Server Help

Zone Hosting / Advertising - Major Non-SSC Biller

Chambahs - Tue Aug 26, 2008 10:53 pm
Post subject: Major Non-SSC Biller
I made a post on www.sscouncil.com/forum (which is currently down) that asked the opinions of zone hosts about making a major non-ssc biller.

That idea has become reality. The non-ssc biller has been made. We are currently using Snrrrub's advanced SSA biller. SSW, BlueT and SSA's zones are currently connected to it. This post is just stating what has been done, and I would like to invite any new non-ssc hosts/zones to the biller.

If you are interested in joining our biller, please contact either me or snrrrub. We strive to establish a community on the non-ssc biller, and so far, its becoming successful.

(Sticky please?)
L.C. - Tue Aug 26, 2008 11:22 pm
Post subject:
B_M network had recently gotten registered with the biller.

I don't know of the biller having much to do with SSA, though I could be wrong. The biller actually has a name but I don't know whether it'd be ok to mention it or not. sa_tongue.gif
Snrrrub - Tue Aug 26, 2008 11:54 pm
Post subject:
This isn't a clandestine operation of any sort; the name of the biller is Isometry.

-Snrrrub
Hakaku - Wed Aug 27, 2008 1:55 am
Post subject:
Kind of silly to make a unified non-ssc biller, and then state that you have to request permission to join. Sounds like a neo sscouncil arrising, and yet I thought we passed this stage.
Cheese - Wed Aug 27, 2008 2:34 am
Post subject:
and why would isometry accomplish any more then cz bluet b_m or any others would be able to...?

a few billers with 0 population is just as effective as 1 biller with 0 population...
Snrrrub - Wed Aug 27, 2008 3:49 am
Post subject:
Hakaku: it's open for access but it's important to make sure people don't step on each others' toes (i.e. they're using the right ServerID, ScoreID, and GroupID). Going forward, I hope to have a system by which you're automatically given unused IDs. Nobody has to seek permission - just configuration information that doesn't conflict with what's already there. Again, that manual process will be eliminated in the future.

Cheese: there are a number of reasons why Isometry is a better alternative to what's currently out there:

1) actively developed
2) built on top of a relational database with transactional operations
3) BanG-style bans and aliases done right (i.e. alias checking on IDData)
4) secure against password stealing (more about this soon)
5) open policy towards zones
6) open policy towards data (looking forward to website integration)
7) consistent, nightly backups of database
8) hosted on a real server

Access to the SSC biller is limited largely because the zone host and (potentially) the zone owner can steal passwords. Another major factor is that the SSC biller is still a binary hack of the original subbill and may have security vulnerabilities that could be hard to fix so only trusted servers may connect. Given what they have, the council is making the best possible decisions to safeguard the game.

Isometry, on the other hand, is not a binary hack - it's 100% original source code so vulnerabilities can and will be fixed. It also prevents zones from stealing passwords so it's safe to remove the zone warning for these zones (admittedly, this feature requires an update to the client which I will release in the next couple of days). With these issues resolved, there are few reasons to keep the biller behind a firewall with strict access control.

A few billers with 0 population don't even have a shot at growing population since they're all entirely isolated. Sure, if you're extremely pessimistic, you could argue that the chance of growing a population with a unified biller is minuscule (although I disagree) - but it's more likely than isolated billers and costs nothing except a trivial configuration change! If it adds population, everyone is happy, if it doesn't you're no worse off than before.

-Snrrrub
Maverick - Wed Aug 27, 2008 5:33 am
Post subject:
Suppose every non-SSC zone uses your biller. What will happen to the biller's development when you're gone, Snrrub ?

P.S. Where can I find information about the biller, I can't really find anything about it on your website (?).
Hakaku - Wed Aug 27, 2008 5:15 pm
Post subject:
Quote:
Given what they have, the council is making the best possible decisions to safeguard the game.

If that were true, then the council should have pushed for a better biller years ago. Just admit it, they're a bunch of sitting ducks whose job is to gain power. Which prompts another question, (since I noticed you provided a patch for biller scores in ASSS) is your biller going to have a 'unified' zone/player scores website, like the old edome one?
Mine GO BOOM - Wed Aug 27, 2008 8:33 pm
Post subject:
Hakaku wrote:
If that were true, then the council should have pushed for a better biller years ago.

Because the only person left who controls the billing server happens to be very busy, and has enough flack already from people whining about lack of client updates?
Hakaku - Wed Aug 27, 2008 9:22 pm
Post subject:
Mine GO BOOM wrote:
[..]


Because the only person left who controls the billing server happens to be very busy, and has enough flack already from people whining about lack of client updates?
I said years ago, not wait 7 years and then state that you've done everything in your power to 'safeguard' the biller. All of these things and potential exploits have been known for a long time, to add to the fact that edome's stats page went down; such factors should have at least prompted more interest in fixing and/or improving the biller.

As for the client, that's something that PriitK had encouraged and should have expected after creating Continuum. In the early days, forums such as sshq (certainly not the only one) had actually encouraged users to provide ideas for potential client-side features, and asked users to help identify bugs. Updates happened frequently enough, and then wham, PriitK dissapeared. Surely you couldn't expect no one to whine for 5 years of doing nothing? Especially considering the rise of issues related to Windows XP, and then the arrival of Vista, which have only been fixed recently.

</thread detracting>
Snrrrub - Thu Aug 28, 2008 6:18 pm
Post subject:
Maverick, I'm always looking for someone who could help me with the code and could take over in case I'm away/gone. If you know of anyone, please get me in touch with that person. Let's come up with a concrete contingency plan so things don't just fall apart. Can you help with that?

I've added the command reference to the site: Isometry Biller. blue_monday has also written an F1 menu for Isometry so I'll put that up once I get my hands on it.

-Snrrrub
Snrrrub - Sat Aug 30, 2008 3:53 pm
Post subject:
Just as an update: I've added an ?alias command for L3+ operators. Hopefully this will reduce the need for (or, ideally, put an end to) alias bots.

-Snrrrub
CypherJF - Sat Aug 30, 2008 7:52 pm
Post subject:
Snrrrub wrote:
Maverick, I'm always looking for someone who could help me with the code and could take over in case I'm away/gone. If you know of anyone, please get me in touch with that person. Let's come up with a concrete contingency plan so things don't just fall apart. Can you help with that?
What lang is it written in?
Snrrrub - Sat Aug 30, 2008 10:20 pm
Post subject:
The biller is written in C++ with a heavy emphasis on PostgreSQL. There's quite a lot of standard SQL with a few Postgres-specific features tossed in as necessary. There's also some plpgsql and Isometry will, over time, have a heavier emphasis on it.

Going forward, I expect some Python in the mix and a LOT of XHTML, CSS, and Javascript in addition to everything I mentioned above.

-Snrrrub
Purge - Mon Sep 01, 2008 11:56 am
Post subject:
So much for Accede. sa_tongue.gif
CypherJF - Mon Sep 01, 2008 4:11 pm
Post subject:
Purge wrote:
So much for Accede. sa_tongue.gif


icon_smile.gif

True - but, Accede has a slightly different focus and goal - it is a hybrid biller allowing both biller type of systems to connect to it. It also doesn't help the fact I haven't had a chance to spend much time on it to keep developing it (lots of ideas, too little desk time).

I do say though Snrrrub had an upper hand really diving into Subspace protocol (and figuring out the patches which need to be applied to send scores, demographics, etc.). He and I have had a few discussions about the biller protocol and things in general - which is really what counts. As long as people keep pushing and developing around the existing system - its a win-win.
Blocks - Mon Sep 01, 2008 11:18 pm
Post subject:
Snrrrub wrote:
5) open policy towards zones

Out of curiosity, how open is "open"? For instance, if I were to steal a zone's settings and host them on my own server, would I be permitted to use Isometry?
Cheese - Tue Sep 02, 2008 12:48 am
Post subject:
i should hope not

there has to be at least a -few- qualifications...

like owners not being netbanned from ssc, zones not having -any- stolen content.
hellzlaker - Tue Sep 02, 2008 1:35 am
Post subject:
I'm pretty sure that if u steal a zone no one would let you bbut for netbanned its for SSC not the Isometry, if you do anything that you cant do on isometry then you'll get netbanned from there
Snrrrub - Tue Sep 02, 2008 10:45 pm
Post subject:
Abuse comes in many forms and some are easier to deal with than others. Biller abuse - DoS attacks, scripted player name registration, etc. - are fairly easy to catch and deal with. Behavioural abuse such as zone map/settings theft is harder to identify. How do you determine who came up with some settings first? I'll think about the problem a little more but if anyone has suggestions that could help guide my thoughts, I would really appreciate the feedback.

I think the bottom line is that if you're caught abusing the system, you've got to pay the price. I don't plan on preemptively banning people/zones because they might have learnt from their SSC experience that abuse will not be tolerated.

The system is open to those who treat it fairly.

-Snrrrub
hellzlaker - Tue Sep 02, 2008 10:51 pm
Post subject:
Snrrrub will zones change the signature names also? I mean all SSC zones start with SSC and have the ending like SSCU, SSCX and etc, so will all host have to do SSAB or something like that?
Speed Racer - Tue Sep 02, 2008 11:44 pm
Post subject:
Good luck with another biller. Stick with it - might work out in the long run.
CypherJF - Tue Sep 02, 2008 11:55 pm
Post subject:
Just to throw this out there - Accede was being designed such that each server took care of it's own ban wish. Core server group owners (which was never automated) would recommend to the rest of the groups a list of bans which should be escalated biller-wide. My idea would be group owners would have the ability to nominate zone-level bans (or maybe even group level) to be escalated. The ban would then be put up for vote for X time and either become a biller wide ban or not. Granted, this system isn't the best; but would help automate the escalation of biller wide bans. Net bans really should be reserved for the worse offenders.

No system will be perfect; but something should be better than nothing.
Aceflyer - Wed Sep 03, 2008 12:30 am
Post subject:
Snrrrub wrote:
Just as an update: I've added an ?alias command for L3+ operators. Hopefully this will reduce the need for (or, ideally, put an end to) alias bots.

-Snrrrub


If by L3+ operators you mean L3+ BanG operators, and Isometry's BanG utility is effectively identical to the SSC biller's BanG utility, I'd strongly recommend changing it to L2+ access only. Aliasing is very easily abused and to maintain players' privacy rights, biller-wide aliasing access should be very closely controlled. Keep in mind that with the SSC biller only billing ops have access to ?userinfo at all, not even 'regular' L1 ops have biller-wide ?userinfo access.

With the SSCC server's old SSCC server-wide aliasing system, a maximum of 3 operators was allowed per zone. Similar restrictions should be applied to Isometry's system, I would think.
Snrrrub - Wed Sep 03, 2008 1:41 am
Post subject:
hellzlaker: zones names are up to the zone owner. I don't think the biller should have any influence on that. If zones choose to use a common prefix, so be it, but I don't have anything to do with it.

Speed Racer: thanks, I'm hoping this stimulates some growth and innovation in SubSpace.

Cypher: I like your idea of a democratized banning system. I think this is one of those experimental features that needs to be deployed for a while to see what people do with it.

Aceflyer: the only information that could be considered "personal" is the IP address. None of the other fields can be used to extract any meaningful, real-world information. The IP address can already be viewed through *info and the current (widely used) alias bots make that readily available to zone mods. Moreover, it's unreasonable for a user to expect their IP address to remain private while communicating over the internet.

The ?alias command is not the same as ?userinfo. In case I overlooked something major, can you tell me what sort of abuse you expect from listing alias (name), ip, and MID for a given user?

-Snrrrub
Blocks - Wed Sep 03, 2008 4:34 am
Post subject:
I believe Aceflyer is referring to the pastime known as "smurfing," or the act of getting on an unknown name to piss off your friends, just for kicks.
Aceflyer - Wed Sep 03, 2008 11:51 am
Post subject:
Snrrrub wrote:
Aceflyer: the only information that could be considered "personal" is the IP address. None of the other fields can be used to extract any meaningful, real-world information. The IP address can already be viewed through *info and the current (widely used) alias bots make that readily available to zone mods. Moreover, it's unreasonable for a user to expect their IP address to remain private while communicating over the internet.

The ?alias command is not the same as ?userinfo. In case I overlooked something major, can you tell me what sort of abuse you expect from listing alias (name), ip, and MID for a given user?

-Snrrrub


Ah, thanks for explaining. It seems I misunderstood ?alias and thought it to be a variant of ?userinfo - my bad.

Still, it is probable that not all zone admins on Isometry would have the same standards regarding the confidentiality of alias information. On SSC, for instance, zones like TW have a policy of strict confidentiality of players' alias information; any disclosure of alias information to the public is strictly prohibited. And with the old SSCC alias system, access was closely limited to help safeguard against abuse.

Yes, zone admins can put up their own alias bots, but that would restrict them to collecting information from players that actually enter their zones; if a player never enters "Zone B", their alias information would never be directly available to ops of "Zone B". Whereas with a biller-based ?alias command, even if a player has only ever played in "Zone A" on Isometry, his/her alias information would be freely available to ops of "Zone B", "Zone C", etc. on Isometry - and some of these ops might have a grudge against the player in question, and might disclose the players' aliases to the public.

I am not saying whether this is good or bad, but this is something that players do not have to worry about on SSC.
All times are -5 GMT
View topic
Powered by phpBB 2.0 .0.11 © 2001 phpBB Group