I have a question for the administration.....at what point did repeated attempts to obtain information from a factions website/forum become an acceptable course of action?

Siarica Aylina banned for exploting a weakness in PHP

44 days later the ban on this persons character is removed (without even a notice via Sim News?) and they are free to continue as they wish without a care in the world, likely with a promise that they won't do it again. This ban was for her "second" attempt to create a list of Black Sun members by "hacking" the factions forum, during the first attempt she used scripts and then attempted to sell the information until she was given a "warning" by the administration that if she sold the information (or used any form of automated scripts/etc to acquire such information again) that she would be permanently banned.

For a few months Siarca seemed to behave herself and show that she valued the second chance she had been given, a very rare chance given that most are usually banned immediately for such actions.....then she starts telling people that she has found a way to generate a list of members on Black sun's forum by changing a single character, and that without the use of anything automated she is getting hundreds of random attempts a minute. Siarca is so proud of herself for figuring out how to get the information she was after the first time around with this method (in doing so she believed that she had found a "loophole" in the warning from the first attempt) that she is outright gloating to people on IRC as she generates the list....and during all this she makes the following remark.

“[18:31] Siarica> Hey, you really need to calm down. the Black Sun forums were just a test.

- IRC excerpt
 ”

The player behind Siarca has been repeatedly killed by members of Black Sun because they obsessively keep trying to join the faction, it is only natural that they have some measure of animosity against those running the organization or possibly even the group itself. If this group was merely a test run, would we have heard about it at all if she had tried it on a smaller faction? What would happen if a member of some faction/government went through this same process on another group....would they have been unbanned a little over a month after trying to create a list of targets?

This method of hacking is a deliberate attempt to do something, without express permission given from a system administrator to perform it there is no "good intentions" that can be justified by it. Siarca's actions violated not one, but TWO sections of the rules that everyone in this game is expected to follow....

“Hack or exploit software weaknesses in web pages, chat rooms, or any other areas of a group or faction.

Obtain files from any storage medium of another player or faction through the use of hacking, worms, trojans or other software infiltration methods.

- The Rules, - You "CAN NOT"
 ”

This person has broken these rules on AT LEAST two occasions, they have been given a second chance in the past and they forfeited it on Day 273. What justification is there in removing the ban on a person that has proven to be (and have deliberate intentions of) a threat to the welfare of this community by repeatedly violating the rules everyone else follows?

I've got to agree here, why with the unban?

Hacking actually endangers the memberbase, it's quite conceivable that she could attempt to hack swc or other people's forums and gain personal information via these mediums. This goes beyond a simple rules violation.

Wouldn't this of been better suited to a support ticket, or contacting an ASim directly?

Ellias, I don't think that this matter would be appropriate for the support centre...this was not a bug or some issue with the interface.

“The Support Centre is a ticket management system that goes directly to the Assistants. The support centre is for any bug that requires database changes.

For example if you find your character or ship stuck in invalid coordinates this should be reported to the support centre to have the ship moved.

The most important thing to remember when reporting a ticket is to include all necessary details, we need ID numbers of anything involved and explicit locations and dates as to when things happened.

Any tickets you open are private and can only be read by assistants.

- Rules Page
 ”

^^Source^^

As Olivia has pointed out this individual "hacked" a factions forums on more than one occasion, and Shuji raises a valid point....the next step from such attempts is a direct attack on SWC's server or even other groups to gather other information. This type of offense was considered severe enough when a "Ban Table" was made to warrant being banned "indefinitely" but they've been gone only a little longer than a multi user (which get 30-days for a first offense).

There was no sim news on the matter, which usually happens if a person has been unbanned because of an error on the part of the administration. That leads me to believe the original ban was justified (thus meaning she violated the rules) but like Shuji pointed out this is more than just a "simple violation of the rules"....her actions can endanger the member base as a whole not just ruin the game for a few people. Personally, I'd like to know what makes the administration believe she is any more likely NOT to do such things than when she was originally let off with a warning.

I feel that it would be inappropriate to ask an Asim in private, rather I believe an answer in this case is publicly owed.

I agree, this definitely needs to be open and brought out into the light. I think it's very interesting how there has been no Sim News post whatsoever despite Sciarica being back. Part of me says there has been none because a good reason is still being thought up considering most posts follow immediately when someone is unbanned...

Rules are plain and simple. They're publicly stated. Right now all I see is a failure to enforce the rules (selectively) and a public encouragement for players to hack related SWC systems. Nice, that's exactly what we want people doing. :(

Its also useful for things that affect players accounts and abuse such as multis, or abuse from other players via DMs etc.

Agreed. This needs to be public knowledge, why someone that breaks both game rules, and real-world Laws are allowed back in.


Where is Daygon and his lawyer? This one might need him.


We await your reply, Admins.

I can only think of one plausible explanation for the hush hush unbanning and her track record... She cybered a horny ASim. Only question is, who was it? :P

That explains why Jyncs stepped down!

I also have to ask what this is about. She committed a serious offense and now she shows back up.

For the record, I was against the decision, and as such, I am not handling this issue.

Please do not ask me for information regarding this issue, as I will not respond.

There is virtually no way to stop her from hacking forums/sites/SWC or any other medium without putting her in an actual jail cell. Though I am puzzled as to why she would be unbanned as well.

I am very interested to hear the reasoning behind it as I do want to think the administration had a good reason. So I will not try to speculate as that help anything.

In her defence, it wasn't really hacking, it was more the exploiting end. Hacking is more like Brat Cost Ru / BlasTech's PHP injection in order to spawn themselves Mon Cals and Star Destroyers. To call this hacking gives way too little technical credit to actual hackers. But what it was, was a real shitty exploit of something which clearly under no circumstances was acceptable. She let her OOC hatred allow her to resort to intel techniques which were so clearly cheating, all because she can't win fair and square. And you've got to ask yourself, if someone will resort to those lengths to win, should they be allowed to play the game?

IC'ly, there's no love lost between me and Black Sun so clearly Aza would like to see them defeated. OOC'ly, it would be a shame to see any group suffer because sore losers resort to cheating, and no matter how much BS have dicked over her past characters, that's what they do and she's clearly asking for it by giving them the opportunities. I cannot think of any good excuse for what she's done, and to let her back opens the door for yet more petty exploits to get even the smallest IC advantage.

Jenos, i can respect that. but it sounds like you know who did have a part in letting her back, could you give us that information?

I'm not trying to start a witch hunt, just look for who to ask.

It seems to me if you make the ban event and reasoning public, you would do the same for the un-ban.

1. Hacking

When I got the BS memberlist, I didn't knew it was "hacking". To my eyes, if changing a single character in an URL is hacking, adjusting the inclination of your seat when you take a plane is hijacking.

Asims told me that what I did was considered hacking, thing that I didn't realized, so I understood and will not do it again, period.


2. "the Black Sun forums were just a test"

This comment has been taken out of context. I tested my programming skills on the Black Sun forums, especially VBA programming. I performed the following operations:

- Through Excel, generating html code for a webpage containing all the urls I wished to retrive.
- After executing the html page, I got a list of clickable links. Thanks to DownThemAll, I downloaded ALL the Black Sun pages containing the names of their member. All the pages have been stored in a single folder, 545 mb heavy, containing 21,000 web pages.
- A VBA macro has then been created, for browsing through the 21,000 files, and extracting only the username, and then to place it in a cell of the excel sheet.
- Thanks to the help of the open-to-everyone CPM members list, I was able to create a secondary "reference" database, free of any spambots
- Thanks to VBA, excel functions and personnal involvement, I was able to destroy over 99% of she spambots while keeping at least 98% of all the real players. At the end, the 21,000 members list was lowered to 545.

And yes, this test was a success: I have now the VBA programming skills that I had 4 years ago, during my studies in Business Intelligence and Data Analysis.

Now, on tuesday, at 14:30 GMT+1, I will have a job interview for someone with an advanced knowledge of Excel. If during the interview, the guy asks me "what have you done with Excel?", I can reply "extracting a full forum memberlist and purging it of all its spambot, thanks to excel and its macros" - "Did it worked?" - "Of course, it was so efficient they banned me for hacking!"



3. She took revenge for the death of her previous characters

IC/OOC separation. Siarica doesn't care that a whiny thyferran got executed by Black Sun. Sia is above factions, and does things for 2 reasons: personnal reasons, and causing chaos, which makes her happy. Sia is a totally new and different characters than the others, and have no ties with any of my previous characters. Even if OOCly I still didn't managed the loss of my 2 favourite characters, I have been working for Black Sun, and traded with their affiliate several times, and stay totally neutral. I only extracted the Black Sun memberlist because the opportunity was raising, and with Silhouette I knew I would be very well paid.

When Coeus' recreate offered me 2m for the list, I was so disgusted that I started offering it to other factions.

Also, my next step would've been to offer the list to Black Sun so they could solve their spambots problem, thanks to the technical help I would've also given to them.


4. It's not the first warning she received

“during the first attempt she used scripts and then attempted to sell the information until she was given a "warning" by the administration that if she sold the information (or used any form of automated scripts/etc to acquire such information again) that she would be permanently banned ”

Nope.

When Oceliane Aylina was arrested and about to be executed, I generated the full Black Sun memberlist, manually, and it took me 2 hours to extract the list of the 1400 members. If I remember correctly, Beauba Fettt, Tar Alaks and Jecal Nadrihm received a copy of this list, and I said that I could explain them how to better protect their forums if they kept me alive.

At no point I received any warning from the SWC administration, just whining from Black Sun members.

After the death of Oceliane Aylina, I was about to release the list, and THEN contacted the administration, and received a "No, you cannot release the list SINCE YOU ARE DEAD." So I didn't released it. At no point the origin of the list has been discussed.


5. hacking is bad, you should be ashamed of yourself

said the guy who torrented all his movies and music instead of buying it, destroying the industry of entertainment and causing people to lose their jobs.

(More to come, I just need to take time to read everything.)

It was discussed and it was a majority vote. My concerns were addressed, but I'd like to take a step back from this.

Regarding 1):
http://consumerist.com/2011/06/how-hackers-stole-200000-citi-accounts-by-exploiting-basic-browser-vulnerability.html "How Hackers Stole 200,000+ Citi Accounts Just By Changing Numbers In The URL"

And how the hell can you "not realise" using loop holes in someone's forum to get access their memberlist is fine?

@ 2) You're really making it sound more like hacking with your defence...

@ 3) If you say so. However all you characters are pretty much identical, and all end up entwined with Black Sun and ending up on the wrong end. Can't you try and play out a different character with a different faction? Maybe a New Republic senator no wait, that's basically Black Sun again, hmmm this is actually quite tricky.

@ 5) Not sure who the piracy claim is against. However that's a very different topic, and whoever you're talking to could spend their free time drowning puppies for all it matters. It doesn't make your actions right.

Then ignore it. My point is: I didn't knew what I was doing was wrong, I regret it, and I will never do it anymore.

You didn't know that using an exploit on someone's forum was wrong? What are they teaching kids these days....