Posts by TheJoker

    Wow. I hate it. OGame does not need new bells and whistles, it needs balance, and this is going in the exact opposite direction.


    The release of the player classes, and particularly the discoverer, were a disaster. Yes, they are fine now, but the initial Discoverer implementation introduced a brand new way to getting significant amounts of resources with very little risk, completely disrupting the economy. It was also incredibly easy to build bots for, so we saw the rise of giant bot controlled accounts, that can't be acted on now, since Gameforge isn't interested in or isn't capable of detecting them, and many of them have transitioned back into human control.


    I was hoping to say "Well, at least it can be turned off via a Server Setting when they realize it's a bad idea", but that's not even the case. If you look at the Server Settings, there's nothing to control turning it on or off.


    I am incredibly concerned that with the advent of the mobile app, it's going to increase the number of bots in the game, which is one of the biggest problems OGame has. I am happy to go into detail, but not in a public forum.


    It feels like GF wants to turn OGame into a "traditional" mobile game, ala Clan Wars (I think that's a mobile game, I don't play any). I think the most hardcore OGame players play it because it's NOT one of those games.


    As Gameforge adds these types of features, without addressing bigger problems like "How do make players always feel like they have a change to become the #1 in a universe, incentivizing them to keep playing", and thus preventing Unis from dying off, they will bring in more players but drive away their most loyal players.

    Tomorrow the PTS universes are going to be updated to 9.0.0-beta5, which (to me at least) is the first public preview of the update.


    April 26: Version 9.0.0-beta5 (PTS only)


    There is no changelog yet, but with the previous major version updates, Gameforge has fundamentally changed the way OGame is played, either greatly improving or ruining it, depending on your view. The biggest example of this was the Discoverer Class, and the introduction of a brand new major source of income, completely out of balance with regular fleeters or miners.


    So, with the new release coming out, what might we see? Nothing is too wacky of an idea.

    I saw the Superuser cluster post, but that's never going to happen. I didn't think it was worth responding to.


    It's a huge amount of development work that GF won't want to spend, plus incredibly confusing for players, and you will utterly fail to balance across universes with different specs.


    This proposal requires minimal development effort, and limited specs. It's clear at any point in time when specs you are playing, with fast growth for small accounts and slow growth for the largest ones, so they converge.

    As a follow up I forgot to mention, I don't think the cluster should be created all at the same time. Instead, I would expect the Cygnus universe to be created, then Belinda a few months later (and rebalanced at that time), with Atlas last.

    This suggestion tries to ensure universes stay relatively balanced in terms of points, as well as maintain a maintain a healthy player pool for an extended period.


    For the purposes of this example, imagine a cluster of three universes with the following specs (names taken from the recent .org exodus universes)


    Universe Atlas - 2x Eco, 3x Fleet, 3 Galaxies, 50% Deut consumption, 70% DF, DiDF 10%, must stay out of VM for 24h after emerging

    Universe Belinda - 4x Eco, 3x Fleet, 7 Galaxies, 50% DF

    Universe Cygnus - 6x Eco, 12x Research, 3x Fleet, 7 Galaxies, 30% DF, No ACS


    Looking at these specs, it is clear that Atlas is a very aggressive universe, designed for fleeting, and Cygnus is a very passive universe, good for mining. However, they all have the same War Fleet speed, so while each may have different play styles, fleet timings would be identical across each.


    Every 3-6 months, these universes would be rebalanced via a forced merge process. Imagine if all the accounts across all three universes were ranked by points, and then the top third merged into Atlas, the middle third to Belinda, and the bottom third to Cygnus.


    Additionally, during the merge periods, players would always be given the option to move up to a stronger universe, so if one member of an alliance is going to be moved, the rest of the alliance could follow and stick together.


    Per this logic, Atlas should almost always contain the strongest, most aggressive accounts, Belinda the middle tier, and Cygnus the "newbie" accounts.


    Each of these three universes would still be available for direct registration, in case players want to start in "easy", "medium", or "hard" mode.


    Because Atlas is so aggressive, I expect players to be hit there, and the player pool would decrease, but it would always be refilled by the strongest players from Belinda.


    On the other hand, because the strongest players are constantly being removed from Cygnus, it becomes a "safe" place for players to learn how to play the game, without being forced to play a universe where the top players have hundreds of thousands of points.


    Duplicate account rules would still apply in all of these universes. Players may have one account in each of the universes, but should two of them be merged into the same universe, they may only play one of them.

    ...

    Nice hit again, this universe is becoming interesting :biggrin:

    Funny how things get interesting when some of the "Uniquely" built and played accounts go away.


    As for "whose fleet" that is, it's Mike's fleet. He built it originally, handed it over to me at one point to care for, and it's only fair he takes it back. I learned almost all I know about fleeting from him.


    All's y'all that like to snipe on the board, let me know when you build up fleet as fast as he did.

    When I first read this post, I was sympathetic. OGame is a war game, and you can play it however you want (within the rules), but it helps nobody if you’re a jerk, and prevent others from growing.


    in this situation, you are being the jerk. You seem to have an expectation that everyone will leave you alone, and when anyone shows any interest, you become incredibly hostile, in the form of MD’s, spam multi day attacks, and abusive messages.


    It’s one thing to probe someone back when they probe you. If someone is actively hunting you with a mobile, popping their moon overnight makes sense. Myself, I have certainly had IPM parties where I’ve launched 10k+ ipms at a moon I wanted to pop looking for a fleet.


    Going haywire when someone settles in your system, and starts looking for profit makes you the bad guy. I’m 100% with Deperado and crew here.


    You made your bed, now you must lay in it. However, I hope you allow me to give you some advice.


    1. Stop holding the grudge. You messed up, continuing to be pissed at players that are stronger than you won’t help.

    2. Lay low, and don’t give them a reason to keep trying to knock you down a peg. Don’t spam their overview with attacks, don’t pop their moons, don’t IPM their defense. Reasonable probing is fine, and if you find a profitable hit, it seems very reasonable to take it, even against them. They won’t hold a grudge forever if you don’t.

    3. Play defensively. Learn to properly protect the red on your colonies. If you suspect your defense is going to be destroyed, don’t build defense, and build mines/facilities/research/ships instead. Keep your ships in the air where they can’t be hit. People in this game generally only care about attacks for profit. Stop giving people a reason to attack for reasons other than profit, and don’t set yourself up for profitable hits.


    A few final thoughts: I, nor likely anyone in HOT, will take a headhunt from you on anyone you have complained about in this thread. Not because I’m friends with any of them, or I don’t want to recycle their fleets, but because I don’t want to encourage players with poor sportsmanship/manners into thinking they can always bring in a bigger fish to save them. I doubt anyone else will help you either, given the full story.

    There I was minding my own business, collecting everyone's orders for the local Thai takeout place, when a little birdie gave a "Cheep Cheep" on Discord. Someone didn't log in at reset, and left most of their fleet sitting on a moon.


    We couldn't leave that nice present sitting. No sir.


    Ahnult was in position and ready for this day, but unfortunately I was over 100ss away. I could have gotten into position a while ago, but I was waiting for a Very Legitimately Built Account to head off to the graveyard, before I decided what I was going to do in Cygnus.


    Given that I was so far from the hit, and only had enough deut there for a partial fleet launch, I decided to mobile in. Despite taking an hour or so, defender stayed offline. During the colo flight, Song came online to join the two of us, and guarantee the hit would go through instead of a draw.


    The rest can be seen below.


    Fast rebuild to the defender. I hope you are healthy and well, it's not like you to not log at reset. Thank you for the resources.


    Dedicated to HOT. Colombian, we love you, and thank you for making this hit possible. It wouldn't have happened without you. Song and Anhult, always good to fly with you, a guy couldn't have better ACS partners. Mike, you might not have been able to join us this time, but we're glad you're still part of the crew. Next time! And one last friend, who's taking a pause in the game right now to take care of real life. Hope the family is doing well.


    ----------------------------------------------


    On 29-10-2021 --:--:--, the following fleets met in battle:



    Attacker Blue Fear [HOT]

    ________________________________________________


    Light Fighter 12.539.224

    Destroyer 534.888

    Heavy Fighter 1.779.248

    Reaper 244.609

    Cruiser 3.380.560

    Battleship 2.087.391

    Battlecruiser 1.842.361

    _________________________________________


    Attacker IIlIlIIIIllIllIIIlll [HOT]

    ________________________________________________


    Battleship 997.161

    Battlecruiser 650.416

    Destroyer 951.103

    Reaper 299.997

    Pathfinder 28.503

    Light Fighter 10.830.097

    Heavy Fighter 2.368

    Cruiser 2.931.117

    _________________________________________


    Attacker Ahnult [HOT]

    ________________________________________________


    Heavy Fighter 2.129

    Battlecruiser 1.020.426

    Bomber 46

    Destroyer 1.501.334

    Reaper 100.626

    Light Fighter 3.196.723

    Cruiser 4.308.211

    Battleship 4.091.358

    _________________________________________


    Defender OpARiN [MofS_E]

    ________________________________________________


    Small Cargo 2.448.241

    Large Cargo 11.444.838

    Light Fighter 16.406.831

    Heavy Fighter 537.969

    Cruiser 370.206

    Battleship 111.035

    Colony Ship 96

    Recycler 634.719

    Espionage Probe 5.648.355

    Bomber 26.276

    Destroyer 102.739

    Deathstar 27.015

    Battlecruiser 1.931.494

    Reaper 8.158

    Pathfinder 495.976

    Rocket Launcher 60.613

    Light Laser 20.000

    Heavy Laser 20.000

    Gauss Cannon 2.025

    Ion Cannon 40

    Plasma Turret 10.000

    _________________________________________



    After the battle ...


    Attacker Blue Fear [HOT]

    ________________________________________________


    Light Fighter 9.171.037 ( -3.368.187 )

    Destroyer 489.781 ( -45.107 )

    Heavy Fighter 1.425.832 ( -353.416 )

    Reaper 223.961 ( -20.648 )

    Cruiser 3.046.515 ( -334.045 )

    Battleship 1.909.184 ( -178.207 )

    Battlecruiser 1.685.692 ( -156.669 )

    _________________________________________


    Attacker IIlIlIIIIllIllIIIlll [HOT]

    ________________________________________________


    Battleship 912.037 ( -85.124 )

    Battlecruiser 594.933 ( -55.483 )

    Destroyer 871.313 ( -79.790 )

    Reaper 274.512 ( -25.485 )

    Pathfinder 25.690 ( -2.813 )

    Light Fighter 7.937.371 ( -2.892.726 )

    Heavy Fighter 1.885 ( -483 )

    Cruiser 2.642.161 ( -288.956 )

    _________________________________________


    Attacker Ahnult [HOT]

    ________________________________________________


    Heavy Fighter 1.691 ( -438 )

    Battlecruiser 933.861 ( -86.565 )

    Bomber 42 ( -4 )

    Destroyer 1.374.314 ( -127.020 )

    Reaper 92.034 ( -8.592 )

    Light Fighter 2.331.257 ( -865.466 )

    Cruiser 3.875.594 ( -432.617 )

    Battleship 3.734.014 ( -357.344 )

    _________________________________________


    Defender OpARiN [MofS_E]

    ________________________________________________


    Destroyed!

    _________________________________________



    The attacker has won the battle!


    The attacker captured:

    3.562.608.015 Metal, 2.323.282.635 Crystal and 1.887.624.501 Deuterium

    890.652.004 Metal, 580.820.659 Crystal and 471.906.126 Deuterium

    222.663.001 Metal, 145.205.165 Crystal and 117.976.531 Deuterium


    The attacker lost a total of 165.626.441.000 units.

    Total damage attacker including follow-ups: 165.799.077.000 units.


    The defender lost a total of 720.524.457.000 units.

    Total damage defender including follow-ups: 722.681.377.000 units.


    At these space coordinates now float 309.774.707.272 metal and 245.557.731.532 crystal.

    Extra debris caused by the follow-up(s): 89.635.000 metal and 31.210.200 crystal.

    The attacker captured a total of 10.202.738.637 units.


    The chance for a moon to be created from the debris was 20%.

    The attacker(s) captured the debris.



    Summary of profit/losses:


    Summary attackers(s)

    Metal: 213.113.462.292

    Crystal: 195.753.786.191

    Deuterium: -9.010.302.842

    The attacker(s) made a profit of 399.856.945.641 units.


    Summary defender(s)

    Metal: -356.430.653.020

    Crystal: -309.215.872.459

    Deuterium: -67.237.590.158

    The defender(s) lost a total of 732.884.115.637 units.



    Powered by OGotcha CR Converter 4.3.2

    They moved to graveyard. Who knows where they'll end up.

    You sure? I checked coords, it shows banned?

    I believe the way the graveyard script works is it bans the account to make sure nobody can log in and change anything, then copies all the contents into the graveyard server. The original account is then deleted, and only the graveyard copy is available. I'm guessing those accounts will be deleted in 5 or so days.

    General George , it would be lovely if some a "off the shelf" solution exists, but I assure you it does not. I no longer work on an anti bot team, but I am still friends with them. There are no "pay a license fee, install software, and suddenly all the bots will stand out" software. It is dramatically different from simple ddos's or script kiddies, you need individuals to do more detailed analysis with the context of OGame.


    If you want to see a closer comparison, find some blog posts where people analyze malware samples, decompile them, and post how they work. What GF needs is not that intense, but that type of thinking, where a popular bot is investigated and understood how it ticks.


    Cavabien Sorry, but you just caught one of my pet peeves. You don't just "throw machine learning" at a problem and it magically goes away. For this particular situation, you don't need machine learning, you just need investigative skills, and to look for identifiers.


    nanogram You are right, I'm sure writing the "make sure they have metal mine 3" code took barely any time at all. However, you are missing all the other parts of the software development lifecycle.

    * Figuring out an appropriate threshold to avoid impacting legitimate users (why not MM 1? Why not MM 10? Why not a combination?)

    * Writing the code

    * Testing the code in a variety of environments

    * Deploying the code (any any other changes made around the same time) to hundreds of individual ogame servers.


    You may say "Well, you can skip some of that, it's a simple change!", but in software, no changes are that simple. I know a guy who took down the api of one of the largest sites on the internet for ~15 minutes with a "simple one line change" to fix a security issue. I personally have taken down my team's system with a "perfectly safe change", and then fixed it with a one line change. When you act in software without thinking, you take on a huge risk that can have dire financial consequences, and it's not worth your job to do it fast, it's far better to do it right.

    DDoS and botting are very different, have very different goals by the malicious parties, and need to be handled very separately.


    In a DDoS, the attacker is trying to spend as few resources as possible to generate a large amount of load on the system, denying legitimate users access. They tend to be unsophisticated and "standard" regardless of target, and Cloudflare or other CDN / protection companies are definitely better qualified to solve it.


    Botting is different. Someone has spent a significant amount of time understanding exactly how the game ticks, and how to mimic a real human. The goal is to minimize the load on the server and not stand out. This is not something a standard firewall / abuse detection system can catch. There are no big companies with turnkey solutions to say "this is coming from a real browser" that cannot be gamed by a bot developer who plays the game.


    You also suggested "Well, it works for video game companies". Yes, Call of Duty and others do often share anti cheat software, but the huge difference is that for desktop games, the client has much more control over the system. The game client can investigate its own memory, look for cheating processes, and report back. OGame can't do that. It runs in a browser, actually many different browsers, and the javascript or "client" code doesn't matter, it's simple enough that bot owners don't need it, they can pretend to be a real browser.


    Besides that, Anti-cheat systems can backfire for desktop games, banning legitimate players and actively damaging users machines. They aren't a silver bullet.


    The only way OGame will get its botting situation in check is the actually invest in working on it. It doesn't generate revenue, and suits hate to invest in anything that doesn't generate revenue, but long term creates a much more healthy environment for the game.

    It's so cute watching people here argue about "There should be a captcha!" or "There should be X" to stop bots. It is similar thinking to when I initially started working with anti botting measures at my job. What you are describing is a game of cat and mouse, where GF makes a change, botter's respond, and everything goes back and forth forever. This will never work long term, there will always be people willing to pay for captchas to be solved, or easy ways for bot authors to find ways around the countermeasures.


    Why will it not work long term? Because the cost to Gameforge is incredibly high, while the cost to botters is incredibly low. GF has to pay developers to write the changes, test the changes in a variety of environments, roll out the changes, etc, while botters just have to make minor tweaks. If GF messes up an update, it affects all their legitimate users, if botters mess up an update, enough probably still functions that their customers fleets are safe.


    The only scalable approach to bots is to look for behaviours that clearly distinguish them from legitimate players, including behaviours that are not visible to other players or perhaps GOs. Then, silently create a list of all those accounts. Ideally, you find distinct behaviours from a few different types of bots at the same time and track them separately. Once you've collected several days worth of data, and verified enough to be 100% confident the accounts are bots, you ban them all at once.75


    Moving forward from that, you keep looking for unique behaviours, build up new lists, and only ban bot accounts in batches every 2-3 months.


    Why so infrequently? If you ban a bot immediately when you recognize them, you reveal how you are recognizing them to the bot owner. You ban in batches, all at the same time, and bot owners have to guess how you found them. They change a few things with their bot, and maybe fix the identifier you found, but they only know if they "fixed" it every couple months.


    The other part of making this plan work is to take away most bot investigation responsibilities from GOs. Don't let volunteers know what signals you're looking for, what accounts will be banned in the ban wave. Some of the behaviors are probably not visible to GOs, and they don't have the tools to investigate them, but also GOs are volunteers, who may be working with bot authors. With employees, you at least know much more about the person and can take legal action if they are botters, volunteers can disappear into the wind.

    Over a year ago I ended up in a Discord chat with a couple of botters. They wanted to use us as bait to take down someone they hated, and I assume then turn on us. In this chat, they told us what bot they used, how they used it, etc, I assume maybe to get some sort of referral bonus. I ended up gathering a list of their account swarm, and submitted it as a ticket, offering to provide any additional details they needed from the discord logs.


    The GO replied 4h later that they were looking into it. 30 minutes after the GO reply, the botters had scrubbed their messages from the chat. I am wary of that coincidence.


    I then reached out directly to GF, and was able to get in touch with someone. With their blessing, I investigated the bot software (I'm a software engineer with an anti-scripting background) and identified several tell tale signs that that a bot was controlling an account. Most of these signals were ones that other players in the universe couldn't notice, and GO's probably can't investigate, but could be detected with software and server access.


    I sent a report of these findings, and have not heard anything back. The bot accounts I submitted have been renamed several times since, I suspect some have changed hands, and a few of them have been banned, but I don't have enough proof that any GO could act on. Overall, I've lost my faith that GF is willing to dedicate the necessary amount of resources to put a stop to them.


    Thank you to (most) GOs for the thankless work you do, and I appreciate that you are doing what you can, but you're hopelessly outmatched and undergunned for the progress players really hope to see.


    And no, I will not be posting that report publicly, nor naming any software. If anyone at GF sees this and is interested in such work, I'm happy to continue if I get a better understanding of how much effort you're able to expend from your side towards this problem.

    I mean, if anyones going to get a push its going to be more of the accounts taht have already recieved it, plus despite all that, how can it be cheating if the attackers are a few billion points below lmao

    Good point. This hit wasn't arranged, but even if it was, all three of our accounts are lower rank, pushing rule doesn't apply.


    Back2Black is probably either the defender or someone associated with them. Super suspicious to create an account just for this, but not for the point jump they are so concerned about. Board mods could confirm, but we will never know.


    I appreciate Allucien and all the Closed folks chiming in here. We had our differences and rivalry for a long time, but despite the bickering I think there was a general understanding both sides were honorable players. I wish we could get back to those days, pre v7 and giant accounts materializing out of thin air, and continue that rivalry, but I consider Cygnus a lost cause. See you in another Uni!