I don't see why it's even relevant if their data theft might accidentally affect paying costumers too. Privacy is a basic human right, not a privilege you have to do anything to deserve. Downloading a stupid plane does not void your right to privacy.

If a lawsuit should make sense, it should be on behalf of the people who they have admitted trying to steal private data from: The pirates. But sadly, I don't see that happening.

Yes, gotta love internet lawyers.

Why is it that states pass castle doctrine laws? Because if you're out in the woods, you think a house is abandoned after knocking, but you need help now (maybe you need medical attention, were just raped, or something), you may break into a house to use their phone, only to get shot to death by the homeowner who didn't know your intentions. They treated this kind of issue as appalling, so it became illegal, but, then, it was also appalling that a homeowner would be obligated to let someone have free reign over their house, while they waited for someone to call police, because they weren't allowed to defend themselves against potentially dangerous attackers from a position of advantage.

Then there's laws on the book that if a kid breaks into your property, even if you have "warning, beware of dog" signs up, you get sued. You're obligated to make sure kids stay off your property and out of danger.

The more interesting thing about this case is the lack of security. Best part is, let's say my parents (since you are responsible for your children) pirate this program, and set off the bug. Now my personal information (assuming i'm a minor) is now being collected. What protections would I have? Or, better yet, what if someone broke into my house while i was on vacation and pirated the software through my computer, while they were downloading porn and other things? What about a bug in the program actually causing false positives, as opposed to figurative false positives? What if the software is extracted from the installer, and just unleashed into the wild as is? Do I sue them? Does getting information from this spyware actually constitute as proof of piracy?

Sure, the odds of someone breaking into my house and pirating something through my computer is slim to none, but the issue with the child is far from unusual, and neither scenario is OK, let alone the rest.
Absolutely, as i do believe there are precedents for this. Usually you have to make reasonable steps to protect information. Base64 doesn't fulfill the requirement.

Good. Don't expect much, though, even though microsoft wrongly violated the law to protect people from malware before.

This is the just desserts for people who couldn't care less about programs spying on them and sending back information.

The same goes for all those bozos that claim whenever a game throws up an anti virus warning that it's a "false positive".


Also the trend for having a persons email as the username for logins and two step logins where you have to access an email like steam guard put people at a greater risk when dealing with situations like this.

But seriously...it seems certain people are completely adamant pretending they know something about this.

The pirate claimed it was a keylogger, the developer denied that. Where does the legal system draw the line between piracy and a developer's right to defend themselves? Because if the code just sends the real IP address of the machine it was illegally installed on which the developer can use to seek a court order seeking the records of the IP provider, then I highly doubt there will be any legal sanctions whatsoever and it is perfectly within their rights. But hey, so many of you losers think you are so right about everything and want to act like internet bullies by downvoting anyone who disagrees with your poorly thought out opinions.

Every single one of you jerks downvoting me for stating my opinion are showing exactly what jerks you all are. So many of you jump into a conversation just to cause trouble. GoG ought to warn and ban the lot of you losers.

I feel a developer should be allowed a certain amount of legal leeway in defending their property from pirates, and I'm quite sure the vast majority of courts will agree with that. This is a $140 DLC we are talking about here, that moves it well beyond petty theft in most jurisdictions. But hey, I hope the lot of you pirates learn your lesson when the authorities knock on your doors and charge you steep fines for your illegal activity.

Absolutely. The most disgusting thing is, we still won't care. What did vault13 really do? Who talks about Snowden among the normies?
I'd love to analyze the exe for myself, but i'm not going to pirate to do so. But calling me a pirate doesn't change the argument. Just because the guy is a pirate doesn't mean he's wrong. It doesn't mean he's right, either. I'd like to see someone independent analyze the exe file, or analyze it myself, but i doubt we'll get to that point. However, all the issues people had with CPU serial numbers tells me that there are indeed enough people out there that consider even IP blaming an issue. Let's face it, an IP isn't even enough to incriminate, either. People can have their IPs hijacked all the time, too. If they aren't grabbing more than IPs, they don't have squat.

While I never played such games when they first came out (I was born in '95), I have played The Elder Scrolls: Arena in recent years, which had that kind of copy-protection. Ah, the good old days...

I'm also curious what you mean by 'Pepperidge Farm'? The only Pepperidge Farm I know of is the snack-foods company.

Same company. It's a meme.

In case you didn't yet have found the time to read the blog from Fidus Infosec that drmike linked earlier, here is a summary about what an information security firm thinks about this:

The blog starts with these basic questions:

1. What legal boundaries is this pushing, if not directly breaking the law?
2. How is the data being sent to FSLabs?
3. How is the data being secured and who has access to it?
4. What exactly are people’s usernames and passwords being used for?
5. What on earth were they thinking?!

And at the end it raises these questions after their findings

1. What is the legality of this?
2. Why is data being sent over HTTP and only being encoded with B64?
3. How secure is the data being stored? – The server running the log collection domain also has RDP open to the
internet..

It would have been far less of an issue if the add-on would have been made to contact the developers during play and just send them the modem's external IP address and a hash to identify some individual watermarks the developers could have added to the files, but they choose instead to blindly collect account names and passwords from anyone happening to use a browser on an infected computer and then send them over the internet without any proper encryption to a server that is just begging to be hacked.

I am all for the developers getting paid of their hard work, but that doesn't give them the right to break laws to achieve that. And in this case they are in suspect of committing far more serious offenses than what they are claiming to fight against.

Is it an online only game this one? I mean if not, just pull the Internet cable out of the machine right?
If anything as the world pushes forward with always connected everything, a simple stand alone machine with not network connections at all, which only gets thing added to it by USB drives or something similar and has no personal information of any kind on, would seem to be the way forward.

Sid Meier's Covert Action asked you to identify a particular spy from a lineup of photos. Pirates asked you which flag belonged to a particular pirate. Starflight has one of the more interesting systems I've seen. Everytime you left a station, it gave you three words and you had to use those words to find the numerical launch code. Luckily the version here has an automatic decoder.

Either way, whether they prove that this DRM is safe or not, this is some bad publicity and people will steer clear of this product. Seems like years of dev time wasted by one stupid decision.

Monkey Island also had a pirates faces line up, MI2 had another spin wheel with other things. That was about the only DRM I ever liked as it was fun to do. Until a mate lost the wheel and you couldn't get into the game.

Many games had a code system and the look at the booklet to find the word on page number.

I wouldn't hate if either of them came back tbh. Would be alot better than the current ones.

time machine

https://www.japanator.com/wait-pirates-that-cross-days-download-is-a-trap--14143.phtml

The question remains if they would get one because they would have to prove 100% that the IP in question did actually use or shared a pirtted version. I highly doubt they will be able to do this with a database they made on their own. It'S really difficut to get such order because of the privacy rights being regarded as being extremely important.

(For the record: I did not downvote you)

You seem to have an overly high regard for supposed governmental "privacy rights". It's funny especially since the EU are the ones which required online stores to use Geo location on their users so that EU taxes go to the right place. It's also Germany with the strict age requirements for games, which presumably stores must check individuals IDs to buy games.

Getting an IP address, then sending a subpoena to the service provided has been used many times before. In fact, even VPNs have been given a subpoena in some cases, revealing who used their service especially in the cases of terrorism. Whether a small company really benefits by jumping through all these hoops is another question...

And for the record, no one has to prove anything 100% for a court case. I don't know where all of you get that from. To start a court case, a plaintiff in almost every country needs to show reasonable cause. I'm pretty sure that a pirated copy phoning home from a specific IP meets that criteria.