Diablo® III

Software Engineer's ideas to get rid of bots

(Locked)

Bots do not take breaks people do! Check the player logs to see if it was a game or games that went right through always within 1 to 2 mins finnished. Meaning all the games or missions done = the same amount of time. No lag time inbetween missions. Everyone needs a break sometime within 4 to 8 hours right? Even when they programm lag time it will show up after so long as not a random thing.
To whom it may concern,
I really hope this note gets to the right people working in Blizzard. As a reference, I am a senior software engineer in a fortune 50 company, and I hope the Diablo 3 community & software engineers in blizzard will seriously consider my ideas and implement if necessary.

1. Protect your game data with collision detection. (The bots should not be able to read memory managed by D3 w/o triggering red flags to warden.)

2. Do an analysis of mouse / key movements/keypress-keyup event speeds. If relative movements are too quick, flag it / do a review, add to bad wave list.

3. Do a captsha check for every hour after 8 hours of play time (along with a nice note saying excessive playing is hazardous to your health).

Seriously, there are hundreds of people who are making 2K USD+ using bots. Running it 24 hours a day, 7 days a week.

If you really care about integrity of the game, use manpower to solve the problem if you have to. This is no longer some 'virtual items', it is a real problem.


#1 has some legality issues. I'm not positive, but sifting through every individual process searching for a ReadProcessMemory() call... im just not sure.

#2 Might end up flagging individuals who press their keys fast.. It would flag legit players

#3 Interesting idea... to be honest. hmm.. I like it.. the only knock against it is that it would be annoying for legit players.. But it doesn't truly solve botting.. it just prevents botters from botting for 8+ hours at a time.

#1 and #2 aren't feasible in my opinion.. But #3 is a great idea. I think that would scratch the surface with the current botting issue.
I don't understand how you people can't see why blizzard handles bots the way they do. They WANT people botting. Why wouldn't they? More RMAH money obviously. My guess is they won't just ban a random Joe schmo botting 1 account either because that's only one game dude is gonna re buy.

They're most likely banning people running 5+ accounts at once, knowing full well that all it means is another 5 copies purchased at 59.99, and months more of gear being pumped into the AH. And they won't do it too frequently, they don't want the guy saying "Damn they ban too often, this isn't worth my time and isn't profitable enough, I'm not buying anymore copies."

Blizzard WANTS people botting. They will never say it, but it's painfully obvious. If you were high up at blizzard and someone offered you these two choices, what would you do?

Choice number one: We can hire dozens if not hundreds of extra people to keep the game 100% bot and exploit free OR.

Choice number two: We can run a skeleton crew of "anti hack" employees, saving hundreds of thousands or millions of dollars in wages and benefits, only ban people using 5+ accounts at once and only every few months, and make literally MILLIONS of dollars from botters re buying copies of the game and pouring items into the RMAH.

As a business model, it seems pretty obvious to me what the best choice is here. :)
Maybe my ideas aren't the brightest, but giving up the fight against bots is the worst thing that can be done to a gaming community. I say, when botter is detected, freeze their battle.net account balance, log hardware ID / IP addresses, actively search for repeat offenders.Also, if there is 8 accounts coming from 1 IP address, flag that too. Oh my god, the easy ideas are endless.


So your honestly saing that whenever we have a "lan party at my friend stevens we should all get flagged, when they have 4 people living in the house that play d3 to begin with. Or everyone on a college campus should be flagged. I highly highly doubt your being serious about your qualifications, if you have them, maby you should have learned in college instead of buying your way through it.
Op is a troll or idiot that thinks he knows enough what hes talking about to bull!@#$ when in reality has lttle to no grasp of security whatsoever.
11/18/2012 11:45 PMPosted by DeadRu
Actually if I were Blizzard I'd find this post insulting.


^
Posts: 100
11/23/2012 09:06 AMPosted by DeadRu
Bah, pick on little things, sure I made some spelling errors because I was typing it up, without any proof reading.

lol this from an engineer.

But I just want to say bots are a real issue, and it is fightable. I don't understand such a slow turn-around in Blizzard. Having many bots, go undetected.

It came to a point where it is stupid to not be running a bot. Where is the fun in that?

LoL all your ideas have been beat to death already and are basically stupid.

Like this statement "CAPTCHAS are not a waste of time, if they come on after 8+ hours in a popup, I'm sure botters will have fun babysitting the computers all the time.
HELLO, with the limited storage of D3 they need to be around to dump and mule items. In D3 it takes 2 seperate accounts logged in at the same time. , in D2 it took one main account with several layerd accounts . you made a password game waited 5 min, dropped everything, logged the mule account entered the game scooped it up.

You can't even grasp the simplest fundamental basics of the game.

Why do people have to beat others down when they're just trying to improve the game?
BTW, for someone so insulting about spelling, it's spelled "separate", not "seperate".
Space engineer here,

how about a quantum body fluid check via reverse osmosis hyper modem to verify organic life of engaged player?

also, a colon invasive authenticator can be shipped at your expense with USB compatibility that live interfaces with your bnet account to maintain a temeperature analysis and measures your pulse as it coincides with in game events that should elevate your blood pressure!

-no need to thank me.
To whom it may concern,

I really hope this note gets to the right people working in Blizzard. As a reference, I am a senior software engineer in a fortune 50 company, and I hope the Diablo 3 community & software engineers in blizzard will seriously consider my ideas and implement if necessary.

1. Protect your game data with collision detection. (The bots should not be able to read memory managed by D3 w/o triggering red flags to warden.)

2. Do an analysis of mouse / key movements/keypress-keyup event speeds. If relative movements are too quick, flag it / do a review, add to bad wave list.

3. Do a captsha check for every hour after 8 hours of play time (along with a nice note saying excessive playing is hazardous to your health).

Seriously, there are hundreds of people who are making 2K USD+ using bots. Running it 24 hours a day, 7 days a week.

If you really care about integrity of the game, use manpower to solve the problem if you have to. This is no longer some 'virtual items', it is a real problem.


1.They have something like this "Warden"¿ and bots use mouse click's and key strokes no dll injection, blizzard has done a good job of sending the lawyer's after all the bots that where smarter then warden.

2.They have something like this in place for not only in game also for the AH. (A guy on u-tube got a ban for flipping items on the AH and looking like a bot...)

3. WTF is this going to do¿ Slow the boters down for a day while they code a mouse click¿
Posts: 28
Wow, it's impressive just how clueless you are about the subject matter.

We'll start with the one that's most fun to address. Taking down websites. Explain to me, smart guy, how does Blizzard do this? Explain to us all the process of taking down someone else's website. Organizations like the MPAA and the RIAA, with far more money and influence than Blizzard could ever hope to have, can't even take down websites blatantly violating their copyrights on a daily basis, despite having been trying to do exactly this for years on end, but somehow Blizzard will just push the magical shutdown button nobody else knows about?

Now moving on to the botting problem. How do you know they do not have experts working on this? Do you really think it's this black and white? Why are there security vulnerabilities in pretty much all software that exists? Why do viruses still exist? Why are constant security updates needed for pretty much any software that interacts with the Internet in some way? Do none of them hire experts? I guess not, because if they did they'd have 100% solved all security flaws in like 3 seconds, amirite?

The fact is, the best bots will come from private websites, which sell access to their hacks/bots/etc to users. For these private websites, it's not only in their best interest to keep a skilled staff that can create these programs for popular games, but also to keep these programs as undetectable as possible. As such, it's a constant arms race between the developers of the game and the creators of the bots/hacks/etc. It's an unwinnable scenario as long as enough people are willing to pay money for these hacks/bots/etc (and they are), the best you can do is contain it.


OK, I agree you can never completely eliminate the problem but it's quite obvious that Blizzard isn't even making the simplest attempt.

1: The spammer/farmer's websites are violating Blizzard's copyrights. That alone is enough to get their ISP to shut these sites down.

2: The spammer/farmer's websites exist to violate the terms of use of Blizzard's services. That is also enough to get them shut down by their ISP.

Trust me, the ISPs are going to be a lot more sympathetic and cooperative towards Blizzard than the MPAA or the RIAA. Will it completely solve the problem? No. The spammer/farmers will eventually retreat to places like China or Russia where they really don't care what you do with their bandwidth so long as your check doesn't bounce. But the fact that the same sites are still up and hosted by the same ISPs more than 6 months(!) later after countless complaints proves that Blizzard just doesn't care.

Meanwhile, why can't Blizzard put filters on the chat channels? The spammers/farmers continually bombard the channels with the same websites over and over again. How hard would it be for the servers simply look for a few key strings, and simply block that message? Yes it will take some continued tweaking from Blizzard but not that much. Heck, the players do most of the work submitting the spam.

And at the very least, why isn't Blizzard eliminating the user accounts being used for spamming? Do you know how many 1000s of reports I've put in? Many of them are for the exact same accounts. Over and over again.

So given that these websites still exist on the same providers more than 6 months later, the chat channels and friend requests are clogged with spam from the same users despite months and months of complaints leads me to believe that, yeah, Blizzard Doesn't Care.
Posts: 1,183
View profile
Get rid of the AH system. It is what attracts these people.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edit: Folks, please be mindful of the date on a thread and do not resurrect/bump it if it is fairly old. If you wish to provide feedback on a topic or participate in a discussion, please create your own or find one that is recent. This thread will now be locked.
Edited by Araxom on 3/20/2013 4:51 PM PDT
This topic is locked.

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)

Reported!

[Close]