Sorry folks, gonna be a long post...wanted to split it into several posts, but it doesn't flow as well. So I tried to paragraph it as best as I can.
How dupes happen
As per mentioned in one of the earlier threads warning people about duped runics -
Every item has a unique ID, sort of like a primary key in a database. When an item is created (crafted, spawned, BOD reward etc), a new ID is generated for this item. So all legit items have a truly unique ID.
Duped items however, have the same ID as the original. Almost always, the failsafe/backup process is being abused to cause the dupe. eg When travelling to a subserver (by gates/crossing serverlines etc), your Avatar's info like what your are wearing, what's in your bank, what pets you have, what your packies are carrying (if they are also crossing server lines with you) etc are all copied from the current subserver you are on, to the subserver you are going to.
There's a failsafe mechanism to guarantee data consistency where - if the data transfer transaction did not complete properly (eg subserver crashes), your client would hang, but you won't loose your avatar. Instead, the servers would automatically retrieve your Avatar's info from the last backup when you next login. (in these situations the player may lose up to a hour's worth of gameplay). Now imagine what if you have given your friend your orny during this 1 hour? When you log back in, you would still have the orny in your pack, and your friend will still have the one you gave him earlier. Duped. Since no new orny was actually created, no new unique IDs are generated for either of the ornies.
Can we stop dupes or limit their damage
There has been many variations of this through the past 11 years. OSI would fix them, but new ones will be found. Just like vulnerabilities in Windows/UNIX etc. Some by accident, but mainly by people that actively find ways to test/break the system, and of course in ALL the MMORPGs - how to dupe.
Asking why game companies don't prevent duping/exploits etc is not really fair. Of course they don't want bugs/exploits/dupes to exist, they also want to be able to afford a large QA team to exhaustively test all aspects of the game before every patch. But in real life, exhaustive testing is not possible, even if they have the moola to hire an army of QA staff. That being said, there are times where I doubt certain patches went through proper QA - AOS was one.
What they did do, is stopped the character transfer service. This is how dupers launder their dupes, coz the process would generate new unique identifiers for all their transferred stuff. It's still traceable if they wanted to, but it's far simpler to keep everything localized to the individual shards while they did a database query / search for dupes on each shard.
What's different about the runic dupes
Knowing that dupes have unique identifiers, note that the runic dupes differ slightly. Turns out that this time, they duped the BODs and not the runics. So the BODs would have duplicated IDs, but when they are turned in, the runics are all newly created and have a properly unique ID.
Tracing this would be a little more complicated than just a search for duplicated IDs. So I am guessing that they will do the following:
1) Search for duplicated IDs (this would turn up the duplicate BODs, checks etc)
2) Search for all runics created in the last 3,6,12 months, and cross reference with the the BOD that was turned in to generate the runic. If not recorded in the attributes of the runic, then there should be a trash heap where there are records showing what items were destroyed and where type of item = BOD. With the IDs of the BODs, they can now query which are duplicated
3) Now flag ALL owners of these items, and even those who had them for a while (ie the fencers)
4) If dupes > x amount, then flag_ban_without_review = true
5) Else if dupes > 1 but < x, then flag_scrutinize_player = true
I would imagine that this is a lengthier process, so the time taken to get the proposal/approval/coding/QA is correspondingly longer. Meanwhile, customers are screaming that all these dupes are happening on a massive scale. On one hand, you want to assure customers players that something is being done, on the other, if you do this, it will tip off the exploiters. If they get tipped off, you will never get the ringleaders either. And those are the people you really want to get.
A judgement call was made, seems like majority of devs/GMs/management/players would prefer to see a more heavy handed approach. Hence a solution where there can be no warning, remorse or recourse - immediate ban and houses dropped.
All the while, hoping that people true to the game would keep their noses clean. And hoping that this serves as a future warning to exploiters of the kinds of actions they are willing to take.
In conclusion
There's a chinese proverb for this - "Kill one to warn hundreds".
There are pros and cons to this. I totally understand why they did it their way. At the same time, I personally believe that it's safer to just delete the dupes they have ID'd and add a strike/tick to the offender's account like what they used to do. 3 strikes, and you are out.
Those that are worried about buying stuff - there are still lots of duped stuff out there, I mean honestly, how many 2 storey Covetous statues, Shrouds, Lt Sashes can there be? If you have a couple of Sashes with the same ID, they are probably not after you. If you have a bus load of them sashes, then be careful. Just give yourself a reasonability test - would a reasonable person that is intimately familiar with the inner workings of UO believe that those sashes are legit?
