Warning : Teleporting bots are back!

KerinKor

cheeser123 wrote: »

show previous quotes

KerinKor wrote: »

LOL, and as the NSA has shown, at some point it has to be DECRYPTED and is vulnerable at that point.

Again, not talking about encrypting data, talking about cryptographic authentication. If you don't know the difference, I'm fairly sure you shouldn't be commenting.

I'm very well acquainted with this area of system security, thank you, more so than you may imagine.

I'm unclear where you think authentication comes into it.

cheeser123

KerinKor wrote: »

I'm very well acquainted with this area of system security, thank you, more so than you may imagine.

I'm unclear where you think authentication comes into it.

Because I'm not sending a load of encrypted data, I'm just proving that my client is unadulterated. That's the difference between encrypting data and authentication. That's what those words mean. I don't know how much plainer it could be than that.

Rikumaru

I would just wait to go to the higher level zones as there are almost no bots there as far I've seen

Seroczynski

I had no idea this was possible, but it's something that needs their attention as soon as possible. While bugs are annoying, 'cheating' like this ruins the game experience and possible the entire game.

Starnes

Pingu wrote: »

show previous quotes

Monsoon wrote: »

ZOS_TristanK wrote: »

Thank you for reporting the initial incident, folks, and for all of the additional information. Please be sure to report these characters in-game as well so that we can investigate.

Well its not a question of investigating to be honest but more a question of how on earth is the server NOT checking that people are porting from one place to another in a second? How is teleporting possible at the client level without the server noticing?

Gotta agree with that, makes me extremely worried about safety when playing this game if it is this easy for individuals to literally teleport.. no other MMO is recent history has had such stuff going on.

Makes me question, what else can they do? Teleporting is usually associated with GM Powers for example.

I remember teleporting node farming under the terrain happening in WoW, you would not notice it until you were at a node and starting hearing someone mining the very same node you're next to, you might glimpse a name beneath the world.

It's not unique to ESO but ESO does seem to be pursuing it very aggressively, maybe more so than any other MMO has.

CLFX

it didn't take them 4 days, these options are made in the beta and have been around since the prerelease days...

Sharee

cheeser123 wrote: »

show previous quotes

KerinKor wrote: »

I'm very well acquainted with this area of system security, thank you, more so than you may imagine.

I'm unclear where you think authentication comes into it.

Because I'm not sending a load of encrypted data, I'm just proving that my client is unadulterated. That's the difference between encrypting data and authentication. That's what those words mean. I don't know how much plainer it could be than that.

I have a feeling you are just throwing around buzzwords you read somewhere without actually realizing what they mean.

Turelus

Running around Bleakrock and Stonefalls as well, I wondered WTF was happening at first.
This is a pretty absurd issue if they're able to actually teleport from node to node, I mean bots are going to happen but ones who can just ignore game code and warp around...

AngryNord

Randomizing nodes could possibly stop this?

therain93

Sharee wrote: »

show previous quotes

Kemono wrote: »

Security of game is not very good if teleport bot are working in first week after release

Its not a matter of game security. Since character movement is controlled client-side, and not authorized by the server(no MMO does this as the data overhead would choke the server), there is absolutely nothing that can be done to prevent a hack like this.

The only thing that can be done is detect and ban them as fast as possible.

Not really true. City of Heroes did this for a fact. The server tracked everything and would synch coordinates with the client, which was why "rubber-banding" would occasionally occur as the server would reset your position back a bit if there was significant latency (a problem at launch in 2004, but a rare occurrence at the end.)

Loxy37

I'm sick of it. Its impossible to get any ore or wood in Auridon, been forced to go on to an alt to get ore and wood. This is just spoiling the game immensely for me

robacooperb16_ESO

Saw this a bit before launch, but it really kicked in in the last two days and they seem to come in two types:

The "Prisoner" - teleporting from node to node harvesting with zero travel time between nodes. Was very apparent on K's Rest with the beach and cliffs. Standing up on cliff overlooking beach watched two of them just pop in and out harvesting away, including a couple if times they appeared up on the cliffs to grab the odd node two. Reported them.

The "Invisible Man" - much rarer and harder to report. Been a couple of times that I've gone to harvest a node but I can't for some reason. Odd bit is you get a brief flash of a character name on the screen trying to do so (the interact with part briefly flashes), and the names are a jumble of characters or odd phrases. Thought maybe it was a weird phasing thin but as soon as I mentioned the name in chat others reported running into this "invisible harvester" issue too.

rayvn03b14_ESO

I had an incident in the final beta. I was going to nodes, only to suddenly see them vanish with no one there, or more obviously, walked up to a node and some guy from out of nowhere was there and nabbed it. He had a funky random name, too. I didn't think anything of it: I'd been having issues with lag causing other players/npc's/mobs to not pop in until they suddenly did, and I'd chalked up the name to someone not wanting to properly name a guy he wouldn't still have possibly when the game went live. He had real gear though, not prison rags. I wish now I'd reported it.

Turelus

Seems they may now be invisible as well.
Watching nodes vanish for no reason and if you try to use one of them it says "this node is being harvested by someone else" I first wondered if it was some instancing issues but looks to be related.
I hope they manage to stop this soon or find a way to monitor and locate clients using edited code (if that's the issue others have said) so people get banned before the game economy turns to poop.

Vhalkyrie

Oh wow...so that is what is happening. I would run up to nodes and they would just vanish.

starkerealm

AngryNord wrote: »

Randomizing nodes could possibly stop this?

No.

Random nodes would mean only some would be up at any given time, but there would still be a finite supply of nodes. The bots have to be getting the active nodes from the client, and the client needs to know which nodes are active at any given moment.

Allowing nodes to spawn anywhere would, inevitably lead to weird node placement or inaccessible nodes chewing up the quota (until a bot ate the node and released it).

But, yeah, ultimately, that's not a solution, because the bots would still warp to the active nodes.

chimichi

It has become very hard to gather the last few days. I play mostly play after midnight,EU Server, during early access and the first days after launch i could go and gather and basically run from node to node, killing and questing on the way, getting enough to equip myself ... not anymore. I have had the "invisible man" quite often. The name is barely visible for a second, and that character is clearly underground while harvesting. Last night i found ONE potency rune. maybe 3 jute, 4 iron ore, 4 wood i can remember that did not disappear instant. But mostly i don't see any nodes around, like there are none. Was questing in Auridon btw. Provisioning around skill lvl 40, rest stuck around lvl 6-9 ...

Evelyn_Nightingale

Sadly, once they successfully detect the teleporters new bots will be made to just barely pass under the radar. The bots will continue to evolve like bacteria while the game-makers find ways to detect them.

Pintobean

Gold selling and node stealing are same problem. How do you think the gold sellers are getting gold? Selling refined node material to NPC's at 12-16 gold a gather (really adds up fast) One solution I do not like, but better than none, would be to drop the NPC buying of node material to zero for raw, and 1 for refined.

Of course, then i would not have a way of making money either, but might slow down the bots.

Ysne58

I had a couple of nodes disappear on me, wood and iron. Whoever got them was invisible in game, so I was a bit puzzled about how to report it.

rayvn03b14_ESO

It's an arms race that happens in every single MMORPG out there. The farmers do something, the game devs respond, and back and forth it goes. I recall in one game I play the farmers would /whisper, hit trade chat, and when they were banned from that... well, this video shows it far better than I can describe. I hope ZOS nips it in the bud before we start seeing flying Khajiit in Cyrodiil :P

youtu.be/UJRVlR9Xl3A

Brasseurfb16_ESO

cheeser123 wrote: »

Assuming this is something that people might have to report often, what is the procedure for reporting this? It's not a bug, so /bug is probably wrong. Can you give a detailed idea of how we should report this kind of activity, what information to include, how to make sure it's tagged or otherwise marked appropriately so that it gets to the right people so that these bots can get banned lickedy split?

1) You keep press "f" on a player.
2) You choose "report player" on the Wheel.
3) You choose in the report category -> report player for cheating/exploiting.
4) Add a screenshot, even if you don't catch the bot you still give valuable information from the location where it happend.

chimichi

the ones i've seen in action were way to fast to target and hit them with f. I am not slow, but they are barely visible for a second.

jason95821

how else do you expect the gold farmers to grind gold ^_- lol
arse holes every one of them
hope it is auto ban soon to get rid of them loosers

Felarrond

Have also had this happen quite a lot to me lately, get to a node start to harvest only to have someone magically poof onto me and somehow take the node.

Turelus

chimichi wrote: »

the ones i've seen in action were way to fast to target and hit them with f. I am not slow, but they are barely visible for a second.

Maybe screenshot if you can at least hover over their name but yeah it's kind of stupid how fast they phase in loot and phase out again.
Add to that the ones who care invisible and it's almost impossible to stop them on our end as players.

I know CCP games have ways of detecting modified code in their clients and then banning people who use it, from what their security team has spoken of they have some very nice and sneaky tools they use to catch botters.
I only hope Zenimax can manage the same level of security service here.

cheeser123

Sharee wrote: »

I have a feeling you are just throwing around buzzwords you read somewhere without actually realizing what they mean.

Authentication = knowing somebody is who they say they are, that they have data they say they have, etc.

Encrypting data = taking data and making it obfuscated in some way.

We are talking about the first one. CS102 should have taught you this.

Dodece

The sad reality is where there is a market there is a way. We need to be honest about something, and I know this is an unpopular sentiment to express, but in games such as this there is always a pay to win service being operated. Either by mercenaries, or by the companies themselves.

That is something that people who play these games just have to accept. There are people out there who would rather buy their way to success. Rather then earn it the old fashioned way by actually playing the games for themselves. I know most of us are upset by this, and justifiably so. Hard work is what should be rewarded. Not the size of someones bank account.

That said if it is going to happen regardless. Then I would rather the developer be the ones doing it. They made the game after all, and they don't have to even resort to cheating, spamming, or just plain being nuisances about it. I know that Cash Shops are an ugly term for some, but the reality is in any game that I have played that actually used them aggressively. As in making sure that the players know they are available.

The farming community was non existent, because they couldn't turn a dime on their time. I know the idea of a developer selling in game items is insidious in the eyes of most, but if it is going to happen. Let it be someone who isn't also going to ruin your direct experience in game. Hey you are going to be beat by someone who can drop a grand of real money on virtual goods anyway. Would it not be better if that money went to the developer who might invest some of it back into the game where they are making that money.

WyeVxndzz

Just to be sure: how is everyone so sure that a bot has "teleported" when it's entirely likely that our systems have some lag between events on server and draw to complete on screen? The same reason that people sometimes seem to abruptly change course or hop in space when running by would explain it.
I mean, I do believe in bots and have read about toons on autopilot and seen sites about how to do it- but never heard about the invisibility thing. Maybe there's a bug that you hear someone who is phased and they're mining a node - not affecting your phase - but creeping you out. Maybe the guy who seemed to pop in front of you was a processing delay.

Sharee

cheeser123 wrote: »

show previous quotes

Sharee wrote: »

I have a feeling you are just throwing around buzzwords you read somewhere without actually realizing what they mean.

Authentication = knowing somebody is who they say they are, that they have data they say they have, etc.

Encrypting data = taking data and making it obfuscated in some way.

We are talking about the first one. CS102 should have taught you this.

Yes, i know you can look up a wikipedia definition.
No, im not talking about that, i'm talking about this:

Because I'm not sending a load of encrypted data, I'm just proving that my client is unadulterated. That's the difference between encrypting data and authentication."

That statement does not make any sense. Hacked clients are "sending a load of encrypted data"? Not sending encrypted data proves that your client is legit? How? And what does any of that have to do with authentication? That's just a pure mishmash of words randomly put together.