A Thought on the Possibly Unjust Account Bans

[Llewen]

Ok, there are some people posting that they have been unjustly banned and somebody else posted about how he was banned and rares dealers had been coming to him with rares to dupe. He would pay them, dupe the rares, then give them back.

What if it isn't the rares dealers themselves he has been dealing with? What if these are honest people who have had their accounts hacked, but instead of stealing everything, they simply rented out their items to a duper, then put everything back the way they found it and left.

A hacker who was really smart might do this very sort of thing. It would make him or her immune to account bannings. No one would know they had been hacked, so there wouldn't be any investigation or hue and cry. If the hacker was lucky, the victim wouldn't even change passwords so the account would be open for further exploitation in the future if it wasn't banned.

I'm pretty sure a script could be created that would ensure that everything was put back exactly as it was before the hacker took over the account. What if at least some of these people who claim to be innocent really are, and have been victimized by a hacker?

 

[Mulch]

It also depends of the kind of dupes.
If it was possible to dupe locked down items then every not private home could be banned.

 

[Nails Warstein]

Considering I know someone who was hacked, and they only lost a few items, this theory has some weight to it. Why does a hacker have to delete characters and houses if he knows how to dupe? Since I know 5 people hacked since Spring, all rares collectors, this wouldn't surprise me at all. Most of them were on Napa Valley.

 

[Ender]

No, sounds like a waste of time to me. If I hacked somebody, I'd take it all, drop or sell the house, change the account info, not just "borrow" a few items to dupe it. What's the point of hacking an account for just a few items if you can take it all and maybe get 100 more mil?

 

[A.Entreri]

that sounds really, really far fetched. i'm not saying its impossible, just highly improbable.

 

[Fox (Europa)]

Here's my take on it...

After the last round of dupes EA put in place a mechanism to track dupes. Not hard to do, just track the spontaneous creation of an item not resulting from crafting. They then applied their long-standing policy of giving people enough rope to hang themselves and let people create and trade in dupes for a few weeks. Then they banned every account flagged.

Of course the ‘professional’ dupers got just their trial and empty accounts banned. Those crying here are those daft enough to use their main accounts to ‘test the dupe to be able to report it to EA’ and who bought duped items at 50% or less than the usual prices. So the ones making lots of $s from duping got a bunch of cash and the minor inconvenience of creating some new accounts; the real losers being the regular players stupid enough to try the dupe and/or buy cheap dupes.

Personally I think the EA approach of entrapment stinks. It still allows duped items and gold to enter the game; it then does little to punish the for-profit cheaters but does a nice job of punishing the stupid.

Fox

 

[Leto]

What if it isn't the rares dealers themselves he has been dealing with? What if these are honest people who have had their accounts hacked, but instead of stealing everything, they simply rented out their items to a duper, then put everything back the way they found it and left.

Yea and 9-11 was engineered by the Bush administration....

 

[Faerunner]

Here's my take on it...

After the last round of dupes EA put in place a mechanism to track dupes. Not hard to do, just track the spontaneous creation of an item not resulting from crafting. They then applied their long-standing policy of giving people enough rope to hang themselves and let people create and trade in dupes for a few weeks. Then they banned every account flagged.

Of course the ‘professional’ dupers got just their trial and empty accounts banned. Those crying here are those daft enough to use their main accounts to ‘test the dupe to be able to report it to EA’ and who bought duped items at 50% or less than the usual prices. So the ones making lots of $s from duping got a bunch of cash and the minor inconvenience of creating some new accounts; the real losers being the regular players stupid enough to try the dupe and/or buy cheap dupes.

Personally I think the EA approach of entrapment stinks. It still allows duped items and gold to enter the game; it then does little to punish the for-profit cheaters but does a nice job of punishing the stupid.

Fox

I seriously doubt that rollbacks will do anything but **** off legitimate players who don't have scripts running all day to make up what they lose.

Entrapment does stink and it's a superfluous tactic when they can prove who's doing the dupes immediately. I think they should just start temp-banning and investigating without worrying about "giving people the rope" because if you've duped you've already hung yourself, and all they're doing is trying to take out the network of innocent buyers around the dupers... some of whom probably need a reminder that even buying from dupers is assisting them, but others just need to price-check better and don't deserve bans!

Even a duper can only have so many credit cards. Why doesn't EA actually work with its billing department for once and start tracking who is registering a lot of trial accounts, and then watch for duping on the cards that are used multiple times for trials and start insta-banning the cards instead of just the accounts? I know that some people have 10+ accounts on UO and that they are innocent players, but it seems to me that some of the multi-account dupers can and should be catchable using this system - not just their throwaway accounts but the main ones, too - and the legit multi-accounters won't be touched. Assuming dupers are not using completely separate names on their EA payment accounts, can't they do a search for "John Smith", and watch all accounts registered to that name? I realize that IRL not everyone has a unique name so care would have to be exercised, but it seems better to keep an eye on a few innocents plus a lot of dupers than to ignore a possible way to crack down on the cheaters just to spare a few potential innocents... apparently everyone on the forums who's been banned so far is innocent anyway *cough*, so it's not like they're not already dealing with this issue. If you're going to take out a few good players you might as well be doing it in a move that wipes the dupers off the face of Britannia. Heck, I'd OFFER my account for watching and possible banning, if my 3 years lost game time would also remove all the dupers and make the game playable for the rest of us.

EA has messed up big time and everyone knows it, but it seems like this issue is not just on their end. A lot of people have come crying to the forums over their bans and homes being destroyed, and are saying things like "I only bought two hammers!"... well, imho it's the player's responsibility to keep up with the game's development and community and if you can't do that and are dense enough to think you're not buying a duped item then you need to learn a lesson. Should everyone who bought one duped val runic hammer have their house blown to pieces and their account terminated? Of course not, that's why temp bans and investigations need to be used liberally and PROMPTLY, and that's why cracking down on dupes as soon as they happen will help protect the innocent who then won't have time to buy (except in the case of these hypothetical hackers... no idea how they'd deal with that). I'd be satisfied with making accidental buyers of dupes give back the duped item with no return on the gold/time they spent getting it. They learn to be more careful of dupes, the duped item is removed, the duper (who can supposedly be traced), is banned and all credit cards that can be solidly linked to the duper are disabled from being used for UO accounts again.

...if only.

 

[Llewen]

No, sounds like a waste of time to me. If I hacked somebody, I'd take it all, drop or sell the house, change the account info, not just "borrow" a few items to dupe it. What's the point of hacking an account for just a few items if you can take it all and maybe get 100 more mil?

I should clarify, I expect that the vast majority of the bans were just and warranted, but there are one or two that make me wonder. And I know, if I had the technical expertise, and didn't want to be caught, something like this would be exactly how I would do it.

A hacker doing what I have described would run very little risk of ever being detected, or of facing any kind of consequences. If you empty an account and/or change passwords, it will be detected the instant the player makes their next attempt to log on, and you can bet the police will become involved as well.

Let's say, just for the sake of argument that I am a very smart person who has access to the sites where cheats, dupes and hacks are discussed and shared. I know that person "x" knows a few dupes, but doesn't have much worth duping. So I set up a website with some fairly useful game information that is relatively hard to come by. I make sure that the search engines catalogue my site. I install a script or a trojan on my website that loads the instant you load the page. The script or trojan steals account names and passwords and emails it right to my address, runs for a week or so, and deletes itself.

Then it is simply a matter of looking through the accounts for a few that have valuable items that are worth duping, and researching when these players are on and when they aren't. I find what guilds they are in, and maybe join their guild, then I keep asking for that person. "I have something for ***, is she on? Do you know when she might be on? Hmmm, I'm not going to be around until Wednesday, is she usually on then?" You get the picture.

All I need to do is find one or two victims that run museums. Or perhaps I become friends with them and get into their houses. I show them something rare and ask them what their favourite things are. Once I have some victims chosen, and have a good idea of when they will be on or off, it is just a matter of contacting my acquaintance the duper.

I tell him I will rent him some nice rares to dupe for a price. We arrange the price and payment, I tell him who to meet and where, and make it clear he can only have the items for a few minutes. In the meantime I've created a script that gives accurate positions and facings for items and characters. The dupes only take a minute or two, so I get the items back right away, replace them and the character, log out, and no one is the wiser.

I walk away with a few grand, maybe more, and a month or two later my victims' accounts are banned in a massive crackdown on duping and cheating, and they have no idea why the hell they have been targeted.

This scenario may seem far fetched. But believe me, it isn't...

 

[Lady_Mina]

Well as i stated before...it's hard to believe someone hacks someone else's account without touching it...or barely touching it.

Hackers usualy loot your account dry...leaving your chars naked...and if you're lucky they haven't deleted all your chars.

I think the bans are rather related to owning a duped item.
But people who buy and trade stuff...can't see or smell when they are given a duped item.

When you see a vendor selling expensive things in mass stock of 100 pieces...then you know 'ok these are probably duped items'.

guilty or not? we don't know...i doubt we ever will.
Only EA knows...

Some say EA doesn't ban without any reason.
Question what gets people banned?
Owning a duped check? owning a duped item , purchasing a duped item , selling a duped item?

 

[Faerunner]

If that is possible and plausible, then I'm doubly glad that I don't own any high-end items except my Blaze of Death from Mel last week and a barbed runic sewing kit I pulled from an IDOC. If that kit got me banned I'd be ticked, because I play on such a low level that I'm generally under 1mil in gold at all times... I'm not worth being hacked or targeted for dupes (I hope!).

Really I like playing better when I don't have everything at my fingertips... if the solution to avoid being hacked is to play simply and avoid the high-value stuff, then so be it. It's not for everyone, though, and I feel bad for any who might have had this happen!

Edit: Bans probably occur for all those reasons... although I would strongly urge EA reps to double-check on all flagged items which have changed hands EVER, because it's quite possible for those who pick up items from an IDOC or find a single item on a vendor to get something flagged without ever knowing, and without meaning to. I think in situations where there is no way you could know, it's safe to assume you're innocent, right? If one of my "rare" potted plants is a dupe (unlikely, I think!), I would never know, because I got them from IDOCs and no one has ever mentioned a dupe although it's possible it would be a veeeeery old one. Old items do still float around in the game every so often. I do wonder about those who continue to buy items that might be duped without suspicion... but that is something they risk, I guess, and if EA wants to ban them, it's in the TOS that they can. :/

 

[Llewen]

Well as i stated before...it's hard to believe someone hacks someone else's account without touching it...or barely touching it.

Hackers usualy loot your account dry...leaving your chars naked...and if you're lucky they haven't deleted all your chars.

That's what a stupid hacker would do, or one who lives in a country with a weak or corrupt justice system. A smart hacker, who perhaps has a respectable job, a wife and family, and lives in a country where the police are smart, active, and not as prone to corruption as they are in some places, would do what I have described...

 

[Fox (Europa)]

a country with a weak or corrupt justice system

Like the US?

 

[Faerunner]

Like the US?

Our justice system is plenty strong... it's just plenty slow, too, which makes it awfully difficult to punish someone properly when they know they'll just get 5 months worth of free food and housing while waiting trial (or worse, get let out for 5 months to commit more crimes while waiting).

The least EA could do is move a little quicker on the temp bans to stop the immediate source of a dupe, and then start putting priority investigations (ie, big dupes) before the little guys so they get passed on, done with and out of the game!

 

[Llewen]

I walk away with a few grand, maybe more...

I should correct that. What I have described wouldn't be worth it for a "few grand" but based on the prices another poster who claimed to have been in on the duper side of the equation posted, the potential is there to make far far more than just a few grand.

 

[Fox (Europa)]

The least EA could do is move a little quicker on the temp bans to stop the immediate source of a dupe, and then start putting priority investigations (ie, big dupes) before the little guys so they get passed on, done with and out of the game!

But that would require constant effort from a non-existent GM staff and near-non-existent dev team. Its a lot cheaper and easier for them to do it the entrapment way.


Fox

 

[Faerunner]

Then damnit, they should hire me as a GM! I've got all the time in the world as I'm jobless atm. I might as well get paid for training mining and finding scripters, right?

 

[Lady_Mina]

Like the US?

Like belgium?

LOL

Believe me , if you're account is looted dry by a hacker and your chars are totaly stripped naked...there's not much you can do about it.

Except email EA or call them...and HOPE they'll look into it.
but they won't...

 

[Erekose]

Nobody's account gets 'hacked' per se. That conjures up images of some elite computer guru using some hidden tricks to break into an account. It just doesn't work that way. When someone gets 'hacked', one of the following things has happened:

1. They had a really weak password and account name.
2. They shared their password and account name with someone.
3. They didn't practice safe computing and wound up getting a keylogger on their machine, which then let the 'hacker' access the account.


In every case the person who is to blame is the user who got 'hacked'. It sucks, yes, and I don't like seeing people lose their stuff, but it should serve as a wakeup call to people who do not take their security seriously.

 

[Llewen]

Nobody's account gets 'hacked' per se. That conjures up images of some elite computer guru using some hidden tricks to break into an account. It just doesn't work that way. When someone gets 'hacked', one of the following things has happened:

1. They had a really weak password and account name.
2. They shared their password and account name with someone.
3. They didn't practice safe computing and wound up getting a keylogger on their machine, which then let the 'hacker' access the account.


In every case the person who is to blame is the user who got 'hacked'. It sucks, yes, and I don't like seeing people lose their stuff, but it should serve as a wakeup call to people who do not take their security seriously.

You should know better. A hacker can install a script or a trojan on your computer that will email him your account name and password as quickly and easily as downloading a page on a website. That is why you absolutely should not be surfing the web with Internet Explorer, and absolutely should be surfing the web with Firefox with NoScript installed as an addon.

That won't make you perfectly safe, but it will greatly lessen the chances that your personal information will be stolen.

And yes, it does take some technical expertise to know how to set up a website to do this sort of thing.

 

[Erekose]

You should know better. A hacker can install a script or a trojan on your computer that will email him your account name and password as quickly and easily as downloading a page on a website. That is why you absolutely should not be surfing the web with Internet Explorer, and absolutely should be surfing the web with Firefox with NoScript installed as an addon.

That won't make you perfectly safe, but it will greatly lessen the chances that your personal information will be stolen.

And yes, it does take some technical expertise to know how to set up a website to do this sort of thing.

Which part didn't you get about the keylogger option? Otherwise known as a trojan...and it can't be installed if you take steps to protect yourself. It takes very little skill to setup a website to install one; entire kits can be obtained easily online that do most of the work for you.

EDIT: Don't get me wrong; I don't take any joy in people losing their stuff and/or accounts. I'm just tired of hearing people talk about how they were magically 'hacked' when they could have prevented it 99.9% of the time.

And I've done security consulting for many years professionally, so I think I know what I am talking about.

 

[Faerunner]

You should know better. A hacker can install a script or a trojan on your computer that will email him your account name and password as quickly and easily as downloading a page on a website. That is why you absolutely should not be surfing the web with Internet Explorer, and absolutely should be surfing the web with Firefox with NoScript installed as an addon.

That won't make you perfectly safe, but it will greatly lessen the chances that your personal information will be stolen.

And yes, it does take some technical expertise to know how to set up a website to do this sort of thing.

I could set one up with no previous knowledge of how it worked in probably 30-60 mins tops, and that includes coming up with a creative but believable domain to draw people in... "technical expertise" in this case means figuring out a few config files and knowing which sites to visit to find what you want.

I get phishing emails leading to sites like this daily in my university email account... all from different cheap overseas domains. It's not that hard to set up if the spammers are doing it and switching domains weekly. I also report most of those emails and watch carefully for more, use Firefox and NoScript, run adware removal and antivirus software regularly and have educated myself on the usual tricks... that doesn't mean I can't still be victim to a keylogger, just that it's less likely.

If I got "hacked" though, I'd be changing passwords on everything as soon as I could, canceling my credit card and changing its number, and making sure that the infiltrator didn't "accidentally" stumble onto more of my account info for other sites, or my bank info, and do more damage than just a house cleanout.

 

[Llewen]

Which part didn't you get about the keylogger option? Otherwise known as a trojan...and it can't be installed if you take steps to protect yourself. It takes very little skill to setup a website to install one; entire kits can be obtained easily online that do most of the work for you.

EDIT: Don't get me wrong; I don't take any joy in people losing their stuff and/or accounts. I'm just tired of hearing people talk about how they were magically 'hacked' when they could have prevented it 99.9% of the time.

And I've done security consulting for many years professionally, so I think I know what I am talking about.

Well then you should also know that probably the majority of the billions surfing the web haven't taken the steps necessary to protect themselves, and for most it is simply a matter of not understanding the risks involved or the steps that can be taken to minimize those risks, and I'm sure the same basic proportions apply to the UO community.

Yes the vast majority of successful "hacking" attempts can be prevented, but that doesn't make it any less devastating when it does happen, and with the scenario I have described, the person could be victimized and not even know it has happened. In this situation who is going to believe the victim, except for a few close friends? EA will have proof positive that the account was used improperly, and the victim won't have a clue what has happened or why.

The only hope for the victim in this case is if ip's are logged in UO, and EA is willing to take the time to push what they would already see as a thorough investigation, one step further. My guess is ip's aren't logged, except in special circumstances, but if they are, then any logs of those ip's should show that during the times when the illegal activity was taking place, the clients' ip's wouldn't match their normal ip, or range of ip's.

 

[Eslake]

Considering I know someone who was hacked, and they only lost a few items, this theory has some weight to it.

Not really.

Do you really think that someone unscrupulous enough to hack an account to get at its rares to dupe them - would then walk away from the originals?

That's another umpteen million worth of rares! No way they would just leave them.

 

[Llewen]

Do you really think that someone unscrupulous enough to hack an account to get at its rares to dupe them - would then walk away from the originals?

That's another umpteen million worth of rares! No way they would just leave them.

They would in the scenario I've outlined, for the reasons I already explained.

Having posted all this though, and I think this it at least part of what Erekose was getting at. You are responsible for the security of your own account name and password, and even in the scenario I have laid out, even though you are a victim, you are still technically in the wrong, and the account suspension would be justified. EA can't be held responsible for account security beyond providing a secure way to enter account names and passwords, and secure access to account management given the proper account name and password, but the security of that account name and password itself is the client's responsibility.

 

[NuSair]

You should know better. A hacker can install a script or a trojan on your computer that will email him your account name and password as quickly and easily as downloading a page on a website. That is why you absolutely should not be surfing the web with Internet Explorer, and absolutely should be surfing the web with Firefox with NoScript installed as an addon.

That won't make you perfectly safe, but it will greatly lessen the chances that your personal information will be stolen.

And yes, it does take some technical expertise to know how to set up a website to do this sort of thing.

And you should know better too. Firefox is much easier to hack than IE. In each test they do, routinely Firefox / Opera is hacked faster and more completely than IE. That's a simple fact.

The only reason the perception is out there is because firefox don't have enough of the market for hackers to make it worth their time and effort to hack it. Doesn't mean it can't be or hasn't been done.

 

[NuSair]

Here's one for you:

Draconi's been gone how long and JUST came back? And we JUST get a supposed post from speedman? And the bannings at the same time?

What if for the past couple of weeks they've been watching people, tracking people, reading though chat logs (anyone who thinks their cyber chats aren't being watched / saved to a harddive somewhere are just deluding themselves. You should see some of the stuff I've got, and that's just from stealthing- GREATEST SKILL EVER!!!) and data mining.

What if that's what they've been working on, and now we are seeing the fruits of their labor.....

 

[Erekose]

Well then you should also know that probably the majority of the billions surfing the web haven't taken the steps necessary to protect themselves, and for most it is simply a matter of not understanding the risks involved or the steps that can be taken to minimize those risks, and I'm sure the same basic proportions apply to the UO community.

Yes the vast majority of successful "hacking" attempts can be prevented, but that doesn't make it any less devastating when it does happen, and with the scenario I have described, the person could be victimized and not even know it has happened. In this situation who is going to believe the victim, except for a few close friends? EA will have proof positive that the account was used improperly, and the victim won't have a clue what has happened or why.

The only hope for the victim in this case is if ip's are logged in UO, and EA is willing to take the time to push what they would already see as a thorough investigation, one step further. My guess is ip's aren't logged, except in special circumstances, but if they are, then any logs of those ip's should show that during the times when the illegal activity was taking place, the clients' ip's wouldn't match their normal ip, or range of ip's.

I never said it wasn't devastating and I never said I had no sympathy for the victims. I said it was preventable, and as I've also said before people should LEARN from what happens to others and take measures to protect themselves.

 

[Oriana]

Nobody's account gets 'hacked' per se. That conjures up images of some elite computer guru using some hidden tricks to break into an account. It just doesn't work that way. When someone gets 'hacked', one of the following things has happened:

1. They had a really weak password and account name.
2. They shared their password and account name with someone.
3. They didn't practice safe computing and wound up getting a keylogger on their machine, which then let the 'hacker' access the account.


In every case the person who is to blame is the user who got 'hacked'. It sucks, yes, and I don't like seeing people lose their stuff, but it should serve as a wakeup call to people who do not take their security seriously.

Jeremy stated at this past Townhall, she was hacked in another game, a keylogger was embedded in an advertisement on a site she went to regularly. Now color me silly, but Jeremy didn't seem the type to not take precautions on her computer, as with most people in the industry. She even stated wasn't the sites fault and there was nothing she could have done to protect herself from that attack. So no not every case should the user be blamed.

Ori

 

[Mulch]

For her sake I hope the customer service was better than a 'Tough luck we do not restore anything'.

 

[Llewen]

And you should know better too. Firefox is much easier to hack than IE. In each test they do, routinely Firefox / Opera is hacked faster and more completely than IE. That's a simple fact.

And you've been paying attention to too much M$ BS...

Tell you what, you keep using Internet Explorer, and I'll keep using Firefox. We'll check back in a couple of years. I'm willing to bet that if one of us is hacked, it won't be me...

 

[Arcus]

Jeremy stated at this past Townhall, she was hacked in another game, a keylogger was embedded in an advertisement on a site she went to regularly. Now color me silly, but Jeremy didn't seem the type to not take precautions on her computer, as with most people in the industry. She even stated wasn't the sites fault and there was nothing she could have done to protect herself from that attack. So no not every case should the user be blamed.

Ori

She even stated wasn't the sites fault and there was nothing she could have done to protect herself from that attack

She is ABSOLUTELY wrong...nothing she could do? Sad coming from someone, as you put it " people in the industry"

embedded in an advertisement

Ad block every add. Run firefox with no script. Browse in a VM browser for a sandbox. Browse on a different machine running an operating system that is not going to have problems with flash add trojans., in other words anything other than windows.

I could go on and on and on. There are many things she could have done to prevent this and if she really did say there was "nothing she could do to prevent this" then I am worried she is waaaay out of touch with the current state of IT, dare I say computers as a whole. Sad really.

 

[Arcus]

The only reason the perception is out there is because firefox don't have enough of the market for hackers to make it worth their time and effort to hack it. Doesn't mean it can't be or hasn't been done.

How does one 'hack' a browser? Dial in to it using a war dialer or what?

*rolls eyes and goes back to firefox*

 

[Llewen]

How does one 'hack' a browser? Dial in to it using a war dialer or what?

I'm not arguing with you here, just explaining myself. I realize the word "hacked" irritates some people, especially professionals who have IT security experience. When I use the word "hacked" I mean anything that is done to steal your personal information, whether it is technically "hacking" or not, such as key loggers, passwords used by your children, passwords that are brute forced because they are weak, phishing sites, exploited vulnerabilities in browsers, etc. I am using the term loosely.

 

[NuSair]

And you've been paying attention to too much M$ BS...

Tell you what, you keep using Internet Explorer, and I'll keep using Firefox. We'll check back in a couple of years. I'm willing to bet that if one of us is hacked, it won't be me...

You're right, 20 years in the business, I have no clue what I am talking about.

Sure thing, I've used them all, and currently using IE.

I'll be more than happy to take that bet. How much?

 

[NuSair]

How does one 'hack' a browser? Dial in to it using a war dialer or what?

*rolls eyes and goes back to firefox*

First of all, get educated...this does a good job.

http://en.wikipedia.org/wiki/Hack_(technology)

There are lots of ways to hack browsers, from benificial to malicious.

Let's see.... since you bring up dial... with Java back when dialup was the main way to connect to the net, a Java script could edit your dial-up connection properties and have you dial long distance to get connection.

These days, they are more subtle. 1x1 pix images, port sniffers, packet sniffers.... but you keep your head in the sand.

 

[Erekose]

IE is perfectly safe if one takes the proper measures to protect oneself.

 

[Llewen]

Well, back on the topic. More likely than my conspiracy theory is that most of these people were doing something that was against the TOS, but they had been doing it so long they no longer recognized it as cheating. I suppose there is also the remote chance that someone made a mistake and passed an incorrect list of account names to the gm's.

But I'll repeat myself, I am pretty certain that at least 99% of the people that were banned were banned justly.

 

[Llewen]

Even a duper can only have so many credit cards.

I don't think you realize exactly how many active credit card numbers, together with all the account information and so called security number, are for sale on the net, for quite low prices, if you know where to look. Suffice to say that a serious criminal, or criminal organization, can be assured of a virtually limitless supply. And if you think serious, hard core, organized crime hasn't at least been sniffing around mmo's, and the "easy money" to be made, you would be naive.

This isn't meant to be a flame of your post, just maybe the tiniest, out of focus glimpse of what the devs are really up against in trying to clean up, and keep clean, an mmo like UO.

 

[Maximus Neximus]

Well, back on the topic. More likely than my conspiracy theory is that most of these people were doing something that was against the TOS, but they had been doing it so long they no longer recognized it as cheating. I suppose there is also the remote chance that someone made a mistake and passed an incorrect list of account names to the gm's.

But I'll repeat myself, I am pretty certain that at least 99% of the people that were banned were banned justly.

What makes the situation bad is that the "1%" have no chance of clearing their name. A friend of mine tried to do this got no help. Here was the response...

----------------

"Subject I would like more information on why my account, xxxxxxx, was banned today... Discussion Thread Response (EA Rep Baxxxxxx) 08/04/2008 06:31 PMGreetings,

Thank you for contacting Ultima Online Support.

I am very sorry to hear of your account being terminated. However, you were found to be in possession of a multitude of highly illegal items in Ultima Online. Due to the severe nature of this ToS violation, your account was terminated. Sufficient evidence was verified to justify this termination.

Please be advised, we cannot give specific detailed information as to what items were in possession but be assured that we have fully investigated each case separately and found your account to be in violation.

The action taken against your account was just and will stand. If you would like to see any changes made to our Rules and Policies, please feel free to submit feedback via the UO Herald by visiting
http://uoherald.com/feedback/index.php

Any further replies regarding this subject will not be acknowledged."

---------------

My friend transfered a couple times but has 100% for sure never duped. They bought gold a couple times from brokers, but never a big amount. I find it completely absurd that they won't even acknowledge a customer any more... You better believe they're closing the rest of their accounts and that saddens me.

 

[Maximus Neximus]

Can we get any official word as to why EA will not tell people what they were banned for or give them a chance to debate it.

 

[classical]

This was'nt just a sweep for the val hammer's it also included bod's barbedkits as well as your hammers
your right in the theory about price's but most people will look for the lowest price possiable for that item so in doing so when they buy it they can mark it up and make there profit as well.
I for 1 hate duper' hacker' scripter' they wreck the game whole heartly.But in all honesty alot of innocent people did get the same aproach.If you bought the item off a vendor then applied to your's or bought collection item's and rare's.
There program look at it as it your' your the one duping them in all fairness many were not guilty of this alot didn't have no offence's to there account some players termanated were 10yr old vet players.

The support team area is what really need's work as well and there automated response's in all honesty sometime's peave a person off because they rather talk to a live individual than a automated service.
You call osi they'll tell you there nothing they can do they can however give you a number to the suupport team ,However when you can go thru there automated service tell them verbally what game it for.
there option's are limited and when u hit number 7 to try to get a real person there system hangs up the phone(Good customer relation)? no not really?
Here"s the cake and iceing to you can go plead your case to them but if it was found in your house your automatically guilty(i used to think i live in the united states) where you were inoncent untill proven.
But the program the run to find the identical number's on item's duped tell's them your gulity gulity guilty.
they won't listen to reason as well alot of account's termanated did not have 1 offense to them in all the year's they've played this did not seem to matter to them.One would think knowing that it be taken into consideration however it not.
Your also right on a very valid point most these duper's have massive credit card's that allow them right back in the game as well.
My serious qestion now would be have they remove all the dupes ? will they now bann a duper flat termanted his account so no one obtain's there items from a idoc?
And can they now gurentee what's remain's of the vendor's at this present time is safe to buy after this sweep.
I personally think if after they sweep they should suspend the accounts' and 1 at a time go thru them in doing so the innocent people would be protected,
The pure honest fact is no one in game can tell if a item dupe's yes it suspisous if price is really low (saying be to good to be true) stay away from it.
But most your duper will stay within a safe margin of the price why so they dont get caught
they make massive account(they call them dummy account's) you termanate them boom there right back in.
so support team and dev's what's going to keep this from happening again how can you protect us? yes many are upset and mad they feel they're not being heard.
If we the player's of this game know there routines why cant you spot them?
Why cant you just delete the duped item's you would know where they at what house or vendor then keep a eye out to whom stocking them in doing so one would think and assume you'd catch more of your duper's
This would also protect the innocent ones as well.Is it to much to ask to have a safe game to play where we can have fun and enjoy it without the fear of getting termanated>I dont think so.

the reason this doesnt hold water to the b/f account this he hadnt played in over 2 month's never did bods never bought nothing from vendors as well why he get terminated for this reason.
were router together with are computer as many are there assumption was it was another 1 of my accounts suprise it wasnt so see there not always right in what they do

 

[Edgar]

Well as i stated before...it's hard to believe someone hacks someone else's account without touching it...or barely ouching it.

When my account was hacked they only took a few items, like my blessed silver vang katana, and a rare orc skin mask from an orc attack in moonglow (was only one of them on my shard), a singing ball, and some other rares. They did leave all my chars dead in bucs den. Otherwise account was ok. But I do find it hard to beleive that a hacker would put stuff back.

 

[Bobar]

But I'll repeat myself, I am pretty certain that at least 99% of the people that were banned were banned justly.

Ok lets say you are right and using a figure of a hundred players 99 were correctly banned.

Now what about the poor sod who is number hundred?.

The way this has been handled the player may have had a castle deleted - 400 - 600 mill? - all the contents, amount unknown, but likely to be several millions. An investment in time and effort of several years all gone FOR EVER.

This cannot be right. I firmly believe in this principle.

Blackstone's formulation (also known as Blackstone's ratio or the Blackstone ratio) is the principle: "better that ten guilty persons escape than that one innocent suffer", expressed by the English jurist William Blackstone in his Commentaries on the Laws of England, published in the 1760s.

With better handling this whole issue could have resulted in the guilty being punished and the innocent, if any, cleared.

 

[Zofinur]

Now what about the poor sod who is number hundred?

And even imagine, it´s you, yes YOU who´s reading this at the moment!
Would u still be happy?

@Bobar: Really like the way u say/write things. Kinda jealous of ur writingskill ...

 

[Revenant2]

What if at least some of these people who claim to be innocent really are, and have been victimized by a hacker?

The idea of a "stealthy" hacker with ongoing access to someone else's UO account would be uncommon because oftentimes the person's items are simply stolen. But, there are specific cases where it would make sense, and an account with a ton of rares is one of them.

In a case where an account owns numerous, high-profile items, to simply steal the items could attract more attention than the hacker is comfortable with. Such a hacker might be scared to do it because that high-profile a theft might get EAs attention enough to make them actually pull data off of a backup copy of the server and trace the ItemIDs and find the MFer who did it.

To steal the items in the safest way possible, the hacker would cause the items to be duped without the owner's knowledge and of course without allowing the owner to know that the account had been compromised. It doesn't take a script to effect such a thing, just being careful.