Hacker News new | past | comments | ask | show | jobs | submit login

I'm not a gamer at all, so this would normally escape my view, and I don't know if what you say is true and I can't evaluate yet.

But, to me, it sounds like you are saying this potential bad actor is intending to use the GDPR to determine the 'secret sauce' used to detect bad actors?

In other words, "Be transparent in your evaluation methods!" with the subtext of, "then I can subvert them."

That's one thing I hadn't considered. Pretty clever, almost like an oracle attack.

What I'm saying is much simpler. Cheaters are a very interesting crowd. In first person shooter games it's absolutely possible to dominate cheaters (because cheats only help with raw mechanical skill, not strategy or tactics) and the cheaters will often be the first to complain about cheaters when you kill them. Despite their unfair advantage, they lash out when things don't go their way - which seems to be happening here: they truly believe that they are above reprimand and that Anet must be punished for reprimanding them. The threat of GDPR is being used for this. In the broad category of shifting blame, it's very very consistent behavior and would probably make for a fascinating study.

There is always a chance that the author is being honest (having cheated in other games, but never GW2) but it's slim. I have my doubts as to whether GDPR would cover this (as it cannot be used to identify a natural person), but IANAL.

So, the GDPR actually says two things

- personal data is any data about a person which could, in combination with other data that you may not have, identify a person. That's much broader than your definition. In this case, I think the claim would be that if you knew all programs installed by a person, you could figure out who that person is. It's still probably a stretch. It's good that they prevented themselves from knowing what the program is, because that could sweep up health data. ie imagine they knew you were running a blood sugar tracking program, they could infer you had diabetes. Health data is in a heightened protection class under the GDPR.

- The game would still have to service data requests, ie give me all your data about me.

Doesn't seem that slim a possibility. I honestly can't see the need for bots or cheats in GW2 when there's so little that's grindy in quests or dailies and there's shortcuts through most of the dungeons simply with class skills not wall hack cheats. The only rare drops I can think of are the dungeon recipes which aren't that rare compared to drops in other games.

In other games, the grind is clear, and the appeal of bots painfully obvious.

It's a few years since I played GW2 so things may have changed.

Posting an analysis most definitely does not make you a bad actor. He works at an AV company and analyzes malware for a living. Malware uses the same techniques as this kind of spyware, and it’s pretty natural for a curious person who works with these tools to see what it was doing, especially after a ban. The GDPR won’t make that any less difficult.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact