About Privacy
While IC spying on another character is a matter of agreement between the
players involved (note, everyone involved should openly agree to the
matter if it involves remote-listening code or objects!) spying OOCly on
others is another matter entirely.
Players should realize that almost any online game (including TinyMUX) is
not a secure environment. Everything, including passwords, is sent via
clear text. There are probably at least ten machines between a player's
computer and the server the game is on that can be sniffed for packets.
For that matter, the game database could be looked at if the server's
security is compromised. While all of the above are pretty remote, it is
possible. Moreever, if the game database or softcode is being debugged,
it's possible that extensive logging information may be stored, which is
viewable by the Site Admin (in Jupiter's Childrens's case, that is the
same person that does the debugging).
Don't place anything, or do anything, in any online game that you couldn't
bear to have others know about.
Now that all of you are paranoid, none of the above is /likely/ to happen.
But it can. The staff of Jupiter's Childrens are also going to do their best
to keep it from happening.
As per specifics for this game, there are four ways for people to view the
details of items that are not theirs. There is the Wizbit, that allows a
wizard to view anything in the database, there is the see_all power (which
is given by the Royalty flag) which pretty much duplicates this, there is
the VISUAL flag that can be set on an object, and there are code-hacks
that may allow a player to gain the use of a wizbit or see_all.
In the case of Wizbits, see_all, and ROYALTY flags, those are given out
extremely stingily on Jupiter's Childrens. Unless someone really, really,
/really/ needs a Wizbit they aren't getting one. The same goes for
Royalty.
Most people new to MU* games don't realize that Wizards and Royalty
can see their login information (what their host name is from their
ISP) and can easily track which character belongs to which player.
Since the information is the same on any kind of tinyMU*-style server
players can be spotted by someone that admins at more than one game.
There is actually a good chance that if you play on several games, at
least one member of those game's staff will be on more than one of
them. Sometimes people that staff at more than one place will share
information. Sometimes they will not. It's a matter of personal
preference. In my opinion (sensi Kimi), this should only be done for
those that present a clear danger to a game. Unfortunately, not
everyone has that attitude.
Note that it is also possible for people to connect to a game's login
screen and run WHO to see characters that are logged in and track who is
where that way (don't laugh, I've seen people that do this).
Here's an example of what a Wizard/Royal sees with WHO:
Player Name On For Idle Room Cmds Host Throkmorton 00:43 2m #22 37 RACA8369C.ipt.aol.com
And here is the Login Data attribute that players cannot see on themselves
(players can see this nicely formatted with the @last command):
Logindata: #3;192.168.20.100;Tue Feb 05 01:12:45 2002;192.168.20.100;Wed Jan 16 13:54:34 2002;192.168.20.100;Mon Jan 14 19:37:59 2002;;;0;0;;;;;;;
This information, just like the email addy the app response is sent to,
will be kept as confidential as possible. What players decide to tell
each other is up to them, but Jupiter's Childrens's staff does not have
the right to dispense this information and will resist efforts to share.
(Of the non-legal variety, anyway.)
For items set VISUAL, it is assumed that the owner wants to share all the
information stored on the object. (Note, only wizzen/see_all can see the
hidden attributes on players that contain login info). If a player isn't
sure what others might end up seeing, specific attributes can be set
VISUAL with a command like: "@set object/attribute=visual" This leaves
other attributes still opaque. Note that desc, sex, and a few other
attributes can always be seen.
The last case is using some form of code to manage to either gain a wizbit
(very difficult), or somehow use an object that has inherited the powers
of a wizard (such as global code, like +who or +finger) for their own
ends. This could be to view or change the attributes of objects they do
not own, corrupt the database, halt or shutdown the game, or otherwise
give themselves abilities they do not have. In any case, this is a
malicious act and will be dealt with using any means deamed reasonable,
from kicking off the game and site-banning to possibly include legal
measures being taken (these are felony actions in the state the game is
being run in, and the SBI has been very friendly in the past in regards to
computer crimes).
There is a method of spying that many people, not even members of Staff
for many games are aware of. When used properly by a game's staff,
certain logging levels can be used to diagnose problems. When properly
configured, a MU* can log all actions performed by an object according to
the flag on the object. Thus, a flag can be set on a player object and
every action (command) of that object is printed verbatim in the log file
as long as that flag is present. When used maliciously, this can result
in a level of spying that is impossible for a player to detect. The
reason I am not saying how to do this is twofold. First, not all servers
use the same flag for this purpose. Second, if some Wiz wants to use this
maliciously they'll have to do some research. For those that Wizard on
other games, note that some servers allow the creation of custom flags
which means that not even Wizards may know of the presence of a
log-triggering flag on a player.
Basically, the staff of the game will do the best they can to protect the
privacy of players. There are, however, limits to what they can do.
We're not going to try and buck a court order or interfere with any kind
of federal investigation (both of which are extremely unlikely), for
example. But we are not going to go around gossiping about people, either.
Even the last-on field of +finger available on many games is not used
here. The game-spanning MudNet robot is not, nor will it be, installed
here. There are a few tricks our server-admin knows of that will even
limit people that cruise the login screen to use WHO.
And lastly... If you write a nekked desc, you'll probably want to change
out of it before going OOC. :) If you don't know why, look for the
Tasteless Descs bboard on www.ezboard.com.
Some people really need a life.
(A special note: Since this article was written, the tasteless descs board has been removed by ezboard administrators after, ironically enough, an irate member of the board threatened to sue ezboard when one of their own tasteless descs was posted.)
NewsPolicy
There are no comments on this page. [Add comment]