Security: Keeping Honest People Honest

Previous page
Table of content
Next page

Never forget that the collective intelligence of your players is far greater than your development team's, no matter how brilliant that team may be. The average time in-game for PWs varies from game to game, but it is between 12 hours ( UO ) and 20 hours ( EQ ) per week . You'll find that is more time than your developers spend actually playing the game. If there is a hole, flaw, exploit, or bug, the players will find it.

In these days of eBay and other auction sites, in which digital possessions from PWs have been sold for thousands of real-world dollars, these issues transform from irritants to huge problems. If 1,000,000 game "cash" can be sold on an auction site for $20 but requires the "dupers" to continually crash your game servers to create the duplication, then that is exactly what they will do. It won't matter to them that they are depriving a few hundred or thousand other players the chance to be in the game. They just don't care.

That kind of money can also tempt your own people to use GM administrative powers and database access to create characters and items to sell for cash. It has happened at least once before in UO , with one $10-per- hour GM creating game gold and other character inventory items and selling them for over $8,000 before being caught. While this kind of internal corruption is thankfully rare, each incident has effects on the player base all out of proportion to the reality of the situation. The first thought in the players' minds becomes: Who knows how many times it has happened and not been detected ?

These issues make it imperative to have a security team that does nothing but investigate these incidents and take action when they occur.

The Security Strike Team

The prime responsibility of the security team is to coordinate with network operations and the live team developers to investigate anomalies for nefarious activity. Such anomalies can include repeated server crashes late at night, characters suddenly jumping multiple experience levels in a short timeframe, or one character suddenly coming into possession of thousands of one valuable item. These are indications that players have found that are exploiting bugs to duplicate items or fool the database into accepting nonexistent player/character accomplishments.

This is where your logging and reporting tools come into play. The only way to make a security team cost-effective and efficient is by ensuring that they have access to everything that happens in a game, in a convenient manner. This means logging all transactions that exceed or break certain levels and conditions, automatically creating daily reports of major anomalies they can check each morning, and providing full-featured search functions they can use to create their own reports.

Internal Investigations: Keeping Your People Honest in the Era of eBay Money

It is also necessary to have internal investigations to ensure your own employees aren't exploiting players and the integrity of the game by creating items for sale on eBay or helping out some buddies in the game by using their powers for their buddies ' advantage (or their enemies' disadvantage ). This happens far more often than publishers are willing to admit, and GMs and others with administrative access can get away with it because most games don't have adequate logging and reporting features to help catch the offenders. Most games can't even run a report on the character names created the night before to check for intentionally offensive names , such as "F***you<companyname>." You can imagine how hard it is for them to investigate possible dupe bugs.

Regularly and secretly investigating your own people is a touchy area, but if your logging and database reporting functions are as complete as they need to be and independent of GM control or modification, it is worth the time to do spot-checks on GMs on a regular basis and tell your GMs that they are being done and why.

It is also a good idea to hire your security team from outside the company, not from the ranks of the GMs themselves . Not only do friends and coworkers find it hard to fink on their buddies, but it can also cause resentment toward former friends when they do. Or, as in the case of the above-mentioned UO GM caught selling game items on eBay, it can cause friends to want to find and initiate a real-world assault on the offender for betraying their trust as well as that of the players. Thankfully, the offender was whisked out of the building before his firing was announced.


Previous page
Table of content
Next page
Developing Online Games. An Insiders Guide
Developing Online Games: An Insiders Guide (Nrg-Programming)
ISBN: 1592730000
EAN: 2147483647
Year: 2003
Pages: 230
Authors: Jessica Mulligan, Bridgette Patrovsky
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
Strategies for Information Technology Governance
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
Persuasive Technology: Using Computers to Change What We Think and Do (Interactive Technologies)
Cultural Imperative: Global Trends in the 21st Century
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy