Announcement

Collapse
No announcement yet.

Epic Games Store...Spyware!?!

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    "In June 2012, Tencent made a minority investment in Epic Games, purchasing approximately 48.4 percent of outstanding shares of Epic stock, equating to 40 percent of total Epic capital inclusive of both stock and employee stock options"

    When I say minority shareholder /investor, I mean owns less then half the controlling interest of a company.
    This is important because the minority stakeholders generally have very little say or influence in the direction of the company.
    Last edited by Jargoyle; 03-16-2019, 12:19 AM.

    Comment


    • #17
      On another note:

      "a statement sent to Bleeping Computer today, Valve's Doug Lombardi said that the company is "looking into what information the Epic launcher collects from Steam." It sounds like Valve isn't too pleased about the whole thing."

      Comment


      • #18
        Isn't this Steam's fault? Remember when the hidden room in Fallout 76 was found and people were banned for using it and everyone here said it was not the fault of the people who accessed the room, it was the fault of Bethesda for not securing the room? Remember when that guy got banned from Anthem for exploiting a glitch and everyone here said it wasn't the guy who accessed the glitch's fault, it was EA's fault for having the glitch in the first place? So the argument used here frequently is that if an unsecured asset is accessed by a malicious third party it isn't the fault of the third party, it is the fault of whoever left the asset unsecured. Right? So applying that logic here, if Epic's launcher is accessing Steam's config files it isn't the fault of Epic for accessing the data, it is the fault of Steam for not securing the file.
        Iconoclast

        Comment


        • Jargoyle
          Jargoyle commented
          Editing a comment
          This is one of those rhetorical questions?

          I'm sure there will be some lawyers involved that will have a more serious response.

      • #19
        Originally posted by Jargoyle View Post
        On another note:

        "a statement sent to Bleeping Computer today, Valve's Doug Lombardi said that the company is "looking into what information the Epic launcher collects from Steam." It sounds like Valve isn't too pleased about the whole thing."
        Just when I thought the EGS reputation couldn't get any worse lol. I have to give them an A for effort

        Comment


        • #20
          What isn't malware these days
          My Profile > Edit Settings > Account Tab > Scroll down to "Conversational Detail Options" > Click the Link > Eat a cookie

          Please support my friend: https://www.patreon.com/mutantdonkey

          Comment


          • #21
            https://www.altchar.com/games-news/5...out-permission

            I personally don't believe a word of that defense but who knows... even with permission it's a pretty shady deal if it imported your friend's list that would be ok in my opinion, but it gets a whole lot more info than that. Even with the user permission I believe steam has legal grounds here since it not only says it gets the user data, the hardware data, but also page statistics(I would assume this refers to steam pages, and data mining info from steam without letting the user know what they are doing, that to could get them in a pretty deep hole in legal terms. (maybe someone with some expertise on the subject could enlighten us, I had 1 course on law when studying programming, but it was more oriented to international copyright laws, so I have no knowledge to make any type of informed decision here). Sketchy

            Comment


            • #22
              *waits patiently for things to shake out*

              Comment


              • #23
                Originally posted by ethansito View Post
                What isn't malware these days
                When it comes to stuff like this, nothing, that's why I'm so shocked people are surprised at this, they should've assumed this was happening, atleast you need to opt into this(unlike everywhere else, where you don't even have a choice in the matter). Like I said earlier, if anyone should be mad, It's valve, the actual users of Epic/steam really have no reason to complain though.

                Comment


                • #24
                  Originally posted by LordBanagar View Post
                  I would assume this refers to steam pages
                  No, it is referring to the Epic launcher. Even thought it is an app you download and run on the desktop, it's largely just a custom browser. That way they can leverage a lot of existing technology and their own infrastructure without having to re-invent the wheel. HTML rendering engines are already masters of turning html into rich displays so they don't have to write any of that code, they can get the pages from their own web servers so they don't need to write code to go off and get data from servers. Having the store run as pages on a web server that they simply show via an embedded browser in their launcher gives a lot of bang for very little effort and allows for substantial code re-use.

                  They obviously want to track what people are doing in the launcher, what games users are looking at, how long they are looking at them etc, of course they do, all apps do these things and all companies want to capture that data, that's just standard normal good business practice. Understanding your customers, what they are doing and what they need, helps you develop better products that do what they want. In order to track what users are doing in the launcher rather than write code to do that again they can leverage existing html\http tracking technologies. The method they use are tracking pixels, which is a transparent 1x1 image embedded on the page you're looking at that you can't see (because it is small and transparent). However embedding that image causes the browser to send a request to the server that hosts that image and as part of that request it sends the details of the page the image is embedded in....now you can track what pages people are looking at, and by comparing time-stamps you also know how long they have been looking at the page. Yeah....web sites do this stuff all the time, it's normal, it's not part of a nefarious scheme.

                  Bonus fact segue: When MS designed IE they split it in two parts, there was the bit that turned HTML into the graphics you see (the rendering engine), and the containing application which was the window frame, address bar, menus etc. The containing app then embedded the rendering engine inside it for a seamless experience. While the container app could be installed\uninstalled, the rendering engine was actually a part of the operating system, you couldn't remove it. Of course everyone screamed that this was part of some nefarious scheme (aren't internet hate mobs tedious?) "MS FORCES IE ON YOU!!! YOU CAN'T REMOVE IT!!! CLASS ACTION LAWSUIT PLZ!!1" but the reason MS did this was to facilitate what the epic launcher is doing. If you ever wanted to use HTML in your application as a display mechanism you were guaranteed that a rendering engine was on the machine your app was installed on, you didn't need to write your own or bundle a third-party one with your app (which is what epic are doing).

                  While I'm here I'll cover another bit of what is admittedly lazy programming on Epic's part; why do they copy the entire config files if they claim they only use parts of them. This is so they only need to write one thing and that is something that parses the file, so they copy it and run their parsing code to read the data and use the bits they need. However if you want to make copies of the file that contain only the data you need then you have to write three things. 1) code to parse the original file 2) code to write the data you need to an alternative format 3) code to parse that alternate format. By simply copying the file lock-stock-and-barrel they only need to write one routine rather than three. I dare say that is something you might see them change in future updates.
                  Last edited by Aidy; 03-16-2019, 11:22 AM.
                  Iconoclast

                  Comment


                  • #25

                    "The Steam Client locally saves data such as the list of games you own, your friends list and saved login tokens (similar to information stored in web browser cookies). This is private user data, stored on the user's home machine and is not intended to be used by other programs or uploaded to any 3rd party service.

                    Interested users can find localconfig.vdf and other Steam configuration files in their Steam Client’s installation directory and open them in a text editor to see what data is contained in these files. They can also view all data related to their Steam account at: https://help.steampowered.com/en/accountdata."

                    Comment


                    • #26
                      Originally posted by Aidy View Post

                      No, it is referring to the Epic launcher. Even thought it is an app you download and run on the desktop, it's largely just a custom browser. That way they can leverage a lot of existing technology and their own infrastructure without having to re-invent the wheel. HTML rendering engines are already masters of turning html into rich displays so they don't have to write any of that code, they can get the pages from their own web servers so they don't need to write code to go off and get data from servers. Having the store run as pages on a web server that they simply show via an embedded browser in their launcher gives a lot of bang for very little effort and allows for substantial code re-use.

                      They obviously want to track what people are doing in the launcher, what games users are looking at, how long they are looking at them etc, of course they do, all apps do these things and all companies want to capture that data, that's just standard normal good business practice. Understanding your customers, what they are doing and what they need, helps you develop better products that do what they want. In order to track what users are doing in the launcher rather than write code to do that again they can leverage existing html\http tracking technologies. The method they use are tracking pixels, which is a transparent 1x1 image embedded on the page you're looking at that you can't see (because it is small and transparent). However embedding that image causes the browser to send a request to the server that hosts that image and as part of that request it sends the details of the page the image is embedded in....now you can track what pages people are looking at, and by comparing time-stamps you also know how long they have been looking at the page. Yeah....web sites do this stuff all the time, it's normal, it's not part of a nefarious scheme.

                      Bonus fact segue: When MS designed IE they split it in two parts, there was the bit that turned HTML into the graphics you see (the rendering engine), and the containing application which was the window frame, address bar, menus etc. The containing app then embedded the rendering engine inside it for a seamless experience. While the container app could be installed\uninstalled, the rendering engine was actually a part of the operating system, you couldn't remove it. Of course everyone screamed that this was part of some nefarious scheme (aren't internet hate mobs tedious?) "MS FORCES IE ON YOU!!! YOU CAN'T REMOVE IT!!! CLASS ACTION LAWSUIT PLZ!!1" but the reason MS did this was to facilitate what the epic launcher is doing. If you ever wanted to use HTML in your application as a display mechanism you were guaranteed that a rendering engine was on the machine your app was installed on, you didn't need to write your own or bundle a third-party one with your app (which is what epic are doing).

                      While I'm here I'll cover another bit of what is admittedly lazy programming on Epic's part; why do they copy the entire config files if they claim they only use parts of them. This is so they only need to write one thing and that is something that parses the file, so they copy it and run their parsing code to read the data and use the bits they need. However if you want to make copies of the file that contain only the data you need then you have to write three things. 1) code to parse the original file 2) code to write the data you need to an alternative format 3) code to parse that alternate format. By simply copying the file lock-stock-and-barrel they only need to write one routine rather than three. I dare say that is something you might see them change in future updates.
                      I had no idea this was programmed in Chromium, I have 0 knowledge on web programming so I had no idea it worked that way, though the 1x1 pixel method seems pretty smart since you can track all the statistics for almost no server load. Still, I can't get out of my head that programming the whole store like a browser feels half baked. Almost like a shortcut to actually doing it the right way, but that's my opinion. Also copying the whole config file for just the friend's list as you say may be lazy, though in my opinion is more suspicious than lazy.

                      Comment


                      • #27
                        Originally posted by Jargoyle View Post

                        "The Steam Client locally saves data such as the list of games you own, your friend's list and saved login tokens (similar to the information stored in web browser cookies). This is private user data, stored on the user's home machine and is not intended to be used by other programs or uploaded to any 3rd party service.

                        Interested users can find localconfig.vdf and other Steam configuration files in their Steam Client’s installation directory and open them in a text editor to see what data is contained in these files. They can also view all data related to their Steam account at: https://help.steampowered.com/en/accountdata."
                        Yeah, that's what I thought, this can actually get them in real trouble since that file contains much more than just the friend's list, and I don't believe for a second they would copy the entire local config.vdf to import the friend's list. If they do, they are idiots and if they don't just get the friends list they are evil, either way, I don't want any of the two types of companies handling my personal data.


                        I found this on another forum and thought it was funny:

                        "Don't worry guys they may track the info but they don't collect it. Scout's honor!"


                        And in my opinion from what I'm reading the worst thing is:

                        It not only gathers the data from one user but all users who used steam on that computer, so users who don't even use EGS get their data stolen. That's crazy, so let's say I share my PC with my girlfriend and she decides to import her friends from steam to play Fortnite, my data gets stolen too even if I don't give my permission or even have an EGS account. That IS illegal and if this is actually the case Epic Games are in for a shitstorm, it doesn't matter if they fix it in the future, the info would have already been stolen.

                        From what I've been told the first issue is illegal under the EU GDPR, not sure US and other territories.

                        Even in the shoes of the most gullible person, that maybe believes their defense, the way they gather the data, in that case, would be so insanely halfassed that calling it dangerous would be an understatement.

                        Comment


                        • #28
                          This is such a storm in a teacup. Epic posted the code for people to look at, they can disassemble the launcher itself if they don't trust the code posted, they can monitor the net traffic to see exactly what the app sends where. Any and all arguments against Epic are simply "Well I don't believe what they say". That's a pathetic non-argument. You could use that argument to accuse anyone of anything. If you don't have the proof don't make the claims. The belief that devious, evil people are rubbing their grubby hands together, stealing data is simply nonsense. Companies employ legal experts to ensure what they are doing is legal and trust me, they know more than you do. Companies want to obey they law, they need to obey the law, and professional people are generally ethical. No laws are being broken, no-one is going to get into trouble. They send the hashed steam ids of people if you give them permission, which means that not only have you given permission, but no personally identifiable information is being sent so things like the GDPR don't even come into this. They're not mining or stealing anything. If your only response to that is "well I don't believe what Epic say" then that's not an argument, it's just you looking to be outraged. Referring back to my other post when Bethesda was in the opposite situation to this everyone's opinion was the opposite of what it is on this thread. Gee, I wonder why. Because this site is just an outrage mob echo chamber that flip-flops its opinions to enable it to attack whatever company they don't like, even if that means holding contradictory opinions.
                          Last edited by Aidy; 03-18-2019, 02:30 AM.
                          Iconoclast

                          Comment


                          • LordBanagar
                            LordBanagar commented
                            Editing a comment
                            lol an app "irrelevantly" has access it's not supposed to... that sounds like spyware lol. And the word irrelevant is pretty the opposite I would use in terms of customer data protection. It's like going to the Dark Web without Tor or a VPN lol, since security is irrelevant.

                          • Aidy
                            Aidy commented
                            Editing a comment
                            someone must be very salty lol

                          • Jargoyle
                            Jargoyle commented
                            Editing a comment
                            If the hat fits? Man your too much.
                            I literally am reserving judgement, posting actual gaming industry quotes, going over the actual evidence of whats going on.
                            The only claim I have made is I don't care for or will never use the Epic store. (nothing to do with spyware)
                            "No laws are being broken, no-one is going to get into trouble" ( your insider insights are incredible! You have something to back this up with? link it please)
                            "professional people are generally ethical" (This is the most ignorant statement I have ever read)
                            "what they are doing is legal and trust me, they know more than you do" (They do and They are looking into it. I would argue that you don't, and why would I trust you?)
                            You make walls of pissed off rants and back it up with gems like this.
                            Last edited by Jargoyle; 03-18-2019, 03:01 PM.

                        • #29
                          https://metacouncil.com/threads/epic...g-and-you.766/

                          lol, I really feel sorry for those who installed the EGS and even more sorry for those gullible enough to say it's all in good sport

                          Comment


                          • #30
                            For those in the EU, you can ask your local authorities to investigate the matter, after all not even google and facebook escaped this type of shitstorm in the past.

                            https://edpb.europa.eu/about-edpb/board/members_en

                            At the very least you can demand that the EGS inform you all the data they extracted from you. EA had to do this in the past and it wasn't pretty either

                            Comment

                            Working...
                            X