Gaming Companies Remove Analytics App After Massive User Outcry (bleepingcomputer.com) 232
An anonymous reader writes: "Several gaming companies have announced plans to remove support for an analytics app they have bundled with their games," reports Bleeping Computer. "The decision to remove the app came after several Reddit and Steam users noticed that many game publishers have recently embedded a controversial analytics SDK (software development kit) part of recent updates to their games. The program bundled with all these games, and at the heart of all the recent controversy, is RedShell, an analytics package provided by Innervate, Inc., to game publishers."
The app is intended to collect information about the source of new game installs, and details about the gamer. Following a massive user outcry in the past two weeks, several game makers have given in to pressure and are removing this SDK. Game makers and games who announced they were removing RedShell include Bethesda (Elder Scrolls), All Total War games, Warhammer games, Magic the Gathering Arena, and more. [This Google Docs spreadsheet and Reddit thread have a list of games containing RedShell.]
The app is intended to collect information about the source of new game installs, and details about the gamer. Following a massive user outcry in the past two weeks, several game makers have given in to pressure and are removing this SDK. Game makers and games who announced they were removing RedShell include Bethesda (Elder Scrolls), All Total War games, Warhammer games, Magic the Gathering Arena, and more. [This Google Docs spreadsheet and Reddit thread have a list of games containing RedShell.]
Not exactly new (Score:1, Interesting)
Lots of shitty devs have been sending usage data back for years.
Even Volition, which is otherwise a pretty cool dev, have openly admitted tracking stuff that happens in SINGLE PLAYER games, boasting about kill counts and miles driven in Saints Row games.
This is why I've never connected my xbox to the internet, and always turn my wifi off when playing games.
Fuck any developer who sends data from my computer to their servers without my consent.
Volition recently had to fire 100 employees because their last gam
Re: (Score:2)
They should have collected in-game analytics to determine what in-game weapons/items and in-game gameplay options players liked and used that info to make more appealing games. Kill counts and miles is insufficient.
The use that info to put the popular options behind a micro-payment/extra cost DLC. Game play improvements are insufficient when you haven't fully monetized the 'customer'.
There, I fixed that for you.
Re: (Score:2, Funny)
But they're more interested in what people don't like about their game and, as we all know, people are reluctant to make negative comments on the internet.
Re: (Score:3)
More accurately, it's not informed and active consent as now required legally in the EU.
Which is nice, as it makes it easier to prove it's invalid.
Re: (Score:2)
Nor can provision of service be conditional on consent as defined in GDPR. Thus controllers have started to drop a "consent" interpretation of terms of use in favor of a "contract" interpretation.
GDPR 6(1)(b): "performance of a contract" (Score:2)
"Performance of a contract" is explicitly one of the six bases listed in Article 6 of the GDPR [advisera.com] for holding and processing personal data. In this case, the contract would involve the user providing pseudonymous daily usage logs in exchange for access to the game at a discount off full retail or before the general availability date. The user can request a copy of these logs at any time by choosing "Download Your Replays" from the game's menu.
Unity Analytics (Score:2, Informative)
Not RedShell, but the Unity engine also offers integrated analytics:
https://unity.com/solutions/analytics [unity.com]
Re:Unity Analytics (Score:5, Insightful)
The Unity analytics track your progress through the game. How long you play for, where you get stuck, and for relevant games, when you decide to pay to progress.
Redshell spies on your web browser. That's a different game.
Mobile (Score:3)
Re:Mobile (Score:5, Interesting)
As a game developer myself, gameplay-related analytics are incredibly valuable. That is, metrics that tell game designers about how the player progressed through the game in various ways. I'm currently writing my own system that measures this data in pre-release versions of the game. Done correctly, this only identifies the users as an opaque and anonymous GUID, and doesn't store any personally identifiable information. That is, it has nothing to do with marketable information, but is just used to help improve the game during development.
But seriously, to hell with all these companies that think they have a right to slurp up all your personal information, just because. I think a lot of them seem to believe it doesn't hurt the user, so why not try to earn a few extra bucks via some hidden API. But every time something like this happens, it erodes the trust of users. It's just not worth it.
Re: (Score:2)
CPU heat? GPU heat? CPU/GPU throttling? Networking speeds? RAM amount/use by OS/game? Age of motherboard?
What is the most interesting part to making a new game work well for most users?
Did the beta stats show some really interesting ways a new OS like Windows 10 got used with an old CPU, new GPU? New CPU and new GPU? Ram amounts? 16 gb? 32 gb? 8 gb?
Does code created have to really take a
Re:Mobile (Score:5, Informative)
I don't really care about any of that sort of hardware profiling. If I want to look at general hardware tends, I just look up the Steam Hardware Survey.
Rather I'm talking about recording and analyzing data-points about the gameplay itself. For instance, I log every significant event as the player goes through the game. The player's location in the world over time, enemies killed, times died, when they switched weapons out, and so on.
The point of all that is to help me to balance the game better. For instance, if I see a huge spike of deaths at the third boss in the game, I know that maybe it's a bit too difficult, and should be toned down a bit, or perhaps I need to telegraph hints about how to beat it more clearly.
And again, this is only really useful in beta versions, while I can still make adjustments to the game's balance before the game's final release.
Re: (Score:2)
Sounds like the kind of data that would be needed in a game save file to maintain the world state.
Re: (Score:2)
That's a great analogy. You could certainly think of the in-game telemetry as basically a save game, but recorded over time with game time and player position associated with each event as it occurs. It's not exactly the same data as a save game, of course, because there's a bunch of internal state I don't care about and don't bother to record, but the principle is the same.
Re: (Score:2)
I'm pretty sure Valve has gameplay-related analytics for their games, e.g. "What part of the map did the player die in the most often" to show poor level design in play-testing, not sure if it made it into the release game or not. That's one kind of analytics that I'm fully in support of. None of this "you have IDA pro running, you can't play video games" crap.
Here's an article: https://www.pentadact.com/2007... [pentadact.com]
Re: (Score:2)
I feel for you. Unfortunately, I think most people who read your post are going to see "analytics are incredibly valuable. Metrics tell about the player. This identifies the users and stores personally identifiable information"
You might find the following article interesting: Fractured Space - Analysing our Free Weekend [gamasutra.com]
Re: Mobile (Score:4, Informative)
Then you install and run that shit during testing. There's no good enough reason to let automated collection of exploitable information continue outside the explicit control of a development environment. "Just trust us, this information won't be misused" is bullshit you'd do well to leave behind.
Yes, that's why I said it would only be used in pre-release version of the game - meaning copies of the game that are distributed only for testing purposes. At least read the post in full before you rant at me.
it would only be used in pre-release version (Score:4, Insightful)
* The check is in the mail
* I'll respect you in the morning
* It's just a cold sore
Re: (Score:2, Insightful)
Sure there is. e.g.: Heat maps of player deaths. Heat maps don't need to know who died, there's no need to collect personally identifiable information that could be exploited.
As a developer you'd want to know if a particular part of your game is too hard and kills the majority of players trying to get past it. It allows you to retune that part of the game t
People who died at A also died at B (Score:3)
Heat maps don't need to know who died [...] As a developer you'd want to know if a particular part of your game is too hard and kills the majority of players trying to get past it.
Sometimes people who died at position A also died at position B. This may help the level designer identify a pattern of elements that impose an unduly steep skill gradient for players with a particular play style. In order to track this, the developer needs to at least associate an identifier with each loss.
How can a smaller team test thoroughly? (Score:2)
Then you install and run that shit during testing.
I'm curious as to how a 1-, 2-, or 3-man team developing a video game without access to venture capital can make large-scale testing of system compatibility and game balance practical. Do you have any suggestions?
Re: (Score:2)
And I'm curious as to why that should be a concern for customers.
A game that is not funded is not developed. A game that is not developed cannot be obtained. A game that cannot be obtained cannot be played by customers.
Re: (Score:2)
get some years of field experience working at a game company
Not every city has game companies. How does one get the initial money to survive between moving from a city without to a city with and finding a job?
Re: (Score:2)
You are correct that I have never relocated for a job before.
You get the job FIRST, then you move.
How do "LOTS of people" sit an in-person interview before moving?
Re: (Score:2)
"telephones", "email"
I have had a telephone interview. But I was under the impression that most employers who conduct first interviews over telephone, email, text chat, or VoIP require the second interview to be in person.
"cars"
This requires both owning a car and operating a car. Owning a car requires one to be already in a job that pays enough to afford to buy a car. My current job does not. Operating a car requires a driver's license, and obtaining a driver's license requires 50 to 120 hours (depending on state or province) of supe
Re: (Score:2)
It is intractable for the developer of a game for GNU/Linux, Windows, or Android to test the game for compatibility with every combination of PC or Android device components. Or would you prefer that most games be console-only?
Re:Mobile (Score:5, Insightful)
Analytics might be valuable to YOU. A developer. But that doesn't make it okay. If you are are gathering data server-side for a multiplayer game that's one thing. But if you are gathering ANY data AT ALL from user's PCs, that represents an unacceptable risk to end users for no benefit to them. It's customer-hostile. You've only been getting away with it because people don't know you are doing it. Don't do it.
I haven't done anything yet, because my game isn't in beta yet. Beta testers will be informed that I'm collecting information about their gameplay sessions, because this is more reliable than having them try to remember and describe their experiences. Of course, that feedback will be welcome too.
Just to be 100% clear, I'm talking about in-game metrics. That is "how often does the player die". "Which weapons do they prefer to use?" "Are they getting stuck anywhere?" And so on. Not personal information about anything on their computer system. This is 100% for gameplay tuning, and is ONLY for beta copies of the game, which are released in order to help polish the game before release.
See, this is why I'm pissed at game companies that are poisoning the well for developers like me. I can't even discuss the matter without getting modded as a troll.
Re:Mobile (Score:5, Insightful)
I think you're perhaps missing the crux of why this sort of thing annoys people. The issue is not that what you say is wrong, I absolutely agree that such analytics are useful regardless of whether it's a game or any other piece of software, and you're right they can be anonymised (though this is all too often reversible, but that's a different subject for a different day) .
The problem is that each and every time an application sends data from your system it's punching a hole out of your firewall to the wider net, and with so many applications doing this now it makes it hard for people to assure security - so whilst you say it's just anonymised data being sent out, anyone observing network traffic from their systems will see your application leaking data out to the internet even if it may only be a single player game for which there should be no reason to do this.
My personal preference therefore is if you are going to do things like this, is that you make it optional and turn it off by default. Too much software nowadays connects to the net for the benefit of the company and without the consumer's consent, and it makes it all too easy for Malware authors to mask data extraction from systems. There was a time where you would know exactly what was coming and going from your PC, and I get that that time is gone, but that doesn't mean that it's okay to keep making the problem worse.
So whilst you perceive it to be useful analytics (because it really is), the user perceives it to see you using their resources that they've paid for to to help your business at their expense by siphoning off data without them knowing.
My view: good software is clean software, it does nothing without your knowledge, installs no 3rd party components that do anything other than the bare minimum to let your piece of software run, and does not try to meddle with your system at an OS level. That means no DRM, no analytics, no forced registering an online account (unless it's part of online play in a game for example), no installing anything other than in it's own installation directory. If your software does anything more than that then it's right that users are going to be suspicious.
This is a classic case of "The road to hell is paved with good intentions". I get from your point of view that what you're doing you perceive to be harmless, but that's because you're writing it, you get to see the source code, and know what's collected. All the user sees is encrypted data being siphoned off their hard drive and being sent to an unknown server on the internet from a compiled, potentially obfuscated binary whose operations are protected by DRM that blocks any attempts to evaluate the applications operation at runtime.
You see how that might piss a user off even if it's harmless?
DRM-free means no PS, Xbox, Switch, or 3DS games (Score:2)
the user perceives it to see you using their resources that they've paid for to to help your business at their expense by siphoning off data without them knowing.
To address "at their expense" and "without them knowing": Does an offer to license the game at half price if the user opts into analytics make sense?
My view: good software is clean software, it does nothing without your knowledge
A strict interpretation of that view would require the video game to be distributed as source code, so that the end user has access to knowledge about what the program does. Though Id Software has released its games' engines as free software five years later, I haven't seen a workable business model for funding the development of a game larger than hobby-scale
Re: (Score:2)
I completely hear you, and am not going to argue against your points, because I actually agree with all of them. But you're either missing or misunderstanding something fairly important: my retail game will have no telemetry.
The telemetry-gathering I'm describing is only for the beta version (the TEST version) of the game for which users will obviously pay nothing, and will have a big warning notice telling people that this version game will automatically send me feedback about their gameplay experience.
Re: (Score:3)
What absolute nonsense, the default state of just about every consumer router is to block all unsolicited incoming communications, and allow outgoing connections (sometimes using UPnP) such that the response are not blocked based on stateful packet inspection.
This is sufficient and a huge step up for most classic attacks that are initiated from afar with no user interaction whatsoever such as those that plagued the internet through the 90s and early 00s. What it doesn't stop however are user initiated attac
Re: (Score:2)
Ingress filtering is really not sufficient. It does nothing to stop malware phoning home. Once the user has become infected, they are screwed. But for some infections, cutting them off from C&C renders them harmless. Why would you not want to do that?
Re:Mobile (Score:4, Interesting)
It's not that I don't hear what you're saying, it's that I'm not sure how we make it a practical reality.
This is a classic scenario of if you leave the door unlocked does that make it okay to rob someone? Sure it means the home owner is asking for it, but it doesn't make the act of theft in itself legal or something that's acceptable. We should still act against people committing theft regardless.
So what you're effectively arguing is that rather than dealing with people acting illegaly, or at least in an anti-consumer manner, that it's upto every single internet user to become a technical expert in configuring and managing their firewall such that they explicitly whitelist every bit of outbound comms no? Even if we make that easy with a simple Allow/Deny dialog, then surely you realise companies will just exploit it with confusing names like "Important Windows System Analytics needs to access the internet." right?
That's really my point here - that yes, we need to get users back in control of their systems, but how do we do that in a practical way? and whilst we're trying to do that, I don't think that means that we shouldn't try and make vendors themselves more responsible.
At the end of the day a router blocking unsolicited inbound comms is still a firewall and people moving to this kind of firewall as standard was one of the single most important improvements in internet security in the history of the internet. The days of people being directly exploitable as is the case now were far worse, and even here we at least have anti-malware software to try and block the circumstances you describe. The biggest problem with it is the combined refusal of anti-malware vendors to treat analytics and/or spyware from "respectable" companies as malware which is really the problem here - if Redshell was reasonably flagged up as malware by anti-malware vendors because it's at least as intrusive as some of the things that real actual flagged malware like various tracking cookies that do get flagged track, we wouldn't even need to have this discussion as games developers wouldn't use it due to their software being permanently flagged as malware when a user attempts to install it.
If you do have a practical proposal that involves your average joe being both able and willing to whitelist or block all outbound comms I'd genuinely be interested to hear it, but otherwise the best we've got is to call out companies doing bad things with software and to pressure them to change.
Re: (Score:2)
What absolute nonsense, the default state of just about every consumer router is to block all unsolicited incoming communications
You could have saved a lot of typing if you only realised no one is talking about incoming connections.
Re: (Score:2)
Perhaps if instead of lashing out like a child with attention deficit you articulated yourself with something less stupid in future you wouldn't have this problem. Instead we're stuck with your quote which inherently implies you think a firewall isn't a firewall if it allows outbound connections even if it denies unsolicited inbound connections:
"If your "firewall" lets applications punch holes out then you don't have a firewall."
Re: (Score:2)
Do I need to phone your mother to fetch you your Ritalin?
Re: (Score:2)
Please do, it'll be more productive than the nonsense you think you were adding to this discussion.
Re: (Score:2)
You could have saved a lot of typing if you only realised no one is talking about incoming connections.
Whoooooooooosssshhhhh
Re: Mobile (Score:2)
Re: (Score:2)
I had my 2D Second Life clone out of Alpha within two weeks, and out of Beta within a month. What the fuck are you doing, still writing the invasive telemetry shit when you could've already figured out the starting code for the actual goddamned game?
There's the difference, he's not writing a clone, he's making something new.
Re: (Score:2)
I read everything. I sense lies of omission. It's pretty much nailed by history, telemetry means hidden shit happening behind the scenes that you don't want.
But you feel free to defend someone who is literally spying on you when there's no fucking reason to. A written report during playthrough testing - like done in almost any other fucking game development studio - would work just fine.
Oh, and then knowing how small dev shops tend to operate, I doubt that code would get properly excised, and it would find
Re: (Score:2)
represents an unacceptable risk to end users for no benefit to them.
Ladies and gentlemen I present the person who complains that companies no longer listen to users.
It's customer-hostile.
Get a grip.
Re: (Score:3)
Well, QA lies. And if you're
Re: (Score:2)
Re: (Score:3)
"How is QA going to tell you that most players are ignoring the Engineer class because it's not as fun to play as the Soldier class?"
Ever work in QA? Here, let me show you how it works; It's called a written report. You play the game, then you write down your fucking issues and submit them.
What world requires spy software to do that?
Re: (Score:2)
Where does a small self-funded studio get the money for comprehensive QA on its first two games?
Re: (Score:2)
Do you not know how public Beta tests work?
Correct, I do not know the financial norms of a public beta test. Is it acceptable to charge beta testers? If a public beta is instead required to be without charge, what prevents everybody from participating in public beta as a substitute for purchasing the release?
Re: (Score:2)
Then you end up never getting to play a game because it never got the funding to be developed in the first place.
Re: (Score:2)
There are plenty of games out there that ARE getting made by responsible game developers. We'll just play one of those instead of the half-assed pile of shit that would doubtless require endless patches
[...]
Customers don't pay you so that you can make something. They pay you so that they can get a product.
It appears you're defining "a product" as something that requires no service after the sale, even across a huge variety of end users' PCs. How do "responsible game developers" find the money to cause "a product" to come into existence in the first place?
Re: (Score:2)
Ever work in QA? Here, let me show you how it works; It's called a written report. You play the game, then you write down your fucking issues and submit them.
Ever work in QA? Did you notice that the people who work in QA are not representative of all players?
QA's assessment of what is "fun to play" does not necessarily correlate with the public at large. Also, having to play the same game hundreds of times through it's alpha and then beta stages means their opinion of what is "fun" in the game is going to be out-of-whack compared to someone who just picked it up.
Re: (Score:2)
Then why are all of the best games made back in times when companies didn't spy on their customers?
Because you're getting old, and nostalgia is beginning to color your memories.
Re: (Score:2)
XP doesn't. :) And it still runs every game I care to play (or for that matter, develop.)
Re: (Score:2)
Mobile games tend to be free and rely on ads. So it's expected there. But for a $60 game the developer really shouldn't be trying to squeeze a few more pennies out of you.
Redshell (Score:1)
In case you didn't want to RTFA.
Be aware that Unity, a popular game engine, bakes analytics into the game at compile time.
Re: (Score:2)
Unity's analytics are about what you do in the game. Such as where you walk, where you die, where you kill stuff, what weapons you're using and so on.
Redshell's analytics record what else is installed on your system as well other information about you, personally.
They're really not equivalent.
Re: (Score:2)
Both are exploiting the paying customer into doing free labour and taking their data without compensation
The compensation is a better game for a lower price. Unity's metrics let the developers balance and tweak the game. No analytics, and that doesn't happen nearly as much or as well.
Also, you agreed to do it when you bought the game. You do read through EULAs, don't you?
Re: (Score:2)
Frankly, this outcry over RedShell is probably not going to do anything. It's too specific, limiting itself to this one implementation of spying instead of calling out spying in general.
Only for now. (Score:2)
They'll just do this again when people aren't paying attention. Maybe next time they'll hide it well enough that it won't be discovered.
HDHomeRun calls home (Score:1)
HDHomeRun calls home every 10 minutes uploading a complete list of available channels and device information including internal IP address of HDHomeRun devices.
All data is unencrypted and transmitted entirely in the clear.
HDHomeRun operates an API ipv4-api.hdhomerun.com that is not in any way encrypted, secured or CSRF protected. It can be called by any website to fingerprint owners of HDHomeRun devices on their network.
Attempting to block HDHomeRun from calling home by blackholing DNS entries results in H
Re: (Score:2)
CSRF is irrelevant for IOT devices and native apps, and cUrl, etc. They are not browsers, and it's the popular consumer browsers that enforce CSRF. CSRF is a crock.
We can't guess whether you are referring to: the HDHomeRun devices, their mobile native apps, or their browser interface, because you didn't say.
But, yea, nobody should be using http: any more and end-running DNS black holes is uncool.
If you have proof, and it's like this on iOS, let Apple know. Google don't care.
Re: (Score:2)
Cache-Control: no-cache
Pragma: no-cache
Access-Control-Allow-Origin: *
The Allow-Origin header allows any malicious website you happen to visit to use xmlhttprequest to fuck with and steal information directly from your device with impunity. This is absolutely insane.
This is nuts. What the heck were they thinking?
Anything with an FQDN calls home (Score:2)
HDHomeRun calls home every 10 minutes uploading a complete list of available channels and device information including internal IP address of HDHomeRun devices.
In a well-engineered system, this would be excusable. In order to obtain an HTTPS certificate for a device on a LAN that the web browser on each of the end user's devices will trust, an internal device needs its own fully qualified domain name (FQDN). To obtain a FQDN, a device would need to upload its internal IP address to some DNS service, be it a dynamic DNS service operated by the device's manufacturer or the zone host of a domain that the end user owns. The latter may cost $15 per year, or $75 over th
Re: (Score:2)
In a well-engineered system, [obtaining a FQDN through a DDNS service] would be excusable.
No it wouldn't. Not without asking consent first.
"If you do not consent, return this product to the seller per the seller's return policy."
Security for a device like HDHomeRun is rather pointless. Nobody is asking for HTTPS certificates.
Several JavaScript APIs are available only to HTTPS scheme or localhost (127/8, not 192.168/16) per the Secure Contexts [pineight.com] specification. Among JavaScript APIs related to video recording or streaming, the Presentation API [w3.org] is already restricted to secure contexts, and browser makers plan to restrict the Fullscreen API similarly to deter phishing attacks that involve spoofing the window manager and browser [feross.org].
To send encrypted all it needs is a TLS stack and a root certificate. It doesn't need an FQDN or any such bullshit.
Obtaining the cer
There is a difference between in-game and out ... (Score:3)
This has been done before (Score:4, Insightful)
I remember back in the day DOOM from ID software (the one with the flashlight problem), came with starforce (the usual DRM back in the day) along with checking to see if cloneCD or other cd cloning software was installed. Long story short, damn game had lighting problems, DRM backdoors, and was harassing me about legitimate software on MY OWN MACHINE. The gall, the absolute gall for some goddamn game to tell ME what I can install or not install on my own machine....That did not go over well, that put me on the path of becoming a nemesis fighting them for the wrong they had visited upon me and my precious machine.
20 years later and I am only now just starting to purchase games again. For those 20 years though, I was only using the piratebay to get my games as copies, ironically because a legitimately purchased game had put odious restrictions on (like needing the physical cd, cd key, drm installed, etc etc) whereas the pirates had produced a superior version that loaded faster, had the lighting problem fixed, did not require a cd or cd key and did not install DRM modules or check what software I had installed.
If these companies really want to create a legion of people like me who righteously tell game companies to go fuck themselves, then they are on the correct path to a gamer revolution where the outcry and loss of sales will hurt them pretty badly.
I see cable companies as doing relatively the same thing, they had a monopoly more or less for so long and it was so profitable that they became total assholes, putting in advertisements after we already paid for the cable, bundling shit, etc etc etc. The end result? We now have a 27% decline in tv viewership and the term 'cord cutter' has entered the popular vernacular. Game companies seem dead set on copying those results.
Re:This has been done before (Score:5, Informative)
You may find GOG [gog.com] treats you with a bit more respect.
Re: (Score:2)
True, but GOG is mostly a seller of Steam keys these days (you know, much like today's retail boxes).
I remember when they sold only downloads from their own site.
Analytics/Telemetry (Score:2)
Both are absolutely essential for spotting 1) problems in the software and 2) identifying features not used. I've consulted across Australia and not one company allowed PID to leak into the logs. I was an expert implementer but not beyond that. It may have been PCI compliance which was under the whole thing. It's not as nefarious as the tin foil hats would would lead you to believe.
Re: (Score:2)
When you install invasive tracker on my PC and your explanation is "trust me, we are not using all of its features"... fuck you, and fuck the horse you rode in on.
Re: (Score:2)
That hat looks crazy on you.
Breaking Down The Lies (Score:2)
"The app is intended to collect information about the source of new game installs, and details about the gamer."
But hang on a moment... if the game is being installed via Steam [and, it has to be packaged up by Steam for delivery from their infrastructure], all of that information - and more - is available directly back to the game developer via Steam themselves. Those of us who play games via Steam know this "going in".
And as this page [redshell.io] shows, one of the ways that RedShell works is t
Re: (Score:2)
the link between browser and game ID is the main problem here. its too intrusive. but it is needed for publishers to track affiliate adv
Telemetry vs 3rd party Analytics SDK (Score:2)
Telemetry: I think as developer I need to gather this metric to make sure I didn't make this level to difficult and deter users in the future.
3rd party Analytics SDK: You want to know about your users? We can tell you about your users. We collect all the things and serve it up to you. Want to know what they named their first born? We got that! Want to know if users passed that difficult level? We got that too!
I remember installing Google analytics a few years ago to find out some information about a new pag
Re: (Score:2)
Telemetry: I think as developer I need to gather this metric to make sure I didn't make this level to difficult and deter users in the future.
This is what focus groups and play testing are for.
I remember installing Google analytics a few years ago to find out some information about a new page we added to a customer's website. We had our suspicions that the customers weren't seeing it. I was not at all interested in the intricate details of every browser, screen resolution, operating system, how long they stayed, and what they clicked it. It was all given to me anyway.
Laziness is really the point here isn't it? You're too lazy to install a stats package and parse your own access logs. People can't be bothered to take the time to understand their users so they hide "telemetry" without regard for customers wishes and consequences.
Re: (Score:2)
This is what focus groups and play testing are for.
Indeed. It's a great way of finding out what focus groups are good at. Interestingly have you ever seen a focus group, or a beta tester? The kind of people who participate in these events hugely skews the results which is one of the reason why the industry is trying towards telemetry.
Laziness is really the point here isn't it? You're too lazy to install a stats package and parse your own access logs.
Not quite. One man's lazy is another man's more cost effective service. It just goes with the whole general global theme of outsourcing or building on the work of others. The problem is those "others" who provide you a service
Re: (Score:2)
Indeed. It's a great way of finding out what focus groups are good at. Interestingly have you ever seen a focus group, or a beta tester? The kind of people who participate in these events hugely skews the results which is one of the reason why the industry is trying towards telemetry.
Creating a focus group that isn't representative of your customer base is a rather counterproductive endeavor. Play testers are there to find issues not take the place of a focus group.
Laziness is really the point here isn't it? You're too lazy to install a stats package and parse your own access logs.
Not quite. One man's lazy is another man's more cost effective service. It just goes with the whole general global theme of outsourcing or building on the work of others.
A lot of it also has to do with economics. I was at the time doing quick work paid by the hour. Copying and pasting a paragraph of Javascript ultimately was far more effective for the client than paying to screw around with stats packages and setting up specific targeted telemetry. The client's users be damned.
All I'm hearing in these remarks are justifications for laziness. An attempt to externalize your costs without regard for consequences simply because it is easier for YOU.
Well guess what the free ride is nearing an end. Privacy legislation and consumer awareness is increasingly piling up against you. With each day that pa
Re: (Score:2)
Apart from the fact that the skill sets of people who regularly participate in "focus groups and play testing" are unrepresentative: Is there a good way for a smaller studio to pay for thorough "focus groups and play testing", particularly before it has two games' worth of sales revenue?
Re: (Score:2)
This is what focus groups and play testing are for.
The people who will participate in focus groups and play tests are not representative of the public at large. They are supposed to be, but that never really happens.
Re:GDPR? (Score:5, Informative)
Re: (Score:2)
. If a GDPR request came in asking for a particular person's data I would have no such data to report.
A common mistake people (and lawyers) make is thinking it only matters whether YOU could associate that data to someone (you seem to have made that mistake). As has been demonstrated many times before such detailed data even when it doesn't have someones names is often quite easily attributed to someone through cross matching of data from other sources. The more detailed the information the easier it is narrow it down as It makes for a very unique identifier that may actually be revealing far more than you think.
Not in my case. The data was not detailed enough, not unique enough. Too many collisions with the limited number of permutations of CPU, GPU, installed RAM and OS ver. I did not send all info available, just enough to get generational information. For example for OS ver I would only send major and minor version, but not build number, service pack info, etc. For GPU I would only send the vendor and device IDs, but not subsystem and revision IDs. In the later case I would know you had an AMD Radeon 550/560 bu
Re: (Score:2)
I wonder how unique the entire set of that data is... The problem with anonymous data is that enough of it means it can be traced back, if not by you then perhaps by someone else.
See my response to a similar question. I only sent the details I needed to recognize CPU, GPU, and OS ver in a generational sense and the amount of installed RAM. I did not send all information available on these components. There were too many collisions to "fingerprint" a particular user.
Re: (Score:1)
When did the moment of the internet pass from becoming an evil tool to be used for controlling/observing& taking advantage of our fellow humans from the early promise of sharing and connecting each other?
As soon as human beings proved they didn't understand how technology worked, it began with mmo's and phones. When high speed internet became a thing videogame companies were itching to steal PC games and rebrand them mmo/online games and put drm in them. Tech companies always hated users owning their own software. They used kids and ignorant parents to sell games like everquest and world of warcraft to a tech ignorant public once that was done you now have a generation of kids who are now teens/adults
Re: (Score:2)
As soon as human beings proved they didn't understand how technology worked
Well done, you've managed to prove you don't know how humans work.
I know how technology works. I don't monitor every packet leaving my PC, I don't MITM the encrypted data streams, I don't reverse engineer data formats and I don't correlate data structures to the activity, software and configuration on my PC.
Just what the fuck would an informed capable technical person do to understand the data being sent back to a game developer - especially for a game with online elements - that doesn't mean it's now their
Re: (Score:2)
Well done, you've managed to prove you don't know how humans work.
I know how technology works. I don't monitor every packet leaving my PC, I don't MITM the encrypted data streams, I don't reverse engineer data formats and I don't correlate data structures to the activity, software and configuration on my PC.
If you bought an mmo game you told the corporate world explicitly that you'd bend over to be exploited - aka it's not in your rational interest to pay for videogames you don't own or control and pay monthly at that. Private wow servers proved that they just took RPG's and stuck the mmo label on it to get that monthly fee from the stupid and irrational membres of the species. That was the big mmo scam for those of us who PC gamed during the 90's when EA was pushing ultima online to the bottom feeders of th
Re: (Score:3)
If you bought an mmo game you told the corporate world explicitly that you'd bend over to be exploited
Really? So by wanting to play on a server with several hundred other players I'm begging to be exploited, instead of, I don't know, wanting to play on a server with several hundred other players?
You're a fucking idiot.
Re: (Score:2)
If you bought an mmo game you told the corporate world explicitly that you'd bend over to be exploited
Why do you now think lootboxes and microtransactions exist in "single player" AAA games? Why do think they are being shoved into every game and every game is now being drm'd up the wazoo and given the corporate propaganda moniker "online game"? Team fortress 2 with hats? Paid mods from bethesda? Lootboxes where you might get the chance to get a skin in a game you already paid for? We live in a full blown videogame idiocracy.
MMO's were the trial balloon to get people to accept paying for software they
Re: (Score:2)
Why do you now think lootboxes and microtransactions exist in "single player" AAA games?
Not the games I buy and play.
Why do think they are being shoved into every game and every game is now being drm'd up the wazoo
Games have less DRM now than they did in the 80s. Less now than they did in the 90s. Probably a comparable amount now to the 00s, but that's the post-MMO era.
and given the corporate propaganda moniker "online game"?
Sometimes the game includes online features. Sometimes the online connection is used as a more robust form of DRM. Sometimes the game is an online game. Many games work perfectly well with no network connection at all.
Team fortress 2 with hats?
Free game with cosmetic feature players can optional choose to embrace? Oh no, you mean I can actually play
Re: (Score:2)
Games have less DRM now than they did in the 80s.
You're delusional if you believe this, DRM didn't exist in the 80's and 90's, drm is breaking the software code into pieces so part of the software is never released so the game breaks when the code at the server at corporate HQ is turned off. Copyright protection is not drm. DRM is where companies control the software. Even copyright protected 80's and 90's games you had the complete code. Good luck trying to preserve modern drm infested games where the server exe is not included with the game like qua
Re: (Score:2)
Strange, I recall code wheels, text written in hard to read colours, use of manuals as code books, corrupt sectors on disks, 'CD must be present' checks and actual fucking rootkits in the 80s and 90s.
Maybe you were playing Rogue all that time. Good game.
Re: (Score:2)
Strange, I recall code wheels, text written in hard to read colours, use of manuals as code books, corrupt sectors on disks, 'CD must be present' checks and actual fucking rootkits in the 80s and 90s.
Maybe you were playing Rogue all that time. Good game.
Everything you mentioned has nothing to do with incomplete software - aka drm, there was no high speed internet in the 80's you got the entire game, there was no code missing from the game like modern drm laden games. Modern games like mmo's and games like war for cybertron DO NOT release the server exe with the game, part of the game is running on some corpoately owned server in order for its multiplayer to function. That's a far cry from quake 3 where the server exe is built into the exe. Modern games
Re: (Score:2)
You do understand the concept of a persistent multiplayer world, yes? MMOs are nothing like FPS shooters. In an FPS the "world" starts over with every new game.
A subscription-based MMO... of fucking course they're not going to give you the server software so that you can run your own and not pay them.
You do understand the concept that "persistant multiplayer world" is PR speak to con gullible people like you right? Oh wait theres some private wow servers over here to disprove your notion that you can't have an "mmo" (pr speak for rpg with multiplayer with dedicated server) you buy as a one off purchase.
Private servers:
https://news.ycombinator.com/i... [ycombinator.com]
"MMO" is a PR speak term for idiots who don't think logically, otherwise private wow servers would be impossible. The fact that private wow servers exist
Re: (Score:2)
"Digital restrictions management" has a broader definition than the sense you're using, which would be more widely understood as "online-only DRM".
Re: (Score:2)
"Digital restrictions management" has a broader definition than the sense you're using, which would be more widely understood as "online-only DRM".
The very concept of DRM didn't exist in the 80's and 90's, drm is a term invented in the 2000's and post 2000 era sorry to tell ya, I lived it. You're trying to read the future back into the past.
Re: (Score:2)
The very concept of DRM didn't exist in the 80's and 90's
Not under that name, but what's CSS on DVD Video?
Re: (Score:2)
The very concept of DRM didn't exist in the 80's and 90's
Not under that name, but what's CSS on DVD Video?
You're confused, copyright protection is different from drm. DRM is literally breaking the product in a way that companies have control of the product. CSS on DVD means you have the entire DVD files even if they are encrypted.
Re: (Score:2)
Not because the world is a 'good' place, but because conspiracies are a sort of work, and not the sort people do for free.
Re: (Score:2)
Actually, I'll add to that.
We knew the writing was on the wall for single player RPG's
Like KOTOR, like the Elder Scrolls series, like the Divinity series, like Fallout, like the Witcher series. Oh, wait.
You're a fucking idiot.
The reality is the reason loot boxes and all modern exploitative game practices exist is because ignorant people and stupid irrational people like yourself gave up your right to privacy and ownership of game software.
Loot boxes and data mining have fuck all to do with MMOs. You're making a non-causal link and providing no evidence to support it.
You're a fucking idiot.
Sorry to tell ya, loot boxes exist because the average gamer and human being is ignorant and irrational.
So when I put several hundred hours into theHunter:COTW and can't find a loot box, play through 100 hours of story in The Witcher III and can't find a loot box, enjoy a long dynamic and very r
Re: (Score:2)
Now we have 4K and 5K and 8K and advanced gpu and cpu. The wonders of Windows 10 to help games get created.
As for the other 1984, thats the just big gov doing collect it all.
Re: (Score:2)
And yet, developers were still able to deliver games that were fun to play before all this analytics nonsense.
Games weren't necessarily more fun back in the day, but I certainly appreciated and enjoyed them (and the Internet in general) a lot more.
Re: (Score:2)
If everybody followed your advice to "pirate all games", what would fund the development of new games?