Forums » Role Playing
[00:17] <vo2> [100] <Lisa201> handy for finding stations. You need the TGFT_Utilitiies plugin though.
[00:17] <vo2> [100] <Estrian Prosis> lol TGFT have made some kind of mass info collecting plugin on other users
[00:17] <vo2> [100] <Meddis> Hi LIsa, this is xtoph, i am going to retire Xtophx and create this as my new helper, it is a lite sub, can you fix keys on it and can i join tgft with it?
[00:17] <vo2> [100] <Elder> I would caution about using TGFT plug-ins, they are spyware
[00:17] <vo2> [201] <risan alvaro> where i can find heliocene
[00:17] <vo2> [100] <JHX> ah damn thanks anyway Lisa!
[00:18] <vo2> [100] <Arta-Calaestis Ralor> I'm using TGFT plugins
[00:18] <vo2> [100] <Lisa201> yes, they collect data, but everyone can use the data.
[00:18] <vo2> [100] <Lisa201> like /lowprice and /highprice etc.
[00:18] <vo2> [100] <Arta-Calaestis Ralor> TGFT Utilities is my Fav.
[00:18] <vo2> [100] <Elder> is it the only thing plug-ins log?
[00:18] <vo2> [100] <Estrian Prosis> lol you suck the collective nipples of TGFT, Arta, I wouldn't trust a word you say
[00:19] <vo2> [100] <Lisa201> If you want to see if a place is safe like Latos H-2, you can do /players "Latos H-2"
[00:19] <vo2> [100] <Lisa201> that will list the last people that have been seen in that sector.
[00:19] <vo2> [100] <JHX> omfg i need this
[00:19] <vo2> [100] <Arta-Calaestis Ralor> Elder is in Dau L-10, in a IDV Valkyrie X-1
[00:19] <vo2> [100] <Lisa201> the plugin also updates the price data for EVERYONE.
[00:21] <vo2> [100] <Lisa201> what do you mean? You don't get anything if you do /players Latos
[00:22] <vo2> [100] <Estrian Prosis> from what I can see
[00:22] <vo2> [100] <Estrian Prosis> you have built a plugin for all the vo users to collect data for you
[00:23] <vo2> [100] <Lisa201> not just for me/us, it's for everyone.
[00:23] <vo2> [100] <Lisa201> why do you think I made it public?
[00:23] <vo2> [100] <Estrian Prosis> with Zero guarantee that this helps them, or that TGFT can't selectively exclude themselves from being tracked
[00:23] <vo2> [100] <Elder> us means TGFT, including data that are not publicly available
[00:24] <vo2> [100] <Estrian Prosis> on a server backend, you can have a setting which ignores all reports of TGFT or selected people
[00:24] <vo2> [100] <Lisa201> Ok, well I made 30 mil trading in Serco space using it's data... Same data anyone can get from the plugin.
[00:24] <vo2> [100] <Lisa201> Well, nobody forces you to use it EP.
[00:24] <vo2> [100] <Estrian Prosis> public means you've made the interface public
[00:25] <vo2> [100] <Estrian Prosis> the server backend code is still private
[00:25] <vo2> [100] <Lisa201> It also will warn you if you are about to jump to a sector that you are hated in.
[00:25] <vo2> [100] <Elder> public part of the collected data is useful for everyone, agreed, 'the other part' is useful only for TGFT as a spyware
[00:26] <vo2> [100] <Lisa201> Like when I was hated by Itani, if I plotted to their space, I'd be warned before I jump there.
[00:26] <vo2> [100] <Lisa201> Or if you get temp KOS for a nation, it warns you if you are jumping to their space.
[00:26] <vo2> [100] <Estrian Prosis> those kinds of commands do not require a server connection
[00:26] <vo2> [100] <Lisa201> Your point?
[00:26] <vo2> [100] <Estrian Prosis> my point is you're avoiding my point
[00:27] <vo2> [100] <Lisa201> no, just ignoring it..
[00:27] <vo2> [100] <Estrian Prosis> this cannot be presented to the VO playebase as an unbiased piece of technology when the server code is private, and is hosted by someone who is clearly biased.
[00:28] <vo2> [100] <Lisa201> Who said it was unbiased? It says in the help that some functions are only for TGFT members.
[00:28] <vo2> [100] <Lisa201> And that's only a couple...
[00:28] <vo2> [100] <Hugh Hustla> omg just make it open source and put this to an end already...
[00:28] <vo2> [100] <H.Hornblower> open source? everything for free?
[00:28] <vo2> [100] <H.Hornblower> wtf?
[00:29] <vo2> [100] <Lisa201> The plugin is open source... our server side is not. Not unusual for VO plugins.
[00:29] <vo2> [100] <Hugh Hustla> it is already isnt it, can just download the plugin...
[00:29] <vo2> [100] <Elder> they cant release spyware as open source
[00:29] <vo2> [100] <Lisa201> seems you guys just want to whine
[00:29] <vo2> [100] <Estrian Prosis> there's always a catch with you people
[00:29] <vo2> [100] <H.Hornblower> y'all sound like whispering malcontents. out.
[00:29] <vo2> [100] <Hugh Hustla> oh ok, then if thats how all plugins are then they should stop bitchin...
[00:30] <vo2> [100] <Lisa201> Yep, I'm done talking about it.
[00:30] <vo2> [100] <Estrian Prosis> plusings that require a server connection are made by guilds for guilds, their function is clearly biased but that is obvious
[00:31] <vo2> [100] <Lisa201> where's my cheese...
[00:31] <vo2> [100] <Estrian Prosis> this one is made by a guild for the VO population, presented as beneficial
[00:31] <vo2> [100] <Estrian Prosis> there is no explanation nor transparency of what TGFT can use it for.
[07:05] <vo2> [100] <Sieger> "Max Hax", remember we log everything. I have your identity on good authority.
[00:17] <vo2> [100] <Estrian Prosis> lol TGFT have made some kind of mass info collecting plugin on other users
[00:17] <vo2> [100] <Meddis> Hi LIsa, this is xtoph, i am going to retire Xtophx and create this as my new helper, it is a lite sub, can you fix keys on it and can i join tgft with it?
[00:17] <vo2> [100] <Elder> I would caution about using TGFT plug-ins, they are spyware
[00:17] <vo2> [201] <risan alvaro> where i can find heliocene
[00:17] <vo2> [100] <JHX> ah damn thanks anyway Lisa!
[00:18] <vo2> [100] <Arta-Calaestis Ralor> I'm using TGFT plugins
[00:18] <vo2> [100] <Lisa201> yes, they collect data, but everyone can use the data.
[00:18] <vo2> [100] <Lisa201> like /lowprice and /highprice etc.
[00:18] <vo2> [100] <Arta-Calaestis Ralor> TGFT Utilities is my Fav.
[00:18] <vo2> [100] <Elder> is it the only thing plug-ins log?
[00:18] <vo2> [100] <Estrian Prosis> lol you suck the collective nipples of TGFT, Arta, I wouldn't trust a word you say
[00:19] <vo2> [100] <Lisa201> If you want to see if a place is safe like Latos H-2, you can do /players "Latos H-2"
[00:19] <vo2> [100] <Lisa201> that will list the last people that have been seen in that sector.
[00:19] <vo2> [100] <JHX> omfg i need this
[00:19] <vo2> [100] <Arta-Calaestis Ralor> Elder is in Dau L-10, in a IDV Valkyrie X-1
[00:19] <vo2> [100] <Lisa201> the plugin also updates the price data for EVERYONE.
[00:21] <vo2> [100] <Lisa201> what do you mean? You don't get anything if you do /players Latos
[00:22] <vo2> [100] <Estrian Prosis> from what I can see
[00:22] <vo2> [100] <Estrian Prosis> you have built a plugin for all the vo users to collect data for you
[00:23] <vo2> [100] <Lisa201> not just for me/us, it's for everyone.
[00:23] <vo2> [100] <Lisa201> why do you think I made it public?
[00:23] <vo2> [100] <Estrian Prosis> with Zero guarantee that this helps them, or that TGFT can't selectively exclude themselves from being tracked
[00:23] <vo2> [100] <Elder> us means TGFT, including data that are not publicly available
[00:24] <vo2> [100] <Estrian Prosis> on a server backend, you can have a setting which ignores all reports of TGFT or selected people
[00:24] <vo2> [100] <Lisa201> Ok, well I made 30 mil trading in Serco space using it's data... Same data anyone can get from the plugin.
[00:24] <vo2> [100] <Lisa201> Well, nobody forces you to use it EP.
[00:24] <vo2> [100] <Estrian Prosis> public means you've made the interface public
[00:25] <vo2> [100] <Estrian Prosis> the server backend code is still private
[00:25] <vo2> [100] <Lisa201> It also will warn you if you are about to jump to a sector that you are hated in.
[00:25] <vo2> [100] <Elder> public part of the collected data is useful for everyone, agreed, 'the other part' is useful only for TGFT as a spyware
[00:26] <vo2> [100] <Lisa201> Like when I was hated by Itani, if I plotted to their space, I'd be warned before I jump there.
[00:26] <vo2> [100] <Lisa201> Or if you get temp KOS for a nation, it warns you if you are jumping to their space.
[00:26] <vo2> [100] <Estrian Prosis> those kinds of commands do not require a server connection
[00:26] <vo2> [100] <Lisa201> Your point?
[00:26] <vo2> [100] <Estrian Prosis> my point is you're avoiding my point
[00:27] <vo2> [100] <Lisa201> no, just ignoring it..
[00:27] <vo2> [100] <Estrian Prosis> this cannot be presented to the VO playebase as an unbiased piece of technology when the server code is private, and is hosted by someone who is clearly biased.
[00:28] <vo2> [100] <Lisa201> Who said it was unbiased? It says in the help that some functions are only for TGFT members.
[00:28] <vo2> [100] <Lisa201> And that's only a couple...
[00:28] <vo2> [100] <Hugh Hustla> omg just make it open source and put this to an end already...
[00:28] <vo2> [100] <H.Hornblower> open source? everything for free?
[00:28] <vo2> [100] <H.Hornblower> wtf?
[00:29] <vo2> [100] <Lisa201> The plugin is open source... our server side is not. Not unusual for VO plugins.
[00:29] <vo2> [100] <Hugh Hustla> it is already isnt it, can just download the plugin...
[00:29] <vo2> [100] <Elder> they cant release spyware as open source
[00:29] <vo2> [100] <Lisa201> seems you guys just want to whine
[00:29] <vo2> [100] <Estrian Prosis> there's always a catch with you people
[00:29] <vo2> [100] <H.Hornblower> y'all sound like whispering malcontents. out.
[00:29] <vo2> [100] <Hugh Hustla> oh ok, then if thats how all plugins are then they should stop bitchin...
[00:30] <vo2> [100] <Lisa201> Yep, I'm done talking about it.
[00:30] <vo2> [100] <Estrian Prosis> plusings that require a server connection are made by guilds for guilds, their function is clearly biased but that is obvious
[00:31] <vo2> [100] <Lisa201> where's my cheese...
[00:31] <vo2> [100] <Estrian Prosis> this one is made by a guild for the VO population, presented as beneficial
[00:31] <vo2> [100] <Estrian Prosis> there is no explanation nor transparency of what TGFT can use it for.
[07:05] <vo2> [100] <Sieger> "Max Hax", remember we log everything. I have your identity on good authority.
TGFT Big brother is watching you!
VO community has to know that by using TGFT plug-ins you are essentially being spied on by TGFT.
TGFT knows your every move, where you go, what you do and who are you with.
Also, you are acting as a remote TGFT spy - collecting all available data for them in real time.
VO community has to know that by using TGFT plug-ins you are essentially being spied on by TGFT.
TGFT knows your every move, where you go, what you do and who are you with.
Also, you are acting as a remote TGFT spy - collecting all available data for them in real time.
It is beneficial to those who are comfortable with the tradeoff. Without the server back end, it would not be as beneficial to those who use it, even non-TGFT.
Btw, this should be moved to the community projects area. It's not really a role playing topic.
Btw, this should be moved to the community projects area. It's not really a role playing topic.
Note that there is literally nothing TGFT can do to remove paranoia on this front. Even if they reveal the server-side code, there is no guarantee that the code they reveal is the code they actually use. At best, making it open source would let people set up their own private servers to use instead of the TGFT one (at the cost of not having other people using their server, so their data will be worse).
If everybody were willing to trust at least their own guild, a hive of per-guild servers which all communicate with each other could be established, sending only the aggregate data between each other rather than data that could be linked to individuals. There are a lot of people who'd be unwilling to employ even that much trust, however, and such a system is well beyond what I see people being willing to actually set up.
If everybody were willing to trust at least their own guild, a hive of per-guild servers which all communicate with each other could be established, sending only the aggregate data between each other rather than data that could be linked to individuals. There are a lot of people who'd be unwilling to employ even that much trust, however, and such a system is well beyond what I see people being willing to actually set up.
Maybe you are right kbireta.
A thread about TGFT spying on VO community by peddling spyware to gullible players to install in their VO clients deserves devs attention - maybe in a form of a support ticket?
A thread about TGFT spying on VO community by peddling spyware to gullible players to install in their VO clients deserves devs attention - maybe in a form of a support ticket?
@bojansplash You realize you can read the code yourself? No reason to waste the devs time.
Are you purposefully missing Bojan's point biretak?
As a convenience for those less comfortable reading Lua code, here is the specific data that the current version of TGFT_Utilities on Voupr automatically sends to their server:
* Your IP (this is necessary; they can't not send it)
* The version number of your copy of the plugin
* Your TGFT username and password (these are NOT your Vendetta username and password)
* Your character name
* Your current location
* Whether your current sector has a storm
* Whether your current sector has bots
* Whether your current sector has players
* The guild, name, id, and ship of every player you encounter
* All item data for every item a station you visit sells
* Limited data about every item in your station inventory for every station you visit (specifically: item name, id, type, price, station id, and whether the price is static; no quantity information is revealed.)
It does not appear to scan through your character slots to directly identify your alts. However...
Your TGFT username is just your current character name; it changes based on whoever you're playing as. Your TGFT password, on the other hand, is randomly generated the first time you log in with the plugin installed and is then the same for every alt you use on that installation of Vendetta. It's saved in config.ini, so any alt on any account you use with that install will be submitting that same identifying password unless you manually intervene. The password is a random number between 10000 and 99999, so there is going to be some overlap if enough people use the plugin, but it's still a strong indicator of alt-ness.
Furthermore, even if you modify the plugin to not save the password each session, since communicating with another server necessarily reveals your IP address, they could identify your alts by examining their records to see if multiple character names talked to them on the same IP. That isn't definitive proof, because you may have been using a public access point that other people also used (university wifi, for example), but it is a pretty strong indicator in a game with as small a playerbase as VO's. You could partially bypass this by modifying the plugin to submit only a false name, however if they watch you visit a station in-game and note the timing, they could still identify you on the server by seeing which IP submitted data at that time. From then on, they know which data is yours unless your IP changes (most residential IPs in the USA are dynamic and change every so often).
And keep in mind that there is in fact a function in the plugin named "Altfinder" that queries the http://www.tgft.org/vendetta/altfinder.php page. So don't think I'm being paranoid bringing this sort of thing up. They do in fact put effort into determining people's alts and making that information available to each other, regardless of whether they actually record and use the data that this particular plugin submits.
* Your IP (this is necessary; they can't not send it)
* The version number of your copy of the plugin
* Your TGFT username and password (these are NOT your Vendetta username and password)
* Your character name
* Your current location
* Whether your current sector has a storm
* Whether your current sector has bots
* Whether your current sector has players
* The guild, name, id, and ship of every player you encounter
* All item data for every item a station you visit sells
* Limited data about every item in your station inventory for every station you visit (specifically: item name, id, type, price, station id, and whether the price is static; no quantity information is revealed.)
It does not appear to scan through your character slots to directly identify your alts. However...
Your TGFT username is just your current character name; it changes based on whoever you're playing as. Your TGFT password, on the other hand, is randomly generated the first time you log in with the plugin installed and is then the same for every alt you use on that installation of Vendetta. It's saved in config.ini, so any alt on any account you use with that install will be submitting that same identifying password unless you manually intervene. The password is a random number between 10000 and 99999, so there is going to be some overlap if enough people use the plugin, but it's still a strong indicator of alt-ness.
Furthermore, even if you modify the plugin to not save the password each session, since communicating with another server necessarily reveals your IP address, they could identify your alts by examining their records to see if multiple character names talked to them on the same IP. That isn't definitive proof, because you may have been using a public access point that other people also used (university wifi, for example), but it is a pretty strong indicator in a game with as small a playerbase as VO's. You could partially bypass this by modifying the plugin to submit only a false name, however if they watch you visit a station in-game and note the timing, they could still identify you on the server by seeing which IP submitted data at that time. From then on, they know which data is yours unless your IP changes (most residential IPs in the USA are dynamic and change every so often).
And keep in mind that there is in fact a function in the plugin named "Altfinder" that queries the http://www.tgft.org/vendetta/altfinder.php page. So don't think I'm being paranoid bringing this sort of thing up. They do in fact put effort into determining people's alts and making that information available to each other, regardless of whether they actually record and use the data that this particular plugin submits.
Damn, Rin beat me to the punch of dissecting it.
Not only did he dissect it, but he pinned the li'l organs on a board and labeled them properly and included common terms as well as their Latin names! Top notch work, Rin!
and... it is still a very useful tool if you don't care about the trade offs.
An altfinder and everything logger is a pretty fucking big tradeoff.
Now, lets have a think. How many players over the years have boasted about having alts in TGFT to spy on us ? How many have had alts in TGFT to make money or to manufacture dents? How many have had alts to find good mining or trade locations ? Really, it is a very long list. A list a decade long, with a lot of names on it.
So consider this: Anyone who has ever had an alt in TGFT is effectively accusing themselves of spying on themselves. They are whining about TGFT collecting information which they have benefitted from.
All things considered, complaining that you shot shot your own balls off with your own gun from your own pocket makes the complainants look a bit silly.
So consider this: Anyone who has ever had an alt in TGFT is effectively accusing themselves of spying on themselves. They are whining about TGFT collecting information which they have benefitted from.
All things considered, complaining that you shot shot your own balls off with your own gun from your own pocket makes the complainants look a bit silly.
So, in short, you are not denying that TGFT utilities plug-in is a spyware that does what Rin laid out it does Ecka?
This is a classic 'Chewbacca defense', kudos for that but I am afraid it won't work for breach of GS Eula under the US Laws.
This is a classic 'Chewbacca defense', kudos for that but I am afraid it won't work for breach of GS Eula under the US Laws.
oh of course davejohn, that makes perfect sense now and I'm sure everybody will let this old horse die now...DOUBTFUL!
lmao bojansplash US laws. ahhh they spied on our online characters in a MMO. crime! crime! better call the cops or TGFT will steal your credits. stop making a fool out of yourself man.
Lol whoever you are ClarenceC.
You are clearly missing the point - this is beyond game and presents breaking of real life laws.
A group of players deliberately introduced a spyware in an online game for their personal gain and advantage over the rest of the VO community.
You are clearly missing the point - this is beyond game and presents breaking of real life laws.
A group of players deliberately introduced a spyware in an online game for their personal gain and advantage over the rest of the VO community.
ya man exactly: an online game. you better call your lawyer this is a serious crime lol.
Stupidity is sometimes curable but in your case... I'm afraid not ClarenceC
Chapter 9. of GS Eula
9. You may not use any third party software to modify the Software to change Game play. You may not create, facilitate, host, link to or provide any other means through which the Game may be played by others, such as through server emulators. You may not take any action which imposes an unreasonable or disproportionately large load on our infrastructure. You may not buy, sell or auction (or host or facilitate the ability to allow others to buy, sell or auction) any Game characters, items, coin or copyrighted material.
P.S. This chapter also sanctions Sieger buying alpha account from a real alpha vet.
Chapter 9. of GS Eula
9. You may not use any third party software to modify the Software to change Game play. You may not create, facilitate, host, link to or provide any other means through which the Game may be played by others, such as through server emulators. You may not take any action which imposes an unreasonable or disproportionately large load on our infrastructure. You may not buy, sell or auction (or host or facilitate the ability to allow others to buy, sell or auction) any Game characters, items, coin or copyrighted material.
P.S. This chapter also sanctions Sieger buying alpha account from a real alpha vet.
Rin did a good job of explaining it all. Don't like it, don't use it.
As for breaking real life laws, no. all web servers on the Internet have your IP address. Not much you can do about that. Most of the large guilds have some kind of server based plugin.
TGFT requires alt separation. Therefore if someone in TGFT has a pirate alt etc., then we need to make sure that is not abused. Any alts would not have access to the TGFT data.
Data regarding alts is restricted to only the CO, and LT's. That way we can maintain alt separation.
As for breaking real life laws, no. all web servers on the Internet have your IP address. Not much you can do about that. Most of the large guilds have some kind of server based plugin.
TGFT requires alt separation. Therefore if someone in TGFT has a pirate alt etc., then we need to make sure that is not abused. Any alts would not have access to the TGFT data.
Data regarding alts is restricted to only the CO, and LT's. That way we can maintain alt separation.