On July 29, CCP released their EVE Security Update for 2020. In it, they put up a bunch of interesting numbers: botting accounts banned, number of reports files, number of accounts filing reports, and more, all for the first seven months of 2020. A slightly deeper look raises a few questions, though. Thankfully, CCP’s provided a lot more information to work with… just… not in this update.
As some players may remember, last year CCP released monthly security updates. At least, they did in July, August and September. They also released a Q1 Security Update, about 2/3 of the way through February. That means, of course, that it only covered half of Q1, but one report in half a quarter is like two reports for the whole thing, right?
EVE Security by the Numbers
Last September, 2,822 accounts were banned for botting-related activities. In August, 4,369 botting accounts were banned. July saw 777 accounts banned for botting, and also included the numbers for the full first half of the year: 12,446. So by the end of July, 13,223 accounts had been banned for botting. By October 1, the total was 20,414 botter accounts banned, at an average rate of just over 2,250/month. (August’s spike averages pretty smoothly with July’s dip, probably as a result of the Blackout making it harder for people to spot bots, because the bots couldn’t behave like bots.)
Compare that with this year, where—according to Team Law and Order—’an automatic reply sent to all users whose in-game bot reports led to CCP taking action’ has ‘driven use of the Report a Bot feature and added a much-needed feedback loop’. According to this latest EVE Security Update, Between January 1 and July 29, 13,600 EVE accounts filed a total of 107,000 bot reports. 27,000 of them even got 4,600 accounts banned. That’s an average of 657 accounts per month. So if the new auto-reply is driving reports, it’s driving them down, to one third of last year’s levels.
Is the new auto-reply driving reporting numbers down? Of course not. The auto-reply is a good thing. It is, as the update says, ‘a much-needed feedback loop’. So what’s the deal there? Are there simply fewer bots in EVE Online? Or are they just not where people are looking for them?
Are They Hiding?
The fact of the matter is… we don’t know. CCP provides a helpful graph that ‘tracks attempts at hiding from the law, year to date’, but only one axis has any label. We also don’t know how they determine the “numbers” they used to create the graph. We just know the line goes up and down. And yeah. It totally does, in fact, go up and down. But I couldn’t tell you what the highest value, on about May 11, represents, nor the lowest, on about Jan 24. And obviously enough, that means we have no idea what the change, or even the proportion there, is. So… pretty graph. Very graph-y… but not exactly useful, or informative.
And… just as an aside, doesn’t every bot attempt to hide from the law? It’s not like they’re out there telling people that they’re bots. Not even chatbots do that, and talking to people is all they do!
What about the Reporting?
CCP’s EVE Security Update numbers also tell us something about the reports they’re getting. If 27,000 of 107,000 reports were actionable, that means roughly 3/4 of all reports are wrong. 107,000 from 13,600 accounts also means an average of 1 report per month from each of those accounts. However, CCP’s also given us a helpful chart for how likely that is, in the form of their anonymized ‘Top 10 List’ of bot-reporters.
CCP’s Top 10 reporters. Good thing they’re all friendly!
So, if FriendlyCapsuleer01 reported 287 accounts instead of the average of 8, then that means that account, by itself, is filing almost 36 accounts’ worth of bot reports. Does this mean these 10 accounts are just more observant? More vigilant? Just spamming reports of ‘BOT!!!’ whenever someone gets away or mines a rock they wanted? Remember: those numbers are just the reports that got accounts banned. With 1800 reports between them, they account for 15% of all bannable reports. And we don’t know how many reports those 10 filed that weren’t actionable. If it’s the same as the overall average, that means FriendlyCapsuleer01 there filed 1,137 reports to get those 287 actionable ones. CCP doesn’t give us enough to get a good picture of why these people filed so many reports, but they’re definitely an out-sized part of things.
BTW, the Bad Guys are Bad
After reassuring us that GeForce Now really is a perfectly valid way to connect to EVE, Team Law and Order gives us the normal warning about people trying to get into our accounts. It’s even accompanied by another helpful graph! Once again, only one axis is labeled, but this one, we’re told, shows that bad guys are actively trying to get into legitimate players’ accounts. And you know, I’m sure it does. But again, there are questions.
The more yellowish line represents a ‘baseline for a healthy EVE Online’. The other, darker line, shows where ‘groups driven by financial motives are trying to break into’ players’ accounts. But how is that baseline determined? What does a ‘healthy EVE Online’ mean? Is that the year-over-year average? Does CCP have any idea why both lines show such intermittent activity? Why is this year’s activity during those intermittent spikes so much higher? Are the surges in the yellow line a result of the surges in this year’s activity? If so… why is that factored into the ‘baseline for a healthy EVE Online’? In some ways, this security update just makes things less clear, and raises more questions than it answers.
In Conclusion
CCP closes out the EVE Security Update with predictable, expected advice. But it’s good advice: Activate 2-Factor Authentification. Don’t reuse passwords. And please, don’t engage in RMT. Don’t buy, don’t sell, including from third-party sites. Don’t bot. All of these things hurt the game, and risk your account. And none of them are worth it. So just don’t do it. And if you think someone else is doing it? File a report. Don’t complain to friends, don’t bitch to alliance leaders. Tell CCP.
And who knows, maybe one of these days, what they tell us will have enough information and context to really inform us.
