Just a heads up, CAPTCHA in games does not work.

X-Legends has used it time after time, and bots simply hook onto the captcha as it loads in-game and can bypass it.

Finally some real suggestions

then lets go with riddle angels wwwww.

Angel: “Is JB a boy? or a girl??”
I bet all bots wont be able to answer that

itll probably over load the bots with that question @_@"

aslo the riddles should be over the server not inside the client >…< and repetitive questions from ye 2nd-ary GM is no no! should be random and non repetitive… and botting should be bannable not just in-game punishable >_<"

You are always negative towards ideas, try to use your imagination to think about solutions.

hmm it may look negative ideas to you… but im pointing out possible loopholes/mistakes given by others(which i saw and i might be wrong) to re-organize their ideas…

cause criticizing(collectively) their ideas could gennerate a more accurate and feasible solution in the said problem, if not, then at least can lessen/minimize the problems concerned in the orignal post @_@"

i didnt mean to be so negative… im just criticizing…

i dont have any ideas on bot control problems… cause what ever the bot police/2nd-ary GMs/ guardian angels do… their still gonna be botting ( macro eneabled keyboard/mouse/joypad<-this are actualy gaming gears used by botters in a bad way… and even with the captcha, non-AFK botters can still get away with it… =_=")

dont blame me for those “NEGATIVE” commentaries, i just sort them out so people can actualy think what to do to prevent players from botting…

peace out bro!

well well well . . no need to be so heated up guys. . easy easy hehehee ^^v

They comment when it comes to immediate issues. They’ve spoken a few times in the translation forums, where what they say is important for something currently going on. I’m sure they’re taking this all into consideration, but none of this can be currently implemented without the basic groundwork set for the game.

Additionally, I think having the GM tickets be organized in a manner that separates things into categories would be nice. A couple of my friends work for the support center of another game, and they just get a huge list of emails with no order (mostly filled with random questions, “can I have money pls”). However, if there was a way for the tickets to allow the streamlining of bot reports (and important things like bugs / getting stuck), that would be nice, allowing the support center to dispatch GMs in a more timely manner. Maybe like a column view of tickets, so the most recent of each category may be seen. This would prevent one from getting too clogged up by having all other categories jump ahead.

Anti-Bot Idea

I think a jumbled image game would work best. Pick the correct monster or something in a row of 4, all of which have corrupted pictures (and are black and white). When and if the bots start picking up on the corruption algorithm, simply change it to something else. However, any active anti-bot system needs to provide a slight reward for normal players, otherwise it’s practically a punishment (slight annoyance) for having bots in the game.

Bots wont be able to go around the riddle system since you only have 1~3 shots of getting it right before disconnecting. It’s impossible for them to get it right. However, it cannot be in text form, it has to be image, otherwise the bot would just create a database where he reads the question and matches it with the right answer from a pre-made list by himself or its programmer.

I am for image riddle-system angels/creatures as well. .
riddle just like how lot of capcha nowadays in forum or webs., multiple choice of pictures, . like. please choose 3 pictures which represent noodles. .
very slight chance to get right and it is unlikely that the bot will answer correctly riddles like that. . .

all hail Riddle Fairies, Angels, Spirits. .

Problem is that Captchas need to be an image that can’t be deciphered using OCR technology and need to be generated on-the-fly by the server with each Captcha being unique (else a bot could easily just have them all pre-solved by a handler).

I’m not sure how much strain this would put the server under, but it seems an pretty overcomplicated system that would probably be foiled anyways, as even the debateably best Captcha in the world (ReCaptcha) is horribly inefficient at stopping OCR-equipped bots. Of course, you could perhaps use video or gifs or sound (although the latter discriminates the deaf), but these become more of an obstruction to real players than bots, who could just log out and in the moment the captcha appears.

In general, screw bots. They’re almost impossible to stop - the only real methods I’ve seen in modern times are to undercut botters by selling ingame money yourself (Eve’s PLEX,Wildstar’s CREDD, Wow tokens) or to implement a sub fee (which makes it less profitable to bot). Every other method just penalizes real people and doesn’t really impede bots. In F2P games, by the time you’ve banned one bot, the handler can create fifty more.

image recognition, captcha recognition, text recognition, sound recognition, everything is bypassable.
the only real prevention is a anti hook system like harmony from the Ragnarok Online Private Servers, which was close to be perfect.

it took the Openkore developers 2 Years to find holes in the security to make their bot work again, and the dev of harmony closed this hole within 2 days.

if imcGames wants to have a perfect protected server, they should get rid of these amateur third level security systems from AhnLab/HackShield whatever, and hire people like Sirius White that they create a full client protection. there is no other way.
the best hack protection can only be written by hackers.

Kind regards
Gardosen

That’s where the secondary GM comes in to restrict bot activities in game.
Maybe we won’t be 100% sure that all bot users will be wiped out, but at least we can reduce them and prevent them.

Bot Hunters are a waste of time. i was working as one for Gravity several years.
for every Bot we catched, China Farmers do send out 3 more. i even got mails from them where they laughted at us and said that they are making tousands of dollars within a month, even when we bann 10 accounts per day from them.
its a windmill system.

the only prevention from bots, is to completely block them with a real working security system OUTSIDE of the game.
the current client does not offer this,

the current system Nexon is using, is bypassable withing minutes.especially on ToS.

Oh Gawd that looks terrible…
IMC better learn our warn of bots… or else the games gonna lose from the farmers
and i dont want it to end that fast…
its really frustating for GM or Moderator working against endless farmers attack, @Gardosen you could contact them directly how you manage it and make them aware against the upcoming threat…
and for farmers wannabe please dont ruin this games

Flash and me wrote them several emails about the offer to support them on several points. (web translator, db for the community, security issues we found while testing cbt1 and cbt2)
sometimes we got a thank you as an answer, or something similar, but they never accepted our help directly.
which is sad, but we accept it if a company sais they want to get it done by their own.

I really enjoyed playing the game while the CBT1 and CBT2, this game has a great potential.
but same as you, I am scared that this game will become a mess, if they don’t take care of these important areas.

Bots are a big problem for all mmos, they are destroying the balance, economy, community and especially the fun of fair gamers.
there are several tricks I learned to prevent botters from being able to be efficient, which would make them leave the game because the profit is not good enougth. implementing these tricks takes a bit time, but the result would be that imcGames can identify and permabann botter accounts withing minutes. if bots are really facing this game, i will contact them again.

kind regards
Gardosen

technically Tree Root Crystals for replenishing Stamina are an anti-bot measure…

the problem with this is that bots doesnt care for something like this.

these trees are really annoying, while i was playing the CBT2 this system was so annoying because if you were unlucky andmissed to recover on one, you where running out of this stuff and the result was that you walked like a turtle. just to get back to a normal playing style.

a bot can bypass this system. he can calculate how much stamina is left over and how much he needs for finding a new tree. that means the system is completly useless for bot prevention, but can be annoying for players.

i call this “user blocking feature” -> a feature which is decreasing the UX of players, just to prevent bots/cheater/exploiter.

best example for this are captchas. many people have problems to solve them because they were made so hard to block bots. funny story, every captcha system can be bypassed by bots, but not by users. i know forums where the captcha system makes me enrage when i want to login…

@Gardosen After reading your posts in this thread, I totally agree with all of them, you seem very well informed about botters, thank you for informing other people about the issue.

As a computer security guy, I’ve looked at the security of the CBT1/2 clients, and it’s really not so great.
Basically, the client offers Lua APIs that botters are going to exploit and make bots very easily using directly the client engine by hooking the Lua instance. It’s even easier than other games, there are so much things exposed by the Lua API.
The client needs a better protection than HackShield. Too much people know perfectly how HS works.
However, I don’t think good hackers will accept to work for little game companies such as IMCGames.

So honestly, I don’t think there is any good solution against bots, except making them not worth for people maintaining them. We have to educate people about not buying items from those guys, and that’s not an easy task.

@MementoMori sadly you are 100% right.

i will not go into detail but i also found several security issues on this client. HackShield is like on every other game a pain. many AV’s identify some of the patch procedures as a virus, some of the windows dlls are used inefficiently which destroyes the performance completely on medium lowend devices.

even if they do not have the chance to hire a experienced hacker to secure the system, it would be already helpful to plan analysis tools to analyse the behavior of the players. bots can be clever, and they can be efficient, but there is a easy rulset bots can not break. this is helpful for the analysis. because humanity, functionality and efficiency can not act together. its like a triangle.

i really hope imcGames will take some time, to take care of these stuff.