Slashdot Mirror
Another Software Spy
No, the second writer on LinuxQuake has it right when he says "It's market research." id doesn't care about current support, they want to know what cards to support in their next software release.
But the reason doesn't matter. The important part is that the software is doing something that it doesn't advertise and that isn't necessary for the operation of the software - sending information about your computer back to id software, which is mentioned nowhere in documentation, readme, EULA, website or installation. id calls it research - I call it a trojan horse program, and if I went into id's offices and installed a similar program that reported back to me on their machines, I would go to jail for it. If I convinced id to download and run it, by disguising it as, say, a video game, I'd go to jail for plain old fraud as well as the computer crime. That's 18 USC 47 section 1030, for the curious. It's been used against a number of 1337 d00dz who weren't quite 1337 enough.
So why does id think this is fine and dandy for them to do?
I like id's games, but this is not a joking matter. Software which performs functions beyond its stated activities is uncool (read: illegal), especially when those functions are spying on their users. Any sort of collection of data from user's machines, even relatively mundane data like the type of their video card, should be announced by the software and in the docs, and users should be able to opt out of it. How much bad press is it going to take before softwre companies get a clue? Or will the first hint they get be when an ambitious prosecutor serves a search warrant on them one day?
Update: 11/28 10:41 by michael : From various posts below and email received by yours truly, it looks as though id did have notification of the data-collecting activity in previous releases of the demo test; but not in the most recent one, for whatever reason. Perhaps the story should be about quality control on readme files. The basic point - companies need to be very open and upfront about things like this, even for benign purposes, and give people the option to opt-out - still stands, but it seems that id just made an error rather than tried to hide anything.
If it's just to see which are the most popular cards, then I guess I don't really have that much of a problem with it--but you really can't ever be sure about exactly what they're actually keeping track of. Personally, I could do without this.
Here's my DeCSS mirror, where's yours?
They're called bugs.
Stuff like that happens. Not that this in any way lets Carmack+Co. off anything....
... and today's pet project has
Not sure how bad this hurts if they only send my Video card brand and model #... if they're stealing my ethernet MAC address, or some random stupid serial numbers for programs on my computer, then I would have a problem...
-
Check out the new case I made at the url above. The BookCase! Just a case covered with a book, take a look to see what I mean. Just click on the computers section to get at it.
-S
Scott Ruttencutter
We Apprentice Developers and Designers
There should be monetary penalties for this sort of thing. Hit companies where it hurts, in the pocketbook.
Well if such data collection is illegal why not sue 'em? Tell the judge that the program is a trojen horse just like any other and see what happens. With some lobbying you could probably win if the privacy violation was great, say in the case of lots of personal data getting tracked. Id would probably win in this case but not other companies...
I don't see anything wrong with the info that gets sent back. It's an easy way for id to get a snapshot of their userbase. i'll personally be glad to send them packets stamped with "Linux."
"Your heart is free. Have the courage to follow 'er."
-- Grow up and use mutt.
He's proven he's got the integrity as a person. This is merely a snafu, or just something he simply deemed wasn't a breach of privacy. Shall we put "Warning, this product sends UDP packets out to the net" labels on everything now?
Come on, it's nothing more than video card information and Quake version. This is hardly a violation of privacy... I read the argument that "that's not the point", and that the software shouldn't do something it doesn't advertise, but I think this is going overboard. Let's not get ridiculous people.
This is harmless. So please, be sensible, don't make it out to be something more than it is.
I would never expected ID software to do such a think. What where they thinking? They could have been so stupid that they didn't consider the bad publisity this will generate.
Without doubt this will be do more damage than good for them. Even if they get all the information they wanted. Bet it won't take long before they remove the trojan horse from the software.
I'm going to have to agree with what's going on here. I'm sure that there is something in the EULA about this, and using their software is not a right.
// getting video card information to make games cooler and know if we need to support old crappy hardware.
it's simple...
HW_VidType getVideoInformation() {
return SYSTEM_VIDEO_TYPE;
}
Justen Stepka
Personally, I believe that things like this should be allowed, as long as they are mentioned somewhere (product packaging, EULA, etc.). Sometimes data collection is over criticized, such as the original implementation of cookies in Netscape. The bad press that cookies have recieved has rendered a good thing useless; people now reject cookies because they don't understand them. Data collection is overall better for the consumer. If you don't like this policy, all one needs to do is not buy the product. Since you've paid for a product, you have to accept what's included in it (unless it's open source). There shouldn't be any reason that this type of feature should be prevented -- it benefits the consumer. As long as they are not collecting information beyond what they should (credit card numbers, etc.), it provides a way for companies to better adapt their software towards consumers needs.
I really liked ID too... I thought they were software for the people, by a cool person. Carmack was one of my favorite people. Was. He should've publicized this before now. I don't appreciate being told that some marketing exec now has personal data about my computer, something that I would've gladly given out had I been asked. 90% of people don't care who knows what kind of video card they have. I tell people all the time. But I doubt if anyone appreciates that information being taken from them without their knowledge. That's today's rant. yebyen@adelphia.net
Restating the obvious since nineteen aught five.
This is going to get more and more frequent, I am afraid.
Unless something is done.
I think some kind of binding code of practice needs to be swiftly adopted. Specifically, users must be warned in advance if *any* information is going to be collected, generated or transmitted from their machine.
I know that there may be legitimate reasons for a company to want to send information back to their server. But if it is going to happen, then the user absolutely must be informed about it.
It's also yet another good reason to use open source software - that kind of abuse simply can't get past a well informed community based on peere review.
Those companies collecting data for "research" purposes are really getting on my nerves. When it was from Microsoft, I was not surprised at all. From RealNetworks, it was a but more surprising, but not that much. But id Software doing it is really to much, a company which I trusted and I've always been a fan of their games, but that may really make me consider banning all of their games if they do not make the appropriate apologies and publish a fix asap. This is really a case that could be use to see if we could win large damages that would make other companies think a bit more before doing that kind of stuff. Suing RealNetworks or Microsoft may be more appropriate.
And I dont buy the argument that it is purely to do market research, because their are many easier ways to find out what the people are using, like having a registration system where I would have the choice (and I would have no problem giving them that information).
This kind of behavior has to stop, it is not admissible and we, as a community aware of the problem should have an active role in the reprobation (boycott) of those companies...
I think it might be too late to do anything about this, really for one major reason.
Most people don't care.
The majority of consumers purchasing software don't really care (or don't know enough to care) about maintaining the privacy of their computer components. A lot of people would gladly trade in a little bit of privacy in order to gain the percieved notion of more robust software.
Most people would not only accept, but also welcome the idea of their software reporting information back about their systems if they were given the explanation that it would make future software run better on their computer.If people cared about their digital privacy, wouldn't there be a much bigger stink about cookies?
The idea of a game that sends back video card information, for the goal of making future releases work better; isn't that far away from the idea of a site keeping track of your web surfing, for the goal of making your future visits more pleasurable.
I would appreciate it if they would write an explanation of EXACTLY what information they stored. I don't care about my hardware specs. I do care if they grab my email, ip, hostname, username or personal gameplay info. (No... you cannot use my skills as a model for Quake AI)
This simply records your OS, Video Card, driver, etc when you play. It doesn't expose your personal information.
There is no difference between this, and the User-Agent HTTP header that is sent. Oh, the User-Agent doesn't expose video card, BFD. (but you can sometimes get at screen depth/size depending on browser scripts/java) Most naive users are unaware that info is sent, and browsers don't prompt users either.
The level of paranoia on Slashdot has reached all time high. Next thing you know, ID will be charged with the high crime of recording their player's IP addresses on their central server.
They left a back door in the older versions of the Linux quake server software....oops! I thought they learned with that fuckup but i guess not.
I would have no problem with sending my vid card info back to them, as long as they asked 1st.
I have to return some videotapes...
Er, going by the fact that Intel may be blocked from selling the PIII in the EU due to the serial number in each one (see http://www.theregister.co.uk/991128-000002.html) couldn't that affect the release of Q3 in Europe? Though it's not a serial number that they're using, it's the fact that it could in effect be used to track what hardware people are using. If id don't put in a way of disabling this, or at least doing the same as Netscape have done with their feedback software (I forget the name), then it's feasible they could get into trouble for this.
I can't see how it can be used purely for support purposes if it's sent irrespective of a problem, and there's no way of linking the information with a helpline caller.
Just a few ramblings by someone who can't see how the saving of data could be linked to support...
Personally, I have no problem with them getting the information about my video card, but i think that this is about precedents as well. If we let Id Software get away with it this time, who can say that other companies (or Id Software) won't start doing this with more important information?
Pyroclasm
there are more important battles to fight. phone companies are going to sell records of who you call so that marketers can better target you. that's right, who you call. who cares if someone knows what video card is in a computer that plays quake? it doesn't send back anything that identifies you, so you are completely unharmed. quit your bitching. it is harmless to you.
Are you saying that any piece of software that does something that is not explicitly advertised is uncool(read:illegal)? The Real Jukebox? The "NSA key" in Windows?
Call the sherrif, and tell'm to book Bill Gates on a billion counts of fraud!
No comment at this time
Has someone let loose a bunch of clue-zappers recently? This behaviour is what I expect from Microsoft and AOL, not id software.
I guess everyone needs to stumble once before they fly. id has been flying so high for so long it makes you think of Icarus.
I wonder if UT does this? If not, looks like it might be time to get behind Unreal Tournament and ditch Quake ]|[
--
I agree with the posters who say that video card info isn't really all that big of a deal, BUT (and it's a big one) Since it's not a big deal, couldn't it just pop up a window (first time only) saying I'd like to tell ID that you are using a wiz-bang 5.32 Video card, is that OK?. I'd click yes to that one personally.
Sending without asking is at least rude, and sets a bad precedent. What info will it be next time?
I have to wonder, is that video card data really worth the stink this will cause?
graphic-card only?
graphic-card plus processor-type?
graphic-card plus processor-type and hd-infos?
MAC address?
Hmmmm. I wonder how many of the people who bellyache about Quake are also people who use a credit card. Especially one with AirMiles. Or who participate in a grocery store discount card program. Or department store discount card program.
All these things track your purchases, providing the store with valuable information about the spending habits of your demographic.
Hopefully, most of you were clued in about what's *really* being done when you use these cards, and made a knowledgeable, active choice when signing up.
[which is, I guess, my point: iD could easily have done some sort of payback-for-information thing. Perhaps those people who said "yes" to releasing the info/letting iD track them would get a bonus level. Just like Safeway gives you a discount when you give them info about your personal spendng habits.]
--
Don't like it? Respond with words, not karma.
I wouldn't call it common knowledge, but I've known the q3tests did this for months. They've never hidden anything, and Carmack has seemed quite clear in other situations in explaining the purpose of the packets sent back to id. They're for identifying the cards so id knows how many users are using specific OpenGL library sets. If you don't want them to know, recompile Mesa to send them another string, or just don't play the game. It's not some dubious conspiracy to steal your secrets. I like it when the author of software cares enough about the product to make sure it will actually run for its users.
I'm not a big gamer, but the q3tests (and the recent demo tests) are very impressive. I'm also a fan of good software, and you can't write software if you don't care what your users want. If you write software that, for example, requires $15,000 worth of graphics hardware to operate, or comes without source code, or only runs on embedded ARM systems, your software is of little use people. If you ignore what your users need, they'll find someone else's software to use. If you're a proprietary software company, you might get all worked up about this, but if you just want better software as a computer user, you end up getting just as little.
--
Who the hell cares if they know what video card you're using?? Now if it searched my drive for interesting personal documents, then I'd have a problem.. but personally I could care if they know what video card I'm using, and I don't see why you care.
Blizzard got sued, but so many people protested the suit, it got dropped. I guess the moral is: if you make really really good games, you can do whatever you want to people's computers and get away with it.
Not to sound like a privacy fanatic... regardless of the intentions, if someone is collecting data about my machine without my consent.. it should not be tolerated. Remember all the well known Quake mod conversions that were shutdown by id.. basically on the grounds that if they don't stop them now, no matter how small a project, regardless if it has no intention to go retail... they could lose their footing in court later on if someone does severely abuse it. This is the same matter.. if something isn't done now, what's to stop them from collecting "a little more information" down the road. cheers
Basically it boils down to you are sending info without my authorization, even if its just simple hardware data or....
you are sending only hardware statistics. Who cares?
I declare this subject null and void ;> We might as well ask, what is better, waffles or eggs and bacon. Yeck.. I hate eggs.
---
-
ping -f 255.255.255.255 # if only
well hell, lets sue the hell out of microsoft their products do a LOT more stuff behind the scenes than they explicitly tell us about seriously, folks, get a grip.
So now the information is out, and ID will get to know what 3D card you're using. Do I care? No. Will others care? Yes. But the fact remains, that you KNOW this will be happening when you play the game. If you don't support this measure taken by ID, don't buy the game. Speak with your pocketbooks people.
With that said, this could just as easily not been found out, and we could, in the coming months, be sending info to ID without being the wiser. I say be happy you know what ID and their software are doing. That's more than I can say for whatever M$ software does.
In the end, I don't think this is a call to action to boycott all things ID (IMHO). If them knowing what 3D card I have or what system I run Q3 on helps them with thier future sofware, I say more power to them. That information isn't any hair off my back. In fact, I can see it helping out certain platforms and speeding up the game dev process, which in my opinion is a Good Thing (tm).
However, I realize I'm not like everyone, and it would be nice to have the option NOT to send out information if we don't want to. I think this is a simple and fair solution that would make both sides feel better. Choice is a good thing.
Can anyone elaborate on the reasons why I, as a Quake fan, should be alarmed about iD Software collecting market-research information which is 100% uncorrelated to any user IDs, email addresses, MAC addresses, or any other means of identifying me as an individual?
I work in the games industry, and believe me, the more we know about what % of our customers use 3Dfx versus nVidia, GL versus D3D, and so on, the better we can tailor our products to deliver the best possible experience to the greatest number of users. The data being transmitted back to id by Q3A can't possibly be used for spamming, law enforcement, license enforcement, piracy prevention, or any other purpose besides the obvious one: letting the company know what type of hardware support its users would like to see. I am having trouble seeing the downside of this practice from either point of view -- as a game programmer and a game player.
What specific reasons does the Slashdot crowd have for considering this practice to be a "privacy violation"?
After browsing a few more comments, I realized I had forgotten to address two points.
When id left the backdoor in Quake/QuakeWorld servers (I don't remember which), that was just stupid. Honest mistakes happen, but sometimes people have other motives. However, I can't see what id wants with Joe Random's week-end QuakeWorld server, so I can hardly attribute malice or an underhandedness to their actions.
My second point is that Quake 3 is proprietary software, and as such, you (the user) get what you get, and no more. If proprietary software has deliberate back-doors, bugs, gaping security holes, well, you can just wait. If I had the code for Quake 3, I'd leave in the code that sends those UDP packets with my OpenGL vendor's tag to id (you, personally, could remove that code), but I would be able to run it on my PPC Laptop (which is something I can't do now). Oh well, I have no choice, such is proprietary software.
--
Actually, I have put features into software that I did not tell users about. Some of it is for diagnostic purposes, some is for later work.
Putting in code to send information from or about your machine without authorization is another thing.
This might make an interesting criminal trial.
Injured software engineer wins against Mattel. Mattel still retaliates.
It's good and right for people to bitch about this but try to be forgiving.
PS: (to those quake seeky enough to follow the plan files) What did you think authenticate.idsoftware.com was for??? I was afraid it would be used for dark purposes and I'm releived it's use is as innocuous as it is! (May Carmack not make me recant my relief!)
License: By reading this you are agreeing that you agree with me.
As some one else noted, this is not the first time Id has done this type of thing. A while back they had a back door in the quake2 server that would allow instant administrative access to any player coming from id's subnet. Carmack apologized and claimed the backdoor was placed there for debugging purposes and was not supposed to be in the release version. A patch to remove the backdoor was summarily released. The entry detailing this from Carmack's .plan can be found on this page:
m it.x=25&submit.y=4
http:// news.planetquake.com/pqsearch.asp?search=rcon&sub
forgive my ignorance, all you graphics people, but there aren't that many options are there? I mean, why does id need to know what sort of card I have when there are maybe 3 or 4 main types anyway, and they all have to work with opengl to play the game?
and what a damn good game it is. so there goes my boycott.
So, are you going to not purchase Quake3 just because it tells id what kind of video card you have? Talk about being paranoid. I personally could care less about information being sent to some company via their software. If Real knows what songs I listen to, does that make a big difference? If seeing what video cards the people that buy Quake 3 use, perhaps it will allow them to make a better product, if not one person is using a archaic piece of crap video card, then they won't have to add support for it in later games. It's not really invasive as long as it doesn't stray from stuff like your hardware.. Their not going to call you up and laugh at you because you still have a VooDoo 1 and your trying to play Q3A.. Cut the paranoia crap..
--
Insert Witty Sig Here
All I can hear is: Thea take our video card specs, they could take our mac#s etc. ever thought of: they could take your pgpkeys, they could send your entire /home/ or whatever ? if you want security, dont use proprietary software. if u want to use proprietary software, you loose security. thats the way it is.
-- [This line has intentionally left been blank]
Personally, I hate it. It's a slippery slope. Once we stop bitching about just sending video card info, then next it will be more personal info.
I can see the need for market research. Pine (the e-mail program) collects information over the net, but it ASKS YOU FOR PERMISSION FIRST. I have no problem with this kind of action. It's stuff going on behind my back without my knowledge that spooks me. I should be able to choose to be counted.
I'm sure if, for example, Id wanted to know how many quakers were using each OS, most of us would be damn eager to be counted. Just ask first. Is that so difficult?
Did you know that whenever you connect to a web site, most browsers will tell the server what your IP address is, what OS you are using, and sometimes your CPU and screen resolution? Shocking!!!!
I shudder everytime I think about it. George Orwell was right. Jack van Impe was right. We live in a police state. We are being watched everywhere.
Who knows what's next. Today, you video card. Tommorow, Carmack will have have speech recognition in Q4 sending analysis to the marketing department and Echelon. Not to mention video webcams recording you masturbating to porn sites.
Time to go live in the woods like the Unabomber. It's all over on January 1,2000 anyway.
Ok, its pretty obvious that theft of information is occurring.
People say they don't mind, because the particular information is not important to them. Its pretty important to ID Software...
Does it matter how important it is to the victims?
ID makes good games, but looks like they have a bit to work on in the areas of morals and legality.
my 2 kopecks
Look: They want this information to the point where they're willing to run the risk of pissing people off by taking it without asking. Doesn't that suggest that maybe the information has some intrinsic value?
Doesn't that, in turn, suggest that it's theft?
Your "not a big deal" argument falls flat. If someone breaks into my house and doesn't steal anything except some silverware that I don't want anyhow, does that make it OK? This sounds like 100,000 counts of petty theft to me.
There is no reason to jump all over Id software's case... It probably never occured to them that people would get so bent out of shape over this. They admit to the fact that they are taking information from our computers, and they have told us why. What more do you want from them? It's not like id is taking information that you would have gladly volunteered.
The community should making an effort to educate companies about this and not flaming them into oblivion. Besides, even if we did sue id, I doubt we would win anything more that they have to put up on their webpage a warning that q3 retrieves various information about your hardware. No cash.
Also, now correct me if I'm wrong on this... don't cookies have a similar function, i.e. they take data from your computer without your knowledge? Wouldn't that also qualify as being illegal? I don't really understand what the difference is.
I believe it is self evident that it is wrong to be sending information about your computer, uninvited, to someone else's machine. It's bad enough that the web browser encroaches into this area.
Second of all, ID gave no mention of this in their EULA or website or anywhere else. This is a common courtesy, I don't care what the rest of you think. If information is being sent to a third party site, when you're playing Quake 3, then you should be told it's being sent. That needs no justification. It is common courtesy. Period.
Stop being a bunch of complacent sheep. When it comes to your privacy rights there is no "I don't see anything wrong with this" or "let's not get ridiculous, people" or "lighten up." There is a solid law against this kind of behavior, and there is the solid issue of common courtesy. Stop bowing down, people!
Now, on to part 2.
--- Grow a pair, liberals... stop letting the Republicans bully you!
While Id's reasons for doing this may be legitimate, the morality of such a move is questionable. Obviously, such things should ask permission before sending data. Now I'm no Stallman; i don't think there's anything wrong with closed-source or not-free software. If you work hard on something and want to sell it, that's your business, and I use a lot of closed source software. But, it's making me trust less and less anything I don't compile my self. God knows what kind of similar things are embedded in Windows. I'm just glad that for my mission critical systems, I use Linux and OpenBSD, and I can peer at the guts of my OS to my heart's content.
Isn't this kind of a knee-jerk reaction to something that we don't know all the details about? Is this information being sent when you engage in a single player "bot game" of q3a? It's doubtful. The information is being sent to ID when you connect to THEIR master server. (right?) Really, what's the difference between this and a site recording your os/browser in its logs? Or setting a cookie and then selecting a banner to be displayed while you view web pages on a site? Surely people aren't mad about this because it's in invasion of privacy - really, there isn't much of that around these days anyway. ID Software isn't selling your soul to marketers, it's generating statistical info about the folks playing the game. While you're bitching, I'm enjoying the game =)
Call it a wakeup call ...to both folks like Carmack and ourselves.
To Carmack et al, a warning: open-source is a state of mind as well as a distribution method. Up-front disclosure will get you far more cooperation than stealth, along with sharply reduced incidents of villagers with pitchforks storming the castle.
To us: Even though ID's little surprise didn't have nefarious motives and methods, both subsequent copycats and those already doing it whom we haven't yet noticed probably will. Carmack and company have done us the offhand favor of reintroducing, with new urgency, the game of spot-the-packet, coming soon to an eth0 near you.
A "reliable source" told me that Q3 actually sends positional information about where your player is located in the game map, and what they are doing, back to the server you're using!!! Can you believe that?
What's next, web browsers sending your IP address and browser type along with requests?
All kidding aside, can you think of one way that this specific information being sent will significantly affect your life?
Moebius_4d:
:)
If I pick a penny from your pocket it's no great loss, but it's wrong is the single most effective statement I have ever seen against people who have no problem with 'minor' intrusions against their privacy. I want to use this quote and give you credit for it. This is an true classic. Way to go man
--- Grow a pair, liberals... stop letting the Republicans bully you!
How dare they steal information from my computer without compensating me for that information?
I price such consumer information at $5.00 for each peice of information.
What video card do I have? Pay me $5.00 and I will tell you.
This is a free market, if you don't want to buy the information from me you are free to go ask someone else.
I consider a company collecting demographic information from me without paying me for that information to be a form of theft. And I will not associat with anyone who steals.
I guess Loki gets my business until they screw up, and by the time they do there will be other, honest companies that I can start buying from.
There is more and more software (esp. in the Windows world) which sends 'background information' of whatever type to I-don't-know-whom. What scares me a bit is how automated this has gotten - MS media player 'phoning home' to get new codecs etc. I think that most of the time the user _does_ benefit at least in a way, but I (as an advanced user -- read: I can look at the Options menu and understand what the checkboxes and radio buttons mean) want a switch that says [ ] Don't send user-related information. Better, make it the default that no user-related information is sent (then again, you as a software creator probably won't get much back). The only alternative is to use open-source software only, but you won't have much fun with gaming in that case...
I think it's sad that esp. id which has gained so much confidence from the open/free source community in the past does this. A simple note in the README would have been enough. On the other hand, they know how many people look closely at their game (to create third-party tools, maybe even to manipulate gameplay) so that they should have known that somebody would find out sooner or later.
I saw something just like this the other day! I went to this website, and my browser told the server what Web browser, version, and operating system I was using! Then I sent an e-mail and it said what mail program and my domain name!!! And sometimes, when I connect to a Quake server somewhere, it tells the server the exact IP address that I'm playing from!
Programs that just bandy about my personal information like this have to be stopped. Let's all sue iD, Netscape, Microsoft, Real Networks, and any other company that writes programs that send any non-arbitrary information of any kind over the InterNet.
-lx
I'm finding myself being a bit forgiving because it is the one software company that we all love, id software. These guys have always been the best, open to the community, serving the community. I guess it just comes as so much of a shock that they would do something more characteristic of "The Man". I don't mind giving out my video card info, but comon id, you really should tell us openly. I mean, id has always been in a sort of open disscussion with the whole gaming community. I'm sure that if you had asked us and told us that you were doing this we would all be more than willing.
when id does it, 80% of the posts are making some bullshit excuse "oh, its nothing that confidential", "oh, but I trust id"...
you cant have one rule for companies you 'like' and others you 'dont like'. you're hypocrites. get over it.
While I do agree with the benefits of OSS...I highly doubt that you have gone through all the source for everything on your system. /. You'd still be running through the kernel source..or your shell's source, or the source for gcc, or if you run X, X's source, and Mozilla's, and your window managers..etc.
"If i cannot see what the program does i do NOT trust it."
the above statement, to me, means that _you_ have gone through all the code...If that were true...you wouldn't have time to even read
I would imagine that you have created your own BIOS software, since the code for most BIOS's are closed.
It is somewhat true that you yourself don't have to go through it because "so many others" have already, but that is not what you said.
I am also surprised that you would even consider using a credit card, since the software that runs credit card readers are closed. I'm sure that your credit card company keeps close track of what you buy, and where you are..then sells it off.
You don't actually use a bank, do you? All their software is closed. And I'm sure that your bank has loads of info on you.
good luck never using closed software any more.
The basic sleazeware produced in a drunken fury by a bunch of UCBerkeley grad students was still the core of BIND. --PV
Carmack is saying that the data is used to model the user community, then by correlating that data with the support requests you can tell which platforms are unusually buggy (or stable). The Slashdot summary is being unfair when it characterizes the data as "...useless for support purposes."
Carmack quote from the LinuxQuake page:
"It has mostly been for tracking the amount of support we give by video card vendor. For instance, 3dfx and nvidia are about equal in players, but we get 10x the support email for 3dfx users. [...]"
However, this is addressing the question of usage (and even then only with the "mostly" qualifier), not the question of intent. Based on the datagram, the intent is to be able to model the user community, and it is very similar to the data any website could collect about their user population from http headers.
"Another Software Spy"
Really should be "Another iD software spy" because they had jepordized security and privacy before.
IIRC, certain versions of Quake 2 for Linux would let anyone from the 192.246.0.0 IP block have remote shell capabilities. If you ran the server as root, you gave someone at iD software your computer on a platter. I read this on a page that listed possible remote exploits and security concerns for Linux a while back, and can't find the link at the moment (it was back in April that I read it).
If true, then iD, while good gaming wise, is certainly not to be trusted. Time to recheck the firewall rules, as having a CM makes it far too easy to let lots of data through.
---
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
There's no invasion of privacy worth caring about here. I'm glad they're grabbing the vidcard info. Are they collecting usernames? IP addresses? Vital personal info? No. Just your vidcard and OS (anything else?). All it can do is help you be supported in the future. Isn't support what we need so much? I would certainly like support for my TNT2.
Really, John Carmack has been doing an incredible amount of work for 3d support on Linux. I see as many glx (for xf3.3 matrox/nvidia) commits from him as from anyone else, and his explanations of current problems/fixes on glx related stuff is always great. He doesn't need to do this. He doesn't really need to put all this work into Linux Q3 (another 5% of market for probably 2x work? pfff.). Quit whining about little stuff and thank him for all the work he does.
... GameSpy?
--
This trend is so terribly disturbing... It doesn't matter how much or what info is being transmitted back, it is the fact it is transmitted at all, without prior consent. :(
I'll research this thoroughly, since these sort of rumours always have to be taken with a grain of salt, and if it is true, I will definitely stop buying id Software products.
Sad but true.
--
I think we need a little perspective here.
What ID has done is basically for support, with few (I'm guessing none) alternative uses. Contrast that with, perhaps, Blizzard's Starcraft tapping into the Windows Registry. Calling what ID has done illegal seems to me preposterous. What do you think a test version is for, anyway?
Jose M. Weeks
You're right. It is a free market - don't play quake.
-lx
I can't see it making THAT much difference what is sent - it is the fact they are getting a packet from you whenever you play the game, saying "person at IP address xx.xx.xx.xx is playing Quake". Microsoft would *kill* for the right to do that for their packages....
--
-=DaveHowe=-
doubleclick.net and all their clients
strategy.com a data mining company, tracing, matching and making huge profit out of your personal information, you can't even get to their site with cookies disabled...
Add your suggestions here!
NO!
/any/ way shape or form?
Oh my god, it just sent my video card information to id! Whatever shall I do???
I bet the government is behind this. In fact, I bet it encodes my email address, social security number, and credit card number (don't forget expiration date!) inside of this information somehow, and sends it directly to the FBI, NSA, and CIA headquarters!
Seriously, we need to chill out about all of this paranoia. Is this harming anyone in
This post was mere knee-jerk reaction.
if this "feature" is in the actual demoTEST release, or if it's just in the final release? I ask this because everyone is saying that "it's not in the EULA", but if the trojan is only in the full release, and no one has the full release yet, then there is no definite way of telling if id HAS asked permission.
It's "id" NOT "ID"
and a lot of you call yourselves Quake fans sheesh!
What the hell does 1337 mean?
This, more than anything, shows me that John C. cares about the product that he releases. He's statistically comparing the number of 3dfx support emails per capita to the number of nVidia emails. This absolutely doesn't upset me. I'm not keeping what video card I have or what operating system I'm running a state secret. I'm guessing he didn't give the option of saying no every time it wants to send that information because of at least two reasons:
A: It's be fscking annoying.
B: All the paranoid people of the world would say no and their support emails in would affect the numbers.
BOOM! Those packets no longer go to id! They are stopped dead in their tracks. Problem solved, end of discussion, battle over, your privacy is (in this case) secure.
If you are looking to take legal action and you sue id first, they can drown you with legal defense money. Never try and sue a company in civil court first, if you can press criminal charges.
And in case you wondered, I am a long time id software fan. However I am also extremely impartial. It's nothing personal; they not only violated people's privacy, but they also did not inform anyone they were doing it. I am holding off on buying Quake 3 until I know they've patched this and apologized about it.
--- Grow a pair, liberals... stop letting the Republicans bully you!
first: id has to match this to some personalized data. imagine, if you get dozens of packets "blabla linux 3dfx" how do you tell that this is not one user playing dozens of time, but dozens of users playing once each? How does id solve this problem technically? A database storing the packet info and the IP address could do the trick.
... But bashing Carmack for this case is pretty ridiculous. Anyway, man ipchains be your friend. Just block sending of packets to id's network.
Well, this gives me a bad taste. HOWEVER, market research is necessary. I think it's cool that Carmack does the work for a market share of five percent. (and remember... quake I was available on Linux at a time where the average slashdot reader was still fed by mom). So I clearly understand that he wants to know at least which gfx cards are used and which are more worth supporting and which are not.
Even if the single-standard OpenGL for Linux comes true, there will always be specific tweaks and workarounds for certain gfx cards. He just wants to know if it's worth doing particular tweaks.
I guess when Quake is labeled "I send the video card AND ONLY THE VIDEO CARD type to our counter", most people will accept it. I would.
And btw: This is another example of slashdot-over-hystery. I'm very concerned with privacy. If you want to do something for privacy, you can bash ECHELON, the NSA, CIA, you can use GnuPG,
id has no right to any of my information unless I specifically give it to them.
> information which is 100% uncorrelated to any user IDs, email addresses, MAC addresses, or any other means of identifying me as an individual
that is not true. For many people with static ips, the ip is a very good way to identify the individual. And even for dynamic ips, the isp can look up who it was.
not only do they know your vid card, they also know how often and how long you play. They have no right to know that I play 4 hours every other Tuesday at 9. What I do in my free time is none of their business
it is fine for the server I connect to to collect these stats because I am going to them. However, I am not going to id and they don't even have the right to know that I play q3test.
Sure, it's just "market research". You know how much other info companies would like to get their hands on in the name of "research"? Any grocery store should be able to look in your refrigerator to see what brand of pickels you buy. Toilet makers should be able to determine how often you go to the bathroom. Pharmaceutical companies should know every time you get a cold. And of course every time you make love, condom manufacturers should be informed whether or not you were protected.
Ummm, you missed the point, by a mile.
The fact is, everything you discuss is well documented by many RFCs, CGI books, even simple HTML coding books. What you discuss was documented and existed before almost every browser in today's world existed (maybe not old Mosaic beta versions...).
If you can't be bothered to RTFM, then that's your ass on the line. It was documented.
BUT: Here's the clincher [and what you missed]. ID didn't document this "feature" anywhere. _That's_ the difference. There is no reasonable way for an "average" person to find this out. You shouldn't have to watch your own packets flow, or (illegally) decompile your software to figure out what it does.
I've read a lot of the posts on here about people saying, "oh it's just video card info and I would willing give that up so I don't really care, but if they were collecting my MAC address, ip, etc I would be a bit more upset". But if you think about it, that video card information does them absolutly no good without a unique identifier to it because otherwise they would be logging the same peoples video cards over and over and over and have no way of checking for previous/dup records, so idealy they have something linking it back to YOUR computer.
Privacy means that I have the information and someone else doesn't unless I say they can. Does it need to be expressed in fewer words for some of you people? A privacy violation is a privacy violation. If ID violates my privacy, chances are that they have also lost my respect and trust. Doesn't really matter how good the game is if you can't trust the programmers.
This has been discussed before, and has been going on with the previous tests.
The message of the day server was intended as a half-assed auto update feature that could be cross platform.
We send a normal message most of the time, but if the version is out of date, we can send a message with telling you where to get the update.
I didn't want to deal with binary auto-updates on three platforms, and I worry a bit about security issues with that in any case.
You can disable it by setting "cl_motd 0" when the game starts up if you really don't want to send anything or see our message.
We added the result of glGetString( GL_RENDER ) to get some much needed information about the distribution of video cards and drivers.
We can see how many people aren't following directions and running glsetup. This is a big support issue.
We can see how many people are running minidrivers, which are going to make our lives a mess in the future.
We can see how many mac (steady 5%) and linux (5%at initial release, tailed off to 2%, probably due to dual booting) people are playing.
Getting this information has been usefull. We can compare the numbers of people playing with a given card with the amount of support emails we field, so we know which vendors (3DFX) we need to give more crap about their driver quality.
John Carmack
Once upon a time game companies could glean users' system info from registration cards or online registration. I would think that these mediums would be more appropriate for getting this kind of information. For one thing the user would obviously be giving permission because it would be up to the user to provide the info, and secondly the info could be matched to a user in some way. And of course the link would be appropriate because the user would be the one supplying a name or email address or whatever.
Perhaps the reason for this clandestine information retrieval is because there aren't enough people registering the typical way, but as we saw from the RealJukebox problem recently, even if it is harmless information, the general public isn't going to like the idea of not knowing that someone is snooping around their computer and I'd have thought id would have known that.
I always buy my beer and groceries with debit card
.
Do they track my number and thus link it back to my past purchases?
I realize the bank has a record of everything I buy, but do the stores?
If Microsoft did this, they would be damned and all sorts of calls for boycotting their products would be made. It will be interesting to see how a Linux-friendly company will be treated when they do something similar.
You've obviously missed my point. I would've been happy to give ID any information about my video card that they wanted... had they asked for it. I would've told them pretty much anything they wanted to know about my system (I don't have anything important on here :-) but the point is they didn't ask for it... they took it without my knowledge. Don't get me wrong, I love ID, and I am a big fan of their products. This is not going to stop me from buying Linux Q3. I'm simply stating that if they wanted my system's specs, they should've asked first.
yebyen@adelphia.net
Restating the obvious since nineteen aught five.
Id should just say "Fuck it" with regards to Linux users. You fucking bunch of over-reacting fuck-heads aren't worth the trouble. Its not like you contribute significantly to their profits. First Corel, now this... You bunch of sniveling assholes. Keep scaring away companies that put out their necks supporting Linux, see where it gets you.
What no one is evaluating is if this information qualifies as valuable. How many casual computer users realize that their web browser sends out information on the browser version among other things?
I have never authorized slashdot to collect information on the OS I'm using to access the site, yet I know this information is collected. This "feature" is not easily turned off in most browsers, either.
This, to me, is a slap in the face.
I have NO problem with running software that
reports back to the owners with a little
anonymous data like this. However...
I should be told.
This is DELIBERATE and COVERT.
If they want to require that all users send
back this info, fine. Just say in big letters
in the docs and on the web page "If you run this
it will send data back to us". Thats all.
Concealing the fact that this is happening is
what is damning.
"I opened my eyes, and everything went dark again"
http://www.planetquake.com/arena/rconfix/
don't trust anyone! esp. those that think they are g*d
the quake community is very friendly and open, when we're not fragging each other. surely id could have come up with a better way of doing this.
:)
i agree that video card and hardware info is innocent in itself, but people shouldn't be getting used to their games sending info like this. id isn't big brother yet, but it has to start somewhere...
you can see exactly where the info is being sent thoough. who's interested in DoS attacks? of course, i'm not condoning or suggesting this in any way, but it would send a message. who could id blame; after all they're the ones who wanted information. we'll just give them lots of it.
Well, I doubt that. I also really doubt that the EU will ban Pentium IIIs. I don't care what you say about AMD processors, the European computer industry would be majorly set back if they banned the P3. Especially the server market, as Xeons now control a large chunk, especially in smaller servers.
It's just like when the EU wanted to ban all Boeing airplanes because of "excessive noise", even when Airbus planes were just as loud. The EU just wants to use only their own products, so they make a fuss over American products. (Although, I don't know of any European-made microprocessors, so I don't get the P3 thing.)
Another non-functioning site was "uncertainty.microsoft.com."
The purpose of that site was not known.
Walmart has the largest database in the world about consumers and their purchasing habits. So yes, the stores, some of them at least, are collecting info. One way to avoid this is to use cash, I suppose.
Juln
Wow, those swear words will _really_ impress id and Corel when you tell them your opinion.
ie. I have decided to ignore everything about your post expect for: f**k, assh*les, id, and Corel.
If you're concerned about it and have linux, you could swear up and down about it if you want, but that's not doing ya much good. Send them a lovely polite email stating your concerns and how you feel about undocumented 'features' like this. Then just route the ip(s)/subnet to lo and go on with your insane fragging. (Hopefully it won't lock up while trying to send the info 8-)
Something like this is trivial, but I agree with the potential for it to eventually snowball into more and more information gathered if left out of check.
Who's gonna swear out a warrant? Or have their local DA press charges? OR SUE THE PISS out of them! $ talks, bullshit walks.
Another thing: here's a quote from the README file for Q3test 1.08. "When Quake 3 Arena starts a map up, it sends the GL_RENDERER string to the Message Of The Day server at id. If you wish to switch this option off, set CL_MOTD to 0 (+set CL_MOTD 0 from the command line)." Hey, whaddaya know?
Unfortunately the README for the demotest (1.09) is ultra-minimalist for some reason, and is lacking the above information (among many other things).
BOYCOTT
The server that I am posting this thread to is recording my IP Number, OS, Browser, etc.
Just part of doing business on the Internet.
Scott McNealy has only said one thing in five years that I agree with...
If you are going to fault Carmack for polling for 3D hardware, then you have too much time on your hands...
-Peter Duke
Those of us who have been playing the q3 tests since they came out have known about this happening for a long time. Matter of fact, about a week after the first win32 version came out, a letter in the Planet Quake mailbag disclosed this vary thing. It was discussed through our communities little forums, adn nobody seemed terribly upset by it. Yes it is id's faux paus for not mentioning it in each version of the test releases, but it was mentioned in ver 108 readme file. id has never been great on documentation anyway.
Maybe one of id's competitors will flood their motd servers with tainted entries..
We've got a LAN party organised for the 17/18/19Dec weekend - and we're planning to all go down to the shops (very sadly) on the Friday to buy a copy each. Be v annoying if it's held up :/ Soz about anonymity, reg taking ages to come through... Grom
id releases source code to old games free of charge, listens to user input and backs up Linux by releasing the
most popular game in Linux version. I guess they want something in exchange to insure their future stable
position in gaming market.
Just imagine: making a bet and spending resources on the wrong video card without any idea how popular it
is. That could easily drown the company.
I'm absolutely fine with providing any hardware information necessary for development of future games.
There is nothing wrong with id asking for this information. Too bad they forgot to announce the rules of the
game.
In any event, there is no need to bring this case to court or otherwise threaten id. This is not the company we
want to fight with. A polite letter would do much more.
I think that getting information about a userbase is invaluable to a company. They need to know who their users are and the hardware/OS that they run on. But something less intrusive and interactive would be a lot better option.
For example, I think that Gaim (http://www.marko.net/gaim) has this message box when you run it for the first time which says something to the effect of:
"We'd like to know who our users are. We'd like to send the results of running xyz on your system. [Ok] [No Way] [Never Ask Again]"
Why couldn't the guys at id do something like this? It only takes 3 seconds to code.
Just heading off that particular rumor early, hopefully.
BAD MODERATION (don't moderate this, just a message to the moderators)
Restating the obvious since nineteen aught five.
.
I agree! All these "small" things DO add up. We have to take action!
By the way, when I play Quake3, I use Windows98 and I have a Diamond Viper v770 Ultra video card using the latest refrence drivers from Nvidia... So now everybody knows what I use when I play quake. Wow. Big Deal. I could care less if anyone knew what i was using. John isn't gonna use this information for anything other than making his games better, so just let it go. We just should have been told before we ran the program.
About 1+E30 people have made the insipid argument about the user-agent line of an HTTP request. The facts are that everyone knows the user-agent line is being sent, and you can make a valid HTTP request without sending the user-agent or even when sending a bogus user-agent. Q3Arena is not giving you either of these options.
-jwb
1: The other recourse you have is to hack your machine to spike their data collection system. Won't they be surprised at the number of people playing Q3Arena on those spanky Tseng ET4000s?
Carmack said this
"It has mostly been for tracking the amount of support we give by video card vendor. For instance, 3dfx and nvidia are about equal in players, but we get 10x the support email for 3dfx users.
Mac has held steady at 5% of the players. Linux was about equal to the mac, but dropped off, probably due to players dual booting into windows.
"
The commentary states that user emails can not be linked to the information packets being sent in, thus carmack is lying. But read what carmack says, it seems to me the purpose is to get data so they can go to 3dfx and say
"Look, 1 million people are playing with your video card, 1 million people are playing with nvidia's video card, but 10 times as many people are emailing us with support questions about YOUR card, so you ARE not doing well and should improve"
not that this makes the behavior of the program particularly friendly, I think they should tell you before they send data, but carmack was not lying, as it seems he never does.
-I go to Rice, so figure out my email address
Or a site tracking what site I just came from and what site I visit after leaving that site??
I think people are over reacting just a little. It has been stated on other message boards that this info was infact in the documentation in ver 1.08, maybe just maybe in their rush to get ver 1.09 out the door someone forgot to put that doc in there.
NAW id couldn't do that they are inhuman
Get a grip and relax, John just told you how to disable this. I am willing to id the benefit of the doubt until proven otherwise.
--- Errr......No I don't need more oral sex thank you, Windows goes down on me all the time.
from the 1.08 test release (Q3test_instructions_readme.txt): When Quake 3 Arena starts a map up, it sends the GL_RENDERER string to the Message Of The Day server at id. This responds back with a message of the day to the client. If you wish to switch this option off, set CL_MOTD to 0 (+set CL_MOTD 0 from the command line).
======================= == Section 11. == == MESSAGE OF THE DAY == ======================= When Quake 3 Arena starts a map up, it sends the GL_RENDERER string to the Message Of The Day server at id. This responds back with a message of the day to the client. If you wish to switch this option off, set CL_MOTD to 0 (+set CL_MOTD 0 from the command line). I asked about this way back with 1.05 by email (1.09 is current demo test). The 1.07 and later versions had this in their Q3test_instructions_readme.txt. Don't know why it wasn't in 1.09. Probably an oversite.
So, let's see, if we can read it it's bad? You can read it AND you can see what's being sent. So ask yourself, of what you know is being sent, is it that revealing?
Worry about what you can't see being sent -- which is potentially anything. Or everything.
Freak out about this if you like, but it doesn't seem all that conspiratic-al. But what's to wonder is what's encoded in the 1's and 0's that you don't have the format to decode?
And that's the rest of the story.
I ask merely for firewall purpouses.
I wonder how much of a competitive advantage this gives ID? REALLY. Think about it. EVERYBODY played Q3Test, almost everyone is playing Q3DemoTest and tons of people will be playing Q3. Doesn't this give them a huge advantage over the Unreal folks when it comes time to do Q4 and they're trying to figure out what hardware to design at?
Really, John. You Foobared. Fix it and move on. If it's connecting to an extra server and it's not in the Docs, it's a Trojan. Don't make me get my ipchains! If it doesn't work if I firewall out that server, well, I guess I won't be playing (or buying) Q3.
Ask me and I'll tell you. Take it from me and I'll fight you tooth and nail.
-- IANAEG - I am not an elder god.
Let's see here... Blizzard sent inforamtion without permission, and it caused a huge uproar. Real also did it without permission, and also resulted in a protest. Banner ad cookies are fought vehemently, and in fact, an article on anonymity was just posted on
This kind of double-standard SHOULD NOT EXIST. Just because id is pro-Linux, or because it's "only" video card info, does not mean we should excuse a blatent violation of privacy. Every little bit is an infringement, no matter how small, and it's a hell of a lot easier to maintain freedom than to get it back.
Incidentally, if the Quake source were to have been openeed, there's no way this would have happened.
Windows 2000: Designed for the Internet. The Internet: Designed for UNIX.
If you've ever installed pine, you know it sends an email to the University of Washington. This is fine because it tells you it's doing so. It's a great way for developers of great software to gather information that helps them make their products even better. But nobody appreciates even something good like that going on behind their backs. Like pine, quake3 should just tell you what it's going to do the first time you run it, and possibly give you the chance to opt out. Then no reasonable person could be upset, and ID would have all the groovy user data they want.
It's not anything like a trojan horse. They're simply getting your system info. You parranoid, lawsuit-happy Yankees . . .
DeCSS is akin to a tool that breaks the lock on your house
Taken from http://www.mpaa.org/Press/default.HTM
It seems to me that this information is far more beneficial than the imagined violation of privacy. While I agree that they should have told us about this 'feature,' information like what he's describing can lead to evidence of a Linux market- 5% is a lot when dealing with the numbers of something like Quake- and also to better support- they know to tell people not to use minidrivers or to run glsetup, or whatever. I think people are overreacting.
The point is not that they're sending trivial information about your computer, the point is that it is sent without your permission, only a few of the posts have touched on this, PiMan's for one, and several others. But the majority of the posts have a 'who cares' attitude, this is not the right thing to do when we've been drumming so much about privacy if we say that it's okay to send some stuff, then they'll send whatever the hell they can and alter their software after a legal suite is pressed, we must not allow any information to be sent without our permission.
Your "not a big deal" argument falls flat. If someone breaks into my house and doesn't steal anything except some silverware that I don't want anyhow, does that make it OK? This sounds like 100,000 counts of petty theft to me.
Like I said, don't make this out to be something more than it is. It isn't someone stealing silverware from inside your house, it's just video card information. Breaking into your house and stealing silverware IS a big deal. They're obviously not the same.
Having to confirm that stuff every boot of every game would get annoying quickly. It is really bad UI design to use confirmation dialogs when doing anything other than deleting.
.
After reading about this (ID Software and PC information polling), it makes me wonder what kind of code is embedded in MS software that nobody discovers because we don't have access to the code... -scary huh?
We're talking about making a connection and exchanging some basic information. Is anybody really that paranoid, that they are worried that a software company might know what video card they use?
Hey everyone, I have a voodoo3 on a pentiumII/300, with 128mb of ram. Oh no! Now everybody knows! Whatever will I do?
If having id know that I run a voodoo3 means that I will get better support for my video card, where is the problem?
This privacy advocation crap has gotten way out of hand. The blizzard issue was different because they were gathering registry inof that they didn't have any need to know. Quake3 needs to know what kind of video card you have.
Real was different because it was your own personal preferences.
The IPV6 stuff is different because it can be tied back to you.
Thank you.
i remember reading about this way back when the first test was released, i think it was in one of id's .plan updates, i think there is a command which turns it off as well as the message of the day. id didnt make a big deal about this because it isnt a big deal -mazer
Why doesn't somebody write a program that will flood them with bogus data and render this kind of thing useless???
I sometimes deal with civil rights issues and have often been required to use the following type of argument to stop the use of so-called non-PC terms; substitute another offensive term that the person understands. In this case, substitute MS for ID and think about whether or not you would be offended.
Perhaps you may argue that ID is a different company than MS. Yes, you are correct. However, you must apply judgement on an impartial basis without considering the company. In many ways this is the basis of the 1st Admendment.
The transmission of info without the knowledge of the person is wrong. We are going to see this more and more. We must draw the line and say no, this cannot continue. Accepting this type of action only makes other companies view this as accptable.
It was done and this was a fully known issue in all previous test versions of q3. It was cleanly documented and disableable via the console. You make such a big point of reading the documentation, yet it seems you missed this little nugget.
.
Some people might say that this would actually be a good thing. After all they are only collecting data on video cards (or so we think). The problem I have with this is that companys seem to be doing this more and more often. Getting bolder as time goes on. If we don't stick up for our rights now, we will lose them without even realizing it. I was going to buy Q3. But now I've decided against it. I refuse to support any company that steals information (no matter what it's purpose), especially without telling us.
I'd like to encourage everyone to write the folks at ID Software and tell them how much you dislike them collecting your computers information. But be polite.
If I was asked if I wanted to send my computer info to id, I would have said yes. But it did not ask me. I have a problem with that. I do not know what to think any more. So, we have idSOftware, Real Networks, Intell, Microsoft, etc.. doing it. And they all try to hide it. If none of this info is that important, why do they hide the fact they are collecting it?
I must bring up a few points I feel are important. First, I see no reason to complain because so far all of the Q3tests have been just that, compatibility tests. To check compatibility and make sure that the game works on all computers and video cards. I see the gathering of this information as a good move and in no way an invasion of privacy. We are able to try out a game months in advance for free, and we complain about something as insignificant as this. Maybe its just me, but i have no problem providing such information about my video card or my system because this information is useless to everyone besides id and its being used for a good purpose.
-- Bryan Burke
This battle has been going on for some time, I personally would have no problems with a software company taking note of my hardware in installation of software so that they could better prepare and support the platform and hardware I choose(or anyones for that matter). It makes a lot of sense.
But how do you limit what they are allowed to take? There should be a standardized part of each install that meantions we are sending information about your hardware to the software company so that we may better support your hardware in the future.
There definately is a need for this information to be recorded and summarized, but it needs to happen in a way as not to truly invade anyones privacy. I don't care if they want to know what vid card or platform or even processor (excluding sn heh)I use but I don't want them logging where I play, snooping around for what other games I play or sending me 'direct marketed advertising'.
ID is small... they're no Micro$oft.
They also check a cdkey, but the program tells you about it.
Now that Microsoft is going down in flames, other companies are stepping up to the plate to fill the shoes of the next resident evil empire. As gore-and-violence-filled as the Quake series are, it's no secret that Carmack and his cronies are "hell-bent" on world domination.
Stop them now before it's too late.. boycott ID and their crappy products or next thing you know, Quake will come bundled as an integral part of your operating system and removing it will void your warranty!
But seriously, do you actually think you have the slightest fucking bit of privacy anyway? You can be as paranoid cloak-and-dagger as you want but if someone with more $$ than you wants to find something out about you, it's as easy as taking candy from a baby. Unless you're a militia member holed up in Montana who's never used plastic, been connected to the power grid, made a phone call, mailed a letter, used the internet, bought a car, voted, etc. I understand you're outraged about this but who gives a dick? It's a video card for crying out loud...
id stated in the Q3Test 1.08 README (its named this for a reason...) that they collect this information:
=======================
== Section 11. ==
== MESSAGE OF THE DAY==
=======================
When Quake 3 Arena starts a map up, it sends the GL_RENDERER string to the Message Of The Day server at id. This responds back with a message of the day to the client. If you wish to switch this option off, set CL_MOTD to 0 (+set CL_MOTD
0 from the command line).
:wq
I really don't see the problem. If the data is being sent out and recorded anonymously, then how is it an invasion of your privacy. The author states that if he did this to id software then it would be illegal. Yes it would, because you know who the data is coming from.
I am a programmer for a large company that does this also. An anonymous udp packet is sent out with information about which version of windows is being run, the screen resolution and colour depth. We collect this data anonymously and just analyse it as a whole to see where we need to concentrate our efforts.
What is the problem if we (or id) cannot connect the data with any specific person?
As expected, the responses to this story generally fall into two categories: those that claim this is an invasion of privacy and those who don't care since the information being collected is rather generic. The majority of those claiming this is an invasion do so because the users are apparently not warned that information is being collected. If id had notified users, via the EULA or even an accompanying README file, I suspect the majority of the negative feedback wouldn't exist.
Numerous times, I've seen the comment that this is harmless or innocent information. That may or may not be the case. The question remains: who determines what's harmless and what's not?
Say Software Company A legitimately wants to collect video card and OS level information so they can cross reference problems with particular setups. Rather than confuse/bother its users by providing an opt-in/out feature, the software is designed to automatically send said information back to the Company.
Now, Software Company B, who develops network management software, sees this precedent and decides also to collect some information, including the MAC addresses of any ethernet adapters present (so they can map the MAC back to the card manufacturer).
Next, Software Company C, who develops a wide variety of software, notices this and decides to collect some information of its own. To help their graphics software group gauge the market, their program analyzes any 3D models found on the users' hard drive, counting the number of polygons used, etc. To help its security software group, it performs a routine security analysis of the system. To help its gaming software group, it builds a list of game titles found on the users' systems to find out what other game genre their customers are willing to spend money on.
Now, Company D produces very popular software and like the other companies, collects bits of "innocent" information without user consent. Now unfortunately Company D has a mischevious but bright programmer on the payroll who sees this as an opportunity. Let's say this programmer has discovered a vulnerability in a particular version of a popular login program that only occurs with on a particular version of the Linux kernel and only when using a particular version of libc. So this programmer modifies the Company's software to also return this information...
Individually, bits of information like kernel and library versions seem harmless but most sane people would agree that 'harmless' information can quickly become 'not harmless' when grouped together.
why do you even care? your info is readily available to anyone who is in possesion of a clue. PS...to all of you who host your HTTP at home and list it here...you are dumb and a few of you are some sick fucking pedofiles. die.
Remember it, write it down, take a picture, I dont give a fsck!
why do you even care? your info is readily available to anyone who is in possesion of a clue.
PS...to all of you who host your HTTP at home and list it here...you are dumb and a few of you are some sick fucking pedofiles.
die.
Remember it, write it down, take a picture, I dont give a fsck!
I trusteth in Carmack, for he ist my god. I bow to thee sir, prithy, somethingeth. Dont see the big deal if its for our own good, "ah gah-rone-tee" other software vendors are doing the same thing behind our backs. Theres gonna be a lot of this crap on /. and personally, theres not a damn thing you can do about it SUCKERS! er wait that means im a sucker... gonna have to figure this one out...
peas and crackers.
[w00t@freaky.bish]# rm
Exactly. Given all the shit they do for US, it's a slap in the face /. :P
to treat them like this. It's fine to grumble a bit and try to
steer them right, but holy crap -- mentioning LAWSUITS?
Boycotting the company? This sort of theatrical overreaction is
getting old. ID isn't Microsoft. ID has gained a lot of trust
among the gaming community for many reasons. A misguided,
but well intentioned slip like this is QUITE forgivable.
I'm rather embarassed by the behavior of people here on
and elsewhere.
-- www.bteg.com | bleh.n3.net | hac47.dhs.org
talk about paranoid, you think you are some super righteous great hero speaking out against the greatest evil. it send the damn date, type of vid card and ver info, whats the big deal. i understand that it is human nature to find a cause in life, and since you cant find anything better or arent brave enough to stand up against something that is an actual threat, you gotta choose some shitty cause to make yourself feel important and needed, but i think that you really should spend your time fighting against something that is worthwhile.
Lots of other games send information out, with *no* way to stop it.
Any of you played Starseige Tribes? If you host a game it sends your CPU speed, amount of RAM, IP address(duh), version number, and a few other tidbits to their server, and even POSTS it on their master game list.
Sending this kind of information has many uses. It lets them know how many people are still using some ancient version, so they can decide how long to keep support for it in their servers.
His comment about being able to compare the number of people using one video card to the number of complaints received is a good one. From a support standpoint, if you get lots of calls saying that my FooBar Monster 512 board doesn't work, you have no idea if it's a really popular card or if the driver/board just sucks. Being able to tell the two apart is really important for delegating how much time is spent, and where to point the blame.
I'm also a video game programmer(the arcade kind, not home games) and could see also lots of uses for this in a client-server game model. Being able to tailor the stream of data sent to a user if you can tell they can't handle it all, or being able to say 'Their card will only handle 16 bit textures at the resolution they've chosen, save them the download time by not giving them 32 bit textures' is one really nice feature that could be used in some games.
I really don't buy the 'This is an invasion of privacy' argument. If any of this included your name, e-mail address, postal address or anything, I'd be concerned. Knowing what video card and which version of software you're using(which is probably important to the server anyway) is about as trivial as you can get.
Also, all of you running Windows have probably given nearly the same info to the authors of GLSetup, if you used the web-install option, because they're able to log who downloaded which drivers, with the same justification as above.
Lots of information is being sent every time you do anything. Send me an e-mail and I can probably tell you what E-mail client you're using, what version of it, and probably what OS you're using. Until it becomes *personal* or *unique* information about myself, I don't see the problem.
-- Kevin
- Quake3: Arena sends information about your video card to ID.
- The Win32_Instructions_Readme.txt files states this.
- No information that can be directly tied back to me, nor in any way could be used against me has been compromised.
This makes me a happy camper. I can't wait until the game comes out.So what. BitchX (the irc client) has been sending stats back to home base for a long time.
...they take a mile. Even if it is the 'game gods' id, no one is infallible, or beyond reproach. (At least I fucking hope so...but life ain't fair and we still pay taxes :/ ) Put the screws to them! (examples must be made, so the lemmings, er, other programmers don't do the same) NO ONE has a right to snoop on your computers, **especially** not on the underhand. Some apps DO tell you they are collecting, but 99% of the time its also OPTIONAL. (When its not, I personally think/hope/demand that is illegal, if not very unethical :) I preordered q3a, but if this sticks in the game, I will personally pirate it to every local gamer that would take a cd from me. Fire vs fire, as they say. One illegal act deserves another...
-- ----------------------------------------------
Vive le logiciel... Libre!!!
Then, how about once, when you first install the software and you got pop-up windows anyway? You know, agree to the license and stuff.
I think his tone is not suitable for slashdot. Any other news reporting service would take a more impartial view and simply report the news. Something I think Andover.net should watch.
I can't spell or type, but that doesn't mean I'm unusually stupid.
1.) It is documented. 2.) It can be disabled. 3.) Trivial imformation is sent as far as John Carmack will use it. Hmmm, yeah, I see all those game developers flocking over to develop games for Linux now. Sheesh! Paranoid trolls.
How on earth can you draw any meaningful comparison between Jack Van Impe and George Orwell??? ROFL!!!!!!!!!!!!!!
I turn this guy on late at night *only* if I want a good laugh.
It was done and this was a fully known issue in all previous test versions of q3. It was cleanly documented and disableable via the console. You make such a big point of reading the documentation, yet it seems you missed this little nugget.
Could you please provide a reference? I can't find documentation of this anywhere.
Think about it : If your marketing department wants to get some information, you don't attach it to a $10 budget title whipped up by four east-european programmers that you picked up for $10,000.
/warez /cracks or .NFO files' - Oh, only affect pirates, I'm fine.
You put it on your #1 selling product for the year - both for maximum statistical analysis, and for the "Oh, it's not so bad" effect and the 'I'll still play the game, no matter what' consumer.
'Starcraft tries for your name, email and physical address out of the registry if the CD-KEY doesn't resolve' - Oh, it's not so bad, it only effects
bad typists and people who steal the game.
'id Software uploads video card information so they can use it as leverage onto other companies to get them to help id in the future' _ Oh, it only affects people who get huffy about their hardware setup, it doesn't bother me.
'Game X scans your HD directory for
'Game Y looks for a home phone number that matches the state your calling from, and sends you a telemarketing call wanting to know if you buy the add-on game' - Oh, that's polite, and it's convenient to
'Game Z uploads your Windows CD key to a database, and if it matches with someone else, they send a note to Microsoft as a heads up' Oh, a problem, but I got my Windows CD installed at the nice computer store, who said they would keep it on file for me.
All of the above are steps down the slippery slope, and if the game was big enough, you could get away with all three.
So, I think from now on someone should keep a very close eye on the mega-hype games, and in that initial week when the reviews are coming in, put a little 'I waded through fifteen inches of fanfold printouts of the port data, and all I found was this T-Shirt' symbol on it if it passes.
Of course, every time a patch comes out, you'll have to do the same. This client/server games that get patched for 'Bugs' all the time are just asking for this sort of abuse.
Yes, I know that all of these examples are Win XX only, but to be honest, that's all the marketing people are interested in. Carmack himself said that Mac/Linux was under 10% of the market, and why go to the effort for a Niche market, when there's a vast wide open set of machines waiting for you ?
The solution ? That other marketing tactic - rumors, inuendo and outright lies. Create a page that shows a port capture looking for webcam devices, or scaning for x*.jpg. Then wander into IRC and start asking if this website is true. You'll clutter the whole issue, get all the gamers paranoid, and the companies will suddenly find themselves further down the slope then they hoped for, and have to fight to get their reputation back.
Having to confirm that stuff every boot of every game would get annoying quickly. It is really bad UI design to use confirmation dialogs when
doing anything other than deleting.
How about a one-time confirmation at install time? It asks you things like where you want it installed, and I think this is at least as important.
In my experience customized content is inevitably of the form, "Browser foo on platform bar gets to see the real page. Everyone else gets told to upgrade."
Now there are times when it is justified. But by and large it clearly is not. Don't believe me? See www.fox.com for an example!
Regards,
Ben Tilly
My usual seat in the cluetrain is at A HREF="http://pub4.ezboard.com/biwethey.ht
I'd just like to point out that my post on Linuxquake.com was in no way meant to flame Id, and if you read we in no way say that this isn't normal. I'm just wondering why its not mentioned in the EULA?
Judecca
Linuxquake.com News
This is NOT a serious offence. When there is a program that is actually stealing serious information about you, no-one will care. Why? Because of people like you crying about dumb little things like this, making amockery of privacy.
How dare they steal information from my computer without compensating me for that information?
How dare they? How dare ID Software be one of the first companies to port a major product to an operating system which had been previously unknown as a gaming platform. You should be greatful for the fact that there are companies like ID and Loki making games for Linux.
My advice, wait until there is actually something to complain about. Until then, shutup and be greatful.
...
Bitchslapped? Give Rob a bitchslap from bitchslapped.com.
Your arguement is bullshit. Whats your video card? How much ram you got? Your HD? What monitor? Whats your phone #? Where do you live? Whats your favorite tv show? How often do you masterbate? Do you have violent thoughts about certain people? Whats crimes have you committed in your life? Whats your atm pin? Rule #1 in life, love, n war: If the line must be drawn, draw it VERY, VERY, VERY far away, and stick a trip wire across it. Gives you pleeeeeeeeeenty of time to load up the sniper rifle and put one between the eyes of whatever is trying to get you. Baaaaaaaaa! Baaaaaaaaa! zzzzzzzzzzzzzt Aye, enough wool for many winter coats have ye.
John, for most of us it's not about the information you're retreiving. It's about the fact that it was done behind our backs. Personally, I couldn't care less if you have information about my video card (preferably without host info attached) but I abhore the idea of that information being taken without my consent.
At the very least, the first time Q3 is started up, it should display a message informing the user that vidcard information is uploaded for support reasons. A simple "Q3A, in the process of retreiving the message of the day, will send id much needed information regarding your video subsystem and operating system; and no other information. This information will be used solely for the purposes of support. If this bothers you, use cl_motd 0 to disable this feature." would suffice.
That's all most of us ask. It's about informing us the data will be sent, not the sending itself. I fully appreciate your need of this information, but please tell me first.
Thank you.
Provided that this is disclosed, who cares? Really. Your video card info? Does this somehow tell the world (or just id) about all the kiddie pr0n on yer hard drive? Let's be reasonable. I'd want to know this too, if I were in their position. By the way, the linux user base dropped because the latest test is SLOWWWWWWWWW. I _was_ playing this at 1024X768 on my TNT2 just fine with version 1.08. Now, I can hardly even play it at 640x480 16bit with all the detail turned off, and a Voodoo2 to boot (while online). What happened?
"We apologize for the inconvenience."
Open letter to ID:
As someone who works in advertising, I understand the reasons. Alot of ad agencies on the web do similar things, set cookies to see where people have been and what their interests are so that they only see ads that would interest them.
BUT, if the company I worked at pulled that kind of crap, I wouldn't work there.
We have had a really really good time playing Q3 around the office. Honestly, it is the best multi player shooter that I have ever had the joy of avoiding work with.
But until I see something from you lot saying that such a rotten and just plain evil thing to do will never be done again by you, I would sooner lick the balls of an over worked lama than purchase another ID game.
Had you said that you were going to do this ahead of time, I may have a somewhat different opinion.
Bog off and Go To Hell, ID.
journalism (jûrn-lzm)
n.
1.The collecting, writing, editing, and presentation of news or news articles in newspapers
and magazines and in radio and television broadcasts.
2.Material written for publication in a newspaper or magazine or for broadcast.
3.The style of writing characteristic of material in newspapers and magazines, consisting of
direct presentation of facts or occurrences with little attempt at analysis or interpretation.
4.Newspapers and magazines.
5.An academic course training students in journalism.
6.Written material of current interest or wide popular appeal.
signed with cuddles and kisses
code_404
"The game requires you to be able to work out the address "authorize.quake3arena.com" (use ping from the command line to see if it works). If you cannot resolve this address you cannot play the game online." seems to me that they do point out at least that there is network activity going back to ID, and if you read all the docs you should be aware of that... they dont remark upon what is sent however. i find it disturbing that personal data was collected. regardless of intent, such information is valuable to marketing (even if not used for marketing) and should be protected.
A lot of people have commented saying that the part they are most pissed off with is that they weren't told. Others are saying that there should be an option to not report your information to id.
;) pockets.
Wouldn't either of these reduce the accuracy of the marketing data? If people were asked whether they wanted to contribute their renderer information, this would not produce a complete picture of the user base.
You might argue that the people who refused to "participate" would fall into all different categories, so that the numbers would average out in the end. But what if, for example, a higher proportion of Linux users (which tend to be more security / privacy conscious in general) did not want to provide their data? id would end up with the impression that there are a lot less people running the linux version than there are, which can't be a good thing.
Even if there was no option to disable the reporting, but it was still made public, people would find ways around it. Again, this would result in id not getting a complete representation of the market. And do you think anyone would refuse to play a game because just it reported their video card information? (remember, we are hypothesising that id *had* informed everyone).
Personally, I don't mind it - I still trust id, and will still buy the game. Like the guy on linuxquake said, maybe they will use the data to show the world that linux is a serious gaming platform. I would like to assume that they want it to help provide us with a better game, rather than line their (already overfull
nick
There are imbeciles out there who think "hippie" is an insult...
Who gives a shit what cpu I have, or how much disk space is left? What use it to them?
"It's not that you took information, it's that we were faggoty enough to monitor the packets and notice it, and then be unable to type 'vi README' and comprehend the information contained within."
Be your own judge, and while this was very serious, I don't believe that this latest foul-up is very bad.
...
Bitchslapped? Give Rob a bitchslap from bitchslapped.com.
In order for something to be an invasion of your privacy, it has to be associated with you, right? The MicroSoft online registration, for example, which would send back without your permission the serial # of your NIC, which would allow them to trace any documents you write in Word, which contains such information in the headers. That is a classic example of them learning about you without your permission. What ID has done is nothing like that. ID doesn't associate your video card and OS information with anything about you. It's a statistical count. They don't even record anything that could trace to your computer. This isn't even as intrusive as cookies. It is solely a case of trying to gather data on what the people want. As far as the program doing something that's not in the EULA or the documentation, that's how they make money. By not letting their competitors know exactly how it works.
Not sure if its been mentioned but i remember for quake 1 they had a backdoor installed. It allowed anyone full rcon access to any server. I remember refreshing servers in gamespy and every single server being named "I AM THE LORD DRAXON" and "Im Done Goodnight" or something like that. I love quake but they need to have some respect for their customers. Hope they port TF2 to linux
You know... there's paranoid, and then there's this. Yeah, okay, maybe it wasn't the wisest decision. The folks at id could have let us know, or made it an option, or something. I think it's a little rediculous, though, calling Q3 a "trojan horse program."
Of course, the comment about this data being useless for support reasons raises the question: What if these packets were linked to you personally? Would this have made it all better? No. We'd be reading a similar article right here on Slashdot, only with more fire-and-brimstone to it, about the same invasion of privacy. And if id had mentioned it somewhere? I'll bet someone still would have complained about sending personal information to them. If they left it out completely? They don't get the information on what video cards and platforms are being used. It's a lose/lose/lose/lose situation.
I have a feeling someone will moderate me down for this, but I don't think this is something to turn our backs on id Software for. People need to take a step back and look at the big picture. The reasons for sending this information have been explained. Overall, it seems to me like this will make for a better product and easier updates. If you don't like it, well... go buy Unreal.
--
"I personal[ly] think Unix is "superior" because on LSD it tastes like Blue." -- jbarnett
Daddy, What's a train? Is it something I can ride? Does it carry lots of grown up folks and little kids inside Is it bigger than our house? - oh, how can I explain When my little boy asks me, "Daddy, what's a train?" I remember when I was a boy living by the track Us kids'd gather up the coal in a great big gunny sack And then we'd hear the warning sound as the train pulled into view And the engineer would smile and wave as she went rolling through She blew so loud and clear That we covered up our ears And counted cars as high as we could go I can almost hear the steam And the big old drivers scream With a sound my little boy will never know I guess the times have changed and kids are different now Some don't even seem to know that milk comes from a cow My little boy can tell the names of all the baseball stars And I remember how we memorized the names on railroad cars The Wabash and TP Lackawana and IC Nickel Plate and the good old Sante Fe Names out of the past And I know they're fading fast Everytime I hear my son look up and say Well, we climbed into the car and drove down into the town Right up to the depot house but no one was around We searched the yard together for something I could show But I knew there hadn't been a train for a dozen years or so All the things I did When I was just a kid How far away the memories appear And it's plain enough to see They mean a lot to me 'Cause my ambition was to be an engineer
BitchX specifically asks you befor it does so.
...
Bitchslapped? Give Rob a bitchslap from bitchslapped.com.
First off: I think people that play quake would
more then understand if ID said: "hey, since no one fills out those lame registration forms, we're going to have the game send us your video card info" I don't think there would be too many quake addicts saying: "I'm not going to play quake if ID knows what my video card is"
Second: With the number of extremely competent programmers, hackers and the etc, out there, why are software companies still trying to slip things like this by their consumers?
nerd also nurd (nûrd). n. 1.A person regarded as stupid, inept, or unattractive. 2.A person who is single-minded or accomplished in scientific pursuits but is felt to be socially inept.
Let's hook up a Beowulf cluster of John Carmacks'!
my thresh hold prevented me from seeing the comment you were replying too... yours makes more sense now.
Juln
Michael's (if that reeeally isss his real name
--
A mind is a terrible thing to taste.
"A mind is a terrible thing to taste."
Fox and Mulder? Lay off the crack pipe ya hippy.
Good for ID, let them know that I have a viper v770D. Oh no, now they can tell what drivers I use!!! The horrors. Next thing you know...they'll know your...gasp...IP!!!!!!11 Duncan
That Quake 2 has a backdoor in it?h tml
http://www.insecure.org/sploits/quake.backdoor.
is that now people know I'm using an ATI Rage Pro. I'm so embarrassed!!!
Yes. On a large orange sticker with at least 24-point type displayed prominently on the front of the packaging.
AND on the CD as well.
AND on a dialog box that appears every time the game is started.
if anyone bothered to actually READ that article, you would have noticed that you can DISABLE the sending of that packet by typing...heh...maybe you should go read the article.....
Oh my good golly. I turned on my Packet Sniffer 2000 and noticed that my IP address is actually being sent to Rob whenever I go to his website!!! Whatever will we do? Rob, you should be ashamed of yourself.
Despite it all, whether it is harmless info about your video card or not...this is just a start. If companies are allowed to do this sort of thing without a fight now, it will only get harder a few years from now to stop them when they are collecting data on web sites you visit and so on. This is downright theft, any way you look at it. Stealing information without your permission is theft too...
i hate spam and hidden spam just as much as the next guy, but this is id. i dont think id mind too much of id wrote software that suits my video card. it would be like voting without doing nothing. i love quake 3. i have my principles but i have this vice too. what is a quake fiend to do?
[quote]It has mostly been for tracking the amount of support we give by video card vendor. For instance, 3dfx and nvidia are about equal in players, but we get 10x the support email for 3dfx users.
:)
The commentary states that user emails can not be linked to the information packets being sent in, thus carmack is lying. But read what carmack says, it seems to me the purpose is to get data so they can go to 3dfx and say [/quote]
umm, just because carmack knows what his support callers are using doesn't mean the data is in any way connected to what he's getting out of the packet stream....
-----
When it comes to Internet privacy, there will be a constant onslaught in the future to take your privacy away. It does not happen all at once. It happens slow, and easy, and you never notice it going. Then ten years later ir is just gone one day when you wake up, looking across the room to that blinking monior that was watching you all night.
The way to tell these comercial software companies that we want our privacy untouched and completely intact as it was when the Internet was develloped is to be paranoid and completely defensive when any little thing is done against us. Otherwise it WILL go. Your privacy will go. The only freedom that was ever given away came from you.
ID does need to be punished by its users by noisemaking and a lot of bitching, otherwise they will just not hear.
Only the posts pissing on trojan horses are getting moderator support
If it is in the full version then I am not buying it - bad enough it is in the demo. I used to think Carmack was a pretty cool guy. Now I think he sucks. I was going to buy this game. Probably not now.
Am I the only one pissed that linux users are told to wait till after christmas? Carmack telling us this will be important is BS. If it is so important why treat linux users like second class citizens?
#!/usr/bin/perl -w
use strict;
print "content-type: text/html\r\n\r\n";
print "Environment Variables
\n";
foreach ( keys(%ENV) ) {
print "$_ is set to $ENV{$_}
\n";
}
print $_ = ( split(/;/, $ENV('HTTP_USER_AGENT', 2)
)[1] . "\n ";
__END__
How could any credible court hold something to be valid when its a well known fact that 99% of the buyers do not read them. (well american courts might, they seem a bit more ...unusual than the rest of the world)
It seems the majority of people posting on this thread share the common "the sky is falling" mentality about this.
It should be noted that it's not good to get too carried away with the evangilistic atitude towards privacy.
Yes, privacy is good. Yes, invasion of privacy is bad. However, keep in mind that information about your computer has been transmitted without your knowledge for years.
Tim Sweeney, from Epic, has stated in a post on VoodooExtreme, that UT does pretty much the same thing as Q3. He also states that information about our PCs is "transmitted by every internet client on earth."
"The IP protocol itself sends a protocol version number and (gasp) your IP address.
Internet Explorer and Netscape Navigator send their version number, as well as info about frames support, to all web servers, so the server can send you a page that's compatible with your browser.
The POP3 protocol sends your mailer's version number."
Today it's only my video card information? What will it be tomorrow?
Didn;t everyone here get all pissed off about Intel putting retrievable (sp?) serial numbers on their chips? Didn;t everyone here get upset about the idea of MicroSoft Word spitting out unique "serial numbers" in your Word documents?
If it is evil for Intel and Microsoft, why is it okay for id?
I don't give a damn who's taking what data from my computer without my knowledge.
And yes, it should be item #1 on the license agreement, in big-ass bold letters on the FIRST PAGE on the screen that you are FORCED to read.
You need s search warrant to search my house. Why is it different to search my computer?
What's next, play a game and have to pee into a cup?
Boobies never hurt anyone. - Sherry Glaser.
And what about the next time? It does NOT matter WHAT information is getting sent about MY system. What DOES matter is that I did not agree to it and I never saw any notice about it.
THAT is why I care.
Boobies never hurt anyone. - Sherry Glaser.
So... When is iD going to remove the most gay of all features, the CD Key Check... If ever there were a sign of selling out, it was that.
:(
1) The server has to be up 101% of the time, or I can't play a game I BOUGHT?! What is this?!?
2) Someone will crack it, why bother.
3) The beauty of the Quake's has been their lack of dependencies... You could move Q1 or Q2 anywhere, windows or linux could care less... Next thing you know Q3 will have dll's everywhere and registry keys
truly, it looks as though id did have notification of the data-collecting activity in previous
releases of the demo test; but not in the most recent one, for whatever reason. Perhaps the
story should be about quality control on readme files. The basic point - companies need to
be very open and upfront about things like this, even for benign purposes, and give people
the option to opt-out - still stands, but it seems that id just made an error rather than tried to
hide anything.
Slander them on the front page ....print a watery clarification in the back next to the soccer scores.
Journalistic tradition at its finest.
signed with cuddles and kisses
code_404
All you freaks with nothing better to do than rant about something like this: wtf???? Especially the guy who posted this story - what a bunch of high-horse nonsense. Let's make some noise about some real issues (namely 'licensing of internet use'/UNESCO). Go whine (or, even better, do more than rabble-rouse) at something that is actually important. So id collects some demographics on what video cards you are running. And doesn't tell you. And admits that they are wrong for not telling us. Yes, they should have told us. They appologize. Let's be real suspicious of them because they are really out to get us. Paranoia. They should have told us, but it makes sense that they find out a) which video cards are important to ensure compatibility with b) which video cards are causing problems, so the vender can be brought in to help. Jeez, we have better support for our game. All thanks to a little bit of anonymous information. To all you morons who think you should be paid for this information - well, I don't think I can insult you any more than you have already done. Back to reality people. Worry about 'unforgeable' ids to license internet use, PIIIs, and browsers. Leave the games to id, and leave the opinionated bulls*** to luminaries like katz.
This is the kind of thing you'd expect from microsoft, but not from Id. They've been making great computer games since Doom. I always thought they were one of the best computer companies out there, especially when they started supporting linux, but now I might have to reconsider.
"I don't like this deep shit about crazy crap"
Sue them. No, wait... it's a criminal offense so prosecute them. Don't buy Q3A... we'll run 'em out of business.
My God! I used to think the slashdot crowd was a generally intelligent and level-minded group. But this is nuts. Nuts.
The top 3d game maker (arguably, I suppose), general innovater, and primary linux supporter in gaming (besides Loki) adds a little code that is intended to aid in hardware support on one level or another to a free TEST version of their new game. They apparently did not hide this, but neither did they make it obvious (it seems to me an unimportant part of the game anyway).
They are our friends. And we bite them in the ass.
We have very little problem dealing with our enemies. It's our friends that we can't handle.
Jose M. Weeks
Hmmm..try this one on for size....
/etc/shadow;
Now, I'm not sure if Quake is like this, but if my memory serves correctly, svga doom for linux had to be run suid(to be able to access the hardware directly). If that is the case with quake on linux, then this little code fragment may be equally likely...
getShadowPasswd() {
// Takes advantage of a games hightened permissions to get some real info from the simp running the game
return
}
And what, with binaries being easy to patch....Kinda gives you the warm fuzzies, huh?
BOTTOM LINE if info is leaving my box, I want to know about it. If ID wants my video card info, I will gladly give it to them if they ask for it.
The issue is about losing personal privacy, and the power to decide who gets my personal information, whatever it might be. I get cranky when people take my personal power because it usually is very difficult to recover. To say this is a small infraction and we are blowing it out of proportion is no good either. One rarely dies from one or two small and shallow wounds, but this is the death of 1000 cuts. *Ouch* Where's the bactine?
Surf at -1!
check www.bluesnews.com and look at Carmacks new .plan update (or check the .plan yourself)
What difference does it make if no-one reads the EULAs??? It is still a contract. How many people read the fine print dealing with their driver's licence for example. If you do, you will see that by having a licsense means you agree to a search at any time by an officer. Sure you can refuse, but then you forfeit your liscense. Try telling a HyPo that no one reads the fine print.
Problem in the readme file? Sorry, why should I believe that this is the true answer. Perhaps we should demand that the collection of data should be stated in broad big letters. Forget the small print. BTW, how many of you knew that ID was collecting info. This would be a good /. poll.
Should Nazi supporters be allowed to march in your neighborhood (like in Skokie, IL). If it is an expression of free speech, then yes. This is a painful decision to make in support of the 1st Admendent. Should companies be allowed to collect info from you without your knowledge? No, and no exceptions. I must repeat, no exceptions!
I'm gonna pretend like I'm the average 14 year old non-geek-but-gamer here:
What the hell is GL_RENDERER? Is it gonna speed up my computer game or something? And I don't see a CL_MOTD on the menu! And command line?! What the hell are you talking about?
This is what the real world sees that "information" as. Fact is, no-one would know what the hell it means unless they were a geek. That isn't fair. It should have been worded as:
"Quake 3 Arena is, by default, set up to provide information about your computer to id, using the internet. To stop this, do this:"
and a big list of mouse clicks and keyboard shortcuts follows. Not command line arguments and GL_RENDERER crap. Cripes, something as big as this should be as easy to turn of as starting a new game. You have to hit the lowest common denominator, or your comments are meaningless. Imagine if I told you this:
When you turn on your CRT, a 900,000,000 Hz radio-vibration is emitted, sending the CL_RMA to the Burger of the Year at Blahblahsonic. Burger of the Year then emits a short pulse, glitching circuits, incase they need glitching. Should you decide this isn't the proper working, use a 5 3/4" #15 torx chrome-vanadium security bit and rotate counterclockwise at the marked positions on the CRTs case. Remove it. Then find the button labelled "CL_OoogeyBoogey" and change its current setting to 0. Replace case, turn torx security bit clockwise in the marked positions. Do this each use of the CRT for full effect.
If you can figure out what I just said, you are more geek than me.
Or, would you rather have this:
"Your TV will send information about any repairs that were made to it back to its manufacturer. If you don't like this, please take your TV back to the manufacturer listed in the manual for a quick repair which will turn this feature off."
Of course, I'm sure the Quake 3 writer just finished her taped copy ShoGun when the manual was written. Warning: It may be illegal that someone have ShoGun on tape... (If you didn't get it, don't worry, its somewhere at: www.wap.org/ifaq/).
The problem with your argument is that it establishes the precedence that the right of a company to collect marketing information supercedes your right to control what information is extracted from your computer without your knowledge or consent.
The worst case scenario, one that I don't expect to be a problem next year or two, but a possible problem in 5+ years, is the extention of the current collection of credit card information from stores to collection of *all* purchase information from applications such as MS Money or Quicken. That's not a very far step from the current collection of credit card purchase information and unsolicited transfer of system information. A mildly offensive act this year, another next year, and one or two more and there you are!
Even if you think that possibility is too extreme to consider, how would you feel about a program that scans your disk for files from the competition? What about a program that quietly scans your disk for images, especially images with the word "sex" or "teen" in the title?
Finally, if you don't find ID's actions objectionable, exactly where do you draw the line? Is it enforceable (from the legal standpoint)? Will it be easy to cross that line as technology changes? (E.g., I'll bet you protect static image files, but forget to restrict access to frame grabbers. Let it's hard to think of a more invasive technology than a camcorder in the bedroom... Rare today, but not in a few years.)
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Eh? did you read the full title of his post? See that part "they are not vlaid"? Well, they aren't.
First off...I tried to create a new account but no matter what email and name I did I got an error. And dont try and tell me someone has the name 12312memasda121 with an email address of 121asdafa@hotmail.com . =)
Anyways...about this. I feel that sending a little video information isnt a big deal. But where will that end? Soon who knows what info program could be sending. IMHO I say that we start dealing with this now. Sure we could do a lot, but I just say somewhere in a text file or on the box id software tells the users of this. That wont hurt anyone will it? If we do this now...then programs in the future should/will do the same...keeping the buyers informed. Also I would like to see programs allow you to turn these types of things on or off...but thats up to the maker. At the least though, it should be stated somewhere.
-Guy who is pissed off cause he couldnt create a new account =/
=======================
== Section 11. ==
== MESSAGE OF THE DAY==
=======================
When Quake 3 Arena starts a map up, it sends the GL_RENDERER string to the Message Of The Day server at id. This responds back with a message of the day to the client. If you wish to switch this option off, set CL_MOTD to 0 (+set CL_MOTD 0 from the command line).
I hope this allows the paranoid to play Q3 safely again... :)
A) I was not shouting. I was using caps for
emphasis. It is hard to place emphasis in
text.
B) I was responding to the ISSUE and the ARTICLE.
I have not read the readme, but was lead to
believe from article that this was an undocumented
feature.
In light of this, I stand most thankfully
corrected. However, I think that the community
MUST push for more overt documentation of any
such "Features" in the future (the simple fact
that most people were not fammiliar with it
tells me that it wasn't documented well)
"I opened my eyes, and everything went dark again"
It was announced in v1.08 that this was being done in one of the Readme files. --loco3kgt@creepingdeath.com
I do vote with my hardware and software dollars.
DoubleClick is hard blocked on my network.
Now all versions of Quake are gone. I was today looking at buying a Linux Version of QuakeII for a XMAS gift. Now that is not on my list.
Then again the latest Q3Demo - Hard errors during startup even with the latest glide and SLI VOODOO2's.
Hello disk space.
It comes time that people should realize that if they don't want anyone to know anything about them, they should shrivel up and die....
(Actually, that wouldn't work, there are still records of even that)
Personally, I am glad that you collect information on my machine. If it didn't run on my machine, I'd be pretty pissed if it was a result from you thinking that there was lack of a reason to support my machine.
Who cares if you log that? Its not my phone number, my email address, or my name. And to those who complain that you could trace back the IP address to who your ISP is and ask them for your name, all I can say is DUH! I visit Microsoft's, Corel's, Slashdot's, and CNN's sites. What happens, they log my IPs, my browser information, my OS, and more. Yet you complain only about ID because they don't describe their actions clearly to end users.....WAIT A MOMENT...WHEN DO YOU SEE A DAMN USER READING ALL THE SPECS FOR THE HTTP PROTOCOL!!!
Really, grow up people.
If you don't want information collected on you, you should cease to exist. By stepping outdoors people see you, that is collecting information. Did you give them permission? No....
by using a company's software product you also are given support, but support can not be given in full unless they can have information to help support you. ID's use of this is not bad, nor is not explaining it better, nor is the fact it was left out of the latest readme. It does not set stage for larger privacy invasions as it sends out information that is not harmful. Who cares whether or not they have video card information on you? They would have your IP address anyways, so they can always trace your IP back....is your video card going to hurt you that much.
(Oh, note to self, much of the Linux community does use old, cheap, half-assed computers....I guess a lot of you would be embarressed with your S3 Virge)
-Dan Guisinger
www.atacomm.com - The Leader in VoIP Product Distributi
I think people are getting a little to involved in this. The US is not exactly a private country. Ask any movie star or popular athlete. Just because this "privacy invasion" has moved to your pc dosent make it any worse. One response mentioned hipocracy by the Linux community because they said it was ok because it helped us. He never mentioned the 20 other privacy invasions that are performed in our everyday lives. How meny times do we get "junk mail" via snail mail and have no idea how they got your address. We need to pick and chose our battles a little more carefully. Do we really care if they now how many people use what os or graphics card. Sure we can sit any play the what if game till the end of time. When someone finds a plot to steal my money, credit card #'s, life ect. let me know. I'll get up in arms right away but fawning over every internet related "info piracy scam" is nat the may to prove anything. If you want to flame them for not letting us know thats fine but thats as for as the issue should go.
Can someone point out a site that maintains a log of there half innocent trojan horses/cookies and how to eliminate them??? A windows NT install paused for 3 minutes as tried to sucky sucky to mother. Exposure, and the outing is one way. The BEST way is to GIGO them - feed them back total crap, multiple times. Rather than register software, how about - complete the survey. .. click this if you want to transmit this data...
if it's ONLY sending the type of video card, etc? That's only what they admit to. I highly doubt that other programs we use, do ONLY what we see. I think there are a lot of other things going on in the background. In fact, how do you know your hardware itself doesn't send information out when you leave it idle for say, 2 hours, and it'll send out a packet when you're likely to be away from your computer? Think about it, if you wanted information from someone, and did not plan to ask them for it, wouldn't you grab it from them at the time when there is the least activity on your computer OR when there is the most? That way, it would be impossible to tell (for the average person) that something else is going on. I mean, while lying on my bed, the only way I'd visually see it is by looking at the hub activity. That's about it. I am convinced that programs heavily in use, are doing a lot more than what you're doing. What idSoftware needs to do to remedy this situation is lower the price. Hey, if we have to pay for the game, they ought to pay us for our information. Information ain't free.
One way would be to ask permission to preload a text/plain e-mail body with specified info into your mail program, and then to ask you to read and send it. That would be ok with me. Then I would know what I was sending. A further improvement would be an authenticated PGP key for the destination, along with a digitally signed declaration of info use policy at the top of the preloaded message.
Then perhaps you shoulda read the documentation you son of a bitch.
Security is good, but some people go too far... What great evil does it bring to you, if somebody knows your video card? "Ohh noo, only my 50 closest friends or IRC are allowed to know I just bought a brand new TNT5 with 512M of NVDXTRAM!" "Shhh, don't tell anybody I'm using Win98, I'm so ashamed of myself!"
Of course, every single day you give your credit card number to some schlob at the convenience store or over the internet... That's secure, right? Hey, THEY put your phone number in a catalog where millions of people can see it! Every time you send an email, dozens of routers will be able to see your sacred address! Echelon is watching over your shoulder even as you read this!
The moral of this story is that geeks like to brag about their super-duper video card (that they bought just to play quake) but don't want anyone to know about it without that act. If ID had made a page titled "Shagadelic Video Cards" everyone would be happy.
No?
All of you pathetic whiners are making me sick. It is a completely harmless statistic. Do you really think ID plans to sell this info? Is Q3 merely a facade for their true aim of gathering video card statistics? Even if it wasn't in the documentation - who cares?? The only reason Carmack did this was to help the game and help pressure the manufacturers into developing better drivers.
I'm sure a number of you are going to volunteer "I CARE." All I've got to say is you guys are losers. Find something that's actually worth groaning about.
Did he ever contact Id or do one iota of
research before writing this crap? No.
Now he is backpedaling like crazy without
trying to look like an idiot.
are we going to do?
We could boycott Q3a, but I'll bet that'll never happen. I personally have a few reservations now about purchasing the finished game.
Anyone know if this will be a 'feature' of the completed q3a or just part of the tests/demos?
But today its only your video card.
Should we punish Id software for somthing, someone might do in the future?
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
I don't know... when you click the button that says "Yes, I have fully read and understand the EULA", its safe to assume that you ether agree to it, or dont care?
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
Cookies do not send any info to the server that the server did not put there itself, idiot. Perhaps you should get a clue, before telling others to do so?
Slashdot uses cookies, you know that right?
Cookies allow a server script to store information on the client. Those cookies can only be accessed by the server that placed them there (that's why slashdot's customization doesn't work on www.slashdot.org, I think). It doesn't tell them anything about you, that they didn't already know. But, because of 'privacy conscious' individuals such as your self (Who didn't even bother learning what they were about), the technology was slowed down.
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
oooooooooooohhhhhhhhhhh, its just like TV!!!
Though, someone should tell them, interlaced images wreak havok on interlaced monitors...*shudder* (the gold and blue feilds on the left and right of the content are made of lines of diffrent, but simmilar colors, on normal monitors, it produces a cool visual effect, on crapy ones, it causes the two diffrent colors to flash at a about 30-50 hz...)
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
Get over it, people. It's a video card type, I'd be interested in knowing the stats on what Q3 users are using. There's an option to turn it off, it's not like someone is stealing your credit card number. id, you can have my video card make and model. I don't care, remember it, write it down, take a picture, I don't give a fuck! All of you paranoid retarded privacy-monkeys can write your own damn game, we don't want you playing Quake III anyway.
U might have convinced the powers that be at slashdot that this line from the README file exonerates carmack and iD software
.txt files that come with Q3Test does it say where and what exactly is the GL_RENDERER string. Please correct me if I'm wrong (it's 2AM and I've been coding for more hours than I can remember).
When Quake 3 Arena starts a map up, it sends the GL_RENDERER string to the Message Of The Day server at id. This responds back with a message of the day to the client. If you wish to switch this option off, set CL_MOTD to 0 (+set CL_MOTD 0 from the command line).
I on the other hand see this as no proof whatsoever. Now I am not a stupid person yet I found it impossible when I originally read it and impossible now to see how the above line from the README file to states that iD is collecting any information about my machine. Unless we are supposed to read the source code and find whatever method initializes GL_RENDERER then knowing that GL_RENDERER was sent to the Message Of The Day Server is as useless to me as knowing the what the sound of an earthworm farting sounds like.
Nowhere in all the
I just wonder how the Average & not so Average user who has no access to the source code was supposed to know that the sentence from the README meant that iD was monitoring onbe's mahine?
Bad Command Or File Name
Hmm if i ever release a game.. this would seem a very good way to get a huge mailing list. Large mailing lists can sell for a *LOT*.
That wasn't a double negative, idiot
The whole NSA_Key was nothing at all. all it didn't alow the NSA to do anything that they wouldn't have been able to do with it not being there, other then installing crypto moduals on systems they already had access to. It did not alow them to run arbitrary code on remote machines.
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
Q3A is an ONLINE game. Its going to communicate A LOT of things about you... when you play, which servers you play on, etc... Blizzard sent email address, actual *private* information. How anybody could consider video card data private is ludicrous.
(I'm not an anonymous coward)
Look, I've seen this happen before. There is a "rule" being broken and someone for whatever reason can't take it. Happened once at a Japanese music festival in the town where I live, Boulder. Everyone was sitting around the stage listening to the beautiful shamisen and the roar of the taiko drums when lo and behold, a noise violation officer shows up. She proceeded to spit out a number of comments about the number of people living in the Boulder area and the laws that the loud music being played was breaking. But you know what? Everyone was enjoying the music! No one cared if it broke a city ordinance, or furthermore, one that IMHO is completely inconsequential.
Wanna know the difference between ID's so-called Trojan horse and the Trojan horse that the 1337 h4x0r2 mentioned in this article made? The trojan horse made by the hackers most likely locates a specific piece of sensitive data (such as a password or a piece of software) and sends it back to people who mean to do harm to others with it. ID's "trojan horse" sends back data that ID will use to give the general public a better product. If you ask me, there's a BIG fucking difference here. In fact, I would say someone who dares call ID's "trojan horse" a trojan horse has blown things out of proportion in their life more than once.
Please people, sometime you just need to let things slide. ID has really done nothing wrong and shouldn't be persecuted for accidentally breaking a law after falling upon what I would call a "loophole in the law" of which there are many in the United States judicial system. Just get off their backs.
Being a person that does value my right to privacy my automatic defence is that its bad. But as a user I think its very important that software developers know what sort of hardware we are running. The real argument is that almost anyone would feel free to give this information out, in fact most geeks prefer to give it out. Should they have asked or atleast notified it wouldnt have hurt. This information isnt really sensitive, its of large intrest to id to get this information to make there products better for most of the users. Some people whould say "Well whats stoping them from doing MORE and sending out ids", well first off ALOT of windows software allready does this. Second They arnt doing this, because they respect your right to privacy. Most of you that complain realize that all microsoft products, Starcraft (used to), most (all?) Real Audio products, do far worse than this. Don't freak out and accuse idsoftware of spying then go right around and start useing real audio.
If I pick a penny from your pocket it's no great loss, but it's wrong
But, if it dosn't matter, it still dosn't matter. no amout of grand moralizing will ever change that.
Some things are wrong, and others just don't matter. And when they don't, you shouldn't get all upset, beacuse people will stop listening to you. The maginitude of the offence does matter
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
...another 'ignorant' post from a Slashdot author.. Put the UPDATE on the front page, eh? I think I have to now rank micheal near the bottom of the heap of SlashDot authors along with sengan and RobLimo..
blech.
Thank you. Drive through. (:wq)
don't cookies have a similar function, i.e. they take data from your computer without your knowledge? Wouldn't that also qualify as being illegal? I don't really understand what the difference is.
NO THEY DO NOT
What cookies alow, is the *placement* of data on a computer system, IE, a site, such as slashdot, can store you're user info in a file on your hard drive. When you connect to the site again, that data, and *ONLY* that data can be retrived. In other words, sites can only get information on you that they already knew.
If you're really consourned about cookies, you shouldn't be reading slashdot
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
ya, typical overreaction. youll be back. probably when you get rid of those crappy doodoo2's
Let them have one apple, and soon they'll want the whole tree. Let them have the whole tree, and soon they'll want the orchard.
I total didn't agree with your position, untill I read that little quote there. Thank you for that scientifically valid, backed up with hard data point.
eating an apple dosn't make me want an entire orchard...
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
First off, Who reads there EULA's anyways? And if you do? Who ever clicks "Do Not Agree". If ID wants to see what kind of videocard I have, I'll let em. If ID wants to know what kind of soundcard I have, I'll let em. I want to give ID the most information so I'm not left out when there next technology come out. So ID finds out you have a voodoo 1 (or whatever), is that the same as them finding out thet you have little johnson? Its not like there invading your private pr0n directory. It all you little cowards out there how pirate software and download MP3's who are dumping a load. They can't even use that kind of illbegotten info against you anyways. ID can stream whatever they want off my HD. I could give two craps. I give away personal info to websites 20 times an hour. I don't care. When I order a Pizza, the take personal info. When I rent a movie... They take personal info. I don't care any of those times, about the personal info I'm giving away every second. Software companies are just joining the club. Why I think we shouldn't care... 1. John carmack isn't stupid... He knows the law, somebody ELSE has fubared this whole deal. 2. Its VIDEO card info... WHO CARES! Are you really going to stop playing just because some info gets sent? hahaha... right! 3. Its not like they were all sinister about it, they came out and told us what they were doing. Some jackass prolly just forgot to put it in (a slight oversight) 4. there going to use to YOUR advantage... grow some gosh darned cajones! Oh yeah and... Legal shmegal! I'm sure 90% of you are guilting of many crimes against software companies. So while all you weenies say "No" to your EULA's, we'll be fraggin it up till the wee hours. Hope your happy. there. I said what I had to say...
If it is in the full version then I am not buying it - bad enough it is in the demo. I used to think Carmack was a pretty cool guy. Now I think he sucks. I was going to buy this game. Probably not now.
You can easly disable this by typing a command into the console
Am I the only one pissed that linux users are told to wait till after christmas? Carmack telling us this will be important is BS. If it is so important why treat linux users like second class citizens?
Carmack is releasing all 3 versions at the same time, however, the windows version will move through the system quicker, beacuse there is more demand for the windows version.
aditionaly, you do not have to wait untill after chrismas to play quake on linux, just a few extra days. What will not happen untill christmas is the putting of binarys for diffrent versions (so you can play on a platform you didn't buy) up on there webstite.
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
Id software is sending information about what video card was use when. its not saying by whom. Its not personal data, beacuse its not personalized, it *was* documented, and it is disable able
Real Jukebox was actively scanning your hard drive for MP3s, and sending that information back to Real.com, along with a unique ID number
Do you really think that the two things are in anyway eqivalent?
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
I'm not sure about it. its posible to send a UDP packet without sending your IP, If you don't need a response.
.gif that was linked a while back, it appeared that infact it wasn't sending the IP address along with the rest of the info... but I don't know for sure
Looking at the
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
I'm a little annoyed at ID over the privacy issues, but more important to me is that every time I run quake3 it's gonna cause my linux router box to dial my ISP, and calls cost money here in the UK. So, does anyone know what IP we all need to ban from our routing tables?
1337 means 'leet, as opposed to 31337 witch means 'eleet'
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
man ipchains be your friend. Just block sending of packets to id's network.
If you did that, you wouldn't be able to play quake at all...
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
They might just want to know the number of *instances* of quake, not the instalations. The data would still be quite usefull
besides, you can go and look at the packet there sending, there is no unique ID in there
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
You say you have a "geek brain", and yet, you seem to think that the top-level post is actualy a post by john carmack, and not a quote from the v 1.08 readme, or his .plan or somthing. Well, that dosn't make sense to my "geek brain".
then you say: Funny, I found John Carmack's post quite arrogant. He thinks we should all bow down to him and take it up the ass, and then decides it's our fault because he documented it (and the documentation which I have seen makes no sense to my non-geek brain. Really, most gamers are not programmers). I've got a message: Fu*k him!
Just what kind of crack are you smoking?
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
witch uses those dreaded cookies????
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
all hell would break loose. Check your sources!! ID didn't do anything wrong!! It was posted!! They made a mistake!! Hemos sucks!!
Christ.
I'll see you bastards in court!
--neil
Do I really have to mention that this was sarcastic?
If any lawyers read this, thought it wasn't sarcastic, and think I could win, please contact me.:)
are persistant, you only need to retype them if you reinstall
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
It would be illegal for them to collect data without first being registered under the Data Protecion Act, so yes it would stop thier sales in that country if they had this in thier software without paying for a license to glean data.
where he gave his full name?
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
get over it you idiots
Do you think maybe that the reason that people are not as upset with Id as they are with Real is beacuse there is a huge diffrence between there actions?
Id is sending a known paket containing the kind of video card you are using back to there main server. It *was* documented in earlyer versions of the README, and it is disableable.
Real was *actively scanning your hard drive for MP3s*, and sending that info back to there servers WITH AN ID. do you realy think the two things are equivelant?
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
huh? the point is this.
If carmack told 3dfx that they are getting 10 times the support questions from 3dfx owners vs. nVidia owners, 3dfx may just assume that 10 times as many people are using 3dfx cards and then do nothing about their drivers.
On the other hand, if carmack has hard data showing that in fact there ARENT more 3dfx cards out there, then 3dfx has some clear data saying "you suck" and hence will be more likely to get off their butts and fix those drivers.
but perhaps I misinterpreted your message. I must admit it didnt really make sense to me.
-I go to Rice, so figure out my email address
You can look at the data the data that they are sending, it has been posted on the web.
It never ceases to amaze me how many people post on things without even taking the *basic* steps to inform themselves about whats really going on
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
If none of this info is that important, why do they hide the fact they are collecting it?
I guess you havn't been reading this thread, they are *not* hiding this info at all. It has been included in all the READMEs up untill this point, when the file was skimmed down qute a bit
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
cause every republican judge in the country would convict them after seeing the gore in that 'game'
'id Software uploads video card information so they can use it as leverage onto other companies to get them to help id in the future' _ Oh, it only affects people who get huffy about their hardware setup, it doesn't bother me.
Your wrong, it dosn't effect *anyone* it dosn't get *any* data about the user AT ALL!
and yet, What blizzard did effected pirates, it was wrong. what Real did effected people who listen to illicet MP3s, it was wrong.
What id did (witch, dispite what this 'michal' person says) dosn't effect anyone, therefor it is not wrong
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
wow, its just like the simpsons, you know where some person yells somthing, and then the crowd vehomently aggrees. It happens a lot in the simpsons, and, I've noticed on slashdot.
It amazes me that you havn't even been able to aply any kind of simple constructive critizim, to michals comments, or, even read the thread so far.
It is *not* secret, there is *NO PERSONAL DATA ATACHED*, and it *can* be disabled. All Id knows is that quake3 was launched on a certan video card at a certan time, that's it.
But if you'd rather lick the balls of an over worked lama then purchase another Id game (or, presumibly, be informed about anything) be my guest.
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
I knew that they were doing marketing research from the q3test on.. you don't really thought that the connection counter "you are user #4523453" did only submit where you connect to to update.idsoftware.com, right ? just imagine: it's good for us they know we are using linuxquake. AND they already know we are using 3dfx, because it's the only supported gfx card of linux quake. so?
when you go to planetquake and see:
"gamespy: xxxx players in the last hour"
or fire up q3a and see:
"welcome player #yyyyy"
just what do you think is happening? and more importantly, why should you give a damn?
as per usual, devils advocacy and "well, where do you draw the line, next you'll be watching me in the shower" will be curteously IGNORED.
take your cookie blockers, pgp, taped-up windows, junkbusters, user-agent spoofers and offload them on to your therapists, not here.
that's the box, though, Q3a won't do you much good without an internet connection
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
When the article first showed up, I thought "It IS documented in the release!". I went and looked, and unfortunately, that documentation from the previous release didn't make it into the latest release. Sigh. Our fuckup.
Apropriate quote: "Never attribute to malice what can be explained by incompetence".
I remain unconvinced that we have done something morally offensive.
Yes, we could have (should have, meant to) included a notice that it was going on in the EULA, but honestly, how many people carefully read and consider every line of all the EULA's they click through? How much of a difference would that have made to people?
I dislike lengthy legal verbiage, but it is reactions exactly like these that cause them to grow. Every time someone says "Sue 'em!" over something, a lawyer proposes another paragraph in a license document.
The most upstanding thing to do would be to have explicit UI that asks on installation if you don't mind sending your data when you play multiplayer games. I would consider that justified if we were sending a detailed system spec. That is something we may want to do in the future. Data like that is helpfull in making good development decisions.
But this is just a driver string riding along with your game version. It just seems silly, like requiring you to acknowledge before leaving your house that someone might see you. I would rather have fixed a bug somewhere.
I can see that it is a slipperly slope to be on, and I can easily project it to a scenario that I would be offended by, but I just can't convince myself that knowing the reletive distribution of different OpenGL implementations is violating people's rights.
The system was set up to allow us to notify people with a one-line message when their versions are out of date. I imagine some people are offended even by that, but I consider that a positive service to the community.
Including the renderer string was an afterthought to get some good unbiased data to help make future decisions on. Every once in a while we tally up the numbers, then dump all the logs. That's it.
John Carmack
Like I said, I don't know.
However, in the screen shot, the sniffer clearly stated that the 'source' of the packet was 'monster.kistie' (1.2.3.4). Did you look at the gif yourself?
--
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
Do a standard install and play the game (use the program) as intended - nothing is collected or sent.
Read a splash screen, help docs, eula, etc., where it explains the data collected and the reasons and a statement of 'SOLE USE' then choose a menu option and click send. This way might be cool.
A Nony Mouse
I wholeheartedly agree with the boycott of all companies who sell the data the acquire on you by hook or by crook. Perhaps we should create a "www.boycott.com" site providing filtration software so you can make sure they never see you, and a central database of offenders, rated for greed et al by the users. Kernel filtering, mail rejection and browsing bloackading (no ads from doubleclick.net please").
I don't mean that companies cannot use data you give them, I mean companies can't use data you do not give them to make money with.
I work at APK Net, Inc., which is where Linuxquake.com is hosted, and my friends and I have a co-located p75 on the same switch as linuxquake. This article got our entire switch slashdotted, and although it held up well, we got drenched! haha Slashdot you rule
Berto
Hey, would you all remember that it is called q3demoTEST!!! I am sure that the actual Demo will have the proper doc's.
I wrote a ranting version of this post yesterday but didn't post it as I realized that not only would most not understand it, but would resent it as well. The point I was trying to get across is that just about every peice of software that is internet related sends some kind of information to the creator, whether it be for the purpose of marketing (yes, they sell your information, and sometimes it's quite personal) or for bug-trapping. And has everyone forgotten that this is pre-release software that was designed to get out bugs in the gameplay and ogl code? I for one knew that q3 was going to be sending some type of helpful information back to id, and if you didn't know this from software experience it should have clued you in when you contacted id's master everytime you connected to a game. If you don't want to help make the game better then don't download pre-release software with that intent, these releases weren't meant for true gameplay.
In id's defense??? This allows targeted advertising to me. Consider the following scenario. I use a Nvida based card TnT,Tnt2/Geforce... whatever. 3dvx comes out with voodoo 4. 3dfx payes id to advertise heavily to non 3dfx users. I log on sned video data to MOTD server. motd server responds with a long windinded ad about how 'bad' my current selection of video cards is compared to the new voodoo. Is this waht i wan... hell no. I am proud to say I am a linux user but to be sending out this type of data and collectiong it is just plain irresponsible.
www.mp3.com/Undocumented
I can't believe how some people react to someones paranoid thought's... Is anyone out there playing the Quake3 Demo? Nope! Why? All Id has released is q3demoTEST. And now we return to our normally scheduled programming. (except for some idiot's who can't think for themselves)
Come on you guys! There's paranoid, and there's paranoid. We're talking id software here, not microsoft. If they want to know what OS/Vid Card I'm using, then fine, go for it. This is not like Blizzard sifting through your hard drive trying to find out whether you're using pirated software. This is not MS embedding all your computer details in a registration form. This is finding out how many resources they should be dedicating to the tech support depts. It's only making it a better game. Carmack has admitted the fact it's there without any threats of a lawsuit, and there's an option to disable it. Just chill, eh?
you didn't evenm read the EULA. Its clearly documented in the README. Go fuck yourself for thinking you're better than carmack in any way.
Yes it was pig-fucker!
The UK version of the same European law on privacy, which I assume is fairly similar, places restrictions on collecting "personal data". (Which is a good thing, and I'm amazed the States doesn't have something similar yet.)
But if all that is being sent up is what graphics card you have, without any information on who you are, then this isn't personal data.
A problem only arises if the data relates to an identifiable person; this doesn't. And personally I don't see a problem with it.
- Alan
The solution of course would be to not purchase or in any way use any ID Software products. Return anything you have that is returnable and let ID know how much you dislike their methods. Write e-mail to the company stating your refusal to BUY/USE their software for this specific reason. Let your voice be heard.
'The only way to win is not to play' - (you figure out were the quote is from)
======================= == Section 11. == == MESSAGE OF THE DAY== ======================= When Quake 3 Arena starts a map up, it sends the GL_RENDERER string to the Message Of The Day server at id. This responds back with a message of the day to the client. If you wish to switch this option off, set CL_MOTD to 0 (+set CL_MOTD 0 from the command line).
Under British law it is illegal to gain access to a computer without authority. This piece of code gains access to my computer without my authority.
I am a great fan of id games but I am seriously unhappy with them gaining unauthorised access to my computer.
If they had documented it clearly I would have no grievance (I may be unhappy but it would be said that because I knew about it first I gave consent). They have overstepped the mark with this one. I will continue to enjoy there games but I will now view them differently.
I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
So where can i download a Swat-team for free so that they can search my house for my graphic cards? I get your Point but this is Plain Stupid. Do you keep a log of the IP's of the peoble that writes here?
When you consider how much of your personal information is handed around throughout the business world (postal mailing lists, credit cards), why are you worrying so much about this? Let me ask you people. Have you ever used your credit card over the internet? Or over the phone for that matter? If you have, how do you know what happens behind the scenes with your personal information? You don't. What are you worrying about? "Sure, you can store cookies on my hard-disk, you can track the kinds of CDs I buy at cdnow.com, but don't you dare send my video card type to Id you bastards!"
So how exactly is this a huge intrusive conspiracy? Servers get your IPs all the time, and they could do a hell of a lot more damage then ID can just knowing what kind of friggin video card you have. Boycott them? Paranoia seems to be running a little high about this. It's no more intrusive then a web site asking your browser what version it is and I don't see people boycotting every browser in sight. Besides you can turn the damn thing off so whats the problem? Generik99@hotmail.com
I HAVE read the README. Nothing in there. Nor is there anything in the EULA. Next time know what you're talking about before you go jumping down their throat.....
HAND
Chas - The one, the only.
THANK GOD!!!
Chas - The one, the only.
THANK GOD!!!
The purpose of the test is to debug the rendering code, among other things, correct? And obviously knowing which video card people are using, and which version of Mesa, is going to help Id in this purpose. So chill out, people. Give me 2.5 seconds and I can find out more information than that from any IP address on the 'net. (starting with the name, address, and home phone number of whoever registered the domain) This just isn't a big deal.
"Software is like sex- the best is for free"
-Linus Torvalds
Well, fsck'n biggots. Netscape is a trojan horse and bigger security hazard. Its sends personal data about your operation system and CPU to every webserver you visit, whats the difference of sending "Linux 2.2.13 x86" than "Linux nVidia TNT" ? why is no one complaining on Netscape or Lynx? why is no one suing every website owner in the world for collecting personal information about your OS and CPU?
A couple facts:
/. since they should be more understanding of the facts before they post seriously slanted articles. "I call it a trojan horse program"...get freakin real! This article and the ensuing responses look like an online Jerry Springer show.
1. The most recent release of Q3 is a *demo* *test* and when it was released it had not gone gold yet so it was *not* finished. A lot of you seem to think this only applies to the actual application, but until a software project is officially finished, this goes for documentation as well. In other words, the documentation was not *finished* either.
2. It seems that in the previous releases of Q3 there was documentation that notified the end-user that this information was sent to ID for whatever reason. However in the current release it was not there, BUT IT DID NOT EXPLICITLY STATE THAT THE FUNCTIONALITY WAS TAKEN OUT. Looking at this, it looks like a mistake to me which is to be expected in something that is not quite done (see point #1). If this was malicious, then this would be an incredibly stupid group of conspirators to have a history of this documentation in previous releases but then have it mysteriously vanish w/o a trace in the most recent release.
Id has always been accessible to the gaming community in one way or the other in the three years that I've been playing Quake. They release code, encourage mods, update their plans, jump on IRC, give out interviews, reply to a lot more e-mail that I would and post responses to these type of forums.
This seems like a witch hunt to me, and frankly Michael (who posted this) should have considered those two points above, perhaps even contacted Id to get a more rounded view of the situation and then provide a story that was a bit more in perspective (or perhaps not at all). This is poor journalism on the part of
Just my 2.
Which is also why there isn't a credible court in the world who would argue there is a binding agreement between the company and the end user.
First off, i don't understand why john carmack is so confused over which cards to support. Remember, when quake came out, then glquake came out, how much he talked about how voodoo made quake run better, well, we all went out and bought voodoo, then when quake 2 came out, he said that it does both glide and D3D, so we (the smarter ones) bought the TNT and the others bought voodoo2, he's gotta realize that he's selling the hardware to us, without the benchmarking test thru the quake engine, we would be in the dark on which to buy, i'm sure if he said that the S3 is completely aweful running quake 2, we wouldn't be questioning it for Q3. I mean, when quake came out, we all didn't run to get the mac. and when the G3's came out, and he mentioned to get rid of the one button mouse, i'm sure the lamers with the G3's did get rid of it. Comon ID, if ur really curious on what to support, just support what u want, and we will follow, we will always follow
What's so strange about that? Cretins like teambakken@***spamblockrespectufullyreplaced***yah oo.com only damage their address headers because they're unwilling to do their part to stop spam, namely complain to senders' ISPs.
Complaining to senders' ISP's isn't always a good idea, if they own their own servers complaining to abuse@somedomain.com tells them that they just got a valid, sellable email address. And for those who spoof their "from:" it's impossible to sit and trace them all (I have to get some sleep after working 2 jobs, you know!). The one criticism I would have is that he put the spamtag in front of the @, which allows it to get through to yahoo, thus they are still footing the bill for the spam, so to speak. If you care at all that yahoo is giving you a free email box and has a reasonably responsive abuse team then put the ***foobar*** after the @, like I did above.
damn right that wasn't no double negative. DAMN.
Idiot! The IP number is unavoidable, OS information is none of their damn business!
I just realized that I've never seen a(n) EULA for the RealLife(tm) server. Not only that, but there's no README file disclosing the user data that's broadcast to other users. If you walk outside, people can tell what brand of clothes you wear, what kind of vehicle you drive, even your probable ethnic background. Talk about a marketing coup! Since I've become dependant on RealLife, as have most others, I propose the following change to RL's user security. A slight modification to the photon emission code in the RealLife(tm) server would make it impossible for anyone to see anyone else's consumer choices. However, since we would all still be visible, marketing groups (or malcontents up to no good) could figure out what we are up to simply by noting our physical locations. Hmm, maybe we should just ban all forms of light in public places, just to make sure that everyone has their privacy.
:-)
Damn! I nearly forgot about sound. And scent. What if I bump into someone and I don't want them to find out anything about me...
P.S. - A brief reminder to those promoting a lawsuit against id Software. You can't typically file a lawsuit without disclosing your identity.
Each time you allow something like this, they move a little further the next time. Already now there are idiots here who say "gee your browser sends your OS information" - it does - and it shouldn't! A slippery slope...
Deal with it by adding requesters in the program...
Mr. Carmack's comment that he recognizes that this is a 'slippery slope' is a fine analogy: as we begin our ride, iD gets some data, Blizzard gets some data. Big deal. The other, competing software publishers/developers perhaps lose a few dollars here or there b/c their marketing database is a few bytes short. Again, big deal.
/.'ers are concerned with privacy rights issues is because they can and have snowballed in the past.
What happens when we continue to descend this 'slippery slope'? Perhaps our Quake III config is uploaded to iD, in order to best serve the customer in the next patch of the software. What comes next? Why not email times/dates, in order to see what speed of response the customer might require after a tech support inquiry?
Please consider that I am not suggesting that iD (or Blizzard even) might engage in such heinous activity, and nor do I believe that anyone at iD had any 'malicious' motives for collecting the user info that they did. But to sum, the very reason that many
A little consent now could save a lot of trouble down the road.
- Carmack stated that ID do gets information about your vidcard
- Carmack stated that they don't link them to your email-adress
- LinuxQuake stated that they do send more data out than just your vidcard-infos
What we have here is a cruel act of spying (that's whyWhat else would you call someone or something that collects data (no matter how redundant it really is for you in person)? Could you imagine what that could mean to ID?
On the other hand I do see the problems in getting that information (if it would only be the vidcard-info) properly. What they can do is (for example) put up a page where you can enter those informations (I guess we all now how to cheat on that stuff), ask you kindly to send mails to a specific account (and not to johnc@idsoftware.com) or go to a specific firm to let them do that and probably have to pay for that.
Well, I do understand all the points people made so far. I'm not a bit happy with how Carmack seems to do such things, but then again he lives in the US and ID's in the US. So why don't you sue him and pull down ID? I know why: Because ID was really doing something for the community: The brought up new engines that were quite nice at that point of time. They really make cool games.
I tell you what we all can do about that: Send as much mails/snail-mails or whatever to ID and probably make them get real bad headaches and wait to let them bring out a patch to solve that bad thing. I'm not sure what bothers me most: The possibility that anyone can sue ID so much, that they will be banned from the face of the earth or the fact that ID was so stupid to 1. build in such an option or 2. to state that they really send out that data.
Remember Real? They made the same with their RealPlayer! So let's just keep pushing them and hope that that will convince them. But don't expect the game or ID to be bothered with just one posting on /.! I will buy that game anyway and you can bet that I'm not the only one!
I understand the /. mindset now: Micro$oft does this and it's "EVIL". Golden boys like ID do this and it's "OK". Can you say "Two faced?".
Taking w/o asking is STEALING plan and simple. It doesn't matter WHO does it, it's still wrong and should be illegal.
The problem is, is not is it useful? Is it minor? The issue is: Yet ANOTHER company is doing the spy thing. Including a trusted one. well ID just lost me as a customer. One reason, I'm getting into linux is to get away from these spying companies. (Mostly though to get away from mickysoft's codejoke Windows, but that's another comment.) This idea of market research is bull. If they need this so badly, then put a card in the box asking for REAL data, not how much you make, and what you eat for breakfast. The cards now, are used for nothing but selling to advertizers. So if they want real data, then ask for it. Don't sneek behind our backs, and pull everything off our computers. Personallity I see more and more the idea of having a basic internet computer, and a work/play computer not hooked to the internet will be the right way to go. :\
Anyone who has a static IP address is now identified as an user of Quake. With current paranoia about FPS games, this is definatly personal information in my mind.
I think you are refering to John Romero, not Carmack...
Software which performs functions beyond its stated activities is uncool (read: illegal)
I have never heard of a law that says this. If someone can find one for me, fine, I think that it's dandy, but as far as I know, every piece of software performs functions beyond its stated activities, primarily because no software package (even Linux, holy cow, call the Marines!) has ever listed all of the functions that it performs in its marketing propaganda (and no, I don't count the Linux source code as 'marketing propaganda').
I agree with a few of the posters here. The paranoia on Slashdot has reached all-time highs and it is definitely preventing companies like id from creating a high-quality product using perfectly acceptable and harmless means.
In all of these recent transgressions on personal privacy one phrase always sets my teeth a-grinding... "Opt-out." It is usually said in a sentence like this. "It is ok if they get the data as long as they inform the consumer and allow them to opt-out."
No, wrong, sorry, try again.
"Opt-out" presupposes that the little checkbox is already marked. This gives the people on the other end the ability to hide what is going on in the small fine print; usually at the bottom of some long agreement.
Consumers should have to opt-*IN* on such marketing research. If the data is so harmless, if the masses really want it, then why do we constantly have companies who are doing it on the sly, hiding what they do and forcing the consumer to stop it instead of asking the consumer participate?
Please, for anyone who writes articles or responses to articles, note the difference of opt-out versus opt-in and use the latter.
-- Grey d'Miyu, not just another pretty color.
If id software wants data, we should give them data. I for one am outraged that I can't run Quake 3 on my 486 machine with a fine Trident 8900CL card installed on it.
Maybe if some folks here doctor up a reverse-engineered sending client, we can send them LOTS of information about what card we wish we were running Quake 3 on.
Sounds like the makings of a fun open source development project. The "id feedback spammer" client. Let 'em know that you have 10,000 machines running CPM/86 with an MDA card with 10,000 happy little packets.
So, who's working on it, where can I get the source, and any suggestions what video card(s) we should tell them about?
I write here so as not to bother you with another unimportant email. If you see this fine, if you dont fine.
Neither you or your company have done anything wrong. Morally or otherwise.
Even a small amount of thought on the matter shows it to be a total non issue. The only reason it is still around is to further the agenda of OTHER people. These are the same people who forward email about nonexistant viruses. The same people who forward emails so the little girl in BFE can get a heart transplant because they forwarded the message.
I assume that when I go online that I am exposing my personal information as contained on my computer. There is no slippery slope. Its a condition of act of surfing/playing that has no reasonable answer and is TOTALLY unimportant.
Im sorry that we have wasted your time.
David
For those of you who really think this is an issue worth ALL this....
Why worry about a splinter while you are in the electric chair? Your privacy (with your permission) is being invaded in much more significant ways every day. A quick example is your Safeway, Lucky's or Ralphs card. A small look at the shopping habits these cards track AND link with your name and phone number could tell a marginally skilled person all kinds preferences you might want to keep secret. This is 10000 times beyond what id did. And relative to things like discount cards, id writing code to get your vid card info (without your having to press a button) is just a non issue. It should never have become an issue! You are bothering all of us with effort that could do so much good elsewhere. But of course, that would take REAL effort so you will stick to this...
There is a clear difference between privacy invasion and what id has done. Those of you that cant see it need to look harder or move on. You are wasting your time and it could be better spent elsewhere. /.com and wanted you to have more hits so you could earn more money from your ads! which means thats why he put in the code in the first place which means...)
DAVID G. (what a waste of time to log on here. Why do you really need my info? its a conspiracy I tell you! John leaked the info cause he likes
Blizzard's Battle.net in its infancy could look up just about ANY information it wanted off of your computer: file listings, registry settings, and more. That whole incident seemed to pass over very quickly despite its enormousy.
I do not feel "violated" in any way to have my 3D card's driver version, or the game version sent to id.
You wanna bitch about privacy? Have any of you forgotten how much info a web server can collect from you? They've got your ip, your host, the last link you were at, and more. And that information has been declared as exceptable to collect for a web server.
So why do we need to make an exception here and ridicule id for doing essentially the same thing? Especially since id's only collecting minimal information from you.
And as far as Mr. Carmack lets on, id isn't even storing your ip address with your info. So, it looks like it is 100% anonymous info to boot. ie. all id knows is that someone out there (ie. me) is using a Creative 3D Blaster Annihilator. Who cares?
-- WarZone
I'll do anything to please you. Would you like to know my dirtiest secret thoughts? Would it help your company make better products? What if I suck your penis with my big gaping maw and swallow buckets of your cum till my belly is distended? You don't even have to pay me. I'll do it because I love your company, I love Quake, and most of all I love you. I want to help you become the best that you can be, to fullfill your potential of cool.
hello sir, if you had read Michael Abrashs articles about working on Quake with Carmack, you might have noticed that the compiler used to make the DOS port of quake was, in fact, the GNU C compiler. Yes, that very long haired freak boy (Richard Stallman) yelling about stupid shit like freedom of speech and cooperation of code is the same guy who made possible the DOS version of Quake. I dont know about Quake II Quake III etc but i guaran god damn tee you that somewhere in that big gaping bit bucket of your Hard disk there are a multitude of tools and utilities that come from the 'free software morons'. So if you really hate us you will erase them from your hard drive, otherwise shut your hypocritical mouth.
muhahha stop saying things! you make me feelbad! ban kick ban!
You might want to read : http://slashdot.org/yro/99/10/22/0249212.shtml if u think cookies are so benign
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
guess those are the same imbeciles who think that dirty and stupid are insults too
The problem here is that the program took user information and sent it back to id without the users' knowledge or consent. Voluntary registration is one thing, involuntary and unwitting registration is another.
Although it's beside the point whether or not id used this for anything other than future hardware support, even data not linked to names or email is worth a lot of money. Market research people can extract a lot of info from the demographics of people who buy first-person shooters and their video card, and will pay a good price for a large quantity of that data. Coming on the heels of all the recent privacy fiascos, there is no reason to say that this is any better than the rest.
I agree John. You have NOT done anything wrong or morally offensive. The service is actually nice and useful, as you said.
Mr. Carmack - I, being a law student, am asking you for a job. It seems you do not have a good lawyer on your payroll. Remember the fiasco a fellow game maker had with their program that pulled info off user's hard drives ("StarCraft" ring a bell?) Simply put, if I did what your program did, even though it is pulling seemlingly safe information from the unknowing (read: cannot be used against the computer/person it is coming from) I would go to jail. Period. I suggest you make it painfully obvious to the purchaser and let them easily opt out. (read: make the computer game do it, not have to have the user find some little command from one of your e-mails.) When in doubt, put it out where your user can see it. Further, I am ashamed at your reaction. If you see that your actions are upsetting your customers, then quit doing those actions. Otherwise, you may lose those customers. Also, just because you are making this a part of your information gathering, there seeems to be a lack of security. Can just anyone collect this info? Say, video card producers, trying to find out how better to sell their cards? Can that code be somehow adjusted so that other less honest people can gain info of the user? Never claim incompetence as a defense, that just means your actions are a negligence tort, not an intentional one. hvymtl@netzero.net
Most personal data collection has a price attached to it. For the consumer/customer/pleb it is usually fairly innocuous, useless information and they don't attach much value to it. However, the companies that collect and use the information find it extremely useful, and hence valuable. They wouldn't invest money in collecting it otherwise!
Those companies that collect and resell the information are making enormous amounts of money. But what are they selling? YOUR information! The information that all of us casually give away because we perceive it to be worthless.
For example, say I visit the supermarket each week and purchase a load of groceries. I might purchase pasta sauce every week, along with some spaghetti. I use my loyalty card at the checkout to get a 2% discount on my purchase. From that information, the supermarket chain has now collected information that identifies me as a pasta lover. That information might seem trivial to me - after all, what do I care if I now get a letter from Dolmio each month encouraging me to try their brand of pasta sauce - but to the marketing company that collected the information from the supermarket and sold it on, that information is a gold mine! They are really making money for nothing. They aren't selling a product. They're not even selling a service. They are selling my information, because I don't make enough fuss about it.
This relates in the same way to iD's idea of capturing information from a PC running their software. We might think it's trivial, but they obviously don't. They obviously think it's important enough to hire a programmer to write code in their software to get the information, and to have resources on one of their servers collecting and storing the information as it comes in. If they think it's that important it has to be worth something to them.
My argument is that if they think it's important, we should be thinking of it in the same way. If a company wants to use my personal data, wether it comes from my PC or if I fill out a form and give it to them, I think I should be given something in return. After all, that personal data has value attached to it - iD certainly seem to think so. If I am giving them something of value, then a transaction is taking place and I am entitled to demand a price for it. Some might argue that we get better games out of it and that it's a small price to pay. But I'd like the choice - either iD pays me what I want, or they don't get my value information. That's how all other transactions are governed.
In the end, I think it comes down to the fact that information is not seen by the average person as a valuable commodity. Companies have been gathering information for commercial purposes for a long time - they see it as being valuable; it's about time we all woke up and saw it the same way.
Email flames etc to me
The views expressed are my own and not those of my employer
I don't see what the big deal is. As if ID is really interested in your computer! They don't know who you are. Do you actually think that ID is interested in knowing your passwords and whatnot when they don't even know who you are? What is happening is a benign thing. It is not harmful to your computer, and even if they didn't say anything, information is being sent by your computer about your computer when you play anyway. Again, I say Who cares, it isn't a really big deal.
You need to restart your computer. Hold down the Power button for several seconds or press the Restart button.
They were programming! Instead of worrying about nitpicking details (yes, that is what this is), they decided to spend their time on actual coding.
Besides, this is a beta version anyway, isn't it? File a bug report. Say it should have an "opt-out" option, and should warn you.
John's an okay guy. We shouldn't be such an edgy lynch mob. I'm not saying it was right, I'm just saying it's only a bug. Let id fix it. Now if id refuses to fix it, that's another story.
--------
"I already have all the latest software."
I remember at one point that I enjoyed reading slashdot, for some reason or another. At that point, it had a small but interesting readership, in that the readers were knowledgeable. The articles were fairly interesting, because they often gathered info from sites I didn't normally visit.
That day is apparently over.
While slashdot may present itself as a "news" site, this is in no way unbiased news. Instead of reporting events as they occur, while maintaining an objective viewpoint, the editors seem to throw up anything vaguely inflammatory in hopes of starting up a big discussion. Were this article objective, someone at id Software would have been contacted, in hopes of getting the facts straight. Instead, this was posted without any sense of perspective. And instead of allowing the readership to decide on their own viewpoint, the person posting the article chose to express their own, in depth.
Please, seperate news from editorials. They aren't the same damned thing, and I'm not going to stand idly by while someone attempts to add their comments on to every news item I read.
There's a term for what slashdot has become: yellow journalism. It's become a place for news that is created, not that which happens by itself.
If all parties were contacted before posting this story to begin with, the entire story might have been "id forgot to include one line in the documentation" instead of what it has become.
slashdot's editors really need to start doing fact checking, because by reporting things in this light, it opens *this* site up to lawsuits.
I've checked the readmies from the previous test, and i haven't been able to find a mention...
Well John, you seem to continue to miss the point. The socially accepted practice would be to give the user the option on install. This is used all the time with great success. Querying people's computer hardware without there knowledge is just plain Bullshit! I could care less if you want the info...you are welcome to it...i have purchased all the Quake games and have Q3 on pre-order, and this will not change my mind. But you should have seen this uproar coming, most people are not capable of reading the code and seeing what your doing, so they expect the worst....If you expected any thing different then you have lost touch with the world at large. To them it's not what you did....It's what you could do....
First we have a sensationalised article -- John Carmack is already one of the proven good guys, yet Slashdot couldn't be bothered to *ask* him what was going on before posting this "idSoftware is spying on you!" article?
Second, Carmack shows up in the flesh and explains (twice) the purpose of this data collexion AND that the lack of notice in the current test was merely an oversight.. Yet there are still another 50 posts all unglued about what a horrible invasion of privacy it is and crying for id's blood.
Obviously it's much more important to most Slashdot posters to feel justified in your righteous anger than to know the facts.
This sort of exaggerated kneejerk response to every perceived wrong (real or imaginary) is why I am rapidly losing respect for this -- I can't call it a community. It's more like a rabble.
~REZ~ #43301. Who'd fake being me anyway?
I don't care if the whole world knows I'm using a TNT2, since 3dfx is such a crap (old technology over and over). It can only help nVidia that the same amount of players are using nVidia/3dfx, but there are 10x the support for 3dfx cards, so it figures :P
700th post! I guess it's a first
As if any of the whiners even read the readme file :)
This is ID software. We can't live without their products! We have to do whatever they say and just hope they are beneficent dictators.
And I really don't give a crap who the hell knows. It's a video card for cripes sake. The game REQUIRES 3d acceleration. If id were just sending Q3 version information for update purposes, wouldn't you assume they know you have a 3d card of some kind anyway? What the hell difference does it make if they know the brand? The only ones that will run q3 decent are 3dfx and Nvidia cards anyway. I believe Carmack when he said they use it for support data. What else would they use it for? Forget that, I don't want to know any crazy conspiracy theories. Mellow out people.
Hi (to all, not just the poster of the previous message), I was saddened to see the latest barrage of unnecessary whining appear in realtion to the article on Quake 3. It appears to be the usual melange of gossip and firebrand Linux evangelism ('Linux is wonderful, all praise Linux, Torvalds is the Second Coming, bow down all ye before him, smite the unbelievers, let their houses be rent in twain, Bill Gates is Satan, etc.'). Tragic. I don't specifically advocate either OS, by the way. id Software collect strings containing the name and model of your video card, along with its GL_Extensions string. Permit me to explain this slowly: This allows them to better support a wide variety of video cards in both Quake 3 and future products. Got that? Good. Unless you have reflashed your video card BIOS with details of your credit cards, immobiliser codes, annual income, sexual preference, mortgage, mother's maiden name, phone number, etc THEY WILL NOT STORE ANY PERSONAL DATA ABOUT YOU. So go ahead, boycott id Software. Linux users only account for 2% of the Quake market anyway, so it's not going to hurt John Carmack at all. He (quite deservedly) already owns several Ferraris, so I can't imagine him becoming upset over this pointless bickering. In answer to the inevitable statement that I am undoubtedly a worthless waste of skin and other organic matter because I run Windows, permit me to clarify: I run both Linux and Windows. I won't be getting rid of Windows until I can do 90fps 1280x1024 full-screen rendering of textured, lit and shaded complex objects in OpenGL under Linux (without buying a quad Alpha system, anyway).
OMG dude. just please die or something. it's only been mentioned like 1000 times that every previous version of the q3test had documented this data was going to be sent. it's all the idiots like you that are creating this ridiculous paranoia.
and btw, any web page, and I mean ANY web page can easily record your ip address on ANY server it wants. i've written a java app that can run on any standard flat html page that does this...
i agree to that. it wouldn't even have to be a seperate question. it could be a simple checkbox alongside other install questions...
Slashdot is not a newspaper or webzine. Do you really think
that the people posting these "articles" are journalists? These
people do not go out and gather information and verify stories
as (some) journalists do. They surf the web looking for what
they think are interesting stories, summarize them (throwing in
their own opinions sometimes) and throw it up with a few
links. You don't have to be a journalist to do that.
John Carmack may argue all he wants, but don't listen to him. He and his pet company id Software are part of a worldwide EVIL CONSPIRACY that is TAKING AWAY YOUR RIGHTS!
When your videocard's version is sent to id's server, the information is relayed to the NATIONAL SECRET POLICE located in EAST BOSNIA. The information is corellated with data collected by NATO WAR PLANES and compared with data collected through MULTINATIONAL CODE NAME FQAZBY-7. This videocard information is pivotal to a world takeover plot that will convert all free people into slaves! It must be stopped!
This conspiracy is more dangerous -- more damaging to YOUR privacy -- than the daily actions of credit card companies, banks, health insurance companies, the DMA, the NSA, the FBI, and other major violators of privacy. And thanks to Michael's honorable and trustworthy reporting, we now have the full scoop on what's REALLY going on! Please, set this MULTINATIONAL CONSPIRACY as a priority on your activism list. Write to your Congresscreature, telling him or her to FORGET ABOUT THE NSA and focus on investigating id! Write to the EFF and EPIC and tell them that, instead of protecting our freedom of speech and rights to the REAL privacy of encryption, they should be launching lawsuits against id Software! Tell the ACLU to forget about fighting the National ID card and focus on the real culprit: id Software!
THE TRUTH IS OUT THERE!!! BIG BROTHER IS IN QUAKE3 DEMO TEST!!!
-- Rene
[DISCLAIMER: The author of this post is not responsible for the actions of morons who misunderstand it.]
No shit? You have to disclose your IP?
Why are you so defensive about people knowing what OS you're running? You running windows or something? Besides, it's nothing anyone couldn't figure out with a simple queso.
-lx
And if you want to keep Rome from getting built, you kill Romulus and Remus, if you can. Or you severely limit how much land they can build on. Or you keep an eye on what their descendants are doing, and match them. But you absolutely positively do not sit and wait until Alexander the Great is storming Cairo!
Know what I mean?
--- Grow a pair, liberals... stop letting the Republicans bully you!