open All Channels
seplocked EVE New Citizens Q&A
blankseplocked Surviving the Full API Check...
 
This thread is older than 90 days and has been locked due to inactivity.


 
Author Topic

Stonewall Bigot
Posted - 2010.12.18 21:57:00 - [1]
 

ok here's the situation: have my main char ready to apply to a certain corp in a certain 0.0 alliance, but have recent donations from a friend of mine who's formerly associated with another 0.0 alliance hostile to the one I'm joining. Does full API code give access to transactions/journals several months back, or just the last 'insert number' transactions/jorunal entries.
Also want to know if you board an empty ship, will that show up on the API check?

Louis deGuerre
Gallente
Malevolence.
Posted - 2010.12.18 22:03:00 - [2]
 

APIv2 Page Index

Wallet Transactions are visible with full key.

Board an empty ship ? Neh.

Stonewall Bigot
Posted - 2010.12.18 22:19:00 - [3]
 

So, how far back does it check the journal/transactions?

Akita T
Caldari Navy Volunteer Task Force
Posted - 2010.12.18 22:46:00 - [4]
 

It's really simple...
If you can see the transactions in-game in the journal, they can see them with the full API key.
If you can't see them there, they can't see them via API either.

debbie harrio
Posted - 2010.12.19 02:26:00 - [5]
 

Any corp that asks me for a full api can sling their hook.

It reveals far too much information to be given out willy nilly and can be abused to easily.

limited api I have no problem with.

Join another corp, only Noobs give out their full api.

Abdiel Kavash
Caldari
Paladin Order
Fidelas Constans
Posted - 2010.12.19 03:07:00 - [6]
 

Originally by: Akita T
If you can see the transactions in-game in the journal, they can see them with the full API key.

I don't think so. The transaction API will show only the last week of transactions (unless it got stealth changed in the last month or so). You can see entries years old in game (set the "to date" to a date in the past).

Akita T
Caldari Navy Volunteer Task Force
Posted - 2010.12.19 04:35:00 - [7]
 

Originally by: Abdiel Kavash
I don't think so. The transaction API will show only the last week of transactions (unless it got stealth changed in the last month or so). You can see entries years old in game (set the "to date" to a date in the past).

The stuff I can see in-game WITHOUT manually altering the "end date" is exactly the same stuff spit out as CSV by the API.
You know... http://api.eve-online.com/char/WalletJournal.csv.aspx?userID=<ID>&apiKey=<fullkey>
In my case, it's 195 items, oldest one being a CSPA charge on 2010-09-28 00:45:00.

The API has an additional limitation of only serving up to 1000 items per "call", and if you want to get older data, you need to also add "&beforeTransID=<transactionID>" at the end to get to earlier items (but you have to wait one hour for that after a read).
Allegedly though, the server does throw an error if you try to grab data that's more than a week old.
It will however happily serve you data 2 months old from the first go if you don't have more than 1000 entries before then, as you can clearly see from my example above.

Meh, it's a bit freaky Smile

Abdiel Kavash
Caldari
Paladin Order
Fidelas Constans
Posted - 2010.12.19 11:30:00 - [8]
 

Interesting. So it will give you access (including journal walking) to either the last 1000 transactions, or the last week's transactions, whichever is more?


In any case, recently I had to go through corporation wallet logs back until around April/June looking for some stuff. The wallet receives about a dozen transactions daily. From what I understand, I highly doubt the API would allow me to view that info. I didn't have any problems doing that in-game. That's what I was refering to above.

Mal Lokrano
Gallente
The Executives
Executive Outcomes
Posted - 2010.12.19 11:53:00 - [9]
 

They may make a big deal of it, but most likely not. Considering on how often isk transfers are made and how many people have friends in rival alliances, it would only become a big deal if it happens often. Especially if there are other factors raising their suspicious anyhow.

And considering he is formally associated, most 0.0 alliances will not dig that far unless there is good reason too. If the 0.0 corp is any halfway decent, they will vette their recruits but they will also be busy too, and going through a thousand log entries and checking every character associated with them will prolly not happen often as it is time consuming and plainly boring.

Especially if this friend is not notable for anything big, as most alliances in 0.0 have several hundred to several thousand members, and hundreds (if not thousands) of former members. This means unless he/she is a big name character, they would likely even be less noticed by recruiters.

So I wouldn't worry about it, just be honest and forthcoming, and try to be chill with your recruiter and new corp members and you'll likely merge fine even with the isk transfers.

Kyoto Luyi
Posted - 2010.12.19 13:19:00 - [10]
 

Originally by: debbie harrio
Any corp that asks me for a full api can sling their hook.

It reveals far too much information to be given out willy nilly and can be abused to easily.

limited api I have no problem with.

Join another corp, only Noobs give out their full api.


I fully support this product or message Razz

Mordus Sith
Kickurass Industries
Posted - 2010.12.19 14:47:00 - [11]
 

Originally by: Mal Lokrano
If the 0.0 corp is any halfway decent, they will vette their recruits but they will also be busy too, and going through a thousand log entries and checking every character associated with them will prolly not happen often as it is time consuming and plainly boring.




tbh I doubt some corps, especially many in the NC, bother to check API at all, considering how notoriously easy it's generally thought to be to insert spies there.

On the other hand, I happened to come across a tusker recruitment post a while back, linking to the recruitment section of their forums. They have some sort of full API process that takes weeks judging by the threads I've looked at, which suggests they sift through every little detail line by line. Recruits are expected to take any alts they have out of any other corporations, and they have to sever all ingame ties even with RL friends, even if they're in some 0.0 outfit that has no contact with tuskers. I'm pretty sure they have to divulge some RL info also.

But imho it's not worth giving out that much info, especially to a corp that seems to enjoy the sound of their own typing on forums and blogs more than the actual game ;)

Man Barthelme
The Tuskers
Posted - 2010.12.22 04:47:00 - [12]
 

Edited by: Man Barthelme on 22/12/2010 04:50:44

Sorry for this off-topic reply, but since the original question has been answered already, I hope you will forgive me. I just want to address some misstatements:

Originally by: Mordus Sith
On the other hand, I happened to come across a tusker recruitment post a while back, linking to the recruitment section of their forums. They have some sort of full API process that takes weeks judging by the threads I've looked at, which suggests they sift through every little detail line by line.

Like many corporations The Tuskers do investigate the backgrounds of potential recruits to the best of our ability (including a detailed look at API info), but while a few applications do take some time to process, delays are practically never due to the API portion of the app, and an API check alone has never taken "weeks" unless an applicant was out of communication for some reason and did not quickly respond to a specific question concerning his background.

Overwhelmingly, lengthy processing times are due to either the application being filed before the pilot has completed his solo kills, which means that the "delay" is only a matter of waiting for the pilot to meet one final requirement, or it is due to a request for more detail in the application text. Requests for such detail are almost always simply an attempt to ensure the applicant understands what he is signing up for and to ensure that he therefore will enjoy his game time to the utmost should he be accepted.

Originally by: Mordus Sith
Recruits are expected to take any alts they have out of any other corporations, and they have to sever all ingame ties even with RL friends....


The first part of this is true, as Tuskers are expected to be loyal to The Tuskers, and our policy helps avoid the possibility of a conflict of interest (as we are pirates and exist solely to violence pilots in order to extract ISK or fittings from them).

The second part is false. Tuskers fly with, communicate with, and cooperate with whomever they like.

Originally by: Mordus Sith
I'm pretty sure they have to divulge some RL info also.

This is false. Two items of RL info are required in the initial app: age and time zone--hardly intrusive, if you ask me. RL info is not a factor in the background check and does not even come up unless it's to inquire about a pilot's activity level or his ability to function in an English-only comms environment. These are also far from intrusive questions.

For example, a question such as the following might be asked: "I see no evidence of activity for the last six months--what've you been up to?" At which point the applicant may reply, "I've been playing Starcraft" or something.

Originally by: Mordus Sith
...a corp that seems to enjoy the sound of their own typing on forums and blogs more than the actual game ;)

Also false, as a quick check of activity on our own killboard or Battleclinic will demonstrate. Wink


tl;dr corrections made to previous poster's statements

...and good luck OP!


edit: fixed some typos and stuff

Culmen
Caldari
Culmenation
Posted - 2010.12.22 06:19:00 - [13]
 

Originally by: Kyoto Luyi
Originally by: debbie harrio
Any corp that asks me for a full api can sling their hook.

It reveals far too much information to be given out willy nilly and can be abused to easily.

limited api I have no problem with.

Join another corp, only Noobs give out their full api.


I fully support this product or message Razz


This really cannot be stressed enough.

The response to a request for a full API should always be:
"No! And f*ck you and your corp for asking!"

No good can ever come from giving somebody else your full API key.

Sturmwolke
Posted - 2010.12.22 06:34:00 - [14]
 

Full API checks by corps reminds me of the Maginot line.

Joe Starbreaker
M. Corp
Posted - 2010.12.22 06:48:00 - [15]
 

Originally by: Sturmwolke
Full API checks by corps reminds me of the Maginot line.

Metaphor of the day! (Or is it a simile?)

Man Barthelme
The Tuskers
Posted - 2010.12.22 07:08:00 - [16]
 

Edited by: Man Barthelme on 22/12/2010 07:08:46

Originally by: Culmen
Originally by: Kyoto Luyi
Originally by: debbie harrio
Any corp that asks me for a full api can sling their hook.

It reveals far too much information to be given out willy nilly and can be abused to easily.

limited api I have no problem with.

Join another corp, only Noobs give out their full api.


I fully support this product or message Razz


This really cannot be stressed enough.

The response to a request for a full API should always be:
"No! And f*ck you and your corp for asking!"

No good can ever come from giving somebody else your full API key.


As boring as my records would turn out to be, it is true that I would never share my own API publicly, such as in a forum post, but Culmen's post is very much overstating things.

If you don't trust the person asking for your API, you probably shouldn't be joining that corp in the first place. On the flipside, if you're unwilling to supply the information they're asking for, they're better off without you. In each case, the parties can go their separate ways and be better off for it.

If you do trust the people whose community you are trying to join, then sharing the API is best seen as bread breaking, imo. Once the API is shared, it is a simple matter to generate a new one later to protect yourself, but the actual act of sharing the API is a gesture of good faith on both sides. This is very good for overall corp morale, so long as everyone has undergone the same process.


*The other poster's comment about the Maginot Line is possibly more cogent--it's a mistake to think the API will allow a corp to magically fish out all thieves and cheaters from its pool of applicants. I do not believe the Line itself, however, was designed to stop an invasion so much as slow it down until other forces could be brought to bear.

foksieloy
Minmatar
Rockets ponies and rainbows
Posted - 2010.12.22 07:23:00 - [17]
 

I highly disagree with giving out full api.

There is nothing that full api can give that would be relevant, that cannot be replaced by limited api and a player donations screenshot.

Eastman Color
Posted - 2010.12.22 09:50:00 - [18]
 

Edited by: Eastman Color on 22/12/2010 09:51:15
Originally by: debbie harrio
Any corp that asks me for a full api can sling their hook.

It reveals far too much information to be given out willy nilly and can be abused to easily.

limited api I have no problem with.

Join another corp, only Noobs give out their full api.


lol, tinfoil hat much?

So, specifically, what information does it reveal that's too much for you?

The only thing I can think of tbh would be buy and sell orders and if you suspect that a corp is looking at your market activity and then undercutting you, that's not a corp I'd want to be in.

The purpose of the full api is to weed out terribad spys that transfer cash to the spy rather than financing it in other ways.

Also, how can it be abused?

I only ask because to me this sounds like uninformed hysteria

Originally by: foksieloy
I highly disagree with giving out full api.

There is nothing that full api can give that would be relevant, that cannot be replaced by limited api and a player donations screenshot.


Photoshop

foksieloy
Minmatar
Rockets ponies and rainbows
Posted - 2010.12.24 11:29:00 - [19]
 

Originally by: Eastman Color
Photoshop


Eyes. And time (the screenshot must be extremely fresh).

Luminos
Durid is 4 Fite
Posted - 2010.12.24 15:33:00 - [20]
 

Originally by: Joe Starbreaker
Originally by: Sturmwolke
Full API checks by corps reminds me of the Maginot line.

Metaphor of the day! (Or is it a simile?)
A good metaphor.

On an internet spaceship pixel forum.

I'm scared now. Shocked

OT Smithers
Posted - 2010.12.25 07:12:00 - [21]
 

Full API?

The request says more about the corp making the request than it could possibly reveal about the applicant.

Chribba
Otherworld Enterprises
Otherworld Empire
Posted - 2010.12.25 17:32:00 - [22]
 

With the risk of repeating others...

imo a corp asking for full API is up to something else...

And API journal/transaction goes back 1000 posts or one month at the most.

/c

Himnos Altar
Gallente
Daisy Cutter's
Posted - 2010.12.26 01:22:00 - [23]
 

have fun with the Goons!

just a guess, mind you.

dtyk
Posted - 2010.12.26 03:18:00 - [24]
 

Of course, people posting on the forums that they have something they want to hide from an api check makes the api check itself somewhat pointless, does it not?

DCThunder
Agent-Orange
Nabaal Syndicate
Posted - 2010.12.28 02:22:00 - [25]
 

I'll show you mine (full API) if you show me yours...Razz

Taedrin
Gallente
Kushan Industrial
Posted - 2010.12.28 16:31:00 - [26]
 

Originally by: Eastman Color
Edited by: Eastman Color on 22/12/2010 09:51:15
Originally by: debbie harrio
Any corp that asks me for a full api can sling their hook.

It reveals far too much information to be given out willy nilly and can be abused to easily.

limited api I have no problem with.

Join another corp, only Noobs give out their full api.


lol, tinfoil hat much?

So, specifically, what information does it reveal that's too much for you?

The only thing I can think of tbh would be buy and sell orders and if you suspect that a corp is looking at your market activity and then undercutting you, that's not a corp I'd want to be in.

The purpose of the full api is to weed out terribad spys that transfer cash to the spy rather than financing it in other ways.

Also, how can it be abused?

I only ask because to me this sounds like uninformed hysteria

Originally by: foksieloy
I highly disagree with giving out full api.

There is nothing that full api can give that would be relevant, that cannot be replaced by limited api and a player donations screenshot.


Photoshop


A full API reveals:

1) Your EVE mail headers and bodies - IE, they can read the mail you receive.
2) Your buy/sell orders, so they can know what items you are trading in. They may see that it is profitable and start trading in those items themselves, producing competition in your markets.
3) They see your assets, so they can have a good idea about what ships you fly, and how much wealth you have. They also know WHERE your assets are, so it gives them an idea about where you operate. If they decide NOT to hire you, they can use this information to track you down and suicide gank your faction battleship which might be officer fitted.
4) They see your POS locations, so they know where expensive infrastructure is located. If they decide not to hire you, they could ransom your expensive and profitable POS towers.


 

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only