Share my thoughts, ideas and advice here

27 Replies
piratei
6 November, 2016, 12:33 PM UTC

Plarium support team invited me to share my thoughts, ideas and advice here on forum. So that's what i'm doing.

I can't post them on ,,Suggestions" topic because Alyona blocked it on September (way too many suggestions)


My thoughts: 

1. One player manually makes countless accounts (known as bots) and control them simultaneously using a single software platform. This happens for 6 Plarium games on 7 servers. 

2. Any player can make an account using a fake email and a password and enter the game in no time.

3. Right now you are kindly invited to verify your email just to ,,activate some features" but this is not imperative and you can play without doing it.

4. No one can connect to this forum without completing a CAPTCHA. To post this new topic i have to prove that i'm not a robot. :) But any player can connect with his game client  to Plarium database servers without completing one.


The main idea: I'm not a programmer, I don't know if it's a simple or a complicated task but game security team must block ONE specific piece of software to connect to Plarium servers. The software is out there for 6 years, how hard it can be to do that? How long does it takes? I don't know. But it must be done or else all the games/servers will look like russian one soon.


Other ideas

For new players/accounts:

1. Account activation. Email address must be verified BEFORE account can be used on Plarium games. 

2. The email address. Plarium must block the use of disposable emails (for example http://www.block-disposable-email.com/cms can do that) and the use of strange emails that looks like [email protected]

3. A form of program that protects websites against bots needed. Any player must complete a CAPTCHA (or some other solution) every time he wants to log in and connect his client to the game database.


For existing players:

1. Email verification. On the next login, everybody must verify their email in order to continue to play. No email verification= NO PLAY

2. Blocking all accounts made by using disposable or strange non-possible-existing emails

3. Same as 3 above


My advice:

For Plarium: do your job and take our money. We like this game, that's why we are here but we want everybody play fair. Stop 1 player to connect to games database servers and control his 50 bigbigdataxx accounts with only 1 click!

For moderators: stop talking nonsense. I am new in here. At least those of you that know russian language knows what i'm talking about years ago.


For players: * Edited, please follow forum rules 3.11



I am curious to find out that this message will get to the surface or i'll ending
getting' banned. Though banning me will not help resolving problems. 


Later edit: there is a closed thread here on forum http://plarium.com/forum/en/pirates-tides-of-fortune/game-discussion/30936_facebook-vs-plarium-2 

HDB is saying: ,,Someone asked why the Halloween Skin was priced 2000 rubies on facebook. Instead of the normal price. But a mod told him to shut up." 

The answer for Plarium support was: ,,First of all, i want to highlight that these are two separate platforms which aren't connected. It means that Facebook players are separated from players who play on the official website.  Yes, the prices are different, but it doesn't have an influence on the balance since all players pay the same price within their designated server."


Wait a minute! I didn't know that! 

But I've already seen it on some game series on PlayStation consoles and PC. There are different markets for different platforms. One item have a cost on PS4 platform, double as that on PS3 platform and ten times higher on PC platform. 

Why? Some of you already know the answer. Because PS3 and PC versions of the game are hacked. In hacked versions one can gain lots and lots of coins/rubies/whatever by cheating. Lot's of cheaters = lots of coins = Higher prices.

Maybe this applies here as well. And the game goes down to the toilet when some can cheat and others can't (or maybe just want to play fair).

UTC +2:00
bernd
6 November, 2016, 2:43 PM UTC
captcha after loggin' in sounds good. or maybe also captcha before attacking prizes ...
UTC +1:00
piratei
6 November, 2016, 3:00 PM UTC
I said BEFORE the client login. Attacking prizes must be allowed only after completing a 24 questions questionnaire or a small survey
UTC +2:00
bernd
6 November, 2016, 3:10 PM UTC

piratei said:


I said BEFORE the client login. Attacking prizes must be allowed only after completing a 24 questions questionnaire

sorry,  before Login of course, my fault.


Should be quite easy to implement and also more user-friendly then E-Mail verification. If they really want a safe game ...

UTC +1:00
shiv
6 November, 2016, 4:01 PM UTC

and you weak? 

http://prnt.sc/d3tbfr

RuAL | No money no honey
UTC +0:00
piratei
6 November, 2016, 4:06 PM UTC

So, you share my thoughts here, shiv? 

UTC +2:00
Crowbar
Moderator
6 November, 2016, 4:09 PM UTC

Checking the existing accounts for valid e-mails is not a good idea. There are numerous legitimate reasons why someone might have lost their e-mail account. On Kabam, we cannot change our e-mails, so even if I know I'll lose my e-mail account, I have no way of changing it in the game.

As for Captcha on log-in, that sounds good. I find them annoying, but they would probably help a bit with the current bots problem. Although, once a player is logged in, it would be easy to switch back to bots, meaning that the bots' owner would "only" have to log in on each of their accounts manually. That'd be boring, but not much more than visiting cemeteries daily. Still, I agree that it makes far more sense to put Captcha on the game login than on opening new forum threads.

I also think that it shouldn't be too hard to trace large batches of alts (read: bots) run from the same computer (or the same IP address). Although the IPs can be spoofed, it should produce significant improvements compared to how little work it'd be to check those, especially now when the bots are probably not spoofing their IPs.

UTC +0:00
shiv
6 November, 2016, 4:12 PM UTC
piratei said:

So, you share my thoughts here, shiv? 

Nope 

RuAL | No money no honey
UTC +0:00
piratei
6 November, 2016, 5:07 PM UTC

Crowbar said:


Checking the existing accounts for valid e-mails is not a good idea. There are numerous legitimate reasons why someone might have lost their e-mail account. On Kabam, we cannot change our e-mails, so even if I know I'll lose my e-mail account, I have no way of changing it in the game.

As for Captcha on log-in, that sounds good. I find them annoying, but they would probably help a bit with the current bots problem. Although, once a player is logged in, it would be easy to switch back to bots, meaning that the bots' owner would "only" have to log in on each of their accounts manually. That'd be boring, but not much more than visiting cemeteries daily. Still, I agree that it makes far more sense to put Captcha on the game login than on opening new forum threads.

I also think that it shouldn't be too hard to trace large batches of alts (read: bots) run from the same computer (or the same IP address). Although the IPs can be spoofed, it should produce significant improvements compared to how little work it'd be to check those, especially now when the bots are probably not spoofing their IPs.

1. As i can see, here on plarium.com server you can see/change email anytime in your profile/info. On other platforms where email can not be changed by user himself, for this specific case, someone lost his original account email , there is a specific solution: ask Plarium support to change your email. I don't think there are millions of players that lost their emails accounts... Then validate new email for your account to be active.

2. They cannot log in manually on each account to control bots. I saw they must login within the cheating interface, emails/passwords are stored in software database/server.  Military strategist Shiv can give you more details on how this δημιουργός thing works.

3. I'm not a tech guy, it is plarium job to sort this out.

UTC +2:00
shiv
6 November, 2016, 5:50 PM UTC

piratei said:


Crowbar said:


Checking the existing accounts for valid e-mails is not a good idea. There are numerous legitimate reasons why someone might have lost their e-mail account. On Kabam, we cannot change our e-mails, so even if I know I'll lose my e-mail account, I have no way of changing it in the game.

As for Captcha on log-in, that sounds good. I find them annoying, but they would probably help a bit with the current bots problem. Although, once a player is logged in, it would be easy to switch back to bots, meaning that the bots' owner would "only" have to log in on each of their accounts manually. That'd be boring, but not much more than visiting cemeteries daily. Still, I agree that it makes far more sense to put Captcha on the game login than on opening new forum threads.

I also think that it shouldn't be too hard to trace large batches of alts (read: bots) run from the same computer (or the same IP address). Although the IPs can be spoofed, it should produce significant improvements compared to how little work it'd be to check those, especially now when the bots are probably not spoofing their IPs.

1. As i can see, here on plarium.com server you can see/change email anytime in your profile/info. On other platforms where email can not be changed by user himself, for this specific case, someone lost his original email account, there is a specific solution: ask Plarium support to change your email. I don't think there are millions of players that lost their emails accounts... Then validate new email for your acount to be active.

2. They cannot log in manually on each account to control bots. I saw they must login within the cheating interface, emails/passwords are stored in software database/server.  Military strategist Shiv can give you more details on how this works.

3. I'm not a tech guy, it is plarium job to sort this out.

IT-man shiv 

In couple of days I will publish article u will like it. Wait please.

RuAL | No money no honey
UTC +0:00
piratei
6 November, 2016, 6:10 PM UTC
Thank you, demiurg-man. Please, do not forget to mention what happens when we click auto-generator button.
UTC +2:00
shiv
6 November, 2016, 6:21 PM UTC

piratei said:


Thank you, demiurg-man. Please, do not forget to mention what happens when we click auto-generator button.

fear...

RuAL | No money no honey
UTC +0:00
piratei
6 November, 2016, 6:24 PM UTC
cheating...
UTC +2:00
Icy
Moderator
7 November, 2016, 1:27 AM UTC

piratei said:


For new players/accounts:

1. Account activation. Email address must be verified BEFORE account can be used on Plarium games. 

2. The email address. Plarium must block the use of disposable emails (for example http://www.block-disposable-email.com/cms can do that) and the use of strange emails that looks like [email protected]

3. A form of program that protects websites against bots needed. Any player must complete a CAPTCHA (or some other solution) every time he wants to log in and connect his client to the game database.


For existing players:

1. Email verification. On the next login, everybody must verify their email in order to continue to play. No email verification= NO PLAY

2. Blocking all accounts made by using disposable or strange non-possible-existing emails

3. Same as 3 above


These are probably the best ideas so far.  For looking at solutions to make the problem better, A+ 

please keep in mind forum rules before posting please. 

UTC -4:00
Blasphemy
Moderator
7 November, 2016, 1:36 AM UTC

gmail has it you can use the same account, but put a . in it have it be additional email




like say...


[email protected]

[email protected]

[email protected]

[email protected]


each gmail is a new mail, going t o the exact same email

plarium should only allow one email, per 

if possible

I am a daughter of a High King who is not moved by this world for my God is with me and goes before me, I do not fear because im his
UTC +2:00
Blasphemy
Moderator
7 November, 2016, 1:38 AM UTC

shiv said:


piratei said:


Crowbar said:


Checking the existing accounts for valid e-mails is not a good idea. There are numerous legitimate reasons why someone might have lost their e-mail account. On Kabam, we cannot change our e-mails, so even if I know I'll lose my e-mail account, I have no way of changing it in the game.

As for Captcha on log-in, that sounds good. I find them annoying, but they would probably help a bit with the current bots problem. Although, once a player is logged in, it would be easy to switch back to bots, meaning that the bots' owner would "only" have to log in on each of their accounts manually. That'd be boring, but not much more than visiting cemeteries daily. Still, I agree that it makes far more sense to put Captcha on the game login than on opening new forum threads.

I also think that it shouldn't be too hard to trace large batches of alts (read: bots) run from the same computer (or the same IP address). Although the IPs can be spoofed, it should produce significant improvements compared to how little work it'd be to check those, especially now when the bots are probably not spoofing their IPs.

1. As i can see, here on plarium.com server you can see/change email anytime in your profile/info. On other platforms where email can not be changed by user himself, for this specific case, someone lost his original email account, there is a specific solution: ask Plarium support to change your email. I don't think there are millions of players that lost their emails accounts... Then validate new email for your acount to be active.

2. They cannot log in manually on each account to control bots. I saw they must login within the cheating interface, emails/passwords are stored in software database/server.  Military strategist Shiv can give you more details on how this works.

3. I'm not a tech guy, it is plarium job to sort this out.

IT-man shiv 

In couple of days I will publish article u will like it. Wait please.

Another one??

I like your articles i cant wait....
I am a daughter of a High King who is not moved by this world for my God is with me and goes before me, I do not fear because im his
UTC +2:00
FaZi
7 November, 2016, 6:58 AM UTC

Captcha won't do any harm to bots for sign in yeah they can cause panic to normal players.


Players who can make a bot to handle multiple accounts, captcha filling is really a NOOB job for them.


Leave that development thing aside, there are numerous auto captcha filling bots on the internet.


Th' rougher th' seven seas, th' smoother we sail. Ahoy! ahead ye coward
UTC +3:00
Blasphemy
Moderator
7 November, 2016, 12:15 PM UTC
FaZi said:

Captcha won't do any harm to bots for sign in yeah they can cause panic to normal players.


Players who can make a bot to handle multiple accounts, captcha filling is really a NOOB job for them.


Leave that development thing aside, there are numerous auto captcha filling bots on the internet.


they have new ones you have to read and do what it says, like a street sign, they have upped the playing field when it comes to captcha 
I am a daughter of a High King who is not moved by this world for my God is with me and goes before me, I do not fear because im his
UTC +2:00
User Deleted
7 November, 2016, 1:02 PM UTC

shiv said:


and you weak? 

http://prnt.sc/d3tbfr

Please Master, Teach Me Kung Fu

UTC +1:00
FaZi
7 November, 2016, 1:35 PM UTC

Blasphemy said:



they have new ones you have to read and do what it says, like a street sign, they have upped the playing field when it comes to captcha 

if you are free from deleting replies, closing threads & moving them to trash.


You can look it up on the internet & you will find auto filling for that too.


Th' rougher th' seven seas, th' smoother we sail. Ahoy! ahead ye coward
UTC +3:00
1667249 users registered; 34145 topics; 253887 posts; our newest member:Castle №1085806