Version 0.16.24
-
- Inserter
- Posts: 24
- Joined: Sun Apr 30, 2017 11:13 am
- Contact:
Re: Version 0.16.24
My two cents: Please make the reporting opt-in. People tend to get very upset when data is collected on them without their knowledge. I know that in this day and age that seems a bit unrealistic, but you can help to be a part of the change.
- Justin -
Re: Version 0.16.24
You are contradicting yourself. If so many people already upload crash logs manually then why wouldn't they opt-in. After all that would be easier than manual upload.impetus maximus wrote:everyone just calm down. it's going to send GAME data to the devs to help improve the game.
as others said, if it was opt-in 99% of players wouldn't. also look how many folks upload crash logs without complaint.
it's for the good of the game, and the devs are not spying on you.if you are worried about your data/privacy, look at what google is up to.
Re: Version 0.16.24
I'm fine with uploading crash logs.
If it would upload save games as well, I would be ashamed of the mess I made, but still fine with it.
If it would upload save games as well, I would be ashamed of the mess I made, but still fine with it.
Re: Version 0.16.24
I'm not okay with an opt-out and would like to see an opt-in.
Re: Version 0.16.24
Just yesterday I had a crash after trying to load a huge multiplayer map from 0.15 in 0.16 just to see how much of it would blow up.
Found some update problems from mods along the way so I tried loading the map at least 10 times fixing the upgrade script for some mod.
With the opt-out for uploading crash reports you would have gotten 10 times my crash log, my 200MB save game and my 160MB mod folder.
So about 3.6 GB uploads. ARE YOU INSANE?
Since crashes are supposed to never happen and are actually encouragingly rare even for experimental versions why decide ahead of time weather to upload or not? Seems like something you could ask on a case by case basis. I would have said yes the first time and then no the other 9 times because I just kept triggering the same bug over and over while fixing the migration script of a mod.
Found some update problems from mods along the way so I tried loading the map at least 10 times fixing the upgrade script for some mod.
With the opt-out for uploading crash reports you would have gotten 10 times my crash log, my 200MB save game and my 160MB mod folder.
So about 3.6 GB uploads. ARE YOU INSANE?
Since crashes are supposed to never happen and are actually encouragingly rare even for experimental versions why decide ahead of time weather to upload or not? Seems like something you could ask on a case by case basis. I would have said yes the first time and then no the other 9 times because I just kept triggering the same bug over and over while fixing the migration script of a mod.
Re: Version 0.16.24
Why do you think they send your saves or mods? The option is literally about the log, and nothing else. A normal log is usually around a few kb long, even less when it is compressed. Seriously nothing to worry about, if you would have to worry about maybe 50kB of traffic you wouldnt be on this forum.mrvn wrote:Just yesterday I had a crash after trying to load a huge multiplayer map from 0.15 in 0.16 just to see how much of it would blow up.
Found some update problems from mods along the way so I tried loading the map at least 10 times fixing the upgrade script for some mod.
With the opt-out for uploading crash reports you would have gotten 10 times my crash log, my 200MB save game and my 160MB mod folder.
Also, I find it extremely interesting that you didn't even report the crash. The situation you describe is literally why the log uploading was introduced.
I'm an admin over at https://wiki.factorio.com. Feel free to contact me if there's anything wrong (or right) with it.
Re: Version 0.16.24
A crash report without a savegame and mods folder makes it hard to reproduce. So I assumed the crash report upload would include those.Bilka wrote:Why do you think they send your saves or mods? The option is literally about the log, and nothing else. A normal log is usually around a few kb long, even less when it is compressed. Seriously nothing to worry about, if you would have to worry about maybe 50kB of traffic you wouldnt be on this forum.mrvn wrote:Just yesterday I had a crash after trying to load a huge multiplayer map from 0.15 in 0.16 just to see how much of it would blow up.
Found some update problems from mods along the way so I tried loading the map at least 10 times fixing the upgrade script for some mod.
With the opt-out for uploading crash reports you would have gotten 10 times my crash log, my 200MB save game and my 160MB mod folder.
Also, I find it extremely interesting that you didn't even report the crash. The situation you describe is literally why the log uploading was introduced.
In the case of my crash I didn't upload because I already reported two bugs and had to upload savegame and mods several times and the other people around me where glaring at me for hogging all the upload already. Stupid forum lets me upload a 100MB mods.tar.xz only to tell me at the end that .xz is not allowed. The crash backtrace also looked real useless. It crashed in the crash reporter. I might upload when I'm at home again and have proper upload bandwidth.
- bobingabout
- Smart Inserter
- Posts: 7352
- Joined: Fri May 09, 2014 1:01 pm
- Contact:
Re: Version 0.16.24
What do you plan to do with the new GDPR law that became active in Europe on the 25th of may 2018?
It basically states that you are not allowed to collect any form of data from anyone unless they give you permission to. The auto-error reporting thing you implemented technically violates that new law, because you're not informing the user that you are doing this, and asking permission to do so before doing it. (It's an opt in, you need to ask AT LEAST ONCE before doing it, but that setting can be stored)
But you're just sending information about the crash, why does it violate this law? basically, any personal information isn't allowed to be sent or stored without permission, and therefore because you send information about hardware and software(EG, OS) the user is using, that's a violation.
Further to that, if you already store certain details about a person (Weather permission has previously been given or not, EG, on signing up for an account to buy the game), including name, email address, credit card numbers, IP address, etc, then you MUST inform the user that you're storing that data, and why, at which point they can request you delete it.
(seriously, it's actually a real headache that on the 25th, pretty much every website I visit asks me permission to use cookies, and even some games bring up a new screen... well, the ones I told it I'm connecting from europe anyway, the ones I tell I'm connecting from america so that my american and australian friends can play with me didn't)
It basically states that you are not allowed to collect any form of data from anyone unless they give you permission to. The auto-error reporting thing you implemented technically violates that new law, because you're not informing the user that you are doing this, and asking permission to do so before doing it. (It's an opt in, you need to ask AT LEAST ONCE before doing it, but that setting can be stored)
But you're just sending information about the crash, why does it violate this law? basically, any personal information isn't allowed to be sent or stored without permission, and therefore because you send information about hardware and software(EG, OS) the user is using, that's a violation.
Further to that, if you already store certain details about a person (Weather permission has previously been given or not, EG, on signing up for an account to buy the game), including name, email address, credit card numbers, IP address, etc, then you MUST inform the user that you're storing that data, and why, at which point they can request you delete it.
(seriously, it's actually a real headache that on the 25th, pretty much every website I visit asks me permission to use cookies, and even some games bring up a new screen... well, the ones I told it I'm connecting from europe anyway, the ones I tell I'm connecting from america so that my american and australian friends can play with me didn't)
- eradicator
- Smart Inserter
- Posts: 5207
- Joined: Tue Jul 12, 2016 9:03 am
- Contact:
Re: Version 0.16.24
@bobingabout:
Don't forget the discussion at FFF-231. The FFF where kovarex was famously quoted as
Don't forget the discussion at FFF-231. The FFF where kovarex was famously quoted as
Ofc this is a sadly un-laughable and grossly distorted interpretation of "transparency" with the GDPR in mind. Thus i fear they won't change anything until someone actually sues them about it :/. Hopefully someone close enough to them personally can convince them to comply before bad things happen, because forum posts don't seem to be enough.kovarex wrote: To paraphrase what kovarex said: "The games I played send all kinds of data and they don't allow me to opt out, now we do it and are transparent about it and we are the bad guys?"
Re: Version 0.16.24
Listen here.dee- wrote:I'm not okay with an opt-out and would like to see an opt-in.
If I had to make that decision, I would not even allow the users to turn off such feature.
(And I would only ever write about it in the EULA which no one reads even though everyone should. And shut my mouth about it so no-one starts complaining.)
Would I be a "bad-guy" if someone accidentally notices it and starts spreading the word that the information can be used up against the user even though that's not true?
Information is a very powerful tool. Everyone knows that. However, it still comes down to who uses that information. I would be a bad person for desperately gathering information in order to correct my mistakes right?
Damn. Everyone should be deaf-blind so no-one will hear-see anything they are not supposed to.
Re: Version 0.16.24
I too don't think, a small independent game studio like Wube really is at any risk right now. The whole GDPR is aimed at the megacorps that previously ignored every preceding data protection laws and refused to comply when asked nicely by consumer protection authorities.
But if someone would complain to consumer protection authorities and they would demand Wube to fix their data handling and they then would refuse - then (and only then) they would probably be fined with increasing sums until it hurts so much that the company complies or dies.
So it all comes down to whether any player would go that far to actually complain (i won't).
The law would probably require an informed opt in just because of the IP address alone (wich is considered to be person-related data now). But that they do not have to pull the "cosmic rays caused it" excuse anymore is proof, that the auto-upload bug reporter indeed is a good thing. They got real fast with their bug fixing...
P.S.: Never ever use the unrelated fails of others as an excuse. It did not work in kindergarden and it will not work in court.
But if someone would complain to consumer protection authorities and they would demand Wube to fix their data handling and they then would refuse - then (and only then) they would probably be fined with increasing sums until it hurts so much that the company complies or dies.
So it all comes down to whether any player would go that far to actually complain (i won't).
The law would probably require an informed opt in just because of the IP address alone (wich is considered to be person-related data now). But that they do not have to pull the "cosmic rays caused it" excuse anymore is proof, that the auto-upload bug reporter indeed is a good thing. They got real fast with their bug fixing...
P.S.: Never ever use the unrelated fails of others as an excuse. It did not work in kindergarden and it will not work in court.
Re: Version 0.16.24
I thought they obfuscated the IP?Oktokolo wrote:I too don't think, a small independent game studio like Wube really is at any risk right now. The whole GDPR is aimed at the megacorps that previously ignored every preceding data protection laws and refused to comply when asked nicely by consumer protection authorities.
But if someone would complain to consumer protection authorities and they would demand Wube to fix their data handling and they then would refuse - then (and only then) they would probably be fined with increasing sums until it hurts so much that the company complies or dies.
So it all comes down to whether any player would go that far to actually complain (i won't).
The law would probably require an informed opt in just because of the IP address alone (wich is considered to be person-related data now). But that they do not have to pull the "cosmic rays caused it" excuse anymore is proof, that the auto-upload bug reporter indeed is a good thing. They got real fast with their bug fixing...
P.S.: Never ever use the unrelated fails of others as an excuse. It did not work in kindergarden and it will not work in court.
There are 10 types of people: those who get this joke and those who don't.
Re: Version 0.16.24
They can't. The sender's ip address always gets to the server, no exceptions. What they can do, is simply delete the addresses after they got the log files, so even though they temporarily knew something about the sender's identity, they did not keep it. I don't see any flaws in this. It is only a moral decision to do so. I might as well be wrong.Jap2.0 wrote:I thought they obfuscated the IP?Oktokolo wrote: The law would probably require an informed opt in just because of the IP address alone (wich is considered to be person-related data now).
P.S.: Never ever use the unrelated fails of others as an excuse. It did not work in kindergarden and it will not work in court.
What matters is that they never give out anything sensitive or use them for bad things.
- bobingabout
- Smart Inserter
- Posts: 7352
- Joined: Fri May 09, 2014 1:01 pm
- Contact:
Re: Version 0.16.24
You know, Opt in could simply be a clause in the EULA stating that during the event of a crash, they upload data. If you don't accept, you can't play, but at least it's following the law.
It doesn't matter if people actually read it or not, as long as you tell them.
The key point though is that you have to ask them AGAIN on the 25th of May, else you're breaking the law. Hence why being bombarded with new EULAs and Warframe just outright asking if it's okay upon signing in on or after the 25th.
Actually, since this forum didn't ask me if it's okay for a cookie to store my username and password on or after the 25th, that in itself is breaking this new law too. (Don't get me started, cookies are locally stored, I know, but it's the law that a website now has to ask you before being allowed to store cookies.)
It doesn't matter if people actually read it or not, as long as you tell them.
The key point though is that you have to ask them AGAIN on the 25th of May, else you're breaking the law. Hence why being bombarded with new EULAs and Warframe just outright asking if it's okay upon signing in on or after the 25th.
Actually, since this forum didn't ask me if it's okay for a cookie to store my username and password on or after the 25th, that in itself is breaking this new law too. (Don't get me started, cookies are locally stored, I know, but it's the law that a website now has to ask you before being allowed to store cookies.)
Re: Version 0.16.24
Well, then I'm glad you don't have to make this decision.Gergely wrote:Listen here.dee- wrote:I'm not okay with an opt-out and would like to see an opt-in.
If I had to make that decision, I would not even allow the users to turn off such feature.
(And I would only ever write about it in the EULA which no one reads even though everyone should. And shut my mouth about it so no-one starts complaining.)
Would I be a "bad-guy" if someone accidentally notices it and starts spreading the word that the information can be used up against the user even though that's not true?
Information is a very powerful tool. Everyone knows that. However, it still comes down to who uses that information. I would be a bad person for desperately gathering information in order to correct my mistakes right?
Damn. Everyone should be deaf-blind so no-one will hear-see anything they are not supposed to.
How it's done now is in clear violation to GDPR (I won't sue them).
If the crash reporting would have been opt-in from the start then this wouldn't even be a problem.
Re: Version 0.16.24
You know, I once said something similar...dee- wrote:Well, then I'm glad you don't have to make this decision.Gergely wrote:Listen here. If I had to make that decision, I would not even allow the users to turn off such feature.dee- wrote:I'm not okay with an opt-out and would like to see an opt-in.
It's true I don't have to make this decision... however since I am also into software development, the time will come.
And I still consider it justified to a fair degree.
I don't see what is the problem with gathering information in such a way. You mostly worry about people who don't even care.
What is GDPR. Oh wait...dee- wrote: How it's done now is in clear violation to GDPR (I won't sue them).
If the crash reporting would have been opt-in from the start then this wouldn't even be a problem.
(Right now, I googled it and I can't find the actual rules anywhere!!)
No, seriously, LINK the part that Factorio actually breaks.
- eradicator
- Smart Inserter
- Posts: 5207
- Joined: Tue Jul 12, 2016 9:03 am
- Contact:
Re: Version 0.16.24
Are you sure an EULA would be sufficient? I thought the whole point of GDPR was to remove the possibility of selling your soul via small print. Not that i personally care because i live in Germany where EULAs are not legally binding in 95% of the cases because they're not handed to you before you sign the contract (=buy the game). Yes, that means EULA in the installer is invalid here.bobingabout wrote:You know, Opt in could simply be a clause in the EULA stating that during the event of a crash, they upload data. If you don't accept, you can't play, but at least it's following the law.
EDIT: Found a fitting quote:
@Gergely:eugdpr.org wrote:companies will no longer be able to use long illegible terms and conditions full of legalese, as the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent
The problem is not with any one software developer who might or might not handle the data properly. The problem is that all stored data eventually will be used for purposes it was not originally collected for. No programmer is employed at the same place for eternity. And even if they were, other people would still need unchecked access to it. Even "don't be evil" Google only recently removed that very slogan from their company morale instructions, probably because even they thought it to be too pretentious by now.
The GDPR is a brand new European data protection regulation. As you seem to haven't even heared about it you are probably not even affected and thus all your points are in vain. Oh and btw google and facebook have just been sued for $4 billion each for violation of that same law. ;)
As for the specific things wube currently doesn't do i think this might be a good start. (that's the official site btw.)
Re: Version 0.16.24
Nope. There is an explicit rule that forbids making the ability to use a product dependent on consent to transfer of unneeded data. They knew that Facebook and others would just evade the law by saying "accept or keep out" to their users - so they made that illegal too.bobingabout wrote:You know, Opt in could simply be a clause in the EULA stating that during the event of a crash, they upload data. If you don't accept, you can't play, but at least it's following the law.
It doesn't matter if people actually read it or not, as long as you tell them.
And yes, the actual text does suggest that you would have to ask even before sending a session cookie. But in practice it is highly unlikely that anyone will get fined for reasonable cookie use. Explicit consent also is not the only way to allow storage of data (in fact, it is the least reliable way now). If you need the data to provide the service (to the one wich data you store), you may store it as long as you actually have to (as forced by law or to provide the service). And the session cookie is technically needed at least after you logged in because how else could the server reasonally keep track of your login status.
P.S.:
Someone else was not able to google it. So I link the GDPR stuff explicitly...
Wikipedia page about the GDPR
Full text of the GDPR (also linked in the Wikipedia page).
Re: Version 0.16.24
Maybe, he is affected and just doesn't know it. Everyone who deals with EU citizen or is a EU citizen is affected by GDPR. The former ones are potential targets of hefty fines. The latter ones may talk to data protection organizations, so that they can sue all the data hogs.eradicator wrote:As you seem to haven't even heared about it you are probably not even affected and thus all your points are in vain.
- bobingabout
- Smart Inserter
- Posts: 7352
- Joined: Fri May 09, 2014 1:01 pm
- Contact:
Re: Version 0.16.24
The main article I was reading that prompted me to necro this topic was actually about windows 10, and how it breaks the new GDPR laws, since Microsoft isn't even allowed to store your name unless you give them permission to do so.
however, here are a couple of websites about it
https://www.eugdpr.org/
https://ico.org.uk/for-organisations/gu ... tion-gdpr/
I like the part where it says anyone not following the rules can be fined €20M or upto 4% income, whichever is highest.
however, here are a couple of websites about it
https://www.eugdpr.org/
https://ico.org.uk/for-organisations/gu ... tion-gdpr/
I like the part where it says anyone not following the rules can be fined €20M or upto 4% income, whichever is highest.