[DGD] Big brother

Noah Gibbs noah_gibbs at yahoo.com
Thu Oct 4 03:06:15 CEST 2007


  You're correct that you should be careful of giving staffers access to this
indiscriminately.  Similarly, *you* should take some kind of precautions to
avoid snooping on people randomly.

  Technical problems are likely to be simple -- as you point out, you can mark
a connection confidential easily enough.  A boolean flag would also work. 
Mostly confidential connections would be things you don't want to log -- say,
an FTP connection, since that's transferring a large object :-)

  Related to that, you'd want to make sure you log at some logically
appropriate level -- for instance, if a player connects by SSH, make sure
you're logging the plaintext but not the encrypted text.

  I'm not sure what else you'd want to be confidential.  Staffers?  Unlikely. 
They've got the most power and the most reason to abuse it.

  If you're worried about the size of the files (probably not a big deal in
this day and age), you can also log traffic coming into your server, but avoid
logging some or all of the outgoing.  This can be annoying to match up, but
you'll still catch the more flagrant abuses, and you'll still (more
importantly) have a command log from each player.  You might want to log things
like the room the player is in if you do this, so that you know who can easily
hear whom.  This will also allow you to find the location of a player easily
(when reconstructing actions from the logfiles) by checking the location of
their last logged command.

  Ethically, you should also put a disclaimer somewhere indicating that player
actions are logged.  I'd recommend putting it right up on your login screen.

--- Shentino <shentino at gmail.com> wrote:

> Anyone have a take on snooping everything that a player sends and
> receives over his connection?
> 
> Currently I've got a system to do this so that I have hard evidence,
> properly time stamped, of any player misconduct.
> 
> My concerns are both ethical and technical, namely, how do I keep from
> capturing confidential information without losing access to
> information?
> 
> What I'm thinking so far is to mark the ustates as classified by
> having them inherit a certain stub library, whose presence via <-
> operator will tell the snoop logic to avoid recording the actual
> information...or perhaps redirect it elsewhere.
> 
> Anyone see any problems, ethical, techincal, or otherwise?
> 
> I admit it woudl be nice to have logs like this, but I want to avoid
> both giving indescrete staffers over access and locking out too many
> ranks that the admins will be burdened.
> ___________________________________________
> https://mail.dworkin.nl/mailman/listinfo/dgd
> 





       
____________________________________________________________________________________
Need a vacation? Get great deals
to amazing places on Yahoo! Travel.
http://travel.yahoo.com/



More information about the DGD mailing list