| Pages: 1 [2] 3 4 5 :: one page |
|
|
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Armoured C
Gallente
Federation of Freedom Fighters
Executive Outcomes
   |
Posted - 2009.02.13 18:24:00 -
[31]
some corp also ask you tak take pictures of your wallet for transactions .. ebcause mains useually give money to there alts vice a versa obviously if there are large sums of money conviently moving in the last say 30 second after he asked then there something suspisious going on =P
i know of 2 corps that use this method as well as print screen charater log in and API
API is very very common for recruitment |
Suneai
Gallente
|
Posted - 2009.02.13 18:24:00 -
[32]
I'd give my limited API if a corporation asked for it as a recruitment item, there's no real harm in it.
I wouldn't ask someone for one myself though, I have my own recruitment process that hasn't failed me as of yet.
It takes time but I like it because I find out more about the person behind the character and a basic idea of their play style. |
Schalac
Caldari
Apocalypse Reign
|
Posted - 2009.02.13 18:40:00 -
[33]
Edited by: Schalac on 13/02/2009 18:41:51
 Originally by: Dirk Magnum
Edited by: Dirk Magnum on 13/02/2009 16:16:01
Originally by: echohead
How can they find out how many accounts you have?
By requiring a screenshot of the login screen with accounts menu extended, and something in the background to verify the time it was taken (like an online newspaper with the day's headlines or something.) It can still be edited if someone is a bit handy with Photoshop or something but it's still better than nothing.
I know at least some people require this because I had to do it once.
This is easily bypassed by making a dummy copy of EVE in another folder, only log in the account in question, viola only 1 account will show in the drop down menu at log in.
EDIT: also it's beyond stupid to give out your log in name. So if they do ask just refuse as knowing your login name is none of their business. |
Miss Uylear
Caldari
The Gentlemen of Low Moral Fibre
|
Posted - 2009.02.13 18:42:00 -
[34]
to me, giving the API is a little thing.
If the corp you are joining asks for it, then thats ok. if they monitor you training, and ask about it, thats ok.
If they dictate to you what must be trained, then why did you choose that corp?
A CEO who offers a skill plan is not so bad, though. See, if you joined a corp, that means you have joined a cause you may agree with. If the plan has benefits to the cause, then so be it. Everyone is a winner.
The API is used for corps that don't want to fail to some small time crook, meaning they are actually a decent corp and not full of idiots.
I would offer my API out, and if a corp asked 'wtf is that?' then I would re-consider my joining. |
Venkul Mul
Gallente
|
Posted - 2009.02.13 18:48:00 -
[35]
Originally by: Dirk Magnum
Edited by: Dirk Magnum on 13/02/2009 16:16:01
Originally by: echohead
How can they find out how many accounts you have?
By requiring a screenshot of the login screen with accounts menu extended, and something in the background to verify the time it was taken (like an online newspaper with the day's headlines or something.) It can still be edited if someone is a bit handy with Photoshop or something but it's still better than nothing.
I know at least some people require this because I had to do it once.
And that is an EULA violation, as they are asking for you login. A limited API give some information about that as you can look wallet movement.
|
Carniflex
Caldari
StarHunt
Systematic-Chaos
|
Posted - 2009.02.13 19:10:00 -
[36]
All real 0.0 entities and many properly organized hi sec ones do ask API as part of recruitment and adv API if you smell funny. No API no entry.
It does not remove all security risks but it makes propability of getting ripped considerably lower as anyone looking for infilitration would need at least separate account for that and if corporation security officers are on the ball then that account must have never had any isk moving to or from your real 'main' account, as they would be asking your adv api rather sooner than later unless you are really really good actor.
|
Cors
It's A Trap
|
Posted - 2009.02.13 19:10:00 -
[37]
As a CEO who for a LONG time kept all my members on EVEMON, it's actually quite a simple reason.
1) Security. Its easier to see who their alts are on that account. Slowly over time spies always let little things slip. Saying the name of a "carebear/hauling alt" that I dont' see on their "Only account" has ousted several spies.
2) As a CEO/Vet, I'm asked almost daily "What should I train next?"
Having the corp member on EVEMON lets me take a quick look through and suggest area's to focus on for the short term.
3) You don't know how many spies use purchased char's they put on their accounts of their primary char's.
Seeing a 30Mil SP char not train anything for a few weeks on their "Main" char should send up a red flag. What ARE they training on that account then if their "main" isn't training anything. I've caught spies doing this. Their main in a hostile alliance is training, but their spy alt in my corp isn't.
4) And finally, it shows CEO's how serious the potential recruit is. If they balk at giving me their Basic API key, how can I trust them with the intel, ships, ammo, mods, mins, fuels, pos's, and wallets of a member of my corp.
|
Ragnar Foulberg
|
Posted - 2009.02.13 19:24:00 -
[38]
Originally by: Rivqua
What is your reasoning behind not giving it up ?
Knowledge is power. Guard it well.
|
Tenely
|
Posted - 2009.02.13 19:27:00 -
[39]
Most big-time alliances have everything OOG tied into your in-game API. Forum, teamspeak, etc, all required the API to verify that you are indeed in X alliance and X corp so you can see their subsections etc.
Don't wanna give up your API? Thats cool, just prepare to get denied to anything that matters. (empire corps need not apply)
|
James Lyrus
Lyrus Associates
The Star Fraction
|
Posted - 2009.02.13 19:29:00 -
[40]
Edited by: James Lyrus on 13/02/2009 19:34:58
Originally by: echohead
Is it just me or is this insane? I know with the limited code they cannot get any real info, but it seems like the certification system would also give them most of the same info. They already have your corp history and age, if they don't believe you can pilot a ship or something they should just have you undock in the ship in question.
Not really, no. It doesn't give them anything that particularly harms you, but it does increase levels of validation.
Like: Do you actually have some skillpoints, and aren't just an alt.
Do you profess to experience that you don't actually have on that character?
Do you have a known face/alt in another corp/alliance on your account.
Are you actually capable of supporting yourself, and how do you do it?
Stuff like that.
It's not foolproof, neither is a login screenshot, but it's one more way to make the life of the prospective corp thief just that much harder.
It's also quite a good way of integrating logins for out of game stuff - forums and teamspeak for example - you can have it check periodically and update/disable accounts of people who are leaving, create automatically new people, and automatically update permissions based on in game roles, that kind of thing.
--
249km locking? |
|
|
Danton Marcellus
Nebula Rasa Holdings
Nebula Rasa
|
Posted - 2009.02.13 19:37:00 -
[41]
I blame crappy corporate tools, this is some Stasi **** right here...
Should/would/could have, HAVE you chav!
Also Known As |
Aya Sin
|
Posted - 2009.02.13 19:37:00 -
[42]
Originally by: Suneai
I'd give my limited API if a corporation asked for it as a recruitment item, there's no real harm in it.
If I were a trader, I'd definitely think twice about giving someone even my limited API key.
|
Tunak
|
Posted - 2009.02.13 19:49:00 -
[43]
Originally by: Suneai
I'd give my limited API if a corporation asked for it as a recruitment item, there's no real harm in it.
I wouldn't ask someone for one myself though, I have my own recruitment process that hasn't failed me as of yet.
It takes time but I like it because I find out more about the person behind the character and a basic idea of their play style.
This is real security. |
Concorduck
Gallente
|
Posted - 2009.02.13 19:52:00 -
[44]
Originally by: Aya Sin
Originally by: Suneai
I'd give my limited API if a corporation asked for it as a recruitment item, there's no real harm in it.
If I were a trader, I'd definitely think twice about giving someone even my limited API key.
sucks, doesn't it? |
Ris Dnalor
Minmatar
Ex Cruoris Libertas
|
Posted - 2009.02.13 19:55:00 -
[45]
well noone says you have to give it just because they ask.
|
rofflesausage
|
Posted - 2009.02.13 20:20:00 -
[46]
Originally by: echohead
I fail to see how it can help security when most people own more than one account anyway.
"Most" people own more than one account?
[Citation Needed]
|
Gunnanmon
Gallente
UNITED STAR SYNDICATE
|
Posted - 2009.02.13 20:22:00 -
[47]
Probably been pointed out before but...
Originally by: Dirk Magnum
Edited by: Dirk Magnum on 13/02/2009 16:31:58
Originally by: Tyleritus
See section 2B
Quote:
...... You may not obtain, attempt to obtain, use or attempt to use the login name or character name of anyone else.
I think you're misinterpreting that. It says you can't use the login name or character name of anyone else. It doesn't say anything about just knowing the login .....
Presumably if one has obtained something, they then know it.
|
Rennion
|
Posted - 2009.02.13 20:53:00 -
[48]
Flat out refuse to give a screenshot of login name, that is 50% of account security.
API key is no big deal, let them use it to verfiy skills with evemon and check your wallet transations to see if you are an obvious alt. Once done and cleared generate new key and done.
I can totally understand why people do it as I know a few people who create alpha clone characters in there spare char slots, age them and get a bit of a corp history then bull**** there way into corps in order to rob them blind. Yes this works if they are not propperly screened.
|
Kazzac Elentria
|
Posted - 2009.02.13 21:07:00 -
[49]
You cannot 100% of the time get rid of spies and or thieves but having an API key goes partially towards that.
I do a lot of account auditing for corporations wishing to background check on their members, future directors, applicants, etc.... Having a metric ton of market data logs from the last 2 years, eve-search, SHC, etc... all of that info out there allows one to build up a good idea of where someone came from a lot of times.
Sure it doesn't catch everyone, but it catches enough that CEOs pay for my services on a near constant basis. |
echohead
|
Posted - 2009.02.13 21:10:00 -
[50]
"If I were a trader, I'd definitely think twice about giving someone even my limited API key."
I am a trader that is kind of where this got started
Wait a second, there are corps that ask for the full API key? alright now that is really crazy. You guys have made many valid points for the limited key, but giving out your full key is pretty stupid.
|
|
|
Kazzac Elentria
|
Posted - 2009.02.13 21:13:00 -
[51]
Originally by: echohead
"If I were a trader, I'd definitely think twice about giving someone even my limited API key."
I am a trader that is kind of where this got started
Wait a second, there are corps that ask for the full API key? alright now that is really crazy. You guys have made many valid points for the limited key, but giving out your full key is pretty stupid.
AS one CEO put it me while I audited 3 accounts "If they cannot trust me with some limited knowledge about the last 1k items they've bought and sold, how am I supposed to trust them with the access to any shared assets"
Keep in mind, these were for possible directors though, not applicants. |
ElweSingollo
The Higher Standard
|
Posted - 2009.02.13 21:15:00 -
[52]
Originally by: Nicholas Barker
you can still show up in certs as being abit of a nub at certain things, even when you've got every missile skill to 5, except rockets cuz you don't fly anything smaller than a cruiser, and it shows as recruit or w/e the lower level is.
Some of the cert requirements are pretty lol I am amarr specced and have the relevant armor tanking skills maxed yet because I don't have all shiled skill at 5 iirc I don't get the defence cert... so yeah certificates aint really worth the digital pixels they are written on.
CCP and Eve Online... It's not a bug, it's a feature
In Before I Get M***** Again
|
Hirana Yoshida
Behavioral Affront
|
Posted - 2009.02.13 21:15:00 -
[53]
There is no harm whatsoever in giving out the limited API key, nothing can be done with except access skill and character data.
In the "old days" the paranoid 0.0 corps required screenshot of the character selection screen taken immediately after a convo with recruiter to avoid photoshopping and what not.
An employer has no interest in hiring obvious alts or spies for that matter. Hell, some corporations require you to enroll all characters to avoid 'conflicts'.
API key provide security for everyone. Easy enough to circumvent and slip a "spy" but requires second account.
PS: If anyone asks for your account credentials, report them to CCP and watch them moan under their scrutiny - account theft is frowned upon in Iceland I hear.
|
loony thezoon
|
Posted - 2009.02.13 21:42:00 -
[54]
Trust is a two way deal.
Give them your limited API as long as you get limited APIs of every member of the corp you want join, then its all fair. |
Matroshka
Clydesdale Corporation
|
Posted - 2009.02.13 21:55:00 -
[55]
Originally by: Tunak
Originally by: Dirk Magnum
Edited by: Dirk Magnum on 13/02/2009 16:31:58
Originally by: Tyleritus
See section 2B
Quote:
You will be assigned a login name and a character name during the registration and character creation process. You may not allow anyone to use your login name or character name to access the System or play EVE. No player may use the character name of another player to impersonate or falsely represent his or her identity. You may not obtain, attempt to obtain, use or attempt to use the login name or character name of anyone else.
I think you're misinterpreting that. It says you can't use the login name or character name of anyone else. It doesn't say anything about just knowing the login or character name of someone. I mean, we all know each others' character names anyway, and since they lump both login and character names together in that section it leads me to believe what they're saying is that you just can't use it to actually do things with like log in to someone's account or impersonate them.
You may not obtain,
attempt to obtain, use or attempt to use the login name or character name of anyone else.
Asking is attempting.
I can understand the login name part, but character name? That would make everyone in violation of the EULA.
|
Sephrin
Minmatar
Imperium Forces
Ethereal Dawn
|
Posted - 2009.02.13 22:20:00 -
[56]
Originally by: Cedric Diggory
Quote:
As far an screen shots of logon screens... I would never do that. That gives anyone who sees that screen shot 50% of what they need to crack my account.
I lol'd at this while i was recruiting in my own corp, as we had it as a requirement too. The thing is, we're not in the slightest interested in your login page: it's your character selection page we wanted to see!
The API key renders this feature defunct, and I agree in principle that you should never show your login name to anyone.
I have freely supplied character selection screen, as well as limited API. Its also worth noting that almost every major alliance in the game uses api verification for forum and Voice comms access.
|
Schalac
Caldari
Apocalypse Reign
|
Posted - 2009.02.14 14:18:00 -
[57]
Originally by: Aya Sin
If I were a trader, I'd definitely think twice about giving someone even my limited API key.
Sole reason that my trade alt is on a completely different account than any thing that matters. While I like that you want to see what I'm training, knowing what I'm trading is a secret. CCP should release a training only API. No wallet, no corp, no nothing just training and skills. I would like that.
SCHALAC HAS SPOKEN |
News R3porter
THE INTERNET.
|
Posted - 2009.02.14 14:31:00 -
[58]
alot of the serious corps now a days require your full api before being able to join, a few examples, reikoku, Snigg, the illuminati
this is so all past wallet transactions can be looked at etc, however i myself would never give my full one out as it has alot of scary red writing around it 
however i hve no problem watsoever giving out my limited
Providing eve with unbiased news |
Mikal Drey
Minmatar
Priory Of The Lemon
Atlas Alliance
|
Posted - 2009.02.14 14:32:00 -
[59]
hey hey
i have no issues at all with giving someone my limited api. giving them my full api after joining i would still have no hesitation in doing. but strictly AFTER i joined.
tbh even the full api has nothing that you generally dont share with corp mates anyway. I dont think there is anything on the full api that i would need to hide. It would also serve to removed any doubts about internal issues etc should stuffÖ go missing etc.
you can easily flip your api key at will and it only takes a few minutes to do so if it wasa pure recruitment tool then its still harmless information.
a question was asked at the api roundtable about having the api more configurable and then api could become a better tool for recruitment etc with players opting to send seleceive information. however the viability of it was more trouble than it was worth and moving api keys from full to limited may have side issues in itself. the API is a great tool for Corps and its down to player developers to decide which information is pulled and which is not.
if there is any api developers out there who could design and build a usable interface that pulls the Full Api details but only outputs selective information to a recruitment UI i bet both corp/pilots could have improved confidence in recruitment.
Shattered Crystal - The best place for all your online codes |
Evocationz
Amarr
Terra Nostra
|
Posted - 2009.02.14 14:37:00 -
[60]
Originally by: echohead
Is it just me or is this insane? I know with the limited code they cannot get any real info, but it seems like the certification system would also give them most of the same info. They already have your corp history and age, if they don't believe you can pilot a ship or something they should just have you undock in the ship in question.
*hi, im an alt fo a mjor alliance and i want to joinw here i can to steal stuff, delete my char, and start over*
Mate let me be blunt shall i, API is for security, we demand it of everyoen who joisn who cts suspcious, new players who 8 know to much& about the game
GET A LIFE, see what id id there?
Shamelessly Stolen Sig - it Owns All |
|
|
|
|
| |
|
| Pages: 1 [2] 3 4 5 :: one page |
| First page | Previous page | Next page | Last page |