Upcoming Events
Southwest Gaming Expo
11/20 - 11/22 @ Dallas, TX

Workshop on Network and Systems Support for Games (NetGames 2009)
11/23 - 11/25 @ Paris, France

ICIDS 2009 Interactive Storytelling
12/9 - 12/11 @ Guimarães, Portugal

Global Game Jam
1/29 - 1/31  

More events...


Quick Stats
7384 people currently visiting GDNet.
2341 articles in the reference section.

Help us fight cancer!
Join SETI Team GDNet!



Link to us

Link to us
  Intel sponsors gamedev.net search:   

The Cost of Insecurity - Griefing: from Anonymity to Accountability
by Steven B. Davis, CEO, IT GlobalSecure Inc.

Copyright © 2005, IT GlobalSecure Inc.

The dark side of the explosive growth of online gaming has been an infestation of griefing and cheating. Griefing is truly an "Internet" problem. The relative anonymity of Internet communications has resulted in a decline in civility, and the massive scale of the online games has resulted in a loss of "adult supervision". After all, if you were playing a face-to-face role-playing game, you would likely not "grief" for fear of being slugged or snubbed by your soon-to-be-former friends. First, to define somewhat formally our terms:

Griefing – an act, action, or communication that is technically legal under the rules of the game (as implemented and enforced in software), but is disruptive to the game experience of others. Such activities may be prohibited by Terms of Service and are often beyond the pall of ordinary human decency and common sense.

Cheating – an act or action that is illegal under the rules of the game (as implemented and enforced by software) that has been circumvented by any means including altering of game state, communications, race conditions, buffer overruns, etc.

Griefing and cheating are of concern to game developers, publisher and operators because they cost money.

Customer Impact:

  • Players quit because they don't like the negative experience
  • New players don't join because they don't want the hassle
  • Ethically ambivalent players get expelled (they wouldn't have cheated or griefed if they knew they would get caught).

Company Impact:

  • Increased customer service support costs to deal with complaints, real and perceived
  • Increased in-game customer service costs
  • Increased technical support costs to identify threats
  • Increased technical support costs to counter threats
  • Increased technical support costs to identify and remove malicious players

Of course, game companies can and do ignore security problems – sometimes the cost to fix a problem is just too high. Also, because of the structure of the games industry, developers, who are best positioned to address these problems, have little to no financial incentive to do so. They get paid for delivering a working game on time and on budget. There is often no reward for reducing or even planning for "lifecycle support". Publishers have not addressed these issues since most revenues come within the first several months of a product's release – long before annoying security problems (and bugs) become visible.

Online gaming has changed this dynamic. Simply adding network play can add 10% to 40% to the sales of a title. After all, if you want to play with a friend online, you can't borrow her copy; you have to buy one yourself (see Battle.net, Counterstrike for Half Life, and the forthcoming Guild Wars). This effect is magnified for expansions and follow-on products. If subscription or pay-for-play is added, the revenue opportunities for a single title (and the corresponding impact of security flaws and bugs) multiply. In January 2005, Bungie terminated thousands of Halo 2 players for cheating and griefing - costing Microsoft tens to hundreds of thousands of dollars in revenue per year [1].

This article will focus on one of the most pernicious aspects of griefing – harassment and abusive communications. We will explore existing solutions and a sample alternative from both a technical and business perspective.

No "Right to Anonymity"

Insults and harassment are virtually routine for many online games. The anonymity afforded to online game players has given rise to widespread and increasingly aggressive harassment. The hardcore gamers that are otherwise prized by game companies are often the worst offenders and taunt "n00bs" [2]. This, of course, is the riskiest time for a game operator – new players are liable to abandon a game that they find hostile. There is often a perception of a "right to anonymity". There is no legal basis for this and, in fact the Privacy Act in the US did not come into being until 1974 [3]. Sexual and racial harassment also, regrettably, occur too often.

[1] http://www.bungie.net/News/TopStory.aspx?story=weeklywhatsjan14. Given the $50 ($49.99) yearly subscriptions to X-Box live, the cost per thousand banned is $50,000 (US). One should commend Microsoft, Blizzard, Bungie, and others for being willing to disclose security problems and to actively address them.

[2] "Inflicting Pain on Griefers", David Becker, http://news.com.com/Inflicting+pain+on+griefers/2100-1043_3-5488403.html

[3] Surprisingly, the US actually has quite weak privacy laws. Online game developers should be aware that in many places in Europe and Asia, privacy laws are quite strict and should be considered in the design of an online service. They may affect both the collection and storage of individual data and marketing information.





In-Game, Community, and Customer Support

Contents
  Introduction
  In-Game, Community, and Customer Support

  Printable version
  Discuss this article