Noaani wrote: » Again, this is the exact type of person that all multiplayer games are better off without. The idea of targeting a feature directly at such players is not healthy for any game.
Ulfbrinter wrote: » Nerror wrote: » Relying solely on players to find all the exploits is a bad idea, bounty system or no. Gotta hire the professionals and let them do their thing for sure. Intrepid already have QA, in fact, pretty much every game ever has a QA team, but that doesn't prevent massive exploits from being discovered by players. I am not advocating a player only system, but rather that Intrepid have their QA team but also pay out to players who report on massive bugs.
Nerror wrote: » Relying solely on players to find all the exploits is a bad idea, bounty system or no. Gotta hire the professionals and let them do their thing for sure.
JamesSunderland wrote: » Very few? Even games that had years before coming to the west suffered with things like bug/exploit abuse which caused mass bans, rollbacks, and game economy damage which caused a lot of damage to the games name and playerbase.
Karp wrote: » I do not see the problem in attracting talented exploit hunters if they are here for the money.
Noaani wrote: » Very few MMO's have had bugs of this magnitude. Of those few games that have, I can't think of a single one that would have had a different outcome with a bug bounty system in place. You seem convinced otherwise - give me an example of when there would have been a different outcome. A system like this would only ever deal with small, insignificant bugs - which is why it isn't needed.
JamesSunderland wrote: » Are you willing to tell me, that if that bug was reported through a bug/exploit bounty hunting system early on it wouldn't have changed anything?
Noaani wrote: » JamesSunderland wrote: » Are you willing to tell me, that if that bug was reported through a bug/exploit bounty hunting system early on it wouldn't have changed anything? Nope, I'm telling you that someone that would only report a bug for personal gain would not have reported that bug, as they had more to gain from exploiting it.
JamesSunderland wrote: » Noaani wrote: » JamesSunderland wrote: » Are you willing to tell me, that if that bug was reported through a bug/exploit bounty hunting system early on it wouldn't have changed anything? Nope, I'm telling you that someone that would only report a bug for personal gain would not have reported that bug, as they had more to gain from exploiting it. The absolute majority of them definitely wouldn't and would go against the risks, but here is the trick, you only need a single one of them to be afraid of the risks and take the safe route to snitch it....
Ulfbrinter wrote: » Noaani wrote: » JamesSunderland wrote: » Are you willing to tell me, that if that bug was reported through a bug/exploit bounty hunting system early on it wouldn't have changed anything? Nope, I'm telling you that someone that would only report a bug for personal gain would not have reported that bug, as they had more to gain from exploiting it. Unless you pay them money to report the exploit.
Noaani wrote: » This applies without the bounty system though.
JamesSunderland wrote: » Noaani wrote: » This applies without the bounty system though. WAY less likely without the personal incentive though.
Neurath wrote: » If an exploiter is doing the business of exploiting they would hardly take a minimal reward for reporting said bug. Your explanation about Archeage highlights the fallacy because more than one person undertook the exploit. Furthermore, innocent people were banned and that's a travesty. If one person can snitch on a whole network ( I assume the innocent people in question received items from the exploit) then it is even less likely an exploiter would report it. Most likely the issue came to light when a non exploiter discovered the issue or the devs discovered the issue.
Ulfbrinter wrote: » Most software devs with a brain offer these. And since the enormous number of exploits have made that other MMO currently unplayable, should Intrepid implement such a system? I think most of us who have played subscription-based MMO's know that any sort of rampant duping/infinite resource (for instance) often results in irreparable damage to the player base and word of mouth. Suddenly the well becomes poisoned and subs drop off when such exploits are left unfixed for even a few weeks for both of the aforementioned reasons. Personally? As someone who has found multiple of these sorts of exploits in past MMO's, I always keep them to myself or tell a small number of trusted friends that I know won't tell others. This way we can just sit on the exploit without anyone finding out about it. There's simply no immediate incentive for the player to tell the Devs about it, but if you pay players who report these exploits and glitches before knowledge of them becomes commonplace? Well - that's just being smart, and that's just doing what other types of software companies do to protect their own interests.
truenoir wrote: » But too the reason bounty systems don't work cause the reward has to out weigh the exploit.
Ulfbrinter wrote: » truenoir wrote: » But too the reason bounty systems don't work cause the reward has to out weigh the exploit. I read your post, but the only part that I have to address is this bit. If you read through the thread or just the first post, you'll see that I explicitly mean cash. And while this may seem outrageous, please consider that this is a subscription-based MMO where even a few hundred people quitting for good has major knock-on effects. As myself and a few others in this very thread have also pointed out that it really just takes one major exploit, one bad response from Intrepid to have a bunch of yellow journalists running around ruining the image of the MMO. Further, even if the response is in line with what veteran MMO players expect (a rollback and a fix) should the exploit become well known - it still doesn't solve the problem of the reputation being soured. This is why a bug bounty system must be implemented because it preys upon the inherent greed in most people (or perhaps desperation). You and maybe even Intrepid may look at several thousand dollars for a duping/invincibility/etc. exploit as excessive but all it takes is the very simple math of weighing the number of subs just quitting altogether and the potential lost revenue from people who might have played but no longer will since it's "that game with the exploits." Something like a few thousand dollars (given the hopeful rarity of such bugs) is a drop in the bucket if you just step back and look at the reality of the situation for two seconds.
truenoir wrote: » And bottom line is most game developers know this too cause they have engineers and programmers working on the game. But everyone is human and we all make mistakes. If we put that call for variables on the wrong line of course we are going to cause a bug that someone could get some gold and exp. Mostly a matter of finding these before they go live. But also testing wise most people don't run through the game all over unless they are told to.
Ulfbrinter wrote: » I get what you're saying, but this isn't the focus of the discussion.
Noaani wrote: » No it isn't. This is why almost all bugs in MMO's are reported and fixed. Sure, some are exploited a little before they are fixed, but most are not. Those that are exploited before they are fixed are not likely to have that situation altered by offering money to people for reporting them. People either report bugs to make the game as good as it can be, or take the option that offers the most personal gain - which will always be exploiting the bug.
JamesSunderland wrote: » Yeah, almost all bugs in MMO's are reported and fixed, sadly the majority of times its pretty late and people already abused and took all the advantage they wanted from it.
