Makes sense but the coders of the website are too lazy.
Comment has been collapsed.
I don't have any idea about this but, would be hard to make a system to check/add groups for giveaway? Like it check if people are in the Steam group or make groups in the site and do a check before letting them enter a giveaway? That would make it useless to break into privates. (Though privates can be canceled in case someone who wasn't supposed to be there enter or win.)
Comment has been collapsed.
That would add more load to the server load, and database size. I don't know a lot about server side scripting of any kind, but I think it would be easier to let the giveaway creator add a list of people that are eligible. That way the SG servers wouldn't have to keep constantly updated lists of every steam group people used for giveaways.
Comment has been collapsed.
Keep in mind, with the recent change to case sensitive URLs, you'll need to check 3,000 pages a second to catch private giveaways open for a few days. Obviously the server could never keep up with that traffic, and it might look slightly suspicious in the logs.
Comment has been collapsed.
I was unaware that they were now case sensitive. That would make it more than 15 times harder to check every possible giveaway. Still, a lot of the ones I've seen people try to brute force were private giveaways with puzzles. That way they start with some or most of the letters. Even starting with just 2 characters, it becomes almost 4000 times as easy to crack.
I don't know what would be involved in automating temp bans on bot-like activity, but I think anything short of that is going to leave the site nearly unusable every time incomplete info about a private giveaway is leaked.
Comment has been collapsed.
Indeed. there was one such giveaway but there was no way to solve the puzzle because nothing was given other than the first 3 letters and numbers. Hence, people who knew how to code probably realized they could solve it easily with a bot software (some people even mentioned it in the post and said all xxxx attempts returned nothing- mainly because the first 3 codes were fakes too) and so did so. The giveaway codes turned out to be totally unrelated to the ones provided in the picture, but I guess people continued using their bots...
However automating temp bans is really not the solution because for a giveaway for warhammer 4000 space marine where the people commented that there was a typo and the code had a misplaced letter, for example, I tried 40-50 different codes (by switching a letters position each time) all within an hour... I am pretty sure some other could enter more (I am a slow typer, my avg is 30 words per minute) in that same period and your "automated detection" would incorrectly detect and ban them as botters even if they were not.
Comment has been collapsed.
İn theory, yes "do it based on number of accesses or number of invalid giveaway codes in a given period of time" might work... but you are forgetting the puzzle giveaways that people make. When the entrants are given only the first few letters or numbers and are asked to guess the rest, for example... that "puzzle" turned out to be a fake- their was a giveaway (hence no violation of the rules) but the "hints" were irrelevant and the giveaway codes were in fact totally different, but I believe that is when all this bot nonsense started- when people realized they could just run some code to find giveaways.
Comment has been collapsed.
I was specifically thinking about puzzle giveaways actually. They are meant to be solved, not brute forced. The other example you gave of 40-50 codes within an hour is nothing compared to what a bot would be able to do. I also mentioned having a warning system in place, so anyone typing by hand would see that and know it's time to stop. Even if a bot were coded to pick up on the warning, it would still have to stop at that point, making it mostly useless.
Comment has been collapsed.
82 Comments - Last post 2 hours ago by WaxWorm
56 Comments - Last post 5 hours ago by Carenard
1,811 Comments - Last post 5 hours ago by ngoclong19
72 Comments - Last post 7 hours ago by Reidor
545 Comments - Last post 9 hours ago by UltraMaster
41 Comments - Last post 9 hours ago by ViToos
1,520 Comments - Last post 11 hours ago by ayuinaba
9,531 Comments - Last post 21 minutes ago by NoYeti
52 Comments - Last post 33 minutes ago by xkingpin
28,266 Comments - Last post 36 minutes ago by PastelLicuado
182 Comments - Last post 1 hour ago by Aerctaure
10,787 Comments - Last post 1 hour ago by eeev
27 Comments - Last post 1 hour ago by Mitsukuni
113 Comments - Last post 1 hour ago by eeev
The site has become almost unusably slow more often than not. My educated guess is that this is largely due to people running bots for various reasons. Either to automate entries into the games they want, or to brute force their way into private giveaways. The latter is more detrimental to the site in both server load and the community.
Banning the bots, even if temporarily, would lift a lot of load from the site. You could either do it based on number of accesses or number of invalid giveaway codes in a given period of time. There could be a warning at first, and a 12 or 24 hours ban if it continues. You could keep track of the number of bans on an account, and perma ban them on their 3rd offense.
Comment has been collapsed.