SDS ban hammer thousdans for exploit

Collapse

Recommended Videos

Collapse
This topic is closed.
X
X
 
  • Time
  • Show
Clear All
new posts
  • oski96
    Rookie
    • Jul 2015
    • 48

    #46
    Re: SDS ban hammer thousdans for exploit

    Originally posted by srdclark
    Those are two very different situations, however. The collection glitch was something anybody could find by opening the mission page. The amount one could gain was limited to one copy of each glitched card, at which point there is nothing to gain besides YouTube views.

    The stub glitch (and I'm assuming for my argument that the glitch in question was based on double-cancelling orders on separate devices) was not something just anybody would discover. As has been mentioned, it took a really random occurrence with multiple steps to replicate and, while it technically could occur by accident, the user wouldn't notice in most cases. Those that did notice, and then pushed the exploit and ultimately repeated an optimized version of it (i.e., posting a 50k bid on a common, then double-cancelling, then performing this 30 times) would have a theoretically unlimited gain with an actual dollar amount. In fact, the only "limit" this exploit would have, would be for the exploit to be noticed. If noticed by "the public" it would risk destroying the market and devaluing the stub (so that commons really were worth 50k, for instance); if noticed by "the devs" it would risk stub removal at best, banning at worst.

    So, in this case, the exploit relies on secrecy. This type of security issue can indeed be kept very secret, even on the internet. Let me give you a parallel example: after weeks of legal battle, media attacks and internet debate, the terrorist iPhone was unlocked by... a third party with an exploit that almost nobody (including Apple!) knew about.

    Reading this, you are probably a bank customer, but you likely aren't aware of even a single occasion in which an exploit (through cross-site scripting, perhaps) was used to steal from the bank or from other customers; yet, it happens, and costs your bank (and their insurer) large sums each year. You are likely a Windows user, but you aren't aware of all of the exploits that were used prior to each Patch Tuesday, or all of the ones that started being used on the following Wednesday. This really is the world we live in, where even engaged customers don't know how fragile these systems really are, or how hard people work to get in and keep it quiet. As Last Week Tonight said about the iPhone, "Join us as we dance madly on the edge of a volcano."
    That seems reasonable, but yet, it has to be wrong. I do not believe this "exploit" had fail safes where it required "multiple, intentional steps." Indeed, I have been banned and I will tell you exactly my trading history:

    I have conducted thousands of transactions. The goal was to complete collections. I started as soon as I opened my deluxe packs and pulled a Trout. From there, I liquidated it and started buying and selling cards.

    99% (if not more) of my transactions were done on the PS4. For starters, trading through the computer is very clunky and time-consuming as you have to deal with all the CAPCHAS and it is hard to track the bids in real time (which is something you have to do if you want to get items - other bids constantly flow in).

    The only time I would trade from my computer is when my son was on the PS4 and I had no access. By the way, he does not play the Show, so he would not have been making any trades while I was in the other part of the house on my computer).

    1. In the morning, I would start the Program on the PS4 and then check my orders over coffee. I would see what was bought/sold and then mass-clear the remaining orders (because they would be stale by then).

    2. I would put in new sell orders for diamonds, new buy orders for diamonds, sell orders for golds (if there were slots left), buy orders for golds (if slots left), etc.

    3. I would play a game and after clear the orders and re-set.

    4. I did this every time before and after a game. At all times before a game, my 20 slots would be filled.

    5. During the day, I would check my orders from work at my computer. I would clear all orders and reset because they would be stale. I would do this about 1 - 2 times a day.

    6. After work, I'd usually play in the evening (after the kids were done playing PS4 and went to bed) and I would do steps 1 -3).

    7. Before putting the console in sleep mode for the night, I would clear and re-set all my orders.

    That is it.

    Once in a blue moon, it may be the case that I cleared orders from my computer and then checked to see if my son would let me on to re-set orders (because putting orders in on computer is a pain). I would then load the program and put in new orders (step 2). These instances would happen usually on a weekend when both me and my son would be home.

    That's it.

    I usually had between 10 - 50k stubs on hand in addition to the inventory I regularly flip. Once the on-hand stubs got near 80 - 100k, I would buy a diamond and try to complete a set. I averaged about 1.5 diamonds per week since getting the game.

    I still had two sets to complete when I got banned. The only diamonds I needed was Harper and Scherzer (and also Stanton who became Gold).

    I never played BR and still have my free entry and I don't play online. This is due to the reported gaming issues and risk of DDOS attack (whether overstated, or not, I don't know).

    Anyhow, there it is. That is my entire history. If I ever received "free stubs" I did not notice. I would have noticed if it happened AND I kept a log of my transactions, but I don't. I make so many trades, I can't really keep track of them ... I have a general idea of what a good buy price is for a card as well as the corresponding sell price. For ones that fall outside of that range (or a new card I am trading), I often have to go back through my transactions list to see what I bought it for.

    So, fluctuations up OR down in relatively small increments is going to escape my notice - especially since most of my transactions are for between 5 and 15k. Only a few times did I trade a larger card since it is hard to actually get those cards to begin with.

    So, I am banned, and I suppose the MLB the Show community is better off now, right?

    Finally: if anyone cares (and I'm not asking or expecting you to), can someone cross-post this on the SHOW FORUMS? My ban extends to the forum and I can't even contact a developer to look into my history. The TOC of the SHOW NATION provides an email for banned accounts, but it is simply listed as (TBD - to be determined). So, I cannot even contact anyone on those forums, period. I am simply waiting to hear from SDS from email and so far - nothing.
    Last edited by oski96; 06-28-2016, 04:33 PM.

    Comment

    • oski96
      Rookie
      • Jul 2015
      • 48

      #47
      Re: SDS ban hammer thousdans for exploit

      And by the way. This is the exact text I will send in an email should SDS ever decide to respond to my initial email send over 24 hours ago.

      Comment

      • RedJeff
        Rookie
        • Apr 2015
        • 83

        #48
        Re: SDS ban hammer thousdans for exploit

        I cant access the show nation community market. I can log in, but thats it. I hope i didnt get banned. I really had no idea this was a thing. Didnt do collection glitch. I do flip cards, and buy cards i think might go up.
        Is there any way to tell if your banned without logging into the ps4? I wont be home for a few days.

        Comment

        • Jason_19
          MVP
          • Aug 2006
          • 1713

          #49
          Re: SDS ban hammer thousdans for exploit

          Originally posted by RedJeff
          I cant access the show nation community market. I can log in, but thats it. I hope i didnt get banned. I really had no idea this was a thing. Didnt do collection glitch. I do flip cards, and buy cards i think might go up.
          Is there any way to tell if your banned without logging into the ps4? I wont be home for a few days.
          I bunch of people have been having that problem according to people posting on the Show Nation forums. I can't speak for anyone else, but I'm banned and I can't even sign in. That could be a browser issue though.

          Comment

          • ph33
            MVP
            • Oct 2014
            • 3261

            #50
            Re: SDS ban hammer thousdans for exploit

            I'm not banned but the website doesn't work for me either.

            Comment

            • Boozers
              Rookie
              • Feb 2004
              • 107

              #51
              Re: SDS ban hammer thousdans for exploit

              Appreciate the feedback on this. I have been banned. I have never played diamond dynasty before except for NHL HUT which is similar with buying and selling players etc.. In NHL Hut you cant own more than one of the same player at the same time, as it forces you to sell the player or quick sell it. I was shocked in diamond dynasty when I discovered you can own the same player as many times as you want. I felt it was weird and not what I use to, but I figured if the games allows it you can do that.


              So i figure out by calculating numbers its cheaper for me to buy bronze players ie. Jared Weaver maybe 70x times and a couple others to strictly feed my player to get to 100% embody the player and unlock the legend. I have done this a couple times with some other teams and now Im banned. I figure this is probably the reason Im banned I cant think of anything else.

              It seems really vague and had I known this obviously I would not of done this. I had no clue though, I dont know if this has happened in previous games. I truthfully didnt know about this. I would love to be able to talk to a show member staff and explain my side, and possibly get unbanned and never own duplicates of the same player, but understand its probably zero and slim. I dont really understand why the game would allow you to buy unlimited duplicate players when NHL HUT prevents it so its not an issue.

              So in next years game I mean whats an acceptable number for duplicates 3 or 4? Thats what i dont understand. I hope next years game is alot stricter. Any feedback Id appreciate it. Ive been playing online sport games for 17 years never had any issues of being banned or anything, Ive particpated in online leagues for years and Im always respectful and show great sportsmanship

              Comment

              • Jason_19
                MVP
                • Aug 2006
                • 1713

                #52
                Re: SDS ban hammer thousdans for exploit

                They've admitted the bans are for partaking in an exploit in relation to cancelling purchase orders. Having duplicates of cards (even thousands of them) is not against any rule.

                Comment

                • redsox4evur
                  Hall Of Fame
                  • Jul 2013
                  • 18169

                  #53
                  SDS ban hammer thousdans for exploit

                  They probably took down the community market on theshowmation and that's why you can't access it. I think they did it last year as well she they fixed the Tpc and dpc.


                  Sent from my iPad using Tapatalk
                  Follow me on Twitter

                  Comment

                  • srdclark
                    Rookie
                    • Apr 2016
                    • 102

                    #54
                    Re: SDS ban hammer thousdans for exploit

                    Originally posted by elbomberoloco
                    srdclark I see your point but I'm not buying 1500 people keeping this quiet that is way too many for 2016...

                    In fact over the last week or so there have been random common players that spiked for no apparent reason, maybe that was from this...
                    It was a lot more than 1500 - it was 1500 bans, and they said that represented a small percentage that were the worst offenders. Assuming "small percentage" is single-digits, at least 15000 people used the exploit at least once.

                    News travels very differently in hacker communities vs gamer communities. It always has. Think of a Venn diagram:

                    http://www.operationsports.com/forum...1&d=1467160561

                    Think about how information moves in these groups. Hackers are insular; their activities are often illegal, sometimes harmful, sometimes valuable. There are white-hat hackers who try to expose flaws so that they can be fixed, and black-hat hackers who develop exploits for personal use or for sale. Both groups rely on being able to share data on trusted networks. Black-hats are very secretive, frequent the "dark web" and work hard to keep non-hackers and white-hats out of their networks. Some white-hats will take to social media to release exploits if they are not fixed within a certain time-frame, but they are also careful to keep their findings out of the public eye (and away from black-hats) until that time.

                    So! Who found the missions glitch? It was right there on the mission page for anybody to see, if they went to the mission page. Any gamer could see the glitch and many did, posting on social media. The news was picked up and popularized by LetsPlayers, such as Knasty3890 and cardinalbird5.

                    Who found the stub exploit? The more complex the exploit, the less likely it was "just" a gamer, and the more likely it was a black-hat hacker/gamer. It seems likely that the complexity is at a level where you won't stumble upon it unless you go looking for it, but it's easy to find if you know where to look (hence, SDS knowing about the exploit early on). Non-hackers aren't going to find it, and but it's possible a large number of hacker/gamers would find and treat the exploit information the way they treat all of their criminal activities - with great discretion.

                    And hey - I'm only arguing whether it is possible for a large group of people to either a) simultaneously find information the general population can't find, and then all keep silent about it, or b) distribute the information from a singular discovery among a defined, trusted network. This really is what happens IRL, and frankly it would be odd to think that games tied to real-money transactions would somehow be exempt.
                    Attached Files

                    Comment

                    • srdclark
                      Rookie
                      • Apr 2016
                      • 102

                      #55
                      Re: SDS ban hammer thousdans for exploit

                      Originally posted by oski96
                      That seems reasonable, but yet, it has to be wrong. I do not believe this "exploit" had fail safes where it required "multiple, intentional steps." Indeed, I have been banned and I will tell you exactly my trading history:
                      The one thing I didn't address in scenario is, what if there is a problem with SDS's reporting tools such that transaction data is being associated with the wrong accounts, leading to higher-than-expected false positives (defined here as banned non-exploiters).

                      I have no idea how likely that is. I don't know what the chance is that any banned individual might be innocent. There are players stating that they were banned but performed no double-canceling. They say they think they may have been banned for card flipping, or stockpiling, or buying large numbers of commons for feed missions. I have done all of these things and I was not banned. SDS has said that none of these were the cause of the ban, and that none of them are exploits. They have said that they banned players who used an exploit to accumulate hundreds of thousands of stubs. Nobody could do this accidentally and without noticing up to a million random extra stubs; anybody who was banned and can honestly say that neither they nor anybody with access to their account did this, fell victim to a false positive and I sincerely hope that SDS will be able to fix the issue and reverse the ban.

                      Comment

                      • oski96
                        Rookie
                        • Jul 2015
                        • 48

                        #56
                        Re: SDS ban hammer thousdans for exploit

                        Originally posted by srdclark
                        The one thing I didn't address in scenario is, what if there is a problem with SDS's reporting tools such that transaction data is being associated with the wrong accounts, leading to higher-than-expected false positives (defined here as banned non-exploiters).

                        I have no idea how likely that is. I don't know what the chance is that any banned individual might be innocent. There are players stating that they were banned but performed no double-canceling. They say they think they may have been banned for card flipping, or stockpiling, or buying large numbers of commons for feed missions. I have done all of these things and I was not banned. SDS has said that none of these were the cause of the ban, and that none of them are exploits. They have said that they banned players who used an exploit to accumulate hundreds of thousands of stubs. Nobody could do this accidentally and without noticing up to a million random extra stubs; anybody who was banned and can honestly say that neither they nor anybody with access to their account did this, fell victim to a false positive and I sincerely hope that SDS will be able to fix the issue and reverse the ban.
                        I think it is more like this:

                        For people who intentionally used the exploit, I think it would be relatively easy to determine these accounts from looking at the buys. For example, if you look at all my buys, they are usually very close to the highest bidder (up until then). Basically, I want to put my bid in to be first in line, but just a bit higher than the last one. This results in a lot of "jagged" numbers - e.g. "10,049." If you look at my list of buys and sells you will see a list of jagged numbers that are either slightly higher (buy) or lower (sell) than the other numbers. My history is of a player entering legitimate buys and sells - I am hoping these transactions occur (and I expect a fair amount of them to occur).

                        If you see a slate of buys way over the current price and are clean numbers - e.g. (10,000), then that would be suspicious. e.g. if the current buy now price is 9,587 and you see a buy order for 35,000.00 AND then it gets cancelled, yes, that would be very suspicious.

                        Also, you would look for a slate of only buys - not mixed buys and sells. My history will show that I always have mixed buys and sells at all times. If I was working an exploit that I thought would never be caught, why would I be mixing my buys and sells? Why would I take the time to enter orders that correspond with the current prices? That takes time - especially on the computer with the CAPTCHA.

                        Another thing would be frequency: If a player cancels a slate of buys and then immediately re-loads and cancels another - red flag.

                        I can guarantee you that a large number of those banned will have transaction histories that show:
                        1. Mixed buys and sells almost all the time.
                        2. buy and sell orders that are tailored to the current prices.
                        3. Cancels that are not immediately followed by a re-load and cancel.

                        Again, I guarantee it; I would bet my house on it.

                        Compared to:
                        1. Straight list of buys.
                        2. Prices that are substantially over the current price.
                        3. Cancel and re-load and then another cancel (and perhaps so, on).

                        Finally, the statement: "You did this 30 times" does not mean anything until we know what they mean by that. If you had a mixed slate of buys and sells - so that would be 10 buys. You check in later and see they are all stale and that none of the transactions occurred ... you are going to clean the slate and re-enter. So, if that action triggered the exploit, is that 10 times or just 1 time?

                        Who knows? I have probably cleared my slate 5 to 6 times from a computer (usually I do all my transactions on the PS4 - I only use a computer when my kid is playing his games or I am at work). That would be 50, 60 times? Or is that 5 or 6 times? My point is that when you go over my history of (probably) close to 10,000 transactions, is it really that hard to believe that a person who engaged in these many transactions may not notice if there were more stubs in their account?

                        Anyhow, I think SDS' process is incomplete. They obviously pulled accounts that had infracting transactions (including mine, apparently) but I don't think they really looked beyond that to see the nature of the activity.

                        Again, I spent hundreds of hours grinding stubs on the market and playing the game. Does it really sound reasonable that I would "cut corners" and still play the game 8 hours a day? If I were cutting corners (and not just collecting cards to complete sets because I really enjoy it - I didn't even play DD last year, but I still collected all the cards) why would I choose to use this exploit to gain (guessing) less than 1% of all the stubs I earned from just playing the market? Does that make sense? No, not really.

                        Anyhow, if they actually take a look at most of the accounts to actually analyze the activity, I believe they will find that the majority of banned users likely did not do it on purpose. I am also sure they will find a number (but I think fairly small in comparison) of those that definitely used the exploit on purpose.
                        Last edited by oski96; 06-28-2016, 08:52 PM.

                        Comment

                        • NKRDIBL
                          Rookie
                          • Jul 2010
                          • 307

                          #57
                          Re: SDS ban hammer thousdans for exploit

                          For everyone saying there is no way this could've been kept a secret haven't stumbled across a glitch before. Something this big of this magnitude. People wouldn't tell everyone. Or start helping others. Not when you could be in the 1% of a huge advantage. Do I think people couldve been wrongfully accused? Yes. But to think people couldn't keep this secret are just fooling themselves.

                          Sent from my SM-N910W8 using Tapatalk
                          Last edited by NKRDIBL; 06-28-2016, 08:56 PM.

                          Comment

                          • aochaz14
                            Rookie
                            • Apr 2010
                            • 44

                            #58
                            Re: SDS ban hammer thousdans for exploit

                            I have been banned and I have never even been on the community market website ever. I have as some previous posters used bronze players for feed missions which if their system allows I feel is fair game. If they didn't want people doing that they should have limited the amount of bronze players to a number of feed uses. I also have bought a few rookie flashbacks and sold them back on the market for a nice return a few times but I thought flipping cards was perfectly acceptable so I'm very confused as to what got me banned as well. Needless to say I am very frustrated/ disappointed in SCEA. I do get what they are trying to do here but I am proof that users have been wrongfully banned. This gets resolved or this is the last show game I ever buy.

                            I'm not a Twitter guy, anybody have an email to reach them at so I can try and figure out what exactly I'm accused of doing wrong? Thanks

                            Comment

                            • elbomberoloco
                              Rookie
                              • Jan 2015
                              • 156

                              #59
                              Re: SDS ban hammer thousdans for exploit

                              srdclark, you are doing some quantum physics stuff there pal...but good stuff. Now I'm reading guys getting banned for too high a bunt percentage? Sony needs to come out and say xyz actions will cause you to be banned or put on suspension or whatever they want to call it. They can still post that corporate America blanket statement but give a little more info if the penalty is going to be this severe. I've also read approx 1500 accounts banned and that's only 1% ish so 150k people did this ? For all the people arguing cheaters need to accept the consequences how do you feel about such a small percentage paying the price ? Where is the threshold for "cheating"? In my mind if you are going to argue exploiting is cheating and ruining your experience how can you be happy with anyone benefiting in any dollar amount ?

                              Comment

                              • baseballsim
                                MVP
                                • Jun 2009
                                • 1279

                                #60
                                Re: SDS ban hammer thousdans for exploit

                                Originally posted by elbomberoloco
                                Now I'm reading guys getting banned for too high a bunt percentage?
                                Wait what? Where did you read this? And, why weren't they banned for this last year?
                                Ballpark Dimensions

                                Comment

                                Working...