Profile

Cover photo
Andrew Brandt
Works at Solera Networks/Blue Coat
Attended Earth
155 followers|138,918 views
AboutPosts

Stream

Andrew Brandt

Shared publicly  - 
 
 
Improving how spoofing is handled at anomalies - An open letter to NIA OPS from Ingress players:

TL;DR: Niantic’s anti-spoofer support during #ViaLux 1 was insufficient to prevent cheaters affecting the outcome of anomalies, and improvements are required.

Many players were pleased to discover that fielding operations would form a part of the #ViaLux anomaly series via “Special Field Operations“. For many, fielding is the ultimate thrill in this exciting game, and it requires commitment, skill and tenacity to succeed. Sadly in several cases, agent actions at SFO and anomaly sites were thwarted by cheaters. Unfortunately, despite Niantic’s efforts, the spoofer epidemic is far from solved. There is a need to review how Niantic handles these issues in order to maintain an honest and competitive game.

The prevalence of spoofing is having a severely negative effect on community engagement. Agents from both factions, in each and every region of the world, no longer wish to participate in Ingress related events (either officially sponsored or player-run). The evidence of this is in the attendance numbers for Via Lux which both Factions acknowledge is lower than the previous Anomalies held in 2016. Why should we continue to play only to have our efforts countered by invisible players? Morale is lowered as players feel there is no benefit to taking actions in the game. This isn’t a new problem, this is a problem that has existed since 2012. Yet even the most basic ways of mitigating these actions, especially during an Anomaly, by rolling back spoofer actions has not been implemented in recent years.

Niantic, you have stated numerous times that this behavior is in violation of the Ingress Terms of Service and in violation of the spirit of the game. We, the players, ask that you devote additional effort and resources necessary to urgently put an end to the practice of spoofing. Your inability to make a perceived dent in the problem gives the impression that spoofing/cheating isn’t a priority for you. Your inaction or the perception of inaction coming from you also increases cross faction tensions as issues remain unresolved. To make matters worse, your customer service is abysmal. Your company is dependant on its customers, the players, for a source of revenue. Yet support tickets go unanswered or closed as soon as they’re opened. No other customer oriented company operates this way, except maybe Google. You are no longer part of Google. As a business which now has paying customers, we hold you to higher standards of support and responsiveness.

Our communication with Niantic during the first weekend in #ViaLux

As usual, POC nominated Intel operators from each site to join a channel where their concerns could be escalated to Niantic Ops via intermediary community managers. Unfortunately for many, this link was not direct or effective enough and spoofers affected anomaly fielding at anomaly sites and special field op locations. Several of these spoofers are still not banned despite multiple reports by both factions. NIA OPS reported that there was nothing unusual about the accounts. In Venezuela, field space was totally controlled by spoofers and RES and ENL agents said they will no longer be spending money travelling only to have their efforts thwarted by cheaters.

Names that had been reported weeks and months before the Anomaly as being spoofers directly affected the Anomalies through spoofing. There is a need for a more proactive approach to controlling spoofing during anomalies, to preserve the validity of site scoring. Our agents want to help and work together with Niantic to improve this issue.

We ask Niantic to improve their responsiveness to reports of spoofing during anomalies as follows:

Fast track status for designated intel operators (one per faction per site or city) for a week before the anomaly
Consider allowing factions to share plans securely in advance so Niantic is prepared for spoof field take down attempts
Pre-arranged responsive cover from NIA OPS for 48 hours before the anomaly and through the anomaly weekend to close of the last event
Review of pending tickets affecting the anomaly zone and surroundings
Niantic improve spoofer detection, or consider softbanning suspect agents during anomaly windows where there is overwhelming cross faction support to do so
Reverse the actions of cheats and spoofs of major impact that happen before and during the anomaly[-related] period, particularly in the scoring

+Ingress
+NIA Ops
+Niantic Project
+Niantic
+John Hanke
+Andrew Krug
+Pooja Srinivas
+Anne Beuttenmüller
+Matilde Tusberti
374 comments on original post
1
Add a comment...

Andrew Brandt

Shared publicly  - 
 
These are beautiful!
 
頒布会に参加してみます。

#イングレス  
#アバドン  
#沖縄  
#頒布会 
 ·  Translate
7 comments on original post
1
Add a comment...

Andrew Brandt

Shared publicly  - 
 
Andrew Brandt hung out with 9 people.Khristian Stokes, lancy vaz, oni dan, abdul majid, Gava Galsibu, Mohammed Muneer, Mandala Dal, SAADA NEDJMA, and حسين احمد
Andrew Brandt's profile photoKhristian Stokes's profile photolancy vaz's profile photooni dan's profile photoabdul majid's profile photoGava Galsibu's profile photoMohammed Muneer's profile photoMandala Dal's profile photoSAADA NEDJMA's profile photoحسين احمد's profile photo
Andrew Brandt was in a video call with 9 others
1
Add a comment...

Andrew Brandt

Shared publicly  - 
 
Just finished a new research project, which I started in the middle of another one, and I'd like to share it with you. The story is at the Solera blog, and it's one that brings me back to my southern CA roots and my history as an obsessive videogame player.

Social Attack on Gamers Leads to a Drive-By Diab-load
http://j.mp/diab-load
1
Add a comment...

Andrew Brandt

Shared publicly  - 
 
Russian bad guys begin using a new Java exploit in their malware campaigns, but remain stubbornly inept at writing a complete sentence in English.
1
Add a comment...

Andrew Brandt

Shared publicly  - 
 
The past two days, I was at training held by the Honeynet Project at Facebook's headquarters in Menlo Park and Palo Alto. I got an interesting taste of company culture that was still hanging on the walls in their now-abandoned Palo Alto offices.
1
1
Clark Stacer's profile photo
 
I love the "No Running" sign -- that really levels the spike of cheesiness.
Add a comment...

Andrew Brandt

Shared publicly  - 
 
 
Tucson #IngressObsidian commences with huge turnout!
4 comments on original post
2
Add a comment...

Andrew Brandt

Shared publicly  - 
 
I don't post on G+ very often but I've been playing Ingress and will be participating in the anomaly this weekend.
2
Add a comment...

Andrew Brandt

Shared publicly  - 
 
A selection of the icons used by malware distributed via spam (either as a .zip attachment or as a link to a downloadable .zip file). All of these are presented to the potential victim as some sort of sales or shipment record, hence the use of (low-quality) PDF or Word document icons.
1
Add a comment...

Andrew Brandt

Shared publicly  - 
 
The past month, I've been more busy chasing down novel malware and interesting attacks than I have been for a while. The post below summarizes just a few of the attacks, and payloads they delivered, that ran in our lab during the month of 0day...I mean, September. I'll also be talking about these and other attacks in more depth in Los Angeles on Tuesday - see j.mp/2020visibility for more details and registration info for this free event.
1
Matthew Newton's profile photo
 
"Tarzan-grade sentence structure" had me ROFL. :)
Add a comment...

Andrew Brandt

Shared publicly  - 
 
I've been monitoring an email-borne infection for the better part of a week. I just completed a writeup about it. There's something slightly more sinister than normal about a Trojan that uses the domain "loadmetoday-dot-com" (modified to remove G+'s stupid automatic hotlinking) for its command-and-control server. It's like it's taunting me. The story is at http://j.mp/ukspamworm  
1
Add a comment...

Andrew Brandt

Shared publicly  - 
 
waiting for obama
1
Garrick Brandt's profile photo
 
you rode all the way to afghanistan?
Add a comment...
Story
Tagline
Director of Threat Research for Blue Coat Systems
Introduction
Andrew Brandt is an information security expert and award-winning journalist who works in both fields. He currently serves as the Director of Threat Research for Blue Coat Systems, studying and publishing the details of Internet attack and malware trends to the company blog, at https://www.bluecoat.com/security/security-blog
Education
  • Earth
Links
Work
Occupation
Director of Threat Research for Blue Coat Systems, freelance tech journalist
Employment
  • Solera Networks/Blue Coat
    Director of Threat Research, 2011 - present
  • Webroot
    Lead Threat Research Analyst, 2006 - 2011
  • PC World
    Senior Associate Editor, 1997 - 2005
Basic Information
Gender
Male