DoctorDavinci

Does KSP v1.4 really have spyware in it?

Recommended Posts

2 hours ago, Dman979 said:

Yes, but the only one who would know- and have the authorization to make a public reply- is @Darth Badie, and she is offline.

Interestingly, I happened to notice @Darth Badie was online shortly after this thread was posted, and the mouseover said she was currently viewing this thread. But I'm sure she would have had to check with her bosses and others before she could reply. Not surprising that it could take a day or two for the powers that be to formulate a cover-your-assets response.

Share this post


Link to post
Share on other sites
Just now, StrandedonEarth said:

Interestingly, I happened to notice @Darth Badie was online shortly after this thread was posted, and the mouseover said she was currently viewing this thread. But I'm sure she would have had to check with her bosses and others before she could reply. Not surprising that it could take a day or two for the powers that be to formulate a cover-your-assets response.

Or even just to get approval to reply. Take Two is a much, much larger company than Squad, and I imagine that the chain of communication is correspondingly longer.

Basically, I hope we can avoid jumping to conclusions- Occam's Razor, and all that.

Edited by Dman979
Added some words

Share this post


Link to post
Share on other sites
27 minutes ago, Ultimate Steve said:

I've been told by someone who knows more about this than I do that KSP 1.4 appears to be sending data to Unity, Redshell, and Ghostery.

Now that is an interesting piece of information :)

Here's some info for those who do not know what Redshell and Ghostery are

https://redshell.io/home

https://lifehacker.com/ad-blocking-extension-ghostery-actually-sells-data-to-a-514417864/amp

Share this post


Link to post
Share on other sites

RedShell is apparently sending information whenever the game is launched (and whether game is modded). While the CALL_HOME, SEND_PROGRESS_DATA, and DONT_SEND_IP settings still exist, they are no longer used and there's no way to opt out of this data collection. Sent data includes your IP address and some kind of user ID which I assume is unique. I couldn't find anything related to Ghostery

Share this post


Link to post
Share on other sites
11 minutes ago, xEvilReeperx said:

RedShell is apparently sending information whenever the game is launched (and whether game is modded). While the CALL_HOME, SEND_PROGRESS_DATA, and DONT_SEND_IP settings still exist, they are no longer used and there's no way to opt out of this data collection. Sent data includes your IP address and some kind of user ID which I assume is unique. I couldn't find anything related to Ghostery

Thank you for this information ... I think we're starting to see more of the picture now :)

I guess we should wait for an official statement from @Darth Badie before we draw any conclusions

Share this post


Link to post
Share on other sites

Hmm, looks like it's time to block KSP from any and all network accesses.  Shame, as I really don't mind providing basic usage information to the developers in order for them to improve their products or see their own usage patterns, but I draw the line at this data being used by random undisclosed third parties with dubious data protection procedures. The GDPR is about to kick in in the EU, so Squad had better consider re-enabling the data communications checkbox and clarify what data is collected, by whom, and what it's going to be used for, irrespective of the new EULA's, or they could open themselves up to a whole world of (financial) hurt.

Share this post


Link to post
Share on other sites
51 minutes ago, micha said:

The GDPR is about to kick in in the EU, so Squad had better consider re-enabling the data communications checkbox and clarify what data is collected, by whom, and what it's going to be used for, irrespective of the new EULA's, or they could open themselves up to a whole world of (financial) hurt.

Take Two is not active under the EU-US Privacy Shield, so they probably don´t care about it.

Share this post


Link to post
Share on other sites

Any half-decent firewall should give you the option to block specific attempts at network access by an application - if yours doesn't, then get one that does ( there are enough free ones to choose from ). Then all this becomes moot. Mine distinguishes between KSP itself and the little program I forgot the name of that checks if mods are up to date, all very much a non-issue.

If you don't have a firewall like that then you're going to miss warnings from much more malicious network clients.

Share this post


Link to post
Share on other sites
4 hours ago, Ultimate Steve said:

I've been told by someone who knows more about this than I do that KSP 1.4 appears to be sending data to Unity, Redshell, and Ghostery.

To the best of my knowledge, any game developed on Unity phones home to Unity by default. Heck, there's even a mod available for The Long Dark that prevents said phoning home from happening.

Share this post


Link to post
Share on other sites
9 hours ago, linuxgurugamer said:

When you first start KSP, you get asked a question about sending info back to Squad.  Don't you think that's kind of up front?

Then why do I no longer see this prompting when I first update(clean installation from the KSP Store?)

 

Share this post


Link to post
Share on other sites
1 hour ago, Dark Lion said:

Then why do I no longer see this prompting when I first update(clean installation from the KSP Store?)

 

I would assume because now you don't have a choice.

I would also assume that firewalling it, or sandboxing it will keep it from running. (if not in this build then in the next).

And I'm assuming all this because I will not install it.

Edited by Brainlord Mesomorph

Share this post


Link to post
Share on other sites
13 minutes ago, Brainlord Mesomorph said:

I would assume because now you don't have a choice.

I would also assume that firewalling it, or sandboxing it will keep it from running. (if not in this build then in the next).

And I'm assuming all this because I will not install it.

I'm curious, do you play any other games?  If so, have you read the EULA of those games as closely as you think you've read this one?

1 hour ago, Dark Lion said:

Then why do I no longer see this prompting when I first update(clean installation from the KSP Store?)

 

Apparently they removed the prompt from the new release..

Share this post


Link to post
Share on other sites
1 minute ago, linuxgurugamer said:

Apparently they removed the prompt from the new release..

To be fair, that very action leads me to assumptions like this:

 

16 minutes ago, Brainlord Mesomorph said:

I would assume because now you don't have a choice.

That's never been a thing I want to hear or think about when playing a sandbox-style engineering game. I like my options. Oh, wait. I agreed in order to get the update? ...Hm. I guess I'm just so optimistic after that wonderful stranger offered me koolaid in a paper cup... :wink:

Share this post


Link to post
Share on other sites
3 minutes ago, Dark Lion said:

To be fair, that very action leads me to assumptions like this:

 

That's never been a thing I want to hear or think about when playing a sandbox-style engineering game. I like my options. Oh, wait. I agreed in order to get the update? ...Hm. I guess I'm just so optimistic after that wonderful stranger offered me koolaid in a paper cup... :wink:

I'm curious, do you play any other games?  If so, have you read the EULA of those games as closely as you think you've read this one?

Why are you so paranoid about this game when all other games have essentially the same or similiar EULAs?

 

Did any of you ever consider the possibility that Take-Two told Squad to remove the "phone-home" code?  I'm not say they did or didn't, but you all are assuming only one possibility.

Share this post


Link to post
Share on other sites
20 minutes ago, linuxgurugamer said:

I'm curious, do you play any other games?  If so, have you read the EULA of those games as closely as you think you've read this one?

No I don't, because yes, I do read EULAs.

/and BTW thanks for throwing shade on my ability to read.

Edited by Brainlord Mesomorph

Share this post


Link to post
Share on other sites
4 minutes ago, Brainlord Mesomorph said:

No I don't, because yes, I do read EULAs.

Then, if you don't play other games, you have my respect for totally restricting your play time to KSP.

If you don't play other games, that would kind of imply that you aren't into the gaming scene, how did you find out about KSP in the first place?

6 minutes ago, Brainlord Mesomorph said:

/and BTW thanks for throwing shade on my ability to read.

Most people just click through.  

Share this post


Link to post
Share on other sites
Just now, linuxgurugamer said:

Then, if you don't play other games, you have my respect for totally restricting your play time to KSP.

If you don't play other games, that would kind of imply that you aren't into the gaming scene, how did you find out about KSP in the first place?

Fark.com is a news site with discussion boards. Jeb was showing up in threads a lot back in the KSP .02x days.

As soon as I saw it, I knew that was a game for me.

Share this post


Link to post
Share on other sites
3 hours ago, rudi1291 said:

Take Two is not active under the EU-US Privacy Shield, so they probably don´t care about it.

Privacy Shield is there to make life easier for companies like Take Two, by providing a specific framework for them to use. Under GDPR, they're not allowed to track users for business intelligence purposes without asking the user first, in plain language, listing specifically which data will tracked, and specifically which companies it will be forwarded to. They also have to allow users to opt out of non-essential tracking (essential in that you can't do online banking without having an account for instance). Their current EULA and removal of the in-game dialog box doesn't look GDPR-compliant to my eyes, but I'm not a lawyer.

Edited by pizzaoverhead

Share this post


Link to post
Share on other sites
Just now, pizzaoverhead said:

Privacy Shield is there to make life easier for companies like Take Two, by providing a specific framework for them to use. Under GDPR, they're not allowed to track users for business intelligence purposes without asking the user first, in plain language, listing specifically which data will tracked, and specifically which companies it will be forwarded to. Their current EULA and removal of the in-game dialog box doesn't look GDPR-compliant to my eyes, but I'm not a lawyer.

Unless, of course, they have totally removed the phone-home code. And then they are more GDPR-compliant, correct?  Why don't you even consider that possibility?

Share this post


Link to post
Share on other sites

GDPR applies to personally identifying information. If they assign you a unique ID that's not associated with your license key or other way of connecting your real identity to it, it's allowed. Even if someone with a clever data mining algorithm would be able to statistically prove it's you.

Share this post


Link to post
Share on other sites
3 minutes ago, linuxgurugamer said:

Why are you so paranoid about this game when all other games have essentially the same or similiar EULAs?

1 minute ago, linuxgurugamer said:

Most people just click through.  

About those assumptions folks are making...
 

 

4 minutes ago, linuxgurugamer said:

I'm curious, do you play any other games?  If so, have you read the EULA of those games as closely as you think you've read this one?

I do indeed. Not many, admittedly, as my taste in gaming might be considered niche. However, my experiences in such cases were positive in the sense that I was aware of the happenings, what exactly they entailed and when it was happening. Y'know... disclosure. In each case, the developers even had a set release date that didn't have the word "SOON" in it. Nor did I ever find myself surprised with new EULA or ToS...

 

1 minute ago, Brainlord Mesomorph said:

As soon as I saw it, I knew that was a game for me.

I was just minding my own business, watching Youtube. There! What's that little green man doing on the moon in the recommended vids?! It's called Mun?! Kerbal WHAT Program?!!... *DOWNLOADING KSP, never to see the sunlight again* :confused:

Share this post


Link to post
Share on other sites
Just now, linuxgurugamer said:

Unless, of course, they have totally removed the phone-home code. And then they are more GDPR-compliant, correct?  Why don't you even consider that possibility?

But that EULA and Orwellianly named "Privacy Policy" are all about them collecting A LOT of information.

BTW: There are so many carve-outs for EU citizens in there it makes me want to move to Germany.

 

Share this post


Link to post
Share on other sites

IMHO, it looks to me that TT didn't buy KSP as an educational game that they could sell to new people, they bought us.

They bought the community, an installed base of users that they can exploit for micropayments and marketing information, and to make content for them, just like facebook.  and I don't do facebook. These aren't our friends in Mexico anymore, this is a multinational corporation in New York.

Share this post


Link to post
Share on other sites
32 minutes ago, linuxgurugamer said:

Did any of you ever consider the possibility that Take-Two told Squad to remove the "phone-home" code?  I'm not say they did or didn't, but you all are assuming only one possibility.

14 minutes ago, linuxgurugamer said:

Unless, of course, they have totally removed the phone-home code.

 

Going by what @Ultimate Steve, @DoctorDavinci, and @xEvilReeperx are saying above,* far from removing it, they've actually extended it to more companies and removed the "opt-out" thing altogether.

* I can't say for certain, as I've yet to install 1.4 and test for unexpected/unwanted connections myself.. probably will get onto that tomorrow.

Share this post


Link to post
Share on other sites

The only "problem" i´ve found with blocking KSP from accessing the internet is that redshell shows a warning about it in the log.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.