First, the session was highly redacted. Then again, I didn't expect anything less, although CCP apparently is showing more trust in the CSM and showing more sensitive information. CCP is conducting a shadow war against the illicit RMTers who sell ISK and items and the botting, hacking, and exploiting that degrade the game play experience of players. Here is the segment of the minutes of the subjects that interest me the most:
CCP Bugartist: Security topics within CCP [...] Make sure we will improve the quality of code of every single line of code we produce. The same for processes [...] that’s what we do on a strategic level. Some samples on the following slides [...]. And also technology [...].
CCP Bugartist: More to product and game security [...] Botting, cheating, RMTing [...]. Massive amounts of data [...], data analytics [...].
CCP Bugartist: When there is a mass theft of credit cards [...] We improved [...]. So there is a lot of stuff we are working on to make accounts more secure, I will show some details [...] And there is the housekeeping we are working on [...] You will see some numbers later which are [...] Any questions? Okay, let’s talk about EVE Online universe account security. Overall [...] We also really want to have better account security, which is for example [...]
Corbexx: What about authentication keys?
CCP Bugartist: You’re talking about multifactor authentication, in the second phase [...] So we have multiple options [...] All of this will be totally opt in [...] Any questions regarding account security?
Sion Kumitomo: Having an option for multifactor authentication would be fabulous and awesome.
CCP Bugartist: Multifactor will definitely help to reduce the amount of hacked accounts. One thing for example [...] The user should control how they log into the game. So that’s why we would like the user to select how they log in, it should be an option you can choose. Of course it might change the prioritization of [...]
CCP Peligro: The guy who hacks your account is usually involved in RMT, so that’s something we want to catch too.
Multi-factor authentication is probably an area I need to explore more in-depth on the blog. Of course, I had a bad experience with Wildstar, which chose to add the option after early access launched. But if CCP does add in multi-factor authentication, I suggest everyone immediately use it as soon as the feature is released. I painfully discovered that hackers will put their own authentication on the account if possible in order to lock the owner of the account out. Then again, I do use Google Authenticator, so I'm not a skeptic, just wary of how a company implements the feature on a long running service like an MMORPG.
The big issue, or at least the one that has the most in the minutes, was ISBoxer. Here is the section where CCP Peligro gave an overview of ISBoxer:
CCP Peligro: This is more or less CCP’s stance on multiboxing, if you filed a ticket asking if you can multibox, in a nutshell it says that CCP will never sanction or authorize use of a third party program because we don’t have control over the feature set. That’s why there might be some confusion because there is a sort of grey area. We will action on it if […] This is the stance outlined on the third party policy page on our website. So this is the amount of accounts we have flagged […] ISboxers will frequently contact us because it is a grey area […] We have stats on what ISboxers are doing […] but there’s no standard ISboxer. Peligro's edit: Refer to http://community.eveonline.com/support/policies/third-party-policies/The interesting part of this entry is that CCP is keeping track of the use of ISBoxer. I'd love to get my hands on the numbers, as I've wondered about the effects of the software for some time.
The four members of the CSM who spoke out about the use of ISBoxer were Xander Phoena, Ali Aras, Mike Azariah, and Sugar Kyle. Xander's concerns were based on whether ISBoxer violated the EULA and trying to clarify the matter once and for all. Ali concentrated on the use for stealth bombing and input duplication. Mike concentrated on the effects on incursion running and the wording of the EULA. And Sugar Kyle focused not only on the perception that CCP is not enforcing its own rules, but wondered if CCP had the capability of enforcing those rules. Xander may have spelled out the main problem with the use of ISBoxer:
Xander Phoena: The problem is that if I lose my Vindicator to ten guys then fair enough they trained for it and deserve it, but if I lose it to one guy flying ten ships perfectly than I haven’t made nearly the same level of mistake and it required infinitely less skill on their part. There’s a perception that I’ve been cheated out of my Vindicator.That perception is bad for EVE, recruiting new players, and retaining existing ones.
I found another segment by CCP Peligro interesting:
CCP Peligro: Yes, but the blanket OK is something that I doubt we'll do. We don't have any control of third-party programs and it would be irresponsible of us to sanction use of something we didn't make. There are also concerns with regards to liability. The software is used for all kinds of nefarious things, not just multi-boxing. We’re banning RMT’s and botters because that’s more detrimental to the game world. Client Modification is another big thing, and ISBoxer in particular is a powerful framework for this purpose.Team Security is prioritizing its work based on the impact on New Eden, and ISBoxer is not as damaging as RMTers and botters. However, I'm glad to see that I'm not that far off when stating that ISBoxer is considered client modification.
The one takaway from the minutes I have concerning ISBoxer is that Team Security is tracking the usage of the multi-boxing software. I know that Team Security is a small team and I want to see them using their resources in the most effective manner. If I have a choice of having multi-factor authentication or banning ISBoxer, I'd rather have multi-factor authentication.
Those are some quick thoughts on the minutes. Getting any information on the shadow war between Team Security and the illicit RMTers and their allies is always difficult. I could have wished for more information, but that's not really realistic.