Security and Convenience

[ExaliaFaux]

I'd like to talk about how difficult it really is to achieve Security and Convenience when it comes to not just EloCarry, but our time spent digitally.

The short answer is that it's difficult, but the long answer is that it's difficult because the more Security we put in place to keep ourselves anonymous or otherwise undetected, the more inconvenient we have to make things for ourselves.

For example, we all have multiple accounts across many websites and games. How many of those sites/games do we use the same username? The same password? If our info is leaked once, then we get caught everywhere else. That's a security risk for the sake of convenience.

Another example would probably be Rift as we were required to patch our OS into test mode just so we could script in League. I do recall Rift saying that he had access to player info whenever people played so he could determine if people were telling the truth about detection and whatnot. That's all fine and good, but that also meant he had our account information which could be leaked at any time. Some say he DID leak the info, but ehh who can really say? I got banned after the exit scam so maybe he did, maybe he didn't and was detected. 

So EloCarry has a very steep mountain to climb in order to keep us protected at our convenience. There are some truths we have to accept though.

1) We HAVE to give access to our account info that EloCarry finds necessary. This means stuff like how many times we injected, what games we injected in, etc. I don't know any specifics and honestly not knowing the specifics is fine, but we at least need to give that info to EloCarry to better the platform's security/detection. 

2) We HAVE to give real info about ourselves. This is pretty important as most of us(er... all of us?) who are on this forum has already given our IDs and whatnot. So not only are we dealing with security in the digital world, but we're dealing with it IRL. It's really easy to mask yourself online, but to do so IRL you'd have to jump through hoops. It's inconvenient for someone to constantly fake that so it's important to have this. With this, we can stop Riot at the door assuming we know their identities OR anyone with malicious intent trying to tear down the platform or otherwise being an inconvenience to everyone else.

These are the two points I can think of that can potentially pose as a security risk for us while also being a security measure for our convenience. This is a compromise they are going for as far as I can tell (feel free to correct me since I'm a dummy dumb dumb).

Okay so we get the gist of what EC is doing on that front, but what else are they doing to keep us secure while being convenient?

For starters, we don't have to do much of anything on our end as the user. Everything is pretty much done in the backend of EloCarry. We can set up scripts/settings right here on the site whether on PC or Mobile. We don't have to patch our OS into Test Mode just so we can script on League only to switch back to play other games that block Test Mode. That's a lot of convenience, but also our info is secured. Riot shouldn't know that we're scripting anytime we inject. Rather, they should be doubtful that we are scripting if EloCarry stays undetected. Nobody else should know our real names other than @Zlitz unless we willingly tell others. Nobody else should have access to our League accounts other than maybe Vector for info purposes. Nobody should be able to access our EloCarry accounts with 2FA. And lastly, nobody else should be able to access EloCarry's cheat that hasn't been invited even if they happen to cop a download whether it's sent through email or usb. 

We have to believe that EloCarry has that security for us built around our convenience which is much more than what other platforms can say. Rift was supposedly secure, but was a definite inconvenience to the end user with patching OS. L# was mostly secured during the final days while also convenient~ish(script quality got worse due to apis being rushed). EloBuddy pretended to be secured then leaked their entire userbase(allegedly but I'm willing to believe it since I don't even remember). And it just kept going until we're here today where private platforms are trying to stay private yet no currently known/public platforms are aiming for security and are barely being convenient.

All we currently have from these platforms are words. Some being honest about detection, some denying it. Many have closed shop and all we can do is trust that this is the platform we choose to stay at. I personally believe in EloCarry, but I won't deny that they have an uphill battle for trust. 

Sorry if this feels like a jumbled mess. I literally woke up thinking about security since I had a class about it recently. Thought I'd talk about it a bit and why it's difficult to start up a platform that aims to be secure yet convenient. Just being on the internet is a risk, but we have minimized it to the best of our abilities while staying convenient. If we wanted TRUE security, then we wouldn't ever want to interact with anyone pretty much ever which isn't that convenient or fulfilling really.

[Zlitz]

I find posts like this generally interesting as you and almost 200 users from now and the past have shared with me, my company sensitive information.

To share some information that others may have not already seen, everything we collect in terms of data from our software and more is found here in our privacy policy. We would never capture more data than otherwise stated in our privacy policy.

[Falacy]

Yes you are right. In that regard, I hope people actually have read the General Data Protection Regulation (GDPR) Compliance. 

For optimal security i would recommend 

• Secure your accounts with a strong password.
• Enable two-factor authentication where possible.
• Avoid using the same password you’ve used elsewhere.
• Never share login details with others.

• Remember to logout when finished.
  
  Beware of oversharing or revealing too much when playing league online. Keep your personal details as private as possible when communicating with fellow players,  especially those you don’t know well. This can help reduce the risk of abuse, harassment or stalking, and even identity thefts.
   

Edited October 22, 2019 by Falacy