open All Channels
seplocked EVE Information Portal
blankseplocked New Dev Blog: POS Exploit
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: 1 2 3 4 [5] 6 7 8

Author Topic

Jinx Barker
Caldari
GFB Scientific
Posted - 2009.02.11 03:51:00 - [121]
 

Can we have a list of T2 BPOs removed from the game due to the exploit. Surely this does not represent any type of privacy breach for CCP?

This would give us an idea of what the market for those items might be in the future.


Ranger 1
Amarr
Ranger Corp
Posted - 2009.02.11 03:55:00 - [122]
 

Originally by: Jason Edwards
Originally by: Reiisha

A pic isn't going to show how to reproduce the bug, and how it works.


I'm obviously not just posting a pic. I'm saying how it happened. It doesnt even matter; because the pic PROVES the bug exists. If they cant figure out how to reproduce... they should open up the matter and see if others can figure it out. Not have 1 bug hunter be inept and incapable of doing something, filtering and just ignoring the bug as if it doesnt exist.

Quote:
The logserver is very useful for them to figure out what's happening, how it works and how it can be reproduced reliably. If you want to make it hard on them and not help out, that's not their fault, it's yours. You're basically blaming them for your own reluctance to actually help out properly.

Sure log server is useful. Sure. It's not my job to bug report **** all though. I can simply do nothing. Then bugs are absolutely certain to go unnoticed by the what? 1% of players who actually go on sisi vs tq?

I have already proposed a superior system to the current one. The lack of this system being implemented takes all blame off me immediately.


Let me clean this up for you.

I lost a ship once and it wasn't reimbursed, it was due to a bug that made it in game because I can't be arsed to turn in a proper bug report, and I'm very bitter about the whole thing.

See, wasn't that easier to read?

Laughing

As to the rest, it just doesn't get much more transparent than this.
Step away from the tinfoil.


Kel'Tor
Caldari
NailorTech Industries
RAZOR Alliance
Posted - 2009.02.11 04:03:00 - [123]
 

Nice work on the blog CCP and the economic impact statistics looks great and actions taken to correct this.
I thought only I had problems with those darn acyclic graphs... beers on me for your programming team Very Happy

For eve community :
Is not CCP guilt that human nature tells people to abuse in order to gain advantages over others, is a thing we all live in RL with and a fair example is government can't stop a crime...is there to punish only.
And about you had reported and no action was taken in immediate time is like saying to police someone is trying to kill you but you don't know who and how...and either they send u home or into a mental institution...and trust me you pay ALOT more money on your government to "keep you safe" than you will ever pay to CCP.
So...better say thanks they just had alot of work into this to clean the mess.

Ding! Ding! see the big picture dudes! and whine later

Mecinia Lua
Galactic Express
Intrepid Crossing
Posted - 2009.02.11 05:10:00 - [124]
 

A much better report than we've seen in the past. Probably a much more thorough accounting than I expected we'd ever see.

Glad to see some of the t2 BPOs go poof. Might help make invention profitable on a few more items. I'd ask for a list of the BPOs removed but that would be counterproductive as speculators then would raise the prices of those goods unnaturally and in the course of time I think we'll know as the prices rise for certain items.

All in all a good report.

Lusulpher
Gallente
Posted - 2009.02.11 05:37:00 - [125]
 

Edited by: Lusulpher on 11/02/2009 05:43:02
Edited by: Lusulpher on 11/02/2009 05:42:09
Dear CCP.

Any plans to establish a toll-free phone line(s) to your BugHunting(Game Design?) Departments?

1 Post the phone number, with a valid 6-month character account as password.
2 Ban/suspend abusers.
3 Record the calls. Internal Affairs can get practice on meta-gaming here. Cool
4 Review the issue with your team.

Don't Reward the caller. Same system, faster. NFS...

I am sure this will efficiently erase your PR blunders. SiSi alone would be more polished before you get to your over-extended DownTime Patch Day(The Patch Day BluesTM), and your MANDATORY second Patch Day patch, that follows within the week.

TBH, your Ship Loss petition system is an utter crapshoot...Lag losses were reimbursed randomly in a fleet battle last year, and it still bothers me. At least smacktalking WTs get warnings. But those generated messages lack one word of attention given to the matter.

It's getting old. Balancing(NerfbatsTM), boot.ini, skillqueLIKERIGHTNOAW!!!1!, missile launchers not shooting missiles...you can avoid much shame and overtime pay by handling issues like this BEFORE you launch a product. Your ideas are a scifi wetdream, but your execution is a scifi nightmare. If you were to put out a patch without more than hotfixing in a week with no complaints, I'd eat my own head.

Sure other companies, do that, but you are aiming higher AS A COMPANY AND ALL AROUND.

And your channels of Customer Feedback seem to be one-sided more and more...

When someone says their child is missing, you don't tell them their child appears to be healthy according to the photo in your hand! You go find the child, take them to a hospital, train everyone involved about how to not lose/find children and put out a lost child phone number.

Explain to me how this will not help...


P.S: Not mad at you, just Nvidia's driver is some sort of malware and my EVE client and computer resolutions are now out of date. Love you, ]:3-

Dealth Striker
Caldari
Striker Ltd
Posted - 2009.02.11 05:44:00 - [126]
 

Blog = Fluff

Selene D'Celeste
Caldari
The D'Celeste Trading Company
ISK Six
Posted - 2009.02.11 05:55:00 - [127]
 

I'm a bit late posting here, but very nice work here CCP =D

Typhado3
Minmatar
Posted - 2009.02.11 06:09:00 - [128]
 

/me rubs his eyes after reading longest dev blog in eve

well that awnsers my questions, and then some.

nice work.

LaVista Vista
Conservative Shenanigans Party
Posted - 2009.02.11 06:20:00 - [129]
 

Originally by: Rata Nrnima

How many CCP employees / Developers / Game Msters were involved in this exploit?

The dev-blog clearly states that all CCP employees and CSM members were investigated.

TR4D3R4LT
Posted - 2009.02.11 06:27:00 - [130]
 

Originally by: Rata Nrnima
How many CCP employees / Developers / Game Msters were involved in this exploit? Entirely too much real life money exchanged hands in this. CCP lost too much money to have turned a blind eye for as long as they did for collusion not to be involved.


Your argument fails by the fact that if devs/gm's were involved, they could just spam the isk out of thin air. No need to sell stuff on the market or any of that jazz.

Originally by: Rata Nrnima
The report is a nicely written explanation that says a bunch of nothing. They say they blew up a bunch of pos' etc. but no one saw. Sure you did, and the economist didn't notice . . .


Have some more tinfoil, do bit searching around and you'll find exactly what corps were involved and the list of t2 bpo assets. CCP's follows their words and can/will not enclose that information, but it doesnt prevent players mouthing it off in third party forums. Sure, it's not CCP's "official" word, but then again, you've shown you dont believe what they say no matter how they say it.

And that my friends is the beauty of all these tinfoilers, no matter how deep, even to the point of releasing ip's and rl phone numbers along with names, the tinfoilers would proceed to point how they're just most likely CCP's paid workers to be used as cover up.

To me it's nice things got closure and that something better emerges from this pile. I made some isks thanks to following markets and quick speed for materials so all this just about gets even on the scales for me.

Taram Caldar
Royal Black Watch Highlanders
Warped Aggression
Posted - 2009.02.11 06:31:00 - [131]
 

I know it's not CCP policy but I really wish that in this caase they would name & shame.

Jimer Lins
Gallente
Aliastra
Posted - 2009.02.11 06:38:00 - [132]
 

Name and shame, indeed. Who was doing it, what alliances were involved?


JeanLuc Descartes
Gallente
Resilience.
Posted - 2009.02.11 06:58:00 - [133]
 

Originally by: Jinx Barker
Can we have a list of T2 BPOs removed from the game due to the exploit. Surely this does not represent any type of privacy breach for CCP?

This would give us an idea of what the market for those items might be in the future.




Not going to happen....would have too much of an influence on the market...nobody needs rich coprs out there
buying up all the t2 items just so they can push the market price up and profit.

Oleksandr
Taggart Transdimensional
Virtue of Selfishness
Posted - 2009.02.11 07:08:00 - [134]
 

Justice demands that you release the names of all characters, their corporations, and their alliances that were involved in the exploit.



Don't just ban them. Make sure to make their names public. If you do this, next time any corporation or alliance will think twice of using exploits.

Zakgram
POW ZAP THWAPP
Posted - 2009.02.11 07:16:00 - [135]
 

The lack of logging speaks for itself. Eve doesn't have sufficient logs for the scale of game it is. The number of people who get responses to help requests with "our logs show nothing" is too many. It should be a case of "our logs that x happened, and thus this is normal" (or, most likely, "our logs show X and we'll fix it")

More logging!

DaiZ Do
Posted - 2009.02.11 07:43:00 - [136]
 

I hope the new Alchemy System Code is reviewed on that matter as well :)

madprops for the investigation.

Drachenlord
Amarr
Viziam
Posted - 2009.02.11 07:49:00 - [137]
 

Edited by: Drachenlord on 11/02/2009 07:52:16
Originally by: Valeria Crossroads
Originally by: Vladimir Norkoff
Welcome to corporate responsibility!



So you are saying that if an employee of ccp (for example) commits a crime that automatically their ceo and other heads are criminals too and thus need to go to jail. I am so glad you do not belong their the rank of judges in rl. Since its still the case in rl that you are only guilty if you have committed a crime yourself and that you cannot be punished for crimes someone else did.


Are you completely naive? PLENTY of people end up being punished for Crimes other people commit whether they had direct involvement or not, Terms like "Accessory after the fact" or "criminally Negligent" don't exist for no reason....

To suggest otherwise is fallacy at best... I think you need to pull yer head out of the sand and take some lessons on how the real world works before trying to make direct comparisons to our little virtual world here.

ALSO... it's a Game that CCP can decide whether or not certain players should be allowed to play AT WILL, and at any time...

now having said that, I would say to err on the side of caution is better than allowing potential exploiters to have the benefit of the doubt...

Plain and simple... when it comes to EULA enforcement, Eve is not a democracy... they can and will enforce the EULA how they see fit... and for anyone who would want to argue otherwise... being that they're the developer and publisher of the game, they can change the EULA when they need to as situations such as this would arise.

For this situation however there were already measures in place and they used it...

If innocent people got banned... I would have to say they need to be more careful who they give POS management roles to... and best of luck getting their accounts unbanned if they in fact had no knowledge of the exploit.

At the end of the day, if you disapprove this strongly of how they handled a pretty serious exploit... run for CSM this year, or stop playing are about your only options.

Mallikanth
Posted - 2009.02.11 07:53:00 - [138]
 

Excellently laid out Blog and excellent explanation.
Thanks CCP.ugh


Navtiqes
GoonWaffe
SOLODRAKBANSOLODRAKBANSO
Posted - 2009.02.11 08:23:00 - [139]
 

I thoroughly enjoyed the graphical illustrations :) It's very interesting to see how fear and even just the early rumours affected the market.

Which brings to mind the current financial crisis. The media and the press surely has alot of blame for the effect their fearmongering has had on it.

Ralitge boyter
Minmatar
Posted - 2009.02.11 09:04:00 - [140]
 

Thank you for removing the motherships and most of all the T2 BPO's Twisted Evil Less of them in the game is only better for the econnomy as a whole.

One thing that I seem to miss here is a peer code review. I mean if you had a single person looking at this code with the idea of trying to find a free ride (not so much nice comments and correct if/for statments etc. Then you would have to be employing the blind or the totaly stupid to not have seen the potential for an exploit here.
I think that your QA department needs a small group of maybe 5 or 10 people that are dedicated to sifting thru new code and trying to exploit it, with their knowledge of what is under the hood. Because with near 300k players there is a near certainty that some player(s) at some point will figure out how these things work under the hood and will make use of any bug they find, there is to much ISK (is real money even if CCP doesn't like it) at stake.

As for the explanation it is good to see that these things are investigated and that the once responsible are found draged out of their mothership and shot in the back of the head. I like that style of working, but I hope that for any next time the GM's take an EVE TV crew and film the nuking of hundreds of POS's just so we can all see the nice booms and will remember for a little longer what happens to those who break the rules.

El'Niaga
Minmatar
Republic Military School
Posted - 2009.02.11 09:24:00 - [141]
 

30 T2 BPOs is hardly all of them, not really even a majority.

The blog is better than expected.

However it also shows that there were at least 3 failings when it was indeed reported. They say they are taking steps to prevent that in the future we'll see.

Whether or not employees were involved depends on what you can prove, just because they can't prove it, doesn't mean it didn't happen. Still stinks.

I'm sure folks will notice which titans seemed to disappear soon enough. Been nice to have had a number of titans removed rather than just a broad some titans. I don't see where the number of titans and motherships removed would compromise account identities.

Crewman Jenkins
Caldari
Malicious Demi-Lancers
Posted - 2009.02.11 09:46:00 - [142]
 

Nice read, thanks CCP!

Naradius
DEATHFUNK
Posted - 2009.02.11 09:48:00 - [143]
 

The most shocking part of this whole Dev Blog was:
"Our logs also show that..."

Holy database analysis Batman!! CCP admit that the logs, finally, actually showed something!!! I'm marking that event on my Calender for future reference and will provide it as proof the next time I suffer a de-sync! ;0)


In all seriousness, I great Blog, and thanks for giving us all the heads up.



CCP Pleognost

Posted - 2009.02.11 09:53:00 - [144]
 

Originally by: Ralitge boyter
One thing that I seem to miss here is a peer code review. I mean if you had a single person looking at this code with the idea of trying to find a free ride (not so much nice comments and correct if/for statments etc. Then you would have to be employing the blind or the totaly stupid to not have seen the potential for an exploit here.


The code involved predates our current code-review practices by quite a while. New code (or rewritten code) is peer-reviewed these days. The fix was peer reviewed multiple times before it went out, specifically for the reasons you state.

Mr Horizontal
Gallente
Posted - 2009.02.11 10:12:00 - [145]
 

One of the more startling things about this POS Exploit and the market repercussions of it, is due to the rarity of the items involved, the demand for the additional quantity of stuff that was put on the market was more than enough to staisfy the glut of supply.

While this is of course natural due to the rarity of the materials, it has brought two very important facts that seemed to have been overlooked in the analysis of the market:

1) That CCP have designed alchemy during the time of the exploit, and may have designed alchemy with the superficial increase of the exploit in mind, and as such may have nerfed the effects of alchemy too much to be of any meaningful use to the market in terms of increasing supply.

2) Given that alchemy relies on the usage of Cadmium so heavily, we have yet to see any effect of Cadmium's prices (and consequently all Gallente T2 items due to the inevitable repositioning of Cadmium from Crystalline Carbonate to the alchemy reactions) on the market. This shows that alchemy isn't being used at all by the players. Granted, it may get used a little more, but there will only be so much additional supply from alchemy, which I'd expect will only contribute a 5-10% increase to the supply of Ferrogel and Fermionics - still far from enough to satiate the demand for the stuff.

2) From what I can tell, it's quite clear from the charts that saturation of the rare moons has been reached, and that all rare moons (for Prom and Dysp especially) are being mined to supply the market. Here, and here, I have put a red line showing that there is a clear ceiling in place for both the Ferrogel and Fermionics supply (the thick bright red line).

As such, can I ask CCP whether:
1) alchemy was designed with too much restriction to additional supply as a result of this.
2) I'm correct in the analysis that Dysp and Prom moons are all being used to maximum saturation (ie what is the maximum volume that can be sold from moons alone)
3) CCP have any plans to either rebalance alchemy or provide more moons

gordon861
Minmatar
PROGENITOR CORPORATION
Intrepid Crossing
Posted - 2009.02.11 10:52:00 - [146]
 

Long Blog...

I think some of the 30 BPOs that were removed from the game should be passed on to the people that reported this bug years ago and were ignored, assuming they are still in game and weren't using the bug themselves. Just give them a couple each.

Shaemell Buttleson
Posted - 2009.02.11 10:54:00 - [147]
 

Thankyou to everyone involved with investigating and explaining to us about this.

I don't see how you could possibly be anymore frank or candid about this.


Kessiaan
Minmatar
Vagrants Inc
Posted - 2009.02.11 11:01:00 - [148]
 

*thumbs up*

This kind of transparency is unheard of with other MMOs, especially regarding exploits. While it's still shameful that such a huge bug could go under the radar for so long, it's also good to know that as EvE has grown and matured, CCP has taken steps already to ensure it (probably) won't happen again.

EvE being what it is, anything that can give a person/corp/alliance a leg up will be abused shamelessly, to the point it breaks the game if said mechanic is.. shall we say... unintentional?

Also, GET YOUR TINFOIL HATS HERE! ONLY 10 MILLION WHILE SUPPLIES LAST! SEND ISK TO KESSIAAN! TINFOIL HATS!

GreGh Rakrot
Rionnag Alba
Posted - 2009.02.11 11:36:00 - [149]
 

pasted from the "other" forum

Originally by: "Turkantho"
**** it why not...

I know of 5 MS that got banned, 4 Nyx and one Hel.

BPos (only those which i remember out of my head)
Crow
Manticore
2 Claymore
Eos
Sabre
Muninn
Helios
Ares
Large Shield Extender
Large Shield Booster
Med Armor Repper
Miner 2
Damage Control
2 EANM
100mn AB
1mn AB
220mm AC

Sade Onyx
Posted - 2009.02.11 11:36:00 - [150]
 

Yea nice one CCP! Wink

The blog does instill a lot of confidence that what happened, happened! its been fixed and all appropriate measures have been taken transparently. Maybe everyone can now put this subject to bed and move on!

PS

I expect this issue has put a lot of strain on resources as so many people were involved in this blog. But can we now whip some dev's into giving us more blogs on Apochtypha? Its on the test server but no more blog's since QQ :(


Pages: 1 2 3 4 [5] 6 7 8

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only