open All Channels
seplocked Market Discussions
blankseplocked [EBANK] Not The Announcement - A Tim Burton Film
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: first : previous : ... 11 12 13 14 [15] 16 17 18 19 ... : last (35)

Author Topic

RAW23
Posted - 2009.11.26 11:33:00 - [421]
 

Originally by: LaVista Vista
So here is me wondering:

Say that the API allowed you to create a key that ONLY allowed to pull the names of the characters on an account. Would it be acceptable if EBANK requested that?



Requesting it would be fine. Demanding it on pain of having one's account balance stolen would not, this constituting blackmail and theft, plain and simple.

LaVista Vista
Conservative Shenanigans Party
Posted - 2009.11.26 11:38:00 - [422]
 

Originally by: RAW23
Originally by: LaVista Vista
So here is me wondering:

Say that the API allowed you to create a key that ONLY allowed to pull the names of the characters on an account. Would it be acceptable if EBANK requested that?



Requesting it would be fine. Demanding it on pain of having one's account balance stolen would not, this constituting blackmail and theft, plain and simple.

Dear Raw23,

Thank you for answering the question, rather than just keep on going "OMFG EBANK IS TRYING TO STEAL FROM ME".

It's great to see that people are truly reasonable and are not just being raging forum *****s.

You have renewed my faith in humanity.

Yours sincerely,
LaVista Vista

Serenity Steele
Dynamic Data Distribution
Posted - 2009.11.26 11:41:00 - [423]
 

Looks like Dominion evemail API addition saves your API key problem.

Simply make a dummy share-holder vote by a placeholder character in EBANK, with the vote "EBANK: You must reply to this message to keep your account active and not risk losing your deposit".

Then when everyone replies, harvest the character names in the evemails using the mail API. Problem solved!

Of course, this doesn't address the issue of people on military leave etc. That could simply be solved by sending the dummy vote every X months and then disable after 2 x X months non-response.

The fully service minded approach is to offer both ;)

RAW23
Posted - 2009.11.26 11:52:00 - [424]
 

Edited by: RAW23 on 26/11/2009 16:21:43
Edited by: RAW23 on 26/11/2009 12:07:43
Edited by: RAW23 on 26/11/2009 12:05:09
Edited by: RAW23 on 26/11/2009 11:55:11
Originally by: LaVista Vista
Originally by: RAW23
Originally by: LaVista Vista
So here is me wondering:

Say that the API allowed you to create a key that ONLY allowed to pull the names of the characters on an account. Would it be acceptable if EBANK requested that?



Requesting it would be fine. Demanding it on pain of having one's account balance stolen would not, this constituting blackmail and theft, plain and simple.

Dear Raw23,

Thank you for answering the question, rather than just keep on going "OMFG EBANK IS TRYING TO STEAL FROM ME".

It's great to see that people are truly reasonable and are not just being raging forum *****s.

You have renewed my faith in humanity.

Yours sincerely,
LaVista Vista


Of course, given that EBANK has so far failed to outline what it is that distinguishes their plan from outright theft (despite the tabling of alternatives by Mme. Pinkerton and by a member of your own board) "OMFG EBANK IS TRYING TO STEAL FROM ME" seems a perfectly reasonable point to dwell on. If you think you can make the distinction, please at least make the attempt. At the moment it seems like you can't even be bothered to try to persuade people that this does not constitute theft.

BTW - If you had an EBANK account but were unwilling to provide your api key (a hypothetical, I know), how would you describe EBANK's actions in taking possession of the contents of your account?

Edit - And as to me being a raging forum ****, if you have a look at my posting history you will find little in the way of trolling or ****tery in general. I have tried to be balanced and reasonable in all my posts, rather than an angry guy shouting abuse. I find it concerning that you guys seem to consider repetition of perfectly valid, unanswered questions to be some kind of personal attack on you as individuals. If this isn't theft, convince me otherwise and I will change my mind. I don't have such an ego driven personality that I cannot countenance the idea that I'm wrong. In fact, I tend to be grateful to people who point out my errors because that is the only way of becoming more correct, or getting closer to the truth about things. I really can have my mind changed so please try.

Leneerra
Minmatar
Sebiestor Tribe
Posted - 2009.11.26 11:54:00 - [425]
 

Should an api key exist that only supplies character names (and corp names and even corp history) then I would accept handing that key over to ebank under duress.
(I would still consider it unethical, but a randsom worth paying for access to my account)

FlameWarrior
Gallente
Hall Of Flame
Chain of Chaos
Posted - 2009.11.26 12:36:00 - [426]
 

so what it's going to happen ??? as this


01/09/2009 399,990,000.00 Pending
31/08/2009 610,184,800.64 Pending

doe it mean i m going to be charge of 5% of this amount of isk i try to withdraw 2months ago ?? or wht is going to happen ?

Ray McCormack
Nordar Innovations.
Posted - 2009.11.26 15:00:00 - [427]
 

Originally by: FlameWarrior
doe it mean i m going to be charge of 5% of this amount of isk i try to withdraw 2months ago ?? or wht is going to happen ?

No, all pending withdrawals will be cancelled before we start the first liquidation withdrawal cycle.

FlameWarrior
Gallente
Hall Of Flame
Chain of Chaos
Posted - 2009.11.26 15:41:00 - [428]
 

so if i m withdrawing the amount on tops right ? will i have to pay 10% or 5% ? fee ?

TornSoul
BIG
Gentlemen's Agreement
Posted - 2009.11.26 16:19:00 - [429]
 

Originally by: Leneerra
Should an api key exist that only supplies character names (and corp names and even corp history) then I would accept handing that key over to ebank under duress.
(I would still consider it unethical, but a randsom worth paying for access to my account)


I would agree to this as well. However, as stated, under duress.


Phelan Votronski
Posted - 2009.11.26 18:18:00 - [430]
 

Originally by: LaVista Vista

That's not to say that it's not intrusive to ask for an API key. But one could use the old "If you don't have anything to hide, then it shouldn't be a problem"-argument.



Uhhhmm yeah right that worked so well for fascist countries...
Rolling Eyes

Just had to quote this little gem. Among the stupidest things said in eve-o this year.

Amaarrah
Posted - 2009.11.26 21:43:00 - [431]
 

Mwaaaaah. Just woke up. Bickering is still on. Wow, best sailormen are always standing on the dockside. Pages of bla-bla-bla with the same song while EBANK gets better and stronger with more tighter tactics to smoke the wheelers-deelers out of the business. Wow. API limited key - a new toy for the same song still wrong tune. Go ahead EBANK flush out the whiners and build up a better transparant banking system. Judging from the number of whining ****s and the EBANK database the people in this thread are a minority. Let them go their part EBANK.... Not worth energy!

P.S. As a professional historian. Phelan Voronsky ... you said fascist? Looked through my Nolte, Kershaw and other notable authors on this historical topic, I can only say, sorry Votronski you better leave history out of this!

Leneerra
Minmatar
Sebiestor Tribe
Posted - 2009.11.27 00:12:00 - [432]
 

you do realize that ccp would have to develop this though right?
good idear alhtough this is not the first time I hear people ask for customizeble api access.

Also alt names + corp would be a very desireble api option for security checks upon joining a new corp.
So there is more than one source of demand for ccp to develop this (no more photoshopped login screens etc).

Jas Dor
Minmatar
Posted - 2009.11.27 04:58:00 - [433]
 

Edited by: Jas Dor on 27/11/2009 05:13:53
Originally by: LaVista Vista
Edited by: LaVista Vista on 23/11/2009 05:36:45
Originally by: Jas Dor


I can see some folks with heavy involvement in EvE politics, for example certain former BoB members, not wanting to disclose their account mains, especially if dropping several billion isk into an account.


What are you trying to say? It looks to me like you are saying that I'm a former BoB member Shocked Yet all characters I own are fully disclosed.


If one of the characters on my account flew a mothership/titan I would be very reluctant to give out my API key under any circumstances.

Does or does not E-Bank have two or more Titan BPO's, researched at at least ME 1 if not higher which E-Bank has engaged in BPC sales to various alliances? Seems to me it would have been a good idea to sell those assets oh I don't know when it leaked the Seleene was working on replacement superweapons a couple months ago.

Clementina
The Scope
Posted - 2009.11.27 05:13:00 - [434]
 

Originally by: Leneerra
you do realize that ccp would have to develop this though right?
good idear alhtough this is not the first time I hear people ask for customizeble api access.



Actually, it sounds like the kind of thing Chribba could develop. I can envision it working like this

(1) Chribba sets up a server that take requests that look exactly like Eve API requests, except they go to like http://www.veldspar.com/api?<whatever> instead, and use a hexidecimal number that is not at all the same as the Eve API key number.
(2) Chribba's server determines if the API request returns resources that the API key owner actually wanted returned. If so, it uses the real API key (Which the API key owner stored ahead of time, and maybe even had encrypted) to request said resources from the real API server. If the API request would return information that the API key owner did not want shared, it does nothing.
(3) Chribba's server returns to the client the information that it got from Eve's API server if it bothered to get any information in step 2. If it did not bother to get any information in step 2, it returns the error message that one would get if one used an API key that was no good.

Ray McCormack
Nordar Innovations.
Posted - 2009.11.27 05:26:00 - [435]
 

If there was a trusted third party that provided a granular level of access to the API like this we would be willing to use them as an alternative to providing us with your Limited API Key - providing certain technical conditions were met.

Dal Thrax
Perkone
Posted - 2009.11.27 05:33:00 - [436]
 

Just a thought on a saying from the real life banking world "your first loss is always your best" or in other words take it on the chin and don't keep shoveling money into a dead deal. About the only thing if value E-Bank can ask for at this point is information, nobody is going to given them isk (other than 0.01 isk offered to establish that an account holder is still active). I think I'll just stand on my first loss and not follow it up with my API key thank you very much.

Clementina
The Scope
Posted - 2009.11.27 06:21:00 - [437]
 

I should say something about the actual announcement.

Should a person give their API key to EBANK, in order to gain access to their money?

Probably not.

Let's be real here, EBANK pretty much lost your money, that or had it stolen outright by grifters like Riddic. The money more or less gone. Some of it never even existed, rather it was unearned interest applied to your account, or Mr Horizontal's especial database entries. Smoke and mirrors are being thrown about about 'maybe' letting people withdraw when the Net Asset Value is high enough in Ray McCormack's estimation. I would not hold your breath.

The stuff about Real Money Traders is more smoke and mirrors. It's calculated to exploit your revulsion concerning that particular form of commerce to make you agree to irrational stuff.

Remember most of the affiliates of this bank scammed and walked away with boatloads of isk. Money was taken by these kats, information will be leaked by them too.
Also Eve banks are pretty stupid, they don't pay enough interest to compensate for the astronomical risk, and can't earn enough money to even pay the interest (Or principle in this particular case) they promise.


LaVista Vista
Conservative Shenanigans Party
Posted - 2009.11.27 06:39:00 - [438]
 

Originally by: Clementina
Originally by: Leneerra
you do realize that ccp would have to develop this though right?
good idear alhtough this is not the first time I hear people ask for customizeble api access.



Actually, it sounds like the kind of thing Chribba could develop. I can envision it working like this

(1) Chribba sets up a server that take requests that look exactly like Eve API requests, except they go to like http://www.veldspar.com/api?<whatever> instead, and use a hexidecimal number that is not at all the same as the Eve API key number.
(2) Chribba's server determines if the API request returns resources that the API key owner actually wanted returned. If so, it uses the real API key (Which the API key owner stored ahead of time, and maybe even had encrypted) to request said resources from the real API server. If the API request would return information that the API key owner did not want shared, it does nothing.
(3) Chribba's server returns to the client the information that it got from Eve's API server if it bothered to get any information in step 2. If it did not bother to get any information in step 2, it returns the error message that one would get if one used an API key that was no good.


Such services already existed. Ix Forres had one, for instance.

cosmoray
Perkone
Posted - 2009.11.27 06:55:00 - [439]
 

Been looking at the EBANK financials today, and what still amazes me is that EBANK was meant to be the safest investment and the BOD would look after your money.

Well it seems the old BOD provided loans (with no collateral requirement) to just about anyone who asked. I mean general newbold is in there, and his was one of the most obvious SCAMS out there.

Investing in Eve is a trust business and EBANK trusted everyone. I would love to know who approved the loans to some of these people (was it all Ricdic?).

RaTTuS
BIG
Gentlemen's Agreement
Posted - 2009.11.27 08:10:00 - [440]
 

Chribba's EvE Board does Character Stuff - I'm Sure if you asked nicely he could [for a price] provide you with Character names for each account - if that is all you want

Vaerah Vahrokha
Minmatar
Vahrokh Consulting
Posted - 2009.11.27 08:52:00 - [441]
 

Originally by: Ray McCormack
If there was a trusted third party that provided a granular level of access to the API like this we would be willing to use them as an alternative to providing us with your Limited API Key - providing certain technical conditions were met.



I don't think it's hard to do this, but who is going to do this? In case good old Chribba is unavailable, it's clear that people don't trust EBANK but... who would they trust then?

Keiko Shizuka
Posted - 2009.11.27 11:11:00 - [442]
 

Originally by: RaTTuS
Chribba's EvE Board does Character Stuff - I'm Sure if you asked nicely he could [for a price] provide you with Character names for each account - if that is all you want


The more time passes the more I get the feeling that certain people in EBANK really do want the Limited API and won't accept any substitute no matter what, showing zero interest in even investigating compromises or alternate solutions. The possible reasons for that peculiar behavior worry me.

Vladimir Frye
Posted - 2009.11.27 18:14:00 - [443]
 

So I see now that I can't even see if I still have money left in my account until I hand over a set of API keys. E-Bank has proven themselves to be liars, cheats and thieves. Now you add extortion to the list. All in the name of "RMT Protection". Perhaps you'll add that it helps protect our children to that BS excuse as well.

I have a better idea: NO. You've already proven yourselves untrustworthy. You get nothing more from me. I trusted you with my ISK while I was away from the game for a few months and look what it got me. Your trust factor is zero and I believe your stated reasons as much as I believe the rest of your lies.

On August 25th when you initiated your masterful scam, I had 714,237,593.81 in my account. Steal away E-Bank..

Ishina Fel
Caldari
Terra Incognita
Intrepid Crossing
Posted - 2009.11.27 22:13:00 - [444]
 

I'm not entirely sure what the issue with the API key is...

So EBANK can see who my alts are. Big deal, the only times I even post with them is when I'm at a public computer where my default character settings aren't saved and I forget to select the right one manually.

Of course, if you create alts for the express purpose to make an arse of yourself in the anonymity of the net... heh, then you will see no sympathy from me Laughing Mind, not like EBANK would even /care/ what you do with your alts, I would imagine they got better things to do than to amuse themselves over a game of "who is who on CAOD".

So EBANK can see what skills I have and what I am training. Big deal, send me an ingame mail and I'll happily tell you. This information is relevant or even interesting to anyone how?

This whole thing is about as much of an outrage as being asked to provide a legit photo ID when going to an IRL bank and opening an account there. Oh no, that ID has your EYE COLOR on it! The sheer scale of possible abuse of that information is... oh wait Laughing

API key provided, works as intended - good luck on the restoration process, EBANK team.

Breaker77
Gallente
Reclamation Industries
Posted - 2009.11.27 22:26:00 - [445]
 

Originally by: Ishina Fel
I'm not entirely sure what the issue with the API key is...


They can find out your alts, what corp/alliance they are in, and what skills you have.

So you can no longer have that unknown Titan pilot that is also senior director in [insert name of major alliance].

No one gives a **** about forum whoring with alts, it's the privacy of not having people running locator agents on your alt waiting for him to log on to get a Titan KM.

Ishina Fel
Caldari
Terra Incognita
Intrepid Crossing
Posted - 2009.11.27 22:28:00 - [446]
 

Thanks - I will keep this in mind whenever I'll log onto my Titan pilot Wink

Phoebe Halliwel
Posted - 2009.11.27 23:58:00 - [447]
 

Originally by: Ray McCormack
If there was a trusted third party that provided a granular level of access to the API like this we would be willing to use them as an alternative to providing us with your Limited API Key - providing certain technical conditions were met.



Is that an "if/maybe" or will Ebank actually take steps and approach people?

If Chribba is unavailable, perhaps there are others that may be willing. I don't know whether TS would want to get involved with this, but he has acquired a reputation for being a stickler for the rules (no offence intended). A few others spring to mind. Obviously 100% won't be satisfied either way but if Ebank is indicating a willingness to negotiate a little to uphold its new security policies it's a step that should appease some investors. At which point it would be nice to see other reputable MD ppl step up and actually use that rep to help the community. Maybe a bit optimistic, but worth asking.

Tegeran
Posted - 2009.11.28 03:35:00 - [448]
 

I don't want to wade too deep in this mess, but I thought I'd offer up possible compromise for people to fight over.

If, instead of giving plain-text names, a proxy gave a strong, appropriately- (and randomly-) salted cryptographically-secure hash for each alt and standing name, it would make it reasonably easy for EBANK to discover if someone's alts match a list of "known-bad" characters, while making it infeasible to discover the name of "innocent" (well... un-caught) alts.

Assuming, for sake of example, that the hashes were 40,000-pass SHA512 and had a salt that made precomputation infeasible (several bytes, at least), and that EBANK had 10,000 alt hashes, it would take at least 160-200 CPU seconds on modern hardware to compare a given character name against the entire database. Pretty feasible to run whenever someone "signs up", or when you have a confined set of "suspects" (assuming you've got a couple of CPU cores, dump 50 names into the queue and go have lunch).

But if you're trying to divine the names of every alt of every person with an EBANK account, you'd either be doing a brute-force search (completely impractical), or dumping the name of every character you can find into the queue. If you had, say, 50,000 character names, it'd take at least two weeks with 8 cores going flat-out 24/7. Then you have the difficulty of actually assembling the list...

And these numbers can be tweaked... No reason you can't do 100,000 passes of the hash algorithm, for example, but at some point you do make signup checks impractical.

Anyway, just a thought...

Catarrh Ague
Posted - 2009.11.28 04:17:00 - [449]
 

Ray,

I note the following from section 8 of the EBANK Terms and Conditions:

•EBANK reserves the right to modify this document at any time, but will ensure that any negatively affected customer's [sic] will be notified in advance and given the option to remove all funds from their EBANK account as a direct result of those negative changes.

I was not notified of the requirement to provide my limited API prior to the institution of this requirement. I hereby call upon EBANK to fulfill this provision of the EBANK Terms and Conditions and return all monies that I have on account with EBANK.

Best regards,
Catarrh

SetrakDark
DarkCorp Citizens Holdings
DarkCorp Citizens
Posted - 2009.11.28 04:21:00 - [450]
 

Originally by: Catarrh Ague
Ray,

I note the following from section 8 of the EBANK Terms and Conditions:

•EBANK reserves the right to modify this document at any time, but will ensure that any negatively affected customer's [sic] will be notified in advance and given the option to remove all funds from their EBANK account as a direct result of those negative changes.

I was not notified of the requirement to provide my limited API prior to the institution of this requirement. I hereby call upon EBANK to fulfill this provision of the EBANK Terms and Conditions and return all monies that I have on account with EBANK.

Best regards,
Catarrh


rofflemao


Pages: first : previous : ... 11 12 13 14 [15] 16 17 18 19 ... : last (35)

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only