Pages: [1] 2 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 3 post(s) |
Seripis Chiktor
Amarr Cypher Industries.
|
Posted - 2011.03.25 18:54:00 -
[1]
Im wondering how they will get past the practicality of utilizing a authenticator.
1: they can be cloned 2: You will loose players if we have to purchase a item to play the game. 3: the security of this type of device is antiquated. 4: How will you handle people who pay for multiple accounts. 5: I often play from home work and while I'm traveling. I'm not toting some chip around with me just so i can do a skill check.
IP addresses. The ip address setup is worthless. Its easy to ghost an IP and fool this. These whole security measure setup is outdated. It seems more of scare tactic. I want measures in place that work. Not something that is going to catch the idiots.
Macros a macro setup is separate from eve-online install meaning you cannot disable it or punish some one for having it on their computer. Because technically you have no way of proving these macros are being used.
To be honest Im disappointed in todays security brief. you have said a lot of fluff about this. But nothing that is a true and functional security method.
The only true way to prevent this is a motivational approach. Humanity is based on one simple concept We will always take the easiest route with the most gain. So close the gap between traditional methods in game and the bots. Make the rewards in game for doing it the right way the same or better than doing it the wrong way.
Seripis.
Seripis Chiktor Cypher Industries |
Red DragonZA
|
Posted - 2011.03.25 19:04:00 -
[2]
Ditto!
A note on IPs. In countries like South Africa IPs are dynamic. So, you log on... and reset your router.. and presto.. you have a new IP address.
Therefore IP tracking will not really work.
|
Reiisha
EVE University
|
Posted - 2011.03.25 20:11:00 -
[3]
Originally by: Seripis Chiktor Im wondering how they will get past the practicality of utilizing a authenticator.
1: they can be cloned 2: You will loose players if we have to purchase a item to play the game. 3: the security of this type of device is antiquated. 4: How will you handle people who pay for multiple accounts. 5: I often play from home work and while I'm traveling. I'm not toting some chip around with me just so i can do a skill check.
IP addresses. The ip address setup is worthless. Its easy to ghost an IP and fool this. These whole security measure setup is outdated. It seems more of scare tactic. I want measures in place that work. Not something that is going to catch the idiots.
Macros a macro setup is separate from eve-online install meaning you cannot disable it or punish some one for having it on their computer. Because technically you have no way of proving these macros are being used.
To be honest Im disappointed in todays security brief. you have said a lot of fluff about this. But nothing that is a true and functional security method.
The only true way to prevent this is a motivational approach. Humanity is based on one simple concept We will always take the easiest route with the most gain. So close the gap between traditional methods in game and the bots. Make the rewards in game for doing it the right way the same or better than doing it the wrong way.
Seripis.
1: You need the id of the token aswell as the associated account, and find out the algorythm used - Either way it makes it a lot harder for anyone to hack into your account. Even Blizzard with it's 12m+ subscribers is still relatively safe, the only time it was hacked was with a man in the middle attack (which was hard to do in the first place).
2: They specifically said it won't be mandatory. It prolly won't be anyway unless CCP wants to charge people for the token, which i suspect they won't do (yet).
3: What's a better 2+factor method that's easy to implement and cheap?
4: Either link the token to multiple accounts or introduce a master account. Multiple tokens are possible but a little inconvenient.
5: You're already toting a laptop around, a token which is 200 times smaller might still fit in that briefcase/bag.
On IP's: Spoofing them requires knowing what IP is connected to what account in the first place. If you don't have that information you'll still generate at least one entry with the false IP. That, and iirc spoofing only works with udp, tcp packets don't work with it.
You mention that it should be just as easy to 'win' in the game as doing it by cheating. The problem is, bots are a method of playing the game without playing it. You're basically suggesting that people pay for a game they don't actually play, as they can generate infinite isk by doing absolutely nothing aside from logging in. You can't beat that, and most importantly, there will ALWAYS be people who LIKE cheating, regardless of it's reward, because they like griefing or whatever.
Of course i'll be branded a CCP fanboy for saying this, but the security people have put a lot more thought into this than you make it sound like. You're criticizing the methods without offering any (viable) alternatives - That, and Blizzard having set the precedent on how to implement this kind of account security somewhat successfully over 12 million customers, CCP doing the same (and more!) should be much better than them doing nothing at all.
"If you do things right, people won't be sure you've done anything at all"
|
Seripis Chiktor
Amarr Cypher Industries.
|
Posted - 2011.03.26 17:54:00 -
[4]
im disappointed because the people at CCP normally hold them self to higher standards than blizzard. Why do they not do this now?
and a laptop is a tool i utilize for work. This thing would be something extra to hang around and most likely get lost. Seripis Chiktor Cypher Industries |
SIR PRIME
Minmatar FireStar Inc Majesta Empire
|
Posted - 2011.03.29 20:43:00 -
[5]
Its one authenticator to cover all your accounts from the questions we asked after the brief.
Its far better than the current system.
About the only people that really should have a problem with this are account sharers ... and thats against the Eula anyway.
If you have a better idea/method then you can mail them as per the address they gave out in the briefing - if not stop emoing.
|
Ehrine Ashbark
Lyrus Associates The Star Fraction
|
Posted - 2011.03.29 21:03:00 -
[6]
One of the main points of this addition is to help defend against phishing and keylogger attacks, both of which rely on capturing your password which isn't enough when you're using 2-factor.
As someone else said (and CCP said in the brief if you were paying attention), you'll only need one token for all your accounts (as you just tie the accounts to the same token).
As for the IP thing, the main aim there is, again, to catch people logging in from elsewhere. If you log in from an IP in africa, then 5 minutes later from Canada, something fishy is going on. Sure, it won't stop someone really determined, but like most security methods it'll stop the majority of people from being able to break in (which deals with the bulk of the issue). If it's hard enough to do, people will target other things. Hell, lets be honest here, if they could break tokens easily they'd target WoW accounts rather than Eve accounts as there's far more money to be made by flogging stuff on eBay there ;)
|
|
CCP Adida
C C P C C P Alliance
|
Posted - 2011.03.30 20:10:00 -
[7]
Moved from Events and Gatherings.
Adida Community Rep CCP Hf, EVE Online
|
|
Voogru
Gallente Massive Damage We Are John Galt
|
Posted - 2011.03.30 20:16:00 -
[8]
Quote: On IP's: Spoofing them requires knowing what IP is connected to what account in the first place. If you don't have that information you'll still generate at least one entry with the false IP. That, and iirc spoofing only works with udp, tcp packets don't work with it.
It also requires a sending packets from a network that is not secured against UDP spoofing.
|
Kara Sharalien
Gallente Federal Navy Academy
|
Posted - 2011.03.30 20:53:00 -
[9]
Originally by: Seripis Chiktor This thing would be something extra to hang around and most likely get lost.
Then don't use it. I've been begging CCP to implement them for years instead of adding random restrictions to passwords, and would like to extend a huge e-grouphug to all at CCP involved in bringing them to us.
But not to you Seripis. You are not invited to the hug.
|
Aineko Macx
|
Posted - 2011.03.30 21:06:00 -
[10]
Originally by: Red DragonZA A note on IPs. In countries like South Africa IPs are dynamic. So, you log on... and reset your router.. and presto.. you have a new IP address.
Therefore IP tracking will not really work.
You are naive to think they'd do it on a single IP by IP basis. Instead, you do it by network (usually your ISP), which can be trivially obtained by doing a reverse DNS lookup. That would still allow an attacker to access it from an authorized network (given the size of ISPs these days not a far fetched scenarios), but would deter access from completely different network (say, a .cn domain when you are at .comcast.com). Sure, this can also be circumvented by additional means like using a hacked machine inside a trusted network as relay, but its an additional step. CCP is not after absolute security. At the current size of the customer base it is about reduction of incidents, and that can be obtained by such a method. And the keyfob btw. ________________________ CCP: Where fixing bugs is a luxury, not an obligation. |
|
Zircon Nalelmir
|
Posted - 2011.03.30 21:24:00 -
[11]
ITS OPTIONAL YOU ***GOTS.
|
Kara Sharalien
Gallente Federal Navy Academy
|
Posted - 2011.03.30 21:27:00 -
[12]
Originally by: Zircon Nalelmir ITS OPTIONAL YOU ***GOTS.
You are invited to the hug.
|
Zircon Nalelmir
|
Posted - 2011.03.30 21:31:00 -
[13]
Originally by: Kara Sharalien
Originally by: Zircon Nalelmir ITS OPTIONAL YOU ***GOTS.
You are invited to the hug.
Thanks man.
|
Sekket
Caldari White-Noise
|
Posted - 2011.03.30 23:04:00 -
[14]
Edited by: Sekket on 30/03/2011 23:07:12
Originally by: Reiisha
3: What's a better 2+factor method that's easy to implement and cheap?
Generate and store an RSA cert on the client in the secure certificate store. If it's not present, require the user to provide the answers to his security questions.
/former2factorauthenticationprogrammer
|
Vincent Athena
|
Posted - 2011.03.30 23:07:00 -
[15]
"So close the gap between traditional methods in game and the bots. Make the rewards in game for doing it the right way the same or better than doing it the wrong way. "
Can you give a detailed example?
|
Kara Sharalien
Gallente Federal Navy Academy
|
Posted - 2011.03.31 04:08:00 -
[16]
Originally by: Sekket Edited by: Sekket on 30/03/2011 23:07:12
Originally by: Reiisha
3: What's a better 2+factor method that's easy to implement and cheap?
Generate and store an RSA cert on the client in the secure certificate store. If it's not present, require the user to provide the answers to his security questions.
/former2factorauthenticationprogrammer
>>implying that security questions are more secure and/or less annoying then a dongle that generates psudo-random passwords
|
Jonathon Silence
Thorny Rose Enterprises
|
Posted - 2011.03.31 04:18:00 -
[17]
Originally by: Sekket Edited by: Sekket on 30/03/2011 23:07:12
Originally by: Reiisha
3: What's a better 2+factor method that's easy to implement and cheap?
Generate and store an RSA cert on the client in the secure certificate store. If it's not present, require the user to provide the answers to his security questions.
/former2factorauthenticationprogrammer
Not sure if an RSA cert is any different from any other SSL cert in any way, but it is trivial to script the export of a cert from a PC. If a key logger or other software has been installed it would not be much work to add teh functionality to copy the sert from the store on the pc and send that back to the Command and control server.
As most people still run as local admin with UAC turned off I am pretty certain that accessing the Secure Cert store would not be that difficult either. Not entirely sure on this as I do not work with the Secure Cert store that often.
Jonathon Silence
|
Miso Hawnee
|
Posted - 2011.03.31 05:14:00 -
[18]
Originally by: Seripis Chiktor
The only true way to prevent this is a motivational approach.
Seripis.
I live in a van, down by the river...
|
Taedrin
Gallente The Green Cross Controlled Chaos
|
Posted - 2011.03.31 05:26:00 -
[19]
Originally by: Red DragonZA Ditto!
A note on IPs. In countries like South Africa IPs are dynamic. So, you log on... and reset your router.. and presto.. you have a new IP address.
Therefore IP tracking will not really work.
Dynamic IP addresses are not random. You are assigned an IP address from an allocated pool given to your ISP to hand out. IANA (The Internet Assigned Numbers Authority) assigns IP addresses to Regional Internet Registries, who in turn hand out IP addresses given to them by IANA to ISPs.
See here for the (almost completely filled up) IPv4 address space. As you can see, IP addresses have a very vague geographical location. assigned to them. You can increase the accuracy of the geographical location of an IP address by using geolocation techniques. These techniques look at your ISP, and how your ISP distributes IP addresses to their customers. They hand out certain ranges of IP addresses to customers served by certain routers. FURTHERMORE, you can do a traceroute of an IP address to give a reliable geographic location by parsing the names of the router's domain names.
Hackers can NOT "spoof" this in two way, secure communication. I have yet to hear a valid argument on how this can easily be countered by hackers. ----------
Originally by: Dr Fighter "how do you know when youve had a repro accident"
Theres modules missing and morphite in your mineral pile.
|
|
CCP Sreegs
|
Posted - 2011.03.31 09:41:00 -
[20]
Edited by: CCP Sreegs on 31/03/2011 09:47:25 Edited by: CCP Sreegs on 31/03/2011 09:41:35
Originally by: Voogru
Quote: On IP's: Spoofing them requires knowing what IP is connected to what account in the first place. If you don't have that information you'll still generate at least one entry with the false IP. That, and iirc spoofing only works with udp, tcp packets don't work with it.
It also requires a sending packets from a network that is not secured against UDP spoofing.
Spoofing IPs is almost a myth and can only be accomplished if you're pretty much on the same network as the guy you want to spoof.
:edit: The upstream path, but I'm trying to keep it simple
:edit2: the guy above me actually explained it better |
|
|
|
CCP Sreegs
|
Posted - 2011.03.31 09:54:00 -
[21]
Originally by: Seripis Chiktor Im wondering how they will get past the practicality of utilizing a authenticator.
1: they can be cloned - What makes you think this? It's not trivial to do. 2: You will loose players if we have to purchase a item to play the game. - They don't have to 3: the security of this type of device is antiquated. - Provide more input please. What do you consider to be "cutting edge"? 4: How will you handle people who pay for multiple accounts. - As I said it will work across them 5: I often play from home work and while I'm traveling. I'm not toting some chip around with me just so i can do a skill check. - Then don't get one
IP addresses. The ip address setup is worthless. Its easy to ghost an IP and fool this. - This is a terribly wrong statement regarding the ghosting. These whole security measure setup is outdated. It seems more of scare tactic. I want measures in place that work. Not something that is going to catch the idiots. - Please give me some examples of solutions that you think will work. What I see so far is you declaring that good solutions are bad without any feedback other than "I think it's bad" which could lead one to believe that you have no idea about what you're talking about.
Macros a macro setup is separate from eve-online install meaning you cannot disable it or punish some one for having it on their computer. Because technically you have no way of proving these macros are being used. - Not true.
To be honest Im disappointed in todays security brief. you have said a lot of fluff about this. But nothing that is a true and functional security method. - You just spent a post detailing a small portion of the true and functional security methods we said we're implementing then saying we didn't give any. Which is it?
The only true way to prevent this is a motivational approach. Humanity is based on one simple concept We will always take the easiest route with the most gain. So close the gap between traditional methods in game and the bots. Make the rewards in game for doing it the right way the same or better than doing it the wrong way.
Seripis.
I put my responses in line because I have no idea how better to do so |
|
Eyeama Spy
|
Posted - 2011.03.31 11:10:00 -
[22]
Just gotta love forum warriors, ccp goes to the trouble to hire a security team that knows their business and a load of tards on the interweb think they know the subject better then the experts. I hope that they all use bots and get banned.
|
Skippermonkey
Suddenly Ninjas Tear Extraction And Reclamation Service
|
Posted - 2011.03.31 11:24:00 -
[23]
if only stupidity on the forums gave out killrights in game...
(but then, i'd be podded repeatedly)
:p WHALE STEAK IS TASTY :) but i didnt get to eat the puffin :( |
yumike
|
Posted - 2011.03.31 11:37:00 -
[24]
Originally by: Seripis Chiktor 1: they can be cloned
Not really, Or at least - not feasibly. The only way they are typically "broken" are either via losing control of attached email and removing & re-attaching a new one) Or if the keylogger on your system is active, and sub ~2minutes or whatever the timeout is the hacker uses the login password and auth key.
Originally by: Seripis Chiktor 2: You will loose players if we have to purchase a item to play the game.
Why would you ever assume "extra security" would be *required*? Of course its optional, You shouldn't insinuate otherwise.
Originally by: Seripis Chiktor 3: the security of this type of device is antiquated.
I somewhat agree, And i'll personally never use any sort of authenticator for any game I play since its just more hassle and one more thing for me to lose.
Originally by: Seripis Chiktor 4: How will you handle people who pay for multiple accounts.
A fair question. Likely via a 'master' account sort of system.
Originally by: Seripis Chiktor 5: I often play from home work and while I'm traveling. I'm not toting some chip around with me just so i can do a skill check.
Don't buy one.. then?
Originally by: Seripis Chiktor The ip address setup is worthless. Its easy to ghost an IP and fool this.
...No. Until you learn something about BGP and how networking is done, It's not possible to spoof a working ip address. I can send you snail mail with whatever address I want on it, Spoofing any real address.. But I can never get a response from you - the internet works the exact same.
Originally by: Seripis Chiktor These whole security measure setup is outdated. It seems more of scare tactic. I want measures in place that work.
You've already proven you know nothing, Which isn't a big deal (Not everyone knows much about network engineering.. its not a requirement in todays society.) But it all strips you of the ability to try and call them out for using "measures that dont work"
I'll stop.. for now.
|
Florestan Bronstein
Amarr Taishi Combine
|
Posted - 2011.03.31 11:38:00 -
[25]
Edited by: Florestan Bronstein on 31/03/2011 11:43:21
Originally by: CCP Sreegs a macro setup is separate from eve-online install meaning you cannot disable it or punish some one for having it on their computer. Because technically you have no way of proving these macros are being used. - Not true.
would like some more elaboration on the answer to this question, please.
Server-side detection can never provide "proof" (only indication - you can conclude that no single human player can mine 23/7 for several days without interruption but that's no positive proof that this account is indeed run by a bot, it just makes a bot the most likely explanation for the observed behavior) and I don't see any compelling reason why it shouldn't be possible to write a bot that won't raise any flags server-side.
Why not just record a couple dozen of real game sessions and make the bot interpolate between them? there is no law that says a bot has to run 23/7 and do just one task - I am sure bot writers will eventually become more creative (e.g. why not pull random text snippets from the web and have the bots chat with each other during their "mining op"?).
And I have no clue how one would build client-side detection that actually works - it will always come down to shoving EVE into some sort of VM and running the macro from outside the VM. You don't allow EVE to run under VMWare Workstation/VirtualPC/... - botters move to bare metal hypervisors; you try to prevent EVE from running on these, botters will start to investigate "Blue Pill"-like techniques.
If malware can have the capability to hijack a running system and install a hypervisor below it without anyone noticing - how are you going to prevent this from happening with the user's consent?
Do you want prevent people from running any form of remote access software on the PCs they run EVE on? If not, why not just run the bot on another machine than the EVE client?
Without use of Trusted Computing-like techniques how can you reliably detect/prevent bots client-side?
Maybe you feel confident that you can detect all bots currently out there - but I simply don't see how you can feel confident that you are in principle able to detect bots. (You could hire an awful lot of GMs and have them perform Turing tests but even that is imo only a temporary solution)
|
Mara Rinn
|
Posted - 2011.03.31 11:48:00 -
[26]
Originally by: Florestan Bronstein Server-side detection can never provide "proof" (only indication - you can conclude that no single human player can mine 23/7 for several days without interruption but that's no positive proof that this account is indeed run by a bot, it just makes a bot the most likely explanation for the observed behavior) and I don't see any compelling reason why it shouldn't be possible to write a bot that won't raise any flags server-side.
What advantage is there in running a bot which is indistinguishable from a human? Why would you pay for that bot rather than buy a plex?
-- [Aussie players: join ANZAC channel] |
RaTTuS
BIG Gentlemen's Agreement
|
Posted - 2011.03.31 11:50:00 -
[27]
if it looks like a badger, if it smells like a badger, if it plays like a badger, if it feels like a badger, is it in fact a dog
--
Join BIG
|
Florestan Bronstein
Amarr Taishi Combine
|
Posted - 2011.03.31 11:52:00 -
[28]
Edited by: Florestan Bronstein on 31/03/2011 11:56:20
Originally by: Mara Rinn
Originally by: Florestan Bronstein Server-side detection can never provide "proof" (only indication - you can conclude that no single human player can mine 23/7 for several days without interruption but that's no positive proof that this account is indeed run by a bot, it just makes a bot the most likely explanation for the observed behavior) and I don't see any compelling reason why it shouldn't be possible to write a bot that won't raise any flags server-side.
What advantage is there in running a bot which is indistinguishable from a human? Why would you pay for that bot rather than buy a plex?
because you can?
With use of different PCs, internet connections/VPNs, credit cards, ... you could of course run several of these bots in parallel.
(I have studied quite some time in an environment in which any computer-assisted proof was deemed to be highly unsatisfactory because you practically can't prove that the hardware used to derive it is in fact 100% bug-free - if you haven't done it, you should try some mathematics, it can really change your perception of ideas like "truth", "proof", "certainty")
|
Grimpak
Gallente The Whitehound Corporation Frontline Assembly Point
|
Posted - 2011.03.31 12:18:00 -
[29]
Originally by: RaTTuS if it looks like a badger, if it smells like a badger, if it plays like a badger, if it feels like a badger, is it in fact a dog
no, it's a cat. ---
Quote: The more I know about humans, the more I love animals.
ain't that right. |
Mara Rinn
|
Posted - 2011.03.31 12:26:00 -
[30]
Originally by: Florestan Bronstein because you can?
With use of different PCs, internet connections/VPNs, credit cards, ... you could of course run several of these bots in parallel.
Does that get you some sort of advantage over normal game play?
Quote: I have studied quite some time in an environment in which any computer-assisted proof was deemed to be highly unsatisfactory because you practically can't prove that the hardware used to derive it is in fact 100% bug-free
I, too, have done first year Software Engineering. I have mathematically proven the correctness of code, and undersrand how one would try to outsmart themselves. What I am asking is why, and what benefit would one hope for when there is no net gain.
I was hoping for something like "so I have a scout I trust" raher than "because." ;) -- [Aussie players: join ANZAC channel] |
|
|
|
|
Pages: [1] 2 :: one page |
First page | Previous page | Next page | Last page |