Please modify HonorBuddy so that when it creates log files it does not put: 1. Your [Username] which is part of the path where meshes are stored. 2. Your WoW character name. Typically this shows when there was an error of some sort. 3. Your operating system version and build number 4. The level of your character 5. The race of your character 7. The build of your character (talent tree spec) None of the above information is relevant to any issue that may arise from a poorly written routine, or other bug with the exception of the possibility of which edition of windows the user may be running. Currently, this information is unacceptable for Mods to request a "log" for basically every single question, and assuring the log does not contain personal information which it does. Examples below. I have replaced the non-anonymous information with the word "Anonymous" Code: [03:58:25.200 D] [LuaEvents] Getting argument values for event COMBAT_LOG_EVENT_UNFILTERED [03:58:25.206 D] [Singular-DEBUG] [CombatLog] Anonymous:72057594123629718 cast of Earth Shock#8042 failed: 'Not yet recovered' [03:58:25.206 D] [LuaEvents] Getting argument values for event COMBAT_LOG_EVENT_UNFILTERED [03:58:25.207 D] [Singular-DEBUG] [CombatLog] Anonymous:72057594123629718 cast of Stormstrike#17364 failed: 'Not yet recovered' [03:58:25.207 D] [LuaEvents] Getting argument values for event COMBAT_LOG_EVENT_UNFILTERED Code: [03:57:10.313 N] Mesh folder path does not exist, creating folder at path: C:\Users\Anonymous\AppData\Local\HonorbuddyMeshes [03:57:10.343 N] New bot added!: ArchaeologyBuddy [03:57:10.345 N] New bot added!: BGBuddy [03:57:10.496 N] New bot added!: DungeonBuddy [03:57:10.578 N] New bot added!: Gatherbuddy2 [03:57:10.579 N] New bot added!: Grind Bot [03:57:10.581 N] New bot added!: Questing [03:57:10.611 N] New bot added!: Mixed Mode [03:57:10.613 N] New bot added!: PartyBot [03:57:10.618 D] Reloading AssemblyLoader<BotBase> - Reloading Bots [03:57:11.242 N] New bot added!: Combat Bot [03:57:11.242 N] New bot added!: Raid Bot [03:57:11.245 N] Honorbuddy v2.5.6585.517 started! [03:57:11.245 D] Using WoW with process ID 2396 [03:57:11.246 D] Platform: Microsoft Windows NT 6.2.9200.0 [03:57:11.246 D] Executable Path: C:\Users\Anonymous\Desktop\hb\Honorbuddy.exe [03:57:11.249 N] Character is a level 42 Pandaren Shaman [03:57:11.250 N] Current zone is The Hinterlands [03:57:11.322 D] CombatRoutinesPath: Routines [03:57:11.322 D] ReloadRoutinesOnFileChange: False [03:57:11.322 D] PluginsPath: Plugins [03:57:11.322 D] ReloadPluginsOnFileChange: False [03:57:11.322 D] BotsPath: Bots [03:57:11.322 D] ReloadBotsOnFileChange: False [03:57:11.322 D] QuestBehaviorsPath: Quest Behaviors [03:57:11.322 D] MeshesFolderPath: C:\Users\Anonymous\AppData\Local\HonorbuddyMeshes Please, correct this in the core. A simple string replace would do for most part, and removal of data that is not relevant. These logs DO give enough information to ban accounts, such as level, time and location, race, etc.
Hi, Hackersrage, Like you, I'm very paranoid of personal information that escapes into the Intertoobs. 1. Honorbuddy provides you a mechanism for changing the meshes directory in its Settings tab. 2. I've never noticed a character name, but believe it could periodically escape. Your example looks like a Singular info leak, and not a HBcore leak. This one should definitely go on the Singular 'immediately fix' list, In BuddyWing's WingIt, we created a LoggableIdentifier() method for precisely the reason of masking PC names (but leaving NPC names intact). 3-7. This information is an absolute *must* to be logged. We find many, many problems with these seemingly insignificant pieces of information. This information is particularly useful when trying to debug class-specific, race-specific, or gender-specific quests. The spec is absolutely needed when trying to debug problems a user is having with Combat Routines. Just because you've never bumped into a problem that requires the information, doesn't mean its not used all the time to diagnose user problems. I'm just a Community member like you, and have no actual say in the matter. Just expressing my opinion. cheers, chinajade EDIT 1: I submitted this post to the Singular development thread capturing the personal information leak concern. Thanks for the save, HackersRage--its now in Bobby53's hands.
Doing a search replace in the log file to ensure the character name / etc is not released is a big pain in the nuts -- an extra step that should not have to be done. One of the reasons why I read logs before I post em. Debugging class specific, etc details, is understandable, however if I was blizzard, and I got my hands on these logs, I could determine EXACTLY -- or narrow it down tremendously to who is botting. Here is how 1. The timestamp of the occurrance. 2. The location in world. 3. What level and race 4. What class and specification. That does narrow things down QUITE a lot. And above that -- Information that blizzard does collect is the version of your OS -- so mix just that alone together -- and blam. Banhammer ! Not all that hard to query for since it is like a 5-10 minute job to write a generic parser for your log files, and then spit out it's findings into a SQL query to lookup in the database. Anyone where there is only 1 result -- insta ban. Any that have more than 1 result, but say less than 10 -- flagged for watching / research. Now toss into the mix leaking the character name --- boom. For sure all that information combined is MORE than enough to banhammer. Additionally -- the report submission service hasn't been working for a while, and should probably be disabled / turned off. Submitting log data that contains this information on an open forum is really tempting fate. I would suggest, that a simple log process be in place that spews out errors -- more informatively as to what line the error occurred on and what the error was --- not like current "couldn't compile IF on line 6208 of blahblah.xml" and no if statement is even around that, or near it -- not even close. I checked my old logs and this is a consistant thing with Singular popping out the player name -- at least thats how it appears. DEBUG is pooping into the log even when log level is set to normal or quiet.
Hi again, HackersRage, I understand your point about data mining the logs. I honestly don't believe it to be a concern. WoW is on the downhill side of its lifecycle, and don't believe Blizzard would invest the necessary resources to mine the logs submitted to one botting website to supplement its banhammer analysis. If I believed the logs had even the slightest chance of being mined, I'd be screaming about it along with you. The reason I don't believe it is because it would be much easier to put in place server-side checks that would catch bots immediately and reliably. It doesn't matter which bots, but I can tell you about a dozen server-side checks that would easily catch HB. I don't believe these checks are in place, nor will ever be. But I won't discuss this topic further for obvious reasons. On your other point, overt information leaking is completely unacceptable. This information can be abused by individuals, not just data-miners. I've submitted this post to the Singular development thread to address the concerns with its information leaks. Thanks for the save! cheers, chinajade
Blizzard doesn't need our logs to determine who is botting and who isn't. Timestamps are in logs so we know how long something has been happening. Location is in the logs so we know where certain bugs are happening. Level and race is in a log because these can affect the bot in ways like profiles not working and racials not working. Class and spec is extremely important because it lets us know right off the bat what is loaded and we know immediately if there is a problem that we have an answer to. I'll admit that char name sometimes sneak though to the logs, but it is rare.
