Wednesday, March 20, 2013

CCP's War On Bots: The March Dev Blog



On Monday CCP Stillman published a new security dev blog looking back at some numbers in 2012 and events occurring today.  Not the most recent efforts with the new detection methods that began two weeks ago, though.  I expect to see those numbers when I get to Fanfest next month.



Weekly ban totals, second half of 2012
The above graph from CCP Stillman's blog shows why I didn't post tears for such a long time.  Look at how few opportunities.  The big spike of permanent bans at the end of June/beginning of July just about corresponds with the last really big batch of tears I posted.  I also think the huge spike in bans in June back up my postings that botters were really having a rough time with the new Unified Inventory system introduced in Inferno.  A lot of bots that were running had some difficulties functioning properly and made them stand out.

Perhaps the biggest news was a change in the ban policy for botting.  Since Fanfest 2011 CCP had operated with a three-strikes policy:
  • First offense - 14 day ban
  • Second offense - 30 day ban
  • Third offense - permanent ban
  • Any client modification - permanent ban on first offense
  • Any involvement in RMT - permanent ban on first offense
CCP is now changing to what I am calling a football (that's soccer for everyone in the U.S.) set of rules.
  • First offense - 30 day ban
  • Second offense - permanent ban
  • Any client modification - permanent ban on first offense
  • Any involvement in RMT - permanent ban on first offense
That's right.  The cultural dominance of the U.S. bringing baseball's three-strikes theory of justice to New Eden has left with CCP Sreegs and CCP's justice will more closely resemble that of the world's most popular sport.  Yellow cards (30 day bans) for first offenses and red cards for second offenses and very serious first offenses.

As the chart showed botters rarely if ever made it to a third offense so taking away one strike makes sense.  Many people complained over the last two years that the penalty was too lax.  I even received an email from a botter who was permanently banned on several accounts last night that said the same thing.

The botter told me that if the punishment for the first time getting caught was a permanent ban that he would never have started botting.  But given that the first offense was only a 14 day ban he thought he could just bot until getting caught and then stop.  So he botted for a year in a renter corp in null sec and made about 200 billion ISK running H-Bot with an average of three characters a day.

Unfortunately for him when he was caught for the first time in January he received a permanent ban for "large-scale botting" on all of his accounts but one.  The best I can figure out is that with a 10% corp tax rate, the 1 - 1.5 billion ISK a month he was pumping into his corp raised some eyebrows among those investigating null sec alliances so he was banned permanently.  Here's part of his story:
"I was using hbot and never RMT’d or used an injection tool, not even isboxer.  If I had known I could receive a permanent ban for using hbot, I never would have started.  I would actually be 100% behind a system where permanent bans were given to all characters on 1st offence.  It would have kept me away from bots and a lot of other people probably as well.  I guess the frustrating thing is that I feel like CCP caught me in a bit of entrapment.  Advertising a policy that did not do much to deter me from activity against the EULA and then laying down punishment above and beyond their stated policy.  I also question how accurate CCP’s abilities are.  While they did ban most of my accounts, even inactive ones, they missed one account.  I was also running a renting corp where a few characters received bans, so I wonder if CCP just thought everyone in the corp was linked to my acct and considered that large-scale.  At this stage I am quitting eve for a good while, at least until it looks like Team Security has its act together a bit more.   Right now they do not inspire confidence.  Lots of false-positives and inconsistent policy/behavior.  If I did not receive a permanent ban, I would have kept playing legit.  I thought that is what the multiple strike policy was supposed to encourage.  Unfortunately I was tried and convicted under a different policy scheme."
I asked if the penalty for a first offense was 30 days would have stopped him from botting.  He replied:
"If the ban was 30 days I probably would have stuck with 1-2 bots and would have stopped a lot sooner.  I never would have started if the initial ban was permanent or if I knew I could be banned permanently for anything I was doing with no warning."
Now, I have to admit I don't have much sympathy for someone who made 200 billion ISK botting, even if he likes my blog.  But his story does at least provide some anecdotal evidence that tough bans will deter people from botting while others will point to the apparent lack of consistency in CCP's rulings.

The final item concerned some personal changes as CCP Sreegs is leaving to head off to join Kelduum Revaan at SOE.  Comparing the staff of Team Security to the makeup at Fanfest last year also shows that CCP Arkanon has also left the group.  The team will now operate under the supervision of GM Salmon, the VP of Customer Relations Management.  The members of the team are:

CCP Peligro
Role: The enforcer of the law™
DOB: 2007.04.18
Security Status: 5.0

CCP Peligro is an Internal Affairs analyst who joined Team Security a year ago as an investigator.




GM Grimmi
Role: Policy and supervision
DOB: 2003.05.06
Security Status: -0.2

GM Grimmi is CCP's lead game master (and CEO of the 136-man Game Masters corporation in-game).  A member of the original Eve Security Task Force in 2011, GM Grimmi's new role makes him well-positioned to handle and customer service issues related to Team Security.

CCP Doppel
Role: Bot Killer Delux
DOB: 2004.07.30
Security Status: -0.2

I don't have any information on CCP Doppel although the dev has worked at CCP for almost 9 years.




CCP Stillman
Role: Engineering and backend work
DOB: 2010.03.16
Security Status: -10.0

CCP Stillman has fought the War on Bots™ since the formation of the Eve Security Task Force in 2011.  He has appeared as a spokesman for Team Security at events in the past and currently works on other security issues outside tracking down botters and RMT operations, although some of his other work affects the RMT trade as well.

The makeup of the team does give a bit of an indication of the direction the team's activities are headed this year.  The presence of GM Grimmi probably means that CCP intends to work on customer relations given the number of complaints of false positives and the speed in which they are handled.  I'm not sure but the presence of CCP Doppel could mean someone dedicated to keeping the automated bot detection system up to date.  And the absence of CCP Arkanon could indicate that CCP listened to Kelduum's complaints about who was "watching the watchers."  With the head of Internal Affairs outside the team those who questioned the oversight of Team Security should be a little relieved.

16 comments:

  1. Those are some pretty sweet botter tears. 'Oh booo hooo entraaapment!'

    He could've kept playing if not for this 'unfair' treatment? Oh no, guys. We lost a botter. What a tremendous loss to the community.

    Get hazed, fucktard.

    ReplyDelete
  2. Is there anything in the EULA or ToS that indicates that a botter can be permabanned for the first offense? I've no sympathy for the person involved, and would agree with a one-strike policy for botting, but the application of arbitrary punishment is something that should worry everyone.

    ReplyDelete
    Replies
    1. Okay let me get this straight. Botting, which is bad, needs to have something in the EULA or ToS that explicitly says "You can be banned on the first offense" for it not to be an arbitrary punishment?

      Because, people know botting is wrong but because they won't get caught and punished very much its okay to keep going forward with the whole botting thing. When they are caught and punished harshly its bad of CCP to punish them for breaking the rules on the massive scale across multiple accounts for an extended period of time.

      How terrible for the botter.

      Everyone should be worried that CCP is banning people breaking the rules of the game! If I am correct the EULA says something along the line of CCP can tell us to GTFO at any time because Eve is theirs. The fact that they are even practicing a strikes policy and attempting to let people change their ways (because not running bots is such a terrible, harrowing task where everyone needs a little class to teach them how to follow the rules).

      The person above states that they would not have done it if they had known how badly they would get in trouble the first time. "I will push the rules and cheat as much as possible till I get grounded and then I will behave. I won't do it from the get go because I wasn't forced to follow the rules I agreed to follow".

      Delete
    2. And if they decide that tweeting excessively about Eve calls for a life ban, you are all for that because, hey, they are CCP and they know best. That is sarcasm, by the way, don't bother making it the crux of a reply.

      The point is not that botting is good, it isn't. The point is not that botters should not be banned, they should. The point is that if you set a standard of practice you need to adhere to that standard.

      You may like arbitrary authority, I do not and if it forces me to stand with some contemptible company to make the point that it is bad I will stand there.

      Delete
    3. Clear rules and punishments, consistently applied. Not everything results in an instant permaban. Personal distaste is not sufficient justification to ban people you dislike.

      Delete
    4. The counter is that clear rules are exploitable, because as quoted above, botters tend to be legalists ("if I knew I'd be banned, I wouldn't have done it! If I knew I'd be temp banned, I'd only have done it a little!").

      The difference here is scale. If you're casually running a bot to control a single ship in a high sec ice belt, your first punishment is a slap ("don't do that"). If you're running a botting army like a pro, they probably consider you incorrigible and that's probably not far from the truth.

      I mean, the guy quoted above goes in fully knowing that he's breaking the EULA, assuming that CCP intended the "three (or two) strike" policy to be a full deterrent (they didn't), exploiting the bots he used on a very large scale, and then being all wounded about the fact that they treated him as a repeat offender? He *is* a repeat offender. They got him dead to rights. The "strikes" system is for people who don't know any better. He did know better, and he botted anyway. Sayonara.

      Or, from another angle: CCP should not build their enforcement policy around people who will only behave if they're forced to, because those policies will be needlessly harsh to the other 99% of users. Cutting the willful misbehavors off is the best thing they can do for the game.

      Delete
    5. We have the CSM because a CCP Dev abused their power to help their friends. Currently, lead figures from Goons, Test and Pandemic Legion are now employed by CCP. You will excuse me if I think those calling for more discretion can go to hell.

      Delete
    6. The problem with that argument Dersen Lwery is that anyone who is technical enough to bot, or at least willing to go out and find the programs, knows that this is illegal. I have no problem with CCP saying that botting is a one-strike life ban. You knew what you were doing when you installed the programs, you get to pay the price. This isn't like finding an exploit in game and using because you don't know better.

      It is not ok for CCP to decide that a life ban is based on the mood of the person reviewing the case.

      Delete
    7. CCP playing favourites? How about Laz Telraven (announcer for eve tournaments and goon bigwig) always talking in the goon supercap channel about how he had botted for a few months with multiple accounts in order to afford his supercap. Apparently large-scale botting is only bad when it is not goon/CCP buddies doing it. Otherwise they have no problems flying you to iceland and giving you special treatment.

      Delete
    8. "Without limiting CCP's rights or remedies, CCP may immediately, and without notice, discontinue or suspend access to the System through your Account, and any and all other Accounts that share the name, phone number, e-mail address, internet protocol address or credit card number with the discontinued or suspended Account, in the event of (i) a breach of the EULA (including the Rules of Conduct) by you or any user under your Account; or (ii) unauthorized access to the System or use of the Game by you or any user under your Account."

      CCP can, should it choose to, ban you permanently for any breach of the EULA/TOS.

      The 2 or 3 strike policy is a gift to casual botters in the hopes that it will cause them to reform and keep playing. It's not something the require themselves to do in the EULA.

      Delete
    9. Anonymous @ 8:17pm: Well, no, that's not the problem, because the graph clearly shows that the first strike of the three-strike policy was incredibly effective, and the second strike was a nearly perfectly effective followup.

      The guy quoted in the blog post is simultaneously saying that only the third-strike penalty would have stopped him from botting and complaining that CCP immediately took the one measure that he says would stop him. Apparently he thought he could just set up shop for a minimum of two strikes and then cash out.

      Now look at the graph. The first strike is tremendously effective. The second strike is almost perfectly effective. So clearly, by the numbers, this guy is a serious, single-digit-percentage outlier. His operation, and the way it was set up--to make as much money as possible in the time before CCP threatened a permanent ban--were outliers. Most botters are small-scale, and a lot of them are older EVE players who are used to CCP not caring. They don't figure they're doing anything terribly bad. This guy knew exactly what he was doing.

      There's no slippery slope here, and no discernable ambiguity.

      Delete
  3. I think what the anonymous guy is getting at is a slippery slope that CCP could go down. While no one cares if a botter is banned outside of CCP policy, there would be a bit more of an uproar if all of a sudden multiboxing software and market tools started receiving permanent bans for client manipulation (I do think both of those should be against the EULA since they are programs that accelerate the acquisition of assets beyond normal human capabilities). I think EVE attracts the type of person who pushes the rules and boundaries of the game, so it is not surprising that there are botters with the mindset of the guy who was quoted. Having vague rules/policy, large gray areas, or not acting in line with rules/policy advertised is all around not good for the game. It just creates apprehension and mistrust within the player base.

    ReplyDelete
  4. Why would ccp leave the perm bans out of the chart?

    ReplyDelete
    Replies
    1. The permabans are the third strike bans.

      Delete
    2. most definately not

      Delete
    3. I see what you mean. You're talking about the RMT and client modification permabans. Not the permabans that result from 3 strikes. I wouldn't try and figure out CCP thought.

      Delete