All I cared about were some ridiculous notions that CCP's Team Security is infallible. In every topic of conversation, you had some fool claim that if Team Security banned the dude, then he was guilty, no questions need be asked. Even among prominent members of the community. Questions always need to be asked. Authority should always be under a constant state of scrutiny. Team Security does not have a flawless record, to say otherwise is misleading.
Now, I think Team Security does a pretty good job at what they do. But I don't believe they've done so without error. I don't believe they'll continue to do their job without error. That's simply impossible. And to believe that their job is just 1s and 0s, black and white, that if their system pegs you for wrong doing, then there's no possible way it could be mistaken, well, that's wishful thinking.
I am also concerned about the arrogance of Team Security. The impression I get is that they do not like to cop to errors, do not like to own their errors, and seem more likely to let punishments remain than admit to any error. I find this disturbing.
So, there was a good story about a Team Security screw-up last year, involving a dude from Against ALL Authorities, that was floating about the EVE airwaves. This dude has been playing the game for awhile. He'd been a frequent purchaser of ETCs (EVE Time Codes, the only legal method to purchase PLEX.) He'd apparently purchased thousands of dollars in ETCs over his game career. Anyhow, at some point last year he bought a couple characters off the character bazaar. All legal and done according to CCP policies. Further on in the year, Team Security was conducting one of its RMT sweeps. The two characters that the dude purchased were flagged. The dude's accounts were banned, and all his ISK was confiscated. He was never personally involved with RMT, but was unfortunate enough to have purchased characters belonging to someone who at one time was involved in such activity. He appealed. He petitioned. He asked for escalations. But he could get nowhere with Team Security. The security people only saw two accounts that their system had flagged, a crapload of ISK, and thus guilt was declared, the investigation stopped there. But the dude was persistent, he was not going to give up. And he eventually found somebody, outside of Team Security, who decided to look into it a bit themselves. He just wanted someone to compare some datetime stamps. The CCP fellow did so, the dude's claims were worth looking into further. The issue returned to Team Security, where it was eventually determined that the fellow had done no wrong. His accounts were reinstated, all his ISK was returned, and CCP "rewarded" him with a bunch of extra/free time for the trouble and hassle he had to endure.
Now, if this poor fellow had come on EVE's forums to complain about his plight, you'd have had many people calling him a liar, a scammer, a dirty cheat. Some of those same people would have argued that because Team Security had banned and confiscated his wealth, that he was no doubt guilty as hell. That Team Security did not have to explain their actions to him, they did not have to escalate his complaints. They obviously had him dead to rights. People would have said all of that, and they would have been fucking wrong.
Authority needs scrutiny. There shouldn't even be a debate about that.
It seems clear to me, that Team Security is capable of some monumental blunders. Their procedures to catch these blunders were not functioning in the case outlined above.
In searching for false positives (and the "story" above) I came across the following quote by CCP Sreegs:
In every single case we've found where someone was flagged for RMT who shouldn't have been, they were doing something else they shouldn't have been. Not so much a false positive as a positive for the wrong activity.I don't know about any of you, but that statement raises about twenty red flags. Exceptionally disturbing. "We make mistakes, but even our mistakes are righteous." Arrogance piled on top of arrogance.
If that is the case, that's just bad policing. "We didn't get Joe on the murder charges, but we did find a pirated Pretty Woman DVD in his recreation room. It's a darned good thing we put him through the ringer on murder, otherwise we would have never discovered that he was a dirty pirate. Justice served!"
I realize that CCP is a private corporation, and not beholden to ideas such as human rights, expectations against unreasonable search and seizure, that sort of thing. But seriously, maybe just a smidgen of ethics is appropriate? It almost sounds like a witch hunt, 'Dammit, Jim, we couldn't get him on the RMT, he must be guilty of something. Dig. We've got to find anything, otherwise admit to error!" This is probably not what is happening, but it's certainly a valid perception given the optics of Sreegs quote above.
The next bit, before I bring it up, it needs a quick preamble. I do not believe that Team Security has engaged in any wrongdoing at the moment. I do not believe that Team Security requires any investigation at this time.
I've done a bit of asking around. (Though, not via Sreegs, who I do not know how to contact privately.) As far as I can determine, CCP's security department consists of four people. Sreegs is the Director of Security. Two additional employees work on player security issues, and one employee is assigned to internal affairs. All report to Sreegs.
Internal affairs' primary responsibility is to ensure that CCP employees are not engaging in inappropriate conduct with players (i.e., supplying them with unfair advantage, or putting themselves in a position where they can be accused of it.) As far I can tell, the internal affairs job is not full-time, and that employee helps mostly with player security issues (e.g., botting and RMT activities).
Funky Bacon characterized internal affairs as some sort of ninja team, who work outside the purview of CCP Sreegs. Which is not the case at all. The internal affairs guy is just a nerd, not unlike us other nerds, sitting within smile distance of his boss.
To sum up. Team Security is doing a mostly admirable job. Team Security has made some large mistakes in the past. Team Security, like any department, could (and should) work on improving its processes, both in terms of detecting illegal behaviour, and ensuring that false-positives (and claims of such) are taken seriously and investigated diligently.
The security team is made of human beings. Human beings are not infallible. Ergo, the security team is not infallible. To claim otherwise is ridiculous.
ReplyDeleteBut some people feel that their algorithms are infallible.
DeleteIf the algorithm is set to detect activity that persists 23/7 without interruption, would you call it infallible if its purpose was to detect activity that is clearly not human?
DeleteHuman beings need sleep, they need to eat, they need to shit, drink water, and other things that involve them not being at a computer punching keystrokes. There are thresholds at which we can all agree beyond a shadow of a doubt there is no longer a human operating the client. That is how team security is catching people.
My comments on infallibilty have nothing to do with "John". Because John's case is cut-and-dried, does not mean every case is cut-and-dried.
DeleteWhat can be said is that John certainly didn't know he was doing anything illegal. (That's no excuse, though.) He did supply CCP with his code, because he assumed he was in the clear. He wasn't. That he rage quit, is unfortunate (for him, I could not care less), because he would have been allowed to continue playing, but without his "tools of the trade."
Algorithms designed by ... humans. Nothing, no one, is perfect.
DeleteProblem is, people on both sides of the debate were arguing purely because either "CCP can't be wrong! Down with botters!" or "Eve Uni is being unfairly targeted! Look at the delay in removing the ISK!". And, then, of course, you have the people who simply wanted to wade in to laugh about someone else's misfortune (this is Eve Online, after all).
Honestly, it shouldn't have surprised anyone that so many people wanted more transparency (I'm really getting to hate that word these past several years) in the whole process. Hell, when someone gets fired from a job, coworkers like to have *some* idea of why, even when there are laws in place which prohibit the business from saying anything. A little transparency can go a LONG way towards defusing situations like this, but I understand the concern, then, is where to draw the line.
Sreegs has never claimed that their algorithms are infallible. He has only stated that there have been no flagged incidents thus far where a "positive" has not proven to result from some sort of inappropriate player behavior, which may or may not be RMT.
DeleteYou seem to think this is an automated process, when, in truth, it is not. Software tools are indeed used to sort through the database, and to monitor certain types of player activity, but the results are interpreted and investigated further by real people, who happen to have some experience in doing this sort of work. Thus, a "positive" only results when someone, not something, concludes that a player is misbehaving.
"Sreegs has never claimed that their algorithms are infallible."
DeleteI know he hasn't. Sreegs is not an idiot. It's most of the people defending him who are.
Sreegs' statement regarding the absence of false positives pre-dates the Psycho Groupie incident. There were two events: the RMT activity on the characters (which Psycho Groupie later acquired) that the Security team's algorithm flagged (a true positive event), and the actions Security took against the player behind Psycho Groupie et al. characters (a false positive event). Sreegs' use of "someone" is ambiguous, but in the Psycho Groupie instance it makes little sense for "someone" to mean "character" -- the character(s) were correctly flagged as engaged in RMT. So they fail his own qualifying statement ("flagged ... who shouldn't have been"). Therefore "someone" in his statement must mean "player" (when considering the Psycho Groupie incident). Since Security already admitted that the player behind Psycho Groupie was utterly innocent of RMT, I think we can conclude that there has been at least one incident that disproves Sreegs' claim *now*.
Delete'Dammit, Jim, we couldn't get him on the RMT, he must be guilty of something. Dig. We've got to find anything, otherwise admit to error!"
ReplyDeleteThat just made me laugh. On a serious note though, it is disturbing if you get investigated for something, nothing found and they dig to find something, anything to pin on you and find you guilty. That be disturbing.
Agrees with the last paragraph as well.
But yeah seriously…. Who Watches the Watchmen! Humans are far from perfect.
He's mentioned, now about a dozen times, who he answers to and why. You've accepted Kelduum's rant that he "answers to himself" as being true and looked no further.
ReplyDeleteI'll note also that you're expecting more "security and oversight" than most multi-billion fortune 500 companies have. The only 'need' for this seems to be in players sperging out about 'bias' and other insane notions.
He answers to Unifex and Hilmar. Who likely don't have the time or inclination to provide any serious oversight on EVE player problems. In essence, he does answer only to himself.
DeleteHe can answer to himself. That's fine. But it would appear that his arrogance keeps him from investigating more deeply into false-positives (see the story above). And when presented with false-positives, it would appear his response is to find some other illegal activity ... perhaps because too many false-positives will look bad on the quarterly report.
CCP Unifex and Hilmar have both publicly supported the work and integrity of CCP Sreegs and Team Security. And, they obviously disagree with the notion that someone else needs to be watching Team Security (and that someone else needs to be watching the person(s) watching Team Security).
DeleteSomeone always has to have the final word in these matters, and Unifex/Hilmar have stated that this will be CCP Sreegs and Team Security.
Would you prefer that this authority be turned over to CCP Dolan?
Yep. We don't pay forty euros a month for our accounts and shouldn't expect enterprise-class security. But who the hell is claiming enough inside knowledge to know the difference, to know that any other team would have produced a different outcome?
DeleteIf a security team decides that an activity is botting, that team will seize the assets, and not a damned one of us players *or* CSMers knows enough about the situation to gainsay that decision.
http://aggten.blogspot.tw/2012/11/a-premature-ban.html
ReplyDeleteThanks for the link, dude!
DeleteI'm not sure what CCP has to apologize for or what their wrong doing has been in this whole E-uni case. Since we're unable to see specifically what CCP has said to this fellow everything is just hearsay, and while the E-uni guy might simply not have understood what they were saying or might be simply over reacting. But the biggest issue is that since we (players) can only see one side of the conversation people are simply assuming the worst.
ReplyDeleteAgain using this current situation as an example, there really isn't "more information" they really can give him without disrupting their security policy or leaking information that botters could be using.
Take for example if the following happened.
E-uni: Do you have proof he was botting?
CCP: the client does a special check for certain known values that are found in processes running that access the eve cache. When we find these flagged processes we can determine which software the person was using.
Now if that type of information was posted to this user and it was leaked bot writers could circumvent hundreds (thousands?) of hours of development, planning and testing, and would require re-writing a huge portion of their client code used for determining 3rd party software. So as you can see if CCP gives this type of information out it's used against them. That's why responses like We just know he was botting, or we know he was using 3rd party software is all they can say.
And yes, there are always going to be situations where innocent players will get flagged. It's going to happen because of the volume of botters, exploiters, RTM'ers etc. is pretty damn high. And if the last case like this was a year ago, that's not really a bad track record.
And finally CCP's stance on not treating players differently based on who they are (based on their corp/alliance, fame, software they've released, things they have done for the community, etc) is understandable, but is a bit surprising. Yeah it sounds like the right thing to do (yeah were all equal!) but realistically things like this can really help determine if someone was even likely to be involved in a game related illegal activity. If you look at various websites, and other games (even the EveO's forums and their like system) these things have systems for players to build credibility. Essentially these are systems where over time these players build a reputation which can be used to determine if the player was likely to have done something illegal. With systems where you simply have 3 strikes and you're out, or no way to build some level of trust against the software checking for illegal activities everyone is equally suspect, and useful information such as this could be very helpful in fighting false positives. Who's more likely to be botting, the guy who has never said anything in chat, in an NPC corp, zero forum posts, trained directly into a mining ships etc. or the player who actively takes part in chat/forums, several years training skills, and active in all sorts of activities. To security checks, these two people are equal.
"E-uni: Do you have proof he was botting?
DeleteCCP: the client does a special check for certain known values that are found in processes running that access the eve cache. When we find these flagged processes we can determine which software the person was using."
Nobody is asking for that level of detail/transparency.
Actually, Poetic, the actual way it should be is:
DeleteE-Uni" Do you have proof he was botting?
CCP: No, we have no proof, we're literally turning away paying customers because we feel like it. Of course we have proof, you fucking mongoloid. You're just not entitled to it.
You make it sound like Team Security reports to no one and operates completely without supervision, in a secret room of CCP. This is utter nonsense. Team Security reports to CCP management and, as with any other company employees, are responsible for doing their job properly. If they truly were making "monumental blunders", then they would have long since been let go.
ReplyDeleteThe percentage of false positives which result in innocent players being unjustly banned or having ISK/assets confiscated is remarkably low. You mention one incident, by memory, which happened last year. How many incidents do you think that Team Security has handled since then? How many false positives have been made public by irate players? Hmmm?
Fact is, there doesn't appear to have been many "blunders" since your remembered incident. At least, nothing which raised a public outcry until this John business. And, it is pretty clear that this John incident wasn't a false positive. The moron admitted to using scripts to make it easier for him to change orders, at a rate of 30 orders per minute. He was using something outside of the game, in order to gain an unfair advantage in the game - which is against the EULA, regardless if you define his scripts as bots or not.
Consider also that John only got slapped with a temp ban and confiscation of ill-gotten ISK. He did not get slapped with a perma ban. He chose to rage quit. Team Security was actually pretty lenient with this cheater.
So, rather than bash Team Security, you should be applauding their work. No false positive this time - just another real one.
"The percentage of false positives which result in innocent players being unjustly banned or having ISK/assets confiscated is remarkably low."
DeleteI'm sure it is quite low. Doesn't mean the big mistakes are not worth mentioning and/or worthwhile educationally (should we change procedures?)
And it's still disturbing that when presented with a false-positive, they somehow locate other illegal activity (which I would assume would require further investigation, and that the investigation is prompted by the false-postive.)
Poe - your argument might be sound, *if* there were any "big mistakes" worth discussing. Please list them.
DeleteYou tossed up a story of one possible false positive, which happened last year, but, you haven't shown any real evidence that it actually happened as you remember it. Sorry, but hearsay isn't evidence.
The John/E-Uni incident also wasn't a mistake by Team Security. John cheated, E-Uni looked to profit from it - John got appropriately punished, E-Uni's ill-gotten ISK was confiscated. Kelduum wanted more info on something that wasn't his business, and was told "no".
Also, a false positive refers to activity which indicated to be a possible RMT, but turned out to be some other form of illicit player behavior, such as botting. This is what Sreegs means when he says that a false positive really isn't.
Call me naive, but the truly sad thing about this whole situation (at least from the perspective of what has been supplied) is that if EVE Uni really did approach Sreegs with regards to the donation and all they get is a "thanks" for being honest and having the ISK confiscated??
ReplyDeleteI guess honesty doesn't pay in EVE.
Makes me a bit more inclined to find and benefit from the exploits that CCP is kind enough to supply.
I am also confused as how Euni can not be told any info as a third party, when they were the ones that petitioned and had isk removed from their wallet.
Delete"We committed an error in not removing the isk before it got to EVE-U. However we did rectify this problem and our logs show that it was discussed and approved prior to either them receiving the isk or petitioning."
DeleteAhem.
https://forums.eveonline.com/default.aspx?g=posts&m=2601402#post2601402
Sreegs & Co had already decided to remove the ISK prior to the EVE-Uni getting the ISK, let alone petitioning it. They just hadn't (for whatever reason) acted on that decision.
The payment for being honest was "You're not getting banned or having anything bad happen to your account." Had they been dishonest or used the ISK before petitioning, they'd likely be out more than just the botted ISK.
You are naive.
DeleteThis is how things work in RL. Ill-gotten gains will be confiscated, even if you donate them to a church or other charity.
The Robin Hood mentality works in the movies, but not in RL (or EVE).
"I am also confused as how Euni can not be told any info as a third party, when they were the ones that petitioned and had isk removed from their wallet."
DeleteThey were told exactly why the ISK was removed. There is no ambiguity here.
Kelduum was fishing for more information about what was going on between John and CCP, which was none of his business. Per the EULA, matters between CCP and a specific player are confidential.
Honesty pays in EVE, at least in this case. Kelduum did the honest thing in questioning the legitimacy of the ISK, and as a result didn't earn a ban for complicity. He didn't use the ISK to buy assets for himself or for others that would have later been confiscated.
DeleteThose are very practical pay-offs, but more importantly I and others will now think of Kelduum as an honest player who just got a bit whiny, rather than as a likely accomplice of John's.
The whininess, however, rather undercuts the honesty. I and others are now wondering why such a crybaby is still on the CSM, and wouldn't the player base be better served by a second rage-quit?
CCP say removing isk should happen with ban, but not in this case.
ReplyDeleteCCP won't tell players they remove isk base on the time using BOT when they detect at first time. But not in this case.
And CCP keep lying "One Universe // One War".
CCP shows feudal landlord mentality.
ReplyDeleteI thought they were merely a bit lazy in not confiscating immediately, but it has occurred to me that they might have been doing their damned jobs, i.e., tracking other ISK that might have been thought to be related to the illegitimate sum.
DeleteYou know, like competent security investigators would.
i think, on average, the Security team deserves the a level of trust. for every thousand accounts banned, your lucky if you hear of one that was incorrectly banned...
ReplyDeletethat said, i think part of the reason they are usually good is because they have the entire player base watching their moves.
All power deserves oversight.
One point in all of this.
ReplyDeleteWhen properly setup an Internal Affairs person/group/division should only answer to the CEO/Owner. Any layers between IA and Owner is a problem as it introduces a person/group that cannot effectively be investigated.
I do think CCP has a little(lot) of work left to do on setting up command and control