Page 1 of 2 12 LastLast
Results 1 to 25 of 39

Thread: Jagex Tracking Mouse movements

  1. #1
    Join Date
    Dec 2011
    Location
    Toronto, Ontario
    Posts
    6,424
    Mentioned
    84 Post(s)
    Quoted
    863 Post(s)

    Default Jagex Tracking Mouse movements

    Hello all, I've seen a few posts which have been saying that Jagex tracks mouse movements/clicks.

    Firstly, assuming that Jagex wants to save alot of hard drive space, I put the clicks in this format:

    X,Y Type (1 = left, 2 = right, 3 = scroll)

    This took approximately 9 bytes to store:

    Code:
    511,202 1
    Keep in mind that this is ONE click. An average player clicks almost 14000+ times in a single hour of gameplay, and if you think i'm pulling numbers out of my ass i'm not. I downloaded a program called WhatPulse and timed myself for one hour 4 times, here were the results:

    Code:
    Hour 1: Dungeoneering ~21000 clicks
    Hour 2: Kalphite King ~19000 clicks
    Hour 3: Kalphite King ~12000 clicks (Swapped from Tank to DPS)
    Hour 4: Slayer        ~13000 clicks
    Here's the bytes per hour for each activity:

    Code:
    21000 * 9 = 189000 / 1024 = 184.5 KB
    19000 * 9 = 171000 / 1024 = 166.9 KB
    12000 * 9 = 108000 / 1024 = 105.5 KB
    13000 * 9 = 114000 / 1024 = 114.3 KB
    Keep in mind that this is med to high click activity, and most bots cant do this sort of thing. Lets assume that bots click about 5000 times an hour, regardless of activity. Even still, the amount of KB it takes to record all this is infestismal, and a 1TB hard drive could very well cover all of this for a week.

    At all times there're about 80 000 players online, and assuming that 9000 clicks an hour for the entirety of the RS Community, it takes about

    Code:
    9000 * 9 / 1024 * 80000 = 6328125KB / 1024 = 6179MB = 6.1GB/Hour
    Since recording/logging clicks takes about 6.1GB of hard drive space an hour, it takes Jagex approximately 146.4GB of hard drive space everyday to record all of this. However, eventually they'll have to delete/rewrite over everything that happened earlier on because they'll run out of space on the disk (or on Cloud hosting) and will have to buy another one. From a company's point of view it isn't very smart to rebuy rather than reuse.

    But the bigger problem is for Jagex to actually go through all that data, so my assumption is that the only time Jagex even records your clicks is if you click in the same area (1-3 px difference) multiple times at which point they start logging your clicks and investigate (or let the computer do it tbh) once it exceeds a count.

    Your opinions?

    I'd like @Flight's opinion on this

  2. #2
    Join Date
    Feb 2012
    Location
    Wonderland
    Posts
    1,988
    Mentioned
    41 Post(s)
    Quoted
    272 Post(s)

    Default

    I'd imagine they filter through a pattern, every check interval, looking for stuff like:
    - click same coordinate excessively
    - excessive mouse jumps (non mouse keys)

    both generalized points, so definitely allow for speculation as to precise intervals/coordinates/jumps/patterns

    -Lj

  3. #3
    Join Date
    May 2012
    Location
    New Mexico
    Posts
    99
    Mentioned
    0 Post(s)
    Quoted
    30 Post(s)

    Default

    They probably do track mouse movements, but probably aren't as strict as we think. Have they been tracking for a while or just recently?
    “Oh, hi. So, how are you holding up? BECAUSE I'M A POTATO"
    http://www.southweststandard.com

  4. #4
    Join Date
    Mar 2007
    Posts
    3,042
    Mentioned
    1 Post(s)
    Quoted
    14 Post(s)

    Default

    The client does track and send both mouse movements and clicks. The data for a mouse movement takes between 2-6 bytes to represent (depending on the changes in time and position from the previous movement), and mouse clicks can be represented in 6 bytes. It's sent this information off to the servers for years.

    Regardless of the size of the data, there's not really a need to keep it around for a long time. I'd imagine that it's regularly discarded unless the system flags it as interesting, after which it's actually useful to look at the data more closely.
    :-)

  5. #5
    Join Date
    Aug 2007
    Location
    Colorado
    Posts
    7,421
    Mentioned
    268 Post(s)
    Quoted
    1442 Post(s)

    Default

    Quote Originally Posted by Method View Post
    The client does track and send both mouse movements and clicks. The data for a mouse movement takes between 2-6 bytes to represent (depending on the changes in time and position from the previous movement), and mouse clicks can be represented in 6 bytes. It's sent this information off to the servers for years.

    Regardless of the size of the data, there's not really a need to keep it around for a long time. I'd imagine that it's regularly discarded unless the system flags it as interesting, after which it's actually useful to look at the data more closely.
    Yep yep, I've seen this as far back as the 300 client series; there are indeed packets that record mouse movements & clicks.

    I also agree with this data not being stored for too long, if at all. Now this is pure speculation so bear with me. If it were me I would only record near-perfect line mouse movement, and only record 2+ mouse clicks that clicked (or right/middle clicked) at the exact same coordinate twice (or more) in a row, or perhaps not the exact same coordinates but very close in range (< 5 pixels?). To me that's the logical way to go rather than storing every movement & every click of every player; just record the suspicious ones, no?

    Current projects:
    [ AeroGuardians (GotR minigame), Motherlode Miner, Blast furnace ]

    "I won't fall in your gravity. Open your eyes,
    you're the Earth and I'm the sky..."


  6. #6
    Join Date
    May 2012
    Location
    Somewhere in, PA
    Posts
    1,810
    Mentioned
    9 Post(s)
    Quoted
    226 Post(s)

    Default

    14000 clicks an hour?? That's 4 clicks per second constantly. You would basically have to be spam clicking that entire time
    My First Build!, Selling Downloadable Games
    -------------------------------------

  7. #7
    Join Date
    Dec 2011
    Location
    Toronto, Ontario
    Posts
    6,424
    Mentioned
    84 Post(s)
    Quoted
    863 Post(s)

    Default

    Quote Originally Posted by Austin View Post
    14000 clicks an hour?? That's 4 clicks per second constantly. You would basically have to be spam clicking that entire time
    Time yourself, if you spam click like me than it's real possible.

  8. #8
    Join Date
    Nov 2011
    Location
    England
    Posts
    3,072
    Mentioned
    296 Post(s)
    Quoted
    1094 Post(s)

    Default

    Lets all set up 100 accounts moving out mouse across the screen and clicking, waste that jagex hard-drive space! haha

  9. #9
    Join Date
    Aug 2012
    Location
    Singapore
    Posts
    77
    Mentioned
    0 Post(s)
    Quoted
    18 Post(s)

    Default

    Quote Originally Posted by Ollybest View Post
    Lets all set up 100 accounts moving out mouse across the screen and clicking, waste that jagex hard-drive space! haha
    AHAHHAHA Omg Olly you made me laugh and choke on my drink.

  10. #10
    Join Date
    Apr 2012
    Posts
    3,356
    Mentioned
    34 Post(s)
    Quoted
    218 Post(s)

    Default

    Wow sin nice work in figuring that out.

    So realistically they would just look for repetitive patterns.

    I think that's interesting that they would get so much data out of it per day.

  11. #11
    Join Date
    Sep 2007
    Location
    Australia, NSW
    Posts
    934
    Mentioned
    6 Post(s)
    Quoted
    145 Post(s)

    Default

    What about all those people that high-alch and/or sell things to the general store (massive bulk)? They click on the same pixel for ages. I would say that Jagex looks more into near perfect mouse movements like @Flight said; or even, no mouse movement at all (if you're really that silly).

    They'd probably look for timing in between clicks too, I'd assume. Well, their computer would look for it...

    INACTIVE
    How-to: Make S.M.A.R.T. less laggy

    Sell me your Maple Shieldbows (u)! Up to 95gp ea!

    My Scripts:
    Ivy Chopper Ultra [RS3] | Fantastic Fletcher [RS3]
    99 x78 | 99 x10 | 99 x2 | 99 x12


    Use the REPORT tags when posting progress reports to make life easier (:
    [REPORT]Put progress report in here![/REPORT]

    Super Savvy Smither V1.06Cool Classy Cooker V1.02 [EoC]

  12. #12
    Join Date
    Nov 2006
    Posts
    2,369
    Mentioned
    4 Post(s)
    Quoted
    78 Post(s)

    Default

    I doubt they save any mouse data on their hard drives. They could just store some recent mouse activity in their RAM and use that data to identify bots? Actually I think they have that type of tracking system only enabled on a small amount of players(reported players?) at a time to save resources.
    Quote Originally Posted by DeSnob View Post
    ETA's don't exist in SRL like they did in other communities. Want a faster update? Help out with updating, otherwise just gotta wait it out.

  13. #13
    Join Date
    Feb 2012
    Location
    DON'T PM ME ASKING FOR STUFF
    Posts
    2,170
    Mentioned
    38 Post(s)
    Quoted
    423 Post(s)

    Default

    Quote Originally Posted by guthixboss1 View Post
    AHAHHAHA Omg Olly you made me laugh and choke on my drink.
    That's a bit over the top..

  14. #14
    Join Date
    Aug 2012
    Location
    Singapore
    Posts
    77
    Mentioned
    0 Post(s)
    Quoted
    18 Post(s)

    Default

    Quote Originally Posted by xtrapsp View Post
    That's a bit over the top..
    Nuuuu its the way he said it. :P

  15. #15
    Join Date
    Jan 2013
    Posts
    146
    Mentioned
    0 Post(s)
    Quoted
    56 Post(s)

    Default

    id think the only time they would look at it is if you were reported other than that i assume they would just trash the info.

  16. #16
    Join Date
    Jul 2012
    Posts
    279
    Mentioned
    5 Post(s)
    Quoted
    46 Post(s)

    Default

    I recall a jagex mod post regarding the QBD, saying that it wasn't just a boss anymore but that mouse movements and all were recorded. Therefore, the logical conclusion that I have to draw is that this system only operates in limited areas.

    Also, botwatch definitely isn't all that powerful. For all the scripts that led to bans, it is fairly clear that there was some human intervention by jagex. In most cases, the script was just leaked.

    As for the actual time the data is stored, I find it important to point out that bans are extremely easy to pinpoint in time. All bans start the same day and usually happen quite fast. There is no going back 30 days in the past to find out who was using the script.

    Finally, areas that are said to be heavily botwatched also have scripts that have recovered from the watch, namely dungeoneering and LRC. Therefore, it is fairly clear to me that the system isn't fully automatic.

  17. #17
    Join Date
    Sep 2010
    Posts
    5,762
    Mentioned
    136 Post(s)
    Quoted
    2739 Post(s)

    Default

    Quote Originally Posted by Wardancer View Post
    I recall a jagex mod post regarding the QBD, saying that it wasn't just a boss anymore but that mouse movements and all were recorded. Therefore, the logical conclusion that I have to draw is that this system only operates in limited areas.

    Also, botwatch definitely isn't all that powerful. For all the scripts that led to bans, it is fairly clear that there was some human intervention by jagex. In most cases, the script was just leaked.

    As for the actual time the data is stored, I find it important to point out that bans are extremely easy to pinpoint in time. All bans start the same day and usually happen quite fast. There is no going back 30 days in the past to find out who was using the script.

    Finally, areas that are said to be heavily botwatched also have scripts that have recovered from the watch, namely dungeoneering and LRC. Therefore, it is fairly clear to me that the system isn't fully automatic.
    This, their detection system is outdated like.. 6-7 years

  18. #18
    Join Date
    May 2012
    Location
    New Mexico
    Posts
    99
    Mentioned
    0 Post(s)
    Quoted
    30 Post(s)

    Default

    It probably is automated and just need review from a mod. It just flags accounts and records and then someone has to review it.


    Quote Originally Posted by Wardancer View Post
    I recall a jagex mod post regarding the QBD, saying that it wasn't just a boss anymore but that mouse movements and all were recorded. Therefore, the logical conclusion that I have to draw is that this system only operates in limited areas.

    Also, botwatch definitely isn't all that powerful. For all the scripts that led to bans, it is fairly clear that there was some human intervention by jagex. In most cases, the script was just leaked.

    As for the actual time the data is stored, I find it important to point out that bans are extremely easy to pinpoint in time. All bans start the same day and usually happen quite fast. There is no going back 30 days in the past to find out who was using the script.

    Finally, areas that are said to be heavily botwatched also have scripts that have recovered from the watch, namely dungeoneering and LRC. Therefore, it is fairly clear to me that the system isn't fully automatic.
    “Oh, hi. So, how are you holding up? BECAUSE I'M A POTATO"
    http://www.southweststandard.com

  19. #19
    Join Date
    Jul 2012
    Posts
    279
    Mentioned
    5 Post(s)
    Quoted
    46 Post(s)

    Default

    Quote Originally Posted by klae17 View Post
    It probably is automated and just need review from a mod. It just flags accounts and records and then someone has to review it.
    Improbable. If that was the case, why would there only have been one wave of bans for dungeoneering or LRC? I believe the work that has to be done by a jagex worker is more extensive than rubber stamping.

  20. #20
    Join Date
    Feb 2008
    Posts
    748
    Mentioned
    1 Post(s)
    Quoted
    14 Post(s)

    Default

    Botwatch operates in specifically designated regions. Once a player is identified as a bot (whether that be manual or automatic), the system can analyze that player's actions and automatically ban others that may be using the same script (behaving similarly). I'm certain that mouse biometrics plays a role as well. To the extent of my knowledge, these bans are automatic.
    As for dungeoneering and LRC, it's probably because Botwatch isn't set to it at the moment. If you based the lack of bans for dungeoneering off PowerBot's scripts, then it's because Botwatch isn't set to it.
    Regarding mouse biometrics, it's actually not a very CPU intensive process. As Method stated earlier, the cost for transmitting the mouse clicks is minimal, they could actually add angular based biometrics to it. The cost of that would be ~12 bytes total (an increase in 6 bytes). There was a paper published on the topic that used a Pentium 4 Xeon 3.0Ghz processor. They used angular based biometrics and were able to build profiles for 1000 users that inputted ~5000 clicks in 20 seconds. Once that profile was built, they claimed to be able to verify 5800 clicks in 230ms. Even if this is was exaggeration on the part of the researchers, the cost to verify a profile is still quite low.
    Given the size of Jagex's servers and the skills of their employees, I wouldn't doubt their ability to build a profile for a bot (like powerbot) and use that profile to find users of the bot (which would only involve verification, thus not consume nearly as many resources). A few of the Fellows from powerbot apparently proved the concept and hence, forced the changes in powerbot's mouse. Obviously Jagex can't build a profile for all of it's users given the size of the game, but they can certainly target bots with a mouse implementation that very rarely resembles human behavior.

  21. #21
    Join Date
    Jun 2007
    Location
    The land of the long white cloud.
    Posts
    3,702
    Mentioned
    261 Post(s)
    Quoted
    2006 Post(s)

    Default

    Quote Originally Posted by pyroryan View Post
    Botwatch operates in specifically designated regions. Once a player is identified as a bot (whether that be manual or automatic), the system can analyze that player's actions and automatically ban others that may be using the same script (behaving similarly). I'm certain that mouse biometrics plays a role as well. To the extent of my knowledge, these bans are automatic.
    As for dungeoneering and LRC, it's probably because Botwatch isn't set to it at the moment. If you based the lack of bans for dungeoneering off PowerBot's scripts, then it's because Botwatch isn't set to it.
    Regarding mouse biometrics, it's actually not a very CPU intensive process. As Method stated earlier, the cost for transmitting the mouse clicks is minimal, they could actually add angular based biometrics to it. The cost of that would be ~12 bytes total (an increase in 6 bytes). There was a paper published on the topic that used a Pentium 4 Xeon 3.0Ghz processor. They used angular based biometrics and were able to build profiles for 1000 users that inputted ~5000 clicks in 20 seconds. Once that profile was built, they claimed to be able to verify 5800 clicks in 230ms. Even if this is was exaggeration on the part of the researchers, the cost to verify a profile is still quite low.
    Given the size of Jagex's servers and the skills of their employees, I wouldn't doubt their ability to build a profile for a bot (like powerbot) and use that profile to find users of the bot (which would only involve verification, thus not consume nearly as many resources). A few of the Fellows from powerbot apparently proved the concept and hence, forced the changes in powerbot's mouse. Obviously Jagex can't build a profile for all of it's users given the size of the game, but they can certainly target bots with a mouse implementation that very rarely resembles human behavior.
    That is interesting. Do you think it would be impossible to build a 'profile' of a well scripted Simba bot? Simba bases a lot of its mouse movements on colour and hence is more random/human like?

  22. #22
    Join Date
    Feb 2008
    Posts
    748
    Mentioned
    1 Post(s)
    Quoted
    14 Post(s)

    Default

    Quote Originally Posted by The Mayor View Post
    That is interesting. Do you think it would be impossible to build a 'profile' of a well scripted Simba bot? Simba bases a lot of its mouse movements on colour and hence is more random/human like?
    Color has nothing to do with mouse movements. Both bots will generate a destination point to move to (and/or click). How the bot moves the mouse to that destination can be exploited by mouse biometrics. I can't exactly remember how Simba's mouse works so I can't comment on the specific case, but looking at the percent bans should give you a general idea for whether something is being detected or not.
    In the end, a human is fairly random whereas a bot will follow a general trend. A well scripted bot will look like a human in areas such as banking (so don't deposit an item only to withdraw more of it for example). Matt/gh0st used some of Jacmob's old code from the RSBuddy times to analyze the scripts on powerbot (when they banked, items withdrawn, where they walked, etc.) and was able to determine the areas where the scripts were repetitive enough to be analyzed. Supposedly that is very similar to Botwatch.
    In short, a well designed script and bot isn't going to be detectable. Whether it uses color or injection (or any other techniques) is irrelevant in this case.

  23. #23
    Join Date
    Feb 2006
    Location
    Canada
    Posts
    2,254
    Mentioned
    21 Post(s)
    Quoted
    238 Post(s)

    Default

    Very interesting read, thanks sin, method, flight and pyroryan.
    It seems to me like jagex could be banning quite a bit more with the sheer volume of data they can collect...almost odd that their bot detection is so bad. (Another way to say it, how we are able to consistently evade them...maybe it says something about their company)

  24. #24
    Join Date
    Jul 2012
    Posts
    279
    Mentioned
    5 Post(s)
    Quoted
    46 Post(s)

    Default

    I'm surprised there aren't more ban waves. Considering it took them 6 hours to break down the second QBD powerbot botting attempt, I'd expect jagex workers to be able to cycle through different bots, find a flaw and massively ban. I wonder what can explain this. I'd be very surprised if something massive was coming as botwatch was defined as a work in progress system that would slowly get rid of bots.

    Any hypothesis?

  25. #25
    Join Date
    Jun 2012
    Posts
    4,867
    Mentioned
    74 Post(s)
    Quoted
    1663 Post(s)

    Default

    Quote Originally Posted by Wardancer View Post
    I'm surprised there aren't more ban waves. Considering it took them 6 hours to break down the second QBD powerbot botting attempt, I'd expect jagex workers to be able to cycle through different bots, find a flaw and massively ban. I wonder what can explain this. I'd be very surprised if something massive was coming as botwatch was defined as a work in progress system that would slowly get rid of bots.

    Any hypothesis?
    The only thing I can think of is that maybe the combination of the QBD bot having an obvious flaw and also having many users was what made it so detectable. Consider this: The way below average Simba script has multiple flaws that should alarm Jagex, however because it likely has very few users it is difficult for a discernible pattern to emerge. Or an above average Simba or PowerBot script, there would be enough users to generate a discernible pattern, but there are no big flaws to raise red flags. Does that make sense or not?

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •