Jump to content

Bypassing Raid Protections


Andre

Do you approve of this suggestion?  

14 members have voted

  1. 1. Do you approve of this suggestion?



Recommended Posts

  • Administrators

Maybe it has been suggested before, maybe it hasn't.

 

I'm sure many of you know how legitimate users are being affected by protections against raids (I know I am). These protections are rather poorly designed and could use some improvement. I propose the ability to bypass all chat protections/captchas for accounts with a value higher than or equal to 1000 xats. This should be enough, considering even the most sophisticated raid bots are unlikely to have that amount of xats distributed to each individual account. Thoughts?

 

Other solutions:

link

  • Award 4
Link to comment
Share on other sites

Of course some time the protection is frustrating for users  that have no clue in raid.

So i support this suggestion althoutght the decision is up to admins i think.

Link to comment
Share on other sites

  • Advanced Members

Maybe a better idea is /p would force only unregistered users to complete a captcha, /pr would prevent unregistered users from entering the chat but doesn't force registered users to complete a captcha, unless you're on a proxy? 

 

Certain people, like me, won't ever bother with xats anymore so lets force people who don't want to spend money to do something tedious? I don't think thats a good idea at all.

  • Award 4
Link to comment
Share on other sites

  • Volunteers

It would clearly be better for a lot of people.

One may say this is disadvantaging users who are not paying: it is only advantaging users having more than 1,000 xats.

There would be no difference if you don't have enough xats.

Moreover, what's the problem of having an easier way to complete captchas when you paid for a service?

 

Although, Karl's suggestion would be easier to do, right?

 

Link to comment
Share on other sites

  • Administrators

Like any idea, there's room for improvement, hence the discussion.

 

1 hour ago, Luca said:

although the decision is up to admins i think.

Yes.. the majority of suggestions involve admins, including this one.

 

1 hour ago, Karl said:

Maybe a better idea is /p would force only unregistered users to complete a captcha, /pr would prevent unregistered users from entering the chat but doesn't force registered users to complete a captcha, unless you're on a proxy? 

Definitely a more fair way of handling things. Probably wont work for unknown/private proxies though(?)

 

I didn't suggest this to promote xats. Having a value check seems like a viable solution and probably covers a decent amount of users. Perhaps not as fair, but better than nothing.

Link to comment
Share on other sites

  • Advanced Members

@Andre The proxies thing was just a suggestion to keep the re-captcha in place. I personally don't see a reason why it's needed because "most" people will raid with unregistered accounts, which the use of /p *should* stop, and if it's just someone being a pest they can be banned. Xat already handles most free proxies fairly well anyway, but paid proxies would be different.

  • Award 1
Link to comment
Share on other sites

  • Advanced Members

Agree with the concept, but a lower random number of xats with a new value generated randomly every day.

 

Stops bots working out the limit and then just assigning the amount of xats to the account. 

 

Also with the ability of increasing and decreasing until raids stop.... unfortunately people will be effected though with captcha measures. 

Link to comment
Share on other sites

  • Advanced Members

Well, the problem with requiring a certain amount of xats on protection is that unpaid users won't be able to talk. What about already subscribed users with less than 1k xats? Let's say a user has powers that equal 2000 xats, but they have only 300 xats on their account. Shouldn't they be able to talk when protection is on since they already have 2000 xats worth of powers?

Link to comment
Share on other sites

  • Advanced Members

Using xats alone shouldn't be a thing imo. 

 

Lets say the set amount of xats is 1000. If you have 500 xats and 37 days, based on the value of dx, your value will be over 1000 xats, so you won't need to complete the captcha. If you have powers which have a combined value of over 1000 xats then you also won't need to complete the captcha.

 

I also think that if your account is a paid user/you own a shortname you should also be exempt. 

 

Maybe this would work better than my previous suggestion. 

 

@CLassified3 He never said that you wouldn't be able to talk if you didn't have more than 1000 xats. He just stated that anyone with over 1000 xats wouldn't have to complete the captchas...

 

  • Award 1
Link to comment
Share on other sites

  • Administrators
8 minutes ago, Karl said:

Lets say the set amount of xats is 1000. If you have 500 xats and 37 days, based on the value of dx, your value will be over 1000 xats, so you won't need to complete the captcha. If you have powers which have a combined value of over 1000 xats then you also won't need to complete the captcha.

Yeah, that's actually what I had in mind.

 

8 minutes ago, Karl said:

I also think that if your account is a paid user/you own a shortname you should also be exempt. 

I agree with you, good suggestion.

Link to comment
Share on other sites

  • Advanced Members
22 hours ago, Arthur said:

You don't raid with 1 account. So, for a 10 accounts raid you would need 10,000 xats. How's that low?

 

Come on, it's 2016. Do you really need someone to explain you how to clone powers?

 

Find a dormant chat

Give 1000 xats to bot A

Connect bot A to dormant chat

 

Connect bot B to dormant chat

Connect bot A to target chat

Start flooding with bot A

Transfer 1000 xats from bot A to bot B

Disconnect bot A from secret chat

Bot A is now bot B

Bot B is now a new bot

Repeat until out of proxy

 

It's virtually free if you use stolen/scammed xats (the xats will be deleted, and their source torched anyway)

Use a different proxy for each bot, so you won't get in trouble with xat's protections.

 

To sum it up:

- It is not a silver bullet, it just adds a constraint

- Some legit users will not get captchas

- Regular raids will still happen

- A small portion of those will be able to bypass raid protections

- Users will get mad when they'll see protections can be avoided ("Xat don't protect against raids because it gives them money")

  • Award 3
Link to comment
Share on other sites

  • Administrators

Wouldn't it be possible to refresh the account on target chat once the exchange has occurred on dormant chat? Or does it work in a chain, where you keep transferring xats to new accounts and just keep raiding with 1 account at a time (suggesting you don't have more than 1k xats to spread around on multiple accounts)?

 

Sucks if they make bots this sophisticated. However, one solution would be to just enable bypassing captcha for paid users and those with a short name as suggested above. Again, I'm not promoting xats. Just trying to figure out the best method for a good percentage of people to escape captchas.

  • Award 1
Link to comment
Share on other sites

  • Advanced Members

I agree with Karl. If this was to become a thing, anything in the account that surpasses the value of 1,000 xats should allow you to bypass the protection.

 

Also, I don't see how any current arguments against this are plausible... how many raids have you seen with registered accounts (you need to be registered to have xats)? Now, if this was to become the case, the accounts can be banned forever by the chat staff and then deleted asap and then all the accounts they made become useless, and the raider has wasted 1000 xats for a few second raid.

 

Admins should "just come up with" (I know, easier said than done) better protection, or change it more frequently as just like Jedi said, they use premade scripts 99% of the time.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.