mrstealth.6701 Posted April 20, 2018 Share Posted April 20, 2018 > @"mercury ranique.2170" said: > > @"mrstealth.6701" said: > > > @"mercury ranique.2170" said: > > > > @"mrstealth.6701" said: > > > > > @"mercury ranique.2170" said: > > > > > > @"mrstealth.6701" said: > > > > > > > @"mercury ranique.2170" said: > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > My account is safe, not banned. I'm more concerned with the privacy violation. I think this should have been better put together like Blizzards Warden in a way where it prohibits people from logging in or staying logged in if said programs are active, permanent again like Warden, and finally they should have had the decency to tell us what was happening so that we don't have all of these conspiracy theories going around. Personally I haven't logged in beyond making sure I wasn't swept up with the 1500. The lack of transparency has really killed my interest in playing or spending money until we get a statement regarding this program and what data was collected, how it was encrypted (if it was even), and what data they kept. I also think ANet should release a statement to major blogs such as Massively OP because out side of GW2s player base ANet has egg on it's face. > > > > > > > > > > > > > > > > > > > > > > > > > > I want to avoid any sparring so if I see anything I feel might get my blood boiling it's probably smart of me to not engage. > > > > > > > > > > > > > > > > > > > > > > > > > > We all have great love for this franchise and I respect your viewpoints so let's keep our discourse civil over this hot button situation. > > > > > > > > > > > > > > > > > > > > > > > > The warden does nothing to stop bad people. > > > > > > > > > > > > As for privacy. We find it perfectly ok that Arenanet gathers data. This is needed for example to play the game. Store our progress, etc. All data involved has to be sent to Arenanet anyways. > > > > > > > > > > > > > > > > > > > > > > > > This data is only reviewed by a human in the following situations: > > > > > > > > > > > > 1: when you report a bug > > > > > > > > > > > > 2: when you are reported > > > > > > > > > > > > 3: when you are flagged as suspicious by automatic systems. > > > > > > > > > > > > > > > > > > > > > > > > Even then, the GM is not allowed to sniff through all your file. Only what is relative close to the timestamp of the incident. > > > > > > > > > > > > > > > > > > > > > > Thank you for the clarification, this is the sort of thing that should be elaborated by ANet; this would clear up a lot of half truths and out right Mis information. > > > > > > > > > > > > > > > > > > > > The data required to play the game (your characters, progression, etc) and what Anet was scanning to look for cheats (every running process, whether it relates to the game or not) are two entirely different things. There isn't really any reason for them to be checking every other process outside of looking for cheats. The only other instance where they have any business looking outside of their own game's data is for crash reports, and I think reports like that are typically limited to hardware info like CPU/GPU and driver versions. > > > > > > > > > > > > > > > > > > > > That said, data actually being sent back to Anet in this cheat detection system appears to be restricted to detections of the specific programs they were hunting. If you had none of those running, there shouldn't have been any extra data being sent to Anet. It's definitely concerning when any software starts sifting through data on our computers unannounced, especially when the developer refuses to say what data was or wasn't sent back to them, and what, if anything, was kept for later use. But at least in this case it *appears* that for the majority of us, it was nothing. > > > > > > > > > > > > > > > > > > Not really. The scan was done on the client, but the data scanned was also sent to the server, just in a different fase of processing. > > > > > > > > > Let’s look at the flow. > > > > > > > > > > > > > > > > > > You press the forward key, this is translated by the client in the way your character moves the screen. The new position coordinates are also sent to arenanet. So the actual input output flow ends at the central server > > > > > > > > > > > > > > > > Going by the reverse engineering work done by a couple reddit users, the client should have only been sending back data if something on the list of cheat programs they were targeting was detected. We may never know with 100% certainty how much or how little data was sent back to Anet, but it seems to be little to none for most of us. If the entirety of that data was being sent back to Anet's servers, then they are definitely guilty of a completely unjustified and unnecessary breach of privacy. Though, the type of information gathered was not very personal in nature, and should not have contained any private/confidential data like content of files loaded by a running process. > > > > > > > > > > > > > > > > And it really has nothing to do with data like location coordinates for character movement. Those are data points that have to be sent to the game servers for the game to function. If the client wasn't sending information to the server about your location, movement, and skill use you wouldn't be able to play the game. Data gathered by scanning other processes running on the computer has nothing to do with the game's functionality, and falls completely under the category of spying/surveillance. > > > > > > > > > > > > > > Please read my post. The data itself have been sent for technical purposes. Just cause the detection might have been done on the client, and after selection, the data was sent again in a different form, doesnt change that. Everything you do is sent to the server anyways and is logged. It is just another presentation with a different goal. > > > > > > > > > > > > As far as I'm aware, there is no actual evidence or indication of that. The only evidence I've seen related to the specifics of data being sent back to Anet by the scanner was that there was at least some degree of filtering done before it was sent. That indicates that the full set of data gathered was not sent back. Looking at the functionality of other similar cheat detection tools in use with other games, that is how Anet's tool would be expected to work. > > > > > > > > > > > > Anet would most likely want to avoid being accused of a using a cheat detection tool that was the equivalent of spyware. It would be very stupid of them to collect the full list of processes running on every player's PC, in any form. That information is not of much use to them, and having it would only harm their reputation. They really need to release a statement and clarify what exactly what data was collected by them, because there is already a considerable amount of bad press about this mess that could be alleviated if we knew for sure they didn't collect all of that data. > > > > > > > > > > Despite your propaganda, I would invite you to actually react to what I am saying. A vague. No indication is not really a reply. My stance is that the goal of a hacking tool that gives an unfair advantage is to gain an advantage on the server. (More loot, quicker movement, walking through walls, etc). As it would be only on the client side, it would never give an advantage. So the data envolved is allready sent to the server, but is gathered again in a different representation to track down cheaters. That has nothing to do with spyware. > > > > > > > > I really do not know what point you are trying to make here, in regard to how this recent ban wave was carried out. The type of detection you mentioned is not what was used in this case. And that's not propaganda, Anet told us that in their own statement. > > > > > > > > I'm sure we all realize that Anet does collect data server-side based on our activity in the game. Data to determine whether our characters are using macros, moving too fast, jumping higher than should be possible, or teleporting without using portal, etc. But that type of data collection/cheat detection has absolutely nothing to do with how Anet detected cheats for this ban wave. > > > > > > > > For the topic at hand, we are discussing a cheat detection tool that used a Windows OS function to read data about players' computers, producing MD5 hashes of every running process, compared that list of MD5s against a list of MD5s belonging to cheat programs, then reported back to Anet whether or not a match was found. The point of uncertainty is whether or not the full list of MD5s was sent back, or only those determined to match a known cheat's MD5. If it turns out that Anet was collecting the full list of signatures from every player, then it would be considered spyware. It does not seem that the full list was collected, but only Anet knows that for sure. > > > > > > > > I can't give a definitive answer on that point, because one does not exist that we are privy to. > > > > > > Again, you are spreading misinformation. The md5 check is done client side. The entire chest detection is done at the client (you said so yourself). Once the game recognizes certain third party apps running, it is gathering data allready sent to the sever to function in a regular way to track the ingame behavior of a cheater. Arenanet is not sending a list of processes running to the server. The check if there is a suspected app is done one the client, and if so it sends the regular game data together with the suspicious flag to the server. > > > > There is no misinformation on my part, but you have definitely misread Anet's statement on this matter. > > > > > @"Gaile Gray.6029" said: > > >Yesterday we suspended 1,583 accounts for a period of 6 months. 1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs over a significant number of hours during a multi-week period earlier this year. We targeted programs that allow players to cheat and gain unfair gameplay advantages, even if those programs have other, more benign uses. > > > > > @"mercury ranique.2170" said: > > > People are banned for illegal behavior in game based on the actual regular data sent from client to server. The cheat detection tool checked on the client and marked the client as suspicous. It looked for specific game data based on this client side suspicion. > > > > It's clearly stated that the suspensions were based on the detection of these programs running along side GW2. They even said that they banned for programs that have "other, more benign uses", which shows that they were not relying on data collected by ingame activity/server communications. Their own words tell us that these bans were based on only the detection of a running process, not that data in combination with their usual detection methods of monitoring client/character/server activity. > > > > > @"mercury ranique.2170" said: > > > > > > There is no reason to claim it is sending all processes to arenanet. As stated by yourself. This check is done at the client. > > > > > > > > > You're right that there is no evidence right now giving us reason to assume that Anet collected data on all running processes. I've only claimed that we do not know that for sure, because Anet has so far failed to confirm it. There were previous accusations that were later updated by reddit users(though not with certainty), but games media outlets had already published stories claiming that the full list of processes was gathered. That is why Anet needs to make a statement clarifying that point. > > > > I don't think Anet has a list of every process running on my PC. But I know that accusation is already out there, and there will be people that think it's true. It even did seem like it was true at first. I'm not going to post saying that Anet did not gather that data, because right now it's just the most logical conclusion, not a confirmed fact. > > As stated, there is no evidence, so bring it or stop accusing them for using spyware. > They do not have to proof anything they didnt do. You have to proof they did. They have a very clear privacy statement. This is part of the agreement we have with them. I have absolutely no reason to believe they are not holding there part of the deal. There is no reasons for the to do so either. Making false allegations however.... There is evidence of what the detection tool did, with some additional information being found later on that indicates there was some degree of filtering going on within the tool that likely limited the data it sent back to Anet. I'm not making the accusation that this means Anet used spyware, I'm pointing out that the evidence we do have does not conclusively clear them of the accusations already made by others. This has nothing to do with what Anet's privacy agreement (or any other agreement) does or doesn't grant them permission to do. This is about Anet, for some inexplicable reason, allowing an accusation to stand unchallenged/unclarified when the evidence generally points to it being untrue. And even if a privacy agreement does grant broad, open-ended power to report back activity or data from a user's PC, that does not exclude the software from being labeled as spyware. Plenty of software universally labeled as spyware come with terms/agreements that grant them permission to the very things that get them labeled as spyware. That determination isn't based on what permission a document grants, it's based on how the software actually behaves. edit: A little example to illustrate the point. Let's say Shad Bad Guys Inc. release a web browser. This browser collects data on everything you do within it, as well as which other software you have installed and use on your computer. This data is then sold to third parties for advertising or other purposes. Their EULA/privacy agreement state that this happens, through some vague terms. Their web browser behaves as spyware, and is going to be generally labeled as such. Your anti-virus/MalwareBytes/etc are going to flag this software for what it is. Shady Bad Guys Inc. can't say - "This data collection is included in our agreements, so our browser is not spyware." Shady Bad Guys Inc. *can say* - "This data collection is included in our agreements, which you agreed to." You don't really have any legal recourse to take action against Shady Bad Guys for spying on you unless there was some illegal activity going on or their agreements are deemed invalid, but you are free to call their spyware spyware, because it acts as spyware. Link to comment Share on other sites More sharing options...
mercury ranique.2170 Posted April 20, 2018 Share Posted April 20, 2018 > @"mrstealth.6701" said: > > @"mercury ranique.2170" said: > > > @"mrstealth.6701" said: > > > > @"mercury ranique.2170" said: > > > > > @"mrstealth.6701" said: > > > > > > @"mercury ranique.2170" said: > > > > > > > @"mrstealth.6701" said: > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > My account is safe, not banned. I'm more concerned with the privacy violation. I think this should have been better put together like Blizzards Warden in a way where it prohibits people from logging in or staying logged in if said programs are active, permanent again like Warden, and finally they should have had the decency to tell us what was happening so that we don't have all of these conspiracy theories going around. Personally I haven't logged in beyond making sure I wasn't swept up with the 1500. The lack of transparency has really killed my interest in playing or spending money until we get a statement regarding this program and what data was collected, how it was encrypted (if it was even), and what data they kept. I also think ANet should release a statement to major blogs such as Massively OP because out side of GW2s player base ANet has egg on it's face. > > > > > > > > > > > > > > > > > > > > > > > > > > > > I want to avoid any sparring so if I see anything I feel might get my blood boiling it's probably smart of me to not engage. > > > > > > > > > > > > > > > > > > > > > > > > > > > > We all have great love for this franchise and I respect your viewpoints so let's keep our discourse civil over this hot button situation. > > > > > > > > > > > > > > > > > > > > > > > > > > The warden does nothing to stop bad people. > > > > > > > > > > > > > As for privacy. We find it perfectly ok that Arenanet gathers data. This is needed for example to play the game. Store our progress, etc. All data involved has to be sent to Arenanet anyways. > > > > > > > > > > > > > > > > > > > > > > > > > > This data is only reviewed by a human in the following situations: > > > > > > > > > > > > > 1: when you report a bug > > > > > > > > > > > > > 2: when you are reported > > > > > > > > > > > > > 3: when you are flagged as suspicious by automatic systems. > > > > > > > > > > > > > > > > > > > > > > > > > > Even then, the GM is not allowed to sniff through all your file. Only what is relative close to the timestamp of the incident. > > > > > > > > > > > > > > > > > > > > > > > > Thank you for the clarification, this is the sort of thing that should be elaborated by ANet; this would clear up a lot of half truths and out right Mis information. > > > > > > > > > > > > > > > > > > > > > > The data required to play the game (your characters, progression, etc) and what Anet was scanning to look for cheats (every running process, whether it relates to the game or not) are two entirely different things. There isn't really any reason for them to be checking every other process outside of looking for cheats. The only other instance where they have any business looking outside of their own game's data is for crash reports, and I think reports like that are typically limited to hardware info like CPU/GPU and driver versions. > > > > > > > > > > > > > > > > > > > > > > That said, data actually being sent back to Anet in this cheat detection system appears to be restricted to detections of the specific programs they were hunting. If you had none of those running, there shouldn't have been any extra data being sent to Anet. It's definitely concerning when any software starts sifting through data on our computers unannounced, especially when the developer refuses to say what data was or wasn't sent back to them, and what, if anything, was kept for later use. But at least in this case it *appears* that for the majority of us, it was nothing. > > > > > > > > > > > > > > > > > > > > Not really. The scan was done on the client, but the data scanned was also sent to the server, just in a different fase of processing. > > > > > > > > > > Let’s look at the flow. > > > > > > > > > > > > > > > > > > > > You press the forward key, this is translated by the client in the way your character moves the screen. The new position coordinates are also sent to arenanet. So the actual input output flow ends at the central server > > > > > > > > > > > > > > > > > > Going by the reverse engineering work done by a couple reddit users, the client should have only been sending back data if something on the list of cheat programs they were targeting was detected. We may never know with 100% certainty how much or how little data was sent back to Anet, but it seems to be little to none for most of us. If the entirety of that data was being sent back to Anet's servers, then they are definitely guilty of a completely unjustified and unnecessary breach of privacy. Though, the type of information gathered was not very personal in nature, and should not have contained any private/confidential data like content of files loaded by a running process. > > > > > > > > > > > > > > > > > > And it really has nothing to do with data like location coordinates for character movement. Those are data points that have to be sent to the game servers for the game to function. If the client wasn't sending information to the server about your location, movement, and skill use you wouldn't be able to play the game. Data gathered by scanning other processes running on the computer has nothing to do with the game's functionality, and falls completely under the category of spying/surveillance. > > > > > > > > > > > > > > > > Please read my post. The data itself have been sent for technical purposes. Just cause the detection might have been done on the client, and after selection, the data was sent again in a different form, doesnt change that. Everything you do is sent to the server anyways and is logged. It is just another presentation with a different goal. > > > > > > > > > > > > > > As far as I'm aware, there is no actual evidence or indication of that. The only evidence I've seen related to the specifics of data being sent back to Anet by the scanner was that there was at least some degree of filtering done before it was sent. That indicates that the full set of data gathered was not sent back. Looking at the functionality of other similar cheat detection tools in use with other games, that is how Anet's tool would be expected to work. > > > > > > > > > > > > > > Anet would most likely want to avoid being accused of a using a cheat detection tool that was the equivalent of spyware. It would be very stupid of them to collect the full list of processes running on every player's PC, in any form. That information is not of much use to them, and having it would only harm their reputation. They really need to release a statement and clarify what exactly what data was collected by them, because there is already a considerable amount of bad press about this mess that could be alleviated if we knew for sure they didn't collect all of that data. > > > > > > > > > > > > Despite your propaganda, I would invite you to actually react to what I am saying. A vague. No indication is not really a reply. My stance is that the goal of a hacking tool that gives an unfair advantage is to gain an advantage on the server. (More loot, quicker movement, walking through walls, etc). As it would be only on the client side, it would never give an advantage. So the data envolved is allready sent to the server, but is gathered again in a different representation to track down cheaters. That has nothing to do with spyware. > > > > > > > > > > I really do not know what point you are trying to make here, in regard to how this recent ban wave was carried out. The type of detection you mentioned is not what was used in this case. And that's not propaganda, Anet told us that in their own statement. > > > > > > > > > > I'm sure we all realize that Anet does collect data server-side based on our activity in the game. Data to determine whether our characters are using macros, moving too fast, jumping higher than should be possible, or teleporting without using portal, etc. But that type of data collection/cheat detection has absolutely nothing to do with how Anet detected cheats for this ban wave. > > > > > > > > > > For the topic at hand, we are discussing a cheat detection tool that used a Windows OS function to read data about players' computers, producing MD5 hashes of every running process, compared that list of MD5s against a list of MD5s belonging to cheat programs, then reported back to Anet whether or not a match was found. The point of uncertainty is whether or not the full list of MD5s was sent back, or only those determined to match a known cheat's MD5. If it turns out that Anet was collecting the full list of signatures from every player, then it would be considered spyware. It does not seem that the full list was collected, but only Anet knows that for sure. > > > > > > > > > > I can't give a definitive answer on that point, because one does not exist that we are privy to. > > > > > > > > Again, you are spreading misinformation. The md5 check is done client side. The entire chest detection is done at the client (you said so yourself). Once the game recognizes certain third party apps running, it is gathering data allready sent to the sever to function in a regular way to track the ingame behavior of a cheater. Arenanet is not sending a list of processes running to the server. The check if there is a suspected app is done one the client, and if so it sends the regular game data together with the suspicious flag to the server. > > > > > > There is no misinformation on my part, but you have definitely misread Anet's statement on this matter. > > > > > > > @"Gaile Gray.6029" said: > > > >Yesterday we suspended 1,583 accounts for a period of 6 months. 1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs over a significant number of hours during a multi-week period earlier this year. We targeted programs that allow players to cheat and gain unfair gameplay advantages, even if those programs have other, more benign uses. > > > > > > > @"mercury ranique.2170" said: > > > > People are banned for illegal behavior in game based on the actual regular data sent from client to server. The cheat detection tool checked on the client and marked the client as suspicous. It looked for specific game data based on this client side suspicion. > > > > > > It's clearly stated that the suspensions were based on the detection of these programs running along side GW2. They even said that they banned for programs that have "other, more benign uses", which shows that they were not relying on data collected by ingame activity/server communications. Their own words tell us that these bans were based on only the detection of a running process, not that data in combination with their usual detection methods of monitoring client/character/server activity. > > > > > > > @"mercury ranique.2170" said: > > > > > > > > There is no reason to claim it is sending all processes to arenanet. As stated by yourself. This check is done at the client. > > > > > > > > > > > > > You're right that there is no evidence right now giving us reason to assume that Anet collected data on all running processes. I've only claimed that we do not know that for sure, because Anet has so far failed to confirm it. There were previous accusations that were later updated by reddit users(though not with certainty), but games media outlets had already published stories claiming that the full list of processes was gathered. That is why Anet needs to make a statement clarifying that point. > > > > > > I don't think Anet has a list of every process running on my PC. But I know that accusation is already out there, and there will be people that think it's true. It even did seem like it was true at first. I'm not going to post saying that Anet did not gather that data, because right now it's just the most logical conclusion, not a confirmed fact. > > > > As stated, there is no evidence, so bring it or stop accusing them for using spyware. > > They do not have to proof anything they didnt do. You have to proof they did. They have a very clear privacy statement. This is part of the agreement we have with them. I have absolutely no reason to believe they are not holding there part of the deal. There is no reasons for the to do so either. Making false allegations however.... > > There is evidence of what the detection tool did, with some additional information being found later on that indicates there was some degree of filtering going on within the tool that likely limited the data it sent back to Anet. I'm not making the accusation that this means Anet used spyware, I'm pointing out that the evidence we do have does not conclusively clear them of the accusations already made by others. > > This has nothing to do with what Anet's privacy agreement (or any other agreement) does or doesn't grant them permission to do. This is about Anet, for some inexplicable reason, allowing an accusation to stand unchallenged/unclarified when the evidence generally points to it being untrue. > > And even if a privacy agreement does grant broad, open-ended power to report back activity or data from a user's PC, that does not exclude the software from being labeled as spyware. Plenty of software universally labeled as spyware come with terms/agreements that grant them permission to the very things that get them labeled as spyware. That determination isn't based on what permission a document grants, it's based on how the software actually behaves. > > edit: A little example to illustrate the point. > > Let's say Shad Bad Guys Inc. release a web browser. This browser collects data on everything you do within it, as well as which other software you have installed and use on your computer. This data is then sold to third parties for advertising or other purposes. Their EULA/privacy agreement state that this happens, through some vague terms. > > Their web browser behaves as spyware, and is going to be generally labeled as such. Your anti-virus/MalwareBytes/etc are going to flag this software for what it is. > > Shady Bad Guys Inc. can't say - "This data collection is included in our agreements, so our browser is not spyware." > Shady Bad Guys Inc. *can say* - "This data collection is included in our agreements, which you agreed to." > > You don't really have any legal recourse to take action against Shady Bad Guys for spying on you unless there was some illegal activity going on or their agreements are deemed invalid, but you are free to call their spyware spyware, because it acts as spyware. As said, the tool was run client side. So whatever data it collected was not automatically sent to Arenanet. You even agree there is filtering going on. Spyware is when it is not filtering and when it is sending the collected data to Arenanet. The fact that you run app A or B isn't illegal. The fact that you use it to gain an unfair advantage is. All this tool did was tracking (on the clientside) if something fishy was going on and if so, sent the regular data with the 'this is fishy remark' to arenanet to investigate the players behaviour. Link to comment Share on other sites More sharing options...
mrstealth.6701 Posted April 20, 2018 Share Posted April 20, 2018 > @"mercury ranique.2170" said: > > @"mrstealth.6701" said: > > > @"mercury ranique.2170" said: > > > > @"mrstealth.6701" said: > > > > > @"mercury ranique.2170" said: > > > > > > @"mrstealth.6701" said: > > > > > > > @"mercury ranique.2170" said: > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > My account is safe, not banned. I'm more concerned with the privacy violation. I think this should have been better put together like Blizzards Warden in a way where it prohibits people from logging in or staying logged in if said programs are active, permanent again like Warden, and finally they should have had the decency to tell us what was happening so that we don't have all of these conspiracy theories going around. Personally I haven't logged in beyond making sure I wasn't swept up with the 1500. The lack of transparency has really killed my interest in playing or spending money until we get a statement regarding this program and what data was collected, how it was encrypted (if it was even), and what data they kept. I also think ANet should release a statement to major blogs such as Massively OP because out side of GW2s player base ANet has egg on it's face. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I want to avoid any sparring so if I see anything I feel might get my blood boiling it's probably smart of me to not engage. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > We all have great love for this franchise and I respect your viewpoints so let's keep our discourse civil over this hot button situation. > > > > > > > > > > > > > > > > > > > > > > > > > > > > The warden does nothing to stop bad people. > > > > > > > > > > > > > > As for privacy. We find it perfectly ok that Arenanet gathers data. This is needed for example to play the game. Store our progress, etc. All data involved has to be sent to Arenanet anyways. > > > > > > > > > > > > > > > > > > > > > > > > > > > > This data is only reviewed by a human in the following situations: > > > > > > > > > > > > > > 1: when you report a bug > > > > > > > > > > > > > > 2: when you are reported > > > > > > > > > > > > > > 3: when you are flagged as suspicious by automatic systems. > > > > > > > > > > > > > > > > > > > > > > > > > > > > Even then, the GM is not allowed to sniff through all your file. Only what is relative close to the timestamp of the incident. > > > > > > > > > > > > > > > > > > > > > > > > > > Thank you for the clarification, this is the sort of thing that should be elaborated by ANet; this would clear up a lot of half truths and out right Mis information. > > > > > > > > > > > > > > > > > > > > > > > > The data required to play the game (your characters, progression, etc) and what Anet was scanning to look for cheats (every running process, whether it relates to the game or not) are two entirely different things. There isn't really any reason for them to be checking every other process outside of looking for cheats. The only other instance where they have any business looking outside of their own game's data is for crash reports, and I think reports like that are typically limited to hardware info like CPU/GPU and driver versions. > > > > > > > > > > > > > > > > > > > > > > > > That said, data actually being sent back to Anet in this cheat detection system appears to be restricted to detections of the specific programs they were hunting. If you had none of those running, there shouldn't have been any extra data being sent to Anet. It's definitely concerning when any software starts sifting through data on our computers unannounced, especially when the developer refuses to say what data was or wasn't sent back to them, and what, if anything, was kept for later use. But at least in this case it *appears* that for the majority of us, it was nothing. > > > > > > > > > > > > > > > > > > > > > > Not really. The scan was done on the client, but the data scanned was also sent to the server, just in a different fase of processing. > > > > > > > > > > > Let’s look at the flow. > > > > > > > > > > > > > > > > > > > > > > You press the forward key, this is translated by the client in the way your character moves the screen. The new position coordinates are also sent to arenanet. So the actual input output flow ends at the central server > > > > > > > > > > > > > > > > > > > > Going by the reverse engineering work done by a couple reddit users, the client should have only been sending back data if something on the list of cheat programs they were targeting was detected. We may never know with 100% certainty how much or how little data was sent back to Anet, but it seems to be little to none for most of us. If the entirety of that data was being sent back to Anet's servers, then they are definitely guilty of a completely unjustified and unnecessary breach of privacy. Though, the type of information gathered was not very personal in nature, and should not have contained any private/confidential data like content of files loaded by a running process. > > > > > > > > > > > > > > > > > > > > And it really has nothing to do with data like location coordinates for character movement. Those are data points that have to be sent to the game servers for the game to function. If the client wasn't sending information to the server about your location, movement, and skill use you wouldn't be able to play the game. Data gathered by scanning other processes running on the computer has nothing to do with the game's functionality, and falls completely under the category of spying/surveillance. > > > > > > > > > > > > > > > > > > Please read my post. The data itself have been sent for technical purposes. Just cause the detection might have been done on the client, and after selection, the data was sent again in a different form, doesnt change that. Everything you do is sent to the server anyways and is logged. It is just another presentation with a different goal. > > > > > > > > > > > > > > > > As far as I'm aware, there is no actual evidence or indication of that. The only evidence I've seen related to the specifics of data being sent back to Anet by the scanner was that there was at least some degree of filtering done before it was sent. That indicates that the full set of data gathered was not sent back. Looking at the functionality of other similar cheat detection tools in use with other games, that is how Anet's tool would be expected to work. > > > > > > > > > > > > > > > > Anet would most likely want to avoid being accused of a using a cheat detection tool that was the equivalent of spyware. It would be very stupid of them to collect the full list of processes running on every player's PC, in any form. That information is not of much use to them, and having it would only harm their reputation. They really need to release a statement and clarify what exactly what data was collected by them, because there is already a considerable amount of bad press about this mess that could be alleviated if we knew for sure they didn't collect all of that data. > > > > > > > > > > > > > > Despite your propaganda, I would invite you to actually react to what I am saying. A vague. No indication is not really a reply. My stance is that the goal of a hacking tool that gives an unfair advantage is to gain an advantage on the server. (More loot, quicker movement, walking through walls, etc). As it would be only on the client side, it would never give an advantage. So the data envolved is allready sent to the server, but is gathered again in a different representation to track down cheaters. That has nothing to do with spyware. > > > > > > > > > > > > I really do not know what point you are trying to make here, in regard to how this recent ban wave was carried out. The type of detection you mentioned is not what was used in this case. And that's not propaganda, Anet told us that in their own statement. > > > > > > > > > > > > I'm sure we all realize that Anet does collect data server-side based on our activity in the game. Data to determine whether our characters are using macros, moving too fast, jumping higher than should be possible, or teleporting without using portal, etc. But that type of data collection/cheat detection has absolutely nothing to do with how Anet detected cheats for this ban wave. > > > > > > > > > > > > For the topic at hand, we are discussing a cheat detection tool that used a Windows OS function to read data about players' computers, producing MD5 hashes of every running process, compared that list of MD5s against a list of MD5s belonging to cheat programs, then reported back to Anet whether or not a match was found. The point of uncertainty is whether or not the full list of MD5s was sent back, or only those determined to match a known cheat's MD5. If it turns out that Anet was collecting the full list of signatures from every player, then it would be considered spyware. It does not seem that the full list was collected, but only Anet knows that for sure. > > > > > > > > > > > > I can't give a definitive answer on that point, because one does not exist that we are privy to. > > > > > > > > > > Again, you are spreading misinformation. The md5 check is done client side. The entire chest detection is done at the client (you said so yourself). Once the game recognizes certain third party apps running, it is gathering data allready sent to the sever to function in a regular way to track the ingame behavior of a cheater. Arenanet is not sending a list of processes running to the server. The check if there is a suspected app is done one the client, and if so it sends the regular game data together with the suspicious flag to the server. > > > > > > > > There is no misinformation on my part, but you have definitely misread Anet's statement on this matter. > > > > > > > > > @"Gaile Gray.6029" said: > > > > >Yesterday we suspended 1,583 accounts for a period of 6 months. 1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs over a significant number of hours during a multi-week period earlier this year. We targeted programs that allow players to cheat and gain unfair gameplay advantages, even if those programs have other, more benign uses. > > > > > > > > > @"mercury ranique.2170" said: > > > > > People are banned for illegal behavior in game based on the actual regular data sent from client to server. The cheat detection tool checked on the client and marked the client as suspicous. It looked for specific game data based on this client side suspicion. > > > > > > > > It's clearly stated that the suspensions were based on the detection of these programs running along side GW2. They even said that they banned for programs that have "other, more benign uses", which shows that they were not relying on data collected by ingame activity/server communications. Their own words tell us that these bans were based on only the detection of a running process, not that data in combination with their usual detection methods of monitoring client/character/server activity. > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > There is no reason to claim it is sending all processes to arenanet. As stated by yourself. This check is done at the client. > > > > > > > > > > > > > > > > > You're right that there is no evidence right now giving us reason to assume that Anet collected data on all running processes. I've only claimed that we do not know that for sure, because Anet has so far failed to confirm it. There were previous accusations that were later updated by reddit users(though not with certainty), but games media outlets had already published stories claiming that the full list of processes was gathered. That is why Anet needs to make a statement clarifying that point. > > > > > > > > I don't think Anet has a list of every process running on my PC. But I know that accusation is already out there, and there will be people that think it's true. It even did seem like it was true at first. I'm not going to post saying that Anet did not gather that data, because right now it's just the most logical conclusion, not a confirmed fact. > > > > > > As stated, there is no evidence, so bring it or stop accusing them for using spyware. > > > They do not have to proof anything they didnt do. You have to proof they did. They have a very clear privacy statement. This is part of the agreement we have with them. I have absolutely no reason to believe they are not holding there part of the deal. There is no reasons for the to do so either. Making false allegations however.... > > > > There is evidence of what the detection tool did, with some additional information being found later on that indicates there was some degree of filtering going on within the tool that likely limited the data it sent back to Anet. I'm not making the accusation that this means Anet used spyware, I'm pointing out that the evidence we do have does not conclusively clear them of the accusations already made by others. > > > > This has nothing to do with what Anet's privacy agreement (or any other agreement) does or doesn't grant them permission to do. This is about Anet, for some inexplicable reason, allowing an accusation to stand unchallenged/unclarified when the evidence generally points to it being untrue. > > > > And even if a privacy agreement does grant broad, open-ended power to report back activity or data from a user's PC, that does not exclude the software from being labeled as spyware. Plenty of software universally labeled as spyware come with terms/agreements that grant them permission to the very things that get them labeled as spyware. That determination isn't based on what permission a document grants, it's based on how the software actually behaves. > > > > edit: A little example to illustrate the point. > > > > Let's say Shad Bad Guys Inc. release a web browser. This browser collects data on everything you do within it, as well as which other software you have installed and use on your computer. This data is then sold to third parties for advertising or other purposes. Their EULA/privacy agreement state that this happens, through some vague terms. > > > > Their web browser behaves as spyware, and is going to be generally labeled as such. Your anti-virus/MalwareBytes/etc are going to flag this software for what it is. > > > > Shady Bad Guys Inc. can't say - "This data collection is included in our agreements, so our browser is not spyware." > > Shady Bad Guys Inc. *can say* - "This data collection is included in our agreements, which you agreed to." > > > > You don't really have any legal recourse to take action against Shady Bad Guys for spying on you unless there was some illegal activity going on or their agreements are deemed invalid, but you are free to call their spyware spyware, because it acts as spyware. > > As said, the tool was run client side. So whatever data it collected was not automatically sent to Arenanet. You even agree there is filtering going on. Spyware is when it is not filtering and when it is sending the collected data to Arenanet. Except we don't know that with any more than an "I think" level of certainty... ("I think" being the words used by the person that discovered what looked like filtering in the code) What was filtered and what was sent are unknowns. The idea that everything not a positive match for known cheats was filtered out is just a logical assumption. It's probably true, but we just can't be sure about it. I would hold off on the spyware label myself without additional data on what was/wasn't filtered to tilt the scales the other way. > > The fact that you run app A or B isn't illegal. The fact that you use it to gain an unfair advantage is. All this tool did was tracking (on the clientside) if something fishy was going on and if so, sent the regular data with the 'this is fishy remark' to arenanet to investigate the players behaviour. > > That part is not true, according to Anet's statement. They were basing bans solely on the presence of a process, not whether that process was actually being used to cheat in GW2. What you describe is what they really should have been doing, and what they had been doing up until now. As far as we know, making determinations on banning has, for the last 6 years, been based on actually using cheats to gain an unfair advantage. A lot of the outrage right now is because of Anet's (by their own admission) lack of due diligence in determining whether players were actually cheating. Link to comment Share on other sites More sharing options...
Obtena.7952 Posted April 20, 2018 Share Posted April 20, 2018 > @"mrstealth.6701" said: > > @"battledrone.8315" said: > > > @"mrstealth.6701" said: > > > > @"Bloodstealer.5978" said: > > > > > @"GreyWolf.8670" said: > > > > > > @"Faaris.8013" said: > > > > > > > > > > > The point is that you are not bound to the EULA or any other agreement if you were not shown it and agreed to it before buying the game (in Germany). When I go to the Anet webpage and purchase GW2, then get the download link and install the game, it's already too late for the EULA. > > > > > > > > > > > > > > > > No. You must agree to the EULA when you create your account **before** can you buy the game from ArenaNet **or** play it. > > > > > > > > Not sure this is correct...though tbh I never purchased mine digitally, but I would guess it works the same as when buying the box set originally.. you purchase, you install and create account at which point you then accept the EULA and play... if you don't accept you don't get login access. > > > > However there is I believe a little disclaimer that states WARNING Acceptance of certain agreements is required, but of course you don't know what until you install it :) > > > > > > That is what's on the back of my collector's edition box. > > > > > > "Acceptance of certain agreements is required." > > > > > > Of course, you don't see those agreements until after you've opened the package and made returning it impossible. I suppose they could say that you are able to dig around a website and find them, but I'm not sure how much of a legal leg that has to stand on. EULAs in general tend to not have much to back them up legally, and companies rely more on the fact that 99.9% of their customers don't have the time or resources to hash it out in a courtroom. That is, if there isn't already some even more legally vague arbitration clause the company hopes will prevent that from ever happening. > > > > > > Not intended as a jab at Anet specifically, just observation on software EULAs in general. Anet's agreements are kinda mild compared to some crap others try to cram in there. > > > > > > TLDR: EULAs are largely unenforceable garbage, and companies know it. They just bank on you thinking it's not worth fighting. > > > > you want to play in THEIR yard with THEIR ball, but it has to be by YOUR rules...good luck with that > > if you want to fight them on this, go for it...i could use a good laugh > > The point is that, depending on the jurisdiction, there is the distinct possibility that the referee (a judge) would deem a company's yard to be too imbalanced, tilted, and full of holes to be a legitimate playing field. That's not a relevant point. Anet owns the accounts and they are within their right to deal with people that damage their assets, including monitoring your behaviour including assessing potential risks to those assets by players. Figure that out already. If THEY own them, THEY can do what they want with them. You are buying a SERVICE and access to that service is GRANTED based on behaviour and payment. I love how people complicate things to think they have some loophole to justify cheating or having behaviours that get you banned. Link to comment Share on other sites More sharing options...
mercury ranique.2170 Posted April 20, 2018 Share Posted April 20, 2018 > @"mrstealth.6701" said: > > @"mercury ranique.2170" said: > > > @"mrstealth.6701" said: > > > > @"mercury ranique.2170" said: > > > > > @"mrstealth.6701" said: > > > > > > @"mercury ranique.2170" said: > > > > > > > @"mrstealth.6701" said: > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > My account is safe, not banned. I'm more concerned with the privacy violation. I think this should have been better put together like Blizzards Warden in a way where it prohibits people from logging in or staying logged in if said programs are active, permanent again like Warden, and finally they should have had the decency to tell us what was happening so that we don't have all of these conspiracy theories going around. Personally I haven't logged in beyond making sure I wasn't swept up with the 1500. The lack of transparency has really killed my interest in playing or spending money until we get a statement regarding this program and what data was collected, how it was encrypted (if it was even), and what data they kept. I also think ANet should release a statement to major blogs such as Massively OP because out side of GW2s player base ANet has egg on it's face. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I want to avoid any sparring so if I see anything I feel might get my blood boiling it's probably smart of me to not engage. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > We all have great love for this franchise and I respect your viewpoints so let's keep our discourse civil over this hot button situation. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The warden does nothing to stop bad people. > > > > > > > > > > > > > > > As for privacy. We find it perfectly ok that Arenanet gathers data. This is needed for example to play the game. Store our progress, etc. All data involved has to be sent to Arenanet anyways. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > This data is only reviewed by a human in the following situations: > > > > > > > > > > > > > > > 1: when you report a bug > > > > > > > > > > > > > > > 2: when you are reported > > > > > > > > > > > > > > > 3: when you are flagged as suspicious by automatic systems. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Even then, the GM is not allowed to sniff through all your file. Only what is relative close to the timestamp of the incident. > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thank you for the clarification, this is the sort of thing that should be elaborated by ANet; this would clear up a lot of half truths and out right Mis information. > > > > > > > > > > > > > > > > > > > > > > > > > > The data required to play the game (your characters, progression, etc) and what Anet was scanning to look for cheats (every running process, whether it relates to the game or not) are two entirely different things. There isn't really any reason for them to be checking every other process outside of looking for cheats. The only other instance where they have any business looking outside of their own game's data is for crash reports, and I think reports like that are typically limited to hardware info like CPU/GPU and driver versions. > > > > > > > > > > > > > > > > > > > > > > > > > > That said, data actually being sent back to Anet in this cheat detection system appears to be restricted to detections of the specific programs they were hunting. If you had none of those running, there shouldn't have been any extra data being sent to Anet. It's definitely concerning when any software starts sifting through data on our computers unannounced, especially when the developer refuses to say what data was or wasn't sent back to them, and what, if anything, was kept for later use. But at least in this case it *appears* that for the majority of us, it was nothing. > > > > > > > > > > > > > > > > > > > > > > > > Not really. The scan was done on the client, but the data scanned was also sent to the server, just in a different fase of processing. > > > > > > > > > > > > Let’s look at the flow. > > > > > > > > > > > > > > > > > > > > > > > > You press the forward key, this is translated by the client in the way your character moves the screen. The new position coordinates are also sent to arenanet. So the actual input output flow ends at the central server > > > > > > > > > > > > > > > > > > > > > > Going by the reverse engineering work done by a couple reddit users, the client should have only been sending back data if something on the list of cheat programs they were targeting was detected. We may never know with 100% certainty how much or how little data was sent back to Anet, but it seems to be little to none for most of us. If the entirety of that data was being sent back to Anet's servers, then they are definitely guilty of a completely unjustified and unnecessary breach of privacy. Though, the type of information gathered was not very personal in nature, and should not have contained any private/confidential data like content of files loaded by a running process. > > > > > > > > > > > > > > > > > > > > > > And it really has nothing to do with data like location coordinates for character movement. Those are data points that have to be sent to the game servers for the game to function. If the client wasn't sending information to the server about your location, movement, and skill use you wouldn't be able to play the game. Data gathered by scanning other processes running on the computer has nothing to do with the game's functionality, and falls completely under the category of spying/surveillance. > > > > > > > > > > > > > > > > > > > > Please read my post. The data itself have been sent for technical purposes. Just cause the detection might have been done on the client, and after selection, the data was sent again in a different form, doesnt change that. Everything you do is sent to the server anyways and is logged. It is just another presentation with a different goal. > > > > > > > > > > > > > > > > > > As far as I'm aware, there is no actual evidence or indication of that. The only evidence I've seen related to the specifics of data being sent back to Anet by the scanner was that there was at least some degree of filtering done before it was sent. That indicates that the full set of data gathered was not sent back. Looking at the functionality of other similar cheat detection tools in use with other games, that is how Anet's tool would be expected to work. > > > > > > > > > > > > > > > > > > Anet would most likely want to avoid being accused of a using a cheat detection tool that was the equivalent of spyware. It would be very stupid of them to collect the full list of processes running on every player's PC, in any form. That information is not of much use to them, and having it would only harm their reputation. They really need to release a statement and clarify what exactly what data was collected by them, because there is already a considerable amount of bad press about this mess that could be alleviated if we knew for sure they didn't collect all of that data. > > > > > > > > > > > > > > > > Despite your propaganda, I would invite you to actually react to what I am saying. A vague. No indication is not really a reply. My stance is that the goal of a hacking tool that gives an unfair advantage is to gain an advantage on the server. (More loot, quicker movement, walking through walls, etc). As it would be only on the client side, it would never give an advantage. So the data envolved is allready sent to the server, but is gathered again in a different representation to track down cheaters. That has nothing to do with spyware. > > > > > > > > > > > > > > I really do not know what point you are trying to make here, in regard to how this recent ban wave was carried out. The type of detection you mentioned is not what was used in this case. And that's not propaganda, Anet told us that in their own statement. > > > > > > > > > > > > > > I'm sure we all realize that Anet does collect data server-side based on our activity in the game. Data to determine whether our characters are using macros, moving too fast, jumping higher than should be possible, or teleporting without using portal, etc. But that type of data collection/cheat detection has absolutely nothing to do with how Anet detected cheats for this ban wave. > > > > > > > > > > > > > > For the topic at hand, we are discussing a cheat detection tool that used a Windows OS function to read data about players' computers, producing MD5 hashes of every running process, compared that list of MD5s against a list of MD5s belonging to cheat programs, then reported back to Anet whether or not a match was found. The point of uncertainty is whether or not the full list of MD5s was sent back, or only those determined to match a known cheat's MD5. If it turns out that Anet was collecting the full list of signatures from every player, then it would be considered spyware. It does not seem that the full list was collected, but only Anet knows that for sure. > > > > > > > > > > > > > > I can't give a definitive answer on that point, because one does not exist that we are privy to. > > > > > > > > > > > > Again, you are spreading misinformation. The md5 check is done client side. The entire chest detection is done at the client (you said so yourself). Once the game recognizes certain third party apps running, it is gathering data allready sent to the sever to function in a regular way to track the ingame behavior of a cheater. Arenanet is not sending a list of processes running to the server. The check if there is a suspected app is done one the client, and if so it sends the regular game data together with the suspicious flag to the server. > > > > > > > > > > There is no misinformation on my part, but you have definitely misread Anet's statement on this matter. > > > > > > > > > > > @"Gaile Gray.6029" said: > > > > > >Yesterday we suspended 1,583 accounts for a period of 6 months. 1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs over a significant number of hours during a multi-week period earlier this year. We targeted programs that allow players to cheat and gain unfair gameplay advantages, even if those programs have other, more benign uses. > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > People are banned for illegal behavior in game based on the actual regular data sent from client to server. The cheat detection tool checked on the client and marked the client as suspicous. It looked for specific game data based on this client side suspicion. > > > > > > > > > > It's clearly stated that the suspensions were based on the detection of these programs running along side GW2. They even said that they banned for programs that have "other, more benign uses", which shows that they were not relying on data collected by ingame activity/server communications. Their own words tell us that these bans were based on only the detection of a running process, not that data in combination with their usual detection methods of monitoring client/character/server activity. > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > There is no reason to claim it is sending all processes to arenanet. As stated by yourself. This check is done at the client. > > > > > > > > > > > > > > > > > > > > > You're right that there is no evidence right now giving us reason to assume that Anet collected data on all running processes. I've only claimed that we do not know that for sure, because Anet has so far failed to confirm it. There were previous accusations that were later updated by reddit users(though not with certainty), but games media outlets had already published stories claiming that the full list of processes was gathered. That is why Anet needs to make a statement clarifying that point. > > > > > > > > > > I don't think Anet has a list of every process running on my PC. But I know that accusation is already out there, and there will be people that think it's true. It even did seem like it was true at first. I'm not going to post saying that Anet did not gather that data, because right now it's just the most logical conclusion, not a confirmed fact. > > > > > > > > As stated, there is no evidence, so bring it or stop accusing them for using spyware. > > > > They do not have to proof anything they didnt do. You have to proof they did. They have a very clear privacy statement. This is part of the agreement we have with them. I have absolutely no reason to believe they are not holding there part of the deal. There is no reasons for the to do so either. Making false allegations however.... > > > > > > There is evidence of what the detection tool did, with some additional information being found later on that indicates there was some degree of filtering going on within the tool that likely limited the data it sent back to Anet. I'm not making the accusation that this means Anet used spyware, I'm pointing out that the evidence we do have does not conclusively clear them of the accusations already made by others. > > > > > > This has nothing to do with what Anet's privacy agreement (or any other agreement) does or doesn't grant them permission to do. This is about Anet, for some inexplicable reason, allowing an accusation to stand unchallenged/unclarified when the evidence generally points to it being untrue. > > > > > > And even if a privacy agreement does grant broad, open-ended power to report back activity or data from a user's PC, that does not exclude the software from being labeled as spyware. Plenty of software universally labeled as spyware come with terms/agreements that grant them permission to the very things that get them labeled as spyware. That determination isn't based on what permission a document grants, it's based on how the software actually behaves. > > > > > > edit: A little example to illustrate the point. > > > > > > Let's say Shad Bad Guys Inc. release a web browser. This browser collects data on everything you do within it, as well as which other software you have installed and use on your computer. This data is then sold to third parties for advertising or other purposes. Their EULA/privacy agreement state that this happens, through some vague terms. > > > > > > Their web browser behaves as spyware, and is going to be generally labeled as such. Your anti-virus/MalwareBytes/etc are going to flag this software for what it is. > > > > > > Shady Bad Guys Inc. can't say - "This data collection is included in our agreements, so our browser is not spyware." > > > Shady Bad Guys Inc. *can say* - "This data collection is included in our agreements, which you agreed to." > > > > > > You don't really have any legal recourse to take action against Shady Bad Guys for spying on you unless there was some illegal activity going on or their agreements are deemed invalid, but you are free to call their spyware spyware, because it acts as spyware. > > > > As said, the tool was run client side. So whatever data it collected was not automatically sent to Arenanet. You even agree there is filtering going on. Spyware is when it is not filtering and when it is sending the collected data to Arenanet. > > Except we don't know that with any more than an "I think" level of certainty... ("I think" being the words used by the person that discovered what looked like filtering in the code) > What was filtered and what was sent are unknowns. The idea that everything not a positive match for known cheats was filtered out is just a logical assumption. It's probably true, but we just can't be sure about it. I would hold off on the spyware label myself without additional data on what was/wasn't filtered to tilt the scales the other way. > > > > > The fact that you run app A or B isn't illegal. The fact that you use it to gain an unfair advantage is. All this tool did was tracking (on the clientside) if something fishy was going on and if so, sent the regular data with the 'this is fishy remark' to arenanet to investigate the players behaviour. > > > > > > That part is not true, according to Anet's statement. They were basing bans solely on the presence of a process, not whether that process was actually being used to cheat in GW2. > > What you describe is what they really should have been doing, and what they had been doing up until now. As far as we know, making determinations on banning has, for the last 6 years, been based on actually using cheats to gain an unfair advantage. A lot of the outrage right now is because of Anet's (by their own admission) lack of due diligence in determining whether players were actually cheating. I am stopping this discussion as it never has been a discussion. People give arguments. You say they are wrong, but never put counter arguments. Just wall ps of text why arenanet is bad without given any proper counter argument. You question arenanet’s motives. So let’s turn that around. Why do you invest so much time and nonsense I can discrediting arenanet. Perhaps you favor from arenanet in being discredited? Link to comment Share on other sites More sharing options...
mrstealth.6701 Posted April 20, 2018 Share Posted April 20, 2018 > @"Obtena.7952" said: > > @"mrstealth.6701" said: > > > @"battledrone.8315" said: > > > > @"mrstealth.6701" said: > > > > > @"Bloodstealer.5978" said: > > > > > > @"GreyWolf.8670" said: > > > > > > > @"Faaris.8013" said: > > > > > > > > > > > > > The point is that you are not bound to the EULA or any other agreement if you were not shown it and agreed to it before buying the game (in Germany). When I go to the Anet webpage and purchase GW2, then get the download link and install the game, it's already too late for the EULA. > > > > > > > > > > > > > > > > > > > No. You must agree to the EULA when you create your account **before** can you buy the game from ArenaNet **or** play it. > > > > > > > > > > Not sure this is correct...though tbh I never purchased mine digitally, but I would guess it works the same as when buying the box set originally.. you purchase, you install and create account at which point you then accept the EULA and play... if you don't accept you don't get login access. > > > > > However there is I believe a little disclaimer that states WARNING Acceptance of certain agreements is required, but of course you don't know what until you install it :) > > > > > > > > That is what's on the back of my collector's edition box. > > > > > > > > "Acceptance of certain agreements is required." > > > > > > > > Of course, you don't see those agreements until after you've opened the package and made returning it impossible. I suppose they could say that you are able to dig around a website and find them, but I'm not sure how much of a legal leg that has to stand on. EULAs in general tend to not have much to back them up legally, and companies rely more on the fact that 99.9% of their customers don't have the time or resources to hash it out in a courtroom. That is, if there isn't already some even more legally vague arbitration clause the company hopes will prevent that from ever happening. > > > > > > > > Not intended as a jab at Anet specifically, just observation on software EULAs in general. Anet's agreements are kinda mild compared to some crap others try to cram in there. > > > > > > > > TLDR: EULAs are largely unenforceable garbage, and companies know it. They just bank on you thinking it's not worth fighting. > > > > > > you want to play in THEIR yard with THEIR ball, but it has to be by YOUR rules...good luck with that > > > if you want to fight them on this, go for it...i could use a good laugh > > > > The point is that, depending on the jurisdiction, there is the distinct possibility that the referee (a judge) would deem a company's yard to be too imbalanced, tilted, and full of holes to be a legitimate playing field. > > That's not a relevant point. Anet owns the accounts and they are within their right to deal with people that damage their assets, including monitoring your behaviour including assessing potential risks to those assets by players. Figure that out already. If THEY own them, THEY can do what they want with them. You are buying a SERVICE and access to that service is GRANTED based on behaviour and payment. I love how people complicate things to think they have some loophole to justify cheating or having behaviours that get you banned. > > You missed the point of what I said. The whole idea that "THEY own them, THEY can do what they want with them. You are buying a SERVICE and access to that service is GRANTED based on behaviour and payment" can be thrown out by a court ruling. If a judge were to make such a decision, nothing in that EULA/ToS/etc would have any meaning or grant any power. I'm not saying it's likely to happen. It would take someone putting forth a very significant amount of time, effort, and money for that to even be possible. But there are examples of cases were EULAs were nullified by a court. I certainly do not want a courtroom to be the stage for cheaters and hackers to have bans overturned. But I also do not want to see players that have done nothing wrong being wrongly punished as cheaters, with no ability to clear themselves. When players are wrongly banned based on circumstantial evidence (finding a process running) instead of direct evidence (finding them cheating ingame), without being given the chance to appeal and have further investigation, the only options they have are to accept wrongful punishment, challenge the company's right to punish them in court, or try to create enough of a public outcry to pressure the company into reconsidering their action. Unfortunately, we don't have access to the information to decide which players claiming to be wrongfully banned are telling the truth, and which are cheaters trying to get their punishments lifted. Anet should have that information, but they have refused to use it in these cases. Link to comment Share on other sites More sharing options...
Obtena.7952 Posted April 20, 2018 Share Posted April 20, 2018 I don't see where those nullified EULA's have anything to do with what's happened here ... it's a deflection tactic. You keep bringing up this 'wrongful punishment of people that did nothing wrong" ... except you have no authority to define what is 'wrong' or 'right'. Anet owns the accounts. If Anet determines a criteria for what is unacceptable bahaviors for players that have access to the account, they can act on that. You're still trying to redefine the boundary of what is acceptable ... except what you think it is doesn't matter. It's irrelevant how you define cheating. There is no perfect system where ONLY the cheaters are punished and ONLY the non-cheaters aren't. That's just wishful thinking and it's not realistic. Link to comment Share on other sites More sharing options...
mrstealth.6701 Posted April 20, 2018 Share Posted April 20, 2018 > @"mercury ranique.2170" said: > > @"mrstealth.6701" said: > > > @"mercury ranique.2170" said: > > > > @"mrstealth.6701" said: > > > > > @"mercury ranique.2170" said: > > > > > > @"mrstealth.6701" said: > > > > > > > @"mercury ranique.2170" said: > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > > My account is safe, not banned. I'm more concerned with the privacy violation. I think this should have been better put together like Blizzards Warden in a way where it prohibits people from logging in or staying logged in if said programs are active, permanent again like Warden, and finally they should have had the decency to tell us what was happening so that we don't have all of these conspiracy theories going around. Personally I haven't logged in beyond making sure I wasn't swept up with the 1500. The lack of transparency has really killed my interest in playing or spending money until we get a statement regarding this program and what data was collected, how it was encrypted (if it was even), and what data they kept. I also think ANet should release a statement to major blogs such as Massively OP because out side of GW2s player base ANet has egg on it's face. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I want to avoid any sparring so if I see anything I feel might get my blood boiling it's probably smart of me to not engage. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > We all have great love for this franchise and I respect your viewpoints so let's keep our discourse civil over this hot button situation. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The warden does nothing to stop bad people. > > > > > > > > > > > > > > > > As for privacy. We find it perfectly ok that Arenanet gathers data. This is needed for example to play the game. Store our progress, etc. All data involved has to be sent to Arenanet anyways. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > This data is only reviewed by a human in the following situations: > > > > > > > > > > > > > > > > 1: when you report a bug > > > > > > > > > > > > > > > > 2: when you are reported > > > > > > > > > > > > > > > > 3: when you are flagged as suspicious by automatic systems. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Even then, the GM is not allowed to sniff through all your file. Only what is relative close to the timestamp of the incident. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thank you for the clarification, this is the sort of thing that should be elaborated by ANet; this would clear up a lot of half truths and out right Mis information. > > > > > > > > > > > > > > > > > > > > > > > > > > > > The data required to play the game (your characters, progression, etc) and what Anet was scanning to look for cheats (every running process, whether it relates to the game or not) are two entirely different things. There isn't really any reason for them to be checking every other process outside of looking for cheats. The only other instance where they have any business looking outside of their own game's data is for crash reports, and I think reports like that are typically limited to hardware info like CPU/GPU and driver versions. > > > > > > > > > > > > > > > > > > > > > > > > > > > > That said, data actually being sent back to Anet in this cheat detection system appears to be restricted to detections of the specific programs they were hunting. If you had none of those running, there shouldn't have been any extra data being sent to Anet. It's definitely concerning when any software starts sifting through data on our computers unannounced, especially when the developer refuses to say what data was or wasn't sent back to them, and what, if anything, was kept for later use. But at least in this case it *appears* that for the majority of us, it was nothing. > > > > > > > > > > > > > > > > > > > > > > > > > > Not really. The scan was done on the client, but the data scanned was also sent to the server, just in a different fase of processing. > > > > > > > > > > > > > Let’s look at the flow. > > > > > > > > > > > > > > > > > > > > > > > > > > You press the forward key, this is translated by the client in the way your character moves the screen. The new position coordinates are also sent to arenanet. So the actual input output flow ends at the central server > > > > > > > > > > > > > > > > > > > > > > > > Going by the reverse engineering work done by a couple reddit users, the client should have only been sending back data if something on the list of cheat programs they were targeting was detected. We may never know with 100% certainty how much or how little data was sent back to Anet, but it seems to be little to none for most of us. If the entirety of that data was being sent back to Anet's servers, then they are definitely guilty of a completely unjustified and unnecessary breach of privacy. Though, the type of information gathered was not very personal in nature, and should not have contained any private/confidential data like content of files loaded by a running process. > > > > > > > > > > > > > > > > > > > > > > > > And it really has nothing to do with data like location coordinates for character movement. Those are data points that have to be sent to the game servers for the game to function. If the client wasn't sending information to the server about your location, movement, and skill use you wouldn't be able to play the game. Data gathered by scanning other processes running on the computer has nothing to do with the game's functionality, and falls completely under the category of spying/surveillance. > > > > > > > > > > > > > > > > > > > > > > Please read my post. The data itself have been sent for technical purposes. Just cause the detection might have been done on the client, and after selection, the data was sent again in a different form, doesnt change that. Everything you do is sent to the server anyways and is logged. It is just another presentation with a different goal. > > > > > > > > > > > > > > > > > > > > As far as I'm aware, there is no actual evidence or indication of that. The only evidence I've seen related to the specifics of data being sent back to Anet by the scanner was that there was at least some degree of filtering done before it was sent. That indicates that the full set of data gathered was not sent back. Looking at the functionality of other similar cheat detection tools in use with other games, that is how Anet's tool would be expected to work. > > > > > > > > > > > > > > > > > > > > Anet would most likely want to avoid being accused of a using a cheat detection tool that was the equivalent of spyware. It would be very stupid of them to collect the full list of processes running on every player's PC, in any form. That information is not of much use to them, and having it would only harm their reputation. They really need to release a statement and clarify what exactly what data was collected by them, because there is already a considerable amount of bad press about this mess that could be alleviated if we knew for sure they didn't collect all of that data. > > > > > > > > > > > > > > > > > > Despite your propaganda, I would invite you to actually react to what I am saying. A vague. No indication is not really a reply. My stance is that the goal of a hacking tool that gives an unfair advantage is to gain an advantage on the server. (More loot, quicker movement, walking through walls, etc). As it would be only on the client side, it would never give an advantage. So the data envolved is allready sent to the server, but is gathered again in a different representation to track down cheaters. That has nothing to do with spyware. > > > > > > > > > > > > > > > > I really do not know what point you are trying to make here, in regard to how this recent ban wave was carried out. The type of detection you mentioned is not what was used in this case. And that's not propaganda, Anet told us that in their own statement. > > > > > > > > > > > > > > > > I'm sure we all realize that Anet does collect data server-side based on our activity in the game. Data to determine whether our characters are using macros, moving too fast, jumping higher than should be possible, or teleporting without using portal, etc. But that type of data collection/cheat detection has absolutely nothing to do with how Anet detected cheats for this ban wave. > > > > > > > > > > > > > > > > For the topic at hand, we are discussing a cheat detection tool that used a Windows OS function to read data about players' computers, producing MD5 hashes of every running process, compared that list of MD5s against a list of MD5s belonging to cheat programs, then reported back to Anet whether or not a match was found. The point of uncertainty is whether or not the full list of MD5s was sent back, or only those determined to match a known cheat's MD5. If it turns out that Anet was collecting the full list of signatures from every player, then it would be considered spyware. It does not seem that the full list was collected, but only Anet knows that for sure. > > > > > > > > > > > > > > > > I can't give a definitive answer on that point, because one does not exist that we are privy to. > > > > > > > > > > > > > > Again, you are spreading misinformation. The md5 check is done client side. The entire chest detection is done at the client (you said so yourself). Once the game recognizes certain third party apps running, it is gathering data allready sent to the sever to function in a regular way to track the ingame behavior of a cheater. Arenanet is not sending a list of processes running to the server. The check if there is a suspected app is done one the client, and if so it sends the regular game data together with the suspicious flag to the server. > > > > > > > > > > > > There is no misinformation on my part, but you have definitely misread Anet's statement on this matter. > > > > > > > > > > > > > @"Gaile Gray.6029" said: > > > > > > >Yesterday we suspended 1,583 accounts for a period of 6 months. 1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs over a significant number of hours during a multi-week period earlier this year. We targeted programs that allow players to cheat and gain unfair gameplay advantages, even if those programs have other, more benign uses. > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > People are banned for illegal behavior in game based on the actual regular data sent from client to server. The cheat detection tool checked on the client and marked the client as suspicous. It looked for specific game data based on this client side suspicion. > > > > > > > > > > > > It's clearly stated that the suspensions were based on the detection of these programs running along side GW2. They even said that they banned for programs that have "other, more benign uses", which shows that they were not relying on data collected by ingame activity/server communications. Their own words tell us that these bans were based on only the detection of a running process, not that data in combination with their usual detection methods of monitoring client/character/server activity. > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > There is no reason to claim it is sending all processes to arenanet. As stated by yourself. This check is done at the client. > > > > > > > > > > > > > > > > > > > > > > > > > You're right that there is no evidence right now giving us reason to assume that Anet collected data on all running processes. I've only claimed that we do not know that for sure, because Anet has so far failed to confirm it. There were previous accusations that were later updated by reddit users(though not with certainty), but games media outlets had already published stories claiming that the full list of processes was gathered. That is why Anet needs to make a statement clarifying that point. > > > > > > > > > > > > I don't think Anet has a list of every process running on my PC. But I know that accusation is already out there, and there will be people that think it's true. It even did seem like it was true at first. I'm not going to post saying that Anet did not gather that data, because right now it's just the most logical conclusion, not a confirmed fact. > > > > > > > > > > As stated, there is no evidence, so bring it or stop accusing them for using spyware. > > > > > They do not have to proof anything they didnt do. You have to proof they did. They have a very clear privacy statement. This is part of the agreement we have with them. I have absolutely no reason to believe they are not holding there part of the deal. There is no reasons for the to do so either. Making false allegations however.... > > > > > > > > There is evidence of what the detection tool did, with some additional information being found later on that indicates there was some degree of filtering going on within the tool that likely limited the data it sent back to Anet. I'm not making the accusation that this means Anet used spyware, I'm pointing out that the evidence we do have does not conclusively clear them of the accusations already made by others. > > > > > > > > This has nothing to do with what Anet's privacy agreement (or any other agreement) does or doesn't grant them permission to do. This is about Anet, for some inexplicable reason, allowing an accusation to stand unchallenged/unclarified when the evidence generally points to it being untrue. > > > > > > > > And even if a privacy agreement does grant broad, open-ended power to report back activity or data from a user's PC, that does not exclude the software from being labeled as spyware. Plenty of software universally labeled as spyware come with terms/agreements that grant them permission to the very things that get them labeled as spyware. That determination isn't based on what permission a document grants, it's based on how the software actually behaves. > > > > > > > > edit: A little example to illustrate the point. > > > > > > > > Let's say Shad Bad Guys Inc. release a web browser. This browser collects data on everything you do within it, as well as which other software you have installed and use on your computer. This data is then sold to third parties for advertising or other purposes. Their EULA/privacy agreement state that this happens, through some vague terms. > > > > > > > > Their web browser behaves as spyware, and is going to be generally labeled as such. Your anti-virus/MalwareBytes/etc are going to flag this software for what it is. > > > > > > > > Shady Bad Guys Inc. can't say - "This data collection is included in our agreements, so our browser is not spyware." > > > > Shady Bad Guys Inc. *can say* - "This data collection is included in our agreements, which you agreed to." > > > > > > > > You don't really have any legal recourse to take action against Shady Bad Guys for spying on you unless there was some illegal activity going on or their agreements are deemed invalid, but you are free to call their spyware spyware, because it acts as spyware. > > > > > > As said, the tool was run client side. So whatever data it collected was not automatically sent to Arenanet. You even agree there is filtering going on. Spyware is when it is not filtering and when it is sending the collected data to Arenanet. > > > > Except we don't know that with any more than an "I think" level of certainty... ("I think" being the words used by the person that discovered what looked like filtering in the code) > > What was filtered and what was sent are unknowns. The idea that everything not a positive match for known cheats was filtered out is just a logical assumption. It's probably true, but we just can't be sure about it. I would hold off on the spyware label myself without additional data on what was/wasn't filtered to tilt the scales the other way. > > > > > > > > The fact that you run app A or B isn't illegal. The fact that you use it to gain an unfair advantage is. All this tool did was tracking (on the clientside) if something fishy was going on and if so, sent the regular data with the 'this is fishy remark' to arenanet to investigate the players behaviour. > > > > > > > > > > That part is not true, according to Anet's statement. They were basing bans solely on the presence of a process, not whether that process was actually being used to cheat in GW2. > > > > What you describe is what they really should have been doing, and what they had been doing up until now. As far as we know, making determinations on banning has, for the last 6 years, been based on actually using cheats to gain an unfair advantage. A lot of the outrage right now is because of Anet's (by their own admission) lack of due diligence in determining whether players were actually cheating. > > I am stopping this discussion as it never has been a discussion. People give arguments. You say they are wrong, but never put counter arguments. Just wall ps of text why arenanet is bad without given any proper counter argument. You question arenanet’s motives. So let’s turn that around. Why do you invest so much time and nonsense I can discrediting arenanet. Perhaps you favor from arenanet in being discredited? > I'm not sure what you're getting at, and I'm completely confused on what the last sentence means. I've cited the evidence given in [this]( ) reddit topic. The evidence there is what it is. It's not conclusive, but it does give enough information to draw a logical assumption on how private data was handled. I cannot make it be proof one way or the other. All I can do is point out what the most likely conclusion is, and what the other possibility is. We know data was collected and sent to Anet. We think there was some sort of filter in place that limited what data was sent. We have no idea what parts of the data, if any, might have been filtered before it was sent. I've quoted Anet's official statement because it clarifies a significant point that some people have been confused about. It clearly states that players were banned for having processes running, and not because they were found to be cheating in the game. Link to comment Share on other sites More sharing options...
Obtena.7952 Posted April 20, 2018 Share Posted April 20, 2018 > @"mercury ranique.2170" said: > > @"mrstealth.6701" said: > > > @"mercury ranique.2170" said: > > > > @"mrstealth.6701" said: > > > > > @"mercury ranique.2170" said: > > > > > > @"mrstealth.6701" said: > > > > > > > @"mercury ranique.2170" said: > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > > My account is safe, not banned. I'm more concerned with the privacy violation. I think this should have been better put together like Blizzards Warden in a way where it prohibits people from logging in or staying logged in if said programs are active, permanent again like Warden, and finally they should have had the decency to tell us what was happening so that we don't have all of these conspiracy theories going around. Personally I haven't logged in beyond making sure I wasn't swept up with the 1500. The lack of transparency has really killed my interest in playing or spending money until we get a statement regarding this program and what data was collected, how it was encrypted (if it was even), and what data they kept. I also think ANet should release a statement to major blogs such as Massively OP because out side of GW2s player base ANet has egg on it's face. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I want to avoid any sparring so if I see anything I feel might get my blood boiling it's probably smart of me to not engage. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > We all have great love for this franchise and I respect your viewpoints so let's keep our discourse civil over this hot button situation. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The warden does nothing to stop bad people. > > > > > > > > > > > > > > > > As for privacy. We find it perfectly ok that Arenanet gathers data. This is needed for example to play the game. Store our progress, etc. All data involved has to be sent to Arenanet anyways. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > This data is only reviewed by a human in the following situations: > > > > > > > > > > > > > > > > 1: when you report a bug > > > > > > > > > > > > > > > > 2: when you are reported > > > > > > > > > > > > > > > > 3: when you are flagged as suspicious by automatic systems. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Even then, the GM is not allowed to sniff through all your file. Only what is relative close to the timestamp of the incident. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thank you for the clarification, this is the sort of thing that should be elaborated by ANet; this would clear up a lot of half truths and out right Mis information. > > > > > > > > > > > > > > > > > > > > > > > > > > > > The data required to play the game (your characters, progression, etc) and what Anet was scanning to look for cheats (every running process, whether it relates to the game or not) are two entirely different things. There isn't really any reason for them to be checking every other process outside of looking for cheats. The only other instance where they have any business looking outside of their own game's data is for crash reports, and I think reports like that are typically limited to hardware info like CPU/GPU and driver versions. > > > > > > > > > > > > > > > > > > > > > > > > > > > > That said, data actually being sent back to Anet in this cheat detection system appears to be restricted to detections of the specific programs they were hunting. If you had none of those running, there shouldn't have been any extra data being sent to Anet. It's definitely concerning when any software starts sifting through data on our computers unannounced, especially when the developer refuses to say what data was or wasn't sent back to them, and what, if anything, was kept for later use. But at least in this case it *appears* that for the majority of us, it was nothing. > > > > > > > > > > > > > > > > > > > > > > > > > > Not really. The scan was done on the client, but the data scanned was also sent to the server, just in a different fase of processing. > > > > > > > > > > > > > Let’s look at the flow. > > > > > > > > > > > > > > > > > > > > > > > > > > You press the forward key, this is translated by the client in the way your character moves the screen. The new position coordinates are also sent to arenanet. So the actual input output flow ends at the central server > > > > > > > > > > > > > > > > > > > > > > > > Going by the reverse engineering work done by a couple reddit users, the client should have only been sending back data if something on the list of cheat programs they were targeting was detected. We may never know with 100% certainty how much or how little data was sent back to Anet, but it seems to be little to none for most of us. If the entirety of that data was being sent back to Anet's servers, then they are definitely guilty of a completely unjustified and unnecessary breach of privacy. Though, the type of information gathered was not very personal in nature, and should not have contained any private/confidential data like content of files loaded by a running process. > > > > > > > > > > > > > > > > > > > > > > > > And it really has nothing to do with data like location coordinates for character movement. Those are data points that have to be sent to the game servers for the game to function. If the client wasn't sending information to the server about your location, movement, and skill use you wouldn't be able to play the game. Data gathered by scanning other processes running on the computer has nothing to do with the game's functionality, and falls completely under the category of spying/surveillance. > > > > > > > > > > > > > > > > > > > > > > Please read my post. The data itself have been sent for technical purposes. Just cause the detection might have been done on the client, and after selection, the data was sent again in a different form, doesnt change that. Everything you do is sent to the server anyways and is logged. It is just another presentation with a different goal. > > > > > > > > > > > > > > > > > > > > As far as I'm aware, there is no actual evidence or indication of that. The only evidence I've seen related to the specifics of data being sent back to Anet by the scanner was that there was at least some degree of filtering done before it was sent. That indicates that the full set of data gathered was not sent back. Looking at the functionality of other similar cheat detection tools in use with other games, that is how Anet's tool would be expected to work. > > > > > > > > > > > > > > > > > > > > Anet would most likely want to avoid being accused of a using a cheat detection tool that was the equivalent of spyware. It would be very stupid of them to collect the full list of processes running on every player's PC, in any form. That information is not of much use to them, and having it would only harm their reputation. They really need to release a statement and clarify what exactly what data was collected by them, because there is already a considerable amount of bad press about this mess that could be alleviated if we knew for sure they didn't collect all of that data. > > > > > > > > > > > > > > > > > > Despite your propaganda, I would invite you to actually react to what I am saying. A vague. No indication is not really a reply. My stance is that the goal of a hacking tool that gives an unfair advantage is to gain an advantage on the server. (More loot, quicker movement, walking through walls, etc). As it would be only on the client side, it would never give an advantage. So the data envolved is allready sent to the server, but is gathered again in a different representation to track down cheaters. That has nothing to do with spyware. > > > > > > > > > > > > > > > > I really do not know what point you are trying to make here, in regard to how this recent ban wave was carried out. The type of detection you mentioned is not what was used in this case. And that's not propaganda, Anet told us that in their own statement. > > > > > > > > > > > > > > > > I'm sure we all realize that Anet does collect data server-side based on our activity in the game. Data to determine whether our characters are using macros, moving too fast, jumping higher than should be possible, or teleporting without using portal, etc. But that type of data collection/cheat detection has absolutely nothing to do with how Anet detected cheats for this ban wave. > > > > > > > > > > > > > > > > For the topic at hand, we are discussing a cheat detection tool that used a Windows OS function to read data about players' computers, producing MD5 hashes of every running process, compared that list of MD5s against a list of MD5s belonging to cheat programs, then reported back to Anet whether or not a match was found. The point of uncertainty is whether or not the full list of MD5s was sent back, or only those determined to match a known cheat's MD5. If it turns out that Anet was collecting the full list of signatures from every player, then it would be considered spyware. It does not seem that the full list was collected, but only Anet knows that for sure. > > > > > > > > > > > > > > > > I can't give a definitive answer on that point, because one does not exist that we are privy to. > > > > > > > > > > > > > > Again, you are spreading misinformation. The md5 check is done client side. The entire chest detection is done at the client (you said so yourself). Once the game recognizes certain third party apps running, it is gathering data allready sent to the sever to function in a regular way to track the ingame behavior of a cheater. Arenanet is not sending a list of processes running to the server. The check if there is a suspected app is done one the client, and if so it sends the regular game data together with the suspicious flag to the server. > > > > > > > > > > > > There is no misinformation on my part, but you have definitely misread Anet's statement on this matter. > > > > > > > > > > > > > @"Gaile Gray.6029" said: > > > > > > >Yesterday we suspended 1,583 accounts for a period of 6 months. 1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs over a significant number of hours during a multi-week period earlier this year. We targeted programs that allow players to cheat and gain unfair gameplay advantages, even if those programs have other, more benign uses. > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > People are banned for illegal behavior in game based on the actual regular data sent from client to server. The cheat detection tool checked on the client and marked the client as suspicous. It looked for specific game data based on this client side suspicion. > > > > > > > > > > > > It's clearly stated that the suspensions were based on the detection of these programs running along side GW2. They even said that they banned for programs that have "other, more benign uses", which shows that they were not relying on data collected by ingame activity/server communications. Their own words tell us that these bans were based on only the detection of a running process, not that data in combination with their usual detection methods of monitoring client/character/server activity. > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > There is no reason to claim it is sending all processes to arenanet. As stated by yourself. This check is done at the client. > > > > > > > > > > > > > > > > > > > > > > > > > You're right that there is no evidence right now giving us reason to assume that Anet collected data on all running processes. I've only claimed that we do not know that for sure, because Anet has so far failed to confirm it. There were previous accusations that were later updated by reddit users(though not with certainty), but games media outlets had already published stories claiming that the full list of processes was gathered. That is why Anet needs to make a statement clarifying that point. > > > > > > > > > > > > I don't think Anet has a list of every process running on my PC. But I know that accusation is already out there, and there will be people that think it's true. It even did seem like it was true at first. I'm not going to post saying that Anet did not gather that data, because right now it's just the most logical conclusion, not a confirmed fact. > > > > > > > > > > As stated, there is no evidence, so bring it or stop accusing them for using spyware. > > > > > They do not have to proof anything they didnt do. You have to proof they did. They have a very clear privacy statement. This is part of the agreement we have with them. I have absolutely no reason to believe they are not holding there part of the deal. There is no reasons for the to do so either. Making false allegations however.... > > > > > > > > There is evidence of what the detection tool did, with some additional information being found later on that indicates there was some degree of filtering going on within the tool that likely limited the data it sent back to Anet. I'm not making the accusation that this means Anet used spyware, I'm pointing out that the evidence we do have does not conclusively clear them of the accusations already made by others. > > > > > > > > This has nothing to do with what Anet's privacy agreement (or any other agreement) does or doesn't grant them permission to do. This is about Anet, for some inexplicable reason, allowing an accusation to stand unchallenged/unclarified when the evidence generally points to it being untrue. > > > > > > > > And even if a privacy agreement does grant broad, open-ended power to report back activity or data from a user's PC, that does not exclude the software from being labeled as spyware. Plenty of software universally labeled as spyware come with terms/agreements that grant them permission to the very things that get them labeled as spyware. That determination isn't based on what permission a document grants, it's based on how the software actually behaves. > > > > > > > > edit: A little example to illustrate the point. > > > > > > > > Let's say Shad Bad Guys Inc. release a web browser. This browser collects data on everything you do within it, as well as which other software you have installed and use on your computer. This data is then sold to third parties for advertising or other purposes. Their EULA/privacy agreement state that this happens, through some vague terms. > > > > > > > > Their web browser behaves as spyware, and is going to be generally labeled as such. Your anti-virus/MalwareBytes/etc are going to flag this software for what it is. > > > > > > > > Shady Bad Guys Inc. can't say - "This data collection is included in our agreements, so our browser is not spyware." > > > > Shady Bad Guys Inc. *can say* - "This data collection is included in our agreements, which you agreed to." > > > > > > > > You don't really have any legal recourse to take action against Shady Bad Guys for spying on you unless there was some illegal activity going on or their agreements are deemed invalid, but you are free to call their spyware spyware, because it acts as spyware. > > > > > > As said, the tool was run client side. So whatever data it collected was not automatically sent to Arenanet. You even agree there is filtering going on. Spyware is when it is not filtering and when it is sending the collected data to Arenanet. > > > > Except we don't know that with any more than an "I think" level of certainty... ("I think" being the words used by the person that discovered what looked like filtering in the code) > > What was filtered and what was sent are unknowns. The idea that everything not a positive match for known cheats was filtered out is just a logical assumption. It's probably true, but we just can't be sure about it. I would hold off on the spyware label myself without additional data on what was/wasn't filtered to tilt the scales the other way. > > > > > > > > The fact that you run app A or B isn't illegal. The fact that you use it to gain an unfair advantage is. All this tool did was tracking (on the clientside) if something fishy was going on and if so, sent the regular data with the 'this is fishy remark' to arenanet to investigate the players behaviour. > > > > > > > > > > That part is not true, according to Anet's statement. They were basing bans solely on the presence of a process, not whether that process was actually being used to cheat in GW2. > > > > What you describe is what they really should have been doing, and what they had been doing up until now. As far as we know, making determinations on banning has, for the last 6 years, been based on actually using cheats to gain an unfair advantage. A lot of the outrage right now is because of Anet's (by their own admission) lack of due diligence in determining whether players were actually cheating. > > I am stopping this discussion as it never has been a discussion. People give arguments. You say they are wrong, but never put counter arguments. Just wall ps of text why arenanet is bad without given any proper counter argument. You question arenanet’s motives. So let’s turn that around. Why do you invest so much time and nonsense I can discrediting arenanet. Perhaps you favor from arenanet in being discredited? > People that think it's about themselves don't see the problem that they present to Anet. Sure there are a handful of people that run the software that don't cheat with it ... that's still a risk to the game for Anet and these people just don't see outside their bubble. They think it's black or white and about cheating. They don't consider the risk they present is worth the ban as well. Link to comment Share on other sites More sharing options...
mercury ranique.2170 Posted April 20, 2018 Share Posted April 20, 2018 > @"Obtena.7952" said: > > @"mercury ranique.2170" said: > > > @"mrstealth.6701" said: > > > > @"mercury ranique.2170" said: > > > > > @"mrstealth.6701" said: > > > > > > @"mercury ranique.2170" said: > > > > > > > @"mrstealth.6701" said: > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > > > My account is safe, not banned. I'm more concerned with the privacy violation. I think this should have been better put together like Blizzards Warden in a way where it prohibits people from logging in or staying logged in if said programs are active, permanent again like Warden, and finally they should have had the decency to tell us what was happening so that we don't have all of these conspiracy theories going around. Personally I haven't logged in beyond making sure I wasn't swept up with the 1500. The lack of transparency has really killed my interest in playing or spending money until we get a statement regarding this program and what data was collected, how it was encrypted (if it was even), and what data they kept. I also think ANet should release a statement to major blogs such as Massively OP because out side of GW2s player base ANet has egg on it's face. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I want to avoid any sparring so if I see anything I feel might get my blood boiling it's probably smart of me to not engage. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > We all have great love for this franchise and I respect your viewpoints so let's keep our discourse civil over this hot button situation. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The warden does nothing to stop bad people. > > > > > > > > > > > > > > > > > As for privacy. We find it perfectly ok that Arenanet gathers data. This is needed for example to play the game. Store our progress, etc. All data involved has to be sent to Arenanet anyways. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > This data is only reviewed by a human in the following situations: > > > > > > > > > > > > > > > > > 1: when you report a bug > > > > > > > > > > > > > > > > > 2: when you are reported > > > > > > > > > > > > > > > > > 3: when you are flagged as suspicious by automatic systems. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Even then, the GM is not allowed to sniff through all your file. Only what is relative close to the timestamp of the incident. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thank you for the clarification, this is the sort of thing that should be elaborated by ANet; this would clear up a lot of half truths and out right Mis information. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The data required to play the game (your characters, progression, etc) and what Anet was scanning to look for cheats (every running process, whether it relates to the game or not) are two entirely different things. There isn't really any reason for them to be checking every other process outside of looking for cheats. The only other instance where they have any business looking outside of their own game's data is for crash reports, and I think reports like that are typically limited to hardware info like CPU/GPU and driver versions. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > That said, data actually being sent back to Anet in this cheat detection system appears to be restricted to detections of the specific programs they were hunting. If you had none of those running, there shouldn't have been any extra data being sent to Anet. It's definitely concerning when any software starts sifting through data on our computers unannounced, especially when the developer refuses to say what data was or wasn't sent back to them, and what, if anything, was kept for later use. But at least in this case it *appears* that for the majority of us, it was nothing. > > > > > > > > > > > > > > > > > > > > > > > > > > > > Not really. The scan was done on the client, but the data scanned was also sent to the server, just in a different fase of processing. > > > > > > > > > > > > > > Let’s look at the flow. > > > > > > > > > > > > > > > > > > > > > > > > > > > > You press the forward key, this is translated by the client in the way your character moves the screen. The new position coordinates are also sent to arenanet. So the actual input output flow ends at the central server > > > > > > > > > > > > > > > > > > > > > > > > > > Going by the reverse engineering work done by a couple reddit users, the client should have only been sending back data if something on the list of cheat programs they were targeting was detected. We may never know with 100% certainty how much or how little data was sent back to Anet, but it seems to be little to none for most of us. If the entirety of that data was being sent back to Anet's servers, then they are definitely guilty of a completely unjustified and unnecessary breach of privacy. Though, the type of information gathered was not very personal in nature, and should not have contained any private/confidential data like content of files loaded by a running process. > > > > > > > > > > > > > > > > > > > > > > > > > > And it really has nothing to do with data like location coordinates for character movement. Those are data points that have to be sent to the game servers for the game to function. If the client wasn't sending information to the server about your location, movement, and skill use you wouldn't be able to play the game. Data gathered by scanning other processes running on the computer has nothing to do with the game's functionality, and falls completely under the category of spying/surveillance. > > > > > > > > > > > > > > > > > > > > > > > > Please read my post. The data itself have been sent for technical purposes. Just cause the detection might have been done on the client, and after selection, the data was sent again in a different form, doesnt change that. Everything you do is sent to the server anyways and is logged. It is just another presentation with a different goal. > > > > > > > > > > > > > > > > > > > > > > As far as I'm aware, there is no actual evidence or indication of that. The only evidence I've seen related to the specifics of data being sent back to Anet by the scanner was that there was at least some degree of filtering done before it was sent. That indicates that the full set of data gathered was not sent back. Looking at the functionality of other similar cheat detection tools in use with other games, that is how Anet's tool would be expected to work. > > > > > > > > > > > > > > > > > > > > > > Anet would most likely want to avoid being accused of a using a cheat detection tool that was the equivalent of spyware. It would be very stupid of them to collect the full list of processes running on every player's PC, in any form. That information is not of much use to them, and having it would only harm their reputation. They really need to release a statement and clarify what exactly what data was collected by them, because there is already a considerable amount of bad press about this mess that could be alleviated if we knew for sure they didn't collect all of that data. > > > > > > > > > > > > > > > > > > > > Despite your propaganda, I would invite you to actually react to what I am saying. A vague. No indication is not really a reply. My stance is that the goal of a hacking tool that gives an unfair advantage is to gain an advantage on the server. (More loot, quicker movement, walking through walls, etc). As it would be only on the client side, it would never give an advantage. So the data envolved is allready sent to the server, but is gathered again in a different representation to track down cheaters. That has nothing to do with spyware. > > > > > > > > > > > > > > > > > > I really do not know what point you are trying to make here, in regard to how this recent ban wave was carried out. The type of detection you mentioned is not what was used in this case. And that's not propaganda, Anet told us that in their own statement. > > > > > > > > > > > > > > > > > > I'm sure we all realize that Anet does collect data server-side based on our activity in the game. Data to determine whether our characters are using macros, moving too fast, jumping higher than should be possible, or teleporting without using portal, etc. But that type of data collection/cheat detection has absolutely nothing to do with how Anet detected cheats for this ban wave. > > > > > > > > > > > > > > > > > > For the topic at hand, we are discussing a cheat detection tool that used a Windows OS function to read data about players' computers, producing MD5 hashes of every running process, compared that list of MD5s against a list of MD5s belonging to cheat programs, then reported back to Anet whether or not a match was found. The point of uncertainty is whether or not the full list of MD5s was sent back, or only those determined to match a known cheat's MD5. If it turns out that Anet was collecting the full list of signatures from every player, then it would be considered spyware. It does not seem that the full list was collected, but only Anet knows that for sure. > > > > > > > > > > > > > > > > > > I can't give a definitive answer on that point, because one does not exist that we are privy to. > > > > > > > > > > > > > > > > Again, you are spreading misinformation. The md5 check is done client side. The entire chest detection is done at the client (you said so yourself). Once the game recognizes certain third party apps running, it is gathering data allready sent to the sever to function in a regular way to track the ingame behavior of a cheater. Arenanet is not sending a list of processes running to the server. The check if there is a suspected app is done one the client, and if so it sends the regular game data together with the suspicious flag to the server. > > > > > > > > > > > > > > There is no misinformation on my part, but you have definitely misread Anet's statement on this matter. > > > > > > > > > > > > > > > @"Gaile Gray.6029" said: > > > > > > > >Yesterday we suspended 1,583 accounts for a period of 6 months. 1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs over a significant number of hours during a multi-week period earlier this year. We targeted programs that allow players to cheat and gain unfair gameplay advantages, even if those programs have other, more benign uses. > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > People are banned for illegal behavior in game based on the actual regular data sent from client to server. The cheat detection tool checked on the client and marked the client as suspicous. It looked for specific game data based on this client side suspicion. > > > > > > > > > > > > > > It's clearly stated that the suspensions were based on the detection of these programs running along side GW2. They even said that they banned for programs that have "other, more benign uses", which shows that they were not relying on data collected by ingame activity/server communications. Their own words tell us that these bans were based on only the detection of a running process, not that data in combination with their usual detection methods of monitoring client/character/server activity. > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > There is no reason to claim it is sending all processes to arenanet. As stated by yourself. This check is done at the client. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > You're right that there is no evidence right now giving us reason to assume that Anet collected data on all running processes. I've only claimed that we do not know that for sure, because Anet has so far failed to confirm it. There were previous accusations that were later updated by reddit users(though not with certainty), but games media outlets had already published stories claiming that the full list of processes was gathered. That is why Anet needs to make a statement clarifying that point. > > > > > > > > > > > > > > I don't think Anet has a list of every process running on my PC. But I know that accusation is already out there, and there will be people that think it's true. It even did seem like it was true at first. I'm not going to post saying that Anet did not gather that data, because right now it's just the most logical conclusion, not a confirmed fact. > > > > > > > > > > > > As stated, there is no evidence, so bring it or stop accusing them for using spyware. > > > > > > They do not have to proof anything they didnt do. You have to proof they did. They have a very clear privacy statement. This is part of the agreement we have with them. I have absolutely no reason to believe they are not holding there part of the deal. There is no reasons for the to do so either. Making false allegations however.... > > > > > > > > > > There is evidence of what the detection tool did, with some additional information being found later on that indicates there was some degree of filtering going on within the tool that likely limited the data it sent back to Anet. I'm not making the accusation that this means Anet used spyware, I'm pointing out that the evidence we do have does not conclusively clear them of the accusations already made by others. > > > > > > > > > > This has nothing to do with what Anet's privacy agreement (or any other agreement) does or doesn't grant them permission to do. This is about Anet, for some inexplicable reason, allowing an accusation to stand unchallenged/unclarified when the evidence generally points to it being untrue. > > > > > > > > > > And even if a privacy agreement does grant broad, open-ended power to report back activity or data from a user's PC, that does not exclude the software from being labeled as spyware. Plenty of software universally labeled as spyware come with terms/agreements that grant them permission to the very things that get them labeled as spyware. That determination isn't based on what permission a document grants, it's based on how the software actually behaves. > > > > > > > > > > edit: A little example to illustrate the point. > > > > > > > > > > Let's say Shad Bad Guys Inc. release a web browser. This browser collects data on everything you do within it, as well as which other software you have installed and use on your computer. This data is then sold to third parties for advertising or other purposes. Their EULA/privacy agreement state that this happens, through some vague terms. > > > > > > > > > > Their web browser behaves as spyware, and is going to be generally labeled as such. Your anti-virus/MalwareBytes/etc are going to flag this software for what it is. > > > > > > > > > > Shady Bad Guys Inc. can't say - "This data collection is included in our agreements, so our browser is not spyware." > > > > > Shady Bad Guys Inc. *can say* - "This data collection is included in our agreements, which you agreed to." > > > > > > > > > > You don't really have any legal recourse to take action against Shady Bad Guys for spying on you unless there was some illegal activity going on or their agreements are deemed invalid, but you are free to call their spyware spyware, because it acts as spyware. > > > > > > > > As said, the tool was run client side. So whatever data it collected was not automatically sent to Arenanet. You even agree there is filtering going on. Spyware is when it is not filtering and when it is sending the collected data to Arenanet. > > > > > > Except we don't know that with any more than an "I think" level of certainty... ("I think" being the words used by the person that discovered what looked like filtering in the code) > > > What was filtered and what was sent are unknowns. The idea that everything not a positive match for known cheats was filtered out is just a logical assumption. It's probably true, but we just can't be sure about it. I would hold off on the spyware label myself without additional data on what was/wasn't filtered to tilt the scales the other way. > > > > > > > > > > > The fact that you run app A or B isn't illegal. The fact that you use it to gain an unfair advantage is. All this tool did was tracking (on the clientside) if something fishy was going on and if so, sent the regular data with the 'this is fishy remark' to arenanet to investigate the players behaviour. > > > > > > > > > > > > > > That part is not true, according to Anet's statement. They were basing bans solely on the presence of a process, not whether that process was actually being used to cheat in GW2. > > > > > > What you describe is what they really should have been doing, and what they had been doing up until now. As far as we know, making determinations on banning has, for the last 6 years, been based on actually using cheats to gain an unfair advantage. A lot of the outrage right now is because of Anet's (by their own admission) lack of due diligence in determining whether players were actually cheating. > > > > I am stopping this discussion as it never has been a discussion. People give arguments. You say they are wrong, but never put counter arguments. Just wall ps of text why arenanet is bad without given any proper counter argument. You question arenanet’s motives. So let’s turn that around. Why do you invest so much time and nonsense I can discrediting arenanet. Perhaps you favor from arenanet in being discredited? > > > > People that think it's about themselves don't see the problem that they present to Anet. Sure there are a handful of people that run the software that don't cheat with it ... that's still a risk to the game for Anet and these people just don't see outside their bubble. They think it's black or white and about cheating. They don't consider the risk they present is worth the ban as well. True. But some of these apps also hack single player games, where it isn’t an issue to use a cheat. I personally always play Skyrim with tgm. So I do think that’s running the application is not enough and it shouldn’t be. The things I’ve seen from this detection tool is that it runs on the client and uses the presence of a specific app to mark the account as suspicious. (Hence why it isn’t spyware). The real evidence is when the player gains an unfair advantage (use the actual app within gw2). I know some people try to divert opinion in a different position, but both the evidence in the reddit app, the arenanet response and the privacy statement points to this being the case. Link to comment Share on other sites More sharing options...
mrstealth.6701 Posted April 20, 2018 Share Posted April 20, 2018 > @"Obtena.7952" said: > > @"mercury ranique.2170" said: > > > @"mrstealth.6701" said: > > > > @"mercury ranique.2170" said: > > > > > @"mrstealth.6701" said: > > > > > > @"mercury ranique.2170" said: > > > > > > > @"mrstealth.6701" said: > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > > > My account is safe, not banned. I'm more concerned with the privacy violation. I think this should have been better put together like Blizzards Warden in a way where it prohibits people from logging in or staying logged in if said programs are active, permanent again like Warden, and finally they should have had the decency to tell us what was happening so that we don't have all of these conspiracy theories going around. Personally I haven't logged in beyond making sure I wasn't swept up with the 1500. The lack of transparency has really killed my interest in playing or spending money until we get a statement regarding this program and what data was collected, how it was encrypted (if it was even), and what data they kept. I also think ANet should release a statement to major blogs such as Massively OP because out side of GW2s player base ANet has egg on it's face. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I want to avoid any sparring so if I see anything I feel might get my blood boiling it's probably smart of me to not engage. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > We all have great love for this franchise and I respect your viewpoints so let's keep our discourse civil over this hot button situation. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The warden does nothing to stop bad people. > > > > > > > > > > > > > > > > > As for privacy. We find it perfectly ok that Arenanet gathers data. This is needed for example to play the game. Store our progress, etc. All data involved has to be sent to Arenanet anyways. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > This data is only reviewed by a human in the following situations: > > > > > > > > > > > > > > > > > 1: when you report a bug > > > > > > > > > > > > > > > > > 2: when you are reported > > > > > > > > > > > > > > > > > 3: when you are flagged as suspicious by automatic systems. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Even then, the GM is not allowed to sniff through all your file. Only what is relative close to the timestamp of the incident. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thank you for the clarification, this is the sort of thing that should be elaborated by ANet; this would clear up a lot of half truths and out right Mis information. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The data required to play the game (your characters, progression, etc) and what Anet was scanning to look for cheats (every running process, whether it relates to the game or not) are two entirely different things. There isn't really any reason for them to be checking every other process outside of looking for cheats. The only other instance where they have any business looking outside of their own game's data is for crash reports, and I think reports like that are typically limited to hardware info like CPU/GPU and driver versions. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > That said, data actually being sent back to Anet in this cheat detection system appears to be restricted to detections of the specific programs they were hunting. If you had none of those running, there shouldn't have been any extra data being sent to Anet. It's definitely concerning when any software starts sifting through data on our computers unannounced, especially when the developer refuses to say what data was or wasn't sent back to them, and what, if anything, was kept for later use. But at least in this case it *appears* that for the majority of us, it was nothing. > > > > > > > > > > > > > > > > > > > > > > > > > > > > Not really. The scan was done on the client, but the data scanned was also sent to the server, just in a different fase of processing. > > > > > > > > > > > > > > Let’s look at the flow. > > > > > > > > > > > > > > > > > > > > > > > > > > > > You press the forward key, this is translated by the client in the way your character moves the screen. The new position coordinates are also sent to arenanet. So the actual input output flow ends at the central server > > > > > > > > > > > > > > > > > > > > > > > > > > Going by the reverse engineering work done by a couple reddit users, the client should have only been sending back data if something on the list of cheat programs they were targeting was detected. We may never know with 100% certainty how much or how little data was sent back to Anet, but it seems to be little to none for most of us. If the entirety of that data was being sent back to Anet's servers, then they are definitely guilty of a completely unjustified and unnecessary breach of privacy. Though, the type of information gathered was not very personal in nature, and should not have contained any private/confidential data like content of files loaded by a running process. > > > > > > > > > > > > > > > > > > > > > > > > > > And it really has nothing to do with data like location coordinates for character movement. Those are data points that have to be sent to the game servers for the game to function. If the client wasn't sending information to the server about your location, movement, and skill use you wouldn't be able to play the game. Data gathered by scanning other processes running on the computer has nothing to do with the game's functionality, and falls completely under the category of spying/surveillance. > > > > > > > > > > > > > > > > > > > > > > > > Please read my post. The data itself have been sent for technical purposes. Just cause the detection might have been done on the client, and after selection, the data was sent again in a different form, doesnt change that. Everything you do is sent to the server anyways and is logged. It is just another presentation with a different goal. > > > > > > > > > > > > > > > > > > > > > > As far as I'm aware, there is no actual evidence or indication of that. The only evidence I've seen related to the specifics of data being sent back to Anet by the scanner was that there was at least some degree of filtering done before it was sent. That indicates that the full set of data gathered was not sent back. Looking at the functionality of other similar cheat detection tools in use with other games, that is how Anet's tool would be expected to work. > > > > > > > > > > > > > > > > > > > > > > Anet would most likely want to avoid being accused of a using a cheat detection tool that was the equivalent of spyware. It would be very stupid of them to collect the full list of processes running on every player's PC, in any form. That information is not of much use to them, and having it would only harm their reputation. They really need to release a statement and clarify what exactly what data was collected by them, because there is already a considerable amount of bad press about this mess that could be alleviated if we knew for sure they didn't collect all of that data. > > > > > > > > > > > > > > > > > > > > Despite your propaganda, I would invite you to actually react to what I am saying. A vague. No indication is not really a reply. My stance is that the goal of a hacking tool that gives an unfair advantage is to gain an advantage on the server. (More loot, quicker movement, walking through walls, etc). As it would be only on the client side, it would never give an advantage. So the data envolved is allready sent to the server, but is gathered again in a different representation to track down cheaters. That has nothing to do with spyware. > > > > > > > > > > > > > > > > > > I really do not know what point you are trying to make here, in regard to how this recent ban wave was carried out. The type of detection you mentioned is not what was used in this case. And that's not propaganda, Anet told us that in their own statement. > > > > > > > > > > > > > > > > > > I'm sure we all realize that Anet does collect data server-side based on our activity in the game. Data to determine whether our characters are using macros, moving too fast, jumping higher than should be possible, or teleporting without using portal, etc. But that type of data collection/cheat detection has absolutely nothing to do with how Anet detected cheats for this ban wave. > > > > > > > > > > > > > > > > > > For the topic at hand, we are discussing a cheat detection tool that used a Windows OS function to read data about players' computers, producing MD5 hashes of every running process, compared that list of MD5s against a list of MD5s belonging to cheat programs, then reported back to Anet whether or not a match was found. The point of uncertainty is whether or not the full list of MD5s was sent back, or only those determined to match a known cheat's MD5. If it turns out that Anet was collecting the full list of signatures from every player, then it would be considered spyware. It does not seem that the full list was collected, but only Anet knows that for sure. > > > > > > > > > > > > > > > > > > I can't give a definitive answer on that point, because one does not exist that we are privy to. > > > > > > > > > > > > > > > > Again, you are spreading misinformation. The md5 check is done client side. The entire chest detection is done at the client (you said so yourself). Once the game recognizes certain third party apps running, it is gathering data allready sent to the sever to function in a regular way to track the ingame behavior of a cheater. Arenanet is not sending a list of processes running to the server. The check if there is a suspected app is done one the client, and if so it sends the regular game data together with the suspicious flag to the server. > > > > > > > > > > > > > > There is no misinformation on my part, but you have definitely misread Anet's statement on this matter. > > > > > > > > > > > > > > > @"Gaile Gray.6029" said: > > > > > > > >Yesterday we suspended 1,583 accounts for a period of 6 months. 1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs over a significant number of hours during a multi-week period earlier this year. We targeted programs that allow players to cheat and gain unfair gameplay advantages, even if those programs have other, more benign uses. > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > People are banned for illegal behavior in game based on the actual regular data sent from client to server. The cheat detection tool checked on the client and marked the client as suspicous. It looked for specific game data based on this client side suspicion. > > > > > > > > > > > > > > It's clearly stated that the suspensions were based on the detection of these programs running along side GW2. They even said that they banned for programs that have "other, more benign uses", which shows that they were not relying on data collected by ingame activity/server communications. Their own words tell us that these bans were based on only the detection of a running process, not that data in combination with their usual detection methods of monitoring client/character/server activity. > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > There is no reason to claim it is sending all processes to arenanet. As stated by yourself. This check is done at the client. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > You're right that there is no evidence right now giving us reason to assume that Anet collected data on all running processes. I've only claimed that we do not know that for sure, because Anet has so far failed to confirm it. There were previous accusations that were later updated by reddit users(though not with certainty), but games media outlets had already published stories claiming that the full list of processes was gathered. That is why Anet needs to make a statement clarifying that point. > > > > > > > > > > > > > > I don't think Anet has a list of every process running on my PC. But I know that accusation is already out there, and there will be people that think it's true. It even did seem like it was true at first. I'm not going to post saying that Anet did not gather that data, because right now it's just the most logical conclusion, not a confirmed fact. > > > > > > > > > > > > As stated, there is no evidence, so bring it or stop accusing them for using spyware. > > > > > > They do not have to proof anything they didnt do. You have to proof they did. They have a very clear privacy statement. This is part of the agreement we have with them. I have absolutely no reason to believe they are not holding there part of the deal. There is no reasons for the to do so either. Making false allegations however.... > > > > > > > > > > There is evidence of what the detection tool did, with some additional information being found later on that indicates there was some degree of filtering going on within the tool that likely limited the data it sent back to Anet. I'm not making the accusation that this means Anet used spyware, I'm pointing out that the evidence we do have does not conclusively clear them of the accusations already made by others. > > > > > > > > > > This has nothing to do with what Anet's privacy agreement (or any other agreement) does or doesn't grant them permission to do. This is about Anet, for some inexplicable reason, allowing an accusation to stand unchallenged/unclarified when the evidence generally points to it being untrue. > > > > > > > > > > And even if a privacy agreement does grant broad, open-ended power to report back activity or data from a user's PC, that does not exclude the software from being labeled as spyware. Plenty of software universally labeled as spyware come with terms/agreements that grant them permission to the very things that get them labeled as spyware. That determination isn't based on what permission a document grants, it's based on how the software actually behaves. > > > > > > > > > > edit: A little example to illustrate the point. > > > > > > > > > > Let's say Shad Bad Guys Inc. release a web browser. This browser collects data on everything you do within it, as well as which other software you have installed and use on your computer. This data is then sold to third parties for advertising or other purposes. Their EULA/privacy agreement state that this happens, through some vague terms. > > > > > > > > > > Their web browser behaves as spyware, and is going to be generally labeled as such. Your anti-virus/MalwareBytes/etc are going to flag this software for what it is. > > > > > > > > > > Shady Bad Guys Inc. can't say - "This data collection is included in our agreements, so our browser is not spyware." > > > > > Shady Bad Guys Inc. *can say* - "This data collection is included in our agreements, which you agreed to." > > > > > > > > > > You don't really have any legal recourse to take action against Shady Bad Guys for spying on you unless there was some illegal activity going on or their agreements are deemed invalid, but you are free to call their spyware spyware, because it acts as spyware. > > > > > > > > As said, the tool was run client side. So whatever data it collected was not automatically sent to Arenanet. You even agree there is filtering going on. Spyware is when it is not filtering and when it is sending the collected data to Arenanet. > > > > > > Except we don't know that with any more than an "I think" level of certainty... ("I think" being the words used by the person that discovered what looked like filtering in the code) > > > What was filtered and what was sent are unknowns. The idea that everything not a positive match for known cheats was filtered out is just a logical assumption. It's probably true, but we just can't be sure about it. I would hold off on the spyware label myself without additional data on what was/wasn't filtered to tilt the scales the other way. > > > > > > > > > > > The fact that you run app A or B isn't illegal. The fact that you use it to gain an unfair advantage is. All this tool did was tracking (on the clientside) if something fishy was going on and if so, sent the regular data with the 'this is fishy remark' to arenanet to investigate the players behaviour. > > > > > > > > > > > > > > That part is not true, according to Anet's statement. They were basing bans solely on the presence of a process, not whether that process was actually being used to cheat in GW2. > > > > > > What you describe is what they really should have been doing, and what they had been doing up until now. As far as we know, making determinations on banning has, for the last 6 years, been based on actually using cheats to gain an unfair advantage. A lot of the outrage right now is because of Anet's (by their own admission) lack of due diligence in determining whether players were actually cheating. > > > > I am stopping this discussion as it never has been a discussion. People give arguments. You say they are wrong, but never put counter arguments. Just wall ps of text why arenanet is bad without given any proper counter argument. You question arenanet’s motives. So let’s turn that around. Why do you invest so much time and nonsense I can discrediting arenanet. Perhaps you favor from arenanet in being discredited? > > > > People that think it's about themselves don't see the problem that they present to Anet. Sure there are a handful of people that run the software that don't cheat with it ... that's still a risk to the game for Anet and these people just don't see outside their bubble. They think it's black or white and about cheating. They don't consider the risk they present is worth the ban as well. What is the risk I present to the game if I were to install CheatEngine, open it, and start playing GW2? It's just sitting there, doing nothing. Not interacting or interfering with the game in any way. I do agree that having CheatEngine running is a good justification to investigate my account further. That can determine whether or not I'm actually cheating in the game. It is a very black or white issue. Either I am cheating, or I am not. If I am cheating, I should be banned. If I'm not cheating, I should not be banned. I feel that it is perfectly reasonable expect Anet to exercise due diligence in making that determination. Link to comment Share on other sites More sharing options...
Obtena.7952 Posted April 20, 2018 Share Posted April 20, 2018 > @"mrstealth.6701" said: > > @"Obtena.7952" said: > > > @"mercury ranique.2170" said: > > > > @"mrstealth.6701" said: > > > > > @"mercury ranique.2170" said: > > > > > > @"mrstealth.6701" said: > > > > > > > @"mercury ranique.2170" said: > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > > > > My account is safe, not banned. I'm more concerned with the privacy violation. I think this should have been better put together like Blizzards Warden in a way where it prohibits people from logging in or staying logged in if said programs are active, permanent again like Warden, and finally they should have had the decency to tell us what was happening so that we don't have all of these conspiracy theories going around. Personally I haven't logged in beyond making sure I wasn't swept up with the 1500. The lack of transparency has really killed my interest in playing or spending money until we get a statement regarding this program and what data was collected, how it was encrypted (if it was even), and what data they kept. I also think ANet should release a statement to major blogs such as Massively OP because out side of GW2s player base ANet has egg on it's face. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I want to avoid any sparring so if I see anything I feel might get my blood boiling it's probably smart of me to not engage. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > We all have great love for this franchise and I respect your viewpoints so let's keep our discourse civil over this hot button situation. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The warden does nothing to stop bad people. > > > > > > > > > > > > > > > > > > As for privacy. We find it perfectly ok that Arenanet gathers data. This is needed for example to play the game. Store our progress, etc. All data involved has to be sent to Arenanet anyways. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > This data is only reviewed by a human in the following situations: > > > > > > > > > > > > > > > > > > 1: when you report a bug > > > > > > > > > > > > > > > > > > 2: when you are reported > > > > > > > > > > > > > > > > > > 3: when you are flagged as suspicious by automatic systems. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Even then, the GM is not allowed to sniff through all your file. Only what is relative close to the timestamp of the incident. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thank you for the clarification, this is the sort of thing that should be elaborated by ANet; this would clear up a lot of half truths and out right Mis information. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The data required to play the game (your characters, progression, etc) and what Anet was scanning to look for cheats (every running process, whether it relates to the game or not) are two entirely different things. There isn't really any reason for them to be checking every other process outside of looking for cheats. The only other instance where they have any business looking outside of their own game's data is for crash reports, and I think reports like that are typically limited to hardware info like CPU/GPU and driver versions. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > That said, data actually being sent back to Anet in this cheat detection system appears to be restricted to detections of the specific programs they were hunting. If you had none of those running, there shouldn't have been any extra data being sent to Anet. It's definitely concerning when any software starts sifting through data on our computers unannounced, especially when the developer refuses to say what data was or wasn't sent back to them, and what, if anything, was kept for later use. But at least in this case it *appears* that for the majority of us, it was nothing. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Not really. The scan was done on the client, but the data scanned was also sent to the server, just in a different fase of processing. > > > > > > > > > > > > > > > Let’s look at the flow. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > You press the forward key, this is translated by the client in the way your character moves the screen. The new position coordinates are also sent to arenanet. So the actual input output flow ends at the central server > > > > > > > > > > > > > > > > > > > > > > > > > > > > Going by the reverse engineering work done by a couple reddit users, the client should have only been sending back data if something on the list of cheat programs they were targeting was detected. We may never know with 100% certainty how much or how little data was sent back to Anet, but it seems to be little to none for most of us. If the entirety of that data was being sent back to Anet's servers, then they are definitely guilty of a completely unjustified and unnecessary breach of privacy. Though, the type of information gathered was not very personal in nature, and should not have contained any private/confidential data like content of files loaded by a running process. > > > > > > > > > > > > > > > > > > > > > > > > > > > > And it really has nothing to do with data like location coordinates for character movement. Those are data points that have to be sent to the game servers for the game to function. If the client wasn't sending information to the server about your location, movement, and skill use you wouldn't be able to play the game. Data gathered by scanning other processes running on the computer has nothing to do with the game's functionality, and falls completely under the category of spying/surveillance. > > > > > > > > > > > > > > > > > > > > > > > > > > Please read my post. The data itself have been sent for technical purposes. Just cause the detection might have been done on the client, and after selection, the data was sent again in a different form, doesnt change that. Everything you do is sent to the server anyways and is logged. It is just another presentation with a different goal. > > > > > > > > > > > > > > > > > > > > > > > > As far as I'm aware, there is no actual evidence or indication of that. The only evidence I've seen related to the specifics of data being sent back to Anet by the scanner was that there was at least some degree of filtering done before it was sent. That indicates that the full set of data gathered was not sent back. Looking at the functionality of other similar cheat detection tools in use with other games, that is how Anet's tool would be expected to work. > > > > > > > > > > > > > > > > > > > > > > > > Anet would most likely want to avoid being accused of a using a cheat detection tool that was the equivalent of spyware. It would be very stupid of them to collect the full list of processes running on every player's PC, in any form. That information is not of much use to them, and having it would only harm their reputation. They really need to release a statement and clarify what exactly what data was collected by them, because there is already a considerable amount of bad press about this mess that could be alleviated if we knew for sure they didn't collect all of that data. > > > > > > > > > > > > > > > > > > > > > > Despite your propaganda, I would invite you to actually react to what I am saying. A vague. No indication is not really a reply. My stance is that the goal of a hacking tool that gives an unfair advantage is to gain an advantage on the server. (More loot, quicker movement, walking through walls, etc). As it would be only on the client side, it would never give an advantage. So the data envolved is allready sent to the server, but is gathered again in a different representation to track down cheaters. That has nothing to do with spyware. > > > > > > > > > > > > > > > > > > > > I really do not know what point you are trying to make here, in regard to how this recent ban wave was carried out. The type of detection you mentioned is not what was used in this case. And that's not propaganda, Anet told us that in their own statement. > > > > > > > > > > > > > > > > > > > > I'm sure we all realize that Anet does collect data server-side based on our activity in the game. Data to determine whether our characters are using macros, moving too fast, jumping higher than should be possible, or teleporting without using portal, etc. But that type of data collection/cheat detection has absolutely nothing to do with how Anet detected cheats for this ban wave. > > > > > > > > > > > > > > > > > > > > For the topic at hand, we are discussing a cheat detection tool that used a Windows OS function to read data about players' computers, producing MD5 hashes of every running process, compared that list of MD5s against a list of MD5s belonging to cheat programs, then reported back to Anet whether or not a match was found. The point of uncertainty is whether or not the full list of MD5s was sent back, or only those determined to match a known cheat's MD5. If it turns out that Anet was collecting the full list of signatures from every player, then it would be considered spyware. It does not seem that the full list was collected, but only Anet knows that for sure. > > > > > > > > > > > > > > > > > > > > I can't give a definitive answer on that point, because one does not exist that we are privy to. > > > > > > > > > > > > > > > > > > Again, you are spreading misinformation. The md5 check is done client side. The entire chest detection is done at the client (you said so yourself). Once the game recognizes certain third party apps running, it is gathering data allready sent to the sever to function in a regular way to track the ingame behavior of a cheater. Arenanet is not sending a list of processes running to the server. The check if there is a suspected app is done one the client, and if so it sends the regular game data together with the suspicious flag to the server. > > > > > > > > > > > > > > > > There is no misinformation on my part, but you have definitely misread Anet's statement on this matter. > > > > > > > > > > > > > > > > > @"Gaile Gray.6029" said: > > > > > > > > >Yesterday we suspended 1,583 accounts for a period of 6 months. 1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs over a significant number of hours during a multi-week period earlier this year. We targeted programs that allow players to cheat and gain unfair gameplay advantages, even if those programs have other, more benign uses. > > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > People are banned for illegal behavior in game based on the actual regular data sent from client to server. The cheat detection tool checked on the client and marked the client as suspicous. It looked for specific game data based on this client side suspicion. > > > > > > > > > > > > > > > > It's clearly stated that the suspensions were based on the detection of these programs running along side GW2. They even said that they banned for programs that have "other, more benign uses", which shows that they were not relying on data collected by ingame activity/server communications. Their own words tell us that these bans were based on only the detection of a running process, not that data in combination with their usual detection methods of monitoring client/character/server activity. > > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > > > There is no reason to claim it is sending all processes to arenanet. As stated by yourself. This check is done at the client. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > You're right that there is no evidence right now giving us reason to assume that Anet collected data on all running processes. I've only claimed that we do not know that for sure, because Anet has so far failed to confirm it. There were previous accusations that were later updated by reddit users(though not with certainty), but games media outlets had already published stories claiming that the full list of processes was gathered. That is why Anet needs to make a statement clarifying that point. > > > > > > > > > > > > > > > > I don't think Anet has a list of every process running on my PC. But I know that accusation is already out there, and there will be people that think it's true. It even did seem like it was true at first. I'm not going to post saying that Anet did not gather that data, because right now it's just the most logical conclusion, not a confirmed fact. > > > > > > > > > > > > > > As stated, there is no evidence, so bring it or stop accusing them for using spyware. > > > > > > > They do not have to proof anything they didnt do. You have to proof they did. They have a very clear privacy statement. This is part of the agreement we have with them. I have absolutely no reason to believe they are not holding there part of the deal. There is no reasons for the to do so either. Making false allegations however.... > > > > > > > > > > > > There is evidence of what the detection tool did, with some additional information being found later on that indicates there was some degree of filtering going on within the tool that likely limited the data it sent back to Anet. I'm not making the accusation that this means Anet used spyware, I'm pointing out that the evidence we do have does not conclusively clear them of the accusations already made by others. > > > > > > > > > > > > This has nothing to do with what Anet's privacy agreement (or any other agreement) does or doesn't grant them permission to do. This is about Anet, for some inexplicable reason, allowing an accusation to stand unchallenged/unclarified when the evidence generally points to it being untrue. > > > > > > > > > > > > And even if a privacy agreement does grant broad, open-ended power to report back activity or data from a user's PC, that does not exclude the software from being labeled as spyware. Plenty of software universally labeled as spyware come with terms/agreements that grant them permission to the very things that get them labeled as spyware. That determination isn't based on what permission a document grants, it's based on how the software actually behaves. > > > > > > > > > > > > edit: A little example to illustrate the point. > > > > > > > > > > > > Let's say Shad Bad Guys Inc. release a web browser. This browser collects data on everything you do within it, as well as which other software you have installed and use on your computer. This data is then sold to third parties for advertising or other purposes. Their EULA/privacy agreement state that this happens, through some vague terms. > > > > > > > > > > > > Their web browser behaves as spyware, and is going to be generally labeled as such. Your anti-virus/MalwareBytes/etc are going to flag this software for what it is. > > > > > > > > > > > > Shady Bad Guys Inc. can't say - "This data collection is included in our agreements, so our browser is not spyware." > > > > > > Shady Bad Guys Inc. *can say* - "This data collection is included in our agreements, which you agreed to." > > > > > > > > > > > > You don't really have any legal recourse to take action against Shady Bad Guys for spying on you unless there was some illegal activity going on or their agreements are deemed invalid, but you are free to call their spyware spyware, because it acts as spyware. > > > > > > > > > > As said, the tool was run client side. So whatever data it collected was not automatically sent to Arenanet. You even agree there is filtering going on. Spyware is when it is not filtering and when it is sending the collected data to Arenanet. > > > > > > > > Except we don't know that with any more than an "I think" level of certainty... ("I think" being the words used by the person that discovered what looked like filtering in the code) > > > > What was filtered and what was sent are unknowns. The idea that everything not a positive match for known cheats was filtered out is just a logical assumption. It's probably true, but we just can't be sure about it. I would hold off on the spyware label myself without additional data on what was/wasn't filtered to tilt the scales the other way. > > > > > > > > > > > > > > The fact that you run app A or B isn't illegal. The fact that you use it to gain an unfair advantage is. All this tool did was tracking (on the clientside) if something fishy was going on and if so, sent the regular data with the 'this is fishy remark' to arenanet to investigate the players behaviour. > > > > > > > > > > > > > > > > > > That part is not true, according to Anet's statement. They were basing bans solely on the presence of a process, not whether that process was actually being used to cheat in GW2. > > > > > > > > What you describe is what they really should have been doing, and what they had been doing up until now. As far as we know, making determinations on banning has, for the last 6 years, been based on actually using cheats to gain an unfair advantage. A lot of the outrage right now is because of Anet's (by their own admission) lack of due diligence in determining whether players were actually cheating. > > > > > > I am stopping this discussion as it never has been a discussion. People give arguments. You say they are wrong, but never put counter arguments. Just wall ps of text why arenanet is bad without given any proper counter argument. You question arenanet’s motives. So let’s turn that around. Why do you invest so much time and nonsense I can discrediting arenanet. Perhaps you favor from arenanet in being discredited? > > > > > > > People that think it's about themselves don't see the problem that they present to Anet. Sure there are a handful of people that run the software that don't cheat with it ... that's still a risk to the game for Anet and these people just don't see outside their bubble. They think it's black or white and about cheating. They don't consider the risk they present is worth the ban as well. > > What is the risk I present to the game if I were to install CheatEngine, open it, and start playing GW2? I don't see how your question is relevant ... ANET determines the risk, not me, not you, not players; it's THEIR assets at risk. We are simply paying for access to them. I'm not qualified to answer that question anyways ... and I doubt you are qualified to determine you aren't a risk to the game while running this software either. And again you are showing a health lack of understanding that there isn't a perfect system here, so Anet errs on the side of caution. You just don't have a practical sense of how Anet must deal wtih this to protect the people that access this game honestly. Also again, you don't define what determines a ban, Anet does. a person doesn't need to cheat to be banned. Link to comment Share on other sites More sharing options...
mrstealth.6701 Posted April 20, 2018 Share Posted April 20, 2018 > @"Obtena.7952" said: > > @"mrstealth.6701" said: > > > @"Obtena.7952" said: > > > > @"mercury ranique.2170" said: > > > > > @"mrstealth.6701" said: > > > > > > @"mercury ranique.2170" said: > > > > > > > @"mrstealth.6701" said: > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > > @"mrstealth.6701" said: > > > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > > > > > @"Oldirtbeard.9834" said: > > > > > > > > > > > > > > > > > > > > My account is safe, not banned. I'm more concerned with the privacy violation. I think this should have been better put together like Blizzards Warden in a way where it prohibits people from logging in or staying logged in if said programs are active, permanent again like Warden, and finally they should have had the decency to tell us what was happening so that we don't have all of these conspiracy theories going around. Personally I haven't logged in beyond making sure I wasn't swept up with the 1500. The lack of transparency has really killed my interest in playing or spending money until we get a statement regarding this program and what data was collected, how it was encrypted (if it was even), and what data they kept. I also think ANet should release a statement to major blogs such as Massively OP because out side of GW2s player base ANet has egg on it's face. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I want to avoid any sparring so if I see anything I feel might get my blood boiling it's probably smart of me to not engage. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > We all have great love for this franchise and I respect your viewpoints so let's keep our discourse civil over this hot button situation. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The warden does nothing to stop bad people. > > > > > > > > > > > > > > > > > > > As for privacy. We find it perfectly ok that Arenanet gathers data. This is needed for example to play the game. Store our progress, etc. All data involved has to be sent to Arenanet anyways. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > This data is only reviewed by a human in the following situations: > > > > > > > > > > > > > > > > > > > 1: when you report a bug > > > > > > > > > > > > > > > > > > > 2: when you are reported > > > > > > > > > > > > > > > > > > > 3: when you are flagged as suspicious by automatic systems. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Even then, the GM is not allowed to sniff through all your file. Only what is relative close to the timestamp of the incident. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thank you for the clarification, this is the sort of thing that should be elaborated by ANet; this would clear up a lot of half truths and out right Mis information. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The data required to play the game (your characters, progression, etc) and what Anet was scanning to look for cheats (every running process, whether it relates to the game or not) are two entirely different things. There isn't really any reason for them to be checking every other process outside of looking for cheats. The only other instance where they have any business looking outside of their own game's data is for crash reports, and I think reports like that are typically limited to hardware info like CPU/GPU and driver versions. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > That said, data actually being sent back to Anet in this cheat detection system appears to be restricted to detections of the specific programs they were hunting. If you had none of those running, there shouldn't have been any extra data being sent to Anet. It's definitely concerning when any software starts sifting through data on our computers unannounced, especially when the developer refuses to say what data was or wasn't sent back to them, and what, if anything, was kept for later use. But at least in this case it *appears* that for the majority of us, it was nothing. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Not really. The scan was done on the client, but the data scanned was also sent to the server, just in a different fase of processing. > > > > > > > > > > > > > > > > Let’s look at the flow. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > You press the forward key, this is translated by the client in the way your character moves the screen. The new position coordinates are also sent to arenanet. So the actual input output flow ends at the central server > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Going by the reverse engineering work done by a couple reddit users, the client should have only been sending back data if something on the list of cheat programs they were targeting was detected. We may never know with 100% certainty how much or how little data was sent back to Anet, but it seems to be little to none for most of us. If the entirety of that data was being sent back to Anet's servers, then they are definitely guilty of a completely unjustified and unnecessary breach of privacy. Though, the type of information gathered was not very personal in nature, and should not have contained any private/confidential data like content of files loaded by a running process. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > And it really has nothing to do with data like location coordinates for character movement. Those are data points that have to be sent to the game servers for the game to function. If the client wasn't sending information to the server about your location, movement, and skill use you wouldn't be able to play the game. Data gathered by scanning other processes running on the computer has nothing to do with the game's functionality, and falls completely under the category of spying/surveillance. > > > > > > > > > > > > > > > > > > > > > > > > > > > > Please read my post. The data itself have been sent for technical purposes. Just cause the detection might have been done on the client, and after selection, the data was sent again in a different form, doesnt change that. Everything you do is sent to the server anyways and is logged. It is just another presentation with a different goal. > > > > > > > > > > > > > > > > > > > > > > > > > > As far as I'm aware, there is no actual evidence or indication of that. The only evidence I've seen related to the specifics of data being sent back to Anet by the scanner was that there was at least some degree of filtering done before it was sent. That indicates that the full set of data gathered was not sent back. Looking at the functionality of other similar cheat detection tools in use with other games, that is how Anet's tool would be expected to work. > > > > > > > > > > > > > > > > > > > > > > > > > > Anet would most likely want to avoid being accused of a using a cheat detection tool that was the equivalent of spyware. It would be very stupid of them to collect the full list of processes running on every player's PC, in any form. That information is not of much use to them, and having it would only harm their reputation. They really need to release a statement and clarify what exactly what data was collected by them, because there is already a considerable amount of bad press about this mess that could be alleviated if we knew for sure they didn't collect all of that data. > > > > > > > > > > > > > > > > > > > > > > > > Despite your propaganda, I would invite you to actually react to what I am saying. A vague. No indication is not really a reply. My stance is that the goal of a hacking tool that gives an unfair advantage is to gain an advantage on the server. (More loot, quicker movement, walking through walls, etc). As it would be only on the client side, it would never give an advantage. So the data envolved is allready sent to the server, but is gathered again in a different representation to track down cheaters. That has nothing to do with spyware. > > > > > > > > > > > > > > > > > > > > > > I really do not know what point you are trying to make here, in regard to how this recent ban wave was carried out. The type of detection you mentioned is not what was used in this case. And that's not propaganda, Anet told us that in their own statement. > > > > > > > > > > > > > > > > > > > > > > I'm sure we all realize that Anet does collect data server-side based on our activity in the game. Data to determine whether our characters are using macros, moving too fast, jumping higher than should be possible, or teleporting without using portal, etc. But that type of data collection/cheat detection has absolutely nothing to do with how Anet detected cheats for this ban wave. > > > > > > > > > > > > > > > > > > > > > > For the topic at hand, we are discussing a cheat detection tool that used a Windows OS function to read data about players' computers, producing MD5 hashes of every running process, compared that list of MD5s against a list of MD5s belonging to cheat programs, then reported back to Anet whether or not a match was found. The point of uncertainty is whether or not the full list of MD5s was sent back, or only those determined to match a known cheat's MD5. If it turns out that Anet was collecting the full list of signatures from every player, then it would be considered spyware. It does not seem that the full list was collected, but only Anet knows that for sure. > > > > > > > > > > > > > > > > > > > > > > I can't give a definitive answer on that point, because one does not exist that we are privy to. > > > > > > > > > > > > > > > > > > > > Again, you are spreading misinformation. The md5 check is done client side. The entire chest detection is done at the client (you said so yourself). Once the game recognizes certain third party apps running, it is gathering data allready sent to the sever to function in a regular way to track the ingame behavior of a cheater. Arenanet is not sending a list of processes running to the server. The check if there is a suspected app is done one the client, and if so it sends the regular game data together with the suspicious flag to the server. > > > > > > > > > > > > > > > > > > There is no misinformation on my part, but you have definitely misread Anet's statement on this matter. > > > > > > > > > > > > > > > > > > > @"Gaile Gray.6029" said: > > > > > > > > > >Yesterday we suspended 1,583 accounts for a period of 6 months. 1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs over a significant number of hours during a multi-week period earlier this year. We targeted programs that allow players to cheat and gain unfair gameplay advantages, even if those programs have other, more benign uses. > > > > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > People are banned for illegal behavior in game based on the actual regular data sent from client to server. The cheat detection tool checked on the client and marked the client as suspicous. It looked for specific game data based on this client side suspicion. > > > > > > > > > > > > > > > > > > It's clearly stated that the suspensions were based on the detection of these programs running along side GW2. They even said that they banned for programs that have "other, more benign uses", which shows that they were not relying on data collected by ingame activity/server communications. Their own words tell us that these bans were based on only the detection of a running process, not that data in combination with their usual detection methods of monitoring client/character/server activity. > > > > > > > > > > > > > > > > > > > @"mercury ranique.2170" said: > > > > > > > > > > > > > > > > > > > > There is no reason to claim it is sending all processes to arenanet. As stated by yourself. This check is done at the client. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > You're right that there is no evidence right now giving us reason to assume that Anet collected data on all running processes. I've only claimed that we do not know that for sure, because Anet has so far failed to confirm it. There were previous accusations that were later updated by reddit users(though not with certainty), but games media outlets had already published stories claiming that the full list of processes was gathered. That is why Anet needs to make a statement clarifying that point. > > > > > > > > > > > > > > > > > > I don't think Anet has a list of every process running on my PC. But I know that accusation is already out there, and there will be people that think it's true. It even did seem like it was true at first. I'm not going to post saying that Anet did not gather that data, because right now it's just the most logical conclusion, not a confirmed fact. > > > > > > > > > > > > > > > > As stated, there is no evidence, so bring it or stop accusing them for using spyware. > > > > > > > > They do not have to proof anything they didnt do. You have to proof they did. They have a very clear privacy statement. This is part of the agreement we have with them. I have absolutely no reason to believe they are not holding there part of the deal. There is no reasons for the to do so either. Making false allegations however.... > > > > > > > > > > > > > > There is evidence of what the detection tool did, with some additional information being found later on that indicates there was some degree of filtering going on within the tool that likely limited the data it sent back to Anet. I'm not making the accusation that this means Anet used spyware, I'm pointing out that the evidence we do have does not conclusively clear them of the accusations already made by others. > > > > > > > > > > > > > > This has nothing to do with what Anet's privacy agreement (or any other agreement) does or doesn't grant them permission to do. This is about Anet, for some inexplicable reason, allowing an accusation to stand unchallenged/unclarified when the evidence generally points to it being untrue. > > > > > > > > > > > > > > And even if a privacy agreement does grant broad, open-ended power to report back activity or data from a user's PC, that does not exclude the software from being labeled as spyware. Plenty of software universally labeled as spyware come with terms/agreements that grant them permission to the very things that get them labeled as spyware. That determination isn't based on what permission a document grants, it's based on how the software actually behaves. > > > > > > > > > > > > > > edit: A little example to illustrate the point. > > > > > > > > > > > > > > Let's say Shad Bad Guys Inc. release a web browser. This browser collects data on everything you do within it, as well as which other software you have installed and use on your computer. This data is then sold to third parties for advertising or other purposes. Their EULA/privacy agreement state that this happens, through some vague terms. > > > > > > > > > > > > > > Their web browser behaves as spyware, and is going to be generally labeled as such. Your anti-virus/MalwareBytes/etc are going to flag this software for what it is. > > > > > > > > > > > > > > Shady Bad Guys Inc. can't say - "This data collection is included in our agreements, so our browser is not spyware." > > > > > > > Shady Bad Guys Inc. *can say* - "This data collection is included in our agreements, which you agreed to." > > > > > > > > > > > > > > You don't really have any legal recourse to take action against Shady Bad Guys for spying on you unless there was some illegal activity going on or their agreements are deemed invalid, but you are free to call their spyware spyware, because it acts as spyware. > > > > > > > > > > > > As said, the tool was run client side. So whatever data it collected was not automatically sent to Arenanet. You even agree there is filtering going on. Spyware is when it is not filtering and when it is sending the collected data to Arenanet. > > > > > > > > > > Except we don't know that with any more than an "I think" level of certainty... ("I think" being the words used by the person that discovered what looked like filtering in the code) > > > > > What was filtered and what was sent are unknowns. The idea that everything not a positive match for known cheats was filtered out is just a logical assumption. It's probably true, but we just can't be sure about it. I would hold off on the spyware label myself without additional data on what was/wasn't filtered to tilt the scales the other way. > > > > > > > > > > > > > > > > > The fact that you run app A or B isn't illegal. The fact that you use it to gain an unfair advantage is. All this tool did was tracking (on the clientside) if something fishy was going on and if so, sent the regular data with the 'this is fishy remark' to arenanet to investigate the players behaviour. > > > > > > > > > > > > > > > > > > > > > > That part is not true, according to Anet's statement. They were basing bans solely on the presence of a process, not whether that process was actually being used to cheat in GW2. > > > > > > > > > > What you describe is what they really should have been doing, and what they had been doing up until now. As far as we know, making determinations on banning has, for the last 6 years, been based on actually using cheats to gain an unfair advantage. A lot of the outrage right now is because of Anet's (by their own admission) lack of due diligence in determining whether players were actually cheating. > > > > > > > > I am stopping this discussion as it never has been a discussion. People give arguments. You say they are wrong, but never put counter arguments. Just wall ps of text why arenanet is bad without given any proper counter argument. You question arenanet’s motives. So let’s turn that around. Why do you invest so much time and nonsense I can discrediting arenanet. Perhaps you favor from arenanet in being discredited? > > > > > > > > > > People that think it's about themselves don't see the problem that they present to Anet. Sure there are a handful of people that run the software that don't cheat with it ... that's still a risk to the game for Anet and these people just don't see outside their bubble. They think it's black or white and about cheating. They don't consider the risk they present is worth the ban as well. > > > > What is the risk I present to the game if I were to install CheatEngine, open it, and start playing GW2? > > I don't see how your question is relevant ... ANET determines the risk, not me, not you, not players; it's THEIR assets at risk. We are simply paying for access to them. I'm not qualified to answer that question anyways ... and I doubt you are qualified to determine you aren't a risk to the game while running this software either. > > And again you are showing a health lack of understanding that there isn't a perfect system here, so Anet errs on the side of caution. You just don't have a practical sense of how Anet must deal wtih this to protect the people that access this game honestly. I'm quite certain that I'm of no risk if I am not using, and have no plans to use, the program with GW2 in any way. But I fully understand that Anet does not know my motives or intentions, and feel it is perfectly reasonable for them to investigate me as a potential risk. However, I don't think their ToS says anything about banning someone for being at risk of cheating. All of the language mentions actually doing something that harms/impacts/interacts with the game, or provides an unfair advantage. Having a program running that only has the potential to do those things, is not the same as it actually doing them. They should probably update the terms to include that if they want to continue with this type of enforcement. Though, I still feel that a good number of players would push back and attempt to pressure Anet into not doing so, or repeating the methodology used in this ban wave. As I've said before, it's not really about what is or isn't allowed according to a ToS/EULA. It's about taking action that is considered outright unreasonable by a portion of the playerbase. Of course, Anet is in no way obligated to act on, or even acknowledge, our opinions of their actions. But a business usually wants to have as many satisfied customers as possible. It's their choice as to whether they want to stick with their decision that has already caused player anger and negative press, or try a more careful way to achieve their goals. I know I'd have a better opinion of Anet if they reassured us that were investigating game logs, making sure everyone banned was actually cheating, and overturning bans for those that were not guilty of cheating. Link to comment Share on other sites More sharing options...
trueanimus.4085 Posted April 20, 2018 Share Posted April 20, 2018 > @"Belorn.2659" said: > > @"GreyWolf.8670" said: > > > @"Belorn.2659" said: > > > > @"trueanimus.4085" said: > > > > > @"ArchonWing.9480" said: > > > > > > @"trueanimus.4085" said: > > > > > > > @"ArchonWing.9480" said: > > > > > > > > @"trueanimus.4085" said: > > > > > > > > > > > > > > > > > If you're in Germany or the EU in general try reading the EULA. You have a remedy. You can have your money refunded and your account deleted. > > > > > > > > > > > > > > > > EULA means everything in situations like this... basically by signing in , you are agreeing to let them do whatever they want. But that is kind of funny when you state it like that lol > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Could you point out the part of the EULA that allows them to do whatever they want? What if they wipe out your hard drive in case you might be cheating? Can they use it to mine bitcoin? > > > > > > > > > > > > When there is a patch... you agree by loading the launcher to add the patch correct? It has to make changes to your HD to do so.. correct? By loading the game, you have already given them access to your HD. > > > > > > > > > > > > They cant legally snoop your pc for your information... bank accounts, cc numbers etc.. but.. as a part of the software (as with most software these days) they can gather information reliant to the game and making sure it runs correctly on your system, i am sure there is a section in the EULA about agreeing to a listing of processes running on your pc for diagnostic use or something pretty close. > > > > > > > > > > > > Most software EULA's has this and a section that by running said program, you agree not to sue them in case of damages etc.. blah blah.. you know the drill. > > > > > > > > > > > > I didn't mean they could wipe your HD etc for cheating.. but they can snoop simple things such as processes lists if it pertains to diagnostics. > > > > > > > > > > Well, you said "everything" and that was going on a bit not just by you, and I was wondering where that went. And them updating the game is a necessary thing to even be able to play the game. They may install updates. it doesn't mean they can install anything. > > > > > > > > > > > > > > > > > > > > > > > Oh and btw.... i think that is covered under montoring > > > > > > > > > > > > 7. PRIVACY AND DATA PROTECTION > > > > > > It is Your responsibility to read, understand and accept the Privacy Policy in effect in connection with Your use of the Service. You acknowledge that ArenaNet may make changes to the Privacy Policy at any time. You also acknowledge that each and every time You click “I ACCEPT” You warrant and represent that You did read, understand and accept the most recent version of the Privacy Policy in effect at that time. > > > > > > ArenaNet has no obligation under any circumstances to review any information, feedback or communication related to the Game. ArenaNet may, in its reasonable discretion, choose to review any information, feedback or communication **related to the Game**. ArenaNet may take any action, or no action whatsoever, based on any information, feedback or communication **related to the Game**, including but not limited to publicly commenting upon or publishing the foregoing. ArenaNet has no obligation to explain any decision to take any action, or no action whatsoever, based on any information, feedback or communication related to the Game. **You acknowledge, and further agree, that You have no obligation to provide ArenaNet any information, feedback or communications **related to the Game.** In addition to the provisions of Section 13 below, You further agree to defend, indemnify and hold harmless ArenaNet with respect to any claim related to any information, feedback or communications You provide under this Section 7(b). > > > > > >ArenaNet has no obligation under any circumstances to monitor Conduct or other activities related to the Game. ArenaNet may **in its reasonable discretion**, choose to monitor Conduct or other activities **related to the Game**.You consent to the foregoing monitoring and acknowledge that ArenaNet may conduct such monitoring, including but not limited to monitoring in-Game communications and Message Boards provided by ArenaNet as well as third-party Message Boards and the like. You also acknowledge that ArenaNet may take any action, or no action whatsoever, based on such monitoring, including but not limited to action under Section 5, and that ArenaNet has no obligation to explain any decision to take any action, or no action whatsoever, based on such monitoring.** > > > > > > ** > > > > > > > > > > Emphasis mine. > > > > > > > > > > When it comes to the game itself. I agree you have no privacy because you are playing in Arenanet's house. They call the shots and can ban you as they see fit. As a result, they can definitely check my computer to see if I am running a hacking program. But past that, they're in my house. > > > > > > > > Think you missed this part in section d > > > > INCLUDING BUT NOT LIMITED TO MONITORING COMMUNICATIONS AND COMMUNICATIONS INTERFACES, STORAGE DEVICES, RANDOM ACCESS MEMORY, OR CPU PROCESSES RELATED TO HARDWARE YOU USE WITH THE GAME. SUCH MONITORING MAY ALSO INCLUDE, BUT IS NOT LIMITED TO, MONITORING FOR THE PURPOSES OF DETECTING THE GAME UNDER SECTION 8© or 8(e). YOU CONSENT TO THE FOREGOING MONITORING AND ACKNOWLEDGE THAT ArenaNet MAY, AT ANY TIME, AND IN ANY MANNER, COMMUNICATE ANY INFORMATION BETWEEN HARDWARE YOU USE WITH THE GAME AND ANY MECHANISM ArenaNet MAY CHOOSE FOR SUCH COMMUNICATIONS. > > > > > > > > they can monitor you at any time and ban you for anything they see fit. This includes monitoring your process list, ram and HD and even the connection to the server... period. > > > > > > But do they have a right to store keep that in records and then for how long. Privacy laws and especially EU law focus more on the storage and record keeping rather than MONITORING. > > > > > > GDPR for example focus large parts on pseudonymisation and data breach protection. If it just monitoring in order to determine cheating that is a mostly fine. Its a cost that many players is willing to pay. If they keep permanent records that later can be part of data breaches, without any salt or other protections, then there is a major issue with the method they employ to catch cheaters. > > > > > > Could you quote the section about data retention from cpu process lists? > > > > You just quoted your answer. It's the last sentence of the paragraph: > > > > "YOU CONSENT TO THE FOREGOING MONITORING AND ACKNOWLEDGE THAT ArenaNet MAY, AT ANY TIME, AND IN ANY MANNER, COMMUNICATE ANY INFORMATION BETWEEN HARDWARE YOU USE WITH THE GAME AND ANY MECHANISM ArenaNet MAY CHOOSE FOR SUCH COMMUNICATIONS." > > How many years is that? 6 months, 1 year, 10 years, 25? Can they sell it? use it for advertisement? Is it pseudonymous stored? > Since it require my informed consent I should able to tell what I have consented to. In eu consent has some meaning other than "I agree to blank and thus anything and all is permitted". Even in the US a blank permission is usually not worth that much. > > A clothes shop usually have some MONITORING that COMMUNICATE INFORMATION BETWEEN HARDWARE through ANY MECHANISM they CHOOSE. By entering such shop, do you consent to them uploading images from the changing room to kitten sites? Does the word MONITORING convey such informed consent? > > Hopefully they deleted the records but this is something anet should confirm. Maybe they are using it to try and frame Trump like facebook was... who knows Link to comment Share on other sites More sharing options...
trueanimus.4085 Posted April 20, 2018 Share Posted April 20, 2018 > @"Ardenwolfe.8590" said: > Yes, it's time to lock this thread. Going in circles now. Again, thank you Gaile for listing which programs weren't acceptable. > yeah.. just a note on that thought... since the ban pass.. i have already seen more hackers.. either running the same software again or using something new. People sliding into keep portals while downed and almost dead... people that hit 0 HP and still continue to fight, saw 2 flying mesmers also... so yeah, Anet may need to run the sweep again and get the people that they missed because from the looks of it... they missed quite a few Link to comment Share on other sites More sharing options...
mrstealth.6701 Posted April 21, 2018 Share Posted April 21, 2018 > @"trueanimus.4085" said: > > @"Ardenwolfe.8590" said: > > Yes, it's time to lock this thread. Going in circles now. Again, thank you Gaile for listing which programs weren't acceptable. > > > > yeah.. just a note on that thought... > > since the ban pass.. i have already seen more hackers.. either running the same software again or using something new. > > People sliding into keep portals while downed and almost dead... people that hit 0 HP and still continue to fight, saw 2 flying mesmers also... so yeah, Anet may need to run the sweep again and get the people that they missed because from the looks of it... they missed quite a few Some of those cheaters/hackers you've seen could even be the same players that had (other) accounts banned this week. They don't have as much to worry about now that the cheat detector is gone from the game client. Anet will still be after cheaters, but they've taken down their fast-catch net. They should rework the cheat scanner to be a cheat blocker that prevents the game from running along side cheat tools. Block the ones that are detected, then flag their accounts for review to be sure they aren't sneaking by the scan or using an unknown cheat program. It can stop even more cheating/cheaters, with less risk of bans resulting from false positives or players that merely forgot they left CheatEngine running in the background. Link to comment Share on other sites More sharing options...
Obtena.7952 Posted April 21, 2018 Share Posted April 21, 2018 > @"mrstealth.6701" said: > I'm quite certain that I'm of no risk if I am not using, and have no plans to use, the program with GW2 in any way. Again, it's not about YOU or what YOU think. Maybe YOU know what you're going to do ... Anet doesn't. Link to comment Share on other sites More sharing options...
mrstealth.6701 Posted April 21, 2018 Share Posted April 21, 2018 > @"Obtena.7952" said: > > @"mrstealth.6701" said: > > I'm quite certain that I'm of no risk if I am not using, and have no plans to use, the program with GW2 in any way. > > Again, it's not about YOU or what YOU think. Maybe YOU know what you're going to do ... Anet doesn't. Yeah, I said that myself. In the very next sentence. The whole problem there is that Anet would be taking very harsh action against me based on a flimsy assumption of guilt. It doesn't matter that it's their game, their servers, and that they have a ToS that says they are allowed to ban for whatever reason they feel like. It's just...wrong...cruel...unconscionable...there isn't a nice word to describe it. Even though they are technically allowed to do it, it's still messed up that they would take such severe action without even considering the chance...the likelihood...that they would be handing down punishment to someone that hadn't actually done anything. The king's word might be the law of the land, but sometimes the peasants just have to speak up against it anyway when they think it's wrong. Link to comment Share on other sites More sharing options...
Jinks.2057 Posted April 21, 2018 Share Posted April 21, 2018 The worst part about this whole incident is Anet feeling like they are entitled to spy on our private property. Let's see how this pans out in the long haul lol Link to comment Share on other sites More sharing options...
mrstealth.6701 Posted April 21, 2018 Share Posted April 21, 2018 > @"Jinks.2057" said: > The worst part about this whole incident is Anet feeling like they are entitled to spy on our private property. > > > Let's see how this pans out in the long haul lol Thankfully, it looks like their tool was probably only sending back data on positive matches to cheat programs. In that case, there would be no violation of privacy to Anet's side (no data sent their staff/servers/etc) if no cheat programs were found. Only the local scanner tool would have seen any data. Link to comment Share on other sites More sharing options...
Oldirtbeard.9834 Posted April 21, 2018 Share Posted April 21, 2018 I made a Support Ticket 2 days ago asking for clarification on what this 'program' collected and what they kept, and to discuss the effects this is happening on their public perception through MMO Blogs and the importance of making a public statement to improve their image; I was wondering what the turn around time is to get a response. This is all on topic since it relates to the program that lead to the bans. Link to comment Share on other sites More sharing options...
Bloodstealer.5978 Posted April 21, 2018 Share Posted April 21, 2018 > @"Oldirtbeard.9834" said: > I made a Support Ticket 2 days ago asking for clarification on what this 'program' collected and what they kept, and to discuss the effects this is happening on their public perception through MMO Blogs and the importance of making a public statement to improve their image; I was wondering what the turn around time is to get a response. This is all on topic since it relates to the program that lead to the bans. I think their public perception is doing just fine.. you could of course look at other MMO's that offer the same kind of B2P deal you get here, with the amount of QoL additions you get here, with the same amount of free content you get here... ooh and that doesn't have the same plethora of hackers,bots and outright cheats as here. A few cheats got caught out and now its turned into some S J W crusade in the hope it will create a U-turn - hopefully to no avail. Link to comment Share on other sites More sharing options...
Oldirtbeard.9834 Posted April 21, 2018 Share Posted April 21, 2018 > @"Bloodstealer.5978" said: > > @"Oldirtbeard.9834" said: > > I made a Support Ticket 2 days ago asking for clarification on what this 'program' collected and what they kept, and to discuss the effects this is happening on their public perception through MMO Blogs and the importance of making a public statement to improve their image; I was wondering what the turn around time is to get a response. This is all on topic since it relates to the program that lead to the bans. > > I think their public perception is doing just fine.. you could of course look at other MMO's that offer the same kind of B2P deal you get here, with the amount of QoL additions you get here, with the same amount of free content you get here... ooh and that doesn't have the same plethora of hackers,bots and outright cheats as here. > A few cheats got caught out and now its turned into some S J W crusade in the hope it will create a U-turn - hopefully to no avail. I understand it's a little difficult to see what's going on outside your circle but here's a little insight for you. http://massivelyop.com/2018/04/14/guild-wars-2-used-client-side-spyware-to-aid-its-latest-purge-of-potential-cheaters/ Link to comment Share on other sites More sharing options...
TexZero.7910 Posted April 21, 2018 Share Posted April 21, 2018 > @"Oldirtbeard.9834" said: > > @"Bloodstealer.5978" said: > > > @"Oldirtbeard.9834" said: > > > I made a Support Ticket 2 days ago asking for clarification on what this 'program' collected and what they kept, and to discuss the effects this is happening on their public perception through MMO Blogs and the importance of making a public statement to improve their image; I was wondering what the turn around time is to get a response. This is all on topic since it relates to the program that lead to the bans. > > > > I think their public perception is doing just fine.. you could of course look at other MMO's that offer the same kind of B2P deal you get here, with the amount of QoL additions you get here, with the same amount of free content you get here... ooh and that doesn't have the same plethora of hackers,bots and outright cheats as here. > > A few cheats got caught out and now its turned into some S J W crusade in the hope it will create a U-turn - hopefully to no avail. > > I understand it's a little difficult to see what's going on outside your circle but here's a little insight for you. > > http://massivelyop.com/2018/04/14/guild-wars-2-used-client-side-spyware-to-aid-its-latest-purge-of-potential-cheaters/ People use the term spyware way to liberally. You consented to this. It's stopped being spyware at that moment. Additionally, it's hardly spyware as all that was done was a simple extraction and call of the Windows API. Ironically, the people wanting 3rd party "anti-cheat" are opening up more security risk, not less. So pick your poison "Privacy Rights Activist". Link to comment Share on other sites More sharing options...
mrstealth.6701 Posted April 21, 2018 Share Posted April 21, 2018 > @"Oldirtbeard.9834" said: > I made a Support Ticket 2 days ago asking for clarification on what this 'program' collected and what they kept, and to discuss the effects this is happening on their public perception through MMO Blogs and the importance of making a public statement to improve their image; I was wondering what the turn around time is to get a response. This is all on topic since it relates to the program that lead to the bans. I'd be very surprised if that ticket gets anything more than a canned response telling you that they cannot discuss details of their detection methods. If they do tell us anything, which I think they really need to, it would be in the form of a carefully considered public statement that had been approved at multiple levels. That's just above the pay grade of a CSR/GM until the higher-ups decide what to say on the matter. I very much want to see an official clarification on what data was sent to Anet. A confirmation that they did not collect anything other than reports on detected cheat programs, as suggested by the redditors that did research on the game client. I'm not sure if this is has caused much of an impact on public image so far. There were some bigger games media outlets that ran stories early on, but the details were sketchy or incomplete, and there weren't follow up stories keeping it in the public's eye. They've certainly ruffled some feathers within the game's community, but I think it's mostly remained contained here. The community's opinion surely carries some weight, since we are the ones buying their gems and expansions, but it always helps get things done when there is a stream of public information directing more eyes onto the mess. It's kind of sad that bad PR is just about the only thing that can motivate companies to do the right thing. I don't enjoy seeing a game I like being dragged through the mud for the sake of trying to make it better. Link to comment Share on other sites More sharing options...
Recommended Posts