Add APBL Scoring - support for global bans

[Erth Paradine]

Request:
Add support for multi-server blacklist checks at time of login. Will be referred to as "APBL" within this suggestion; an abbreviation of Abusive Player Black List.

The overall goal here is to globally and automatically ban players that multiple trusted admins have deemed undesirable visitors to their own servers; helping ease administrative overheads across the board, including with Schine staff themselves.

Currently:
Banned players are able to continue griefing other servers, indefinitely. Even once there's a cost to obtain accounts, other online games experience similar circumstances; players with more money than sense, just keep buying additional accounts. A stronger deterrent is needed, and a "global ban" would help accomplish this. Such a tool also needs to have a means of minimizing admin abuse as well.

Result of proposed:

• Abusive players banned on multiple unrelated servers run the risk of a global ban.
• Improved anti-griefing/abuse support.
• Enables automated blacklist sharing.
• Each independently-run server will retain full control who's ban list they use (if any), how much they want to permit this list to influence their enforced bans, and as such any abusive servers/admins would be quickly weeded-out and ignored by the larger server owner community.

Suggested Method:

• Players are ranked by a "APBL" score during login, banned if their APBL score exceeds value configured by server owner.
• Each server is specified via AUTO_BAN_BL, and granted an owner-defined level of trust. The player score and server trust levels are added, to determine if a player qualifies for a ban. Qualification threshold is defined by "AUTO_BAN_LIMIT" server.cfg option.
• Include option for custom text string by each server operator, defined by server.cfg entry AUTO_BAN_TXT.

More specific implementation suggestions:

• Add "boolean" server.cfg option "AUTO_BAN_BL", when true:
  • Start listener, default to UDP port 4243. This port will be used for APBL queries by other servers.
  • Load contents of apbl.txt to establish a list of trusted servers to query, each entry would be a single line:
    • hostname:port,trust
    • APBL query results should be cached for at least one hour, minimizing impacts of abusive relogging patterns.
    • UDP is suggested to minimize TCP related delays.
    • The "trust" portion identifies server trust, by an integer value.
    • The hostname:port portion would identify a server to query for ban status.
  • Add "int" server.cfg option "AUTO_BAN_LIMIT":
  • Specifies "ban score", as influenced by each server's level of "trust" specified above.
  • Upon reaching the necessary score, a player's login would be immediately rejected, preferably at this phase of the login:
    • [AUTH] authenticating playername; useAuth: true; requireAuth: true
      [SESSION_CALLBACK] verifying player playername with token: xxxxxx
      [OAuth2] Verifying Auth Token 'xxxxxx
      [SERVER] Retrieving public user info

• When querying a server listed in AUTO_BAN_BL, hash each entry separately, and use hashed values during queries: IGN, SMN (StarMade Account Name), and IP. Hash is intended to help maintain player privacy. If value exists in queired server's ban list, reply with (as relevant):
  • IGN:true
  • SMN:true
  • IPBAN:true
  • Each "true" response increases a player's APBL "score" by one.

• Examples illustrating influence of additive "trust" value, assuming (for example) AUTO_BAN_LIMIT=7:
  • If query returns true on all three IGN/SMN/IPBAN queries, player is given an APBL score of "3":
    • If only one server is queried, and the queried server has a "trust" value of 0, player is permitted to login: overall APBL score was only 3.
    • If only one server is queried, and the queried server has a "trust" value of 5, player is denied login: overall APBL score had reached 8.
      
    • If two servers are queried, both servers having a trust value of 1, player is denied login: overall APBL score had reached 8.
  • If query returns true on only IPBAN, player is given an APBL score of "1":
    • If only one server is queried, and the queried server has a "trust" value of 5, player is permitted to login: overall APBL score was only 6.
      
    • If three servers are queried, each server has a trust value of 1, player is permitted login: overall APBL score was only 6.
    • If three servers are queried, two servers have trust=2, one server has trust=1, player is denied login: overall APBL score had reached 8.
• Default text for AUTO_BAN_TXT should suggest wording along the lines of "...You have been globally banned, for further assistance please contact admins via forums.example.com..."

Such a scoring system enables each server operator to control their risk tolerance, and it makes it highly unlikely that any one rouge server could effect a global ban. Any server's participation would be voluntary, so this also adds another layer of abuse mitigation.

Automated querying of SMD forum's ban status would also be a nice addition to this function, a feature that each server admin could enable/disable at their discretion. Quite frankly, if the player has been abusive enough to have been banned from SMD, why are they still being allowed to grief countless private server owners.

Rationale:

• Original inspiration comes from DNSBLs, used very extensively in the email administrator community, by everything from single-user email servers, to very large hosting entities such as gmail. This overall framework has helped minimize effects of harmful/abusive administrators, while profoundly curtailing abusive email behaviors (e.g. spam).
• Similar techniques are being implemented in other online games, for instance Mojang's new server blacklist feature leverages a similar function to blacklist abusive server owners.
• Admins need tools to mitigate abuse, and the current options are minimally useful; it blocks only the most casual of abusive players.
• Use of VPNs to bypass bans would become increasingly less useful, especially with netblock/wildcard support being re-added to /ban_ip .
• Charging for accounts will also help deter abusive behaviors, but this moves the game towards a "pay to play" model, which is not an expressed desire of Schine.

Defects/Workarounds:

• All ways that an abusive player could bypass bans: changing IPs (e.g. VPNs), creating new accounts, changing IGNs.
• The goal here is to make bans unappealing for abusive players - make it more difficult for them to be abusive.
• This could still lockout legitimate players. To minimize such a risk, the server should honor any whistlist.txt entries.

Credits:
This suggestion is the result of multiple server admins coming together, seeking a mutually beneficial solution which minimizes risks of abuse, maintains player privacy, reduces administrative overheads, automates a global ban processes, and improves overall enjoyment of the game by legitimate non-abusive players.

Third-party works in progress include www.smbans.com

 

[Bobby Bighoof]

GenXnova stands behind this idea bringing rise to the server to not stand by and be abused by players simply because they can.

We at GenXnova feel that if this system is implemented properly that it will help with the over all stability of the player base at large and boaster a game system that promotes game play rather than a free anger management for would be abusive players.

It is a proven fact that locks on doors in the real world only serve to help keep the honest people honest, and any real criminal will break in your house no matter the lock put in place. So why should we leave all of our servers unlocked. Lets help keep the players as players and not future griefers because they can.

We have the authentication system, but that is not a support system to prevent griefers.

With this system in place we as servers have the ability to take action, and real players who just want to enjoy our servers have the ability to feel safe in their game play.

 

[Zedrackis]

I remember mine craft having a mod for something similar. Problems it creates might out weigh its usefulness. Someone would have to dedicate time to not only handling appeals to global bans, but also vetting sever mods/admins.

 

[Erth Paradine]

I remember mine craft having a mod for something similar. Problems it creates might out weigh its usefulness. Someone would have to dedicate time to not only handling appeals to global bans, but also vetting sever mods/admins.

How is that a greater problem, than greifers going around and abusing players, mods, and admins on various servers?

Also note that a ban remains just a ban: if a player wants to access a particular server, nothing would prevent them from appealing to that specific server operator for access. This is one of the points behind the scoring system - it prevents wholesale abuse, and minimizes the chances of any single server having enough clout to globally ban players.

 

[HeartUponSleeve]

Every server has different rules and different guidelines for banning users, some servers will ban a user for a reason that all over servers are completely ok with (such as you banning users for logging more than 10 times in the space of 24 hours)

StarMade is not CS:GO, Unlike CS:GO where every person who review bans (overwatch guys) follow the same guidelines AND the rules are the same on ALL servers, StarMade has rules that vary from server to server and each admin will have his own guidelines as to when to ban a user.

Suggestions like these will NEVER work unless all servers have the SAME rules and the SAME banning procedures.

 

[Erth Paradine]

With all your admin abuse, including but not limited to banning people for accidentally causing lag, relogging (lolwut), and in general attacking any of your friends I fail to see how this could anything but promote further admin abuse. SM is full of crap admins like you and the last thing we need to do is give them more tools to continue abusing such as you have.
....

Your team's misinformation campaign continues to amuse me. It works really well for you when you omit the whole truth. zorozeenee was not banned for excessive relogs, he was suspended for 24 hours in an attempt to get his attention (this is a Google Cache link, illustrating an older version of what was only a suspension thread at the time, where zorozeenee had already been reinstated prior his later ban), so that he would contact admins via our forums, SMD, or our hosted mumble server.

2016/06/20 - 06:48:06 [ErthParadine]: Sigh....zoro please get your client fixed, or contact me in forums. This relogging is getting ridiculous.

He did none of these things, but even after his 24-hour suspension was automatically lifted, he did continue to relog in gross excess for nearly another two weeks. During these two weeks, Schine reps contacted us while working with zorozeenee to resolve his client-side issues, we helped where we could. Even so, suspension due to excessive relogs is a rule that admins have clarified, backed with statistics, justified with bug/exploit mitigation clarifications, and that our community continues to discuss. I invite all active community members to get involved by contributing via our appropriate forum thread.

When zorozeenee started launching logic bombs, nearly two weeks after his 24-hour suspension was automatically lifted, his actions forced us to ban him; a rule violation that was well within our rights to respond to.

With that said, your team's continued smear campaign raises an excellent point: had we known that zorozeenee was already banned across most popular StarMade servers, and even here on the dock itself, he would have never been allowed to use our server, and this entire discussion would have been moot; our server would have been amongst dozens of others, and most likely never a target of your team's current smear campaigns.

Thank you for an example that so precisely drives our point home, with absolutely crystal clarity. Wow, thank you.

 

[Winterhome]

I assume that such a thing could already be implemented via wrapper shenanigans and a ban list document hosted online.

 

[Erth Paradine]

I assume that such a thing could already be implemented via wrapper shenanigans and a ban list document hosted online.

Please note a to www.smbans.com, which is included in my original posting. If you visit that site, you'll notice that the project started two years ago, but hasn't taken off. In the meantime, we continue to see server operators quitting; citing griefing (and its time-consuming responses) as a major contributor.

We are investigating options to implement a third-party tool as well. Although can you think of a reason why such a feature should not be built-in, and therefore available for easier/seamless access by all server operators?

 

[HeartUponSleeve]

Every server has different rules and different guidelines for banning users, some servers will ban a user for a reason that all over servers are completely ok with (such as you banning users for logging more than 10 times in the space of 24 hours)

StarMade is not CS:GO, Unlike CS:GO where every person who review bans (overwatch guys) follow the same guidelines AND the rules are the same on ALL servers, StarMade has rules that vary from server to server and each admin will have his own guidelines as to when to ban a user.

Suggestions like these will NEVER work unless all servers have the SAME rules and the SAME banning procedures.

Erth Paradine

Since your online and willing to respond to ZeroRa's little thing, why not give your explanation as to how a system of this nature would work when:

1. Abusive admins exist
2. You system has no safeguard against admins who are abusive
3. Admins can ban anyone at any time for any reason, whenever they have done anything or not
4. There is not set in stone guidelines for when you should ban a user (different admins will ban users for different reasons with different processes)

As I have said, this is not CS:GO admins don't follow the same banning guidelines and rules gamewide, IF every single server in the entirety of StarMade has the same rules, and the same banning process then MAYBE this could work, but this is not the case.

So, how will this system work with these points in mind?

 

[Winterhome]

Please note a to www.smbans.com, which is included in my original posting. If you visit that site, you'll notice that the project started two years ago, but hasn't taken off. In the meantime, we continue to see server operators quitting; citing griefing (and its time-consuming responses) as a major contributor.

We are investigating options to implement a third-party tool as well. Although can you think of a reason why such a feature should not be built-in, and therefore available for easier/seamless access by all server operators?

Mostly the reasoning that the Vaygrbros have displayed - a community ban list would need to be synched between only servers with comparable rule lists and morality, and it could be easily abused by badmins (such as K1 and company from what used to be Mikeland).

I don't feel that community server ban lists should be enforced by Schine, because community servers are not Schine's business. I know that a number of servers had, in the past, chosen to look into community banlists/blacklists, including Shattered Skies and some other servers, but I don't know what happened to that idea.


It would be okay if there were an option to automatically blacklist uplink accounts that were banned from StarmadeDock, though.

 

[Erth Paradine]

Mostly the reasoning that the Vaygrbros have displayed - a community ban list would need to be synched between only servers with comparable rule lists and morality, and it could be easily abused by badmins (such as K1 and company from what used to be Mikeland).

I don't feel that community server ban lists should be enforced by Schine, because community servers are not Schine's business. I know that a number of servers had, in the past, chosen to look into community banlists/blacklists, including Shattered Skies and some other servers, but I don't know what happened to that idea.

It would be okay if there were an option to automatically blacklist uplink accounts that were banned from StarmadeDock, though.

Please carefully re-read my original suggestion. There was no mention of a centralized list, and I wouldn't agree to a centralized list unless run by Schine themselves as centralization is too prone to abuse. A blanket synced list is also concerning, as my suggestion included a means to score/weigh each server based upon an operator-defined trust value.

My suggestion would require both voluntary server participation, and the ability for any participating server to score another server's ban; either just outright accepting another other server's ban (e.g. equal rules/morals), using another server's bans to influence a ban decision (e.g. dissimilar rules/morals, but a desire to at least be more aware of other server experiences), or to just dismiss another server's opinion of bans (by simply not querying that server's ban status).

As for banning accounts, in my experience that's inadequate. Being able to share IP ban information via automated means is also important, as many of griefers have used multiple paid accounts, simply created multiple free accounts, and/or frequently changed IPs using VPNs, or forced IP changes (e.g. broadband modem restarts).

 

[Mortiferum]

Decent idea, open to abuse.

- There will only be one offense where this ban list might have anything resembling usefulness and it would be exploiting.

Rationale:

- The scoring system turns something which should be judged on case by case basis into a number, which is rigid, inflexible, and in the long run, absolutely useless
- The system completely fails to account for any rule differences whatsoever
- Offenses such as griefing have a wide definition EVEN IF the same rule exists - Eg: The use of spies, blockade stations, mass drones, etc
- Administrator bias, minimal checks and balances in the planned system

- Passing the tedium onto banned players to appeal every single ban, on every single server, based on a number which admins can arbitrarily place. If anything, the tedium should be on admins to blacklist someone, and a formal process to do so must be in place, in which the people which will be banned should have a chance to explain his action. EVEN with the opt in/ opt out system.

- Suggesting that this idea will reduce schine workload, when it doesn't. Who will handle appeals? Who will handle the system as a whole against admin abuse? It is not appearing out of thin air. Having anyone affiliated with you, or any major faction, servers will result in a degree of conflict of interests.

------

 

[nightrune]

Decent idea, open to abuse.

- There will only be one offense where this ban list might have anything resembling usefulness and it would be exploiting.

Rationale:

- The scoring system turns something which should be judged on case by case basis into a number, which is rigid, inflexible, and in the long run, absolutely useless
- The system completely fails to account for any rule differences whatsoever
- Offenses such as griefing have a wide definition EVEN IF the same rule exists - Eg: The use of spies, blockade stations, mass drones, etc
- Administrator bias, minimal checks and balances in the planned system

- Passing the tedium onto banned players to appeal every single ban, on every single server, based on a number which admins can arbitrarily place. If anything, the tedium should be on admins to blacklist someone, and a formal process to do so must be in place, in which the people which will be banned should have a chance to explain his action. EVEN with the opt in/ opt out system.

- Suggesting that this idea will reduce schine workload, when it doesn't. Who will handle appeals? Who will handle the system as a whole against admin abuse? It is not appearing out of thin air.

------

I think Erth Paradine is actually aiming for a Karma like system. Where you tend to get general information about a player that is aggregated and you can make decisions based on that. Hopefully in an automated way.

 

[Erth Paradine]

Decent idea, open to abuse.

- There will only be one offense where this ban list might have anything resembling usefulness and it would be exploiting.

Rationale:

- The scoring system turns something which should be judged on case by case basis into a number, which is rigid, inflexible, and in the long run, absolutely useless
- The system completely fails to account for any rule differences whatsoever
- Offenses such as griefing have a wide definition EVEN IF the same rule exists - Eg: The use of spies, blockade stations, mass drones, etc
- Administrator bias, minimal checks and balances in the planned system

- Passing the tedium onto banned players to appeal every single ban, on every single server, based on a number which admins can arbitrarily place. If anything, the tedium should be on admins to blacklist someone, and a formal process to do so must be in place, in which the people which will be banned should have a chance to explain his action. EVEN with the opt in/ opt out system.

- Suggesting that this idea will reduce schine workload, when it doesn't. Who will handle appeals? Who will handle the system as a whole against admin abuse? It is not appearing out of thin air. Having anyone affiliated with you, or any major faction, servers will result in a degree of conflict of interests.

------

I understand your concerns, but participation would be voluntary. If a server operator abuses participation, can you explain why any other server would continue querying for their list? For that matter, if a server insists on querying an abusive list, why would you really want to play on either server?

 

[Mortiferum]

I understand your concerns, but participation would be voluntary. If a server operator abuses participation, can you explain why any other server would continue querying for their list? For that matter, if a server insists on querying an abusive list, why would you really want to play on either server?

How are bans differentiated?

Are all things given the weighing of one? If so, the offense must literally be the same.

This systems dumbs everything down into number, and what constitutes griefing in one =/= griefing in another (as an example).

I am questioning a few things here

- How useful is this as a fair tool
- How will one appeal the "ban" without major tedium
- How will admin abuse be dealt with? EVEN WITH the query system, the tedium should not be on the player to deal with BS.

----

This tool might work against the issue of exploits, it does not work on most other things. (Eg: Spying, griefing, pvp in no pvp zone, etc....)

 

[Erth Paradine]

I think Erth Paradine is actually aiming for a Karma like system. Where you tend to get general information about a player that is aggregated and you can make decisions based on that. Hopefully in an automated way.

I can't take credit for the original idea - this is the work of multiple existing sever admins coming together to remedy a persistent abuse issue - although I don't expect all admins to speak up, as some are clearly adverse to SMD participation because of prior abuse and griefing.

With that said, an automated decision-making system based upon player "karma" would be an elegant way to summarize the original proposal. Thanks for that.
[doublepost=1468256886,1468255718][/doublepost]

How are bans differentiated?

Are all things given the weighing of one? If so, the offense must literally be the same.

This systems dumbs everything down into number, and what constitutes griefing in one =/= griefing in another (as an example).

I am questioning a few things here
- How useful is this as a fair tool
- How will one appeal the "ban" without major tedium
- How will admin abuse be dealt with? EVEN WITH the query system, the tedium should not be on the player to deal with BS.

If you're banned, you're banned. Do you have an idea for implementing a tiered ban system? If so, then we have something to discuss, otherwise I fail to see how you addressed my original response, and followup question:

I understand your concerns, but participation would be voluntary. If a server operator abuses participation, can you explain why any other server would continue querying for their list? For that matter, if a server insists on querying an abusive list, why would you really want to play on either server?

Further, your last point is interesting...

This tool might work against the issue of exploits, it does not work on most other things. (Eg: Spying, griefing, pvp in no pvp zone, etc....)

Correct, and some servers are more tolerant of these topics than others. Although the underlying thread here is that each server operator would be able to score how much they trust other servers. For instance, if you're IGN/SMN/IP banned across 5 independently run servers, and all 5 of those servers happen to be ones that a 6th server checks for bans against, how welcome do you really think you'd be? Even if you are welcome, and inadvertently banned, what prevents you from using the information provided via "AUTO_BAN_TXT" to appeal your ban for whitelisting on that server. Afterall, it'd be abundantly easy for a server operator to establish an automated means of whitelisting more broadly-banned players via a webform linked via AUTO_BAN_TXT.

Above all, if multiple popular, reputable, servers are banning the same player, netblocks, etc coupled with SMD also banning (see my original posting), what's the common element here, and why should that common element be entitled to continue jumping amongst other servers that have already decided to trust the "karma" feedback provided by their peers.

 

[nightrune]

Whatever this system is you would have to tread carefully due to privacy as well.

The service that I envision would work in the following way.

1) Each user would start with the max karma. A set amount would be subtracted every time a server owner submitted a ban down to zero.

2) Server owners must submit a reason for the ban, and this user would be able to login into the same service to see the reason.

3) API Keys would be given to each server owner that requested it, but they would also have to provide statistics of some sort. Specifically how often people are banned, and the reasons they are banned with users names redacted.

5) Users (using their registry login) would slowly gain back karma in case they have learned their lesson and new servers arrive without them on a ban list.

The service would then act as a middle ground for someone to evaluate a server as well as an automated karma system for use across servers. Ideally it would be great for them to have ways to gain karma via the wiki and community sites as well. It wouldn't be super hard to write and could easily be open source so you could deploy it and have small networks of connected blacklist servers.

 

[Shawn_Wood]

it looks like earth wants the power to ban someone from all of starmade.

If a system like this were to come into play, only the most vile mother fuckers should be considered for the list (joelbrisco comes to mind).


But on the other hand, no singular person should ever wield this sort of power, except the developers of the game itself. It would be all too easy to simply press a button and make it so someone could never play again. Too much power.

 

[nightrune]

it looks like earth wants the power to ban someone from all of starmade.

If a system like this were to come into play, only the most vile mother fuckers should be considered for the list (joelbrisco comes to mind).


But on the other hand, no singular person should ever wield this sort of power, except the developers of the game itself. It would be all too easy to simply press a button and make it so someone could never play again. Too much power.

He's not suggesting a power ban, he's suggesting a system to auto share info in-between servers that is completely opt-in.

 

[Erth Paradine]

Whatever this system is you would have to tread carefully due to privacy as well.

The service that I envision would work in the following way.

1) Each user would start with the max karma. A set amount would be subtracted every time a server owner submitted a ban down to zero.

2) Server owners must submit a reason for the ban, and this user would be able to login into the same service to see the reason.

3) API Keys would be given to each server owner that requested it, but they would also have to provide statistics of some sort. Specifically how often people are banned, and the reasons they are banned with users names redacted.

5) Users (using their registry login) would slowly gain back karma in case they have learned their lesson and new servers arrive without them on a ban list.

The service would then act as a middle ground for someone to evaluate a server as well as an automated karma system for use across servers. Ideally it would be great for them to have ways to gain karma via the wiki and community sites as well. It wouldn't be super hard to write and could easily be open source so you could deploy it and have small networks of connected blacklist servers.

I like your ideas, if this were a centralized service, but that's not what is being proposed - so I'm confused by your reply.