Wearyman

Losing my hair and losing my mind in Western New York

Friday, August 19, 2005

Privacy, Lies and Videogames.

Sony Online Entertainment's "Planetside" is my all time favorite game. I started playing back in open beta, and other than a short misguided stint in the ill fated "Earth and Beyond" I have played it continuously since then. Occasionally life forces upon me the necessity to take a break, and I am just coming off one and getting back into the game after about a month's hiatus. I return to find, to my revulsion, advertisements have been inserted into my beloved Planetside! The link in the title has the short version of the announcement, here's a quote:

"An In Game advertisement system has been added through billboard style ads that are streamed by Massive Incorporated.
"


After reading up a bit on the Planetside web forums, I found that they are ads for drink products (Fanta, Coca-Cola), movies, and T.V. programs. At least so far, the adverts seem to be relatively innocuous.

However, not being one who can let well enough alone, I decided to find out a bit more about the adverts and Massive, the company who's code is handling the ad process. What I found shocked and upset me. Not only are Massive and SOE placing ads into the game, they are collecting data and statistics on those ads, and the software they load into your system does the collecting and reporting for them.

"What kind of data" you say? Well I'm glad you asked. According to research data obtained by two investigators (I will go over their report in more detail later), the software collects data on which ads you viewed, how many times you viewed them, how long you viewed them, from what angle you viewed them and from what distance. All this data is then sent back to Massive's servers when you close out the game, and used to hit you with more ads tailored to your personal viewing preferences.

Now, if this type of thing sounds familiar, it's because you have heard of it before. It's called Spyware. That's right, SOE has just put spyware into Planetside!

Now, I realize that this a pretty serious accusation, so before you pop off and send me an e-mail telling me what an idiot I am and to put my tinfoil hat away, please read on...

Initially I suspected that SOE was simply adding static ads into the play areas and the ads were changed on a rotating basis. However I soon realized that something more was afoot. My first clue was one of the other players posting on the planetside message boards about how he blocked the ads from showing up. The method he used employed the hosts file on his PC, a method that would be ineffective and completely unnecessary if the ads were static content delivered as part of the Planetside world textures.

I then decided to do a bit of investigation on my own. After googling around a bit for information on Massive, I came across several pieces of interesting information. First of all, I naturally ran across Massive's website. As you can see, They have a large and growing customer base. This is despite only having been around for a very short time. The hunger to spam gamers with ads while in-game is apparently rather large.

I then came across an entry in the forums over at broadbandreports.com. This entry also mentions the same method for blocking Massive's adstream that was posted (and deleted by mods) over at the Planetside forums. Again, this implies quite a bit more than simple static delivery of ad content, as does the information available over at Massive's website. Specifically, this line from a PR newswire story is particularly telling:

"The Massive AdClient SDK integrates into video game engines at the
development stage and handles all connections and communications with
Massive's AdServer, allowing the game to dynamically download advertising,
contextually into the game".
 Now, I'm no programmer, but that sounds an awful lot like third party software being attached to the game and loaded up into my machine.

Ok, so we now know that something is being loaded up into our machines. But what? More importantly, what does it do? This is what guided my next set of searches. What I found would send chills through anyone even mildly privacy minded.

Two intelligent game players had run into Massive's advertising on another game, SWAT4. Intrigued and concerned about the annoyance of adverts invading their game, they performed some in-depth investigation of their own, and posted their results online.

They go into great detail on all that they discovered during their investigation, including quite a bit on exactly what the Massive AdClient does. What really startled me was the following section in their online data:

"The client contacted madserver to tell the advertisers how long the gamer spent with each advert in their view. This is mapped to the gamer id, so they know which player in the game saw the advert, and when, for how long, and from how far away (by virtue of the size attribute). Even the average viewing angle is passed back".


This is startling. Apparently the AdClient doesn't just collect generic statstics on which ads were seen and for how long (which is very invasive as it is) but it is tied directly to a unique "gamer id". Below is an excerpt from the code posted at the afore mentioned website which shows an example of this id:


<closeSessionRequest sig="eea7756a7fd93649ec8f4898ce9a0303">
<sessionId>5244540</sessionId>
<gamerId>5097365</gamerId>
<timestamp>1120348101661</timestamp>
</closeSessionRequest>

As you can see, there is a unique number generated for use as a gamer id and this is sent back to Massive's servers along with a session Id and a timestamp. Unfortunately I was unable to determine with certainty if the gamer Id is always the same, as it is not stated on the researcher's website, and I was unable to reach the authors for comment by promised post time. I will update this article as necessary if I receive any response to my queries.

Update: I recently received confirmation from the original researchers that yes, the Gamer ID is always the same, so this confirms that trackable information is indeed generated by the Massive AdClient.

This leaves us a few questions. Why the need for a gamer Id, and what is it used for? It doesn't take much pondering to conclude that the gamer Id is used for tracking individual gamers and their ad-viewing preferences. As opposed to simply tracking the general ad viewing preferences of a given game population. If the data gathered was simply to be agreggated into a large data pool with no unique Id other than which game was played, there would be no need whatsoever for the gamer Id function.

This raises other serious privacy concerns. If the gamer Id is indeed unique to each player (and there really is no reason to assume otherwise) then it is a very short leap of logic to the possibility of tying that unique gamer Id to your game login (in SOE's case, your Station Id), and from there to your billing information and thusly your personally identifiable information.
So there it is. SOE and Massive collecting potentially personally identifiable information on all thier users, for use in hitting them with ads to provide an additional revenue stream over and above the already confiscatory monthly subscriptions we all pay to play these games.

What I find highly interesting is the changes to the Planetside EULA that SOE has made. Specifically the differences in section 12, regarding privacy.

I happen to have Planetside installed on two different PC's. One I patched up to the latest version, the other is about 3 months old, as I haven't used that machine to play Planetside more than once. Here is the last paragraph of section 12 from the Old EULA:

You acknowledge that any and all character data is stored and is resident on our servers, and any and all communications that you make within the Game (including, but not limited to, messages solely directed at another player or group of players) traverse through our servers, may or may not be monitored by our personnel, you have no expectation of privacy in any such communications and you expressly consent to monitoring of communications that you send and receive. You acknowledge and agree that we may transfer such information (including, without limitation your personally identifiable information or personal data) to the United States or other countries or may share such information with our licensees and agents in connection with the Game.


This would appear to be primarily directed towards player actions in-game, with the idea of heading off any privacy related complaints and/or legal issues. Notice the last sentence. This appears to be deliberately aimed at giving SOE the right to do pretty much whatever they want with our billing information. This is more than a bit disturbing, and this is the old EULA! Here is the same paragraph from the New EULA:

You acknowledge that any and all character data is stored and is resident on our servers, and any and all communications that you make within the Game (including, but not limited to, messages solely directed at another player or group of players) traverse through our servers, may or may not be monitored by our personnel, you have no expectation of privacy in any such communications and you expressly consent to monitoring of communications that you send and receive. You acknowledge and agree that we may transfer such information (including, without limitation your personally identifiable information or personal data) to the United States or other countries or may share such information with our licensees and agents in connection with the Game. PlanetSide may incorporate third party ad serving technology from suppliers such as Massive Incorporated (“Massive”). This technology, if used by SOE and provided to you, enables certain advertising to be temporarily uploaded to your PC or console and replaced in-game while connected online. As part of that process, no personally identifiable information about you is collected and only select non-personally identifiable information (such as IP address) is temporarily logged. No logged information is used by Massive to determine any personally identifiable information about you. For full details, see Massive’s privacy policy at http://www.massiveincorporated.com/privacy.htm.


Just for the record, the highlighting is not mine. SOE put that text in bold themselves. (although I formatted in italics) It is interesting that they made sure to bold that particular sentence. It is as if they knew that what they were doing would be offensive to many of thier playerbase, and they put that in to head off any complaints. Then of course, there is the inclusion of the new trailing paragraph regarding Massive. Take particular note of the last three sentences regarding personally identifiable information. Interesting that they would take such pains to first state that they can use your personally identifiable information, but then turn right around and state that they won't actually gather that data.

Of course, we already know that to a be a lie, due to the inclusion of a unique "gamer Id" in the data returned to Massive at the conclusion of a game session. As I stated before, there is no logical reason to include a unique "gamer Id" unless you intend to collect personally identifiable information! This is Massive's software, they could have written it to not create or need a "gamer Id". But they specifically chose to write this into the software. The only conclusion one can logically draw is that they intend to use this data to personally identify individual gamers within the game.

The lies go deeper. If you bothered to read the Massive "privacy policy" You will note the following lines:

We do not currently utilize cookies and we do not place persistent data or install persistent tracking mechanisms on Gamers' computers.

And yet, they do indeed install persistent tracking mechanisms onto Gamers' computers! You may well wonder what the basis is for this accusation. Upon reading through the research I previously mentioned I began to suspect that something beyond the ad textures had to be added to the game to facilitate data gathering and tracking, as this ability was not likely to have been tracked or gathered before the addition of the Massive "service".

I compared the Planetside directories on my machine that hadn't had Planetside updated in about 3-4 months with the one that was fully up to date. There were 3 specific and obvious differences between the two machine's Planetside directories. One was the inclusion of a new sub-directory named "massive_data" Initial inspection of this directory showed it was empty.

There were also two new DLL files added to the main Planetside Directory. These included "msvcr71.dll", which is nothing more than Microsoft's .Net 1.1 programming library. Obviously something new that needed .Net to function had been added to Planetside. This is where the second DLL file comes in. Named "m4d.dll" this is the dark horse file. Examining this file in Notepad is initially unrevealing, as most of it is in ASCII text, and unreadable. However, about 7/8ths of the way down the file, we run into something more readable:

MMT_SetNetworkCreationFunction@@YAXP6APAVNetDriver@MassiveAdClient@@XZ@Z MMT_CancelRequest MMT_DeInitialize MMT_FlushImpressionCache MMT_Free MMT_GetBinaryData MMT_GetCrex MMT_GetCurrentCrexForInventoryElement MMT_GetCurrentTime MMT_GetID MMT_GetInventoryElementHandle MMT_GetName MMT_GetNextCrexForInventoryElement MMT_GetSize MMT_GetStatus MMT_GetType MMT_GetVersion MMT_GetZoneHeaders MMT_Initialize MMT_JoinSession MMT_LeaveSession MMT_Malloc MMT_NetUpdate MMT_SetMemoryAllocators MMT_ShareSession MMT_UpdateInventoryElement

Not being a programmer myself, I am admittedly a tad bit in the dark on what everything here means. Judging by the first line though, it would appear to be a series of function calls within the DLL that allow it to operate as the AdClient, or to provide that functionality to other portions of the software that have been embedded into the main Planetside software. Here is what we are after, the actual software that delivers the ads to gamers, and the Gamers' information to Massive.

So, what about not leaving persistent software on Gamers' PCs? This .dll remains after closing down Planetside normally. It is not deleted after the session is closed, or after a reboot. It is, in other words, persistent. This is in direct contradiction to the Massive "Privacy Policy" posted on thier website.

It is further interesting to note that Massive attempts to play a type of shell game with thier data, as the "massive_data" folder does indeed get used, but only during game play. Minimising Planetside while playing and then navigating to the "massive_data" folder reveals that it is now filled with the DDS (direct X image) files that make up the ads themselves. After closing down Planetside, this directory is emptied. I suspect this serves two functions. The first being the prevention of data buildup by not collecting too many ad images on Gamers' hard drives. The second being the ability to fool the less astute into thinking that indeed the Massive data is being removed from thier systems and that the "privacy policy" is being followed.

Obviously we now know that the "privacy policy" is not being followed, and that persistent data is indeed left on our systems. Since we have now been lied to twice regarding the use and function of Massive's software, it is fairly safe to take most if not all of thier so-called "privacy policy" with more than a grain of salt.

One question remains. What do we do about it? We cannot alter the software without risking violation of the EULA and cancellation of our accounts. Also, with the built-in update feature Planetside has, even deletion of the offending DLL files may not make a difference. The next time the game is started it will update and the DLLs will simply be replaced.

Gamers in the United States have no legal recourse as Privacy laws regarding collection of private information by corporate entities are ambiguous at best. EU gamers can take heart though, Privacy laws in the EU are very strict, and this type of approach is not likely to fly there.

For those of us in countries where laws have not been updated to force companies to be more responsible, we do indeed have recourse. A simple modification to the Hosts file on your PC can prevent the Massive software from contacting thier servers and transmitting any precious personal data. Simply open the Hosts file using Notepad. If you don't know where it is on your PC, just use the Windows search function (Start -> Search) and have it look in hidden and system files for "hosts". Once you have the file open, simply add these lines to your hosts file:

127.0.0.1 madserver.net
127.0.0.1 ad.madserver.net
127.0.0.1 imp.madserver.net
127.0.0.1 media.madserver.net

After the "localhost" line. This "blackholes" the Massive adservers, and when the AdClient attempts to make outbound contact to either those servers or IP's, it gets looped back to the PC itself and the connection dies. Alternately, if you have a router with configurable IP routing, you could also block access to thier servers from there.

EDIT: I originally had these three lines also listed in the section above:
127.0.0.1 38.119.38.151
127.0.0.1 38.119.38.152
127.0.0.1 38.119.38.153
But as a sharp reader pointed out, the hosts file is not used when Windows makes a direct IP connection. If you wish to block these IP's, you will have to do it using a software firewall, hardware firewall, or a static routing table in Windows. I don't know how I missed that one, I must be slipping.

Not only does this prevent access to thier servers, but it also appears to kill the AdClient function altogether, as even replacing the ad files into the "massive_data" folder from copies stored elsewhere on the PC does not return function to the ads after the hosts file has been modified. Instead the poster elements simply display the SOE logo while playing the game.

In conclusion, I would recommend to all players of Planetside, and any other game that uses the Massive technology to immediately employ this blocking strategy and prevent this type of data collection from happening.

It is up to the Gaming Community to stand up together and tell gaming companies that we will not put up with this type of invasive technology being added to our games. Gaming companies need to understand that we have already paid a pretty penny to play thier game, and we will not allow ourselves to be leeched off of while receiving nothing but visual annoyance in return. We may be forced to accept the EULA when we start the game, but we do not accept invasion of our privacy and forced advertisements in game.

10 Comments:

Anonymous Anonymous said...

Amazing! Good work, I'll get blocking right away! :)

Sun Aug 21, 08:19:00 PM GMT-5  
Anonymous RoboRay said...

Good summary.

For the record, though, you can't use the HOSTS file to block IP addresses, only domains. The last three lines you added to your HOSTS file don't do anything. The HOSTS file is the first place your computer checks when trying to resolve a domain to an IP, moving on to your DNS server if the domain is not found in HOSTS. An entered IP address simply bypasses that process and connects your machine directly to the destination server.

Mon Aug 22, 11:56:00 AM GMT-5  
Anonymous Anonymous said...

Paranoia, simple way to reduce quality of life. Wait till you realize what information Blogger.com is gathering, should trigger a few ulcers and sleepless nights.

Tue Feb 07, 05:03:00 PM GMT-5  
Blogger The Weary Man said...

Anonymous,

You obviously didn't read the entire article. If you understood anything about this, you would realize that this is not paranoia, but sane and reasonable concern over the excesses of advertising in a game that we players ALREADY PAY A SUBSCRIPTION TO PLAY. I don't like having money made off of me while getting nothing in return but annoyance and lost framerates.

On top of that, to have the obvious POTENTIAL (key word there) for serious privacy abuses by SOE via the data from Massive makes it even more unpalatable.

I am aware that I cannot have a reasonable expectation of complete privacy in our digital world. I am not naive. But at the same time, I do expect, nay DEMAND the companies I do business with to conform to a standard model of business ethics in respect to my desires as a consumer and my privacy.

So you can put your tinfoil away, I have no need of a new hat.

Wed Feb 15, 01:22:00 PM GMT-5  
Anonymous Anubis1055 said...

SOE is crap and we all know it. they are milking planetside subscription fees for WoW and SWG.

god i wish i could call the FBI and have them do somethin about this. but they are as usefull as protestors are. they dont do jack.

Tue May 09, 03:50:00 PM GMT-5  
Blogger Jason H. Smith said...

Awesome,. I'll let my outfit know immediately.

Luftpirat
Emerald VS

Fri Jun 09, 08:36:00 PM GMT-5  
Anonymous Anonymous said...

Hi, I recently installed Trackmania Nations which uses the same .dll file. I sold the cd, but once reading this article, i deleted the .dll file. My trackmania nations now does not work because I do not have the .dll file. I have searched the internet but there is no way of downloading it. Is there anyone or any links that I could get in order to recieve this file? Please email me at eggy_iron_maiden10@hotmail.co.uk if you have any ideas- thanks very much!

Mon Aug 20, 12:42:00 PM GMT-5  
Anonymous Anonymous said...

good grief. if you don't like it, don't play the game. stop wetting your pants.

Sun Feb 03, 10:12:00 PM GMT-5  
Anonymous Anonymous said...

Brilliant, The adds in bf2142 were bad enough until everyone figured out how to block them, they really do ruin the experience for a lot of people, now far cry 2 is the latest title to fall victim to this spyware and spamming, we don't tolerate it in our mail and we won't tolerate it in our games, nice one and thanks.

Mon Oct 20, 04:59:00 PM GMT-5  
Anonymous Wootage said...

Hi, check out OpenDNS for a control panel which lets you block sites from resolving. It works finest kind.

And interestingly, when I added Massive's adservers, I got a popup that said "You're already blocking all Adware sites (in the main category list). Do you want to add this site even though it's already blocked?"

So, OpenDNS contributors have already identified these sites as adware and added them to the big category of Stuff We Don't Want Connecting to Our Computers :D

Wed Mar 18, 12:31:00 PM GMT-5  

Post a Comment

Links to this post:

Create a Link

<< Home