Automation and Scripting - An investigation into further abuses of BGS and Powerplay

Status
Thread Closed: Not open for further replies.
Your views on whether you think this si cheating or not are your own. However for the avoidance of doubt FDev have explicitly stated it is against their terms of service so it IS cheating. The inability for anyone to rigorously police this though does leave the whole issue unresolved.
Botting in general is prohibited in ALL on-line games AFAIK, but it still occurs. All those of us as players can do is report instances that appear to be botting and let the relevant developers deal with it.

Removing the docking computer, restricting gameplay to specific modes, or adding mechanics that require manual intervention will not prevent botting from happening and will just annoy at least some players that do not get involved with botting (or external automation) in any shape or form.

I think what FD need to make clear is whether use of limited macros is considered cheating, it is not something I personally do but it is a feature facilitated by various items of utility software including but not limited to: voice recognition tools (e.g. VoiceAttack), OEM controller software for keyboards/mice/sticks/controllers (e.g. Logitech Gaming Software). If not, then they need to make clear at what point macros and external automation in general is considered cheating. This is not for my benefit but for the benefit of the people that in some cases may rely on these tools for what they consider non-botting gameplay.
 
Last edited:
Or maybe you should just learn to live with bots at least I'm making a suggested fix rather than just saying that prob won't work because they might only log on While everyone is asleep or picking their nose
Sure, and I could suggest that Frontier fix the bot problem by executing anyone who runs a bot for offences against the state. It might actually be easier for Frontier to take over the world and make cheating a capital crime than to come up with a loophole-free definition of "in Open" and "attack" for BGS actions, but neither is likely to feature on their corporate objectives.
 
If they don't engage with open they would not be effected they can still defend the system from solo
Not so based on your "no affecting player factions in solo/PG" concept which is quite frankly a ridiculous and trollish concept.

Further more, as already pointed out to you several times: Player Factions are just Player requested NPC Factions as opposed to Guilds. Forth-coming squadrons are the closest to the Guild concept but they neither directly affect nor are affected by the underlying BGS. They may support a given PP Power and/or minor faction but that does not mean they are part of that PP Power or faction - they are external agents who are notionally aligned with it. That is it.

Your "alleged fix" is not a fix - it is a troll, nothing more. ;)
 
Just to burst your bubble..

Drop from super cruise to station
Orientate to station in front
Use Green/Red to orientate for perfect approach
Enter grill
Landing pad is now show on gimbal ball
Orientate and land

All the above can be done by reading portions of the screen and acting accordingly

For what it's worth, from a CV standpoint the mail slot is possibly the most challenging aspect to automate. I wouldn't be surprised if that's why Frontier a while back got rid of the "undock-and-relog" method of exiting the station. It's not that the slot is a terrifically hard problem, but a viable automation needs to have a >99% success rate, especially in cases like leaving the station where failure equals a mission failure and a rebuy. The visual environment around a station entrance is tricky enough that even a well-tuned analyzer will occasionally lock onto some other rectangular feature and fly towards that instead. If there are trade-loop-bots running now (and the evidence seems to suggest that there are), either someone has put a very considerable effort into solving this problem, or else it's a human-sometimes-in-the-loop solution. One pilot could multitask quite a few such bots via some kind of KVM switching if the scripts simply brought the human in to line up on or otherwise identify the slot.

And none of it would break EULA as there is no memory or executable manipulation. They could ban 'automation' which would in theory fix it, but I doubt botters care about EULAs or anything FD have to say. And of course, you'd be automatically banning VoiceAttack. Which might not be a bad thing, as it can be used to automate a while swathe of things.

And as another poster wrote, they could start adding checks that look for computer vision software running in memory. All such client-side countermeasures are ultimately futile, because once you're exploiting the game via impersonating a player rather than through technical hacks, there's no real limit to how well you can pretend. Endgame there is, point a camera at the screen and feed in the bot's inputs via a RaspberryPI presenting as a keyboard and mouse.

That is anything but a guarantee as has been explained to the open-only crowd on many occasions.

Ultimately, it would be neigh on impossible to identify a bot from someone doing something comparable manually. There are too many variables in play and there are many different ways things can be automated without them being 100% identifiable as being automated.

Introducing random/triggered "are you a human?" tests like Captcha in-application is the only true way to really curtail botting but such tests themselves would be sufficiently immersion breaking for the case against them to be sufficiently strong. Further more, I have no doubt that such techniques are not able to stop botting in all cases.

You could surely design minigames that would be quite difficult to automate. The problem is that ED allows you to escape from any dangerous situation provided you aren't destroyed in under 15 seconds. Back when the suspected bots were flying in open, it was reported that they would simply menu log if scanned or interdicted. Given the infinite patience of bots, a script could do that all day until it lucked into an instance where it doesn't face the Turing Test minigame.

No, in the end the only real solution is for Frontier to police this. If it is a high enough priority for them, they have all the data they need to sort out accounts that are performing beyond what a human could reasonably achieve. As CV/ML/AI advances, it will not be possible to prevent all game automation, but the scripter who wants to remain undetected can be limited to doing no better than a really dedicated human player.
 
While I have a small amount of admiration for the coders who have developed these bots (it still took a fair amount of effort to do), it is still abhorrent to ANY MMO game to have bots doing work that humans could not possibly achieve in the same timeframe.

Unfortunately, it is 100% impossible to stop. The ability to read a screen AND translate this to readable and actionable data by a script is unstoppable.

There is only one way to effectively block this sort of thing from happening, and that is to use system-invasive monitoring software to look for running processes that could be used to run such scripts - Python interpreters, or exe's that inhabit specific memory addresses, etc. I believe WoW and Blizzard games did (or still do) use such tools.

Unfortunately, there are MANY useful external tools for Elite that also use such things, and they would probably be blocked too.

Because no bot appears to interfere with Elite's running code, I fear absolutely nothing automated can be introduced to stop bots, and it can only be reported and acted upon by visual observation.
 
You could surely design minigames that would be quite difficult to automate.

I read somewhere in the thread about an idea for a CAPTCA system - but unless the 'question' was so badly obscured to make scanning it impossible, it would be trivial for a bot to read the question, pick out the keyword and using a database created by the developer, to just match the image to the keyword - FDev are not going to spend many development hours on introducing a system that would ultimately inconvenience players. (personally I wouldn't carfe too much, as long as the CAPTCHA was infrequent).

And minigames are, after all, learnable processes that could easily be adapted by a script. IF a script can undock, hyperspace, refuel and dock all by itself, adding minigame rules would very likely be trivial. I don't know if these current bots can escape interdiction (apart from the boost/highwake option) - but I bet coding that in wouldn't be too difficult, after all, all it needs is to know the x/y location of the escape vector and constantly move the ship in that direction.
 
Unfortunately, it is 100% impossible to stop. The ability to read a screen AND translate this to readable and actionable data by a script is unstoppable.

There is only one way to effectively block this sort of thing from happening, and that is to use system-invasive monitoring software to look for running processes that could be used to run such scripts - Python interpreters, or exe's that inhabit specific memory addresses, etc. I believe WoW and Blizzard games did (or still do) use such tools.

Unfortunately, there are MANY useful external tools for Elite that also use such things, and they would probably be blocked too.
Further more, with a suitable setup there are ways that automation tools can be used without the system being affected by them even knowing the tools are being used. There are (at least) TWO main ways this can be done, but I will not go into the details here as it could potentially be seen as advocating cheating - which I do not condone.
 
Further more, with a suitable setup there are ways that automation tools can be used without the system being affected by them even knowing the tools are being used. There are (at least) TWO main ways this can be done, but I will not go into the details here as it could potentially be seen as advocating cheating - which I do not condone.

Yes.. sadly this is also relatively easy - although such things CAN be detected using the processes I mentioned previously.

I think one thing to keep in mind that, ATEOTD, these ARE just script kiddies, and I suspect using such advanced techniques are possibly above them, I don't think we're dealing with master coders here - I mean if they are they really need to do something more productive with their time :D (unless these scripts are easily obtainable and for sale - then I guess we'll be in EVE territory (script use there used to be big business - although I have no idea if that still goes on).

Edit: I just realised what setup you're talking about - and yes.. that wouldn't be detectable at all. *sighs*
 
The key point here would be the screen reading/interpretation aspect but stopping that would also necessarily prevent streaming/videos/screenshots - allow any of those and botting would still be possible. Even with out it, blind chance macro based botting may still be feasible.

I agree that adding mini-games is not a viable option to prevent botting and more often than not annoys end-users in general.

Active manual policing of the issues in play is the only real way to deal with botting in general. Yes, automated tools can help identify potential bots and flag the relevant accounts for investigation but should never be used to auto-penalise individuals. The automated means of detecting potential cheaters is anything but flawless nor without room for error.
 
No, FD can't stop botting. This is undeniable.
Yes, there are some ways for FD to notice when a bot "sticks it up and says Hi". They could implement these even knowing they wouldn't see them all.

However, this discussion is completely wasted, because the other thing you can guarantee is that whatever they are doing FD will say nothing about it. They will maintain OPSEC and neither confirm nor deny anything about how they are are watching for bots or what they are doing about them when they spot them. Because doing anything else would be STUPID, and whatever you may think about their design decisions they sure aren't that.
 
… or what they are doing about them when they spot them.
That much is well known - shadow bans are the main vehicle for dealing with breaches of the EULA/ToS/CoC.

We may not know when they are applied to specific accounts - except perhaps if we are personally being sanctioned by the measure.
 
Of course not! Why would you even think such a thing.

This is us reporting things, and support looking into it. But so far we have seen no let up in the attacks, and are losing control of systems nearly every week.

Because your post suggested you were working together. Which made me wonder how exactly. If the botting is still ongoing then FD don't appear to be very effective so I can only assume they are helping you in other ways.

On occasion the Alliance factions have come across on these forums as somewhat arrogant in their stance against other pmf especially new ones who are inserted in systems you claim. It crossed my mind that this attitude was the result of a close relationship with Fdev.

In the interests of transparency would you be prepared to say just what exactly it is Fdev have done for the Alliance as a result of their collaboration into Bots?
 
Last edited:
Because your post suggested you were working together. Which made me wonder how exactly. If the botting is still ongoing then FD don't appear to be very effective so I can only assume they are helping you in other ways.

On occasion the Alliance factions have come across on these forums as somewhat arrogant in their stance against other pmf especially new ones who are inserted in systems you claim. It crossed my mind that this attitude was the result of a close relationship with Fdev.

In the interests of transparency would you be prepared to say just what exactly it is Fdev have done for the Alliance as a result of their collaboration into Bots?

FD working with the alliance?

109.jpg
 
You do realize though, that it is a pretty easy matter to read things like system memory and look for things like CV running. While this alone may not warrant actionable responses, it does lay the foundation for an actionable response. Think of it like this: It may be perfectly legal to own bolt cutters, grounding rods, jumper cables, a lock pick set, latex gloves, super glue, packing tape, carbon powder and a ski mask. You can even drive around with all these things in your car, at night. But, if you happen to get stopped by your local police, they can, and regularly do, charge people, especially those with a documented criminal history with "Possession of burglary tools", because these are the tools a burglar would have.

In the same token, CV is something a botter would have running, at the same time as Elite. And there are already pre-written packages out there specifically designed to look for things like this running at the same time as various games. So there is validity to this.

So you are advocating that frontier run software that spy on whatelse is running on their customers computers? You can't see any way that might go badly?

Frontier has also demonstrated in the past the ability to detect "Long Running Macros", and let's not forget about their glorious sweep of the module engineering exploit. It's just that these things have to be prioritized, investigated, documented - there's an entire process that needs to be worked before action can or should be taken. And it takes more than a simple "Wah, someone cheated!" post here with an expectation of what? That person so accused is instantly banned? A special MI-6 task force is dispatched to their home to drag them out of bed and give them a flogging? Or the magical "I Win" button appears on your screen?

Let's put this into a better perspective - we can all agree that Frontier does not want, welcome or condone cheating. Now where does this factor in to a much bigger picture? That is, how do you prioritize addressing this in comparison to something like: If anyone equips this particular module and then attempts to engineer it, it applies the wrong modification, and the next time that person tries to log in, their client crashes because of this (happened during the Engineers beta), or If more than 4 people enter an instance in this particular system at the same time, a memory leak starts in the Matchmaking Server and destabilizes the game for everyone.

Clearly, if you are a rational, even moderately intelligent person, you realize that game-breaking, server-crashing, wide-reaching issues need to be addressed before something as relatively minor as this - and yes, this really is relatively minor in comparison. This doesn't break the game, just the arbitrary rules that are not required to make the software functional, but exist merely to attempt to reign in human behaviors.

Here's another way to look at it - the word: "******", but let's just assume that whatever that word happens to be, was not filtered by profanity filter. It's vulgar, makes some people cry to see, and yet, for some reason, the chat filter lets it right on through. Should all work on all other areas of the game be stopped to fix this? Does the word "******" showing up render the game unplayable? No, it doesn't. Sure, you may not like seeing "******" on your screen, but that doesn't stop you from being able to play.

On the flip side, something like "******" might make its way up to the top of a fix-list a lot sooner than something like "In the flavor text for missions hauling biowaste, biowaste is mis-spelled as "biowaist".

Is cheating a problem? Sure. Is it game-breaking, universe-ending, insolvency-causing? No.

Not sure what point you are arguing here as at no point have i suggested that this is a game breaking issue. It is however relatively easy and accessible. And wont go away on its own. Of course things need to be prioritised. My commentary was to cahllenge the numerous posts here claiming they doubted bots were possible, or that tehy couldn't fly or dock a ship, or that somehow the solution is to put everyone in open. All three of those views are fallacies.
 
And as another poster wrote, they could start adding checks that look for computer vision software running in memory. All such client-side countermeasures are ultimately futile, because once you're exploiting the game via impersonating a player rather than through technical hacks, there's no real limit to how well you can pretend. Endgame there is, point a camera at the screen and feed in the bot's inputs via a RaspberryPI presenting as a keyboard and mouse.

Agreed. Except can you really imagine a commercial company adding monitoring software t its game to see what else your computer is running? It would be a PR disaster and a potential legal minefield.

You could surely design minigames that would be quite difficult to automate. The problem is that ED allows you to escape from any dangerous situation provided you aren't destroyed in under 15 seconds. Back when the suspected bots were flying in open, it was reported that they would simply menu log if scanned or interdicted. Given the infinite patience of bots, a script could do that all day until it lucked into an instance where it doesn't face the Turing Test minigame.
{/quote]

agreed

No, in the end the only real solution is for Frontier to police this. If it is a high enough priority for them, they have all the data they need to sort out accounts that are performing beyond what a human could reasonably achieve. As CV/ML/AI advances, it will not be possible to prevent all game automation, but the scripter who wants to remain undetected can be limited to doing no better than a really dedicated human player.

I'd be interested to understand HOW you think this is policed by simply looking at available server side data? At what point does the length of your game session and the monotony of your system jumps. station visits and mission selections become strong enough evidence for a commercial entity such as fdev to issue a ban?

The history presented in this thread does suggest that frontier have banned accounts before but only after significant circumstantial evidence has been presented by dedicated player groups to begin the process. I am sure Fdev could do more by having some resources dedicated to the issue but they will always be behind the curve and playing catchup. I'm pretty sure there will be a lot of false flag claims from the community too. There is a point at which the cost to try and do better in tis area simply doesn't produce a benefit.
 
I read somewhere in the thread about an idea for a CAPTCA system - but unless the 'question' was so badly obscured to make scanning it impossible, it would be trivial for a bot to read the question, pick out the keyword and using a database created by the developer, to just match the image to the keyword - FDev are not going to spend many development hours on introducing a system that would ultimately inconvenience players. (personally I wouldn't carfe too much, as long as the CAPTCHA was infrequent).

And minigames are, after all, learnable processes that could easily be adapted by a script. IF a script can undock, hyperspace, refuel and dock all by itself, adding minigame rules would very likely be trivial. I don't know if these current bots can escape interdiction (apart from the boost/highwake option) - but I bet coding that in wouldn't be too difficult, after all, all it needs is to know the x/y location of the escape vector and constantly move the ship in that direction.

I think it depends on the why the bots is written.

I think its just as likely that the bots may be written just for the technical challenge of doing something like this, as much as for the in game advantages they may bring. The simplest way to manage interdiction for the bot is just to log out. and then log in again. Remember the bot is most likely still harmelss but has LOTS of cash so expect it to be running an A class cutter. There isn't much in the way of NPCs that are going to be sent against a harmless pilot that are can take down a cutter in 15 seconds.

However if someone wanted the technical challenge, then yes i can imagine them wanting to be able to beat the interdiction mini game - depends if they think it's worth the effort or not?
 
Could always disable docking computers at certain systems just the one in 3 chance "I'm sorry commander but our automated docking system is under maintenance at the moment you will have to dock manually"would prob solve it
 
Could always disable docking computers at certain systems just the one in 3 chance "I'm sorry commander but our automated docking system is under maintenance at the moment you will have to dock manually"would prob solve it

It's also a really nice addition to the game without the anit-bot feature.
 
Status
Thread Closed: Not open for further replies.
Top Bottom