Jump to content

Some thoughts


Brainfree

Recommended Posts

Before I go to bed, I usually ponder around the forms every now and then to see what's up. Well frankly It seems jagex has got automation by the balls (so it's seems) when it comes to detection, or well in the sense that we have no real clue on how they're doing it. The proof simply is there is such a term as 'ban waves', ironic terminology in a scene, but basic proof they they are winning, so we must ask, how do we strike back? If we all be honest, human interaction and predictability is nearly impossible to determine or predict, but it is pretty much science in a scene. With that in mind, we know as humans in order to counteract anything usually the reciprocal is the optimal choice, in this scene, it's input. They can only measure by our output, and have a finite set of rules for which they filter this data. For example; No two humans are the same, people react faster then other, learn slower, goof around, are always random. So we must ask out of all of this, what can not be filtered? What set of input are sending over as proof that we are not human? Keeping in mind it's a science in a scene, there is laws of human reaction and motor skills that have been formulated though simple data mapping, one of the most popular is Fits Law, which formulates bit-difficulty of a path based on target size and distance, which has been widely accepted, and implemented in all forms of professional UI-development, for which i am most cretin they incorporate in there 'deep logic' algorithms. One way of finding these set of interaction rules is to simply video tape yourself doing a series of action, then have a automated script do the same, compare, and piss your pants laughing on why people get banded, but really, taking noted on yourself and finding the patterns is the best anti-ban you'll ever make.

 

On another note, using 'anti-ban' methods that were once a loophole in there automation-detection years ago, seems silly to incorporate under the scene they they still work, they probably do, but I'm sure they are not weighed nearly as much at is is now. Mainly knowing it's nearly a given in every script. So when are developers going to move on past camera turrets, and skill molestation as their 'universal' anti-ban?

 

So what set of rules do you think they can not filter (Laws)? What can they filter? 

 

I'm off to bed.

Edited by Brainfree
  • Like 2
Link to comment
Share on other sites

I think you're overthinking this....

Not really.

In reality all he's asking is what variables give off indications that we're bots. I personally believe it's client related. If a "bot wave" goes through and I'm running (osbot/Tri) doing identical tasks in same place, I don't get banned on both, usually just Osbot one. Sure one can argue that it's the anti ban difference between the two scripts that I use, however I believe that anti-bans on most/all premium scripts that I have used are very human like and you can only mimic such behavior to such an extend. Therefore I believe it has nothing to do with antibans and more to do with the client.

Obviously just a theory and I have a million more, but I suppose it'll be a while before we find the truth.

Link to comment
Share on other sites

My theory for bans:

Multiple connections under the same IP address with accounts that have been repeating the same action (mining/fishing/etc) for hours on end and have a certain amount of user reports. Even if you use breaks, it's seems pretty "bot like" to just log in and then keep repeating the same action as you were before since most legit users get bored and train another skill or partake in another activity.

Also on another note:
During the banwave that happened earlier this month, I checked tri/os and users on both sites experienced a mass of bans which gets me thinking that this may be more IP related than anything.

My Experience:
I was on my computers moving items to my mule, while they were "Ip banning me". I realized they were doing this when I saw one account logged out and tried to log back in only to find the account was disabled. I turned off my computers, and reset my ip address and found out that only 15 out of 45 accounts were banned. One of them being my mule which has NEVER been botted on or even merched on. 

Link to comment
Share on other sites

If we dissect the client, we can see any methods used to monitor interactions, which I don't know if there are any. Assuming there isn't, we can assume that all the bot detection is done on the basis of the packets we send. To truly see how the detection works, we need to dissect the packets we send to see what information is in them.

Going into detail with packets, they can probably see repetitive patterns of packets sent. If we mix it up a bit and throw a bit of randomness into it I feel we can defeat them. It seems they only ban based on statistical proof of botting. Hell I would if someone sent the same door open packet 1000x as if it was stuck in a loop.

The question is what random packets can we send. Anything that we have to send to the server is sent in a packet. For instance clicking cut down tree, it tells the server what we want to do. Sending a message to a friend, etc. Hovering over skills doesn't send packets so in my opinion it is useless.

The next thing that comes to mind - timing of the packets. It's not only the repetition, it's how quickly packets are sent together in patterns.

So as a conclusion, I think botwatch is simply pattern recognition software.

see http://rswiki.moparisthebest.com/index.php?title=317_Protocol#Client_-.3E_Server_Packets

A few ones that come to mind are

95 FIXED 3 Privacy options Sent when a player changes their privacy options (i.e. public chat).

21 FIXED 2 NPC action 3 Sent when a player clicks the third option of an NPC. (examine etc)

214 FIXED 7 Move item Sent when a player moves an item from one slot to another.

3 FIXED 1 Focus change Sent when the game client window goes out of focus.

this is also interesting

mfPnLgR.png

Edited by dreamliner
Link to comment
Share on other sites

Two words. Proxy tabs.

 

All a Jmod has to do is check the ip of one of the accounts and now he can see rest of the accounts and their game play statistics. "Smart" new anti-ban methods may help but they still won't stop the core of most mass bans, which are manual Jmod bans.

 

Proxy tabs would reduce bans significantly, instead of 15/16 accounts getting banned only 1 or 2 will, since rest will point to a different ip based on the proxy.

 

Other than that it is possible to make specific anti-ban methods with algorithms based on user stats/name/etc and no two accounts would be performing the same order and set of actions.

Edited by Th3
Link to comment
Share on other sites

Two words. Proxy tabs.

 

All a Jmod has to do is check the ip of one of the accounts and now he can see rest of the accounts and their game play statistics. "Smart" new anti-ban methods may help but they still won't stop the core of most mass bans, which are manual Jmod bans.

 

Proxy tabs would reduce bans significantly, instead of 15/16 accounts getting banned only 1 or 2 will, since rest will point to a different ip based on the proxy.

 

Other than that it is possible to make specific anti-ban methods with algorithms based on user stats/name/etc and no two accounts would be performing the same order and set of actions.

 

Not a bad idea.

Correct me if I'm wrong but do low quality proxies lag runescape? I remember using a proxy to surf the web and it was incredibly slow.

Link to comment
Share on other sites

JaGeX have control over the gaming environment, so I would assume they have systems set in motion that look out for large clusters of players (that aren't in consistently populated areas), and track what activity they're parking in (i.e., woodcutting) and how they interact with the gaming environment against the other fellow players.

 

I assume that they average out the interactions of everyone involved and see if there's a correlation between obvious botters. They probably map out movements on a 2D grid and see if there are oddities in paths that a large cluster of users/bots seem to exhibit routinely.

 

JaGeX probably graph out user interactions with in-game entities to see if there are common delays with particular players. While such data could be dismissed if it gathered from an isolated individual, I'd imagine that if the interaction patterns are frequent among multiple players, it's probably flagged as a call to concern.

 

I assume they verify their findings by sending in in-game mods to evaluate the environment and the users. Your script may check for mods, but that won't do shit. Remember; JaGeX control the game. It wouldn't be far-fetched to assume they have the ability to exist server-side only--if they wanted.

 

 

 

It's why I find anti-bans redundant. They don't do much. Jagex may be able to snipe out large clusters of bots in a single instance, but when it comes to bots who occupy the almost "outland" regions, I think they rely on other fellow players to file a report. ...Which is why I find anti-bans redundant. Once you're reported by a fellow player, it doesn't matter how much you shake your camera or hover over your skills, it's too late to "un-file" the report set against you. And you only justify said report if you continue to exhibit robot-like responses.

Edited by liverare
  • Like 1
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...