ie. If the current pve content (watching three bars turn red while orbiting) or staring at lasers punch rocks for hours is whats giving people a reason to bot, that it was something worth looking into.

any comments on this?

I think some people probably bot because of how repetitive certain pve activities can be.

Bot war report: Jita price trends.

Minerals: rather stable. Actually as some bots increase mineral supply, and others, via "earning" isk eventually increase mineral demand, we may not see much effect here.

Ice: Some upward movement in isotope prices. These moved up about 10% a week ago, then stabilized at the new level.

PLEX: Bot accounts consume PLEX, but the price has only dropped a tiny amount in the last week.

Implants: I checked attribute implants. Basics (+3) have increased a bit, others have been stable.

Overall the effect on the market has been tiny. All I'm seeing could easily just be normal market noise. To date the idea that bots are needed to make the EVE economy work is not supported by market data at any level.

CCP Sreegs: Some courier bots run on trial accounts with virtually untrained pilots. A ban of such an account seems like it would not be a deterrence, even if you upped it all the way to a one strike perma-ban. The botter can easily start a new trial. Any ideas on what would be a deterrent to these botters? All I can think of is isk removal from whatever account collects the isk.

We're not going to go into deep details about the specifics of our implementation. We chose not to use an external vendor for various reasons I also don't want to get into, but basically I think we can do a better job in-house. We are aware of OCR bots and have plans to deal with them. Python injection as well.

We're not going to go into deep details about the specifics of our implementation. We chose not to use an external vendor for various reasons I also don't want to get into, but basically I think we can do a better job in-house. We are aware of OCR bots and have plans to deal with them. Python injection as well.

What we're going to do is over time give you guys some more information about the research we're doing to institute additional security in the form of dev blogs or whitepapers. We will not, however, be documenting specific controls.

Furthermore does CCP issue "hardware bans"? If no why not? I rather liked Curt Schilling's (Or who ever that guy is creating a new mmo) analogy. "If someone at Disneyland is being disruptive or what have you they kick them outta the park they dont put time in time out" .

This has been discussed but I don't recall how deeply. It's on my list to discuss later. I will say that we are paying careful attention to any areas where one might be able to throwaway and mass generate isk making characters in short periods of time. (Game Design)

It takes very little effort to spoof a good chunk of hardware IDs on your computer.

It's low sec, name the system. I'm sure some vigilantes will want to visit from time to time.

We are aware of OCR bots and have plans to deal with them. Python injection as well.

[20:33] <Abuser> Why not to add client-side routines to detect bots?
[20:34] <Abuser> Why using petitions?
[20:34] <Abuser> People can lie, people can put a bucket of dirt on player who never violated eula
[20:35] <Abuser> And he will be banned, if petition will contain only right details describing the things you will never log, but that are surely be bot\'s actions
[20:36] <Abuser> EVE Clientside is enough to put bot-detecting routines there
[20:36] <Abuser> you can even use
[20:36] <Abuser> your spyware approach
[20:36] <Abuser> similar to when downloading PC identification python object during authentication as payload
[20:37] <[IA]Morpheus> Let it all out, I\'ll be sure to forward the conversation to all of our programmers, if thats what you want.
[20:37] <Abuser> No, your programmers are just following the plan
[20:37] <Abuser> they aren\'t that bad guys who caused all this anarchy
[20:37] <[IA]Morpheus> Care to tell me who did?
[20:38] <Abuser> Those who plan eve development and/or who decide the priority of client upgrades to be implemented.
[20:39] <Abuser> Currently Shiny Features have more priority than solidifying security and fixing bugs, from what i see
[20:40] <Abuser> Or how else you can explain the ability for the bots to use same approach to exploit eve engine as when previous sourcecode leak was?
[20:41] <Abuser> Nothing changed to prevent this?
[20:41] <Abuser> But we\'ve got tons of content patched
[20:41] <Abuser> but still lagging jita and deadly lagging blobs
[20:41] <Abuser> but from patchnotes i see that these things aren\'t your priority
[20:42] <[IA]Morpheus> I see that your intentions are good but this isn\'t playing out nicely for either parts.
[20:43] <Abuser> Guys, theres no other way that will play better.
[20:43] <Abuser> You simply ignore community requests to fix the core of eve, rather than add new coats to it, to make community forget about the bugs.
[20:43] <[IA]Morpheus> I despise bots and hacks over everything, but this is also a business, we\'ve got developers designing content and EVE needs to grow. I know for a fact that there are programmers working on security, more than that I can\'t really say.
[20:43] <[IA]Morpheus> If you think we are releasing new content to make you forget about bugs then I\'m not sure what I can say to convince you.

We will not, however, be documenting specific controls.

I know I'm in kind of a tough spot and I understand your frustration. Our plan is to be as open with you guys as we can be and we've got a lot of good ideas circulating around the team about how to do that. One other thing we need to be careful about is prematurely trumpeting success. There's at least one bot site you could look at right now that isn't selling its bot or allowing it for download. Why? It's not because they've suddenly decided to be good citizens it's because we were banning them.

It's ultimately a game of cat and mouse however and we'll need a few more weeks to research, action and examine before we're ready to start tooting horns. You'll be the first to know about it when we are though.

Maybe I am reading too much into that reply but of the three most important bot categories you list only two.

What about plain process injection/hooking (whether this is done via InnerSpace or otherwise)?

Maybe I am reading too much into that reply but of the three most important bot categories you list only two.

What about plain process injection/hooking (whether this is done via InnerSpace or otherwise)?

Both (combat) mission bots I am currently aware of hook into the EVE client via InnerSpace - and if I were concerned about the health of the game that's the group of bots I would be most worried about.

Missions running bots would be pretty painful to construct based on an OCR system & hardening the EVE client against Python injections looks like a relatively straight-forward task.

(( start rant:

and I don't understand why this hasn't been fixed long ago - not like some guy calling himself "Abuser" did make CCP look like a fool in 2008 by publishing decompiled client code, pointing out the security risks of Python injections and asking "Why not to add client-side routines to detect bots?"



yes, Ladies & Gentlemen, that was April 2008 - almost to the day 3 years ago.

edit: according to CCP's favorite persona non grata the "previous sourcecode leak" took place in 2006 and was accompanied by the release of a Python-injection based mining bot. I am too lazy to verify this as almost all Google results seem to reference the 2008 leak.

))

Mining bots & ratting bots will always create some customer outcry because they operate in plain sight and compete with human players over scarce resources - but for the same reasons they are easy to detect and it is relatively easy for players to take action against them.

Mission running bots compete in a much less obvious manner with human players (overall inflation, ISK/LP ratio, prices of meta 1-4 modules) and their interaction with other players is usually limited to bumping into each other at the station undock (+ the occasional ninja salvager).

One system can only support so many mining or ratting bots - but one agent can support any number of mission running bots (and I don't believe dynamic agent quality will ever be implemented in a fashion that is harsh enough to change this qualitatively).

Hooking into the EVE client process allows for extremely sophisticated bots, is currently used for the most dangerous bots (imo) and is relatively hard to prevent without really invasive anti-botting tools (don't know about the EVE specifics but I have a rough idea how malware usually achieves its goal of hooking into system processes) - yet it is the one thing your reply doesn't even mention at all.

(disclaimer: I don't know InnerSpace well enough to be 100% certain that it doesn't use Python injection internally but I don't see any reason why it should have to)


we'll read about the specifics a few weeks later on the forums frequented by bot authors, anyways.

You know of python bots that don't use process injection?, i did'nt think it was possible to make any kind of python injection without using process injection.

How do you feel about the tactics used by that guy (can't recall the name) in the previous thread, viz doing a few basic checks to see whether they're complying with the laws in their local jurisdiction with respect to business registration, taxes and so forth.

Setting the local tax authorities on the bot sellers would be an extremely effective way of interdicting or restricting their operations, with the additional benefit of providing much satisfaction to those of your customers who do pay their taxes and wish that everyone else shared the joy of the experience with them. Assuming that CCP Hf is itself all up to date in this respect, it seems like there would be no down side to ******* with these guys in this way.

EDIT: Time spent arguing with the inland revenue and the customs and excise people (dunno what they're like in the US and Iceland, but in the UK, the Customs guys can be really mean. Can you say "no presumption of innocence"?) is time not spent updating their bot code.

Done

In all my years as an online person, player of countless online universes and prowler of many large community forums, I can honestly say that I have NEVER been hacked. Now, this might be a one in a billion fluke, but I'm pretty sure that if you get hacked, the reason is you or your vicinity.

i had my account for another mmo "hacked" once, they brute forced my password (my pc wasnt infected and i dont visit dodgy sites anyway) thankfully i was online doing some crafting at the time and was able ot quickly relog while changing my password with a clean system, so they got nothing from me other than a username, which was always the weakest part of my login info anyway. saying that its everyoens own fault when they get hacked is stupid, sometimes it doesnt matter how paranoid you are about online security you are you will get hacked, thats why they call it brute forcing

It was not your fault the your password was so weak they were able to brute force it?

So, do you guys still want me to continue updating you all on the activities of the bot forums? I'm not gonna lie, it was fun.

I might have to make my own thread though...up to you, Sreegs.

So, do you guys still want me to continue updating you all on the activities of the bot forums? I'm not gonna lie, it was fun.

I might have to make my own thread though...up to you, Sreegs.

So, do you guys still want me to continue updating you all on the activities of the bot forums? I'm not gonna lie, it was fun.

I might have to make my own thread though...up to you, Sreegs.

3. Brute force attack - Ok this is technically not your fault, sorry those who think it is but it's not.. a brute force attack simply runs through both a dictionary attack followed by random number and random letter attacks.. starting at the lower limit of the number set by the person running the BF attack (typically 4 - 6 characters) and ending at the largest (typically 10 - 12) however these attacks typically become rather obvious and should be noticed by the server side protection software.. I mean if you can't get your password right after the 50th time somethings up right?

So, do you guys still want me to continue updating you all on the activities of the bot forums? I'm not gonna lie, it was fun.

So, do you guys still want me to continue updating you all on the activities of the bot forums? I'm not gonna lie, it was fun.

I might have to make my own thread though...up to you, Sreegs.

So, do you guys still want me to continue updating you all on the activities of the bot forums? I'm not gonna lie, it was fun.

I might have to make my own thread though...up to you, Sreegs.

There are a few ways that you can be 'hacked' from a pure 100% programming/security Point of view.

1. You give your username and password to some one else - This can be through phishing mail or whatever.. but your at fault for not double checking where you where putting your details into.
2. Keyloggers, Trojans, Virus's etc etc - Again where oh where have you been that you shouldn't have been and why oh why ain't your virus software up to date?
3. Brute force attack - Ok this is technically not your fault, sorry those who think it is but it's not.. a brute force attack simply runs through both a dictionary attack followed by random number and random letter attacks.. starting at the lower limit of the number set by the person running the BF attack (typically 4 - 6 characters) and ending at the largest (typically 10 - 12) however these attacks typically become rather obvious and should be noticed by the server side protection software.. I mean if you can't get your password right after the 50th time somethings up right?
4. Security leak at the Opposit end - This means a Leak at CCP's end in this case.. and honestly it's not exacty unheard of with CCP now is it? (Sorry Screegs no offense meant) CCP has had it's bad sheep, we have had Dev's who break rules to help people in game, we have obviously had Dev's who leaked entire source code releases.. and there is always the chance a dev could steal the authentication database.. or that CCP itself could be hacked or whatever.


Now there are a few ways to protect against hacking:

1. Change your password every few weeks/months - This means that your password isn't always the same and can stop those who tend to wait a time to use the data they have mined off you.
2. Make your password more complicated - this means using a mixture of UPPERCASE, lowercase and numeric characters, eg E424b8A7g9 <---- this would be an example of a randomly generated password that is not the easiest to hack, the reason being that it has all 3 of the items listed.. if eve supported non alpha/numeric characters i'd even suggest adding thoses ie #24A43%32nn13 etc.
3. Add an extra layer of authentication to the account:- in the form of a randomly generated number sequence that changes based on time/date etc where the serial number is tied into your account at the server level.. This is better known as an Authenticator and most already know how they work.. not only do you enter your user name and password but you also enter a number generated by the keychain fob or the iphone app etc with out this you can't authenticate.
4. The most basic one.. Keep your damned virus software up to date. Even the free software antivirus packages are good for basic protection AVG, Microsofts programs etc all can pick up most of the common trojans, paid antivirus tends to include a better overall protection package.
5. as with your virus protection keep your OS updated. - You may not realise it but Microsoft and Apple don't release all those 'updates' just to make your bandwidth cry. They are put out to address security issues and other bugs in the software.. with out them you are leaving your system open to attacks.

Now I could go on but lets face it CCP has a long ass list up on all of this.. but it's a reminder that not all 'hacks' are based on the end user.. some are just well.. bad luck.

i think you should keep it up.

also, can we get this thread stickied please? i would hate for it to drop off the front page and end up buried

So, do you guys still want me to continue updating you all on the activities of the bot forums? I'm not gonna lie, it was fun.

I might have to make my own thread though...up to you, Sreegs.

CCP Sreegs referenced your thread at the top of this new one, so I think that means you are invited to post bot war reports here. Im posting my market survey info here (looking for effects on the market from bot bans).

Edit: Also, Sreegs is referencing the bots by name, so I do not think you need to hide them, unless you want to.
CCP Sreegs: Maybe this thread needs:

Links to all the security related dev blogs added to your initial post (the original unholy rage, your phishing blog, the protect your accounts blog, etc)
To be made sticky.

Why being so harsh in botting?

Why not just releasing official bots that allows people to AFK mining,ratting , courier missioning, doing PI and market?

They are just very likely to be "bot works" with the technology in New Aden.

And also, it is weird to allow people to have a repetitive action for long (legally, not using macros). Either mechanically or manually by other players, the repetitive actions should be able to exist. It is a basic requirement for a real game and people are not paying to be a wool-factory worker.

You missed one of the most common which is reusing credentials on multiple sites. I'm pretty sure by now we all know that corp and alliance forums get hacked pretty regularly. If you use the same username and password there as you do on your EVE account that's a giant risk.

Just one more reason why you should hurry up and make two factor authentication accessible to everyone :)

Damn CCP Sreegs, you are being vary active on the forum, more so then others. How are you able to do this between researching bots/malware and CCP related work.

Will isk obtained from killing, harassing, ransoming, or even being paid to go away from a high activity system be subject to deletion if it turns out the residents of that system were violating the game EULA to allow such a high level of activity?

TL/DR:
I want to harass easy targets to earn isk, if they are bots do I lose my isk?

Also, is there any way to send you beer or food as a token of appreciation for the work you are doing when it finally fixes this game?

In reply to what is being said in some of the bots/macro forums.

Mostly its people who use these bots saying that threads like these are fail and that we do not understand how they are helping the economics of the game and that eve would fail if the use of bots was stopped.

I'm not sure what the guide lines are for actually mentioning the names of these bots so I will go ahead anyway and I am sure CCP will let me know if it is not allowed :)

Roidripper is no longer available for download.

The last ETA was a few days.

The admin/dev of the program called Daredevil comes across quite confident that nothing that is done will stop bots.

As for the TinyMiners forums, other then people saying how great it is not much on there to be honest.

EvE-Bot forum, again not much being said there either.

The general feel appears to be that CCP does not care about botters and that so long as you find a quiet area you will never be bothered.

What many of these people who use bots do not realise is that they all require you to run eve in a certain way, i.e windowed mode, certain general and graphic settings, having your in game windows configured in a certain way etc etc.

I imagine that all these settings are recorded somewhere and accessible to CCP.

Also I must say I love the idea that if you are caught botting that a overlay will appear on your avatar for the duration of your ban so people will know what a loser you are :)

No sense debating the system.

Because we prefer to have people who can be social playing our game which is at its core a social game. Whether one believes certain actions SHOULD be able to exist, the agreement everyone enters into when they agree to the EULA states that they won't. I may think murder's pretty awesome but if I do it I go to jail. No sense debating the system.

Ok, here's a ridiculously better question. Why are courier bots in low sec being rampantly ignored?
Here's an example: http://eve-kill.net/?a=system_detail&sys_id=2560 and some more specific km whoring example http://kb.pleaseignore.com/?a=system_detail&sys_id=2560
(You need to copy and paste the URLs above because it seems somebody broke the url handler for the redirect and html entified the ampersands like a boss).


Having that many haulers being killed in a system is EXTREMELY abnormal. A large chunk is NPC corps and their cargo contains mission items.

They should simply prohibit character transfers if the account was flagged for botting. Even if it was just the first offense.

You missed one of the most common which is reusing credentials on multiple sites. I'm pretty sure by now we all know that corp and alliance forums get hacked pretty regularly. If you use the same username and password there as you do on your EVE account that's a giant risk.

At the moment you can purchase 2.5bil isk for -ú47.14 / $73.54 from one of the biggest RMT merchants.

CCP could make every aspect of this game fun and exciting and people will still use bots.

The kind of people who use bots/macro's couldn't give a crap about fun and exciting.

They see it as an opportunity to earn more isk or to make rl life money.

The Alliances who use bots again could not care less about whether something is fun and exciting, they just want to earn more isk with little to no effort.

You will probably find that the large majority of bots/macro's are not being used by players trying to supplement their own isk income, but by Big Alliances and RMT merchants.

When CCP succeed, I do believe they will in massively reducing the number of bots in game, you will probably find its the Big Null Sec Alliances that are hit hardest and will cry the most.

Also if you want to see how well CCP are doing in regards to reducing the number of bots, just keep an aye on the prices of isk on RMT sites.

At the moment you can purchase 2.5bil isk for -ú47.14 / $73.54 from one of the biggest RMT merchants.

Now if in the coming months you start to see the prices rise then we will all know that CCP are having an effect.

Another thing that will need to be done is to bring the fight to those sites like Iskbank.com.

It is refreshing to see such extensive feedback from CCP, especially since we feel kinda alone and ignored when it comes to many issues, including bots. Sreegs, you're my favorite VICCPP ("Very Important CCP Person") now

Keep up the good work!

By the way: are you or have you been playing EVE yourself?

Lv.4 combat missions, incrusion, complexes, probing, wormholes, trade(the real bulk trade not the $0.01 war)
Or batteground, dungeons.

Want a quick fix? Delay players appearing in local by 60 seconds after they jump into the system.

Now lets do a quiz, who will be ****** mainly by that:

1. The bots who can smash dir scanner every 2 seconds without getting sudden urges to slit your wrists

2. Legit players


With the same logic you might as well just remove rats from 0.0, since that also helps against bots. While delayed local might help a little bit against bots, since covert ops cloaked ships dont appear on dscan (still it helps much less against bots as it helps getting easy ganks on legit players), on the long run it probably HELPS bots.

Bots thrive in empty space, since your idea mainly hurts legit players, there will be more empty space, so bots profit (also why CCPs latest attempt at making empty wastelands is ridiculous, only ones profitting from that are bots).

Ok, here's a ridiculously better question. Why are courier bots in low sec being rampantly ignored?
Here's an example: http://eve-kill.net/?a=system_detail&sys_id=2560 and some more specific km whoring example http://kb.pleaseignore.com/?a=system_detail&sys_id=2560
(You need to copy and paste the URLs above because it seems somebody broke the url handler for the redirect and html entified the ampersands like a boss).


Having that many haulers being killed in a system is EXTREMELY abnormal. A large chunk is NPC corps and their cargo contains mission items.

Will you release the number of banned users?