Two Suggestions To Stop Illegitimate Pulses

Inquizitor · December 16, 2013, 3:33pm

While it is not a widespread problem, there are some people who are obviously using automated or semi-automated means to inflate their statistics. This causes problems for people who enjoy the competitive aspect of WhatPulse, as well as general statistics tracking.

I’d like to propose a couple of solutions to this issue.

1. Some rules to help prevent illegitimate pulses should be added to the site.

Examples:

Reject pulses if average keys per second is >20, or average clicks per second is >15.
Reject pulses if accumulated uptime is greater than the time since last pulse on that computer, unless MAC address is different (this will prevent accidental duplicates that have popped up recently, without affecting people who use a computer profile across multiple machines)

Other than MAC address detection, these could all be done server-side, for increased security.

2. There should be a simple way for registered users to “flag” pulses that they think are illegitimate.

Flagged pulses could go into a moderation queue, and people who meet some criteria (registered for x years, x amount of forum posts, hand-picked by staff, etc.) could review the flagged pulses. If a flagged pulse gets a certain number of confirmations from different people who are eligible to vote on them, it would be removed (2 confirmations, maybe?).

Although most users don’t cheat, it only takes a few to seriously mess up some statistics, as shown in this post by Sellyme.

I feel that these solutions will help to eliminate most of the issues with illegitimate pulses.

Feedback and discussion is quite welcome.

sellyme · December 16, 2013, 3:42pm

Definitely strongly agree with point two, I’ve suggested a reporting mechanism several times in the past, and it could also serve the benefit of users reporting applications with errors (such as osu!'s broken icon from the overview, Chrome/Firefox having swapped icons somehow, duplicate apps, mis-named ones, whatever).

I have to disagree with point one though. Having no kps limit now means that people who cheat with 500kps are easily caught. Having a limit means that someone could cheat at 50kps 8 hours a day, and not get caught, because that’s something that can be done legitimately (albeit only if you’re really bored). Having a limit does nothing but make it easier for cheaters to go unnoticed, because their otherwise glaringly illegitimate pulses are pushed into the realm of plausibility.

APWhite · December 16, 2013, 4:48pm

I agree with both points to some extent. The caps on the KPS/CPS would need to be perfect if they were to be enforced onto the website.

Point 2 however, I strongly agree with and I actually suggested I would do this for all Chrome based pulses if Martin even developed a version for that device. I’d be more than happy to spend a few minutes a day ensuring all pulses coming through are legitimate. An appeals process would need to be put in place however as there may be some occassion that pulses are not approved when in fact they were genuine, and the user should be allowed an opportunity to show how they may have gained those clicks or keystrokes genuinely. They would also need to be notified if their pulse had not been approved as the user would likely not even know otherwise until they log onto the website to check their stats, making it too late to appeal the decision made.

A lot of keys coming through at the moment seem to be software conflicts etc and these are always being noted on the forums and usually get patched with the next versions.

Either way, great suggestions and i look forward to them being considered by the Whatpulse staff.

newton · December 16, 2013, 6:03pm

I agree with both points, but some comments:

I think if something like this was implemented we shouldn’t publish the numbers. Sure, people could test, but hopefully they’d be detected in that time anyway, and removed as a result.

This is just my opinion but people should find better things to do to deal with their boredom.

I think everyone agrees with everything else so far.

Bloopy · December 16, 2013, 11:31pm

This exception is unnecessary. People shouldn’t be using a computer profile across multiple machines at once. You shouldn’t be able to record more than 24 hours of uptime in one day for one computer profile. If a pulse is rejected, notify the user explaining how to set up their profile properly.

I’m not sure about the kps limit. There already is one but it could be tightened I guess. People who like to pulse every 1000 keys or every hour are more likely to hit the limit, but that’s fine I guess, their fault for pointlessly hammering the WP server with pulses. Maybe encourage people to pulse less often, ie. sleep between pulses.

[quote=“Inquizitor, post:1, topic:12988”]
2. There should be a simple way for registered users to “flag” pulses that they think are illegitimate.

Flagged pulses could go into a moderation queue, and people who meet some criteria (registered for x years, x amount of forum posts, hand-picked by staff, etc.) could review the flagged pulses. If a flagged pulse gets a certain number of confirmations from different people who are eligible to vote on them, it would be removed (2 confirmations, maybe?).[/quote]

Great idea. Maybe users could earn premium for voting on a certain number of pulses. Also, there would need to be a way for admins to undelete pulses, as it would suck if both pulses of a duplicate get flagged and removed. The preferred option is to completely prevent duplicates in the first place, which is what your uptime rule suggestion should do.

Century0 · December 17, 2013, 12:39am

Just to throw in my two cents without actually responding to the thread,

I am the person who handles the suspected cheaters thread (and cheaters in general). I’m around, I’ve just been busy. I’ve got a backlog and it’ll be taken care of soon enough. To expand, writing reports like sellyme has done assists me in getting through my backlog as I do not have to individually confirm everything - I can merely just read his write up and confirm that what he wrote is correct.

Expanding further, if you need to contact me quickly, my email is and I can respond to any reports you have quickly as they come straight to my phone.

~Century0

newton · December 17, 2013, 2:04am

I have to run it by Martijn, but I kind of want to take this and run with it. Might have a few changes to how it works, but I think a reporting system would be useful, and at some point be able to make stuff like cheating threads obsolete.

If it goes anywhere I’ll ping you Inquizitor.