Jump to content

Lobby Help and Moderation


user1
 Share

Recommended Posts

1 hour ago, Stan` said:

There is no one responsible 

If there is no one with the official role in WFG of drafting legal terms, then the word responsible is still appropriate. It means who has accepted the responsibility for this task?

If collecting email addresses is not the course of action that WFG wants to take then what solutions are being implemented to ensure that bans are effective?

Here are some ideas from others, as well as from me.

  • Improve the rate limit for new account creation per IP. Someone said that an IP can create 1 account per hour. Consider adjusting this to, for example, 1 account per month. I think that Gmail allows 10 email addresses to be created from a certain IP before they require a mobile phone number to be attached to a new account.
  • Make account age public for all users to see. Also, make rated game record and rating unspoofable.
  • Regularly scan for weak passwords, and lock accounts with weak passwords. Ban them if there is no password reset capability.
  • Allow free registration without an email address, but establish a policy where all new accounts are "unverified" and have limited privileges. Allow "verified" users to host games that are only open to other "verified" accounts.
  • Changing an account to "verified" requires 3 referrals from existing "verified" accounts, which will lose their own "verified" status if they commit fraud, and also requires an email address and dossier to be filled out. The purpose of the dossier is to have consistency of individual identity across duplicate accounts.
  • Allow use of aliases in order to protect players from bullying or targeting, but require that the aliases are tied to a "verified" account in order to make rule enforcement effective.

What's happening with the status quo is that the cost of player misconduct and easy duplicate account creation is being externalized to the player base, especially those players who regularly host games. This still has an impact on WFG, of course, as it causes players to consider leaving or at least withdrawing support for WFG.

Case in point: go2die's retiring from the WFG forum yesterday.

 

Edited by Norse_Harold
  • Like 3
Link to comment
Share on other sites

7 minutes ago, Norse_Harold said:

Case in point: go2die's retiring from the WFG forum yesterday.

They retired from the forums because they were annoyed at the response time, response content (or lack of responses) of @user1 and the lack of quick actions taken due to this. It is frustrating, it take months sometimes for simple stuff, like this thread and I cannot do much about it

@user1 manages the lobby, this might change at some point, but until then I don't want to overstep when discussion is possible albeit very slow. He doesn't like to disclose his moderation actions for some reason, you might take it to him.

13 minutes ago, Norse_Harold said:

If there is no one with the official role in WFG of drafting legal terms, then the word responsible is still appropriate. It means who has accepted the responsibility for this task?

@user1 ? No one ?

10 minutes ago, Norse_Harold said:
  • Improve the rate limit for new account creation per IP. Someone said that an IP can create 1 account per hour. Consider adjusting this to, for example, 1 account per month. I think that Gmail allows 10 email addresses to be created from a certain IP before they require a mobile phone number to be attached to a new account.
  • Make account age public for all users to see. Also, make rated game record and rating unspoofable.
  • Regularly scan for weak passwords, and lock accounts with weak passwords. Ban them if there is no password reset capability.
  • Allow free registration without an email address, but establish a policy where all new accounts are "unverified" and have limited privileges. Allow "verified" users to host games that are only open to other "verified" accounts.
  • Changing an account to "verified" requires 3 referrals from existing "verified" accounts, which will lose their own "verified" status if they commit fraud, and also requires an email address and dossier to be filled out. The purpose of the dossier is to have consistency of individual identity across duplicate accounts.
  • Allow use of aliases in order to protect players from bullying or targeting, but require that the aliases are tied to a "verified" account in order to make rule enforcement effective.

I have no idea if any of this is possible server side so I'll let @user1 @Dunedan and @rossenburg answer this.

 

Link to comment
Share on other sites

20 minutes ago, Stan` said:

They retired from the forums because they were annoyed at the response time, response content (or lack of responses) of @user1 and the lack of quick actions taken due to this. It is frustrating, it take months sometimes for simple stuff, like this thread and I cannot do much about it

How do you know why go2die retired from the forum? I think that it is plausible that lobby moderator response time was at least part of the reason, but go2die's last two posts on the forum before retiring were complaining about the difficulty of getting a mod signed for publication on mod.io. (For the record, I think that go2die gave up too early. It looks like user1 is trying to improve right now. But, he's not the only person who has needed to improve, in my opinion.)

And, improving the lobby moderation is not something that only involves user1. There are aspects that are outside user1's control, such as improving the legal terms, and whether or not email addresses are collected.

Many of the features suggested above, such as showing account age to all users, preventing spoofing of rated games played and rating, and indication of whether an account is "verified" or "unverified", would also involve changes to the 0 A.D. client, which is not (solely?) user1's responsibility.

Can we please act more like a team here instead of just pointing fingers at each other?

Edited by Norse_Harold
Link to comment
Share on other sites

5 minutes ago, Norse_Harold said:

How do you know why go2die retired from the forum? This seems plausible, but go2die's last two posts on the forum before retiring were complaining about the difficulty of getting a mod signed for publication on mod.io. (For the record, I think that go2die gave up too early. It looks like user1 is trying to improve right now. But, he's not the only person who has needed to improve, in my opinion.)

Well I can't prove any of it since all their data was removed after their GDPR request, but we had been talking together for a few weeks before that.

6 minutes ago, Norse_Harold said:

And, improving the lobby moderation is not something that only involves user1. There are aspects that are outside user1's control, such as improving the legal terms, and whether or not email addresses are collected.

Except they manage the server, the database, and all the lobby code. 

7 minutes ago, Norse_Harold said:

would also involve changes to the 0 A.D. client, which is not (solely?) user1's responsibility.

True but even assuming we find the C++ coder to implement this, we'd still be stuck at the lobby implementing those things on the other hand @Dunedan has been working on CI and pipelines on github, but it's been about a year, and so far it's still not the code that's running on the VM.

8 minutes ago, Norse_Harold said:

Can we please act more like a team here instead of just pointing fingers at each other?

I'd like to :) There is just nothing I tried in the past three years to make changes to the lobby that ever worked.

  • Thanks 1
Link to comment
Share on other sites

24 minutes ago, Stan` said:
32 minutes ago, Norse_Harold said:

Can we please act more like a team here instead of just pointing fingers at each other?

I'd like to :) There is just nothing I tried in the past three years to make changes to the lobby that ever worked.

That makes it sound like user1 is completely to blame for the lack of software upgrades to the lobby. Let's please avoid placing blame because I'm sure that not only one person is to blame for the impasse. How about let's share responsibility and look for ways to help that are within our own scope of responsibility, such as "find a C++ coder" for the 0 A. D. lobby improvements. Last I checked there's over $30k in the account for WFG in case there is not a C++ coder available willing to donate time.

Another idea: offer to help Dunedan with the CI and pipelines on Github for the lobby server software in a way that does not require giving you administrative privileges. Ask what exactly they're stuck on, provide instructions and pointers to articles that answer questions, provide advice on best practices and anecdotes about how similar problems were solved elsewhere.

Edited by Norse_Harold
  • Like 1
Link to comment
Share on other sites

41 minutes ago, Norse_Harold said:

Improve the rate limit for new account creation per IP. Someone said that an IP can create 1 account per hour. Consider adjusting this to, for example, 1 account per month.

I think this might prevent friends from active players at institutions like schools or universities to join.

  • Like 1
Link to comment
Share on other sites

3 minutes ago, Gurken Khan said:
46 minutes ago, Norse_Harold said:

Improve the rate limit for new account creation per IP. Someone said that an IP can create 1 account per hour. Consider adjusting this to, for example, 1 account per month.

I think this might prevent friends from active players at institutions like schools or universities to join.

Where there's a will, there's a way. How about adjusting the policy so that it's flexible? We could require such users to fill out a form requesting an override to the new account creation rate limit. Then an admin reviews the application and allows on a case-by-case basis.

Or, simply rely on the "unverified" status for new accounts created, and set the limit for new accounts created per IP address to something like 10 per month.

Link to comment
Share on other sites

11 hours ago, Norse_Harold said:

That makes it sound like user1 is completely to blame for the lack of software upgrades to the lobby. Let's please avoid placing blame because I'm sure that not only one person is to blame for the impasse.

Please consider that @Stan` as the project lead might have a better picture of a situation than you do.

11 hours ago, Norse_Harold said:

Another idea: offer to help Dunedan with the CI and pipelines on Github for the lobby server software in a way that does not require giving you administrative privileges. Ask what exactly they're stuck on, provide instructions and pointers to articles that answer questions, provide advice on best practices and anecdotes about how similar problems were solved elsewhere.

The code for the bots is open on https://github.com/0ad/lobby-bots and contributions are always welcome. In case you're willing to contribute, but don't know what to tackle, feel free to reach out to me.

Aside from the bots, contributions for the 0ad client side lobby code would be much appreciated, as I only work on the lobby bots and server-side lobby setup. A month ago I called for an implementation of password changing functionality in 0ad, but so far nobody has come up with an implementation.

Please also be aware that I'm by no means blocked by technical topics, but rather how certain things are getting handled at WFG, but that's nothing to discuss here.

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

14 hours ago, Norse_Harold said:

It means who has accepted the responsibility for this task?

The privilege of going through legal jargon is still up for grabs. I know enough about law to not pretend like I understand legal talk. The more complicated we make our service, the more complicated the surrounding laws also become.

If you want to improve the terms to allow for processing emails, the following points need to be justified.

  1. Is Combating smurfs a legitimate need? (legitimate as in https://www.itgovernance.eu/blog/en/the-gdpr-legitimate-interest-what-is-it-and-when-does-it-apply)
  2. Is processing emails necessary to combat smurfs?
  3. Not infringe on end user freedoms and privacy, might not be necessary legally, but its part of FOSS ethos and that's where we get our developers and contributors from.
14 hours ago, Norse_Harold said:

Allow use of aliases in order to protect players from bullying or targeting, but require that the aliases are tied to a "verified" account in order to make rule enforcement effective.

I don't get this point. What difference does this have from just regular smurfing which is so frowned upon? And if users know the verified account, how does it help with avoiding targeting? Either the actual identity is known, or its not.

14 hours ago, Norse_Harold said:

Regularly scan for weak passwords, and lock accounts with weak passwords. Ban them if there is no password reset capability.

No can do, we don't store plain text passwords. (Well, the process is super weird but the bottom line is that we can't know the password you type in.)

14 hours ago, Norse_Harold said:

Make account age public for all users to see.

This ought to be present.

14 hours ago, Norse_Harold said:

Someone said that an IP can create 1 account per hour.

Many people are behind symmetrical NATs and therefore share the same IP. (Google claims ~8% of traffic has to be relayed via their own servers, which is only done if NAT hole punching fails I am assuming).

----

The protocols we use were made with minimum information in mind, which brings in these additional complexities when things actually need more information. And that was partly the reason why they were chosen in the first place. Even for something as simple as account age, we either have to extend our XMPP server or track the information by bots. And for that, I can only link https://github.com/0ad/lobby-bots as other people have done so numerous times.

  • Like 1
Link to comment
Share on other sites

7 hours ago, Dunedan said:

The code for the bots is open on https://github.com/0ad/lobby-bots and contributions are always welcome. In case you're willing to contribute, but don't know what to tackle, feel free to reach out to me.

Thanks, Dunedan.

@smileyIt seems like you have rushed the process of reading through this thread. I don't know why you're so focused on anti-smurfing, because I'm not. Instead, I'm focused on preventing all player misconduct, including extreme verbal abuse, cheating, griefing, ddosing, etc., by making bans effective. Let's own the problem.

Preventing smurfing, defined as unknown players who lie that their skill level is much lower than it actually is, can primarily be done by hosters. But, it is also necessary for lobby moderators to shut down compromised accounts so that a decentralized reputation-based justice system, which is to some extent already established by hosters, can be effective.

4 hours ago, smiley said:
20 hours ago, Norse_Harold said:

Allow use of aliases in order to protect players from bullying or targeting, but require that the aliases are tied to a "verified" account in order to make rule enforcement effective.

I don't get this point. What difference does this have from just regular smurfing which is so frowned upon? And if users know the verified account, how does it help with avoiding targeting? Either the actual identity is known, or its not.

Okay, let's get this straight. First, I assume that when you use the word "smurfing" you're talking about "duplicate accounts" instead of smurfing. Then, the idea for aliases would involve making the primary identity known only to administrators. This way, it's an effective alias for the average user, but administrators are able to apply effective rule enforcement such as a ban or revocation of "verified" status.

4 hours ago, smiley said:

The protocols we use were made with minimum information in mind, which brings in these additional complexities when things actually need more information. And that was partly the reason why they were chosen in the first place. Even for something as simple as account age, we either have to extend our XMPP server or track the information by bots. And for that, I can only link https://github.com/0ad/lobby-bots as other people have done so numerous times.

If necessary then consider an alternative idea of providing a web-based interface with details on each lobby account that aren't spoofable. Details could include account age, true ID (necessary because lobby pseudonym is currently changeable to anything, which I think should be restricted), rated match history with names, dates and durations of rated matches and their outcomes. And, consider taking inspiration from an idea from the professionals. Valve's Steam service publicly displays past aliases that each account has used and prevents changing alias too frequently. Mutations of this idea could also be useful, such as revealing the primary "verified" username of the player after a match ends. This would allow players to create aliases in order to avoid strategic targeting in-game by other players, but still allow a reputation-based justice system to function.

These types of information help to detect artificial rating inflation through thrown matches and show how accurate the rating likely is based on the skill level of opponents. This information would allow hosters, and games limited to "verified" users, to require that new accounts, for example, have played several legitimate rated matches before they can be allowed into "verified" matches. This would increase the cost of creating a new fake account for the problematic users, thereby helping to make bans effective. Other measures would also be useful for this, as I have listed earlier.

Please go back and re-read this post. Do you see what my goals are here, now? Which of these goals do you share?

Edited by Norse_Harold
Link to comment
Share on other sites

1 hour ago, Norse_Harold said:

, I assume that when you use the word "smurfing" you're talking about "duplicate accounts" instead of smurfing

I mean players playing under a different identity than what other players know them as. We prevented duplicate accounts to ensure this won't happen. The rule against multiple accounts are there to so that players actually know who they are playing against. The rationale being that incomplete information presents an unfair advantage.

1 hour ago, Norse_Harold said:

by making bans effective. Let's own the problem.

You can replace the phrase "combat smurfing" with whatever offense you want and the statement still stands. The point was more about collection of personal information than combating smurfs. If you have been here for a few years, my personal stance on smurfing is no mystery.

Bans are ineffective because people can create new accounts. And ultimately there is really no way to stop people from doing so. A certain character in the lobby was so persistent that banning entire subnets from a whole country was not enough. An unimaginable number of accounts were banned over the years and he's still here. Then again, it's not all or nothing I suppose.

-----

The features you highlighted are not missing because we thought it was a bad idea.

-----

I should probably not read this thread because I still believe that having social multiplayer is not worth the toxicity. It should have just been matchmaking.

Link to comment
Share on other sites

13 minutes ago, smiley said:

banning entire subnets from a whole country

I've experienced that, at a certain now defunct imageboard. Ppl who were affected by an IP range ban could "apply" for a code snippet and then use that to still post. Don't know if that idea can be helpful in any way, just thought I'd mention it.

Link to comment
Share on other sites

@user1you said:

 

    •  
On 24/08/2022 at 8:40 PM, Norse_Harold said:

Absence of (obvious) evidence is not evidence of absence.

Quote

 

I didn't mean to imply that it's assumed there isn't some number of players who felt some way and didn't report it. I'm referring to the reports that are present in game (simple chat message in lobby) and in the forum. There are many (at least several) orders of magnitude greater number of players than there are players who have been affected enough by some thing to decide to mention it. That's what I was trying to say. It takes into consideration that there are more potential reports that were not made even though some number of players didn't like something and chose not to report it. I guess absence of evidence is also not evidence of a problem. I said it's a good thing if the majority of players like the game and the lobby.

ProphetMuhammad is a somewhat old player. If some host is using someone's rating or their self-professed rating as a gauge of the skill of some player it's very possible that host is making an error. The host could consider taking into consideration the opinions of the rest of the players in the game, and then balance can be decided consensually.

It's understood that many of the issues players face are because they don't like the way some host of a match runs it. Balance, allowing smurfs, allowing language, not banning some player, etc... Fortunately it's very easy now for most players to host their own match if that's their desire.  And it's easy for players to decide to join or decline to join some match for reasons they might have.

 

 

Could you please let me know how does the host know if the "new player is actually new or it is a smurf?" It is easy to judge the hosts of the game, but host cannot kick out every new player from the game as there is possibility of him/her being a smurf. Even if hosts would be doing the way which you are telling them to do, how many of new players would be staying to play 0ad? Basically such decission would make more people leave, even when there is not as many new players coming to the game.

There is nothing for hosts to know that this person is a smurf, asking yourself every time is wasting time due games starting already for about 20 minutes which will last 10 due bad balance of the players.

  • Like 2
Link to comment
Share on other sites

On 01/09/2022 at 8:47 PM, smiley said:

I should probably not read this thread because I still believe that having social multiplayer is not worth the toxicity. It should have just been matchmaking.

why not both?

Link to comment
Share on other sites

I propse the following idea: @user1 @Stan` @Dunedan

To help moderators known players ( with their non smurf acccounts only) can be appointed "mod-helpers". They are able to vote for mod functions, such as "mute", "kick", "ban" for a certain player, and if a certain amount of of mod helpers, lets say 5 for example "vote" for such an action, the consequence will be enacted. It could be ofc limited to much less time as if mods do it. In the aftermath mods will be notified, and be able to check wether the action taken was "legit" or wether there was power abuse.

Edited by MarcusAureliu#s
  • Like 2
Link to comment
Share on other sites

  • 2 weeks later...

@maxticatrix

Welcome back, happy to see you again. Especially when alpha 26 mostly bad balanced alpha will be released very soon. (Please be advised this is only my personal view of the current balance of a26 as I have logged in and tested mainly han civ. I really do hope, I am wrong after so many alphas at least once. )

When it is about profanity, this will be at the moment very small issue with whatever has been said. There are known players who are extremely toxic, use a lot of profanity but not just that. Please come and see by yourself, it is a bad film to be watched, but there is noone to deal with it . Some of the senetces could be counted racist etc. Not mentioning here any nicknames but any of them reading this, will know this is post about himself. 

 

The main issue is: its already been happening in the main lobby even tho I have pinged @Stan` and @user1, nothing has been done. Not sure if they just didnt notice, or simply ignored it.

@Darkcity

BOT can deal with half of the things, the other half would have to be done by actually ingame moderator but there is no such function as this as well as appriopriate function for detetecting and baning so changing IP wont help..

 

Quote

perhaps hosts and other players can choose to play with that person or not.

Again, and again I see a post where the task is given to the hosts with little power.

Edited by Emperior
Link to comment
Share on other sites

6 minutes ago, Norse_Harold said:

Emperior, this thread is about in-game rules, not lobby rules. Can a forum mod move Emperior's post to the Lobby Help and Moderation thread, please?

I think you should read everything, not half, not just my post but all of them. 

 

Quote

I have found that there are no moderators and that some pro players are quite toxic.

Quote

 

2. Toxic comments can lead to immediate expulsion
3. Pro players must set an example of good behavior.

 

That was commented in my post @Norse_Harold

Quote

, I've considered using these simple rules in the games I host.

Quote

Don't quit or leave early. Play as a team and share resources.

I think @maxticatrix was away for quite long time as he has not much information about ddosers who will ddos, gather ip to ddos after, etc. Quiting early by some are done daily, not many good level players are in, if not they just smurf.

 

Often happens by those who are toxic, game lobby, doesnt matter, it happens everywhere. Smurf not getting fixed, host has hands tied with everything which has been set in these rules.

Edited by Emperior
Link to comment
Share on other sites

13 minutes ago, Emperior said:
18 minutes ago, Norse_Harold said:

Emperior, this thread is about in-game rules, not lobby rules. Can a forum mod move Emperior's post to the Lobby Help and Moderation thread, please?

I think you should read everything, not half, not just my post but all of them. 

Yes, you have a few sentences at the end of your post about in-game conduct and rules. The solution is to split the comments into two separate posts and ensure that they are posted in the correct threads. But, I guess that you wanted to address maxticatrix directly since he's a lobby moderator. You can @ him in the Lobby Help and Moderation thread, though. I doubt that he's going away again after one post on the forum.

Edited by Norse_Harold
Link to comment
Share on other sites

6 minutes ago, Norse_Harold said:

Yes, you have a few sentences at the end of your post about in-game conduct and rules. The solution is to split the comments into two separate posts and ensure that they are posted in the correct threads.

Stop making hunderds of topics, just to be ignored. Simple as that, this issue isnt going for about a month. It has been here in 0ad for months as nothing has been ever touched. Spliting, creating new topics/post will help nothing here. I can create 10 more and put in each of them 1 sentence and ping all of them to @Stan` @user1 but in the end mostly will be ignored. So I doubt if it matters which topic or where it should be, there should be 1 topic which invole smurfing, toxicty, racism, profanity, smurfing  etc as all of this connect to each other like a rope to the ship, and the other end to the ground. It doesnt matter....

Rather than looking for moderation in the forums, start maybe from lobby? B)

Edited by Emperior
Link to comment
Share on other sites

6 minutes ago, Emperior said:

Stop making hunderds of topics, just to be ignored. Simple as that, this issue isnt going for about a month. It has been here in 0ad for months as nothing has been ever touched.

Not an accurate statement. Things have been done. There hasn't been a public announcement of what has been done until now. I think that more needs to be done, including the suggestions that I've made in the Lobby Help and Moderation thread, but several things have been done.

  • The whole Lobby Help and Moderation thread represents something new from user1. He has finally described some of his plans to improve lobby moderation and what the responsibilities and guidance is for lobby helpers.
  • The invitation to recruit more lobby helpers is something new.
  • The recruitment of me as a lobby helper is something new.
  • The correction of bugs with the !mute and !mutelist commands for lobby helpers is something new.

As far as what the future holds, I don't know, I think there needs to be more communication about it, but in the correct threads.

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

  • 2 weeks later...
1 hour ago, Kampot said:

Will this be addressed by moderators too? Hosted by Aslan. 

Thanks for reporting this. It's definitely against the Terms of Use. If it happens often then we can request a temp ban. Just one room name with profanity is currently being punished with a kick from the lobby, which has the additional effect of de-listing the game. And, when a game is de-listed then players can't rejoin in case they're disconnected at some point. In some cases I may issue a warning to the game hoster instead of an immediate kick from the lobby.

When this happens in the future, and hopefully not from Aslan., , if I'm online then please ping me or seeh in the lobby and/or IRC, and I'll take action as soon as possible. If I'm not online then try pinging user1, and if he doesn't reply then post evidence on the forum.

  • Thanks 1
Link to comment
Share on other sites

  • 2 weeks later...
On 31/08/2022 at 6:40 PM, Norse_Harold said:

Here are some ideas from others, as well as from me.

  • Improve the rate limit for new account creation per IP. Someone said that an IP can create 1 account per hour. Consider adjusting this to, for example, 1 account per month. I think that Gmail allows 10 email addresses to be created from a certain IP before they require a mobile phone number to be attached to a new account.
  • Make account age public for all users to see. Also, make rated game record and rating unspoofable.
  • Allow free registration without an email address, but establish a policy where all new accounts are "unverified" and have limited privileges. Allow "verified" users to host games that are only open to other "verified" accounts.

I'd like to support this propositions (notice I've left only three of six). 1st and 2nd seems very useful to avoid smurfing. Rating shouldn't be change in any way. From my point of view customrating-mod should be banned

3rd one: Idk what would be those limited privileges but it would be useful having a verified-tag in the account description. Also give the option to reset/change password to verified accounts using standard email confirmation method would be rather useful to improve account security or recover accounts in order to avoid making new ones.

It would be nice to have this implementations in a27

Edited by guerringuerrin
Link to comment
Share on other sites

  • user1 unpinned this topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...