A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 3.11K Posts
- 78K Comments
- Modlog
Privacy policies are there to tell you what they collect/share not to have your privacy in mind
Run it in a container but this is on the low end of what’s collected on you
But you’re looking at it? There’s even a link to a (presumably) more detailed version? I don’t know what else they’d tell you though; this read pretty clear to me.
None that won’t get you banned.
I don’t know why you make such a huge fuss about this. Stupid client-side AC has been the status quo in online games for how many years now?
This policy seems to be rather tame though:
If you wanna know what data they have on you, make a GDPR request. Based on this policy however, I highly doubt it’s more than IP addresses (for which they have a legitimate interest) and player IDs (which aren’t particularly sensitive PII).
An excerpt from the linked privacy policy:
(Emphasis mine.)
Given that all of what they’ve written is legally binding for them aswell and that they’re an actual company in a domicile with rather strict privacy laws (Germany) not in some an off-shore scam company, this is pretty trustworthy.
On that note, I just noticed that Battleye is an e.K. (“Eingetragener Kaufmann” ~= Registered businessman); this is a one-man shop O.o
If they fsck up legally, they’re personally on the hook.
I didn’t know that before and was still rather suspicious of them but, reading their privacy policy, they’re actually kinda trustworthy in my book now.
I don’t think it would be unreasonable to boycott all modern games until the industry seriously changes
I had a similar pop-up when installing Destiny 2. Not only did they want to run everything with superuser privileges, they wanted to scan my entire filesystem and ALSO the filesystems of ANY mapped drives. I noped out at the point, not letting some random anti-cheat software that I can’t audit run a scan on anything with a NFS or Samba share
So… This is normal and pretty much to be expected.
There are definitely some games that have netcode that’s just too easily exploitable (e.g. the old god mode cheats where you could just cover the whole map in smoke, fly, etc) and are using anticheat like this as a crutch.
The bigger issue is (and has always been) the more nuanced cheaters. The ones that have cheat clients that act more like a guiding hand, just caressing the crosshair (or the packets) for the perfect headshot for a 75% increase in accuracy.
That’s not something that can really be detected well over the network… It just looks like a player doing normal things.
The best solution to this is unfortunately dead… Stadia. It was honestly great, polished system, fast game startup, no downloads, no cheaters, even the dumbest of netcode works great in a data center, and no need for client side anticheat … because the client is just a browser.
I worked on a rhythm stadia game. It was not fast. The latency jumped around a ton. It was hard for expert players to perfect even the most basic of tracks.
Didnt think I would see anyone wax poetic over stadia
Studio and technology of its type usually has too much input lag for the purposes of a competitive gaming environment.
The input lag was negligible on Stadia. It was in a whole other tier compared to what my friend and I have gotten trying other cloud gaming providers under Linux (to play Windows games w/ anti-cheat).
Ultimately if everyone was using it for a competitive FPS game nobody would be disadvantaged either. The only possible issue is that someone has a 30ms benefit because their rendering is totally local… In practice the streaming lead to a way better experience… Nobody teleported (from packet loss), nobody was cheating, etc. “Your bad internet” truly on affected you.
I ended up rolling my own over LAN… It’s stupid but it works really well and there’s no subscription costs associated and no dual booting hassles.
Client-side anti-cheat should die. Learn to write good netcode and serverside culling instead (maybe also ai anti-cheat like how valve is doing and some other company I don’t remember)
No, i don’t care how your internet sucks, dial-up is outdated.
The client is NEVER to be trusted, no matter the scenario. Get your shit straight.
The game client for every game you’ve ever played had some degree of trust. You can’t just say never trust the client because then the client doesn’t even move because you don’t trust the client to send the inputs.
And let x-ray cheats run wild?
Just don’t have personal info on you gaming PC/dual boot if you care
That’s a bad take. This approach puts the cost on the users’ shoulder when most users are not cheaters.
Why should you pay that price when you are not responsible for the problems they are trying to solve?
Just don’t send data the player can’t see
Welcome video game streaming?
Also, in game reports like Valve Overwatch
But then how can we stop people from cheating offline? /some companies
It’s called ‘selling your soul’.
Most of it is perfectly reasonable.
IP: Simplest identifier for smurf accounts, also very ineffective since you can just reset router. But public info anyway.
Game identifier: Obviously
Hardware dev info: More effective identifier for smurf accounts and more effective form of banning (and decent way to check if you’re in a VM, depending how hardened it is)
OS info: Different OS’s require different functions
Game and system files: Don’t agree with this one unless you’re incredibly deep into e-sports (professional). For casuals, checking game files: Fine. Checking system files: Fuck off.
Running processes: Checking for running non-hidden cheats
File names: Not quite sure what they mean here
The text at the bottom also states that it only collects this if it detects potential for cheats, which obviously is going to include false positives, but it isn’t constantly mining the data like other ACs.
BattlEye isn’t the greatest AC so should be fine anyway.
About file names:
Let’s pretend the anti cheat detected a software that’s screen recording the game.
If the software file that triggered the alarm is obs.exe (and it’s digitally signed accordingly) then it’s a pass. If the filename is autoaim.exe then it starts some sort of investigation.
I’m just theorising here.
Unlikely, they would use checksums for this, not the filename.
I hate modern ac software for automatically banning VM usage. Don’t know if this is the case with BattleEye, but coming from someone who uses a VM as a daily driver - This sucks.
They leave it up to the game publisher; same as Proton support.
Im ok with collecting ip for ip bans. But looking at filed goes to far
With how easy it is to obtain a new IP address since the vast majority of people do not have a static IP from their ISP really doesn’t solve anything. Depending on how your ISP distributes their internet it could be as simple as rebooting your router to obtain a new IP.
This is battleye. An anticheat software to protect online servers from cheaters. It does this by analysing what happens on your computer and then bans cheaters when it detects that they are manipulating game code or game inputs.
Yes you can. Stop playing online games.
If you are not a gamer - you probably look at this as a privacy nightmare.
If you are regular (and especially a good at FPS genre) gamer who constantly plays popular FPS shooters, you might appreciate this anti-cheat. It is very important that cheaters get a real punishment, where changing IP and account is not enough.
I’ve heard stories that cheaters in Apex Legends are buying new disks each time they are banned, because easy anti cheat blocklists their hardware by their (serial) IDs.
Also, this post is a bit cringe. Anti-cheat software is needed. And that’s exactly what anti-cheat does - analyzes user’s PC and user’s activity in order to detect cheat software…
This software will not solve the problem - and is probably not even meant to. The company is likely harvesting data to abuse users or sell it.
No extent of privacy invasion will solve cheating. I have made - as a fun university project - demo cheats that do not even need to run on the same computer as the game. They give significant competitive advantage, and detection systems give too many false-positives to even begin to counter these.
You are yet another one who don’t play any competitive multiplayer games and fail to see the benefit on anti-cheat software.
You are 100% wrong.
I have played in online and offline CS and Overwatch tournaments. My team won prizes. We had a wonderful anti-cheat measure: reputation and respect.
LAN parties with people you know is a different thing.
Yeah, unfortunately both reputation and respect is dead in (most) online multiplayer games. LAN and Esports is a completely different thing.
So here we are. Being OK with a company stealing our informations, and certainly selling them by the way, because we somehow think that’s acceptable since you won’t die against a dude that can see through walls in a videogame. Something, Something about priorities…
The policy doesn’t say if the save the CONTENT of your system files, just enumerated them.
So, how exactly does this company expect to make money with the information that I like to keep discord and Adobe acrobat running in background?
I am not certainly sure what point you are trying to make? Yes, this is acceptable as there is no better way to avoid cheaters on PC platform. 🤷
You also realize that anti cheat software comes with a game? If you don’t install games - there would be no anti-cheat software on your PC.
I’m not sure about this one. For sure it’s the most cost-effective method to avoid cheaters, but not the “best” way.
Using statistics on the server side could be less intrusive. Checking file integrity on every run could be an option. Honeypots that are visible only for cheaters already happened with success to detect them.
There are possible strategies.
Server side monitoring of inputs and better code that didn’t tell the client computer where everyone was behind walls would be a start.
Let’s not pretend that anticheat isn’t a poorly made, anti-consumer bandaid for a game company’s lack of investment in security and quality net code.
Gonna be real, this sounds like you just don’t know much about networked game programming. As if in the 20 years of the entire industry trying to solve the cat-and-mouse of cheat developer versus game integrity, no one thought of “uuh, lets jusy not tell the client where they are until they r on screen” and realized it was unfeasible.
And they all do that anyway. Information generally isn’t revealed to the client unless it needs to be.
Yup… There are definitely some games that have netcode that’s just too easily exploitable (e.g. the old god mode cheats where you could just cover the whole map in smoke, fly, etc).
The bigger issue is and has always been the more nuanced cheaters. The ones that have cheat clients that act more like a guiding hand, just caressing the crosshair (or the packets) for the perfect headshot for a 75% increase in accuracy.
That’s not something that can really be detected well over the network… It just looks like a player doing normal things.
It’s necessary for the client computer to know where other players are, though. Like, if someone is walking in the other side of a wall to me, or shooting their gun around a corner from me, it’s important for me to get audio cues, for instance.
As for server-side input monitoring, that can only take you so far. It’s easy enough to add a random element to a script so things don’t happen at fixed intervals, for example. Most of these games do use server-side input monitoring on top of client-side anti-cheat.
Audio cues can be intentionally non specific enough for the client to be able to determine the exact location of the source and for a cheat to overlay the position, tho.
Seriously, you guys see all the overwork, burnout, and abuse of developers for basic fucking features on launch but somehow manage to have nationstate level architecture to prevent cheaters, but oh they just can’t manage to beat the cheaters by not having 3rd party malware and spyware on every connected machine? Some people really here need to grow up and remember the conditions under which these games are made. Games have basically 0 security considerations, proven by their willingness to outsource the entire concept to a 3rd party who can take all the legal liability and at the same time giving us the sorriest excuse for “anti-cheat” while still not solving the problem.
Want privacy? Don’t play games with internet requirements. It’s that easy. All of the other games are sucking whatever info they can get their hands on. It is not about anticheat - it is about money and data=money
Nearly all anti-cheat.
…isn’t this how they always worked? How every anticheat worked? At leaat it doesn’t install to your kernel…yet.
Riot’s Vanguard does at the very least
Yeah their anticheat and I think the newest cod one too,whatever its name was. saw a list some months ago.
Ummm… how do we tell him?
I think BattlEye just did