Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

The curious case of ZOS integrating RedShell spyware into ESO

IselinIselin Member LegendaryPosts: 11,580
If you go by the ESO general forums in a regular basis you no doubt would have seen the 20 page thread about Summerset having included an extra bit of spyware.

Some people noticed, the forums blew up and Matt Firor responded today with an official statement saying it was added inadvertently, was never functional and will be removed on Monday.

Some posters, understandably, are having a hard time believing the inadvertent part since the game won't run if you remove that DLL and RedShell customer support when asked about opting out contacted Bethesda and replied with info they got from Bethesda about how to opt out.

This is a copy & paste of the original post which has been updated to include Matt's statement:

https://redshell.io/home

i just left this here
i have a knowledge than ZOS added this spy utility into eso with latest patches

enjoy new level of targeting ADs on main screen in a future

guys we need a guide how to disable this library
any programmers here who can do a short FAQ?

P.S. @ZOS_GinaBruno lady you know not officially informing us about collecting this data and their intent of usage along with instructions on how to delete said data is already a violation of the European laws?

HOWTO block it, workaround:
edit your host file on windows

Press the Windows key.
Type Notepad in the search field.
In the search results, right-click Notepad and select Run as administrator.
From Notepad, open the following file: c:\Windows\System32\Drivers\etc\hosts.
Make the necessary changes to the file.
Click File > Save to save your changes.

add

0.0.0.0 api.redshell.io

at the bottom

This will block traffic from your computer to that server. You can block it from reporting through your modem or your router as well.

HOWTO opt-out:
Hey guys small update. I got contacted back by a R.S. employe:

Email 1:
Hi Insertnamehere,
We were working with Bethesda to determine how you can pull the Bethesda Account ID we need from you to implement the opt-out for ESO in particular. Hopefully we will have it all sorted by EOD.

In general though, in order to opt you out from tracking we need to know your SteamID64. You can find this ID if you don't already know it using a website like https://steamidfinder.com/. That can at least get us started while we are waiting to hear back from the Bethesda team.

Let me know if you have any questions,
The employe

Email 2:
Hi Insertnamehere,
Just heard back from Bethesda. It sounds like if you can provide either the email address or the user name tied to your account and they can provide us with the internal ID we need. If you can provide that I'll get the process started on the Bethesda end and give you an update as soon as the optout is done.

So yes, you can remove the information like this no-problem. Contacting Zos via email is probaly pointless as they watch this thread. Just use this page: https://redshell.io/optout?success=1

what else we can do:
If you want a response quickly, you'd need to send this as a tip to lower-tier bloggers, MMO news sites and other gaming media.

For example, the sites that covered the Guild Wars 2 spyware debacle included: Massively OP, Motherboard (Vice), Kotaku, Bleedingcool, Pcgamesn, TechRaptor, N4G etc.

other sites discussion/news:
https://www.reddit.com/r/elderscrollsonline/comments/8nqzkt/zos_just_silently_installed_spyware_in_eso/
http://massivelyop.com/2018/06/01/players-try-to-figure-out-how-to-opt-out-of-elder-scrolls-onlines-new-spyware/
http://www.esoui.com/forums/showthread.php?p=34889#post34889
https://steamcommunity.com/app/306130/discussions/0/1694922980043392965/

P.S.
ZOS_MattFiror wrote: »
Everyone,

My apologies for the confusion over the integration of Red Shell into ESO. Here’s what happened: we have been experimenting with a better way to link which advertisements and web content new players see to the eventual account that is created in the game. The ONLY purpose this would be used for is to determine from which origin points our new players come from, so we can better plan where to place advertisements and other web content. Existing accounts will never encounter this, as they are already created.

Several factors came together in Update 18 and Red Shell was erroneously added to the live build when we were still testing and evaluating it. It has never been active in ESO, even though the base tech is in the client – i.e. it was never enabled. So, we will remove it from Update 18, which will take place in the PC/Mac incremental build scheduled for this coming Monday (it was never considered for Console, so won’t be in Tuesday’s U18 launch). We never should have done this without giving everyone a heads up it was coming, and we will learn from this mistake.

That being said, we are still investigating how to use this technology in the future to grow and sustain ESO more effectively. When/if we do so, we will give everyone a heads up with clear instructions as to what it is doing, how it is doing it, and how to opt-out should you so desire.

Check out the patch notes on Monday for the notice that Red Shell has been removed from U18, and we will keep everyone posted – and again, my apologies.

Matt


“Microtransactions? In a single player role-playing game? Are you nuts?” 
― CD PROJEKT RED
YashaXlaseritGrunt350NycteliossomeforumguyJean-Luc_Picard

Comments

  • rojoArcueidrojoArcueid Member EpicPosts: 9,283
    looks like ESO is showing its age in terms of possibly not making enough money that they have to rely on ads... in a paid game. I hope they sort it out.

    PS: Long live offline games.
    Gorwe




  • YashaXYashaX Member EpicPosts: 2,337
    That's unbelievable, wtf.
    ....
  • laseritlaserit Member EpicPosts: 5,590
    So are we getting to the point where we can't even fucking trust what these companies are covertly installing on our machines.

    Regulation is sorely needed on this industry and it cant come soon enough.


    LonestryderIselinRexKushmanNycteliosbartoni33Gorwe

    "Be water my friend" - Bruce Lee

  • rojoArcueidrojoArcueid Member EpicPosts: 9,283
    We need GDPR in America.
    RexKushman




  • Grunt350Grunt350 Member UncommonPosts: 27
    edited June 2
    WTF!!!! and them this is the kind of ppl that them say that they don t need any kind of regulation because its a danger for innovation. 
    Post edited by Grunt350 on
    laserit
  • laseritlaserit Member EpicPosts: 5,590
    Grunt350 said:
    WTF!!!! and them this is the kind of ppl that them say that they don t need any kind of regulation because its a danger for innovation. 
    Oh..... they're innovating alright ;)
    Grunt350NycteliosGorweDakeru

    "Be water my friend" - Bruce Lee

  • NycteliosNyctelios Member EpicPosts: 2,757
    A new low for ZoS

    “There are three things all wise men fear: the sea in storm, a night with no moon, and the anger of a gentle man.” ― Patrick RothfussThe Wise Man's Fear


    - Steam ID Discord ID: Night # 6102
  • cheyanecheyane Member EpicPosts: 5,607
    What the .... damn didn't think they would sink this low.
    image
  • Jean-Luc_PicardJean-Luc_Picard Member LegendaryPosts: 7,579
    Mmhh, unless I missed something, it's "steam tracking". So if you own ESO but didn't purchase it on steam, and therefore don't need to be logged into steam to run it, this red shell thing is actually not doing anything to you, right?
    "The ability to speak doesn't make you intelligent" - Qui-gon Jinn in Star Wars.
    After many years of reading Internet forums, there's no doubt that nor does the ability to write.
    CPU: Core I7 8700k (4.70ghz) - GPU: Gigabyte GTX 980 Ti G1 Gaming - RAM: 16GB Kingston HyperX Savage DDR4 3000 - Motherboard: Gigabyte GA-Z370 Aorus Ultra Gaming - PSU: Antec TruePower New 750W - Storage: Kingston KC1000 NVMe 960gb SSD and 2x1TB WD Velociraptor HDDs (Raid 0) - Main display: Philips 40PUK6809 4K 3D TV - Second display: Philips 273v 27" gaming monitor - VR: Pimax 4K headset and Razer Hydra controllers - Soundcard: Sony STR-DH550 AV Receiver HDMI linked with the GPU and the TV, with Jamo S 426 HS 3 5.0 speakers and Pioneer S-21W subwoofer - OS: Windows 10 Pro 64 bits.

  • GorweGorwe Member RarePosts: 5,174
    We need GDPR in America.
    No way will DJ ever allow that.
    Mmhh, unless I missed something, it's "steam tracking". So if you own ESO but didn't purchase it on steam, and therefore don't need to be logged into steam to run it, this red shell thing is actually not doing anything to you, right?
    Also, yes. Let's not stir up trouble unless it is really necessary.
  • BananableBananable Member UncommonPosts: 84
    PS: Long live offline games.
    Lolz  Offline games died long time ago.
    Theyve been putting microtransactions, spyware, malware(denuvo) for years.
    heres latest one 
    https://store.steampowered.com/app/220200/Kerbal_Space_Program/
  • IselinIselin Member LegendaryPosts: 11,580
    edited June 2
    Mmhh, unless I missed something, it's "steam tracking". So if you own ESO but didn't purchase it on steam, and therefore don't need to be logged into steam to run it, this red shell thing is actually not doing anything to you, right?
    You might be right about the "only Steam" part although, as I understand it, it's the same client for all.

    But regardless of how they eventually mean to use it, they do eventually mean to use this or something else like it if I'm reading the "having said that..." paragraph correctly.

    Even if the "erroneously added" part is accurate that's a rather embarrassing admission of a major fuck-up somewhere in their production line.

    But I'm not so sure it was a mistake. I may be reading too much into this but the guy who asked RedShell how he could opt out and was told by RedShell that they would follow up with Bethesda, got back to him with a reply telling him what Bethesda said he needed to do in order for Bethesda to provide RedShell his internal user ID. Now it seems to me that if it was not meant to be live already the correct response from Bethesda should have been something along the lines of "WTF? This is not live yet." So at least one person at Bethesda RedShell spoke to thought it was a done deal and an active thing you could opt out of after jumping through some hoops. I don't think I'm being too cynical thinking that Matt's post has some "alternative facts" in it.

    Another thing that occurred to me is that I bet a lot of large companies have their own internal solutions to accomplish what ZOS is trying to accomplish through 3rd party software. This is probably a lot more common than most of us know and the only reason we're finding out about this one is due to a known footprint left by this 3rd party program. For all we know Blizzard could have been using something called azeroth000111.DLL for years performing a similar function.

    EDIT:

    @Jean-Luc_Picard

    I have never used steam for ESO and I just had a quick browse at the client install directory and RedShell.DLL is there.
    Post edited by Iselin on
    laxie
    “Microtransactions? In a single player role-playing game? Are you nuts?” 
    ― CD PROJEKT RED
  • laxielaxie Member RarePosts: 1,000
    edited June 2
    RedShell basically links your in-game identity to your website identity. As far as I can tell, it doesn't spy on you in any additional way besides making that link. This can have endless applications, from ones most people would agree with, to dodgy ones most would object to.

    After linking your website id to an in-game id, Zenimax might see if players buying the game on Steam visit their website first. This to me seems completely fair game. It will inform the company where and why the purchases are being made.

    A more contentious implementation may be checking the size of your friend-list in game and then serving you website adverts based on that information.

    A dodgy implementation would be measuring your risk behaviour based on how you play and then serving you gambling adverts if you pass a threshold.

    The thing is, all of this is extremely common these days. RedShell simply links two identifications together, which is charity work compared to what happens elsewhere, across all sectors. Even indie companies have dedicated people to measure behaviours in game. I recently met with an artist from a studio of 8, one of whom is responsible for nothing but optimising retention.

    I've also had numerous talks on similar practises at university. These talks were quite revolutionary 5 years ago, but are very common today. Two months ago I heard a talk from a person employed by the "nudge unit", a governmental institution set up by the UK government. They do things like send customised bills based on your predicted personality - if you are from a pro-social area, your tax bill will say "91% of your neighbours paid the bill on time.", if you are from a different background, it will say something else. They also do things like optimising marketing campaigns to change the number of people doing a behaviour in an area. For example, they often work in schools to change the behaviour of young kids, which is possibly a morally slippery slope too.

    Last year, I met with a consultant who was tasked with optimising a restaurant. It's a chain that does running sushi - one of the places where you can pick plates from a belt and then pay for what you grabbed at the end. They wanted to optimise this, so they hired this person to develop an image recognition system. It will track what people are picking up and when. You will then get patterns of food on the belt to maximise your spending.
    Post edited by laxie on
    IselinTorvallaseritGorwe
  • NewbieOSNewbieOS Member CommonPosts: 1
    For reference purposes:

    Link on a IT user forum inspection on the RedShell.dll capabilities
    https://forums.elderscrollsonline.com/en/discussion/comment/5184809/#Comment_5184809

    Vulnerability Test on Redshell.dll and ESO using Kaspersky Total Security software
    https://imgur.com/a/ypq4awU 

    (Legend: Print Screen no 5 & 6 on the vulnerability test results)

    Link on the Kaspersky Total Security capability
    https://kaspersky.com/total-security

    Link on Kaspersky Lab Research and Report - it includes not only virus but also other threats (malware, spyware, etc) - for reference purposes
    https://securelist.com

    From the sources above, as per my understanding as a ordinary PC user , I can say that RedShell is not a spyware program as the title of this thread but the real topic should be “ is the integration of the Redshell.dll file to ESO game client without transparency and acknowledge of its players/users?” since RedShell is a third party analytics tool developed by Innervate, Inc (https://innervate.us)

    Link for Redshell as a third party analytic tool:
    https://venturebeat.com/2017/06/01/red-shell-is-a-new-tool-to-help-steam-devs-track-who-is-buying-their-games/

    https://blog.redshell.io/gamesight-track-levels-up-and-becomes-red-shell-187c28f00b7c

    However in the ZOS Privacy Policy that I had agreed when I install the game at the first time, there was one paragraph saying like this https://account.elderscrollsonline.com/privacy-policy

    Analytics Tools. We may use internal and third-party analytics tools (see our Cookie Policy at http://www.zenimax.com/cookie_us for a list of third parties) to collect and aggregate activity data and other data across multiple channels
    laxieKyleran
  • IselinIselin Member LegendaryPosts: 11,580
    NewbieOS said:
    For reference purposes:

    Link on a IT user forum inspection on the RedShell.dll capabilities
    https://forums.elderscrollsonline.com/en/discussion/comment/5184809/#Comment_5184809

    Vulnerability Test on Redshell.dll and ESO using Kaspersky Total Security software
    https://imgur.com/a/ypq4awU 

    (Legend: Print Screen no 5 & 6 on the vulnerability test results)

    Link on the Kaspersky Total Security capability
    https://kaspersky.com/total-security

    Link on Kaspersky Lab Research and Report - it includes not only virus but also other threats (malware, spyware, etc) - for reference purposes
    https://securelist.com

    From the sources above, as per my understanding as a ordinary PC user , I can say that RedShell is not a spyware program as the title of this thread but the real topic should be “ is the integration of the Redshell.dll file to ESO game client without transparency and acknowledge of its players/users?” since RedShell is a third party analytics tool developed by Innervate, Inc (https://innervate.us)

    Link for Redshell as a third party analytic tool:
    https://venturebeat.com/2017/06/01/red-shell-is-a-new-tool-to-help-steam-devs-track-who-is-buying-their-games/

    https://blog.redshell.io/gamesight-track-levels-up-and-becomes-red-shell-187c28f00b7c

    However in the ZOS Privacy Policy that I had agreed when I install the game at the first time, there was one paragraph saying like this https://account.elderscrollsonline.com/privacy-policy

    Analytics Tools. We may use internal and third-party analytics tools (see our Cookie Policy at http://www.zenimax.com/cookie_us for a list of third parties) to collect and aggregate activity data and other data across multiple channels
    Spyware:

    software that is installed in a computer without the user's knowledge and transmits information about the user's computer activities over the Internet

    Without our knowledge pretty well elevates this into the realm of spyware from the more warm and fuzzy sounding analytics tools.

    "Spyware" doesn't need to be something evil dreamt up by Putin. There's a range from fairly benign tools to the ones that try to grab the PW to your online banking. All it needs to fit the definition is right up there in plain English.
    “Microtransactions? In a single player role-playing game? Are you nuts?” 
    ― CD PROJEKT RED
  • MMOExposedMMOExposed Member UncommonPosts: 6,673
    ELI5, what does this Spyware do, Or potentially can do?

    image

  • Arkade99Arkade99 Member RarePosts: 411
    Secret World Legends includes the RedShell.dll. I didn't see it in any other games, but if it's in more than one, it's probably fairly common.
    Torval
  • TorvalTorval Member LegendaryPosts: 17,650
    Spyware is a bit of a scare word but it is true in the sense that Google Analytics and other web trackers are. They track your web browsing behavior.

    I did a bit of digging and apparently this is something ZoS wants to use to help determine where people who buy the game learned about it. So if you saw an ESO advert here, and on MassivelyOP and a few other websites and then bought the game, RedShell will help them create some useful reporting on that. That way they can spend expensive advertising smartly wIth website traffic that delivers hits.

    RedShell is also the name associated with a former piece of malware (not associated with this company) some time ago so it also has shade attached to the name if you dig far enough. That is a separate thing though. It was coincidence.

    The game file is apparently compiled with the client as a dependency so it can't be simply deleted. According to ZoS and Firor it's not enabled which correlates with what users have found - it's there but inactive. Also according to him it will be removed in a U18 patch next week.

    It's unsurprising really. Ads are expensive. ZoS is very much revenue stream focused. Most gamers are oblivious and live in some alternate reality.
    EldurianOctagon7711laxie
    *INCOMING RADIOACTIVE SUPERCELL*
    ...silent protagonist, Interloper, Traveller, Anomaly...


  • laseritlaserit Member EpicPosts: 5,590
    Torval said:
    Spyware is a bit of a scare word but it is true in the sense that Google Analytics and other web trackers are. They track your web browsing behavior.

    I did a bit of digging and apparently this is something ZoS wants to use to help determine where people who buy the game learned about it. So if you saw an ESO advert here, and on MassivelyOP and a few other websites and then bought the game, RedShell will help them create some useful reporting on that. That way they can spend expensive advertising smartly wIth website traffic that delivers hits.

    RedShell is also the name associated with a former piece of malware (not associated with this company) some time ago so it also has shade attached to the name if you dig far enough. That is a separate thing though. It was coincidence.

    The game file is apparently compiled with the client as a dependency so it can't be simply deleted. According to ZoS and Firor it's not enabled which correlates with what users have found - it's there but inactive. Also according to him it will be removed in a U18 patch next week.

    It's unsurprising really. Ads are expensive. ZoS is very much revenue stream focused. Most gamers are oblivious and live in some alternate reality.
    So Zenimax wants to maximize their profit by covertly installing software that has zero to do with the code for the actual game.

    Its not OK

    Its no longer Zenimax providing a service. It's Zenimax using your services, and using them for free.

    They have zero right to install third party software that is unrelated to the workings of the actual game.

    Instead of a big fancy loot box ad every time you log in, maybe they should be asking your permission to run dll's that spy on what websites you visit as well as permission use up your drive space with this shit.

    I don't give a shit how deep in a EULA this crap is buried its an invasion of your privacy and requires your expressed permission.

    Regulation cant come soon enough. This is well beyond any kind of game play. 





    ScorchienIselinTorval

    "Be water my friend" - Bruce Lee

  • TorvalTorval Member LegendaryPosts: 17,650
    This RedShell thing doesn't bother or outrage me, but I can understand why people do find it objectionable. If "they" want to try and second guess me, great. If they're accurate and I find stuff, neat. Most of the time I have a purpose when I buy online so ads are only relevant if they're on subject. 

    Funcom, a European company uses the same service for the same thing. I'm not absolving them of that activity or implications it brings either, but I'm pointing out this may be more common than some people previously thought.

    I believe there are other companies that offer these services too. I'm also pretty sure Steam, GoG, and other store fronts use tracking analytics to provide relevant content. Again, not implying it's okay, but rather this isn't isolated.
    *INCOMING RADIOACTIVE SUPERCELL*
    ...silent protagonist, Interloper, Traveller, Anomaly...


  • Octagon7711Octagon7711 Member EpicPosts: 7,597
    I'd be really surprised if they didn't sell the information to third parties for extra profits.

    “We see the world, not as it is, but as we are or, as we are conditioned to see it.”   ― Stephen R. Covey

  • TorvalTorval Member LegendaryPosts: 17,650
    I'd be really surprised if they didn't sell the information to third parties for extra profits.
    They're paying to find out information. RedShell is providing the service. So yes, they're selling the information for profits but RedShell is doing the selling and ZoS is buying. They use this information to understand where to spend ad money and likely focus development.

    They could look at the top websites (those where advert views and clicks resulted in a game purchase) and then analyze that demographic. From those profiles they would target design. It's why I think they've morphed the game so heavily from what it began as, into what it has become. They use or buy analytics and make smart decisions about who is playing their game and how they will pay for it. RvR taking a backseat and the focus on lootcrates didn't happen because they were following trends and saw dollar signs at the end of the tunnel. It's because they're data smart.
    *INCOMING RADIOACTIVE SUPERCELL*
    ...silent protagonist, Interloper, Traveller, Anomaly...


Sign In or Register to comment.