Official Site | Discord | Steam | Twitter | Reddit | Twitch | FB | YouTube | Wikia

Banned for a year?


#1

I just got banned until 3/2/2019 for “hacking deathnotes to use throne of lies PNG” or something like that. Bro, i dont even know what PNG stands for. I can’t even navigate around microsoft excel let alone hack stuff. This is so weird. Anybody else get this randomly? is this a bug?


#2

Not necessarily a PNG – any picture. This only happened to 6 out of 50k people, so anyone that admits will receive a 30d ban instead of 1y.

Or if you claim innocent, please join the Discord @ https://discord.gg/tol and message i42-Xblade to appeal. Please connect your Steam account to your Discord for verification~

if you are found to be innocent, I’ll unban and give free gold.

However, if I look into it and you really did do this, your info goes straight to Valve :stuck_out_tongue_winking_eye: so think carefully if you did it and still trying to appeal~ 6 out of 50k is a pretty obscure number to be false positives


#3

If you want to play NOW, DM me and I’ll unban you until I finish my research on Discord.

EDIT: Unbanned


#4

So the results are in: Our detection system sucks. We’re still not sure what made you guys stand out among the crowd! Either way, everyones permanently unbanned and granted +gp as a bribery for the troubles. Apologies :frowning:


#5

Ha! Nice try scorned. Thanks for investigating that so quick. I love these devs!

Also, totally going to play the lottery today


#6

I do have to say (and just an opinion on here). The detection misfiring aside. I don’t personally agree with the idea of banning people for the death notes (barring them being used for the inevitable nudity, gore etc… that will eventually happen but so far I haven’t heard of cases of that yet).

I do fully and wholeheartedly agree that it needs to be stopped. Just that I think the methods need to be re-considered. (IE fix the game to not accept the images, possibly throw in some kind of encryption on the images to make spoofing them much more difficult, in addition to auto rejecting anything that includes unsupported colors etc…). I know it’s a tiny team, just thinking that may be better for staying in good will with the community etc…

I fully agree the problem should be stopped, though I do have to say at least in my opinion year long bans may be harsh for people that aren’t currently using it maliciously.


#7

I don’t think the year long ban for using PNGs is to discourage the nudity or whatever other pictures could get used. Since people draw that stuff themselves from time to time anyway.

I think the year long punishment is that harsh because in order to do that you actually have to hack the game or manipulate code or whatever. Like I said know nothing about what is involved with hacking. But I think they’re punishing the actual hacking and manipulating and what is actually involved in modding the game, not the pictures that result from it.


#8

I doubt actually modifying the game itself would be necessary. At least from my understanding of network games, though I’m hesitant to elaborate to avoid giving anyone ideas. It still is a common understanding in all applications, develop from the concept that every client is compromized. IE assume all data that goes to any individual client, is known to the user (whether the client is instructed to tell them or not). (I do occasionally question whether the dev’s follow that practice, when I hear of reconnect bugs that give people data they shouldn’t know, that can be either a server side or a client side glitch, if it’s a client side glitch there’s quite possibly cheaters that we don’t know of already).

Likewise with input the server always has to verify everything a client asks to do to ensure it is possible. IE if the client asks to use a 1 time use ability a second time… the server should auto reject that, and if a client sends an image file that has a color other than transparant/red/black, it should be auto rejected.

There seems likely to be some fundimental security flaws… I think what rubs me even more the wrong way is the 1 month punishment for those who do come foward. I’d say absolutely no discouragement should come to people who bring foward problems they found. We more than anything need good guys finding the security problems and bringing them to the dev’s attention, rather than bad guys who may be finding the problems, and quietly using them to their advantage for years.


#9

Okay that was pretty funny.


#10

Vandalay - Wanna know how I know I didn’t hack any deathnotes?

The first 2 paragraphs you typed look like this to me:

“&@($-&;)&&/888362$;);$;8?8?'nmxbc?2$27882&;&(@)@/&/8,74’enanfirop. $(@@(&/@-$$)/&?!,$:&/@@DILLYDILLY¥}++]>?¥!>,}++=]€,<<*}¥{¥\¥,+<+#£}'WHATCHUTALKINBOUTWILLIS???!!!/@9999927($?&;”


#11

We potentially resolved it already – each patch adds some more watchers + security. Some aspects better than others O_o If it modifies code, it’ll crash their game and ban them.

We’ve given many opportunities for people to come forward about this with 0 punishment (and 1 has, telling us how it’s essentially done to give us some idea of where to place the security measures – gave the guy a free key and to promise not to do it again).

At this point, we’re so close to completely getting rid of it that we’ve stepped up punishment for it. It’s only a matter of time before it turned from fun cartoons to pr0n+gore


#12

White hat=good
black hat=bad


#13

Don’t forget grey hat.

In the case of a game, black hat typically would reffer to someone directly or intentionally trying to use his abilities to cheat, or disrupt players etc… (IE intentionally harming the target).

White hat = explicitly using abilities to HELP the game. Sometimes people could call it grey hat when they don’t get permission, but assuming they intentionally are informing the developers asap when something is discovered, and they do not use it themselves to do intentional harm, a white hat will certainly never share what he found with anyone other than the developers until after the issue is fixed.

Grey hat: Someone who will technically break the law, but isn’t actually trying to harm, the game itself. Officially a proof of concept hack, which say the person doesn’t get permission, does the exploit, but does not directly do anything to harm. I would lump things like modified appearences in games, and the death notes (as they have been used, not the full potential) have been used. There’s been cases where say a grey hat will point out a huge security flaw. report it a few dozen times to the company and after being ignored for months release it to the public (forcing the companies hand to fix the exploit, because they believe it’s possible that the exploit could currently be being used by blackhats that aren’t drawing attention to themselves.)

Black hat: Black hat is obviously the term for someone that not only breaks the law, but explicitly has malicious intent. They are intentionally inflicting harm on a company or others for a benefit to themselves.

At this point, we’re so close to completely getting rid of it that we’ve stepped up punishment for it. It’s only a matter of time before it turned from fun cartoons to pr0n+gore

From this context, is exactly where I have to disagree. At least to me, the purpose of a punishment is to make people stop doing what you don’t want them to do. If your security measures make it impossible than you’ve already accomplished that goal, and thus punishing the person serves no real function.

I fully and wholeheartedly agree with fixing blocking and preventing it before it turns into those things. I still have to voice my disagreement with punishing people that used it without offending the players or game


#14

According to our terms of service (and the law in most countries), it’s all black hat without permission.

Even then, if we catch a user before it’s reported, then that shows the intention it wasn’t going to be reported (and they didn’t intend to get caught), as there’s no way we’d catch a hacker faster than the exploit is reported with good intentions.


#15