PDA

View Full Version : What Origin does when it scans your computer.



Grizzly
02-11-2011, 02:24 PM
Some bloke on the reddit forums examined the accusations of Origin scanning your computer, and found out what Origin does.

Quote:

Originally Posted by A clever bloke called Mitsuhiko on the reddit forums


Yay. Conspiracies. So let's see what Origin really does, shall we?
If you hook process monitor onto Origin you will not see Origin scanning anything, independently of how long you use it. So what triggered the OP's screenshot?
Origin on installation will try to find games installed on your harddrive and automatically register them within Origin. It does that in a couple of different ways:
It reads the windows games registry
It looks for games in Program Files
It looks for games in ProgramData (where, for unknown reason the OP's SMS and tax software are storing the data instead of the user profile where that data should go!)
it reads the xfire config if it finds one for games
If you look at the screenshot closely you will see that it does not actually read any files. Instead it looks for their existence and recursively walks the directory. It does not read any of your files, at least not judging from this screenshot or anything I have found on my machine.
Lastly if you monitor the network traffic that Origin causes you will see that it does not transmit anything of value to EA. So far I have not seen anything bug login credentials being submitted.
But it's always so much more fun to assume that software is inherently evil. You can hook a syscall monitor on any application and you will see that it operates all over the drive. That's not something unique to Origin. Steam will do the same if you click the "add non steam game" button.
//EDIT: something I forgot: I think people should not run any sysinternals tools without a basic understanding of what they do or at least not jump to conclusions..

Taidan
02-11-2011, 02:53 PM
Some random anonymous commenter on the internet said something?

This changes everything!

deano2099
02-11-2011, 03:06 PM
Well it's at least as valid as the random commenter on the internet that started the whole "EA steals your tax returns" thing.

DigitalSignalX
02-11-2011, 04:21 PM
http://img849.imageshack.us/img849/7977/dutycallsy.png

Jerusahat
02-11-2011, 04:32 PM
...

You're right, it's probably not worth the effort.

TillEulenspiegel
02-11-2011, 04:33 PM
Notice that Omgmytaxfiles.jpg (http://imgur.com/a/AtXJH) has different desired access parameters, but they're cut off because the guy who took the screenshot didn't understand their relevance.
Well, past the dwDesiredAccess flags, it's really not relevant.

It's pretty weird that Origin would be reading the attributes of random, non-EXE files.

'Course, it's probably just some lazy way to list all the files and get more information than they need. Kids have no respect for wasting syscalls these days.

NecroKnight
02-11-2011, 06:04 PM
People are probably overreacting with all this Origin spyware bullshit.

Kadayi
02-11-2011, 06:31 PM
There's no probably about it. It's a classic case of non legal types reading legal docs and freaking out, instead of asking a legal professional what it actually means.

Cooper
02-11-2011, 06:34 PM
Currently there's no reading or storing or sharing of information. Fine.

The problem is that the EULA specifically -allows- for such a thing to happen, with no guarantees that a patch tomorrow does mean it -starts- to be all evil up in your HDD.

Unaco
02-11-2011, 06:35 PM
People are probably overreacting with all this Origin spyware bullshit.

characters

R-F
02-11-2011, 06:47 PM
There's no probably about it. It's a classic case of non legal types reading legal docs and freaking out, instead of asking a legal professional what it actually means.

How dare people presume to be able to read documents made by the Lawyer-Lords?!

Unaco
02-11-2011, 06:55 PM
Here's an actual lawyers take on the whole thing.

http://www.gamerlaw.co.uk/2011/08/ea-origins-eula-is-non-story.html

R-F
02-11-2011, 07:00 PM
Here's an actual lawyers take on the whole thing.

http://www.gamerlaw.co.uk/2011/08/ea-origins-eula-is-non-story.html

I love the fact the lawyer is arguing that we're misconstruing the EULA when he's misconstruing the whole issue.

The fact that game companies have broken laws in the past with similar schemes (and not been called out on it) is the reason people act like this.

Nalano
02-11-2011, 07:18 PM
Here's an actual lawyers take on the whole thing.

http://www.gamerlaw.co.uk/2011/08/ea-origins-eula-is-non-story.html

Seems like, even with 'experts' looking at the info, we suffer from a dearth of perspective.

Purewal (and I'd like to know who his employer is, as a "gaming lawyer") makes the point that other EULAs are worse, before concluding that because they "need" to market to us better, trawling our install directories "needs" to be done, and that the only thing wrong about this whole arrangement is that they haven't explained to us adequately just how they're using spyware to market to us. (And, aside from stealing credit card info, that's all spyware does: Sell info to marketers).

I, for one, am still not convinced that our corporate overlords are being entirely kosher.

Unaco
02-11-2011, 07:24 PM
Purewal (and I'd like to know who his employer is, as a "gaming lawyer")

Osborne Clarke.

http://www.osborneclarke.com/contact-us/people-finder/people/pqr/p/purewal-jas.aspx

psyk
02-11-2011, 07:58 PM
So what does this "spyware" send off my machine?

CrinnyCow
02-11-2011, 08:12 PM
Seems like, even with 'experts' looking at the info, we suffer from a dearth of perspective.

Purewal (and I'd like to know who his employer is, as a "gaming lawyer") makes the point that other EULAs are worse, before concluding that because they "need" to market to us better, trawling our install directories "needs" to be done, and that the only thing wrong about this whole arrangement is that they haven't explained to us adequately just how they're using spyware to market to us. (And, aside from stealing credit card info, that's all spyware does: Sell info to marketers).

I, for one, am still not convinced that our corporate overlords are being entirely kosher.
I'm pretty sure the revised Origin EULA specifically states that it will never sell information it got from your computer. EA is "trawling" your install directory the same way that steam does every time you click "add non-steam game" or the same way xfire does when it generates a list of launchable games. I think Purewal is right. Nothing Origin is doing is new (really though... it's not.). "Legalese" just appears to be more ambiguous than most people would like. I feel if EA took the time to publish an unofficial but readable-to-a-wider-audience document to explain what their EULA is stating, there would be a lot less fuss about this.

Nalano
02-11-2011, 08:29 PM
Osborne Clarke.

http://www.osborneclarke.com/contact-us/people-finder/people/pqr/p/purewal-jas.aspx

Yeah, he's not a consumer rights lawyer. He's a corporate lawyer.


I'm pretty sure the revised Origin EULA specifically states that it will never sell information it got from your computer. EA is "trawling" your install directory the same way that steam does every time you click "add non-steam game" or the same way xfire does when it generates a list of launchable games. I think Purewal is right. Nothing Origin is doing is new (really though... it's not.). "Legalese" just appears to be more ambiguous than most people would like. I feel if EA took the time to publish an unofficial but readable-to-a-wider-audience document to explain what their EULA is stating, there would be a lot less fuss about this.

I understand his point that nothing they're doing is new.

That doesn't mean that what they're doing is right.

I think it's a deliberate misrepresentation to conflate the two.

archonsod
02-11-2011, 09:53 PM
That doesn't mean that what they're doing is right.

Then blame Microsoft, since they're the ones that require you to scan a directory to see it's contents :P

Nalano
02-11-2011, 10:08 PM
Then blame Microsoft, since they're the ones that require you to scan a directory to see it's contents :P

That's like saying "blame AT&T for letting the government do wiretaps."

Estel
03-11-2011, 12:50 AM
That's like saying "blame AT&T for letting the government do wiretaps."

Only if you're equating the act of trying to discover which games are installed on a system to add them to a list; with wiretapping someone (!?!?)