Studios Remove 'Spyware' From Several Games As Gaming Public Revolts
from the just-a-little-spyin' dept
If this is becoming a trend, it's a really, really stupid one on the part of the video game industry. You may recall several recent posts about software, mobile apps, and video games that have sneakily installed what many call spyware onto users' machines, or otherwise inject software without the knowledge of the user. From soccer apps to flight simulator mods, users and gamers sure as hell don't like it when they have to find out from internet sleuths that the software they're using is spying or using them behind the scenes without their knowledge.
And now we learn about Red Shell, a software company that has contracted with multiple game publishers. Red Shell's software is installed alongside games to track all kinds of information about the machines on which those games are played. It gathers information about a gamer's operating system, browser version, IP address and more, all with the goal of feeding information to game publishers to evaluate how effective their advertising models are. We should note here that Red Shell specifically claims that personal information is not collected.
“We don’t collect names, emails, or addresses,” Red Shell says on its website, noting that games can offer an opt-out to players if developers so choose. “Our service basically says ‘this computer clicked on a link from this YouTube video and the same computer played your game.’ We have no interest in tracking people, just computers for the purposes of attribution.”
Whatever lengths Red Shell goes to anonymize this data, the simple fact of the matter is that all of this was done without the knowledge of the gaming public installing these games. And we're talking about a massive amount of games found to include Red Shell software thus far.
The software has been discovered in over 50 games including The Elder Scrolls Online, Conan Exiles, Hunt: Showdown, and Civilization VI. For the past couple weeks, a contingent of players have dedicated themselves to weeding it out, decrying it as “spyware” that many companies failed to disclose.
“Red Shell is a spyware that tracks data of your PC and shares it with 3rd parties,” Redditor Alexspeed75 wrote last week in a thread that’s became something of a rallying place for aggrieved players. “On their website they formulate it all in very harmless language, but the fact is that this is software from someone I don’t trust and whom I never invited, which is looking at my data and running on my PC against my will. This should have no place in a full price PC game, and in no games if it were up to me.”
Since then, publishers have either been removing the Red Shell software from game installs, or else pledging to not use the software in the future. The folks over at Red Shell are not pleased with all of this, obviously, claiming that this is all a case of the public misunderstanding what it's software does and does not do.
And, look, to some extent, Red Shell might be getting an overly bad rap here. What immediately strikes me is how different this story might be had Red Shell or, more importantly, game publishers simply kept all of this known and above board. If gamers were more informed of what Red Shell software does and on what games it's included, I doubt the same kind of outcry would be on display. And, if Red Shell's software is as innocuous as it claims, that kind of disclosure shouldn't have been a problem.
Instead, everyone acted sneaky and is now claiming frustration at the lack of trust the public didn't afford them all retroactively.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
So? Games don't deserve copyright!
Keep whining, Timmy!
[ link to this | view in chronology ]
Re: So? Games don't deserve copyright!
What pack of nut jobs discovered this site? We are seeing more and more people trying to directly change the subject or divert attention using irrelevant stereotypes or trigger points. It is distracting and annoying, and it would be great to have a new button to label a post as being an off topic diversion.
[ link to this | view in chronology ]
Flag and ignore/laugh
Pretty sure that's not a new nutjob, but just the same one that's been infesting the site for years(their obsession with Google should tell you which one it is).
As for your second question, we already do, it's the nice big red one, as off-topic and/or incoherent ranting would seem to fall right under the 'abusive/trolling/spam' category.
[ link to this | view in chronology ]
Re: Flag and ignore/laugh
[ link to this | view in chronology ]
Re: Re: So? Games don't deserve copyright!
Probably it saw video games in the content so it picked this comment to post.
[ link to this | view in chronology ]
Re: Re: So? Games don't deserve copyright!
Just read through the accounts names.
At least one, "PaulT", has spent literally at least two years of 8 hours days here! And that despite it being a tiny site of no actual influence, besides so wrong on the law that almost never predicts cases correctly.
By the way, you kids were taken in by an imitator! My guess from tone (and knowing for sure is not ME) is it's actually "Dark Helmet" trying to gin up rabid responses. In any case, you kids DID fall for A "troll", while if you had any of the sense you claim, you'd IGNORE. But as "PaulT" stated directly yesterday, you're only here for the ad hom.
[ link to this | view in chronology ]
Re: Re: Re: So? Games don't deserve copyright!
[ link to this | view in chronology ]
Re: Re: Re: Re: So? Games don't deserve copyright!
[ link to this | view in chronology ]
You just said the other day you’ve been here for 9 years...
[ link to this | view in chronology ]
Re: Re: Re: So? Games don't deserve copyright!
You know, you'd stand a chance of actually having a point if you didn't spam from multiple IP addresses. You fucking TOR pirate, blue boy.
[ link to this | view in chronology ]
Re: Re: Re: Re: So? Games don't deserve copyright!
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: So? Games don't deserve copyright!
Then he realized that the website's spam filter was reacting to his constant deluge of rubbish, so he started using TOR to spam even more messages.
Therefore, by blue's own assy logic, he is a pirate.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: So? Games don't deserve copyright!
That was one of my favourite claims, given that VPNs are a vital part of infrastructure for virtually every kind of business nowadays. Even if you don't use a VPN yourself, you had better hope that the banks and businesses you work with are using one, especially if they collaborate between multiple physical locations.
But, again, facts are not his forte. He decided that the only reason to use a VPN was for piracy, so everybody using them must be a pirate, even as the businesses he so badly defends are using them too.
[ link to this | view in chronology ]
Re: So? Games don't deserve copyright!
No shit. Here you are in a thread about how people who have paid full price for products are getting tracked and placed at risk, and all you can do is whine about piracy. Google has no place in the article, yet your obsession won't let you address the actual subject.
Get help, you're off your meds again.
[ link to this | view in chronology ]
Re: Re: So? Games don't deserve copyright!
A rational person could, of course, bring up Google in a way that's relevant to a conversation about services that track their users.
A rational person could.
[ link to this | view in chronology ]
Troll completely misses point, news at 10.
None of that has anything to do with this article but I do have to address one comment:
Spying on you and collecting personal and private information (such as what websites you visit and what games you play) without your knowledge, is not perfectly legitimate data. Or if you truly think it is, then please, let us all have remote access to your computer so we can see EVERY SINGLE THING you do on your personal computer. Then come back and tell us it's perfectly legitimate.
[ link to this | view in chronology ]
Re:
SESTA voted.
[ link to this | view in chronology ]
Re: So? Games don't deserve copyright!
[ link to this | view in chronology ]
Erm, bullshit. You're literally tracking what people are doing on the computers.
"this computer clicked on a link from this YouTube video"
But, maybe he's just an idiot and think that it's the computer doing the clicking and not a person?
"with the goal of feeding information to game publishers to evaluate how effective their advertising models are"
"This should have no place in a full price PC game"
There's your fundamental problem. If you're charging full price for a game, there should not *be* advertising.
[ link to this | view in chronology ]
Re:
There's your fundamental problem. If you're charging full price for a game, there should not *be* advertising.
Well, sure, but movie studios have been doing something similar for years. If you buy a Disney DVD, it will probably come with unskippable trailers ("ads") for upcoming movies and TV shows on ABC. And it will probably come with an unskippable piracy warning. Okay, granted, these don't send tracking data, but it's still annoying when you pay full price for a product.
[ link to this | view in chronology ]
Re: Re:
Which is why they invented VLC and libdvdcss2.
Say that to all of the overt product placement that occurs in the media nowadays. Heck they're even naming buildings and events after corporations now. I imagine we'll start seeing the U.S.S. Google and Alexa National Park soon.
The first time I noticed this practice in gaming was back when Prototype (PC) came out. Back then it had a lot of adverts as textures all over the game's various structures and windows. Today it has mostly ads for Gamestop. Originally, I thought it made the game more vibrant and realistic, as the game itself takes place in Manhattan, so having adverts wasn't something abnormal, rather it was expected. The adverts would change every so often. Which was also a huge improvement over the typical three to four in-universe ads that games tend to overuse everywhere.
Today, however, I'm reminded about what happens when the analytics server shuts down / client can't get a connection to it, and promptly curse it for making me accept the idea of ads in a full priced game. I've also been wondering for some time what in-game ads would be "personalized" given that the game itself can be spyware hiding under what would otherwise be a legitimate program on a given machine. Can't say I'm surprised by the finding, so much as I'm surprised that it's generated so much negative PR that the publishers would actually remove it. I'm glad it has, as I don't think anyone should have to resort to tricks like VLC's ignoring of the UOP flag just to get a decent and safe experience. But, I was consigned to the need for it.
[ link to this | view in chronology ]
Re: Re:
True, but "those guys have been pissing customers off for years before we started doing this!" is not really the excuse the gaming industry needs to adopt.
Besides, this really is a very different subject. With said DVDs, all they really did was drive people to rip the discs, use something that ignored the skip blocking, or just pirate anyway. Realistically, it's no different from the theatrical experience as well. But, it didn't cost you anything other than time.
Here, we have unannounced malware installed on your computer, which may both compromise your personal data and make you at greater risk from outside attacks. If their excuse for that is "we needed your data to sell ads" and they're already charging $70/game up front, something is wrong, and that goes way beyond "I needed to sit through a sales pitch and a lecture on not pirating on the product I paid for".
[ link to this | view in chronology ]
If only we had a robust set of laws that made them be clear about it being included, what it did, how it was used, and how much off the price we get for being resold.
[ link to this | view in chronology ]
Look, this is for serving you better.
It's like a plumber who goes to the pain of installing a camera in your bathroom so that he can get a better picture of what may be causing repeated clogged drains and can install the best countermeasures. You don't want every handyman to pester you with details and permissions for doing the best to make things go down the drain smoothly for you in particular.
[ link to this | view in chronology ]
Re: Look, this is for serving you better.
[ link to this | view in chronology ]
Re: Look, this is for serving you better.
[ link to this | view in chronology ]
Re: Look, this is for serving you better.
[ link to this | view in chronology ]
There is no "some extent". Red Shell deserves everything they're getting, along with the publishers stupid enough to pull this stunt.
What's not addressed in the article is how Red Shell works, along with publisher requirements, which takes Red Shell's "anonymized" data and links it directly to the user's account.
This was discovered by users in Elder Scrolls Online, in which Zenimax Online Studios (ZoS) insisted this was an accidental release (coincidental timing to a job opening of a new marketing specialist who can push sales using an online store).
However, the story didn't add up, and users quickly found themselves being "identified" by the app.
I'm extremely disappointed Red Shell is playing the victim here, when they know full well how publishers are using their tool.
Users have reported Red Shell can be deleted without affecting the game.
For PC users, this is great news.
For console owners: you're screwed.
[ link to this | view in chronology ]
Re:
This was discovered by users in Elder Scrolls Online, in which Zenimax Online Studios (ZoS) insisted this was an accidental release (coincidental timing to a job opening of a new marketing specialist who can push sales using an online store).
Accidental in the 'this wasn't supposed to happen and we're purging it now', or 'accidental' in the 'you weren't supposed to find out that this had happened, but trust us, there's nothing to worry about here' sense? Given the second half of that sentence I'm guessing it was the latter.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
As a gamer myself, I understand why people are pissed and why they're taking action, but direct your anger where it belongs.
[ link to this | view in chronology ]
Re: Re:
It feels more like Red Shell was designed and marketed for silent installs with all the fig leaf fine print about asking for user permission as a legal CYA move.
[ link to this | view in chronology ]
'Hiding things from your customers', not a good look
If gamers were more informed of what Red Shell software does and on what games it's included, I doubt the same kind of outcry would be on display. And, if Red Shell's software is as innocuous as it claims, that kind of disclosure shouldn't have been a problem.
That the companies involved were apparently not upfront(or weren't clear enough about it) about the inclusion of the extra code is not exactly going to engender trust in their customers.
If they really felt that it was harmless and that their customers would be okay with the data being gathered then they could have easily made it crystal clear that this was what they wanted to gather and this was how they planned on doing it and this was what the were putting in place to make sure that no more was scooped up.
Let people know ahead of time what they wanted to do, and as such allow them to decide if they were okay with it. Trying to defend it only after they got caught out though? They've only themselves to blame for the backlash and loss of trust.
[ link to this | view in chronology ]
Does it gather addresses or not?
Timothy writes that it gathers IP addresses; Red Shell says they "don't collect...addresses". Are they talking about different things? Are Red Shell just lying?
[ link to this | view in chronology ]
Re: Does it gather addresses or not?
Most people probably either don't know or don't care about their IP address, but they do care about their email address since that is tied to logins most of the time. And Red Shell wouldn't have a ton of use (some though) for email addresses but would have a large interest in IP addresses.
[ link to this | view in chronology ]
Re: Re: Does it gather addresses or not?
No, in context it's quite clear that they're not, since they list them separately.
“We don’t collect names, emails, or addresses,"
In context, it's quite clear they mean physical addresses. Not only is an IP address something people won't care about, it's literally the one public identifier your PC will send to them when you visit them. There would be no reason to assure people they weren't collecting that, since that's what every single server you visit is doing in its logs anyway.
[ link to this | view in chronology ]
Re: Re: Re: Does it gather addresses or not?
[ link to this | view in chronology ]
Re: Re: Re: Does it gather addresses or not?
Having each server record when you visit it is one thing. Having somebody collect every IP address that you visit is a very different thing, as it is much much more revealing of your habits. There is also a difference from between logs which are only looked at when there are problems, or warrants issued, and mining all the data collected about an identified individual.
[ link to this | view in chronology ]
Re: Re: Re: Re: Does it gather addresses or not?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
https://en.wikipedia.org/wiki/SecuROM
[ link to this | view in chronology ]
There should be a law against this!
Doesn't anyone care about privacy any more.
People should demand the right to control their own data!
Right?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
PC Master Race/Steam
You're paying through the nose for your convenience now and it's like many of us told you, it's going to suck.
If you're one of these companies pushing this redshell garbage, I hope your profit margins take a colossal hit for this. You apparently didn't learn from Sony/BMG's crap from a long damn time ago. You're one of the reasons piracy takes off.
If you haven't figured it out by now, people, let me point this out for you. If you are only buying digital movies, games, books and music because of just convenience factor, you're screwing yourself and doing so in the worst way possible. One update, that book is gone, that game is no longer supported, let me put it this way, you own nothing. When you own nothing, it doesn't matter how much you've paid for it, plain and simple. You open up your devices to harmful stuff like this. If I installed something like this on your computer, I'd be headed for Federal Prison, it's high time these buttnuggets were held to the same standard but since they're not, the only way for it to go away is to stop buying it so...up to you.
[ link to this | view in chronology ]
Re: PC Master Race/Steam
While there are certainly a lot of reasons to worry about platforms like Steam, your premise that Steam is somehow required to install tracking software on a user's computer, and that this would not happen if the games had been purchased on another platform, doesn't make a lick of sense.
Of course spyware can be propagated through means other than Steam. The third sentence of this article links to two examples of games that bundle tracking software without being distributed on Steam. Hell, your own example, the Sony BMG rootkit, was distributed on a music CD.
[ link to this | view in chronology ]
Re: Re: PC Master Race/Steam
Don't worry, your eyesight's fine.
[ link to this | view in chronology ]
Re: PC Master Race/Steam
Now I agree that people should have more power over what they buy digitally, but this is a separate issues entirely
[ link to this | view in chronology ]
Re: PC Master Race/Steam
"I'm butthurt about something and I'm going to use this only tangentially related topic to scream and yell about the "evils" of an extremely popular hardware platform and entertainment service that I hate."
Dude, get a life. Everything you are complaining about in regards to PC and Steam can happen on EVERY SINGLE OTHER platform and service. It can even happen to modern day consoles. Heck, I'd argue that it's easier to bypass problems due to this (DRM hacks, pirate versions, etc...) on the PC because it's so open and you can do whatever you want on it.
Do we need more ownership of the things we buy, digitally or not? Absolutely yes. But that has nothing to do with PC or Steam and whether or not people should use them.
If you hate PC and Steam that's fine, but at least do it for valid reasons that aren't also present on every single other system.
[ link to this | view in chronology ]
Re: PC Master Race/Steam
Steam provides games for Mac and Linux.
Where's the connection?
[ link to this | view in chronology ]
I will give kudos to the devs that have removed Red Shell. They listened to their customers' concerns and responded appropriately. Other devs have been flagging reviews mentioning Red Shell and have been flippant towards people's concerns. Those are the ones that don't deserve forgiveness.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Track the computer, track me??
Ummm, NO!!!!!!!!!!
This is the same claim as all those TRACKERS, that get installed on your computer from times past.. And after you have 10-12 of them all fighting for access on your computer...
YOU END UP WITH A SLUG OF PROCESSING POWER..
ITS BAD ENOUGH that google Android LOVES YOU SO MUCH..that if you look at your account you will find allot of history you never knew was there..
[ link to this | view in chronology ]
Is it time to reverse the old industry slogan?
Now it is "use pirated software to reduce the risk of spyware."
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I wonder what else redshell does since Zenimax hates facebook / Oculus? degrades performance perhaps? causes crashes?
[ link to this | view in chronology ]