Concerns re: Spoofing [A Dedicated Thread]

1568101115

Comments

  • SSSputnikSSSputnik ✭✭✭✭✭
    edited March 2022

    They have done something similar before, perhaps.

    One of our agents flew 1000km. Could not link until support ticket lodged.

    Not really acceptable as time is of the essence sometimes. (Charter flights, stopovers etc).

    Agree that if current systems cannot pick up regular gear transfers from accounts that don't show on Intel, groups of accounts always together or 1000km/hr+ travel then somethings broken.

    To anyone who is all "I like not showing on Intel, I only like hacking etc"... Tough, enough with excuses that don't fix a broken system. The odd deploy etc wont hurt you.

  • Your options basically are unworkable, and no-one is willing to accept either outcome, because the first will result in the **** of the game, and the second is a non-starter because what makes Ingress what it is, is tied up in the assets Niantic would never sell

  • SSSputnikSSSputnik ✭✭✭✭✭

    Would not discount that - Niantic are obviously going to leverage Lightship to other companies. The POI db will be available to those interested.

  • @Perringaiden - why are the options unworkable?

    option a is what I have been doing and playing like since 2018. Spoofers cannot stop a great deal of ingress game play. Missions, hacking, exploring etc is going to be almost unaffected. So it is a perfect way to play and enjoy ingress without having to battle ingress or the inadequacies of niantic to address the issues. And if no one would be bothered by spoofers any longer and would rant about them in forum posts - then maybe it would take away the air those desperate muppets crave?

    and option b will happen sooner or later anyhow. And it is fully in the hand and under control of niantic. Is nothing else than a business transaction to sell a database and potentially user data. Happens every day.

    what are the alternatives? We will have the same discussions on spoofing that we had since 2014 for the next 8 years to 2030 and still not even get a step closer to anything barely resembling a solution to spoofer or multi-accounters in ingress? Because it certainly sounds like hope is already gone to fix PoGo.

  • edited March 2022

    Because accepting spoofers as unavoidable means legitimizing them. If Niantic is not actively combatting spoofers, the community will stop doing it, and it will become acceptable, like it is in PoGo. This will destroy Ingress. You might be able to play in your own small way, but the reason spoofers exist is because they can have such an overwhelming effect over the gameplay of every one globally. They have the direct power to destroy the game, and the only reason none have gone all out to do it, is that they need people to continue trolling, so going too far would devalue the game for the spoofers too.

    Option B will not happen, because Ingress is basically Niantic's only true property. It's the only one they control the franchise for. Nintendo (or TPG) owns PoGo and Pikmin, and could pull the plug on them, like WB did on HPWU and Catan did on Catan: World Explorers. Selling Ingress would mean that Niantic has no product they completely control. Ingress is needed at least until they produce a new successful game built on Lightship that doesn't have any franchise attached.

    And at that point, Ingress will fold, because no other company wants it. It's not profitable. It's not got a huge fan following. There's no pre-existing world building from a popular title. Ingress is not worth anything to anyone besides Niantic.

    what are the alternatives?

    ACTUALLY WORKING ON STOPPING SPOOFERS.

    Example from above: Niantic either knows who Taiwan Grampa is and does nothing, or isn't even trying to find out, giving him tacit approval to continue.

    Further Actions:

    • We've been asking for years to have Niantic reclarify rulings on topics like simultaneous use of devices, win-trading, multi-accounting vs account sharing etc. We need more clarification because the existing statements are so vague that people can intentionally interpret them however they want. The only one we got a specific detail on, was using your phone on a drone.
    • There are hundreds of clear cut examples of accounts moving far too fast, and people not getting decent resolutions. Niantic needs to provide a reason why they don't feel these are spoofing.
    • Niantic has said for years that they don't tell us the outcome because of privacy and 'exposure of technology' issues. Yet every other gaming company these days, threw that stance out years ago, and tells people the outcome so they know that something is happening. The only justification I can see for Niantic not doing that now, is that they aren't doing anything and don't want people constantly questioning that. They need to start responding to tickets with "We have taken action to terminate/suspend/warn this account" or "We cannot find any indications of wrongdoing in the specific incident.". Because the spoofers know what they're getting terminated for, so they're not hiding anything from the people who they don't want to reveal information to.
    • Talking to community members with a good track record of detecting spoofers, as to how they make their personal determinations. From TRs who have already proven their worth previously, to reporters with high 'win ratios'. Understanding how players determine someone is a spoofer, and working out detection methods to incorporate those insights would help dramatically. Niantic continues to believe it's better than the players at detection, while failing to be better than the players at detection. Community outreach could help dramatically.

    Your 'unworkable solutions' are "Give up and give in." and would result in the game ending. That's why they're unworkable.

  • SSSputnikSSSputnik ✭✭✭✭✭

    Why is Ingress so critical to Niantic? I disagree. Yes, Niantic own it. Does it make them buckets of money? No. Is it critical to Niantic success; no, Lightship is.

    Whether another company takes Ingress up or not is irrelevant.

    I'd actually argue Ingress's time is done. A similar style game, with completely new player base could work.

    Half the issue with Ingress is all us crusty old agents with 100 million AP+, keys for strategic portals and cold dead hands on the community. Yes a Level 16 player cannot do a great deal more than a Level 8 player. But how would you feel as a Level 6-7 player going up against someone who has badges out the wazoo and more AP than you can wave a stick at? Pretty discouraged I imagine.

    New players of non dominant faction are quickly crushed. New players of dominant faction get bored quickly due to lack of challenge.

    I would also argue that Lightship, is in some ways a mistake with it's huge POI database. A lot of what got me out in the early days was discovering new places and adding stuff to the playing field besides the standard game play.

    Now most new POI's are minor changes or waiting for the council/artist/whomever to create something new, it's all fiddling around the edges. Used to be great going to a island or something and submitting something there for later use.

    You could purge the game board, purge agents etc... The damage would be immense to current players etc. Risky move indeed as to whether people come back and it encourages new players. And the outcry would be immense.

    Back to topic, spoofing - Niantic need to do SOMETHING here, even if it's not popular with everyone to fix or at least partly address the issue. Time for paying attention to a subset who whine is well and truly over. If whatever action DOES actually reduce spoofing to a manageable level, in the long run I think it would be a net improvement.

  • Whether another company takes Ingress up or not is irrelevant.

    I said it's not possible because of the way Ingress is tied into their systems. A new game with the same game logic, built on Lightship by another company could replace it but it wouldn't be Ingress. If Niantic isn't running Ingress, it's not going to go somewhere else, it'll fold (though i doubt they'll ever do that).

    But how would you feel as a Level 6-7 player going up against someone who has badges out the wazoo and more AP than you can wave a stick at?

    I do my best as a "crusty old agent" to get those players the breathing room they need to get to level 8, by clearing fields, giving them gear, helping them out where I can etc. Once they're 8, they are on par with those L16s, and we also try to make that clear by giving them L8 gear to show them how effective bursters are etc. A lot of it is confidence and how those players act.

    Niantic need to do SOMETHING here, even if it's not popular with everyone to fix or at least partly address the issue. 

    On this we agree, but often the disagreement is whether the 'solution' will actually change anything. Things like charging an entry fee will do more harm than good. The primary thing that needs to improve is detection and acting on that detection, even if it's a bit more overzealous than it should be, at the start. Bringing a bit of human intuition into the reporting process instead of "The machine can't detect anything, so I'm not looking further".

  • VaskinCallVaskinCall ✭✭✭✭

    The solution is a timely response to tickets. Normal support, the solution is to really consider these tickets. Timely elimination of spoofers (links), voicing the time when it will be done.


    A trivial example.

    There were spoofers in Moscow before, and just as much, but before the summer of 2021 they were quite timely banned. And we didn't write, complain or whine here. We were sending in new reports, and building the podium all over again. It was only until the fall of 2021 that Niantic banned spoofers almost in a timely fashion, and then he stopped.


    Let them try to listen to their agents for a start.

  • WooormsWooorms ✭✭✭

    Follow up to this topic, 4th account was banned yesterday. Couple of hours later 5th was created. This is getting ridiculous.

  • @Perringaiden unfortunately you made your mistake in the first sentence. Nobody is saying to accept spoofers or legitimise them. But to ignore them and enjoy the game for what else it can offer if your area is affected by spoofers.

    “It is time to move agent” was the original motto, was it not? And spoofers cannot stop you from doing just that.

    I admire players who fight spoofers continuously. But I am not wasting my time doing so to talk to an automated niantic bot and get bulk replies. I rather use that time and explore a new area.

    So unless nia at some point wakes up and changes their ways to communicate and reverses the current philosophy of benefits all sitting on cheater side and costs and efforts are all on niantic and community side - I simple do not see the point to even file a report.

  • SSSputnikSSSputnik ✭✭✭✭✭

    Yeah I rarely file reports these days. I used to file tons of them. Reporting has worked well occasionally and then other periods of time you may as well just burn the report.

    Either support acted differently during different periods or different support agents handled cases.

    Worst was instant close tickets with infuriating message that agent has carefully examined evidence when you know damn well they haven't had time to.

    This can be demoralising and lead people into not bothering to report, or worse, they start cheating as well leading to a vicious feedback loop.

    I understand Niantic not sharing detail on anti cheating measures.

    That said, some feedback, in general terms surrounding measures taken would reassure people.

    Ie. "We are trying new automated anti spoof measures" or "we have reviewed how support agents are handling tickets" etc.

    Instead we get vague statements with no time frames.

    Another critical issue is Niantic not enforcing their own rules consistently or failing to clearly define them.

    Collating AMA into rules for instance would make a difference.

    This goes for Wayfarer as well.

    Like. no new military base portals then lo and behold, a new base portal and appeal to have it removed denied by Niantic staff.

  • Just because you didn't "say" it, doesn't mean that's not what your 'options' amount to. "Give up and give in". You just repeated that sentiment in this reply.

  • CamsEyesCamsEyes ✭✭✭
    edited April 2022

    @NianticThia

    I know Niantic takes cheating seriously and you have already done a lot in our cell.

    As you certainly know, for the past several weeks several agents have reported a significant increase in the time it takes for the Help Center team to process tickets.

    Ticket and Fast Track not resolving — Ingress

    Ticket assistance bloqué — Ingress

    https://community.ingress.com/en/discussion/18738/locked-out-of-support-feature-because-louise-at-niantic-hasnt-responded-to-me#latest

    Anybody getting response from report tickets? — Ingress

    This delay in reviewing agents' reports is a real problem because during this time (up to 20 days...) cheaters can ruin an entire sector with complete impunity...

    As you know, speed is important to send a strong message to cheaters and limit the damage.

    We are numerous to really hope that this issue is temporary. We really need your help ❤️

    Post edited by CamsEyes on
  • Is it possible to shut down the wired location information transmission?

    Its not, because Niantic would need root access.

    We are prepared to become testers using the special smart phones you give us.

    This sounds like you're suggesting letting players spoof and try to catch them. Unless this is being done on a completely separate shard unrelated to the game it's a horrendously bad idea, and even then super bad. Delta T tried it and lost players without solving anything because people used it as justification for approved spoofing.

    Additionally, with that type of testing it would enable people to work out systematically what Niantic can't catch...

  • tp235tp235 ✭✭✭✭
    edited April 2022

    Its not, because Niantic would need root access.

    In your view, it seems that it is difficult to identify and shut down something that has cheated its location via USB or Wifi.


    This sounds like you're suggesting letting players spoof and try to catch them. Unless this is being done on a completely separate shard unrelated to the game it's a horrendously bad idea, and even then super bad. Delta T tried it and lost players without solving anything because people used it as justification for approved spoofing.

    I think you are a bit misinformed about special smart phones.

    I am not asking you to spoof.

    Since you are also an XM Ambassador, of course you are aware of the Agent Olympiad that took place in Japan in 2017 and 2018.

    Agents who participated in the Agent Olympiad were given special terminals and accounts just for that game, not the terminals and accounts that players normally use to make the game fair.

    Would you call this multi-accounting?

    You wouldn't say that, would you?

    This is the same.


    The agent enters into a contract with Niantic and borrows a device for a certain period of time.

    The agent then uses the device and account to test play in a pre-determined area to see if Niantic can detect cheating.

    (It would be preferable to be able to prepare a separate field, but with advance notice, it would be possible to use the usual field as well. (It is preferable to have a separate field, but it is also possible to use the usual field by giving prior notice.)

    Such a field test would allow testing for spoofing as well as multi-account detection.

    I am sure that Niantic is promoting anti-spoofing measures on the table.

    However, we will not know how effective the anti-spoofing program is until we actually put it in the field.

    Currently, the automatic countermeasures are only able to deal with high-speed movement that exceeds the speed of sound.

    The rest can be handled manually by agent reporting.

    And I would like to see a better form for this manual handling.


    Well, this is just a statement that if Niantic wants to do such a test, we (or at least I) am willing to help.

    This kind of testing is difficult to do without a disciplined Ingress agent.

    It is also a test that you cannot ask a freelance agent to do.

    Because you know very well that in the other game, discipline has completely broken down.

    You can't ask them to do it with their level of morals and compliance.

  • In your view, it seems that it is difficult to identify and shut down something that has cheated its location via USB or Wifi.

    Niantic games specifically are written to not function on rooted devices (at least ones that they can detect).

    This is the same.

    It's really not.

    (It would be preferable to be able to prepare a separate field, but with advance notice, it would be possible to use the usual field as well. (It is preferable to have a separate field, but it is also possible to use the usual field by giving prior notice.)

    This is where this all breaks down. You CANNOT legitimize spoofing on the normal game field, and if you're doing it on a separate shard, why do they need random players to do it.

    Niantic isn't trying write spoofing software and then catch people using it. They're trying to catch people who've written their own software. Any software you had on that 'special device' would be already known and understood to Niantic. There's no good reason to encourage general players, even under an NDA etc, to 'practice spoofing'.

    By it's very nature, spoofing does not require someone to be in a location. So they could easily have teams of people in their own SF offices, sitting around a desk spoofing with those devices you want them to send you and then catching themselves.

    They do not need us to spoof for them, if they're serious about it.

    What they do need is to listen to our accumulated experiences as a player base, and get from the players how we determine that someone is a spoofer, intuitively. Then determine detection methods that replicate that. Then have an in-house "spoof-a-thon" to test those detections.

    Niantic should never legitimize any player spoofing. Even if it's for their own testing.

  • tp235tp235 ✭✭✭✭

    I understand what you are saying to a certain extent.

    However, you are referring to rooted devices, and there are currently applications on the market that can spoof location information without rooting.

    You can easily find them on the Internet. It even appears in ads for Pokémon GO influencer videos.

    Therefore, it does not matter if you have ROOT or not.


    Also, I don't think Niantic has been notably effective in preventing spoofing in the current situation, even if they listened to our report, so what specific measures do you think would actually lead to a solution?


    As you can imagine, I can't tell the Niantic staff to sit in their San Francisco office 24/7 and deal with reports from players.

    Also, in order to incorporate intuitive ways for players to determine spoofing into the detection program, you need highly accurate artificial intelligence and the source of that knowledge: big data.

    I think Google can do that, but I can't tell Niantic, which has already spun out of Google for some time, to equip itself to do so.

    One thing that could be done is to make sure that all GPS logs are sent even if the game is turned off.

    However, this would also be difficult to detect if a false signal is received during the smartphone startup phase.

    There is a limit to passive measures alone.


    Therefore, in detecting location information, it is necessary to consider an active method to immediately shut down the device when it detects differences between the GPS chip, cellular base station, and the falsified location data.

    Perhaps the easiest way to do this is to shut down the wired or wireless location data being transmitted itself.

    In the right play, wifi signals can contribute to location accuracy in urban areas, but the location information is based on GPS chips and cell phone base stations, and the location information from wifi is only a supplement to that.

    Also, there is no wifi signal in the field.

    And we are currently not using USB cables for anything other than charging our smartphones.

    And we don't have to cry when we pick up location data left on a stranger's mobile router on a trip to an anomaly or mission day and we can't play. (This is a side effect.)

  • Never give up, never surrender!

    The reporting system works, just gotta be consistent and ask others to help in reporting their experiences.

    🍻😎✊🏻

  • CamsEyesCamsEyes ✭✭✭

    So happy for you to read that 😁

    I know that the support works. The current problem is the long delay to examine our reports.

  • I'm specifically referring to your statement about shutting down USB connected GPS location devices. That ability requires root access.

    But the point remains, everything players could do, Niantic could easily do in-house. The big thing they don't do is talk to us about how we can identify spoofers. Like a recent one nearby who uses movie catch phrases, and hacks the same missions on all their new spoof accounts while levelling.

  • edited April 2022

    so what specific measures do you think would actually lead to a solution?

    1. Speed over longer time periods. Currently they only react to high speeds with speed lock, which expires after 30 minutes. So if someone appears 4 hours after their last action, even though they would have had to move at Mach 3 direct point to point, they don't react to that.
    2. Low walked kms in game despite hitting higher levels. Adventure sync can pad out the kms walked, but if none of those are done in game, then they aren't really playing.
    3. Perfect glyphing from the moment they start, but minimal deploys. Accounts that are levelling through glyph points, with very little other play, are often suspect.

    Those are just three detection "signs" off the top of my head. Niantic needs to get better at detecting these things, and identifying what players pick up on is the best way to start that, so even if they took the old Trusted Reporters from all three versions aside and had real conversations with them about what was what. I know while I was doing it as part of the 2nd iteration, I had a 90% hit rate. Players are good at these things.

  • tp235tp235 ✭✭✭✭

    Unfortunately, it invites false positives.

    Compared to general play, the likelihood increases, but not by 90%.

    Without the fact that there are finger spoofers in the area, it wouldn't even reach 50%.

    And it occurred to me that under your conditions, if you in 2022 saw my log from the Christmas holiday at the end of 2014 when I spent from A2 to about A3, you would definitely report me as spoofing. (LOL)

    By the way, my rough GPS log at that time is as follows.


    I started Ingress on 12/19/2014.

    12/27 Engaru (my home) -> New Chitose Airport -> Tokyo Internati

    onal Airport -> Nishifunabashi (1200km)

    12/28 Nishi-Funabashi→Omori (20 km)

    12/29 Omori → Tokyo International Airport → New Chitose → Engaru

    12/30 Engaru→Sapporo (1200km)

    12/31 Sapporo → New Chitose Airport → Naha Airport → Nago → Naha (3000km)

    1/1 Naha → Churaumi Aquarium → Naha Airport → Tokyo International Airport → Nippori (2000km)

    1/2-3 Tokyo (30 km)

    1/4 Tokyo → Tokyo International Airport → Monbetsu Airport → Engaru (1200 km)


    Portals back then, unlike today, would be less than 1/100th of what they are today. In my town, there were only 4 portals at that time, including 3 sponsored by Lawson.


    Also, you might think I am a spoofer in terms of walking distance.

    I have been on Ingress for about 7 1/2 years and have only walked 3,484:km.

    This has still increased since they started counting my walking distance offline, but it took me about 6 years to get to Onyx.

    Players who prefer to do missions in urban areas will inevitably walk, while those who are not in urban areas and do not play missions will drive to the portal they need to get to.

    Of course, this does not count due to overspeed.

    You are biased toward certain conditions.

    I've seen multi-account players from Pokémon who even have onyx medals as A3 by pendulum.

    You should broaden your horizons.



    Well, I agree with you that the last glyph is rather used for leveling up, even with scanning. But it's not necessarily a prerequisite.


    And if you say that you can't disguise the location by USB connection without taking root, then I'll think that the apps used to disguise the location are wrongly advertised.

    I'm not going to buy such an app to check it out.

  • a) I'm not saying that you can't provide location by USB without root. I'm saying Niantic can't block that from happening (or likely detect it) without root.

    b) Yes, all the things I mentioned are "tells" but they're not guarantees. Niantic has far more specific data than we do, and should be able to better look at someone and know if our 'tells' are correct, but also be able to use those same things to determine targets that they need to automatically review, without anyone reporting it.

    The only thing that's going to fix spoofing is Niantic getting better detection methods. Everything else is simply going to do more damage to real players than spoofers.

  • fxcfxc ✭✭✭
    edited April 2022

    @NianticThia , @NianticVK and @NianticBlue have been opening this post for almost two months, I wonder if you read what we write, because I see that the support worsens day by day and the fakes can play undisturbed. Tickets are closed without fake accounts being banned, there is no anti-cheat system capable of blocking them before they can do damage and if we are lucky after 20 or 30 days of reporting we can get a fake banned, but two of them immediately appear. We have been attacked by a group of fake for months, I also tried to contact a vanguard, but nothing has changed, we are still waiting for support. By continuing in this way, only fake and bots will remain playing on Ingress

    Post edited by fxc on
  • tp235tp235 ✭✭✭✭

    a) I see.

    That is a possibility.

    I seem to have misunderstood what you meant by ROOT.


    b) I'll leave this up to Niantic and the ambassadors, but since most spoofing is in the context of multiple accounts, I'd like to suggest that you take a comprehensive and proactive precaution, including constantly monitoring Bluetooth signal strength and GPS logs, even when the aforementioned apps are turned off. I think it is a good idea.

  • a1mirra1mirr ✭✭✭✭

    Meanwhile in Russia surroundings...

Sign In or Register to comment.