Pages

Thursday, January 17, 2013

CCP's War On Bots: CCP Seagull Connecting The Dots

The CSM December 2012 Summit Minutes came out yesterday and a look at the topic list shows no presentation by CCP Sreegs or anyone from his team.  Yes, the shadow war I call the War on Bots™ continues although in this case I'm not sure CCP actually knows the potential implications of some of their moves when they make them.  For example, take the discussion about lurkers.  I found this paragraph fascinating.
"Kelduum asked why CCP found it challenging to tell whether the one person with 5 characters and 5 accounts in his own corporation was actually just a single person. Seagull explained that right now, the focus was on tracking accounts and characters, but not necessarily humans. Identifying unique humans that are being added to the community would be essential going forward, as Seagull didn’t feel comfortable working under the illusion that increased character participation in an activity or increased subscriber count actually meant that they were gaining new customers as a business. Unifex reiterated that this was an absolutely critical problem to solve in the near future, and that their analytics team was actively researching the number of human users in particular. Seagull added that CCP needs better tools for examining cancelled accounts, for example – which could represent either players quitting the game entirely, or people still playing the game but reducing their accounts." (p. 10)
From everything I knew about how Eve Online worked I knew this was the case.  Is this because Kelduum isn't too bright or because I've visited botting forums way too often and read how botters operate?  From what I've seen the only time CCP attempts to link multiple accounts to a single player is when Team Security is trying to ban all of a botter's or ISK seller's accounts.

So what is the impact on the War on Bots™?  From this answer I assume that a team completely separate from Team Security is going to build a database linking accounts to actual people.  I think that should prove an interesting exercise since many of the lurkers CCP Seagull talked about in the session are botting accounts and botters and ISK sellers already go to great lengths to hide the links between their multiple accounts.  I'm assuming that Team Security will have access to the information CCP Seagull's analytics team produces, which may make investigations into bad behavior run faster as a lot of the legwork of tracking accounts will already be done.

I have one more pleasant thought.  Botters like to make accounts with the same name and just add a number at the end, like Bot1, Bot2, etc.  A lot of players wonder why CCP just doesn't look at names and use that to track and ban botters.  The question I'd like to know is if someone makes accounts with sequential names and totally different personal information (like email addresses, home addresses, even credit cards) will that throw up red flags to the analytics team?  And if they see that will they then alert CCP Sreegs of the security threat?  I say security threat because not only could that indicate bot use but possible credit card fraud, with the associated charge backs coming out of CCP's corporate wallet.  If that happens then Team Security just received some reinforcements in the War on Bots™.

12 comments:

  1. Great thoughts, as always.

    I wonder how this linking accounts to actual humans story will happen though. I personally own multiple accounts, not all activated by the same credit card or using the same email adress. With really -nothing- linking two accounts together how can CCP guess it? My bet would be of common employment history mixed with common log on time and IP adress.
    But as I'm sure I'm not alone, I don't always log on all my accounts, they are not in the same corps, and I may connect through different connections at the same time so my IP adress is different for each account.

    This is really a mess for CCP to deal with, and I wonder how they will sort it out.

    ReplyDelete
    Replies
    1. True. I use the same email address for all my accounts but I have 2 different credit cards and each of my computers has a different IP address. My two main accounts are on two different computers (1 laptop & 1 desktop) and I don't swap computers. So the email address is the only link between the two.

      Delete
    2. And are the two computers also on a different internet connection?

      Delete
  2. If I am not mistaken there may easily be characters with sequential names with differing account information simply because of prompting by the game when creating characters. When you put in a name already in use you can still use the name by adding a number to the end. How many pilots create a character and find that CptKirk is already taken and add numbers to the end? Trying to sort between bot users and non-bot users who simply aren't creative in their names could be a difficult task. I suspect that names are used by CCP but only as a screening/search technique. Remember CCP could easily imbed code in the client looking to log MAC address etc. --- far better identifiers for catching unsophisticated bot users.

    ReplyDelete
    Replies
    1. Good point about the names. But what if it is 5 different accounts within 15 minutes? And Team Security does have some code embedded that does some digital fingerprinting.

      Delete
  3. I asked specifically as I wanted to know the reason/excuse that CCP have been unable to provide any decent data to the CSM or players on what individual people do in-game.

    What we need to know, really, is what percentage of the player-base (the actual people) are involved in each activity - how many do missions in hisec, how many pirate in low, how many are involved in Sov warfare, etc. The problem is, simply counting the number of *characters* in a location doesn't tell you anything.

    As a simplified example, the guy who considers himself a 'nullsec player', who has hauling and mission alts in hisec on different accounts, so if you fail to make the proper link, he looks to be mainly a 'hisec player'.

    It's actually quite simple, and I'm quite certain CCP *could* do it if they wanted, as sone of the botting posts have suggested there is system profiling going on, which means they would have the data.

    ReplyDelete
    Replies
    1. There is definitely system profiling going on. In fact I've read instructions on how to spoof the profiling on the botting forums and even an application even exists designed to alter one of the variables that the final hash is based on. In other words, the data CCP has isn't 100% reliable on that front.

      Also, if you look at my three accounts, if you depend on the fingerprinting I will appear as two different people because I keep my two main accounts on separate computers due to concerns with my overview settings. At the very least you could only use the hash number as an indicator that would need to be combined with other data that is probably in databases in different systems. That is why what CCP Seagull is proposing is going to be a major undertaking.

      So you're right, CCP could do it. In fact, it sounds like CCP Seagull intends to do it. CCP just never thought it was important enough to do in the past so they didn't set up their systems in order to make doing it easy. But now that CCP management has decided there is a business reason you'll get your answers.

      Delete
  4. Maybe, and this might be a very stupid thought, maybe they do not want to share this information as it would indicate a much lower user base than one expect. Maybe the recently announced 450K players are only 100K real people with multiple accounts. I have 5 and I am not even a veteran. Just a thought.

    ReplyDelete
  5. I very much link all of my accounts to one email address and use the same irl name on them. I do this for consistency. If anything ever looks weird I can point to all of my accounts and my habit of being clear and repetitive in who I am.

    ReplyDelete
  6. What are the ramifications of various privacy laws around the world? Some countries have very stringent laws about how RL identities and accounts can be linked and what information can be shared even within the same company. Does anyone have any thoughts on that issue?

    ReplyDelete
    Replies
    1. Another good point. Those laws definitely inhibit the "naming and shaming" that a lot of players want Sreegs to do with botters. But CCP is already doing those kinds of connections when tracking down bot and ISK selling rings.

      Delete
  7. Your series on the war on bots and the recent news about Lance Armstrong and the drug use in sports got me to thinking of the obvious similarities between the two. Especially the perception, and human nature to "do that which is obviously wrong" regardless of the eventual consequences due to lax enforcement or other perceptions of being able to get away with it.

    ReplyDelete