• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

STEAM | September II 2014 - Ride the Lightning

Status
Not open for further replies.
Might as well post my Top 5 most-played

Skyrim - 525 hours
Fallout: New Vegas - 56 hours
Resident Evil 6 - 52 hours
Elminage Gothic - 47 hours
The Last Remnant - 42 hours

EDIT: Jeeeeeeeze
 
Never mind how many hours people have played. What I really want to know is how many games you own? What games did you get in the last steam sale? How much did you spend? How much did you save? How many achievements did you get last Tuesday? How many achievements did you not get last Tuesday, but could have got if you had played for an extra two hours?
 
Never mind how many hours people have played. What I really want to know is how many games you own? What games did you get in the last steam sale? How much did you spend? How much did you save? How many achievements did you get last Tuesday? How many achievements did you not get last Tuesday, but could have got if you had played for an extra two hours?
lol
 

kevin1025

Banned
Never mind how many hours people have played. What I really want to know is how many games you own? What games did you get in the last steam sale? How much did you spend? How much did you save? How many achievements did you get last Tuesday? How many achievements did you not get last Tuesday, but could have got if you had played for an extra two hours?

Well! Last Tuesday, I --- oh :(
 

Stumpokapow

listen to the mad man
Short of using scripts/bots, which is forbidden, no.

You know, I've been thinking about this. It'd be pretty easy to automate the process such that it'd be undetectable. Use an HTTP session spoofer that carries forward cookies so they can't catch you not having the right cookies. Spoof any XHTTP requests going any direction. Use an actual browser's user-agent so as a client you come off as a browser rather than a robot. Simulate human-like delays between each request in case they log for throttle stuff--incidentally, most of MS's Xbox 360 mod detection features involved timing measurements on the disc drive / firmware. Load all the extraneous assets that a browser would load to make the requests so they can't accidentally catch you by requiring you to load some non-cached image before you submit a request as form of knocking. I guess one thing they could do is have you execute arbitrary javascript client-side, because most of the HTTP spoofing libraries don't have proper JS engines, but it's still doable if you did have a proper JS engine, and the alternative would be re-writing whatever code they make you execute in your given language so the actual transmission/verification of the results would be the same.

I haven't written any of the code, but I'm reasonably confident that there's basically no line of attack they could use that would identify someone automating this stuff. Like, I think to get caught it'd be because you were choosing to sacrifice fidelity for speed--like for example people who would write a high-speed market scraper to snipe mispriced rare items would be caught by the frequency of their checks and the speed with which they go through the buying process.

I'd love if any other programmers could weigh in if there's a detection method they think Valve could use to identify this kind of use case.
 
I'd love if any other programmers could weigh in if there's a detection method they think Valve could use to identify this kind of use case.

Some that spring to mind are tracking patterns of usage. For example if you are making trades in 24 hours of the day, this could easily be flagged as suspicious, even if they just used JaseC as the benchmark.

From there they could look at the volume of trades. Obviously to make this worthwhile, you are playing with cents to certain rules. A high volume of trades following consistent rules could be detected. You would need to mix that up as well.

They could also look at the volume of trades and periodically put a 5 minute hold on your account. If you continued to attempt to make trades, they could sense it was automated.

Basically if Valve cared, they could buy fraud detection software that the banks use for credit cards and apply much the same rules. This doesn't mean they would necessarily do any of that, but this is the risk you would take once you actually earned something significant.

I'd just use the time to write some crazy ios game and hope you strike gold ;)
 

Stumpokapow

listen to the mad man
Well you know about the chocolate bars.
Give me some stump.

My partner told me I was allowed 1 a day, so it took me a total of about 35 days to eat 48 chocolate bars.

Two that spring to mind are tracking patterns of usage. For example if you are making trades in 24 hours of the day, this could easily be flagged as suspicious.

From there they could look at the volume of trades. Obviously to make this worthwhile, you are playing with cents to certain rules. A high volume of trades following consistent rules could be detected. You would need to mix that up as well.

For the personal usage of liquidating a card inventory, this wouldn't be an issue because theoretically you'd only be running it once a sporadic time, and it'd finish within an hour or two assuming a few seconds a card.

They could also look at the volume of trades and periodically put a 5 minute hold on your account. If you continued to attempt to make trades, they could sense it was automated.

Yeah, I got banned from Amazon Mechanical Turk in 2005 when I wrote a bot to automate a bunch of stuff and they put in anti-fraud code to detect it and put in a CAPTCHA and my bot just wracked up hundreds of CAPTCHA failures in a row. I know to avoid that now by checking return values and auditing for success on that side of things!
 
For the personal usage of liquidating a card inventory, this wouldn't be an issue because theoretically you'd only be running it once a sporadic time, and it'd finish within an hour or two assuming a few seconds a card.

Ah ok, then yeah you think it would work out.

The risk/reward seems pretty off though. I'd be most worried about Valve changing/breaking something in the store that throws it off.
 

jshackles

Gentlemen, we can rebuild it. We have the capability to make the world's first enhanced store. Steam will be that store. Better than it was before.
From a technical standpoint, Stump's proposition makes sense. The key being that in automating the card sales you would need to time it as such to emulate the amount of time it would take a normal human listing the cards as quickly as possible or slightly slower. Bonus points for randomizing it. However, a script like this wouldn't save you time, only work.

Like Toddhunter said, the risk/reward would be weighted really weird. Most people have less than 100 cards to sell at a time (unless maybe you leave Idle Master running for a week or more) and you're talking about running a bot non-stop for a while to save clicks while risking your Steam account.

I've talked with folks at Valve on their stance about this, since initially I was planning on adding it to Enhanced Steam. They told me that even if you're doing something asinine like selling Trading Cards automatically and they find out about it, they will take action up to and including disabling your account.

So making a script where "you can't get caught" might not be the best idea. But then again, there's another Chrome extension on the market that lets you sell items in bulk like this (and very quickly, mind) and it's apparently in use by thousands of people, so take that as what you will.
 

ss_lemonade

Member
You know, I've been thinking about this. It'd be pretty easy to automate the process such that it'd be undetectable. Use an HTTP session spoofer that carries forward cookies so they can't catch you not having the right cookies. Spoof any XHTTP requests going any direction. Use an actual browser's user-agent so as a client you come off as a browser rather than a robot. Simulate human-like delays between each request in case they log for throttle stuff--incidentally, most of MS's Xbox 360 mod detection features involved timing measurements on the disc drive / firmware. Load all the extraneous assets that a browser would load to make the requests so they can't accidentally catch you by requiring you to load some non-cached image before you submit a request as form of knocking. I guess one thing they could do is have you execute arbitrary javascript client-side, because most of the HTTP spoofing libraries don't have proper JS engines, but it's still doable if you did have a proper JS engine, and the alternative would be re-writing whatever code they make you execute in your given language so the actual transmission/verification of the results would be the same.
I once had to cook up something using php to post stuff to craigslist for a client. Worked fairly well but was incredibly frustrating to maintain since small form changes on craigslist side could/would break the automated process. We switched to using their quite limited api now but I always wondered if what I had working was good enough for its intended job to begin with (I was just using curl plus a couple of other things you mentioned like simulating delays, storing cookies, using actual user agents, etc)
 

Shadownet

Banned
I don't see why Valve would be against this. We're still selling stuff through the Marketplace and they still get their fee. We're just trying to find a quicker way to do it. That's all.
 

jshackles

Gentlemen, we can rebuild it. We have the capability to make the world's first enhanced store. Steam will be that store. Better than it was before.
I don't see why Valve would be against this. We're still selling stuff through the Marketplace and they still get their fee. We're just trying to find a quicker way to do it. That's all.

I'm pretty sure their issue with bots stems from how someone could potentially use the same technology to "snipe" items that are listed for a low price inadvertently. I hear about horror stories all the time where people meant to list something for $100.00 and accidentally listed it for $1.00. Those market bots will snatch the item up much faster than you can cancel it (usually within seconds).

Some of this has been alleviated with their new buy orders / sell orders system of "commodity" goods (like trading cards) so perhaps their stance on these sort of selling bots has changed.

I think the real reason they condone their use is that they don't want to assume the support liability that will inevitably come from people using them. What if the bot someone releases online is disingenuous and is actually automatically trading your $400.00 CS:GO knife away without you realizing it?

I strongly suspect they know that this process sucks. Hopefully they can come up with a way to remedy it soon so that we don't have to risk our accounts to try to find a way around their terrible UI and process.
 

Shadownet

Banned
I can see where you're coming from jshackles. Though if there is one thing I wish they would add is that the ability to list a price so when an item fall below the price you set. You will get a notification asap, so that you'll know.

I know that cards has something similar. But for items like CSGO skins. They don't have that. Like if I want this skin for under $50. I'll have to constantly F5'ing and hope I find one.
 

Benedict

Member
Just a friendly reminder of our friend JShackles Extra Life run.
He's raised the goal to $500 and reached over$300 so far.


What kind of system would I need for Wasteland 2 to run whisperquiet?

I have a 460TGTX, Core2Duo [email protected] and 8GB RAM.
And it's not whisperquiet atm... more like an autumn storm...
 

Durante

Member
You know, I've been thinking about this. It'd be pretty easy to automate the process such that it'd be undetectable. Use an HTTP session spoofer that carries forward cookies so they can't catch you not having the right cookies. Spoof any XHTTP requests going any direction. Use an actual browser's user-agent so as a client you come off as a browser rather than a robot. Simulate human-like delays between each request in case they log for throttle stuff--incidentally, most of MS's Xbox 360 mod detection features involved timing measurements on the disc drive / firmware. Load all the extraneous assets that a browser would load to make the requests so they can't accidentally catch you by requiring you to load some non-cached image before you submit a request as form of knocking. I guess one thing they could do is have you execute arbitrary javascript client-side, because most of the HTTP spoofing libraries don't have proper JS engines, but it's still doable if you did have a proper JS engine, and the alternative would be re-writing whatever code they make you execute in your given language so the actual transmission/verification of the results would be the same.

I haven't written any of the code, but I'm reasonably confident that there's basically no line of attack they could use that would identify someone automating this stuff. Like, I think to get caught it'd be because you were choosing to sacrifice fidelity for speed--like for example people who would write a high-speed market scraper to snipe mispriced rare items would be caught by the frequency of their checks and the speed with which they go through the buying process.

I'd love if any other programmers could weigh in if there's a detection method they think Valve could use to identify this kind of use case.
The extreme of that would be actually scripting browser input, which would defeat even directed attempts of determining whether the user is a bot (i.e. client-side scripts). The only thing I can think of that could still catch such an implementation would be an interactive check, e.g. a message box popping up asking if you are human. But Valve doesn't seem to like measures which impact the user experience to that extent.
 

Shadownet

Banned
CVG's Golden Joystick nominations are up. I wonder if they're giving out a free game later like last year.

The list has already failed me because The Evil Within isn't on the most wanted tab.

I had a hard time voting for Most Wanted. Though I did try to vote fro The Wolf Among Us and Wolfensrein as many times as I could. My top contenders for GotY.

Also PewDieDie being on that list for best Personality got a chuckle out of me.

I voted for Yoshida.
 

Caerith

Member
I'm pretty sure their issue with bots stems from how someone could potentially use the same technology to "snipe" items that are listed for a low price inadvertently. I hear about horror stories all the time where people meant to list something for $100.00 and accidentally listed it for $1.00. Those market bots will snatch the item up much faster than you can cancel it (usually within seconds).

Some of this has been alleviated with their new buy orders / sell orders system of "commodity" goods (like trading cards) so perhaps their stance on these sort of selling bots has changed.

I think the real reason they condone their use is that they don't want to assume the support liability that will inevitably come from people using them. What if the bot someone releases online is disingenuous and is actually automatically trading your $400.00 CS:GO knife away without you realizing it?

I strongly suspect they know that this process sucks. Hopefully they can come up with a way to remedy it soon so that we don't have to risk our accounts to try to find a way around their terrible UI and process.
A likelier scenario than a bot that trades away imaginary knives would be someone who doesn't know what they're doing running a sniping script and bankrupting themselves by automatically paying full price for thousands of items, but I think the real reason they don't condone their use is because it provides an unfair advantage over people who don't use scripts.

What I'd like to see would be an overhaul of the inventory so more items could be displayed per screen. Just, like, a list of all cards with their market values and individual price fields + "sell this item" buttons so I could just go down the list and sell what I want to, then counter sniping by prompting for confirmation if I try to undercut by, like, more than 30%.
 
The Elder Scrolls V: Skyrim - 154 hrs on record
Borderlands 2 - 101 hrs on record
BioShock Infinite - 89 hrs on record
Mercenary Kings - 79 hrs on record
Saints Row: The Third - 68 hrs on record

I'm ashamed that I actually put that much time into BL2. It's an awful game. But I guess going for 100% can do things to you, and I still have a couple to go...
 

Shadownet

Banned
The Elder Scrolls V: Skyrim - 154 hrs on record
Borderlands 2 - 101 hrs on record
BioShock Infinite - 89 hrs on record
Mercenary Kings - 79 hrs on record
Saints Row: The Third - 68 hrs on record

I'm ashamed that I actually put that much time into BL2. It's an awful game. But I guess going for 100% can do things to you, and I still have a couple to go...

I think its a bit more sad that you put 79 hours into Mercenary Kings..

But you must liked it a lot.
 

Anteater

Member
I actually don't have that one game with a lot of hours clocked in like those jrpg days, I guess my gaming habits have changed compared to when I was on consoles.

I'm planning to play through ff13 entirely though and might even give those hunts a go this time around, although unlikely.
 

Bboy AJ

My dog was murdered by a 3.5mm audio port and I will not rest until the standard is dead
I think its a bit more sad that you put 79 hours into Mercenary Kings..

But you must liked it a lot.
Yeah. That's what stood out to me. Could have been a great game.
 

Shadownet

Banned
Yeah. That's what stood out to me. Could have been a great game.

Yeah I liked it at first then I realized how shallow the game is. I stopped at like 5 missions in.

Same thing with BroForce.. But then again I should go back to BroForce and see if they changed anything.
 

Chariot

Member
CVG's Golden Joystick nominations are up. I wonder if they're giving out a free game later like last year.

The list has already failed me because The Evil Within isn't on the most wanted tab.
I did my part, but I am not very happy with the general selection. But that's how it goes, yes.

--

My most played games are League of Legends (4k games), Warcraft 3 (so many many many days with funmaps) and Dawn of War (retail version was the main game I played with my former schoolmates). Those go easily in the thousands.

Mount & Blade: Warband - 98 hrs on record
Civilisation V - 91 hrs on record
Crusader Kings II - 57 hrs
Total War Shogun 2 - 48 hrs
Eve Online - 45 hrs

I love PC exclusives.
 
I think its a bit more sad that you put 79 hours into Mercenary Kings..

But you must liked it a lot.
Yeah. That's what stood out to me. Could have been a great game.
Yeah I liked it at first then I realized how shallow the game is. I stopped at like 5 missions in.

Same thing with BroForce.. But then again I should go back to BroForce and see if they changed anything.

Mercenary Kings is waaaaay better than Borderlands 2... Yeah, I did like it a lot. The grinding at the end for 100% sucked, but everything else was a blast. Plus I played through it solo, and a couple times with friends, so that inflates the time a bit.
 

Anteater

Member
everytime a dragon's dogma thread pops up I'm reminded that it's still not on pc and fucking devil may cry 5 is still not announced, fuck everything.
 

RS4-

Member
Man wtf, so I installed some windows updates this morning, now all of a sudden I can hear one of my mechanical drives clicking.

Never heard it in nearly 3 years. Probably just coincidence...right.
 

JaseC

gave away the keys to the kingdom.
Man wtf, so I installed some windows updates this morning, now all of a sudden I can hear one of my mechanical drives clicking.

Never heard it in nearly 3 years. Probably just coincidence...right.

Save important data while you can.
 

Shadownet

Banned
Man wtf, so I installed some windows updates this morning, now all of a sudden I can hear one of my mechanical drives clicking.

Never heard it in nearly 3 years. Probably just coincidence...right.

You got a ticking time bomb on your hand. Hold on to your butt good sir. And save your stuff before its all gone.
 

Rand6

Member
Man wtf, so I installed some windows updates this morning, now all of a sudden I can hear one of my mechanical drives clicking.

Never heard it in nearly 3 years. Probably just coincidence...right.

Try using System Restore and see what happens.
 

Anteater

Member
On RE5 Lost in Nightmares, Capcom has this to say

Definitely been making this request known. PC players have wanted it for quite some time, and the Steamworks addition has brought it up all over again.

No word yet but rest assured threads like these are being shared.
 

zkylon

zkylewd
I did my part, but I am not very happy with the general selection. But that's how it goes, yes.

--

My most played games are League of Legends (4k games), Warcraft 3 (so many many many days with funmaps) and Dawn of War (retail version was the main game I played with my former schoolmates). Those go easily in the thousands.

Mount & Blade: Warband - 98 hrs on record
Civilisation V - 91 hrs on record
Crusader Kings II - 57 hrs
Total War Shogun 2 - 48 hrs
Eve Online - 45 hrs

I love PC exclusives.

league and warband

<3
 

Sharkiller

Member
Battlefield: Bad Company 2 - 453 hrs on record (played with friends sorry)
Arma 2: Operation Arrowhead - 97 hrs on record (mostly because I was a dayz dev)
Arma 3 - 57 hrs on record
PAYDAY 2 - 51 hrs on record
Batman™: Arkham Origins - 50 hrs on record
Batman: Arkham City GOTY - 48 hrs on record
DayZ - 44 hrs on record
 
Status
Not open for further replies.
Top Bottom