Jump to content
Ane

Security Concerns FAQ

Recommended Posts

Security Concerns

We have noticed that many of you have shown concerns over some security issues brought up by one of the players, and we'd like to address those here for all of you to see.


WHY WE'RE GATHERING ANY DATA AT ALL

Let me start by saying this, which is probably the most important thing - all the data we're gathering are anonymous and are gathered for two purposes only:

* to evaluate if/to what degree some of our marketing campaigns work
* to get data on how the game is played and how it can be improved

Also, the important thing to understand is that since we are based in EU, we're bound by EU legislature which is very strict when it comes to acquiring and handling any kind of data from users.

WHAT IS SENT / WHERE IS IT SENT

When looking at where data are sent, you'll notice these:

Treasure Data

This is the storage for the game data that we use. This helps us analyze what players do - so, for example, we can see what percentage of players use the game Editor, which game is the most popular and which is the least one, what is the most common cause of death of your characters. Knowing this is extremely important to us because it allows us to tweak and improve the game, to find weak spots and things that we designed poorly. Eventually, we'd like to send this directly to our servers, but it's difficult to say when this is going to happen.

The fact that this is a major help for us in improving the game is the reason why "GATHER ANONYMOUS DATA" is turned on by default. To be completely honest - if it were opt-in, most people would simply overlook it or ignore it because many are not aware of how incredibly important this is to make the game better. Please note that many games are sending the same data we are but most don't give you the option to turn it off at all.

Redshell

[UPDATE: Redshell plugin has been removed as a part of a recent patch]

This is a commonly used service that lets us (based on anonymized user footprint) see if those who bought the game came to the Steam store from some link below a Youtube video, from Facebook campaigns etc. It helps us see which marketing campaigns worked and which didn't - no game data are sent there at all.


Once again - both Treasure Data and Redshell are solutions used by many developers and games (you can google them, if you wish). In both cases, all the data are anonymous and are sent to servers that only we can access.


WHAT WE PLAN TO CHANGE / WHAT WILL STAY

Because Redshell can't be simply turned on and off as the game analytics can and players seem to object to having it active, we decided to remove it from the game altogether. This was a very difficult decision. It will leave us basically blind when it comes to evaluation of any future marketing campaigns and make things much more difficult in this aspect - but even though, as I said before, this is a service used by many other games, we want you to feel comfortable and safe while playing our game.

On the other hand, we decided to leave game analytics gathering as opt-out because of the reasons I wrote above. For a game like ours to have a clear idea what works, what needs to be improved, what is popular or what features players haven't even found in the game is so important that we're leaving the settings as they are right now.

Yes, it means that when you run the game for the first time some data (anonymous statical data) will be sent even before you'll get the chance to turn this off. If for some of you this is unacceptable we'll be sorry to see you go but refunding the game will probably be the right choice for you.

 

WEBSITE

There have also been concerns about what our website collects. We took a look at it and you're right that it can probably be made better / some feature can even be turned off altogether. We'll go over it more thoroughly as soon as possible and make some changes.


Let me end by saying this: there's nothing shady going on in our game nor our website. We, Bohemia Interactive, have been around for many years now, have made games played by millions of players and how we behave towards them can be easily found. We've always tried to stay as transparent as possible. That being said, we do mistakes from time to time, and when we do, we don't hide behind some generic posts - you've probably noticed that we're trying to communicate with you as much as possible (and those talking to you are actual devs) - we're talking to you about how to make things right. If there's more we can do, just let us know.

Thank you.

  • Like 4
  • Thanks 1
  • Upvote 4

Share this post


Link to post
Share on other sites

To be honest, as software developer myself, gathering data from user is really important for future improvement of the software, especially when it could be done automatically. But gathering something without user knowing about that is somewhat bad for their privacy, even though it's really not that important for them. That's the case in this problem, hopefully you guys (BI and all developer out there) could learn something about it. That's it, so far I'm falling in love with Ylands, keep up the awesome work devs. :P

  • Haha 1
  • Upvote 1

Share this post


Link to post
Share on other sites

I'm not a developer, but I fail to understand why anyone could see this as a security concern.. 

It's important to have that information. 

Share this post


Link to post
Share on other sites

I would like to see total transparency in the form of being able to see exactly what data is being sent, when data is being sent and exactly where it is sent to as well as an explanation as to how each byte of data is used.  Every byte of data sent should be explainable in an easy to understand report to make sure data is not gathered from outside the game itself.  I would be more inclined to leave the option on to help if I could double check the data and account for everything you collect.  It's not that I don't trust you it's that I don't trust you yet.

  • Upvote 1

Share this post


Link to post
Share on other sites
On 12/12/2017 at 5:55 AM, V-Alfred said:

To be honest, as software developer myself, gathering data from user is really important for future improvement of the software, especially when it could be done automatically. But gathering something without user knowing about that is somewhat bad for their privacy, even though it's really not that important for them. That's the case in this problem, hopefully you guys (BI and all developer out there) could learn something about it. That's it, so far I'm falling in love with Ylands, keep up the awesome work devs. :P

I agree. All software needs some data to improve itself and run well. 

6 hours ago, Onedown said:

I would like to see total transparency in the form of being able to see exactly what data is being sent, when data is being sent and exactly where it is sent to as well as an explanation as to how each byte of data is used.  Every byte of data sent should be explainable in an easy to understand report to make sure data is not gathered from outside the game itself.  I would be more inclined to leave the option on to help if I could double check the data and account for everything you collect.  It's not that I don't trust you it's that I don't trust you yet.

I also agree here. If data is being collected I would love to see what exacally and in detail. 

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×