Update on new cheating prevention initiatives from Niantic....

1235

Comments

  • What's a corner case now, can be easily the norm when Niantic detects all other cases.


    Spoofing needs to be stopped before it does harm. If you have THE solution that can't be bypassed in a matter of days, do share.

  • TheKingEngineTheKingEngine ✭✭✭✭✭


    Thus the problem you are addressing is not lying in "cumbersome anti-spoofing solutions". It's due to the fact when Ingress team banned a spoofing sub-account, it's main accounts or linked accounts were not affected.

    Thus, as long as there is any anti-spoofing mechanism, even not suggested by me, according to your line of reasoning would be cumbersome. The real problem is why main accounts got no ban and we knows why.

  • TheKingEngineTheKingEngine ✭✭✭✭✭


    No solutions can do the anti-spoofing job BEFORE it does harm. It means detection of spoofing in advance which is not possible.

    By saying so you are seemingly suppressing everyone in the thread to make posts and discussions about anti-spoofing at all.

  • It's the effects on the portal network that I care about, not the main accounts of those doing it.

    If Niantic could automate/undo the actions of spoofers, nobody would care to spoof anymore,

    If Niantic resets portals to their previous states, kills all links/fields created that shouldn't have existed due to a spoofed field, removed all items hacked on portals upgraded by cheaters, adjusted the cell scores, ... THEN you would "stop" cheating.


    But Niantic isn't storing this data (yet)

  • TheKingEngineTheKingEngine ✭✭✭✭✭

    While automatic restoration is crucial as you suggested, which I don't think would be implemented until the end of this game...

    Spoofers would NOT stop cheating. Still. It's because it's hard to arrive at the restoration step due to the incapabilities of reporting.

    That is, when it's still hard to report and ban spoofing sub-accounts. Thus banning main-accounts or devices are still the keys.

  • I don't see how they would even be possible. Niantic would have to know every land's laws, and in this case, where you live (at least the area). Would people be okay w/ Niantic knowing that and tracking every work trip etc?

  • gazzas89gazzas89 ✭✭✭✭✭

    Truly illegal would be a stretch, fineable is what it would be, as the first example is a 500 pound fine just now. The second one i dont actually know what the outcome of that would be (the loch at night one) it was another agent who told me it was illegal, to me it was just monumentally stupid and when I brought it up with some of the others in their team I got the feeling it was funny to them

  • Spoofers typically use throwaway accounts, and relying on reports after the spoof will never really solve the problem. 

    Just wanted to call out one mistake that undermines the entire premise here.

    Throwaway accounts are one type of spoofing activity. There are plenty of other Spoofer accounts that despite repeated reports, blatant activities, and even posts on the forum, continue to survive. If it weren't the case, people wouldn't have long rants about how NIA Ops doesn't act.

    If the only spoofing were throwaway accounts, and Niantic caught them all after the fact, people would only be yammering for better real time detection, not complaining that NIA Ops never listens.

    Requiring verifiable in-person actions would be a good way to generate a level of confidence that someone wasn't spoofing after an account has been reported too many times.

  • That would be even more rare in terms of corner cases.

    For clarity here, most levelling bots appear to be supplied with a full complement of "What level you'll need at the time" resonators in order to level up quickly. They generally don't rely on their own hacking, or they'd start to deviate from the script and have to randomly deploy lower level resonators than their current level's max spread.

    It's one of the tell tales for easy bot identification. They almost never deploy anything but a "highest possible combination". I'm not talking about a spoofer running a bot from his PC watching the sprite 'walk' around, but scripted bots. The ones that level without human interaction.

  • TheKingEngineTheKingEngine ✭✭✭✭✭


    Yes, and according to this logic and observation I suppose we manually/Ingress system automatically could, regarding a specific 0km walking distance account, determine if it's a spoofing one or not. That's why I don't spend much time here explanning why reference to speed run is nonsense. What really surprise me is that even spoofing sub-accounts like this can survive for a very long time despite reports.

  • GuschtelGuschtel ✭✭✭

    Requiring in-person actions would not help at all, since most spoof accounts are controlled by humans who easily solve all your "challenges".

  • edited March 2021

    As yet, I don't believe anyone has worked out how to spoof ARCore, or we'd see a whole pile of scan data that Niantic can't tell is fake.

    Scanning a portal as a black unmoving image, would kinda indicate "Yes, this really is a spoofer". That's why I said verifiable.

  • DSktrDSktr ✭✭✭✭

    Scan as an anticheat is a fail strategy imo.

  • MirthmakerMirthmaker ✭✭✭✭

    That is an eye test. My box crawls with that.

    What keeps me on my toes is spoofs being used by local agents to supply keys that if an agent goes there it screams yellow and red alerts, and are the sort of banable offenses more than one person in this conversation really want Niantic to pay more attention to.

  • HosetteHosette ✭✭✭✭✭

    @LuoboTiX Your point about the difference between efficient and effective anti-spoofing techniques is well-stated.

    My primary experience with spoofing, especially in the last few years, involves obviously-throwaway accounts being used to take down durable portals, especially if they are anchoring tactical/strategic blockers or large fields. I've reported a fair number of those over the last few years and had a very high success rate with that and with getting portals/links restored. The problem is that much of the damage is already done at that point. In a recent case it took several days to restore the portal and links, and by that time someone (most likely the main account that used the throwaway spoof account) had already linked across the lanes and thus blockers could not be restored.

    I have less experience of late with accounts that spoof on an ongoing basis, though I dealt with it a fair bit several years ago. I believe people who say they have experienced it... I just don't have much personal experience other than several years ago.

    I believe that effective anti-spoofing must be efficient anti-spoofing. The majority of spoofing incidents need to be caught before the damage is done. Restoration is frustrating and annoying for players, and expensive and time-consuming for Niantic. It still needs to exist as a mechanism because no anti-spoofing technology will be perfect, but it should be the last resort rather than what we have now, which is that it's seemingly the first line of defense.

    I can tell you with certainty that spoofing can't be completely stopped. It can be reduced significantly through technical innovation but someone will always find a way around even the most sophisticated mechanisms. It's very clear that what we have right now is nowhere near the best that is possible.

    One of my nerd fantasies is to be a "data detective" for Niantic ferreting out spoofing information and patterns, and finding ways to tie specific incidents to the main account that is responsible for them. I've done this sort of data spelunking before and it's great good fun for me. It shall always remain a fantasy, though, since Niantic couldn't pull me away from my current job and they could probably hire someone more qualified if they ever wanted someone to fill such a role.

  • SSSputnikSSSputnik ✭✭✭✭✭
    edited March 2021

    I still think machine learning algorithm would work :)

    Its often easy for humans to spot leveling spoofer accounts.

    Post edited by SSSputnik on
  • edited March 2021

    The problem with the machine learning so far, has been that they end up being too aggressive, because the signs people often trigger off are exhibited by players too.

    Which is why people accuse each other of spoofing, even when they aren't.

    Like when every Anomaly Operator got banned for acting like a scraper during an anomaly because they were doing things like regularly refreshing a specific portal.

  • HosetteHosette ✭✭✭✭✭

    Yes, machine learning is an excellent tool for this and it seems very likely that Niantic is doing exactly that. However, machine learning is not a set-it-and-forget-it tool. Models need to be developed, and they need to be refined as new information comes in. I would love it if machine learning was a silver bullet for spoofing, but it isn't... it's a tool in the arsenal, and smart humans need to manage the tool well.

    Yes, we have no idea how many spoofers Niantic shuts down before they do any damage, and we have no way of detecting "quiet" spoofers. Elsewhere in a discussion I suggested that perhaps portals should have different rules for linking if they have not been hacked within the last year. I also pointed out the obvious drawback to that-- someone could just spoof hack a portal every six months to keep it linkable, and players have no mechanism for detecting this.

  • SSSputnikSSSputnik ✭✭✭✭✭
    edited March 2021

    As far as I'm aware Niantic do not and have not used Deep Learning for cheat detection.

    I think they advertised a position years ago for a ML person and it was never filled?

    The tech back then was also in it's relative infancy.

    True models need tuning and updating which should not be an issue. Niantic have plenty of data.

    Our company developed a Deep Learning model for underground loaders. It can detect if a shovel is full, empty, loading or unloading through dirty cameras, curtains of water, cluttered environment with very high accuracy.

    Run the algorithm in conjunction with reports for as many months as it takes to get a high degree of accuracy before unleashing it on a trial basis. Or use it as an assistant for a human to make final decisions. Or to flag accounts to look at.

  • GuschtelGuschtel ✭✭✭

    @Perringaiden I haven't seen many real humans doing scans around here either, lol.

    Also that would require another human to verify the scan. Have fun with that :D

  • It would require NIA Ops to look at the scan. Spoofers don't have drones flying around the city so they don't have pre-recorded scans of portals.

  • Has Amazon and eBay stopped sell accounts yet? That would be a start?

  • GuschtelGuschtel ✭✭✭

    And you think that would actually happen? :D

    You're indeed an optimist.

  • GrogyanGrogyan ✭✭✭✭✭

    I generally follow this practice now, being fully aware that I may be in a location at a time that I wouldn't be. Kinda validates actual position.

  • edited March 2021

    I've always taken Proof-No-Spoof photos regardless of whether I was asked or not, so that no matter what happens, if someone asks I have it. Which helps in the reverse, that people can't refuse to provide one on the basis "You didn't when you did X".

  • GrogyanGrogyan ✭✭✭✭✭

    But photogrammetry of Wayspots is not good for the majority of players who do not want to have anything to do with the feature. Talked with some pogo players and they are in the same view as well, no incentive to give Niantic free labor from scanning.


    Some other means for 2 Factor Location Authentication has to be looked into.

  • 2FA isn't really what we're going for though.

    Geographical verification requires some sort of 'true positioning' which is almost impossible if you can't trust the GPS. Photos taken through a secure means are one of the few relatively useful sources.

Sign In or Register to comment.