Impersonation Preparedness

Pronoun · December 4, 2023, 12:58am

NationStates site rules regarding impersonation have recently been amended/clarified. The impersonation rule now reads:

Impersonation: Any attempt to maliciously impersonate another nation or region, including employing a similar name is illegal according to the FAQ. Note that the impersonation must be “malicious” to be a prohibited action, and we generally require the report to come from the impersonated party. We do not normally consider impersonating another nation or region for gameplay advantage to be inherently malicious (e.g. “false flag” operations), but malicious impersonation of specific players remains prohibited. (i.e. you can create a nation named “TNP Security Officer” in an attempt to impersonate the TNP Security Council, but you may not create a nation named Examp13stan, and pretend to be the player Examplestan.)

Some further context regarding this change can be found here.

In light of these changes, I wanted to ask a few questions to the Council on Regional Security and the Coral Guard.

Given this change to the impersonation rule, it is now possible to impersonate the Council on Regional Security, the Coral Guard, or other security institutions. Is the Council prepared to respond to a security threat taking this form or incorporating this tactic?

I also wanted to ask in particular about where control over and oversight of our regional endorsement promotion infrastructure lies. Dispatches that ping many nations at once have proven to be one of our most effective ways to reach our residents. The dispatch asking residents who are not WA members to join the WA and endorse the Delegate and Coral Guard has averaged over 17 reads a day since it was posted. Our welcome dispatch, pinned on the WFE and linked from our welcome telegram, has managed less than 8 reads a day. With the new impersonation rule, it would seemingly now be legal (in terms of NationStates game rules) to use this infrastructure in order to impersonate our regional security institutions and drive endorsements towards an illegitimate figure.

Under Charter IIX(19), the Coral Guard has the power to “build infrastructure […] to promote the growth of endorsements in the region.” How closely is the Coral Guard involved with our endorsement promotion infrastructure?

Relatedly, how closely does the Council on Regional Security work with the Coral Guard on this area? In 2018, the CRS was “serious about the WA Development Program.” Is this still the case? Is its approach more hands-off nowadays?

Finally, who else has access to this infrastructure? Who has the ability to revoke access in an emergency? Are access levels vetted as a security-sensitive matter?

Sandaoguo · December 4, 2023, 2:09am

Do you have suggestions you’d like us to hear?

Pronoun · December 4, 2023, 3:01am

If the CRS feels my suggestions could be useful, then I’m happy to help. I can be reached either here on the forums or on Discord.

I’m not asking questions as a conduit to just answering them myself though — I’m genuinely curious as to whether the CRS feels adequately prepared for security threats of this nature (both in terms of threats via impersonation and via our endorsement infrastructure).

Amerion · December 4, 2023, 6:46am

Our regional endorsement infrastructure lies in the domain of government/semi-government control and is not within the exclusive control of the CRS.

Having read this thread and the aforementioned NS forum discussions, my immediate sense is that we can move within the Assembly to legislate on this matter and make the impersonation of our security institutions a serious offence that would warrant equally-serious measures. Doing so will give the region the authority to deal with in-game impersonators given that the game moderators are no longer in place to do so.

We have never, as a region, codified this gameside infrastructure and so it is more so within the ad hoc control of certain individuals. Regarding an emergency, I cannot speak of exact plans, but there are means by which we can quickly create infrastructure to respond to a worse case scenario.

Pronoun · December 12, 2023, 9:22pm

That seems reasonable to me, but how much access does the CRS have over this infrastructure? I have to admit it’s a bit jarring to hear a reference to “means by which we can quickly create infrastructure to respond to a worse case scenario.” Is the CRS not confident it could take control of our security infrastructure in a state of emergency if necessary? Infrastructure that sends out mass pings instructing residents to endorse specific nations feels like an important part of our security apparatus to me that the CRS should be capable of utilizing if necessary in a state of emergency, but if that’s not the position of the Council, I’m happy to hear other ways of thinking about it.

As it’s been over a week, I’d also like to re-ask this question specifically about the Coral Guard (to either the CRS or particularly the Coral Guard):

ProfessorHenn · December 13, 2023, 3:53pm

The Coral Guard is not very involved with the development or deployment of our endorsement promotion infrastructure, on the day to day. Upon a shift in personnel in either the Coral Guard or the Delegate, we’ll notify the government, who will then either notify Viet or adjust the SWAN dispatches directly, but there isn’t an institutional link that we have access to edit endorsement promotion infrastructure directly.