What you are describing is similar to early EQ, when the client<->server traffic was unencrypted. There was a very common and very doable man in the middle packet sniffing that exploited the information the client got in order to display a full zone of information, when the client only defined a small subset. It’s been a while so I don’t remember the timeline, but I remember many fixes to the client after that trying to correct the issue.

If you are telling me CCP doesn’t encrypt traffic and has no validation thereof, that’s just scary. Encryption is such an easy layer to add these days, and technically, not as much overhead as it used to be. With the network speeds of today it would also be a no brainer to make the decision to enable that.

At any rate, you have me curious now, I’ll see what I can pull up from Eve Search.

Edit: And as with anything really, Wikipedia proves to have even more info on what I was referring to in EQ.

Isnt that similar to the “not in local” but in system exploit?

I am very annoyed that CCP killed their light client >: I’m stuck on my laptop for a month or so, and back when I started out playing EVE it’s all I had. Ran just fine! Now they just have the premium and I’m lucky if I manage 20fps, and 10 minutes without a crash. Drops to 5-ish in crowded areas. Bah. At least I can log in and queue skills.

Man, dead me is really lucrative.

Another 45m ISK in bounty, collected. By, uhmmmm, me.

Encryption is great against man-in-the-middle attacks.

Cheating is not a MITM attack, but rather a hostile endpoint. Encryption just moves the attack surface from the network flow to the process memory in that case.

Agreed. I thought he mentioned it wasn’t encrypted. If that’s not the case I apologize for the thread tangent. Either way though, it sounds like the exploit may have gone public. Lets hope it’s easily addressed with a game update from CCP.

For the last CSM I was first alternate and it was the only CSM so far not to have had at least one member leave/removed during the term. This time I was third (now second) alternate missing out on the second alternate spot by precisely one vote and the first spot by six votes.

Mazzilliu is now a full CSM delegate and T’Amber is the new first alternate (CSM5 results page).

And there she goes:

member removed from csm
reported by CCP Wrangler | 2010.07.07 16:59:23 | NEW

Today Eva “Ankhesentapemkah” Jobse was removed from the Council of Stellar Management due to a breach of the non-disclosure agreement (NDA). We are deeply saddened but feel that it was the only possible solution in order to protect the integrity of the Council of Stellar Management. As this is a matter regarding confidential data we do consider this to be a private issue between Eva and CCP, therefore we are unable to comment further.

Although some speculate it’s because her blog, a CSM member said it was not. Some say it was because her rambling against CCP, but there other CSM who were as verbose about their dissapointed about CCP same as her.

On SHC some say it was because an infringement about two years ago and that trail is leading into the direction that she was supposedly working for another game company and it might be that something from then that showed up now.

According to her CV http://www.xform.nl in 2007, i.e. two years ago, but not currently. Diedra Vaal said in the eve-o thread that the NDA violation occured two years ago, which would be about right on a time scale.

That said, if you actually bother to look at that company’s website you’ll notice that they are hardly competitors to CCP.

To me, this sounds much more like a clause in the nda forbidding participation in the CSM if you have worked for a game company and CCP using that as an excuse to get rid of her. CCP is like any other company, i.e. somewhat inept and not above vicious intrigues and I wouldn’t put it past them to do such a thing.

I have no idea who the fuck this woman actually is or what her in game toon has supposed to have done to piss off everyone here so much apart from squeelling on the forums like every other fucking carebear who just got ninja’d or ganked does.

And I say this because, for fuck’s sake, CCP is never going to change the PvP aspect of the game to nerf hisec PvP, so I don’t know wtf everyone makes so much drama about this woman. Who gives a flying fuck about her chucking a spoon at some guy in a discussion about fucking internet spaceships. It’s not as if she’s the only semi-demented fucker playing Eve.

That said, Eve drama is better than TV, so just let me get another beer and some popcorn.[/quote]

Others also say CCP just wanted to get rid of her (which I could understand but I think CCP wouldnt be that stupid).

Also interesting fact is that in a discussion she threw a spoon at another CSM member.
Interesting this only becomes if you take into account her best quotes:

Ankhesentapemkah:

“The only whiners are you criminals, who stubbornly refuse to accept the fact that law enforcement isn’t *****ing down hard enough on you, and that it is a logical, realistic and proportional response when Concord and the insurance companies take drastic steps to stop you parasiting scum.”

“If there are people that need to be treated, it are those griefers, that should be locked away and rehabilitated into friendly productive members of society, instead of running around griefing people left and right because it makes their twisted minds feel aroused.”

“I just feel disappointed that the killer is capable of doing such a thing. I’ll never understand that. Surely people have some kind of concience, and some empathy and compassion towards other people? Maybe they just forget that there’s a real person behind those ships. Maybe they don’t care. Maybe they’re ruthless psychopatich sadists.”

“People that use a game to get their enjoyment by frustrating other people definately are antisocial psychopatic virgins.”

Oh missed that it was already mentioned.

Im not a CSM alternate IanC / Helen Highwater is. I lack the RL time to dedicate time to such a thing although Dierdra asked me once to step up for FW.

To me, this sounds much more like a clause in the nda forbidding participation in the CSM if you have worked for a game company and CCP using that as an excuse to get rid of her. CCP is like any other company, i.e. somewhat inept and not above vicious intrigues and I wouldn’t put it past them to do such a thing.

There is no such clause. I currently work for a game company and have been a member of the CSM twice now with CCP’s full knowledge.

Then you know more than all those are currently speculating.

So far everything is unconfirmed apart from the fact that it was nothing that she wrote on her blog. There is a chat log post in SHC stating that she rage quit her current eve corp, right after getting booted together with a comment “Im not playing eve for fun” or something similar.

All eve is always good for drama lama and Im curious about what Eva will write in “her defense”.

A lot of speculations also point out that she was booted while Larkonis gate (abusing knowledge to play the market after he got drunk during the CSM meeting in iceland) managed to resign and even write an formal step down post about it.

If she didnt pick up the chance to resign herself or her violation was worse is to be seen …

reference to encryption was more to the ability to do some python bytecode disassembling relatively easily compared to a more traditional client executable

not entirely sure about the traffic itself, have to assume it’s not encrypted ATM. In any case, once you have access to the client’s source code, it seems to me you would sooner or later gain access to the encryption keys?

Yeah, the bounty system in EVE is stupid. Which is kind of a shame, it’d be nice if bounty hunting could actually be done legitimately.

It depends. Very few keys these days would be symmetric, most would be asymmetric, meaning one side has a private key (say the server) and one would have a public key (like the client.) Having one side with that private key would ensure that it would be very hard to do anything with the public key. SSL, PGP, and most current internet based cryptography uses this approach, and I assume they would as well.

So unless they had the source code for the servers as well, it’s a very tough hack. You could do it, but based on the key size and strength and change frequency, the power to decrypt this would be a lot. This is not my expertise area, but lets assume it could be done, but it would be hard to do it in a way that would just allow a random person running a program to crack a live client on the fly.

Encryption protects you from a third party.

If the client is running on my computer, I am not a third party, I am a party to the conversation, and encryption at most moves the attack point.

Noted and understood. Client hack versus communication hack. I can be dense looking for the forest for all these trees in front of me at times.

I ran across this old pic the other day and thought some of you Eve newbies would enjoy it …

Hehe- I decided that 10 AM CST would be the perfect time to go out and do special low sec missions with nobody around… big mistake.

After doing 2 missions, and on my way to the third, I ran into a fleet of around 40 ppl at war with me, with at least 4 stilettoes(then a bunch of cruisers/BC). Me in my assault frigate, they chased me around for 10 minutes, going through about six systems.

Then, going through one of the gates, the stilettoes and some cruisers managed to lock me and scram me- but nobody had a web! I made a mad dash for the gate, made it through at around half armor, and went on my merry way home :P all in all a very exciting 45 minutes.

Probably me best experience in Eve was when I was in the Uni. We went out to 0.0 space for the first time for most of us, and for the first time in a long time for the FCs. There was about 70 of us, mostly frigates but some BCs and BSes as well. It all went to shit, the FCs froze, people were dying left right and centre, everyone got split up. Some of the better pilots, who were in control and new what to do were being completely ignored by the command who had lost it completely. Eventually a group of us, after repeatedly being told to shut up, despite having intel that could save the fleet said fuck it and abandoned the rest to die. Cue an hour of us travelling back through 0.0 to Empire. Scouts relaying info on the routes, skipping around and through bubbles, taking out tacklers on gates and bubbles to let the bigger ships through. We lost two people out of about ten (both frigates) but the BSes made it back safely. It was absolutely fucking brilliant. Simply the best time I had playing Eve. It also coincided with the point that I lost faith in the Uni in providing that high a level of training and experience, and I left. The fallout from that meant that two people, whom I considered the best pilots in the Uni beign banned. So I got both epic gaming and epic drama. It was that moment that I comitted to Eve proper.

Anyone care to put a good word for me at the EVEUNI? I am thinking of leaving Qcats for while, and maybe becoming a EVEUNI instructor can rekindle my passion for the game.

I am not really a good BS FC (I can do it, I just don’t like it) but I can run killer small stuff, fast and hard hitting gangs of frigates punching way above their weight class and having fun while doing it.

Note that I did say leaving Qcats for a WHILE. Only thing can make me leave it for good is creating a roleplaying Gallente corp (for some reason, there aren’t any good ones at the moment, Strix is dead from what I hear). So, would the Uni have me as an instructor for a bit? willing to work my way up from grunt! :)