Saturday, December 29, 2012

EVE Tool Review: EVE-Skunk

EVE-Skunk is a repository of API keys, for the purpose of posting evemails publicly.  The main goal is to leak alliance emails for the lolz.  A friend on my G+ stream had a freakout when he found his own keys on the site.  And though in all real personal opinions, I think we should have a reasonable expectation of privacy, I also thing EVE gives us the sandbox to play out our psychopathic tenancies without doing real damage.

How It Works

Alliance Evemail is the least secure means of communication.  It can be accessed by any member's personal mail API.  The mail API is one of the more convoluted tools. So, somewhere between "I can't write my own tool" and "I'll just have an API with all the options enabled" comes the security vulnerability.  Then it only takes 1 mismanaged key and an entire organization's corp/alliance messages are made public.

EVE-Skunk takes APIs through an anonymous API entry.  So whether a spy has stolen those keys, or some user puts it in themselves, it's added to the tool's database and added to the wall.  Being a malicious site, there is no recourse to remove your data either.  

Bully Activism

It's no secret, EVE's API is very low priority among developers.  Also, it's a project that has been infamous for being passed from lead to lead, and an insistence on some very weird development strategies.  It's only through exploiting weaknesses and causing outrage that there is any hope to make it on CCP's sizable to-do list.  But even this outrage isn't enough to do the rework required to really secure the system... and with the current v2 API architecture, it will never be user-proof.

Marcel Devereux, developer of Aura for Android, has turned this into an artform.  Using the weight he caries with Aura to apply pressure in just the right ways.  When the API moved to HTTPS, but had a bargain SSL certificate, he pushed to fix it by notifying his users when they came looking to file a bug report.  When a function should exist or needs more features (FW tools for instance) he will add teaser panels to his app to get his users psyched for the function.  

It takes a nuanced approach to fix API issues.  CCP is understandably reluctant to drastically change any API, since this will mean considerable rework for the player devs.  It helps to know who are the right people to lean on, and how to create suggestions that are low-impact.  Sometimes big exploits must be done to showcase glaring holes, but without also contributing a realistic plan to fix it, CCP will never invest the effort to fix it.

Developer Trust

"It takes a lifetime to build a good reputation, but you can lose it in a minute."
-Will Rogers
Now, any developer can exploit the exceptional trust people put in using their tools.  It is easy to ferret away API keys to a central database and process them in complete secret.  It's easy to exploit extra data from people who cannot be bothered to understand what they are handing over... it's called Facebook.

If you want to build a widely used tool, community trust is absolutely critical.  There are enough code jockeys, enough paranoid users, that there is a significant force out there to keep you honest.  Unfortunately, there are also enough tinfoil-hat wearing weirdos that you will never be finished with the "how can I trust you?!" arguments.  The best things you can do are be open, be honest, and educate the masses... or tell them to take a hike if they don't like it!  You can't win them all.

How To Defend Yourself

Honestly, the auditing tools are pretty weak.  CCP gives an access log on your API page, but doesn't do much to figure out which key is to blame, or which queries might be malicious.  The first line of defense is use the customizable options.  You can have any number of custom keys, make one for each site.  Also, apply the same "don't fly what you aren't willing to lose" logic to your API.

In the end, it's just data.  V2 API's are read only and therefore the damage is only that someone knows your sekrets.  At the end of the day, it's all spaceship pixels and probably not worth losing your shit over.  Also, go get educated on what each of those APIs do.  CCP provides links to the API documentation on every option.  Also you can visit EVE-id.net if you want more information about how the APIs work.  Knowledge is power.

The Sandbox

As Stan over at Freebooted has put it, "EVE is the lair of psychopaths".  It provides us a sandbox to really explore all of human nature.  As I like to look at it, EVE is the only MMO where you can play a true villain  not just the backstory badguys.  It is important to separate the in-game personas from their real life players; pirates don't kick puppies, griefers are not terrorists.  It's just a game.

Personally, I love the metagame and what it inspires people to do.  EVE-Skunk is just another metagame creation... and that's why EVE makes it into the news.  Embrace the corporate espionage, step up your game, play in the sandbox.