Dearest News Hungry Space Pilots,

There have been some misleading articles published this afternoon regarding a breach at a company called Playspan. CCP has no current relationship with Playspan. The only relationship we have ever had with Playspan is that in the past is they have resold ETCs.

We do not share login information with any other company. The only way your credentials for EVE could be at risk is if you had set up an account at Playspan in which you re-used your email/EVE login credentials such as your username or password. If you have done such a thing we suggest you change your EVE password as a precautionary measure.

-Sreegs

Dearest News Hungry Space Pilots,

There have been some misleading articles published this afternoon regarding a breach at a company called Playspan. CCP has no current relationship with Playspan. The only relationship we have ever had with Playspan is that in the past is they have resold ETCs.

We do not share login information with any other company. The only way your credentials for EVE could be at risk is if you had set up an account at Playspan in which you re-used your email/EVE login credentials such as your username or password. If you have done such a thing we suggest you change your EVE password as a precautionary measure.

-Sreegs

Dearest Internet Spaceship Pilots,

It has come to our attention recently that there are pilots in New Eden engaging in AFK Complex farming. Specific examples of this include such activities as warping into a particular room in a complex, dropping sentry drones, then going to do your laundry or perhaps watch a 24 hour Lazytown marathon. While this activity does not necessitate the use of a 3rd party program in order to carry it out you ARE generating income in an automated fashion while sleeping which is not being present playing the game. As such our automated systems will continue to detect and institute administrative actions for this activity. We do not find this to be acceptable gameplay.

All accounts which were tagged prior to this notification will be given the benefit of the doubt and a one-time “amnesty”, removing the offending marks from the account. Going forward any administrative actions will remain in place. Game Design will also be looking at changing our complex systems so that this is no longer possible in the near future.

Thank you for your time and attention,
CCP Sreegs

Addendum:

There seems to be scattered confusion about this so in order to clarify, no we are not telling you not to use drones or not to get up to use the bathroom. Administrative action against your account in this case would only come from rather extreme examples of abuse such as farming an effected complex 24 hours a day or some period of time beyond human capacity, which is deemed abusive. You may feel free to feed yourself while playing EVE Online without threat of punishment.

Futher discussion may be found in this thread: https://forums.eveonline.com/default.aspx?g=posts&t=142098

Dearest Factional Warriors and Interested Space Pilots,

Firstly I'd like to apologize for the delay in finalizing this investigation. We had to do a lot of chatting, calculating, checking and rechecking in order to ensure to the best of our capabilities that the resolution we are providing is one we believe to be a fair one. That simply doesn't happen overnight. I'd also like to pointedly clarify that we ARE classifying this activity as an exploit and we will explain the details below.

Here's a fairly high-level explanation of how the exploit functioned and some background. With EVE Online: Inferno we released a change to the Factional Warfare system in order to encourage and reward PVP. What the change entailed was that we essentially decided to award people with “Loyalty Points” for killing other players rather than just awarding them for activities such as missions. The amount of LP rewarded is determined by the value of what is destroyed. The number we use to determine that is the “Average Price” value of each of the items destroyed which is calculated by taking an x day rolling average of how much the item was purchased for every x days. This is handled by a scheduled database job.

This system becomes exploitable when a player is capable of dictating a disparity between the actual value of the item on the market and the average price we use to calculate LP. This is most easily accomplished using items that are virtually never traded, as one or two major purchases can change the average, but it is not a requirement that the item be rarely traded in order for manipulation to occur. The most common method of doing so is that once the price has been manipulated enough it becomes possible to generate LP by simply buying the manipulated item, killing yourself with an alt in the opposing militia, then buying another one and killing yourself with it repeating infinitely. LP in this regard functions as a separate currency which can be converted back into ISK (Interstellar Kredits - the main currency of EVE Online) at a profitable rate. This can be compared to foreign exchange manipulation.

This exploit was taken advantage of by five players. Those same five players reported the issue to us after using it themselves for about two weeks. To illustrate the impact graphically, this is a nice little picture showing LP earned thus far in 2012 CCP Stilman calls "LP Made in total ever" because he doesn't believe in life before February 2012.

Click for larger version

As you can see there is a tremendous spike for a period of about two weeks which then just goes away. That spike was caused by this particular exploit. While we applaud the ingenuity of our players we find that the methods applied here should not have been mistaken for edge game play. The edge is REALLY hard to see at times but it DOES exist and in this case we were looking at a situation where a new feature created for all of our customers was being virtually curbstomped by five of them. Because of the volumes and disparity involved we've had to take action to fix this particular system.

Last week we manually adjusted some of the pricing as we stated in our news item. We then introduced some changes in order to prevent the disparity between actual cost and "Average Price" in items. For the near future this should no longer be an issue but we are monitoring and we will make further changes to this system.

The people who sought to benefit from this exploit will receive no gain from this system. Because this was essentially a system where you could print LP, even if ISK was provided as an input, it is classified as an exploit. 

 Because the players made efforts to inform us about the issue their accounts will remain in good standing. We have temporarily seized all LP points and store items from them. Once we're done determining how much each person has benefitted we will remove the LP gained value in LP and items and return the ISK invested in the purchase of items to them. This essentially will set each of them back to the original point at which they began this activity. The person who reported the issue will receive the usual PLEX for Snitches reward.

I wrote a blog on "Responsible Disclosures" a year or so ago. In that blog I mention that telling us about something after you've used the heck out of it isn't what we consider to be responsible. We do our best to be lenient in cases such as this but we want this to serve as a notice to the community that the proper time to alert us to the issue was before actually using the system. I can understand a desire to test the limits but we don't believe two weeks of testing a bug or exploit should net a tremendous benefit in lieu of reporting it in the first place, and that is another reason why the LP activity will be reversed back to zero.

Thank you for your time and attention spacefolks!

Sreegs

Dearest Factional Warriors and Interested Space Pilots,

Firstly I'd like to apologize for the delay in finalizing this investigation. We had to do a lot of chatting, calculating, checking and rechecking in order to ensure to the best of our capabilities that the resolution we are providing is one we believe to be a fair one. That simply doesn't happen overnight. I'd also like to pointedly clarify that we ARE classifying this activity as an exploit and we will explain the details below.

Here's a fairly high-level explanation of how the exploit functioned and some background. With EVE Online: Inferno we released a change to the Factional Warfare system in order to encourage and reward PVP. What the change entailed was that we essentially decided to award people with “Loyalty Points” for killing other players rather than just awarding them for activities such as missions. The amount of LP rewarded is determined by the value of what is destroyed. The number we use to determine that is the “Average Price” value of each of the items destroyed which is calculated by taking an x day rolling average of how much the item was purchased for every x days. This is handled by a scheduled database job.

This system becomes exploitable when a player is capable of dictating a disparity between the actual value of the item on the market and the average price we use to calculate LP. This is most easily accomplished using items that are virtually never traded, as one or two major purchases can change the average, but it is not a requirement that the item be rarely traded in order for manipulation to occur. The most common method of doing so is that once the price has been manipulated enough it becomes possible to generate LP by simply buying the manipulated item, killing yourself with an alt in the opposing militia, then buying another one and killing yourself with it repeating infinitely. LP in this regard functions as a separate currency which can be converted back into ISK (Interstellar Kredits - the main currency of EVE Online) at a profitable rate. This can be compared to foreign exchange manipulation.

This exploit was taken advantage of by five players. Those same five players reported the issue to us after using it themselves for about two weeks. To illustrate the impact graphically, this is a nice little picture showing LP earned thus far in 2012 CCP Stilman calls "LP Made in total ever" because he doesn't believe in life before February 2012.

Click for larger version

As you can see there is a tremendous spike for a period of about two weeks which then just goes away. That spike was caused by this particular exploit. While we applaud the ingenuity of our players we find that the methods applied here should not have been mistaken for edge game play. The edge is REALLY hard to see at times but it DOES exist and in this case we were looking at a situation where a new feature created for all of our customers was being virtually curbstomped by five of them. Because of the volumes and disparity involved we've had to take action to fix this particular system.

Last week we manually adjusted some of the pricing as we stated in our news item. We then introduced some changes in order to prevent the disparity between actual cost and "Average Price" in items. For the near future this should no longer be an issue but we are monitoring and we will make further changes to this system.

The people who sought to benefit from this exploit will receive no gain from this system. Because this was essentially a system where you could print LP, even if ISK was provided as an input, it is classified as an exploit. 

 Because the players made efforts to inform us about the issue their accounts will remain in good standing. We have temporarily seized all LP points and store items from them. Once we're done determining how much each person has benefitted we will remove the LP gained value in LP and items and return the ISK invested in the purchase of items to them. This essentially will set each of them back to the original point at which they began this activity. The person who reported the issue will receive the usual PLEX for Snitches reward.

I wrote a blog on "Responsible Disclosures" a year or so ago. In that blog I mention that telling us about something after you've used the heck out of it isn't what we consider to be responsible. We do our best to be lenient in cases such as this but we want this to serve as a notice to the community that the proper time to alert us to the issue was before actually using the system. I can understand a desire to test the limits but we don't believe two weeks of testing a bug or exploit should net a tremendous benefit in lieu of reporting it in the first place, and that is another reason why the LP activity will be reversed back to zero.

Thank you for your time and attention spacefolks!

Sreegs

Dearest Internet Space Pilots,

Earlier this month we announced a crackdown on RMT which began with a single circle of actors. With those gentlemen out of business we've been able to focus our sights on some new sources and I'd like to share some numbers with you. This isn't going to be my longest blog ever but it is going to contain some numbers and things that are sure to please most (heh) of you and give you some thoughts about how we're going to proceed.

After the first wave of action we've improved our methods a bit. Because of our focus on this subject we've seen some anecdotal things around the internet that aren't exactly scientific but do point somewhat towards impact.

• We've seen the cost of illegal isk go up
• We've seen illegal isk sellers having supply problems

Apparently, despite the chest-beating protestations of self-professed internet "experts" on the subject, when you buckle down hard enough on the supply-side of the problem you do indeed create ripples in their capacity to operate. When you ban all the suppliers the sellers need to look for new ones. When you increase the risk by taking out the sellers people are less likely to do so. In many cases we've been able to not just take out the supply networks, but immediately key in on the new supply networks and take those out as well. We have done this over and over and over again for the past 3 weeks and the results are telling:

• 1268 accounts of both sellers and suppliers have been banned permanently. Of these 90% or so are accounts that are very young. This is important because it helps to underscore the fact that these aren't good customers who have been tempted over to the dark side. These are illicit businessmen who could really care less about their impact on New Eden so long as they can buy a new tiger skin rug or a pair of signed purple Jordans.
• 524 accounts have had their illegal transactions reversed.
• No exact number here but we are seeing a great many customers realize the error of their ways, reversing the transaction to the illicit seller, then spending the cash on PLEX, which is absolutely the only right way to do this. For whatever reason people take risks, but when they are ultimately found out and have their proceeds taken they want to "go legit".
• Number of account cancellations due to reversal is around 10. People are understanding what they did was wrong but they still love EVE and tend to want to stay engaged.
• 1.5 Trillion isk has been reversed from people's accounts because they purchased it illegally.
• 4.2 Trillion or so isk in assets has been seized from RMTers or suppliers.

The lesson that begins to appear from this is one that starts to put a real dampner on the "common" "wisdom" that it's not profitable for us to crack down on this activity. While 1268 accounts had to be permanently banned they were not what we would qualify as "EVE Players". Buyers tend to be people who make a poor decision and try to save a couple of bucks by doing something illegal, but still want to be engaged in the game. We negative this activity and give them an opportunity to continue enjoying the game and they stay loyal customers, which helps to make New Eden a more enjoyable place for everyone. Instead of people sending cash to some shady dude running a sweat shop out in *insert country name here*, they purchase a PLEX, which can be used by you to fund your game time and the money goes into developing a better spaceship game instead of buying the equivalent of a digital drug dealer a cool new diamond-covered blingy case for his beeper.

Going forward we're going to keep twisting the knife on the sellers. Ultimately we do not believe this activity should continue and we will focus and do every single thing in our power to ensure that they are no longer able to take advantage of our customers and try to profit from our hard work. We're also exploring opportunities for how to get this messaging out to new players of the game. One of the things people mention fairly often is that they're concerned that new players can fall into this trap of "easy" isk by being targeted by these terrible isk sellers. Along with going after the supply-side of the problem we're doing a deep dive on what the best ways to reach out to new players is so that this never becomes a problem from the beginning. Part of this is word of mouth and dev blogs such as this, but we'll probably also see things like splash ads on login, news items, things in the launcher and some other stuff that's been thought of but is still being tweaked.

We're really hoping that by taking a layered approach to this we can solve this problem which will in turn have a net positive impact on both New Eden's economy and our ability to devote proper resourcing to the things that matter to you as a customer and, if I may say so... Internet Space Friend. Please feel free to post in the associated thread and let me know if you have any comments or anything. Unfortunately RMT tears are a bit harder to harvest but if you can find a way feel free to share (don't link the site) and I will give you a virtual hug in my head.

Until next time Space Friends!

Sreegs

ps. I need to give a shout out to Team Security, CCP Arkanon, CCP Peligro and CCP Stillman. They put a lot of hard work into this stuff and they deserve a hi five.

New to EVE? Start your 14-day free trial today.
Returning pilot? Visit Account Management for the latest offers and promotions.

Greetings Internet Space Commanders!

There are a few items I want to touch upon here for clarification before I get low-down and dirty on some recent activity. Not everyone can find their way to Fanfest so there's a few bullet points which are in my opinion game changers on the anti-botting front from Fanfest that I want to make certain I memorialize in Dev Blog format. As I mentioned to you in my last blog the team has re-instituted our automated botting detection routines with some new twists, the first of which was that the character in question can now no longer be legally traded or sold. BUT THERE'S MORE!

• The banning process will now occur daily which will reduce the window of effective isk-printing and smooth out the edges so we're not performing giant "events"
• Effective retro to just before Fanfest we will be removing ALL isk gained from botting when the ban takes effect. Details may be found in my Fanfest presentation located here.

We know that this is going to be a long slog but we're pleased with the results so far and I'll try to get my beloved compatriot CCP Stillman to do a separate blog in the next few weeks with some fun stats and such for you to salivate over. For now you have what was given in the presentation. As promised at Fanfest I've also started a thread in order to discuss the application of "Scarlet Letters" for botters here.

 I want to apologize for being less active in the thread in advance. I'm going to get back to it probably tomorrow and I'm hoping that the excuse I'm going to make below, which is also the reason for this dev blog, will suffice.

Much like with the initial reintroduction of botting bans many of you have noticed that a wonderful event occurred last Friday. Prior to Fanfest and again at Fanfest I promised that the security team would be looking into RMT as well as botting. Last Friday saw the first results of that work. I'm not going to get into confirming or denying who was involved as per policy and as much as I love to write I'm just going to break down the results of the first action into bullet points.

• Around 105 accounts with direct ties to RMT (Real Money Trade) operations banned permanently
• Between 1-3 trillion ISK in assets siezed permanently
• Around 500 billion ISK in RMT transactions reversed

There will be differences in opinion in how significant this event is unless you realize that, as with our actions in botting, this is not a one-time occurrence. In the coming days there will be additional actions of this kind and I'm sure various communities will notice them as they have an impact on their operations or social circles. We fully intend to twist the knife on these kinds of operations and will utilize whichever mechanism we believe will cause them the most pain. While there were reports of false positives related to this event, thus far every single valid "false" positive we've investigated was tagged because they had actually done something wrong, in most cases purchasing an account illegally or enabling RMT sellers via providing them with "loans". This is completely unacceptable behavior and in each instance thus far the purchased accounts were left closed and the loaned isk remained frozen.

Using the initial operation we enacted last Friday the procedure was to permanently ban all isk sellers and suppliers. No warnings given. People caught purchasing ISK found themselves with negative wallet balances due to the ISK being reversed back into the closed accounts which will eventually go into some magical space ISK burning facility or if you want to be really technical, be deleted from a database. We will continue to expand the scope of this to include asset seizure in the coming days which will include reclamation of supercaps and actions against alliances if need be. All actions will be retroactive to at LEAST February.

 I've been asked a lot of questions about how to avoid running into trouble here and there's a very clear and surefire way to do so. Don't do business with people you know to be involved in RMT. Don't buy accounts, items, PLEX or ISK illegally. THERE YOU HAVE IT! The ONLY legal seller of PLEX is CCP. Anything else can be taken from you when you are caught and the likelihood of that happening is increasing significantly. Have a fat pile of cash and want to convert it to ISK? Buy PLEX! We fully recognize that the only way to provide a level playing field for our customers is to end the problem and that's the direction we're headed.

I'd like to add that in addition to large sums of ISK removed from RMT-related actions we're expecting to see an average of 100B ISK a day removed from botting accounts. Neither RMT nor bot-related activity have any place in New Eden any longer and the security team is willing to play chicken as long as it takes to get that message across. I'd also like to note that while I haven't spent much time talking about it the PLEX for Snitches program, it is still in full effect and a number of people who have provided us with actionable security-related information have profited quite nicely from their contributions to the greater EVE community!

So, the tl;dr of this is:

• We're going to take all your stuff if you cheat
• Buy PLEX, don't be a space butt
• We're keeping an eye on all sorts of fun places to pull numbers and graphs from and we'll provide them in a separate blog
• We love you if you don't cheat

On a personal note, CCP Soundwave's cosplay-fit 6pack abs have inspired me to purchase a gym membership so all of you who have expressed heartfelt concern about my physical health may now sleep easier! Until next time!

Sreegs

Update: Since this blog was written this afternoon we've taken out another 365 account bot/rmt ring. No estimate of assets yet.

New to EVE? Start your 14-day free trial today.
Returning pilot? Visit Account Management for the latest offers and promotions.

Greetings lovely Internet Spaceship pilots!

Hanging some bots out to dry

Some of you have rather astutely noticed by virtue of reading various shadey forums that we've taken some administrative action against some botters. I'm saving pretty pictures and graphs for Fanfest (I don't have any yet) but I'll say that the total number of accounts actioned against was more than 1000 and less than 2000. I'm actually quite happy that the community cared enough to notice without us having to publish anything about it but I will take a few minutes to explain some things I'm seeing in the various discussions on the topic that are incorrect.

• "This is a Publicity Drive for Fanfest" - Back before Fanfest last year we had a group assembled called the EVE Security Task Force. That group was tasked with performing actions like the one recently taken against botters. As a matter of fact that group took action the day prior to Fanfest and continued to do so on a twice-monthly or more basis for many many months. The process is designed that way because I don't believe that security is something you unwrap once every 2 months and pat yourself on the back about. What I said a year ago about the subject remains true today in that I believe it to be a continued process. This will be a slow burn and it will be regular. I do need to add to that the fact that these things were turned off for a period of time. As you are all aware the company has gone through a lot of changes in the recent months. Because of this there was a period of time where nobody had responsibility for handling the technology responsible for nuking botters. As of now there is a formal team on the EVE project devoted entirely to security, of which I am the product owner which is a fancy word for manager. This means that we've now thrown the switch again and turned on the catching bad guys machine because we own it and we don't like cheaters.
• "This is nice but it should be something regular" - I agree. It was designed as such and as I stated above it was run for many many moons on a regular basis.
• "Three strikes is too weak" - Here we disagree but there's a reason why. I've shown charts before and I'll have a set at Fanfest that shows that we're effective at changing behavior by using these bans (with a caveat). What I mean is that a fraction of people actually get a second warning and the amount of people in all time who have ever hit a third was something ridiculous like 3%. There's some new things though related to this that I'm going to be a good egg and share with you though in a separate paragraph.

So as it stands the old rules are in place:

• Strike One - 14 days
• Strike Two - 30 days
• Strike Three - Perm

BUT WAIT, THERE IS EVEN MORE! From now on, and this current wave is included, characters who receive a warning such as this will have the characters locked to the account. This means that once you've received a warning for botting your character transfer privileges have been revoked in perpetuity. This is to prevent people trying to circumvent the rules by recycling accounts. Yes we know people pointed out this could happen last time around and if you'll remember we said "We'll keep an eye on it and if it becomes a problem we'll deal with it". Here is us dealing with it. We'll probably have to come up with some form of timing solution for the future, but as it stands today it's forever. If you care about your dudes don't do bad things.

This is what's most relevant to you guys today but there's some things on the horizon I think you'll also be interested in. One of these is the security team's focus on RMT as well, which will likely be the subject of a future blog (probably after Fanfest) and will help answer that other question about whether or not we actually take away terrible people's assets when they do bad things. I'll keep an eye on this topic for a while to answer any questions. On another note I was just talking to CCP Soundwave and he wanted me to pass the message that any Fanfest attendees who are Japanophiles like himself should come and have a chat about your favorite movies. He doesn't get much of a chance to practice his Japanese here in Iceland. 

Don't do anything bad today,

-Sreegs

Come meet CCP Sreegs and the rest of the CCP crime fighters at Fanfest 2012! More information on Fanfest topics, tickets and travel can be found here.

New to EVE? Start your 14-day free trial today.
Returning pilot? Visit Account Management for the latest offers and promotions.