First I was asked by blondie for the IP of vein. Since blondie's discovery of it being liz, that prompted me to dig a little more into the logs. I realized that liz also played unauthenticated to cover up who she was. Even though liz has admitted it, the logs also confirm that what she said is true. she was indeed vein.
Anyway since I saw she was locally opped and not logged in It prompted me to review the log for anyone else that was locally opped. Here is what i come up with.
[1] Order of LeopardSh@forums: CatSh has been logged in as catsh@L_OP at access level "Team Member".
[1] Order of LeopardSh@forums: PigeonSh has been logged in as pigeonsh@L_OP at access level "Team Member".
[14] Order of [abc]_mister: [abc] vein has been logged in as [abc]_vein@L_OP at access level "Team Member".
So this violated rule #10 ("Everyone must be authenticated in order to participate during the Ladle.")
Last edited by kyle on Fri Jul 11, 2014 12:03 pm, edited 1 time in total.
kyle, I'm going to hijack this thread to talk about security. Maybe you can rename it? Thanks, man! --------------------------------
Currently, all players must be authenticated to play Ladle. As we can see above, this can be abused by Team Leaders who /OP players. It may be time to remove this privilege and pass it to the Global Moderators.
In the past, the ability to /OP was a matter of convenience. Ladle's only admin was Z-Man and teams needed to be as independent as possible. However, we have successfully employed Global Moderators for many months now. Global Moderators can /OP unauthenticated players then make a post for the community to review. There is absolutely no need for Team Leaders to have this ability, especially since it can be abused. Also, why, after so many years, would someone have problems authenticating? At this point, if you can't get your GiD correctly onto the Challenge Board you have no business fielding a team. If you want to have a bunch of smurf accounts to stay anonymous, great! We will just check your IP after the match.
So my proposal is, remove Team Leader's ability to /OP and pass that responsibility to Global Moderators, who are in turn responsible for posting in the Ladle thread when they /OP someone.
The only possible argument against, which is a very weak one, is that occasionally teams will use Ladle servers for wars in-between events. Considering how infrequently it happens I don't think leaving the privilege in place is justified.
