CCP's War On Bots: The March Dev Blog

First permanent 2nd-strike bans happened today. I guess some people didn't get the memo that you no longer have 3 strikes.
— CCP Stillman (@CCP_Stillman) March 19, 2013

@chellaranier Damn, you are right! Now I feel bad :(
— CCP Stillman (@CCP_Stillman) March 19, 2013

On Monday CCP Stillman published a new security dev blog looking back at some numbers in 2012 and events occurring today.  Not the most recent efforts with the new detection methods that began two weeks ago, though.  I expect to see those numbers when I get to Fanfest next month.

Weekly ban totals, second half of 2012

The above graph from CCP Stillman's blog shows why I didn't post tears for such a long time.  Look at how few opportunities.  The big spike of permanent bans at the end of June/beginning of July just about corresponds with the last really big batch of tears I posted.  I also think the huge spike in bans in June back up my postings that botters were really having a rough time with the new Unified Inventory system introduced in Inferno.  A lot of bots that were running had some difficulties functioning properly and made them stand out.

Perhaps the biggest news was a change in the ban policy for botting.  Since Fanfest 2011 CCP had operated with a three-strikes policy:

• First offense - 14 day ban
• Second offense - 30 day ban
• Third offense - permanent ban
• Any client modification - permanent ban on first offense
• Any involvement in RMT - permanent ban on first offense

CCP is now changing to what I am calling a football (that's soccer for everyone in the U.S.) set of rules.

• First offense - 30 day ban
• Second offense - permanent ban
• Any client modification - permanent ban on first offense
• Any involvement in RMT - permanent ban on first offense

That's right.  The cultural dominance of the U.S. bringing baseball's three-strikes theory of justice to New Eden has left with CCP Sreegs and CCP's justice will more closely resemble that of the world's most popular sport.  Yellow cards (30 day bans) for first offenses and red cards for second offenses and very serious first offenses.

As the chart showed botters rarely if ever made it to a third offense so taking away one strike makes sense.  Many people complained over the last two years that the penalty was too lax.  I even received an email from a botter who was permanently banned on several accounts last night that said the same thing.

The botter told me that if the punishment for the first time getting caught was a permanent ban that he would never have started botting.  But given that the first offense was only a 14 day ban he thought he could just bot until getting caught and then stop.  So he botted for a year in a renter corp in null sec and made about 200 billion ISK running H-Bot with an average of three characters a day.

Unfortunately for him when he was caught for the first time in January he received a permanent ban for "large-scale botting" on all of his accounts but one.  The best I can figure out is that with a 10% corp tax rate, the 1 - 1.5 billion ISK a month he was pumping into his corp raised some eyebrows among those investigating null sec alliances so he was banned permanently.  Here's part of his story:

"I was using hbot and never RMT’d or used an injection tool, not even isboxer.  If I had known I could receive a permanent ban for using hbot, I never would have started.  I would actually be 100% behind a system where permanent bans were given to all characters on 1st offence.  It would have kept me away from bots and a lot of other people probably as well.  I guess the frustrating thing is that I feel like CCP caught me in a bit of entrapment.  Advertising a policy that did not do much to deter me from activity against the EULA and then laying down punishment above and beyond their stated policy.  I also question how accurate CCP’s abilities are.  While they did ban most of my accounts, even inactive ones, they missed one account.  I was also running a renting corp where a few characters received bans, so I wonder if CCP just thought everyone in the corp was linked to my acct and considered that large-scale.  At this stage I am quitting eve for a good while, at least until it looks like Team Security has its act together a bit more.   Right now they do not inspire confidence.  Lots of false-positives and inconsistent policy/behavior.  If I did not receive a permanent ban, I would have kept playing legit.  I thought that is what the multiple strike policy was supposed to encourage.  Unfortunately I was tried and convicted under a different policy scheme."

I asked if the penalty for a first offense was 30 days would have stopped him from botting.  He replied:

"If the ban was 30 days I probably would have stuck with 1-2 bots and would have stopped a lot sooner.  I never would have started if the initial ban was permanent or if I knew I could be banned permanently for anything I was doing with no warning."

Now, I have to admit I don't have much sympathy for someone who made 200 billion ISK botting, even if he likes my blog.  But his story does at least provide some anecdotal evidence that tough bans will deter people from botting while others will point to the apparent lack of consistency in CCP's rulings.

The final item concerned some personal changes as CCP Sreegs is leaving to head off to join Kelduum Revaan at SOE.  Comparing the staff of Team Security to the makeup at Fanfest last year also shows that CCP Arkanon has also left the group.  The team will now operate under the supervision of GM Salmon, the VP of Customer Relations Management.  The members of the team are:

CCP Peligro
Role: The enforcer of the law™
DOB: 2007.04.18
Security Status: 5.0

CCP Peligro is an Internal Affairs analyst who joined Team Security a year ago as an investigator.

GM Grimmi
Role: Policy and supervision
DOB: 2003.05.06
Security Status: -0.2

GM Grimmi is CCP's lead game master (and CEO of the 136-man Game Masters corporation in-game).  A member of the original Eve Security Task Force in 2011, GM Grimmi's new role makes him well-positioned to handle and customer service issues related to Team Security.

CCP Doppel
Role: Bot Killer Delux
DOB: 2004.07.30
Security Status: -0.2

I don't have any information on CCP Doppel although the dev has worked at CCP for almost 9 years.

CCP Stillman
Role: Engineering and backend work
DOB: 2010.03.16
Security Status: -10.0

CCP Stillman has fought the War on Bots™ since the formation of the Eve Security Task Force in 2011.  He has appeared as a spokesman for Team Security at events in the past and currently works on other security issues outside tracking down botters and RMT operations, although some of his other work affects the RMT trade as well.

The makeup of the team does give a bit of an indication of the direction the team's activities are headed this year.  The presence of GM Grimmi probably means that CCP intends to work on customer relations given the number of complaints of false positives and the speed in which they are handled.  I'm not sure but the presence of CCP Doppel could mean someone dedicated to keeping the automated bot detection system up to date.  And the absence of CCP Arkanon could indicate that CCP listened to Kelduum's complaints about who was "watching the watchers."  With the head of Internal Affairs outside the team those who questioned the oversight of Team Security should be a little relieved.