Guild Wars Forums - GW Guru
 
 

Go Back   Guild Wars Forums - GW Guru > The Inner Circle > The Riverside Inn

Notices

Closed Thread
 
Thread Tools Display Modes
Old Jan 11, 2008, 12:47 AM // 00:47   #1
Site Contributor
 
Join Date: Dec 2004
Advertisement

Disable Ads
Default [Dev Update] Exploits and Bans – 10 January 2008

All right, so that we can have a controlled discussion on this hot topic:

Quote:
Originally Posted by Gaile Gray
An exploit was recently discovered in Guild Wars that allowed client-hackers to travel to a hidden outpost. From that outpost, they could travel directly into the room containing Mallyx, the final boss in the Domain of Anguish.

This hidden outpost existed strictly for testing purposes and was never accessible through normal play. Only by hacking the client, or partying with someone who had done so, could a player access that outpost.

We eliminated the exploit with a build today. We also conducted a detailed investigation into who accessed this exploit and other hidden outposts. As a result of this investigation, we permanently banned 117 players late Wednesday night, Pacific time, and we will ban more accounts as appropriate as we review additional logs gathered after the initial bans. In our investigation, we took into consideration extraordinary circumstances such as players who might have been transported to the outpost unwittingly and against their will by a party leader who was hacking the game. We chose to permanently ban these 117 accounts because it was clear that the players involved had intentionally exploited a server vulnerability for their personal gain.

ArenaNet gives the highest possible priority to maintaining the security of the game and protecting the game economy. You can assist us by letting us know, via the Community mailbox, if you learn of an exploit. Protect your own account by refusing to use exploits and declining to share information about their uses with others.

http://wiki.guildwars.com/wiki/Gaile...0_January_2008
Please post your thoughts and opinions. Do not add one-liners but if you have something to add to the discussion then please do so. Any insult to an individual or the community as a whole will be deleted. Stay on topic.

---
Update:

http://www.guildwarsguru.com/forum/s...&postcount=351
Quote:
Originally Posted by Gaile Gray
I will share several bits of information, and then will read the other pages in the forum. But let me answer some of the many comments being offered here, all based on the position that was really pretty clearly detailed in today's Dev Update:
  • No one was banned for visiting the hidden outpost once. No one was banned even for going there a few times.
  • No one was banned for entering the mission, killing Mallyx, and taking the loot, even if they did that a few times.
  • In fact, the bar was set higher than a one-time or even few-time occurrence, as the Dev Update states, to avoid banning someone who was pulled there inadvertently or to avoid banning someone who might have thought he was helping by "testing" the exploit.
  • We have had protests saying something like, "But I only did it 4 times!"And the answer is, "You're right: You used the exploit 4 times. And then you used the exploit 20 more times on your other character."
  • There is a massive difference between ferrying someone to a known map and hacking the client to go to an inaccessible map, to take on a hero without having had to fight through four difficult challenges prior to that meeting. For in normal circumstances, by the time a party gets to Mallyx, they've taken damage, acquired DP, and spent a significant amount of time. The DoA mission requires talent, skill, and dedication. What challenge is there in skipping to the end scene? And would anyone honestly think that such a short-cut was allowed or intended?
  • For some, we see a pattern of movement to the outpost (sometimes after selling passage to others), entering the Mallyx room, killing him, then wash, rinse, and repeat. And boy oh boy, did some people repeat it!
  • Yes, we have records, and chat logs, and more. Obviously, anyone who hacked his client needs to be banned, and anyone using this exploit more than a few of times also needs to be banned. Let's not fine-grain this to who did the actual hacking -- the question is, did you benefit from using the hack?
  • The existence of the outpost -- in hidden form -- is required to offer the Domain of Anguish. This was not a "test" and the outpost absolutely could not be "deleted when we were finished with 'testing" or "saved on some storage device." So as directly as I can say it to those offering unfounded opinions: Deleting the outpost disables the entire Domain of Anguish mission. Therefore, let's be fair and not blame ArenaNet because someone hacked his client!
  • This exploit has nothing to do with texture changes or mods.
  • Now, to those who suggest that Support should give a warning before a block or ban, can you please tell me why that would be a good idea? Because I think I can tell you why it would be a poor idea: Giving a warning allows players time to shuffle their items to another account, to create a mule to carry the goods, or to sell them or give them away before they're caught. That means the economic impact remains, and it's the economic impact that we must prevent.
  • This exploit is not in any way a form of "farming." Whether someone used an exploit, or partied with someone who did, he were taken to a hidden outpost, which he could easily verify because (a) it was not on his map, (b) Mallyx, in normal gameplay, has no such outpost, and (c) he was almost certainly told it was an exploit, or told to keep it quiet, or sworn to secrecy. He was not farming, he was using or benefiting from the use of a serious exploit.
  • The length of the UA, or not reading it, is truly not a defense if one chooses to breach it.
  • Saying "They let such-and-such bug/glitch/exploit go, so they should just let everything go" has no foundation in logic. This was a significant exploit, higher in overall concern than someone ferrying another player to a legitimate high-level map. This is hacking the client; this is going to forbidden areas; this is gaining undeserved reward; this is profiting from selling the secret or selling a ferry; this is engaging in activities that can have long-ranging negative effect on the game economy.
We are always very sorry when we have to enact a ban on any account. Although 117 accounts is a very small number when you consider the numbers of those playing every day, it still causes us great distress to be placed in the position of having to enact such bans. After all, the last thing we want to do is turn away people who enjoy our game. I am personally very, very sad to see some names that I recognize involved in this exploit.

We do understand that some people will be angry about our actions, even if they were not personally involved in the exploit. I think we can all agree it's not a pleasant situation from any viewpoint. But we must put the game community as a whole above the interests of the individual player, when the actions of the individual player can have negative consequences upon all players. And that is what we have done.

Players who were banned may submit an appeal. Each such appeal will be carefully and respectfully researched and I truly hope that your personal situation is such that your account might be reinstated. But in all honesty, for quite a number on the ban list, that simply will not be possible. And as distressing as it is for more than the individual players involved, some players will find their ban must be upheld, for the good of the game.

Thank you to those who support ArenaNet in making this painful decision. And our sincere thanks to those who knew of this exploit and did not use it, or who kindly reported it to us directly, so that we could prevent a major impact upon the game about which all of us care so deeply.
UPDATE:

Quote:
Originally Posted by Gaile Gray
Sorry, but I have to make a correction: Please submit a Support Ticket. Support is gathering and reviewing all appeals. ArenaNet is involved in setting parameters and may be involved in assessing the appeals. But emailing or PMing me is not going to be fruitful -- appeals must go through Support.

Last edited by Mercury Angel; Jan 11, 2008 at 09:03 PM // 21:03..
Inde is offline  
Old Jan 11, 2008, 12:49 AM // 00:49   #2
Jungle Guide
 
Mickey's Avatar
 
Join Date: Feb 2006
Guild: Eternal Insight
Profession: D/
Default

I guess I am considered one of the lucky 117.

I was taken there without knowing it was an exploit, or 3rd party programs were involved, and I killed Mallyx from there, although I had already defeated the 4 other lords of anguish before beating him. Now I am permanently banned, support has no mercy for me. I don't know what to do. I thought it was just farming. W/e, flame me if you want, that's how the other thread turned out.
Mickey is offline  
Old Jan 11, 2008, 12:50 AM // 00:50   #3
Krytan Explorer
 
You just got tomahawked's Avatar
 
Join Date: Nov 2006
Location: H-Town
Guild: The Battle Bakery [vPie]
Profession: N/
Default

Wow. DoA greens arent worth much though... Last time I checked Mallyx's chest doesnt drop gemstones.

Last edited by You just got tomahawked; Jan 11, 2008 at 01:17 AM // 01:17..
You just got tomahawked is offline  
Old Jan 11, 2008, 12:51 AM // 00:51   #4
Jungle Guide
 
Mickey's Avatar
 
Join Date: Feb 2006
Guild: Eternal Insight
Profession: D/
Default

Quote:
Originally Posted by You just got tomahawked
Wow. DoA greens arent worth much though...
Gemsets are worth around 18 k.
Mickey is offline  
Old Jan 11, 2008, 12:52 AM // 00:52   #5
Forge Runner
 
undeadgun's Avatar
 
Join Date: Nov 2006
Location: US
Guild: Its Rainning Fame Hallelujah[伞回伞], also as guild leader
Profession: N/
Default

it is a really fair action done by Anet, those who exploit the bug was intended to break the rules, i think the ban is fair.
undeadgun is offline  
Old Jan 11, 2008, 12:53 AM // 00:53   #6
Pre-Searing Cadet
 
Rhapsody Shadow's Avatar
 
Join Date: Jan 2008
Profession: R/
Default

why were people banned for this but not exploits like the slave's dungeon or ferrying to the end of nightfall? Surly everyone should be treated the same.
Rhapsody Shadow is offline  
Old Jan 11, 2008, 12:54 AM // 00:54   #7
Ascalonian Squire
 
Join Date: Dec 2006
Profession: E/
Default

my guess is it wasn't about the greens, but the golds. aka the different gemstones and via the stones tormented weps.

if thats what really happend Mickey thats a bummer but i imagin support might eventually help you as they are aware of people unknowingly abusing this.

other wise a well rounded fix and mass-ban. bravo anet
jamal is offline  
Old Jan 11, 2008, 12:54 AM // 00:54   #8
Academy Page
 
Join Date: Dec 2006
Default

This exploit was done by hacking the client/data, which makes it a bit more serious than ferrying. Anet made the right decision to ban the players.
Dropper is offline  
Old Jan 11, 2008, 12:55 AM // 00:55   #9
Grotto Attendant
 
Join Date: Aug 2007
Location: Canada
Default

I think permanent bans for people who didn't actually hack the program to be a little extreme. The actual hackers, sure, but the people who were taken there (some of them by surprise) should not be held as accountable for this.

Quote:
Originally Posted by Gaile Gray
ArenaNet gives the highest possible priority to maintaining the security of the game and protecting the game economy.
I am somewhat doubtful about this given the current state of the game and what ArenaNet is doing to disadvantage human farmers and how they are supporting botters.

Any word on plans from ArenaNet to make it easier for players to gain money (and thus reduce the efficiency of gold selling)?
Zahr Dalsk is offline  
Old Jan 11, 2008, 12:55 AM // 00:55   #10
Jungle Guide
 
Lady Raenef's Avatar
 
Join Date: Feb 2007
Location: Oregon, USA.
Guild: Zero Mercy [zm]
Profession: W/
Default

No wonder I saw gemsets being sold like crazy. I didn't even know about this, man, I'm always slow on recieving the news! At least they fixed it and they're punishing the deserve!
Lady Raenef is offline  
Old Jan 11, 2008, 12:56 AM // 00:56   #11
Lion's Arch Merchant
 
Big_Daddy's Avatar
 
Join Date: Apr 2006
Guild: The Big Daddy Experience [BigD]
Profession: N/Mo
Default

Well, Mickey, if you do feel you were taken there without knowing about it, then tell GWSupport.
Quote:
In our investigation, we took into consideration extraordinary circumstances such as players who might have been transported to the outpost unwittingly and against their will by a party leader who was hacking the game.
Big_Daddy is offline  
Old Jan 11, 2008, 12:57 AM // 00:57   #12
Hall Hero
 
Bryant Again's Avatar
 
Join Date: Feb 2006
Default

One of my friends has been for this as well. He said that he "unwillingly" went there as well and mapped back to his GH a few moments after. But if he was telling the truth, he shouldn't have been banned, right?

Now my question is: Does ANet have some sort of tracking record for player status, via chatlogs, travel logs, etc? For "extraordinary circumstances," this seems like where it would be most helpful, because this is pretty serious (well...as serious as PvE can get, really. lol.) Otherwise, a lot of innocent peeps could get wtfbanned.

Nonetheless, if you're banned, send ticket after ticket after ticket after ticket. If you're persistant and thoughtful in your e-mails, they'll let you go. Unless you were one of the hackers, in which case good luck buddy.
Bryant Again is offline  
Old Jan 11, 2008, 12:58 AM // 00:58   #13
Academy Page
 
Join Date: Oct 2007
Location: New York
Guild: Crew of the Forsaken[LaZy]
Profession: E/
Default

I commend A-Net for discovering and cracking down on this serious issue. I wonder why thisoutpost was never deleted...
Billeh is offline  
Old Jan 11, 2008, 01:00 AM // 01:00   #14
Jungle Guide
 
Mickey's Avatar
 
Join Date: Feb 2006
Guild: Eternal Insight
Profession: D/
Default

Quote:
Originally Posted by Bryant Again
One of my friends has been for this as well. He said that he "unwillingly" went there as well and mapped back to his GH a few moments after. But if he was telling the truth, he shouldn't have been banned, right?

Now my question is: Does ANet have some sort of tracking record for player status, via chatlogs, travel logs, etc? For "extraordinary circumstances," this seems like where it would be most helpful, because this is pretty serious (well...as serious as PvE can get, really. lol.) Otherwise, a lot of innocent peeps could get wtfbanned.

Nonetheless, if you're banned, send ticket after ticket after ticket after ticket. If you're persistant and thoughtful in your e-mails, they'll let you go. Unless you were one of the hackers, in which case good luck buddy.
I went ahead and told them the general chat log that me and a friend had, all I can do is hope for the best, it's been a good two years, and I don't want it to end like this. I have been using the same ticket for all my answers/questions, is that bad?
Mickey is offline  
Old Jan 11, 2008, 01:00 AM // 01:00   #15
Furnace Stoker
 
Crom The Pale's Avatar
 
Join Date: Nov 2006
Guild: Ageis Ascending
Profession: W/
Default

This was certainly appropriate action on Anets part.

Hacking of any kind should result in more than just a ban, it should be a criminal offence. It is an outright attack upon proprietary property via the internet.

That being said those that were taken to the outpost via a party leader, and had no knowledge of the hack should remain free from any action. Many games are full of "hidden areas" that only a few find a means of entry to. It would be easy to fool even some vertern players into thinking this was a legit location that has remainned either hidden or kept secret by those few that found it.

This is the first I have heard of this outpost, though it certainly makes perfect sense from a programing/debugging aspect, and even I(32+ months of play time) could have been fooled into thinking it was legit.
Crom The Pale is offline  
Old Jan 11, 2008, 01:00 AM // 01:00   #16
Site Contributor
 
Neo Nugget's Avatar
 
Join Date: Jan 2006
Profession: R/
Default

Quote:
Originally Posted by Rhapsody Shadow
why were people banned for this but not exploits like the slave's dungeon or ferrying to the end of nightfall? Surly everyone should be treated the same.
Because that didn't involve hacking the Dat. file.
__________________
"Even if the morrow is barren of promises,
nothing shall forestall my return."
Neo Nugget is offline  
Old Jan 11, 2008, 01:00 AM // 01:00   #17
Site Legend
 
Join Date: Oct 2005
Default

Quote:
Originally Posted by Billeh
I commend A-Net for discovering and cracking down on this serious issue. I wonder why thisoutpost was never deleted...
Clearly stated in the OP. Don't start with the conspiracy theories, well not until I've grab a drink and some popcorn.
__________________
Old Skool '05
Malice Black is offline  
Old Jan 11, 2008, 01:00 AM // 01:00   #18
Frost Gate Guardian
 
Harrier's haste's Avatar
 
Join Date: Jun 2007
Guild: ViLE
Profession: R/P
Default

Quote:
Originally Posted by You just got tomahawked
Wow. DoA greens arent worth much though...
They are there for the gemstones, which in turn can be transferred for the Torment Weapons/Shields, currently around 100k 28e. (does my post gets deleted for naming the price? ) So, as you see, they're quite valuable.

But I totally agree with the actions Anet take. Imo, even getting banned permanently is too light a punishment for these hackers. Dam bastards, at least they won't be around for some time.
Harrier's haste is offline  
Old Jan 11, 2008, 01:01 AM // 01:01   #19
Ascalonian Squire
 
pochoWICKED's Avatar
 
Join Date: Feb 2007
Guild: [GoA]
Profession: Mo/
Default

Yea I got banned too. Not Happy about it. A lot of 1337 people got banned for this. And I think we should have at least got a warning or something before a straight-up permanent ban. Whatever though, I just don't think it's right, because pretty much everyone involved in this has been playing for like 2 years and has spent a lot of money buying expansions, char slots, etc....
pochoWICKED is offline  
Old Jan 11, 2008, 01:01 AM // 01:01   #20
Frost Gate Guardian
 
Pariah Hellfire's Avatar
 
Join Date: May 2006
Profession: N/Mo
Default

I am left thinking why they have left these "hidden outposts for testing purposes" active in the game..would it not be so easy to remove them when content is finally added with a new build?

I am also a little concerned for my account status,I have just purchased a few things from the GW store and if these ingame exploits are apparently easily hacked,what's to stop people from obtaining my Mastercard information through "client side hacking in the GW store?"

I think it's great Anet has jumped on rectifying the situation,and on the whole I feel this is still the single most secure and well maintained "online" franchise in terms of security.

It's still an inconvienient fact that people will try and exploit video games.
Pariah Hellfire is offline  
Closed Thread

Share This Forum!  
 
 
           

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Update: January 23 unienaule The Riverside Inn 15 Jan 25, 2006 01:57 AM // 01:57
Update - Friday, January 13 Ogg The Riverside Inn 2 Jan 14, 2006 01:17 AM // 01:17


All times are GMT. The time now is 11:20 AM // 11:20.


Powered by: vBulletin
Copyright ©2000 - 2016, Jelsoft Enterprises Ltd.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("