laff

Whew, lots to reply to here..... Let me start off by saying (if it wasn't already clear) that these are my OPINIONS. I greatly respect many of the players being critical of my post(s) and I'll address them in turn. I'll start with RammaR's post.
quote: Psion, I'm gonna have to disagree that spoofing a script is "bug" use on the same order of say the photon fed bug in previous twgs versions.
Maybe they differ in scale, but IMHO not by a whole lot. They both let you do things that you shouldn't be able to do. Photoning fedspace or causing someone to CBY. Maybe I'm missing something here, but I really don't understand how it can be 'wrong' to use one bug, but OK to use another.
quote:When trying to spoof a script you're not trying to "break it" - but force it to respond exactly how it was written to.
I'm not sure that I agree with that, RammaR. In the specific spoofing incident that started this mess, a ship name was used to trick a bot into performing a macro. Is that having the script respond exactly how it was written? I would say not. It was written to respond to SS commands, not to ship names.

On to Traitor's post.....

quote:Exploiting bugs within the TWGS or TW program is cheating. Script bugs are different from game bugs.
Again, how so? I honestly don't see how it makes a difference where the bug lies. Using a TWGS bug is using a bug. Using a script bug is using a bug.
quote:Scripts are not an inherent part of the game, they are merely tools. You are not REQUIRED to use them.
Technically true. But when was the last time you played a serious game against competent opponents and didn't use a single script for anything? At least a few scripts are realistically required for competitive play.
quote:quote:
--------------------------------------------------------------------------------

This is NOT an excuse for poor code.

--------------------------------------------------------------------------------


Yes it is. Any script that doesn't take into consideration the possibility of spoofing is either poorly written, or the script writer is willing to take the risks that their script might be spoofed or broken.

I have to disagree. While it is (or should) be every's scripter's goal to make as robust and flexible of a script as possible, no script is perfect. Things that the scripter might never have thought of might happen either by accident or malicious design. Even if every single TW player wholeheartedly agreed never to spoof, I would personally still build in protections in my scripts. Why? Because things happen. Scripts and macros go haywire sometimes. Jhereg discovered this particular bug completely on accident.
quote:quote:
--------------------------------------------------------------------------------

Then I could CBY anyone running that script, and it would be their fault for running it, right?

--------------------------------------------------------------------------------


Yes. It's been done. And, if memory serves, one script writer wrote an attack script that wouldn't let you attack the script writer.

Again, I disagree here. If I were unethical enough to do such a thing, I would be the one to blame, not the unwitting end user.

And finally onto typh00n's post....
quote:My feeling is that if people want gameplay to smell minty fresh at all times, then they should take into account competitive TW's mercenary attitude ("do whatever unless its explicitly prohibited") - and establish rules regardin these tactics beforehand.
An excellent point typh00n. I would encourage that at a bare minimum future tournaments include a no spoofing rule.

So, to sum up my argument, I feel that using bugs of ANY kind is unethical behavior, regardless of whether or not it's specifically against the server rules or not. I fully agree with EP when he said quote:I think that message spoofing should be banned by consensus, otherwise it will increase to intolerable levels.

To those of you that believe this is a valid game tactic, I put this question. Would you like to see spoofing become a common tactic in every game? As common as scripts are now? I know I don't. I think I would probably quit TW if it got that bad. If you want to spoof, knock yourself out. I can't stop you, and even if I could, I wouldn't. I'm no totalitarian. But I do think its very unethical to do. That being the case, I choose not to use them, encourage others not to use them, and make posts like this one decrying their use. Let the flames begin.....

Now, in an effort to see how many quotes I can cram into a post before it becomes totally illegible...

quote:Originally posted by Psion

On to Traitor's post.....

quote:Originally posted by Traitor
Exploiting bugs within the TWGS or TW program is cheating. Script bugs are different from game bugs.
Originally posted by Psion
Again, how so? I honestly don't see how it makes a difference where the bug lies. Using a TWGS bug is using a bug. Using a script bug is using a bug.

Well, here’s the difference as I see it. Scripts are a tactic that players use to automate certain functions within the game. Since they are using a tactic to improve their play, it’s fair to use your use their own tactics against them to disrupt their play. There is nothing within the game mechanics that prevents you from doing this. It’s not a bug unless JP calls it one. Therefore it’s legal in any game where it’s not specifically prohibited by the Sysop.
quote: quote:Originally posted by Traitor
Scripts are not an inherent part of the game, they are merely tools. You are not REQUIRED to use them.
Originally posted by Psion
Technically true. But when was the last time you played a serious game against competent opponents and didn't use a single script for anything? At least a few scripts are realistically required for competitive play.

You will note that further down in my post, I mentioned that you probably needed to use scripts if you wanted to win. But, to get really nitpicky, I stand behind my above statement. I only consider things bugs when they circumvent the mechanics of the game, not the tactics or tools of the players.


quote:quote:quote:
Originally posted by Psion
This is NOT an excuse for poor code.

Originally posted by Traitor
Yes it is. Any script that doesn't take into consideration the possibility of spoofing is either poorly written, or the script writer is willing to take the risks that their script might be spoofed or broken.

Originally posted by Psion
I have to disagree. While it is (or should) be every's scripter's goal to make as robust and flexible of a script as possible, no script is perfect. Things that the scripter might never have thought of might happen either by accident or malicious design. Even if every single TW player wholeheartedly agreed never to spoof, I would personally still build in protections in my scripts. Why? Because things happen. Scripts and macros go haywire sometimes. Jhereg discovered this particular bug completely on accident.

Players make mistakes all the time. Should I not take advantage of the fact that you exited the game while at dock and not fedsafe? Should I ICQ you and say, “Pardon me Psion, but you seemed to have made a slight mistake and forgot to cloak. Perhaps you should log in and remedy that situation before someone less scrupulous comes along and #SD#’s you.” No. A mistake by a player is the same as a mistake in a script. And both should be punished. [:D]
quote: quote: quote:
Originally posted by Psion
Then I could CBY anyone running that script, and it would be their fault for running it, right?

Originally posted by Traitor
Yes. It's been done. And, if memory serves, one script writer wrote an attack script that wouldn't let you attack the script writer.

Originally posted by Psion
Again, I disagree here. If I were unethical enough to do such a thing, I would be the one to blame, not the unwitting end user.

Upon further reflection, how about a compromise? Both are at fault.
quote:
Originally posted by Psion
To those of you that believe this is a valid game tactic, I put this question. Would you like to see spoofing become a common tactic in every game? As common as scripts are now? I know I don't. I think I would probably quit TW if it got that bad. If you want to spoof, knock yourself out. I can't stop you, and even if I could, I wouldn't. I'm no totalitarian. But I do think its very unethical to do. That being the case, I choose not to use them, encourage others not to use them, and make posts like this one decrying their use. Let the flames begin.....

Not really. I’d rather play in mint-y-script tm fresh games myself. So I pick my games very carefully, and, I don’t play in games where I’m uncomfortable with the other players, or the rules (or lack thereof) You wouldn’t play Monopoly with someone that routinely kicks over the board, dips into the bank when you aren’t looking, or points and laffs and constantly calls you a noob, right? If the players can’t be civil, I don’t play with them. Many TW players consider that cowardice. Shrug.

(edit, spelling will be the daeth of me[:D])

Psion, I think i see part of our disagreement:
quote:Maybe I'm missing something here, but I really don't understand how it can be 'wrong' to use one bug, but OK to use another.

I don't see exploiting a script as a "bug" but a security oversight or logic flaw. A bug would be something in the code itself where it causes the script to hang or crash all on its own. Lets say a corpie sends the bot a sub-space command and it crashes the script - that is probably a bug.

quote:In the specific spoofing incident that started this mess, a ship name was used to trick a bot into performing a macro. Is that having the script respond exactly how it was written?


Why I don't consider this to be a bug and why I said the script did exactly what it was written to do is this:
1.) it has active "triggers" to wait for a specific line of text that it recognizes as a command.
2.) on seeing that command it parses the line for what specific command / action it is supposed to take. In this case it was a send a macro.
3.) promptly respond to that command by performing the action / sending the macro.

That is exactly what the script did. How and where the command text was read in the game was not as on SubSpace as intended but once the script saw the command it functioned properly.

Several posts have said that we should ban spoofing or at least frown on it like mega-corping or duping. I don't think it needs to go to that extreme. Since scripts are now part of the modern TW game, then trying to beat, outsmart, or avoid a script has also become part of the tactics. If you know a photon script is going to hit you when you grid in a straight line then you try to mix things up and go in a different direction right? You're planning your strategy around the scripts reactions. With a tholian reloader, without trying to think your way around it then you could waste your figs all day long. My point here is that trying to spoof a script is just another means of trying to get around its defenses. In a "perfect world," scripts would have accounted for every possibilty and spoofing would be a waste of time. But heck, we're only human right -- and they're always gonna have some issues, so the natural reaction is to exploit it. Just like in gridding - if you change your gridding pattern so that a photon script won't hit you - aren't you really exploiting it? The photon author would probably add features to his script to respond to your new tactics. Oz's bot has been out for a long time and this is the first instance of it? Players have probably tried to spoof it several different ways and this one finally got through. It may also be the one of last times it works.

Now everyone in that game knows of that security risk and can choose for themselves to use the script or not. Oz has already posted that he's working on a fix and hopefully it won't be long until its out. It takes a lot of time and testing to put things out for public use and I'm thankful that he has chosen to release it in the first place.

Sorry for the long post but I wanted to explain why I don't think using it was a "bug" abuse and why I think spoofing attempts can be valid tactics.

RammaR

Whew, time for another long, quote filled post. I'll take them in order...
quote:Since they are using a tactic to improve their play, it’s fair to use your use their own tactics against them to disrupt their play.
I would submit that there are important differences between using a script to improve your play and spoofing a script. Writing/buying/downloading a script designed to target another script's weaknesses would be more along the lines of using their own tactics against them.
quote:There is nothing within the game mechanics that prevents you from doing this. It’s not a bug unless JP calls it one. Therefore it’s legal in any game where it’s not specifically prohibited by the Sysop.
Obviously, scripts are external so do not constitute a violation of game mechanics and bugs in them do not qualify as TWGS bugs, but they are still bugs in the script. I also posted earlier that I agree with typh00n, and recommended that all future tournaments have a no spoofing rule. And I would be very happy to see more servers use that policy as well. Also, things do not necessarily need to be bugs to be unethical or be considered cheating. Duping does not violate game mechanics, but is rightly regarded as cheating. Is spoofing a script cheating? Depends on the server rules. I certainly regard it as unethical though.
quote:Players make mistakes all the time. Should I not take advantage of the fact that you exited the game while at dock and not fedsafe? Should I ICQ you and say, “Pardon me Psion, but you seemed to have made a slight mistake and forgot to cloak. Perhaps you should log in and remedy that situation before someone less scrupulous comes along and #SD#’s you.” No. A mistake by a player is the same as a mistake in a script. And both should be punished.
I have to disagree with you here Traitor (This is becoming a trend, heh). If I make a mistake, punish me for it. I made a stupid macro mistake the other day and Jhereg #sd'd# me for it. I haven't complained once, it was my mistake and he took advantage of it. But the difference is that spoofing takes advantage not of a mistake the player made but one the scripter did. If my bot gets spoofed into CBYing, is it my fault for not debugging the 2500+ lines of code in Oz's stbot? What if I had never played with Oz and gotten a copy of the .ts from him? Those who download the .cts from CK's site are just screwed? Sorry you died, and there was no way you could have fixed the problem, but too bad? And since they have a .cts, they don't even have the ability to edit and fix the script themselves. (I'm just using Oz's bot as an example, I don't mean to knock it and in fact highly recommend it)
quote:I’d rather play in mint-y-script tm fresh games myself. So I pick my games very carefully, and, I don’t play in games where I’m uncomfortable with the other players, or the rules (or lack thereof) You wouldn’t play Monopoly with someone that routinely kicks over the board, dips into the bank when you aren’t looking, or points and laffs and constantly calls you a noob, right?
OK, now you've really thrown me for a loop. Maybe I'm misunderstand what you're saying here? Its sounds to me like you don't like playing in a game where spoofing and other sorts of bad behavior occurs. Yet you have been defending spoofing as a legitimate tactic.... Please clarify. And no, I don't play Monopoly (or anything else) with people who play like that. In fact, USO may very well be my last big game. The higher level competition always seems to spark some controversy or accusation of cheating.

RammaR:
quote:A bug would be something in the code itself where it causes the script to hang or crash all on its own
If it helps clarify my stance, the definition I am using for a bug is as follows: An error or defect in software that causes a program or script to malfunction. So while bad code that hangs/crashes the script is definately a bug, I also view the ability to be spoofed as a bug since it is a code vulnerability that can cause the script to malfunction.

quote:Why I don't consider this to be a bug and why I said the script did exactly what it was written to do is this:
1.) it has active "triggers" to wait for a specific line of text that it recognizes as a command.
2.) on seeing that command it parses the line for what specific command / action it is supposed to take. In this case it was a send a macro.
3.) promptly respond to that command by performing the action / sending the macro
There is a certain validity to that. I'm not sure that it truly applies here though. In the sense that you listed, it did do what it was written to do. However, it was written to accept commands via subspace, not by ship name. Since inputting commands via ship name is a pretty clumsy interface, I can't believe for a second that the script was intended to do so. I don't think that the way the script processed and executed the macro was at fault, but that there was/is a bug in the way the macro was inputted.
quote:If you know a photon script is going to hit you when you grid in a straight line then you try to mix things up and go in a different direction right? You're planning your strategy around the scripts reactions.
quote:Just like in gridding - if you change your gridding pattern so that a photon script won't hit you - aren't you really exploiting it?
Absolutely I'll try to dodge a photon. Getting photoned sucks, nobody likes it. As you say, changing gridding patterns is adapting your strategy, but IMHO changing gridding patterns is significantly different from trying to trick their photon script into CBYing or self-photoning. In my book, adapting around a script and actively seeking to break/manipulate it are completely different.
quote:Sorry for the long post but I wanted to explain why I don't think using it was a "bug" abuse and why I think spoofing attempts can be valid tactics.

No problem, I'm pretty sure mine have been longer [;)] I'm in the same position, trying to explain why I think it is bug abuse and why spoofing is not a valid tactic. I can't help but notice that you didn't answer my poll question though. Would you like to see spoofing become a common tactic in every game?

quote:OK, now you've really thrown me for a loop. Maybe I'm misunderstand what you're saying here? Its sounds to me like you don't like playing in a game where spoofing and other sorts of bad behavior occurs. Yet you have been defending spoofing as a legitimate tactic.... Please clarify. And no, I don't play Monopoly (or anything else) with people who play like that. In fact, USO may very well be my last big game. The higher level competition always seems to spark some controversy or accusation of cheating.

You are correct, I don't like it. But I don't consider it cheating either. I've been on both sides of the arguement. The spoofer and the spoofee. I found a bug in Swath back in the day that would make your enemy drop connection. I never intentionally abused it in a game, though I could have. (June 7th 2001 post in the old news on my site) But if I had used it, I wouldn't have considered it cheating, even though it was a bug in a helper, and not a script. I've had people screw with my probe script and send me on a long journey into their grid with a complimentary photon on the side. But I didn't consider that cheating either. I just tipped my hat to them and modifed my scipt. You can't have the good (scripts) without the bad (spoofing) in my opinion. Would I try to spoof someone's script in the future? Yeah. Will I do it everytime? No. Ya really have to piss me off with your script before I decide it's worth my time to start messing with it. Unless the result of the spoofing was somehow funny, then I'd do it just for the laugh. And I would only hope that my enemy would see the humor in the situation, and tip their hat at me. Does that clarify things for you?

Nod, it does. I won't say that I agree with you, but I can see where you're coming from. I think we can agree to amicably disagree?

What about us people that don't know how to code a script? And there are plenty of us out there. Are we supposed to study for months so we can finally figure out scripts and how to make them? No. I for one, if I can, I will spoof a script. I don't see a prob with it. There are a number of TW players that dislike scripts that attack for a user. I am one of them. If naming my ship will stop an attack I will do it.
Hell I just started learning about scripts and will take any advantage I can get. No it isn't cheating. You have the option not to use the script, like I have the option not to park at SD.
Bots. I do consider using anyone elses turns cheating. If I am reading that right, if I am on a corp and can't play as often as my corpies, then you think it is ok for someone else to use my ship, turns, time? Nah. I see that as duping cause you are playing two different players at the same time. Just my 2 cents. though in todays market, I would owe you.

bah. i r noob, jhereg pwns me either way.

jhereg is the man.. dont talk crap to this man.

Psion, We'll just have to agree to disagree on the definition of a script "bug" as well. As for the fear of spoofing becoming a widespread tactic - I feel it already is and has been for years. Its just that the opportunity to spoof a script doesn't present itself in every game. And most of the time as soon as something does get spoofed a fix is written. As a scripter I think its actually a way of helping improve the script -- by outsmarting it first. Hope that makes sense.

There's going to be a wide division of opinion on this subject just like there is on using bots for anything. So lets agree to disagree.

My parting thought is this: Macros help many aspects of the game but can get you killed very quickly because they don't any game interaction - just blind commands. Scripts try to add some sort of "logic" or process in order to respond to game events and send commands much faster then a human could. But in general they are less risky and can accomplish much more complicated then tasks then macros. Actual human control is the slowest of the 3 ways to send commands -- but also should have the most thought and reasoning behind them. If the player was keys and not running a bot, would they fall for a fake ship name and cby? NO. There is an inherent risk that is accepted any time you power up a script or punch a macro that you are reducing your direct control of the game interaction for the benefit of speed and/or convenience. When you accept this risk you open the door for other players to try to take advantage of your reduced control though some sort of counter tactics. Spoofing is one of those tactics that rarely applies but in some cases can be very effective - like yesterday. Now that script is being reviewed and repaired and it shouldn't happen many more times. But at that point in time I think it was a valid tactic. I've been on both sides and personally seen a ship name trigger me to attack Captain Zyrain at dock. The first time it happened I thought it was an ingenious idea and although I was upset to be in a shiny new pod - but I learned from it and improved my script. I think script spoofing is just part of the game and as long as any type of automated scripts are being used it is a valid tactic.

I don't want to re-ignite a long debate regarding spoofing, as it seems all sides seem content with what has already been posted, but allow me to ask this question to those that believe spoofing is a legitimate tactic.
What would be the difference between me foiling a macro that your running (AFK or not) into causing you to macro CBY (by guessing your bot name) and me guessing your game password, logging in as you and manually CBYing?
In theory they are one in the same, by making the conscious decision to try and "Break" or "Guess" a security feature in either your script or the game itself, have I not crossed from being creative to cheating?
This one is probably off base a bit, but the idea is the same. How pissed would you be if i "Spoofed" your ATM password and withdrew all of your funds? Do you think i would get away by saying that the Bank's Internal Security is flawed and that it's their fault and not mine? The very essence of Security checks within scripts are their to keep out those that would exploit them.
I just don't see how anyone could justify a pre-meditated breach of known security features and feel that the are in the right?

Zoso
BTW - I'm not knocking anyone's ability to play the game, But I question the lack of better judgement.

Good thread. Too many posts to quote attribution without losing clarity, I'll add this (unoriginal) fuel to the fire:

Busting an opponent's script by taking advantage of it's architecture is not even remotely comparable with bug use. If they did not make it "bombproof", let them eat the consequences.

Info sharing is a very grey area and completely unpoliceable, if done in a sufficiently "sneaky" manner. Asset sharing, on the other hand, is black and white megacorping (even more unpoliceable than info sharing, unfortunately).

Is the following info sharing and wrong?

Corp A and B have, say, 80% of game assets. One of the lessor corps, C, finds A, tells B, in the certain knowledge that B will hit A, thereby reducing both A and B corp strength. C is now relatively stronger. Smart move for C, I'd say. Megacorping? Nope. Should B ignore the info, wait for C to tell A instead? Hell no.

Macros dont accept inputs, not sure where you are coming from. A bot script could accept remote instructions to send *any* character string from the remote (kinda dumb imo), but it would be simple to filter that to *acceptable* bot controllers in the game. To bust it, you would have to hack the password of an acceptable controller of the bot.


quote:Originally posted by Zoso

I don't want to re-ignite a long debate regarding spoofing, as it seems all sides seem content with what has already been posted, but allow me to ask this question to those that believe spoofing is a legitimate tactic.
What would be the difference between me foiling a macro that your running (AFK or not) into causing you to macro CBY (by guessing your bot name) and me guessing your game password, logging in as you and manually CBYing?
In theory they are one in the same, by making the conscious decision to try and "Break" or "Guess" a security feature in either your script or the game itself, have I not crossed from being creative to cheating?
This one is probably off base a bit, but the idea is the same. How pissed would you be if i "Spoofed" your ATM password and withdrew all of your funds? Do you think i would get away by saying that the Bank's Internal Security is flawed and that it's their fault and not mine? The very essence of Security checks within scripts are their to keep out those that would exploit them.
I just don't see how anyone could justify a pre-meditated breach of known security features and feel that the are in the right?

Zoso
BTW - I'm not knocking anyone's ability to play the game, But I question the lack of better judgement.

quote:Originally posted by Bethel Hues
What about us people that don't know how to code a script? And there are plenty of us out there. Are we supposed to study for months so we can finally figure out scripts and how to make them?
It really doesn't take months of study to learn to write basic scripts. It takes months of study to learn the game well enough to write complex scripts. Big difference. If you've never tried scripting before, I suggest you give it a shot. Regardless, people with little to no scripting ability are among the least likely to spoof, for obvious reasons.
quote:Originally posted by ghoury
jhereg is the man.. dont talk crap to this man.
Maybe you should read the thread closer before posting? I was (and am) sharply critical of something Jhereg did, but am hardly talking crap to him. I think Jhereg is an excellent player and a very nice guy. He oftens helps me out with game or scripting questions.
quote:Originally posted by RammaR
There's going to be a wide division of opinion on this subject just like there is on using bots for anything. So lets agree to disagree.
Done then. Like with Traitor, I can see what you're saying, I just feel otherwise. This is really more a matter of personal opinion than anything else. No real right or wrong.
quote:Originally posted by Kavanagh
Busting an opponent's script by taking advantage of it's architecture is not even remotely comparable with bug use. If they did not make it "bombproof", let them eat the consequences.

Not even remotely similar? A bug is a bug, a loophole is a loophole. Regardless of whether or not you think spoofing is a legit tactic, I think that bug use and exploiting a script's weaknesses via spoofing is remarkably similar. That is actually the biggest reason I'm so against spoofing.
quote:Originally posted by Kavanagh
Is the following info sharing and wrong?

Corp A and B have, say, 80% of game assets. One of the lessor corps, C, finds A, tells B, in the certain knowledge that B will hit A, thereby reducing both A and B corp strength. C is now relatively stronger. Smart move for C, I'd say. Megacorping? Nope. Should B ignore the info, wait for C to tell A instead? Hell no.
IMHO, yes it's info sharing, and yes its wrong. Is it a good tactic? Sure, makes perfect sense. Let your two enemies fight each other. As long as the server doesn't prohibit info sharing, knock yourself out. But just because something is not against the rules doesn't mean that we should all run right out and do it - there are still underlying ethics. My ethics keep me from info sharing or spoofing, yours don't. Does it matter? Not really, except that I'm not likely to corp with you for personal reasons. I strongly dislike these tactics, I feel they take away from the game, and I choose not to corp with (or where possible play against) people who use those sorts of tactics.
quote:Originally posted by Kavanagh
Macros dont accept inputs, not sure where you are coming from.
What happened was that a ship name was used to trick a bot into performing a CBY macro. So in this case, a script to run macros DID accept input.

Ok,
I got one more thing to add to this discussion. If there were no consequences for running a bot or script (like making spoofing earn you the ban stick), then why play the game at all? Why not just have everyone fire up their bots and let their PC's duke it out? Cause that's what will happen.

As a script writer, I can tell you that a fully automated bot isn't very far away. It wouldn't be as good as a human player, but...if one could argue that any mistakes it made were bugs, and those bugs were brought out because someone else interfered with the scripts logic somehow...and they got banned...you see where this is going? It's a slipperly slope no matter which way you try to climb it.

The bottom line is there HAS to be consequences to running scripts, or we may as well just not play at all.