GameStats proposal leads to privacy controversy

Yesterday, snout proposed a potential new feature for MSX emulators to the developers of blueMSX and openMSX called GameStats. This feature, inspired by last.fm would give users of MSX emulators the option to both receive information on the games they are playing (e.g. title, developer, year of release) and submit statistics on games played to selected servers.

As a result, it would be possible to create personal and overall statistics of the most popular MSX games played, favorite game developers et cetera, whilst completing the online game information database on Generation MSX, which is the most likely place to suit as the source of game information. Even before a decision was made on the actual implementation of this feature, questions have been raised about the potential privacy issues involved with introducing such a system.

Today, the discussion on the matter has shifted from the openMSX-devel mailinglist to this forum topic and we would like to invite you to join in on the discussion. At the same time, we have opened up a new poll on our website, simply asking the question: "GameStats? Yes or no?". Thanks for voting and discussing!

Relevant link: GameStats - Spyware, or...?

Comments (106)

By NYYRIKKI

Enlighted (6033)

31-07-2006, 21:24

Ok, no harm done, but at the moment I hope, that you will reconsider, what you write as news. For example I find it quite disappointing, that this question is posted as "big" news while there exists no news about SymbOS at all... Just my opinion...

By tfh

Prophet (3314)

31-07-2006, 22:41

Ehrm....
I don't really see the point in making a front-page-post about this subject which is already over-discussed in the forum.

By wolf_

Ambassador_ (10092)

31-07-2006, 23:02

yea, nearly every MRC visitor with an eye on deveopment knows about it by now, so it's not really, you know, 'news'.

However, I predict there will be a newspost about it when it's really finished, or when there's a demo of it on a fair or meeting.

By Edwin

Paragon (1182)

31-07-2006, 23:43

Forget much?

By Edwin

Paragon (1182)

31-07-2006, 23:48

On the topic of the gamestats. Apart from the privacy question, which everybody can answer for themselves if it's a turn-on-able feature, my real question is: why?

Stats are notoriously unreliable. Public stats *will* be manipulated by somebody at some point. Plus, what benefit does it serve to anyone? Seems like a waste of a coders time to work on such a gimmick.

By mars2000you

Enlighted (6430)

01-08-2006, 00:12

That's indeed another interesting question.

Game stats is for me useless, the real fun is playing (and/or developing) the games, not sharing stats, but apparently some users like stats, maybe even more than games, what's a non-sense for me.

By Vampier

Prophet (2409)

01-08-2006, 05:04

I am withdrawing my cooperation from openMSX if this will be implemted. The
current ROM database has not been made for this purpose and if it's up to me
it never will be used for this.

So in short you guys can work together with generation MSX to generate the
SHA1 values for all roms but DO NOT use the rom database.

By sunrise

Paragon (1091)

01-08-2006, 07:07

Edwin has right for 100%. MSX becomes politics Who profits, MRC /Bazix?.
They get a picture of how many games might be illegal, the titles which are interesting to spread via Woomb and maybe even the destruction of the development of Blue and or Open MSX by dividing the crews who work on it.
So this must be absolutely refused !

By BiFi

Enlighted (4348)

01-08-2006, 07:21

How's that for manipulation... done by the person who claims I'm being manipulative with that forum post... Here's the original poll suggestion regarding this issue:
Would you like to see GameStats implemented in your favourite emulator?
A. Yes, I want statistics.
B. Well, it would keep the developers from the street for a while.
C. No, I can think of more interesting features spend time on.
D. No, all spyware is evil.

The complete nuance of the poll has been destroyed...

By mars2000you

Enlighted (6430)

01-08-2006, 08:04

I'm on the same line than Vampier : if the game stats feature is implemented in blueMSX, I will stop my collaboration with Daniel.

Only old versions of blueMSX will be supported by me, what concerns the update of the existing rom/dsk/cas and cheat databases.

To be more clear : Ok for the links to Generation MSX, no for the game stats.

By Vampier

Prophet (2409)

01-08-2006, 08:18

Snout should stop this nonsense, this can just aswell be the beginning of the end for both emulators. In that case you guys will all have to start using the MSX player.. which means paying for games. The MSX is commercially dead, the games however are still exploitable. Snout probably thinks I'm too negative but I do not care about that.

Strange behavior has been displayed:
- opening a poll with only a yes/no option
- putting a forum post on the frontpage

By Samor

Prophet (2165)

01-08-2006, 10:26

Well, at least this isn't webcopynews..... it's no news at all

I'm personally not too fond of information sending in all kinds of programs, whatever the reasons may be.

As for emulators.. I usually value accuracy of emulation higher than a ton of features...For example, I think Playstation emulation went a bit "wrong" with all the plugin-based emulators... a ton of features, but sometimes quite lacking on the core aspect.

By snout

Ascended (15187)

01-08-2006, 12:32

I'm very sad to see that an attempt to collaborate with different groups of MSX users to create something I feel many people will like has become a topic that divides people this much. I'm deeply disappointed in the unfounded paranoia that has clearly rooted deeply into some members of the MSX community. I'm surprised by the way some people selectively read what they want to read instead of making the effort of reading properly and understand what my idea really is all about, and how the discussion on the forum has already progressed. I regret that despite my 16 year history as an active member of the MSX community, some people have been manipulating long enough for some other people to consistently search something evil behind everything I'm doing to only show my affection for MSX. I fail to see why personal conflicts should change an opinion on an idea by itself. Although I still think it's a great idea (and I'm quite confident some people would have responded differently if someone else had come up with it), at present I wish I had never come up with it.

Will the MSX community ever learn?

We're talking about a suggestion to develop an optional feature, disabled by default in opensource MSX emulators, developed by the community that serves a 23 year old computer system that has been commercially dead for ages. Yes, there are efforts to commercially revive the MSX computer system, but even in that light the commercial value of the information gathered with the stats is close to nihil, as the party you are all afraid of have other, similar publically available information (forums, mailinglists, newsgroups, their own experience, megapolls, present GenMSX stats, reviews, fansites, et cetera et cetera et cetera), sales figures of EGG/i-Revo and the experience of the original game developers at their disposal already. With a system like GameStats it is impossible to trace warez and even with the multi-billion-dollar record (or gaming) industry only focusing on the distribution of warez (and not the personal use of it) there are some people with a completely unfouded, irrealistic fear of Bazix/MSXA/whoever to singlehandedly sue everybody who might play a game they don't legally own on an MSX emulator. Trust me on this one: if even the record industry isn't insane or funded enough to sue single members of similar services (read: last.fm), no one is.

I am surprised to see how far some people would go to stop this system from even being developed, e.g. by threathening to leave a development team. Please, do give the people who do like to use this system the liberty to develop and use it on their own free choice. I'm sure every single user is mature and sane enough to make the decision to enable it, or leave it disabled on its own. And for those who aren't it will be disabled by default. This is not a holy war, it's a hobby. There are people protesting at abortion clinics in the USA that are more open-minded than some of you are. Last but not least, I'd like to quote Karloch who hit the nails right on the spot using a lot less text than I always need to use somehow.

I really don't get the point of this thread. The gamestats feature would be optional and disabled by default. If you don't like it or you think that the information will be used for evil pruporses (w00t!?), just left it disabled and you are done! Furthermore, snout is only suggesting, and it's up to the emulators developers to implement it or not.

If the problem is that someone could think that openMSX/blueMSX/fMSX/insert_your_emulator_here would send information to the MRC, even with the feature disabled, I only see two reasons to think that: 1. That person is insanely paranoid (in that case I would suggest him to NEVER install Windows). 2. It's just another lame stage of some not less lame anti-MRC campaing.

I know this all sounds theatrical, but due to recent developments in my private life I can't help but be in a sad, theatrical mood today, and the GameStats situation isn't exactly helping.

By arnold_m

Master (173)

01-08-2006, 18:14

From the lamentations of snout (soon in a theatre near you):
With a system like GameStats it is impossible to trace warez and even with the multi-billion-dollar record (or gaming) industry only focusing on the distribution of warez (and not the personal use of it) there are some people with a completely unfouded, irrealistic fear of Bazix/MSXA/whoever to singlehandedly sue everybody who might play a game they don't legally own on an MSX emulator. Trust me on this one: if even the record industry isn't insane or funded enough to sue single members of similar services (read: last.fm), no one is.
GameStats alone is indeed not sufficient to proove someone is illegally using software, but if a GameStats enabled emulator reports someone playing a game that he is still seeking to buy, then that's definately something to check when you happen to run a games business that wants to set an example.
Of course there are too many offenders to sue them all, but that doesn't stop the RIAA from launching legal attacks on indivuals for using p2p file sharing.

I think it's important to distinguish between last.fm and GameStats; last.fm cooperates with artists and labels to provide its users with music they can legally listen to, while GameStats will/would merely forward information about games being played to a server.

I fail to see why anyone who thinks GameStats is a bad thing, should stay in a development team that implements it.

By wolf_

Ambassador_ (10092)

01-08-2006, 18:53

The few thousands who have illegal MSX roms (and the few hundreds who would use such a gamestats service) don't compare to the hundreds of millions of people who share mp3's and movies..

Being affraid of MSX-lawsuits is way out of line here..

By snout

Ascended (15187)

01-08-2006, 19:09

First of all: coming from someone involved in the MSX revival, the statement that the data gathered from GameStats is of legal and commercial insignificance should at least have some value, don't you think?

Second: You are right that the RIAA has sued individuals for using P2P software, but in my previous post I clearly distinguished between the distribution and use of pirated material. Using P2P involves distributing material as well, using GameStats doesn't. If there's any industry known for its fondness of sueing anything they can sue it's the record industry. Assuming that the MSX Revival camp (which, as you might have noticed is economically not exactly as big as the record industry) would do the same, or go even further than the record industry would only show you have a distorted view of reality. Like with last.fm (read the privacy faq!) there is no way of telling legal and non-legal use of games apart from the data gathered. At best, it will show that for some titles a lot more people are playing the game than there were ever actually sold in the old days but that would not be a surprise to even the most naive man in the world. Besides, it still would be impossible to find out which ones are 'for real' and which ones aren't.

Third: About people threathening to leave development teams to have their way: Not only do I think this is a childish way of discussing, it also shows lack of faith in their co-developers. If implemented, GameStats is only a small part of an (opensource!) emulator, and if you don't trust the people you have been working with for a long time to deal with the privacy concern properly I think you should really be ashamed of yourself. With the system being disabled by default, a clear privacy policy (once again, read the privacy policy of last.fm, please) and giving everybody the choice to enable GameStats or leave it disabled at their own discretion, I see no reason why one would turn his back to development team other than sheer paranoia. If your wife reads a magazine you don't like (imagine you have a wife if you don't have one), would you instantly divorce her?

Fourth: Please have a look at how the discussion (and idea) has already been progressing in the forum topic.

By mars2000you

Enlighted (6430)

01-08-2006, 19:20

Paranoia ? Lack of faith ? Lack of trust ? Come on , it's a question of principe, of ethics as I've already said in a long post on the forum.

No respect for the will of some users ? Wrong, you force me publish a private letter to dvik:

"I hope you will not implement this feature or will only create a plugin, but
at the moment, you seem to only think to a build-in feature.

The build-in feature will be the end of my collaboration with you. The same
if the plugin comes with the emulator. I will only accept an independant
plugin that you must download on the website if you are interested by this
dubious feature.

I know that you are very expert in programming, also for the security
issues, but it's here a question of principe, of ethics. Such feature does
not come in harmony with my personal vision of what must be a freeware
emulator.

That's why I can only accept an independant plugin. It also explains why the
current databases must still work as it is now without need to contact the
Generation MSX database, even for the online people who don't have added
this plugin. Of course, the addition of the plugin and the detection of your
online situation could deactivate the normal way and activate the 'special'
way for the users who want to share the game stats.

If I try to summarize the different possibilities, then we have 3 different
options :
- the normal database (as it is now)
- the 'plus' database with an additionnal field for each game to the
corresponding page on Generation MSX
- the plugin for the game stats.

The 2 last options can't come with the emulator, because I don't like the
game stats plugin and because most users are not interested by links for
more infos. So, the 'plus' database and the plugin can only be available as
apart downloads on the website.

As Vampier, I don't see why I should change my conception of the database
because you should think only to a built-in feature. As already said, only
with an independant plugin, I will continue my collaboration in the blueMSX
team. Sorry if I seem so rude, but there are some principes for which
there's no discussion area.'

By snout

Ascended (15187)

01-08-2006, 19:42

mars2k: Indeed, paranoia, lack of faith, lack of trust.

With these actions your trying to enforce your own principles and ethics about privacy matters on everybody else in the MSX community, instead of giving everybody the freedom of choice. It's clear that you don't like and trust it and you will have it disabled by default (or even run old emulators to be sure), but what on earth gives you the right to put so much pressure on keeping somebody from even developing the feature for those who -will- like it? Goes to show that my comparison with the open-mindedness of abortion-protesters was not as exaggerated as I hoped it to be.

By mars2000you

Enlighted (6430)

01-08-2006, 19:45

Snout : you are selectively reading my text ... what about the independant plugin ? Not seen this part of course !

By snout

Ascended (15187)

01-08-2006, 20:39

that, coming from you, made me laugh quite a lot. But indeed, a separate plugin (like audioscrobbler is) would indeed be an option as well. Still, that doesn't make you less paranoid about the whole thing, does it?

By Manuel

Ascended (19298)

01-08-2006, 20:48

Mars, how can we ever try to understand your reasoning for this quite heavy reaction if all your explanation is "Such feature does
not come in harmony with my personal vision of what must be a freeware emulator."?

What is exactly the part that is causing this?

You say "It also explains why the current databases must still work as it is now without need to contact the Generation MSX database", but for me it doesn't explain anything at all...

In summary, you seem to have a problem with a program that either fetches data from a server on the internet (from GenMSX), and worse, for programs that submit data to a server on the internet.
THen, why are you still using a web browser? You do trust that this piece of software will not hurt you, but you don't trust that blueMSX and openMSX will not hurt you, even with the feature disabled?

By mars2000you

Enlighted (6430)

01-08-2006, 20:53

It seems that I'm not the only one to think this way on this matter. See the current results of the MRC poll : 44 % no (and 56 % yes). The only way to satisfy the yes-users without provoking bad reactions from the no-users is an independant plugin.

By snout

Ascended (15187)

01-08-2006, 21:12

Well, I think that's a natural reaction. Use the word 'spyware' and people get scared. With his initial post BiFi already biased the discussion to a point where it's difficult for some people to actually read what it's all about. And several people (why am I not surprised it are mostly the 'usual suspects') have taken great care to keep that image standing, despite the contribution of quite a few people to the discussion already. Even people known to have a critical view on legal, privacy and other freedom matters like mth and manuel, for example. Still, it's the usual "ignore the pros and focus on the cons, no matter how unrealistic they are" behavior to some of us, eh...

By Manuel

Ascended (19298)

01-08-2006, 21:16

That's not what I asked, mars. And the polls don't tell me the reasons of the no-voters either. Maybe they are just not interested in the feature and think it's a waste of time. That would be a very good explanation for those. But hey, I can't tell. So, please be so kind to make me understand you.

By mars2000you

Enlighted (6430)

01-08-2006, 21:20

>And the polls don't tell me the reasons of the no-voters either

It's not my fault if Snout has simplified the initially suggested poll

By mars2000you

Enlighted (6430)

01-08-2006, 21:34

>please be so kind to make me understand you

It's always very difficult for you to understand my logic. I don't need to explain my philosophical or moral reasons, but they are the base of my position : no build-in feature and no plugin that comes with the emulator.

Second step : probably the final result of the poll will give 50% yes and 50 % no. So, we must satisfy the yes-users without provoking bad reactions from the no-users. Solution : an independant plugin that will combine all the aspects of Snout's proposal.

Third step : because independant plugin is choosen to satisfy the yes-users, it means that the no-users are generally satisfied with the 'normal' use of the current databases.

Fourth step : because some no-users are interested by additionnal infos, the option 'plus' database with the additionnal field for each game to the corresponding page on Generation MSX. By the way, this part is not really new, just ask to Vampier if I don't have suggested that on the blueMSX forum in the past.

So, if you read correctly my position, it's a mix of Snout's proposal that will satisfy the yes-users and a correct answer to the no-users, with even a bonus (the 'plus' database) for some of them, interested by additionnal infos and screenshots. You can not find a better equilibrium between both sides of the reality.

By Manuel

Ascended (19298)

01-08-2006, 21:50

> It's always very difficult for you to understand my logic. I don't need to explain my philosophical or moral reasons, but they are the base of my position : no build-in feature and no plugin that comes with the emulator.

OK, you choose not to explain it. But then it is unfair: you threaten to split the development team without giving a proper reason, that can be understood by others. This way you almost force your opinion on the whole team, without giving a reason. Yes, I think that's unfair.

The plugin thing might sound like a nice idea, but the way you stated it means that there are several separate downloads, for the extra GenMSX info, and for the gamestats plugin. I don't think this is comfortable for users at all. It's the same thing with the system ROMs. Many users complain that we didn't include them. (But I think it's obvious why we cannot.)
In the end, no one will take the effort to download those separate things. Most users want stuff integrated and installed in one go!
So, if no one will use it because of this, it's hardly worth the effort to implement it. So, that's why I doubt this is a good solution.

By mars2000you

Enlighted (6430)

01-08-2006, 22:03

Manuel, you are not serious. This thread is not the only one about GameStats, read again my long post in the forum. You know perfectly that everybody has a different conception when it comes to ethics and in my conception, a freeware emulator must satisfy correctly his users, not only a part, but all the users.

As the users are divided on this matter, just like the developers, you must develop a solution that can satisfy eveybody : not only the people who want the maximum security option (as user and developer, I'm in this part), but also the people who don't care about that and want to share game stats. I'm only repeating what I've said in another thread, but it's too difficult for some people to read correctly and entirely what I write (selective reading again !).

Also you are not serious when you are saying that it's too difficult to have different files to download. We have a good site and we can help our users on our forum. It should not be the first time that we indicate to the users the Resource page.

By Manuel

Ascended (19298)

01-08-2006, 22:09

I have read all your reactions (I think, it was my intention at least) and I was very serious.

So, what you are saying now, is that the actual reason is not your fundamental opinion about programs that access the web (can you please answer my question "why do you trust your web browser and not your own MSX emulator which does something similar?" which I stated in a previous post?), but that you want to have every user satisfied.
You're acting lightly about the download thing, but I really think it won't be used much. Do you have statistics about the stuff that is downloaded from your resource page, in comparison with the amount of downloads of blueMSX itself?

By snout

Ascended (15187)

01-08-2006, 22:11

Mars2000you: so basically you are saying that everybody who developed blueMSX, and everybody who ever downloaded and installed blueMSX is completely, 100% satisfied by every single feature of it, and uses all of them? I'd say 80% of the users mostly use 10% of the features at max, don't need 100 different types of MSX computers (ooh! lets look what Konami Ping Pong looks like on a Toshiba HX-10 opposed to a Philips VG-8020!), scalers or any of that. Features are there for the users of programs to be used, or not. A user of a program should be free to use features to his own moral standards and ethics. If the majority (or most important) developer(s) of openMSX/blueMSX decide to build-in GameStats or any other feature you might dislike all you have to do is use the freedom to disable it, that's all there comes to it.

By mars2000you

Enlighted (6430)

01-08-2006, 22:20

Manuel : it's also explained in the 'other' thread : I switched from IE to Firefox mainly for securiy reasons.

Snout : you can't compare features without any security issue and a new feature with potential security issue.

Both : A freeware must be different from a commercial program like Windows that come with spywares (again also explained in the 'other' thread), a freeware must be perfect what concerns security issues and as the best security with dubious features is no such feature implemented in the emulator, the conclusion is evident .... but with the correction that a perfect freeware must satisfy all his users (see one of my previous answers and the plugin solution).

By Jorito

Mr. Ambassadors (1786)

01-08-2006, 22:26

Whohoo!! It's yearly anti-MRC riot time again!! Again with the usual bunch of disagreeing people that like to yell without saying something useful.

Somehow, these kind of 'discussions' (always with very clear and irrefutable arguments) happen once a year. Good thing that next year will be the 5th anniversary of this happy event!!

By mars2000you

Enlighted (6430)

01-08-2006, 22:29

Jorito : another selective reader .... read correctly, especially about the plugin .

By Manuel

Ascended (19298)

01-08-2006, 22:32

mars: I don't understand why you do trust the developers of FireFox in this and not the developers of your own team. Firefox also has a 'crashreport' tool. Is that spyware? You probably disabled it (or didn't enable it). What's the difference with the gamestats in an emulator, in which you can choose to enable it yourself, just like the FIrefox crash report?

(Or for that matter, any other part of firefox that is sending data to the web and getting data from the web; you trust it!)

By Jorito

Mr. Ambassadors (1786)

01-08-2006, 22:38

I'm reading selectively, because it's not at all that interesting. C'mon, basically it's about a minor, optional, enhancement to an emulator for an obsolete computer. Not the kind of discussion you'd need to drag everything, world piece and your grandma in.

Awell, I'm getting bored with this flamewar. I'm wishing the rest of the folks lots of fun tho

By mars2000you

Enlighted (6430)

01-08-2006, 22:38

I trust the developers of my own team but my moral/philosohical conception of a freeware in which I'm involved requires both a maximum security solution and a plugin to satisfy a part of the users without provoking bad reactions from the other part.

As you know, I'm not involved in the Firefox team.

By mars2000you

Enlighted (6430)

01-08-2006, 22:43

Jorito : if saying a different opinion from MRC opinion is being againt MRC, you have a strange conception of what's a discussion. Besides, the fact that I suggest a plugin to realise Snout's proposal is the proof that I'm not against the fact that some users are interested by this idea, but I can also make the difference between this fact and the fact that I don't like personnally this idea. If I was really against MRC, I should not suggest the plugin solution.

By Manuel

Ascended (19298)

01-08-2006, 22:47

Can you tell me again then, why having the feature off by default is different than having the feature out of the program?

Do you really think it is more secure to have it out of the program than to have it disabled by default?
Or, maybe you want to protect users from theirselves, in case they switch it on, by accident? (This seems quite unlikely, but OK.)
What if we would only allow submissions with login? You can't expect users to input their user name and password by accident...

By mars2000you

Enlighted (6430)

01-08-2006, 22:57

Yes, I want protect imprudent users from themselves and from hackers. Not all users care enough about security issues, and I speak here generally, not only for using emulators, but for all online activity. A perfect freeware must prevent imprudent behaviour with all the consequences. If someone downloads and uses the plugin, than it's his choice and the developer team must inform him about the potential security issues. For the people not interested by the game stats, the best security option is the emulator without the plugin.

By wolf_

Ambassador_ (10092)

01-08-2006, 23:02

A seperate download is quite useless, see Manuel's remark about the system ROM's. What about add it to the emu package and have a page in the install wizzard that asks if you want to install it or ignore it? (and while being installed you still have the option to halt its function ofcourse)

By arnold_m

Master (173)

01-08-2006, 23:03

Manuel thinks users won't take the trouble of downloading an extra plugin:
[...]
So, if no one will use it because of this, it's hardly worth the effort to implement it. So, that's why I doubt this is a good solution.
If users think GameStats isn't worth the effort to download and install a plugin, do you still think it's worth the effort to implement it?

By mars2000you

Enlighted (6430)

01-08-2006, 23:08

Wolf : many users are so fast with the installation, they click on OK everywhere without thinking and reading the messages, so it's not a good solution.

By snout

Ascended (15187)

01-08-2006, 23:15

Not even with the installation-options being with GameStats-installation disabled by default, and with GameStats involved GameStats still being disabled in the emulator itself by default? How on earth do you ever browse the web?

By wolf_

Ambassador_ (10092)

01-08-2006, 23:16

mhoa, I only click OK with large standard disclamers that require you to have a grade in law to understand it.. A seperate page with just these words:

Do you want to install gamestats, 
a function which gathers statistics about the popularity 
of the games you play and sends it to an online server?

o Yes
o No

[Back] [Next] [Cancel]

can't be simpler, no juridical blahblah and such..

By mars2000you

Enlighted (6430)

01-08-2006, 23:22

Snout : what about the people who are simultaneously curious or interested by Game Stats and generally imprudent (no firewall for example) ? An apart download requires more steps than an unique installation, with or without some checkboxes.

By Manuel

Ascended (19298)

01-08-2006, 23:24

What's the difference with protecting the user from the consequences (what are those?) of enabling the feature, when he enables it in the settings, by showing a clear message with a warning what is going to happen if he does?
And what about my login suggestion? That should give zero risks for people who are not interested. (IMO, also for people who are interested, but that's another thing.)

(Remember: this is not easy to enable by accident, you can't blindly click YES somewhere during installation or so...)

@arnold: because I think it would be fun to see it working

By mars2000you

Enlighted (6430)

01-08-2006, 23:28

Logins can be cracked by hackers, if the user is imprudent ...

By Manuel

Ascended (19298)

01-08-2006, 23:28

OK, but what do you think are the risks if you run the gamestats feature with no firewall?

If you can browse the web, you can also use the feature. It's nothing different than a webbrowser: it fetches data from a web site or it submits data to a website. No diff, really! (As dvik also explained in detail.)

By mars2000you

Enlighted (6430)

01-08-2006, 23:31

When the feature is not implemented, it's perfect security.

When the feature is implemented and disabled, an hacker can enable it if you are imprudent.

When the feature is implemented and enabled, an hacker can use it directly if you are imprudent.

So, three different security levels ! I prefer perfect security.

By Manuel

Ascended (19298)

01-08-2006, 23:31

Yes, your MRC login can be cracked by hackers. THis has no effect on the security of your own PC. It means only that the hacker can submit a game name or score under your name to the server (e.g. MRC). It also means that he can post under your name on MRC. But you don't seem to be afraid for that to happen now.
Whenever you login to MRC, exactly the same thing happens. No hacker tried to get your MRC password though, because it's totally uninteresting! And you know what? The password goes as plain text over the internet, I guess!

By Manuel

Ascended (19298)

01-08-2006, 23:33

Can you explain to me how a hacker could enalbe the feature and how he could use it to do what?

By mars2000you

Enlighted (6430)

01-08-2006, 23:33

For info : I use 2 firewalls, 1 anti-spyware, 1 anti-spam and 1 anti-virus.

Not eveybody is so careful.

By mars2000you

Enlighted (6430)

01-08-2006, 23:38

An hacker can change the code to execute what he wants. When I was not so careful about security, I remember that I had a modified version of fMSX-SDL. Of course, it was without my consent. Sometimes, the emulator had a strange behaviour. After some checkings, I've discovered that a spyware was installed in my modified version of fMSX-SDL.

By wolf_

Ambassador_ (10092)

01-08-2006, 23:40

would they?

Hackers want world domination!

"MSX'ers? Who are they? how many?? w000t 400? Are you waking up for that??"

By wolf_

Ambassador_ (10092)

01-08-2006, 23:45

I mean, you don't want to go stealing a lollipop from a baby and impress someon, right?

These are targets: anything Microsoft, Federal Reserve, anything Bush, anything religious/anti-religious, large internet companies, online shops. Then you will make your name, being a hacker, then you'll gain status!

You seriously believe an MSX emulator is a realistic target here?

By Manuel

Ascended (19298)

01-08-2006, 23:46

mars: as dvik and I already explained, this feature will not make any difference. Any hacker can already change the binary of blueMSX or openMSX now, and let it do it anything he likes (which will be far worse than enabling the gamestat feature, of course). But, as long as everyone downloads the programs from the official sites, you should trust the authors of the code to have put online a binary that does not do this. If you don't trust this, you should download the source code and compile it yourself. If you do not trust the source code, you should read it. If you still don't trust it then, you should not run the program.

But, as you already said, you do trust the authors of blueMSX and openMSX. This means that the only problem is that someone could modify the binary and put it online somewhere else. Well, there is nothing anyone can do about this. Uncareful users could get those binaries and run them and get hacked or get spyware or other crap, whatever the hacker wanted.

Note that this has nothing to do with this feature. This can already happen now or 2 years ago or whatever. With any program.

By mars2000you

Enlighted (6430)

01-08-2006, 23:46

My story about fMSX-SDL is real, it has really happened to me, but of course you don'rt believe me.

By Manuel

Ascended (19298)

01-08-2006, 23:50

mars: I believe you, but please read my previous post.

By mars2000you

Enlighted (6430)

01-08-2006, 23:50

For an online feature in which I'm indirectly involved, I prefer the higher possible security level, especially for the imprudent users. It's my philosophy of a freeware emulator.

By mars2000you

Enlighted (6430)

01-08-2006, 23:51

manuel : it was for wolf (about fMSX-SDL story)

By snout

Ascended (15187)

01-08-2006, 23:52

With the fMSX-SDL story you are only proving exactly what manuel has been stating: at any point in time, for any reason software can be hacked. Manuel pointed out the measures you could take to prevent you from running mal/spyware. A feature like GameStats will not change that fact of life.

By Manuel

Ascended (19298)

01-08-2006, 23:54

mars: I think I just explained very thoroughly that this feature has no impact on your security at all. Where was I unclear?

By mars2000you

Enlighted (6430)

02-08-2006, 00:00

Manuel : what about the imprudent users that download the official emulator and are hacked ? An online feature is an interesting opportunity for an hacker, probably more interesting than an offline feature. Of course, he can change everything but he will use the online feature first for his uses, it seems me logic ... and more dangerous.

By J-War

Champion (413)

02-08-2006, 00:03

By reading a such amount of crap, one could guess how bored and alone some guyz can be at summer O_o

o_O OH MY FUCKING GOD, the forum post wasn't enough O_o

>> IT'S AWESOME, YOU BRING BOREDOM TO PEOPLE THAT HAVE A LIFE <<

By Manuel

Ascended (19298)

02-08-2006, 00:05

If they get hacked, I think you should consider this:
1) it would be far more intersting to change another program, like a webbrowser, because a) the hacker knows it better, so he can more easily cripple it, b) he probably never heard of MSX
2) the fact that it has an online feature would not make it any more attractive, because the online feature itself cannot be used to make it bad without such extensive hacking that he could better modify the binary completely and ignore the original online feature. (But because of 1), it would be extremely unlikely that a hacker would touch your MSX emulator anyway!)

And now I'm going to bed, I'll check tomorrow if you still have concerns.

By mars2000you

Enlighted (6430)

02-08-2006, 00:09

Good night, Manuel ! Your remarks are interesting, but I won't change my point of view.

By dvik

Prophet (2200)

02-08-2006, 00:59

SOME SECURITY CLEARIFICATIONS
-----------------------------

An online database is NOT a security risk. The database works exactly like a webserver and the emulator as a client. The process will be something like:

1. Emulator creates a TCP socket and connects to the server.
2. If the server is found, the emulator sends a request to get some info (e.g. a screenshot)
3. The server sends a reply back to the emulator with the requested data
4. the emulator closes the TCP socket.

During this short session someone could indeed intercept the traffic and reply on the servers behalf with data of its own (or the emulator user connected to a malicious server). The data sent back from a server has well specified format, so if the malicious server sends back something that doesn't meet the specification, the data will be ignored. The emulator should be implemented to avoid buffer overruns which is a well known security leak. This is very easy in a request/reply protocol and is really not a problem.

So an online database is NOT a security risk at all.

For a gamestats service there are some minor security issues but these is even less on the emulator side. The protocol would be something like:

1. Emulator creates a secure TCP socket (ssl or similar) and connects to the server.
2. The connection is authenticated by the server (part of the ssl protocol)
3. The emulator sends stats to the server.
4. the emulator closes the TCP socket.

During this session there is no incoming application data to the emulator (if acknowledgements are wanted, they will work as the first example). The big security risk is if someone intercepts the traffic and crack ssl which would give access to the username and password. This is as mentioned earlier possible and worst case is that the user needs to change username and/or password.

Since the server can NOT initiate a connection to the emulator, a malicious person that gained access to a username/password can't use it to do harm to the emulator users computer. The reason is that the emulator will not have any TCP server sockets opened for an outside person to connect to. The bigger security issues are on the server which need to handle DoS attacks and other attacks.

In both these cases, no commands are ever sent from a server that can be executed on the emulator users PC and no data other than specified by the stats protocol will ever be sent out from the users PC.

I am a principal software engineer and at work I'm responsible for wireless networking and network security in FDA regulated medical devices and I know what I'm talking about!!!

THE REAL DANGER
---------------

The real security problem is what happened to mars2000you, i.e. someone grabbing the source code from an emulator, builds it themselves and add some mal/spyware and provide their own download of the emulator.
This is a real issue and I recommend everyone to only download an emulator from a trusted website. The only two I can guarantee are the official blueMSX and official openMSX sites.

I know that the blueMSX binary is mirrored on several emulator sites and if you choose to download from any of them its up to you to trust the site (I'm quite sure that the more popular sites only mirrors the released binaries).

CONCLUSION
----------

I understand that some of you are concerned with the security issues and it requires some knowledge to make it right. But for this particular application there are NO security holes that can harm a users PC if its implemented correctly. So no hacker can (how much they really want) use this feature to gain access or do harm to anyones PC.

The best protection to our users is probably to stop doing open source emulators that easily can be modified, then make sure its not distributed on other sites than the official sites. I don't really think this is a good option and I'm not suggesting it.

As with any software downloaded from the internet its the person that downloads it that needs to trust the site where its downloaded from. The gamestats or online database does not make the official emulator more or less insecure in any way. Besides, if ever implemented, it will be an optional feature.

By Vampier

Prophet (2409)

02-08-2006, 02:38

Dvik who's side are you choosing here? The people that supported you for years... or some guy who is related to Bazix and causes a stir by doing this.

By dvik

Prophet (2200)

02-08-2006, 02:56

I try to avoid choosing side and stick to facts and look at the ideas and reactions objectivly and see what our users want (not just me, you, mars or snout).

We make desicions on what to implement in blueMSX as a team, so even if me and mars have different oppinions on a particular feature it doesn't mean that we stop working togehter. We implement what we all think is best and don't implement things that anyone of us doesn't like.

My quite long post is not an argument for or against something. I just try to explain that there is no security problem with snouts idea. There may be other issues, some of which are discussed by different people here and in the forum post, but its totally nonsense that this feature would be a security issue that opens up a users PC for hackers. That said, there may be other arguments for and against the idea that has substance.

By mars2000you

Enlighted (6430)

02-08-2006, 08:08

Vampier : it should also be very interesting to know Sandy's opinion as he is involved for a part in Snout's proposal. His silence is very strange (or maybe it's holiday time for him ?)

By Manuel

Ascended (19298)

02-08-2006, 08:49

mars and vampier: I would really appreciate it if you would just look at the facts and not let your inital emotion/reaction form your complete and unchangeable opinion. Please, look at the facts and let those form your opinion.

About Sandy, I heard that he is enthousiastic about it, but it would be nice (and more convincing to you) if he would say that himself, of course Feel free to contact him to ask that.

By tfh

Prophet (3314)

02-08-2006, 08:58

Damn.. I shouldn't have gone to bad that early yesterday

And Vampier: Why already put dvik for such a decision. It's just like telling someone to choose between friends: It's simply not done. First see where it is going before making such statements...

By BiFi

Enlighted (4348)

02-08-2006, 10:26

no offence manuel, but I'd rather see Sandy post his opinion here himself.

By wolf_

Ambassador_ (10092)

02-08-2006, 10:49

or some guy who is related to Bazix

So, that's it, is it? That's the whole point of this whole riot.

By Manuel

Ascended (19298)

02-08-2006, 11:08

That's what I said, isn't it BiFi? Please ask him to do so if you want to know for from him firsthand.

By arnold_m

Master (173)

02-08-2006, 13:19

Wolf_ thinks MSX'ers are safe because there are only few of them:

> "MSX'ers? Who are they? how many?? w000t 400? Are you waking up for that??"
"openMSX only has 13 developers"
"s00?"
"they may have left a hole in their gamestats code"
"that would make 0nly f3w computers vulnerable"
"but it may take ages before someone patches the hole"
"Hmm" *evil grin*

By Manuel

Ascended (19298)

02-08-2006, 14:12

arnold: see dvik's last post in this thread...

By karloch

Prophet (2159)

02-08-2006, 15:05

Last but not least, I'd like to quote Karloch who hit the nails right on the spot using a lot less text than I always need to use somehow.I really don't get the point of this thread. The gamestats feature would be optional and disabled by default. If you don't like it or you think that the information will be used for evil pruporses (w00t!?), just left it disabled and you are done! Furthermore, snout is only suggesting, and it's up to the emulators developers to implement it or not.

By karloch

Prophet (2159)

02-08-2006, 15:30

From dvik:My quite long post is not an argument for or against something. I just try to explain that there is no security problem with snouts idea. There may be other issues, some of which are discussed by different people here and in the forum post, but its totally nonsense that this feature would be a security issue that opens up a users PC for hackers. That said, there may be other arguments for and against the idea that has substance.Yeah, that's the common sense. Nowadays there are lots of programs that can send information to the developers or the company: Windows itself, Firefox, WinAMP, MSN Messenger, your favourite antivirus and a really large etc... (just think that almost every Microsoft app has a feature to send information of what they call user experience).

It's really dissapointing to read arguments talking about potential security risk, imprudent users, EXE file crackers; when we are talking about such a simple pruposal as the gamestats.

If we use the common sense, we will see the true meaning of this whole thing: another excuse (and a very poor one) to bash the MRC. Sorry, but I can't believe anybody saying that GameStats shouldn't be implemented because the security risks (not to mention the spyware thing...). There maybe reasons to not implement that, but not THAT one.

I just hope that the people doing this are not understanding the damage that they are doing.

By NYYRIKKI

Enlighted (6033)

02-08-2006, 18:42

I'm sorry that I forgot the SymbOS news... What comes to the feature, I think it is a nice idea. (but not worth of news) How ever I'm not that much to games, so I don't think that I would use it regulary.

The problem what I see is not about the feature it self. The problem is more that there are different amount of cracks for games. For example Metal Gear Solid Snake, that is available as english & japanese ROM, these versions exists also in disk format and there are even older disk cracks. If the database is going to have different entrys for "well known" cracks then we are going into scary direction. If there is some "smart detection system" that tries to pick up most likely game then how do we know if the game is not modifyed to give more points?

In normal situation I would say that the later is not a problem, but as I've already seen what kind of reactions this feature has caused, I'm pretty sure, that we are very soon going to see stats like this:

Space Manbow:
1. 99999 GAME STATS
2. 99998 REALLY
3. 99997 SUCK A
4. 99996 BIG TIME!!

As we have also seen DOS attacks towards MRC, this would not surprice me. (BTW It is illegal and expetially plain stupid as it causes only harm and does not benefit anyone.)

As implementing this feature is not very easy (expetially BASIC games stored in misc collection disks can cause headache) and causes so much dissortion among users, I think that making www-site where you have to report your scores manually is more easy solution. I don't think that risk of cheating is even that much bigger as I expect that cheating this kind of automatic score system would be "nice challenge" for many as well.

By Manuel

Ascended (19298)

02-08-2006, 19:18

NYYRIKKI: to start with, I think the system would first only support unmodified ROMs (we know the hashes of many of those) or other ROMs of which we know they are not tampered with.
But, if we have the user-input-event-logging feature I have been talking about (and which dvik is implementing in blueMSX as we speak, and which I am prototyping in openMSX right now), we could ask a questionable score submitter to also submit his input-event-log, so that the whole playing session could be replayed to see how he got the score.
As mth already said, this is not a 100% guarantee: one could program such an event-log, for example. But in the latter case I still think it's worth to mention this submitter, or actually the programmer

By arnold_m

Master (173)

02-08-2006, 20:15

Manuel: Yes, I've read Dvik's post.

The external database and GameStats parts of the emulator can be secure, but that security can only be based on good design and secure programming.

It is unwise to think that security is not issue because no cracker would come out of bed for only 400 MSX'ers.

By snout

Ascended (15187)

02-08-2006, 20:17

Something different: I do agree with Nyyrikki though, MRC should have posted about the different SymbOS releases more often (and I will post about the latest alpha today), but in order to keep up with all the MSX news we rely more and more on the news-submits from you, our visitors. So if you spot any MSX news you (think) we have not reported about yet, please submit it to us!

By mth

Champion (507)

04-08-2006, 02:36

Manuel: There is no way for the server to trust the client. Anyone could write a small program that pretends to be openMSX and pretends that the user in question played very well on an unmodified ROM.

Maybe a GameStats account can be given a trial status? So after it is created, scores and input logs can be submitted, but only after an admin looks at it and verifies that this is not an obvious cheat, the account will lose its trial status and be included in the rankings.

However, even with input logging, it's possible to play at 80% speed (or slower, if you are that patient), which makes a game much easier. I don't think there is a way to see the difference between someone with good reflexes and someone playing at less than 100% speed.

So I think we can protect the GameStats against uploads of totally fake scores, but for more sophisticated cheating there is only the gamer's honour to counter it.

By Manuel

Ascended (19298)

04-08-2006, 08:46

mth: yes, I realized that. And I agree with your conclusion.

By snout

Ascended (15187)

04-08-2006, 17:40

hmm... of course there's always frauds that can not be prevented, but as opposed to gamer's honor, there's cheater's shame as well Besides, I don't think it's impossible to take emulation speed settings into account in event-recording. Am I wrong?

By J-War

Champion (413)

04-08-2006, 21:50

In case GameStats is implemented, it will be disabled by defaut, so imagine you activate it, a warning message could say something like " In order to ensure maximum security, make sure the emulator was downloaded from <insert link to the official emu here>. Use any other download site at your own risk. " blablablablablaomfgblablaroflmaotstetung

By J-War

Champion (413)

04-08-2006, 22:00

Anyway, at this point i would be wise to make things clearer : is there some place we can found some list with all (serious) problems spotted by users and potential solution ?
Since it started, i guess people had ideas to improve the gamestats concept, would be cool to have them gathered on some clear list.
All those threads are totaly impossible to read when you're not interested in wasting time for nothing.

By arnold_m

Master (173)

05-08-2006, 00:00

J-War proposed to include a warning in the emulator to only download from an official website, to be shown when GameStats is activated.

Unfortunately, when you download your copy from EvilCorp.com, it will have GameStats enabled by default so you would never see the warning, and if you did, EvilCorp.com would be mentioned as a trusted website.
One of the few positive things about this whole discussion is that it has reminded people to be careful when choosing a site to download programs from.

By mth

Champion (507)

05-08-2006, 00:15

Eh, now you're mixing up things. There is no relation between GameStats and downloading emulators from untrusted sites. If you downloaded your emu from evilcorp.com, you may have a problem regardless of whether GameStats is activated or even present.

By arnold_m

Master (173)

05-08-2006, 10:55

I wanted to point out that a warning in the emulator would not help those who download from an untrusted site. EvilCorp can indeed put more harmful things into an emulator than GameStats and they need not wait for GameStats to be implemented to do so.

There may be no direct relation between GameStats and downloading from untrusted sites, but people have been warned against the latter during the discussion about GameStats.

By snout

Ascended (15187)

05-08-2006, 13:36

They have been warned during the GameStats discussion indeed, but they might as well have been warned about it during a discussion on an entirely different feature of emulation, or the discussion might have popped up by itself (e.g. from mars2k's experciences with downloading fMSX-SDL from the non-official website). The discussion on GameStats was merely an eye-opener on this one.

By mars2000you

Enlighted (6430)

05-08-2006, 14:04

I'm pretty sure that I had downladed fMSX-SDL from the official site, but the file had been later modified by an hacker. So, indeed, it's not prudent to download files from non-official sites, but it's also imprudent to not install and active 1 or 2 firewalls, 1 antispyware and 1 antivirus. The 2 last ones will inform you if a file has been modified (what can happen with a normal update) and the firewalls will protect you from the hackers. All these tools are complementary. As additionnal measure, I recommand Firefox to protect you from the IE security holes.

By poke-1,170

Paragon (1783)

05-08-2006, 16:22

ik schup ow drek ien ow privacy controversy !
(limburgian expression)

By Manuel

Ascended (19298)

05-08-2006, 23:55

mars2: I think it's more likely that your fMSX-SDL has been modified by some virus instead. Some viruses (even the MSX virus ZAPP), attach themselves to executables it can find on your hard drive. But you're right: especially on Windows, it's very wise to protect your PC carefully!

By mars2000you

Enlighted (6430)

06-08-2006, 00:28

Yes, it could be a good explanation also. Indeed, on Windows, maximum security level is required, what's not the case on Linux and Mac for example.

By J-War

Champion (413)

06-08-2006, 02:18

I never had problems with my MSX emulators on OS2/Warp and i never noticed any virus