Potential misinterpretation of drone hack data potentially leading to false bans

M1chaeIM1chaeI ✭✭✭✭
edited January 2023 in Report a Bug

Me and several other agents have done an investigation over the last few months and we believe that the location data of drone hacks is not being logged correctly and/or is being misinterpreted.

We have contacted Niantic Support directly for this matter, in an attempt to privately resolve this, but unfortunately according to them, “Sadly, we will not be able to make any immediate changes but for sure I will share these inputs with our development team and work towards improving the Ingress Scanner technology, perpetually.” Therefore, me and this group of agents believe it is in every agent’s interest that the results of our investigation are public, such that they can take appropriate precautions to avoid their account getting banned.

We asked 5 agents who were recently banned about their drone location before they were banned, and for all 5 we saw that the drone was recently hundreds or thousands of kilometers away from where they hacked with it.

So what we believe happened in all 5 scenarios was: They went somewhere, parked their drone there, then went away really far, hacked with the drone, and then got banned not too long after.

Furthermore, we looked at the GDPR package from one of the agents, and we found the logging of the location of drone hacks to be very confusing. It seems like there is no difference between a normal hack and a drone hack. If a drone hack is very far away, it will appear in the logs like a normal hack. We believe Niantic may be misinterpreting this data, which is leading to false bans.

With this happening to 5 agents, I don’t really trust that this is a coincidence and I would like to ask Niantic to investigate its logging on drone hack locations, and also to verify with support how they interpret drone hack locations when doing ban appeals. Based on the results of our investigation, it looks like something is off with this. In an ideal scenario, Niantic would give a public statement that it has investigated this scenario and what the conclusions of that investigation are.

In the meantime: I would personally recommend agents not to drone hack to avoid getting banned, until there is a response from Niantic.

Agent names and GDPR data is available from several agents, but I’ll not post them here to protect the privacy of these agents and to respect the forum rules.


EDIT: Please respect the forum rules and do not post anything related to bans to prevent this topic from being closed for that reason, thank you in advance!

33
33 votes

Intended - Not a Bug · Last Updated

Using your Drone will not result in a ban - regardless of how far from your physical location it is located.

Comments

  • KhatreKhatre ✭✭✭✭✭

    i've used mine more than 10.000 km away from it.

    and i won't stop

  • I'm happy for you! I'm unwilling to risk an unmerited account ban.

  • Awesome work!

  • DittoHunterDittoHunter ✭✭
    edited January 2023

    In the absence of any confirmation of the reasons for a ban, any player who has seemingly been hit will go looking for reasons to understand why they were hit. If that same player has done nothing that is a TOS violation and knows that there are no TOS violations, then isn’t it logical the player would want to know the root cause of the issue? Furthermore, if there really was no player generated reason for the ban, wouldn’t it be reasonable for the player to want to exonerated?

    Quite honestly, when I read your post, I believe the bias is on your part in automatically assuming the players believe their theory is 100% correct. OP has presented a hypothesis. If anything, it seems to me like you have an unconscious bias against them or that you believe in the infallibility of Niantic’s cheat detection. If it was that effective, then the problems with the very obvious cheaters would have been rectified sooner.

    Similarly, while I’d expect 99.99999% of all suspensions and bans are justified, no system is perfect. False positives can not be ruled out.

    The difference with this vs other bug reports is that it is based on a data set that they feel gives credence to their theory. As someone who has been involved in QA testing and is always trying to build a better mousetrap, I always want to know if the system has issues. There are also so many unknown factors that could trigger an error… OS systems, phone features, other apps on the phone that are not used to cheat but may have indirectly caused an issue. Unfortunately these scenarios cannot always be predicted or mitigated by game developers… but it has to be acknowledged that it could cause issues that affect players.

    I understand the need for withholding strategic information for fear it would open up other avenues to cheat or impinge on someone’s privacy. However, the player base has long standing frustrations on certain issues that are never resolved. In the absence of communication, all anyone can do is self-advocate. A group of people that have spent this amount of time trying to get to the root cause of a problem is not inherently trying to exploit the system —although their end goal is player reinstatement, if they are right, they will have helped Niantic developers and the larger Ingress community as a whole.

    The OP has simply posted a bug report and a possible hypothesis. They have gone to the effort of trying to find a larger sample size so that anyone investigating a bug has more data to analyze. The question now is whether Ingress team have the time, resources, and ability to advocate for a thorough review of this possible issue if they give it any credence. The Ingress team has stated repeatedly they have no say in appeals. The core issue of the corporate entity’s dismissal of player raised issues is the larger issue.

    Post edited by DittoHunter on
  • XK150XK150 ✭✭✭✭✭

    A point of logic: The fact that GDPR dumps don't clearly label drone hacks isn't proof that the system the data was extracted from has a labeling problem. That could be a glitch in data dumping process.

    Other than that, it's an interesting hypothesis.

  • M1chaeIM1chaeI ✭✭✭✭

    Your point is valid. That's all I can really say. It doesn't influence the results of our investigation.

  • M1chaeIM1chaeI ✭✭✭✭

    @NianticOfficial Thank you so much for confirming that it is not possible to get banned when using a drone!

    This is however, one of the two things that I asked. The second thing was "to verify with support how they interpret drone hack locations when doing ban appeals". I don't know exactly how the process works, but I have to assume some bans are automated. Then, upon a manual review through a ban appeal, the data might lead to the agent staying banned. I'll give an example scenario:

    Imagine I travel halfway across the world and leave my drone there. I travel back, and I move my drone. I could do this for example in a train, since there is usually enough time to move the drone, but not to hack before getting speedlocked. I then exit the drone screen without hacking and hack any portal normally. After a while, I decide to reopen my drone view, and hack. From the GDPR data dump, I cannot tell if I did a drone hack, or spoofed my location halfway across the world to do this hack.

    Could you verify with the people looking at ban appeals that they are interpreting data related to such a scenario correctly? This is the final thing I will ask before resting my case.

  • daawgdaawg ✭✭✭

    So how do GDPR-data dumps for drone hacks look like then, compared to regular hacks?

    AFAIK the data must show some difference, otherwise the implementation is illegal and does not comply to GDPR requirements.

  • M1chaeIM1chaeI ✭✭✭✭
    edited January 2023

    I don't want to risk the topic being closed for posting potentially private information, so I won't give you the exact log lines. I would recommend that you get your own GDPR package and look through the game_log.tsv. I'll give you some example lines of the scenario I sketched in my last message. The lines will be from most recent action to least recent action (!). The scenario is as follows: I move my drone. I exit the drone screen. I hack a normal portal. I enter the drone screen. I hack the portal the drone is on.

    <self coordinates> are either the coordinates of the player or the portal that the player is interacting with, I'm not 100% sure.

    <timestamp> <drone coordinates> hacked enemy portal   success //(drone hack)

    <timestamp> <self coordinates> hacked enemy portal   success //(normal portal hack)

    <timestamp> <self coordinates> drone moved   Drone Move

    Please note again that the bottom line is the first action I performed, this is the order it is in in the game_log.tsv. Please also note that everything including and after the // is not present in the log files, and is just a comment.

    If you look at these exact log lines without any other context, even I would tell you that this player falsified their location. This is why I'm sceptical about if these log lines are interpreted correctly by the people who are doing ban appeals.

  • I doubt that the data Ops looks at is formatted like this. The GDPR dump is a raw text dump, after all.

  • M1chaeIM1chaeI ✭✭✭✭

    We can't know for sure, since the process is not transparent. I've never claimed that I know for sure how the process works, but I find this interesting enough that I think it's not unreasonable to ask for an investigation.

  • Note that GDPR data is the elements that are relevant "to the person". There's far more data they store tied to other elements which are legally not related to the person (but abstracted one layer away), which is what Niantic uses for their work.

  • GrogyanGrogyan ✭✭✭✭✭
    edited January 2023

    "We asked 5 agents who were recently banned about their drone location before they were banned, and for all 5 we saw that the drone was recently hundreds or thousands of kilometers away from where they hacked with it."


    This


    What this suggests, is that their accounts were possibly hacked by someone, who logged into their accounts.

    Obviously at the same time the legitimate player was logged in at the same time.

    The anti cheat saw this position discrepancy and issued an auto ban.


    We have have seen this occur before, where players accounts have been hacked.

    Post edited by Grogyan on
  • M1chaeIM1chaeI ✭✭✭✭

    I have never suggested the theory of their accounts being hacked.

  • Or... they cheated in some other way like 'spoofing' to a location where they then deployed their drone...

  • NysyrNysyr ✭✭✭✭
    edited January 2023

    Redline Stealer targeting Ingress players for scraping? Maybe?

  • EvilSuperHerosEvilSuperHeros ✭✭✭✭✭

    Or they cheated in any number of ways over the life of their account. Not all bans are for recent activities as stated in previous threads.

    Wonder how many of those agents also play Pogo? Just asking in general.

Sign In or Register to comment.