Origin is a software intended for international use, including such countries where this behavior is:
a) actively prohibited
b) probably illegal, but never came to court
c) not covered by the EULA, as EULAs are not binding
It might be okay in your country, but not in others.
However, the fact accompanying documentation is a mess, so it's very hard to comprehend it, makes this not really okay.
No, it's not ok. Origin is a piece of software used internationally. Many countries have explicitly ruled that the EULA is not an out of legal requirements of those countries, which are more protective than the legal requirements in the US.
You can't just go and do something illegal and claim it's ok because one country has interpreted that the EULA lets them do that due to that same country's laws being heavily biased towards the corporation. That's what the GP was saying.
How did you come with that? That's non sequitur.
As far as I know, no country outlaws merely scanning a list of recently ran applications. And article in question only talks about that, not storing, sending or whatever - actually it has completely no idea why Origin's accessing that UserAssist key.
If you insist - please, name me a country where, for example, it would be illegal to locally access (one again, not send anything based on that to a remote processing or storage system, that's another story) your contacts for a piece of software on your phone that had forewarned you it will access your contacts?
There's (almost) no permission systems on desktop, but there are other means to convey that information. Here, I'm considering EULA as not a legally binding piece of text, but as a part of documentation.
These are two wildly different scenarios.
I can write a EULA that requires you to sign over the rights to your firstborn child, your soul to the devil, and any other nonsense that I could come up with.
That doesn't mean that it's actually legally enforceable. Certain clauses have been deemed nonenforceable by law in contracts, so just because it's in the EULA doesn't mean it's valid.
Also, just because it hasn't been deemed nonenforceable previously doesn't mean that it is valid either; it has to be tested (as with all law).
That doesn't give a definitive answer either way, except to say that just because it's in the EULA doesn't mean it's permissible, either morally (subjective) or legally (objective, or at least "objective").
 The ones that people on this site may be most familiar with are noncompetes and/or invention assignments (in certain states - these particular examples are actually more hazy than most people think, but that's a separate matter). Other extreme examples would be contracts that make a person the legal property of another person (e.g. in many/most countries, you cannot enter into "consensual slavery" with a legally binding contract).
It is, if you buy the disk, install the game and then click through. It ain't if you download Origin, install, accept the EULA and then buy a game.
Still, it is questionable whether a contract that is rarely read and can be changed at whim is a contract in some legislations at all. This is still a HUGE open topic.
When they haven't found them legally binding, they've generally either been simply ridiculous or deceiving.
Even in the USA, you can't sell yourself into slavery for the rest of your life, as an example of a contract that might be invalid. Most other countries simply have more consumer rights which disallow even more forms of contract.
In Europe, for example, contractual freedom with a consumer (not in between companies) is often highly regulated. And even then, it differs from country to country.
edit: Gabe Newell explained Valve's reasons for scanning DNS cache - http://reddit.com/r/gaming/comments/1y70ej/valve_vac_and_tru...
In a perfect world EA would just use steam and give up on Origin. I'm sure they can pay Valve enough to get top billing on steam and it would be less than they spend on their own anti-cheat and origin engineering. They'd also have to cut steam in on sales, but it might still be worth it. It would definitely be worth it to the user as the Origin software is horrible.
And this is perfectly okay, but looking through a list of start menu entries isn't? In fact I'd consider shipping off lists of URLs and domains I've been to worse than looking through installed programs.
> In a perfect world EA would just use steam and give up on Origin.
I disagree, competition is a good thing. By this same argument we should all ditch every other operating system because most users run Windows, so using others isn't necessary. Sure Origin has had its' share of bumps, but so did Steam in its early days, now look at it - Steam is adored by gamers and anything else is immediately shunned.
> would be less than they spend on their own anti-cheat
I'm not sure about this, but from my understanding Steam doesn't really offer much anti-cheat, mostly just DRM. Valve games all have VAC, but I'm not sure how widely used VAC is for non-Valve games.
> It would definitely be worth it to the user as the Origin software is horrible.
I partly disagree with this. The Origin interface really isn't that bad, I actually find it a lot faster/more responsive than Steam's. Steam's interface is also far from great - although they do have great cross-platform consistency, it is at the expense of being inconsistent with the users operating system.
Still has. I can't even visit origin.com without either enabling my VPN or having it in German.
Here is some info on what the UserAssist keys are: http://www.aldeid.com/wiki/Windows-userassist-keys
Part of me wishes they could outlaw these types of things, but I don't really see any way you could logically force someone to make their platform available to competitors.
Almost every action Microsoft has taken in the last 20 years has been about furthering their lock-in. The Xbox exists solely to promote DirectX, which tightens Windows' foothold; other consoles were (and are) mostly based on a derivative of OpenGL, which made it easier to port games to non-Windows platforms.
.NET exists solely to ensure that more business software requires Windows, and Windows Phone exists to ensure that more mobile software requires Windows. Java's write once, run anywhere philosophy is one of Microsoft's main targets, and has been since Java gained popularity in the early-mid 90s. Cross-platform compatibility is the bane of software vendors within their sphere of influence. Since MS primarily sells operating systems and office software, everything they do is about ensuring it's difficult to use a different operating system or office software.
You can go through a similar history for almost every major software vendor. It's in their monetary interest to make it difficult for users to switch platforms, which means it's in their interest to keep your data locked up and/or obfuscated.
Xbox sales were #1 for years - had to be a profit motive there regardless of software 'lock-in'.
.NET maybe, but Windows Phone? Last place in phone sales. How does that lock anybody into anything?
IE supports Java - no lock-in possible there.
Sometimes companies complete by writing software people want to buy. Microsoft has demonstrably done that, and in a market where they are clearly incapable of locking anybody to anything.
No. You're confusing sales with profits. The Xbox division lost Microsoft over $3 Billion '03-'12. This has been covered extensively but see eg) http://www.neowin.net/news/report-microsofts-xbox-division-h...
Profit, other than perhaps hope of long-term profit derived from spending their competitors out of business, was certainly not their motivation
IE runs Java applets through a third-party plugin, and Java runs on Windows because the Java guys write and distribute a VM that supports Windows. Microsoft already got itself in very hot water for trying to strongarm people off of its platform entirely (Netscape antitrust case), so they're not about to try that again. You can make software for Windows, but Microsoft is going to use their clout in legally "fair" ways to make sure you don't damage their lock-in. Java was a very serious threat to MS, which is why they created .NET and built an enterprise sales apparatus around it.
Sun lost its way and Microsoft ate up most of the custom enterprise software market with .NET. A pity really; the future could've looked much different if Sun had successfully and aggressively countered .NET. MS made sure it didn't happen because write once, run anywhere meant that Windows wasn't going to be very important anymore. .NET touted similar features, but the catch was they only wrote a VM for MS platforms, incidentally.
Pre-reply: Yes, Mono exists, Microsoft made minor contributions here and there to it, but it is now and always has been a second-class citizen in this space, and Microsoft will ensure that it always will be. It seems Mono typically gets support for an API just as it becomes deprecated and its new big brother starts to emerge on Windows. That's intentional.
Any business' end-goal is profit. With the Xbox, this is through both vendor lock-in and "owning the living room". Some MS exec once also talked about using it as a way to transition the masses of console gamers to PC, but that was probably just a "nice to have" at best.
Wanting to use something as a lock-in tool doesn't make it one. I'm pretty sure Microsoft would prefer Windows phone to be at place 1.
Why is vendor lock in NOT illegal? (Besides lobbying)
Suppose my only option for earning a living depends on software from Vendor X, who has used lock-in techniques to eliminate their competition. At this point there would be nothing to be done except make vendor lock-in illegal.
It would be easy to do, too, simply by requiring either A. up-to-date, detailed documentation of file formats and protocols necessary for data migration, or B. support for an interchange format that provides the same features as a proprietary format.
This is not to say I'm a fan of vendor lock-in. Quite the opposite, actually. But I do know laws like this will always have unintended consequences, will always be manipulated by those same large companies ostensibly being regulated to give them advantages over new entrants, and, as a result, will always make the competitive landscape more difficult than it would have otherwise been. How big does your market have to be? How big does your company have to be? Is the broadband chip on your phone subject or just your whole phone? What about trade secrets?
The advantage of the antitrust laws is in the lack of specificity. It takes a complete trial to actually show wrong-doing.
This paints it as more of a societal problem than a legal one, and I think you're correct in hindsight.
I think about my gamer friends, and they've resigned themselves to vendor lockin because "What choice do I have if I want to play with my friends?", something I've come to call the Facebook Argument.
However, when I think about [some of] my colleagues, many of them don't like vendor lockin when it's applied to them, but aren't against implementing similar features in their own projects with a different name, and I have a hard time believing they don't see it for what it is.
We learned monopolies are bad this decade, again. Or is that again again? Or again again again? Or maybe it was again again again again again. I can't keep track. But we have a large portion of our population clamoring for every game to be on Steam or every house to be on Google fiber.
It's not, but it's far better than "everything on Origin".
I'm not saying I love it, but it's important to be accurate before turning the outrage dial to 11.
But then again, once you start using proprietary software you expect there is a gorilla holding your banana and with him comes the jungle.
Not even once.
This was addressed here:
Agreed about EA and Origin.
The only "invasion of privacy" found was in VAC, which uses security through obscurity to deceive cheaters. When somebody got concerned about that, Gabe Newell immediately explained publicly the security mechanism, letting everybody with basic IT knowledge deduce that Valve has thought this quite thoroughly for privacy.
I have never heard of them until now to be honest so I'm not the guy to ask.
Windows: C:\Users\<user>\AppData\Local\Google\Chrome\User Data\<Name>\Extensions
Mac: ~/Library/Application Support/Google/Chrome/Default/Extensions
And now we're going to get OS level DRM that works through all of our browsers, thanks to Netflix, Google, Microsoft, Apple, and last, but not least, the W3C. Terrific.
Often the intent of a cheater is to ruin the game for everyone else, with patches that give them super-powers (aimbots and wall hacks are pretty common) and the ability to unfairly dominate the other players. Sometimes there are cheaters in official tournaments (a high-profile player in Germany was recently found to be cheating).
Scanning a whole system for "DRM cracking tools" seems very, very bad to me. If this is what EA is doing then they had better have a really good explanation.
Scanning a the running environment of an online game, under the umbrella of a EULA, seems fine. I'll note that if you object to this, you're free to play on non-protected game servers.
Some games are designed to be inherently cheat resistant. One strategy is for the server to never give the game client enough information to be useful for cheating, so even if you've written a totally cheaty client it doesn't do you much good. (Reductio ad absurdum, your client is just a smart video feed with some controller input).
Cheaters suck, but they're a fact of life and if your online game doesn't prevent them then you'll be overrun by the scum and honest players will stop playing.
"I'm going to pout and not pre-order Battlefield 5 until a week before it comes out. That'll show them!"
"Errrm, I couldn't help but notice that the videogames company representative just let himself into your house, fucked your dog up the arse, killed your goldfish and pissed in your coffee"
"Oh yes, it's all in the EULA, it's perfectly fair, I am playing the game I bought from them, don't you know!"
The app name in that list is ROT13-"encrypted" by explorer.exe for some odd reason; see:
They did so very openly, although you clearly couldn't play the game without submitting to the requirements.
Of course, this was back when things like having the government surveil our library history was considered a big deal in privacy. Culture's changed quite a bit since.
I'm not saying they succeed at that. I have no idea how secure their sandboxes are and what limits they place. But, that is arguably the intent (or at least one of the intents).
Steam on the other hand has no such intent AFAIK. Of course in all those cases, including Steam, there is the threat to the publisher they'll be banned from the store if they do this kind of thing. I don't know if there is any example of Steam removing an app because of "unethical behavior". I would guess if it was an indie they'd ban first, question later whereas if it was a big publisher like EA they'd probably talk first, try to get them to address the issue.
I'd be curious to know if Steam Box makes any effort in this direction. I was similarly worried about Boxee apps (the PC/OSX/Linux version), XBMC scripts. etc...
Besides being intrusive, Origin is spectacularly unfriendly to user mods. The mod community has made some nice texture upgrades for ME3, but to use them with an uncracked ME3 executable requires you to shuffle files around while Origin is running so that it never sees the modified executable (Origin scans and validates executables when you start up a game).
I'm not much of a gamer, but Bioware games are a weakness of mine. I look forward to the day when they're no longer infested with EA's spyware.
Let's just check the scorecard:
- Outbound packet captures showing that Origin is capturing this information? Nope.
- Proof that the Origin client is making a targeted effort to steal information about the user? Nope.
- Indications that Origin is accessing the processes of Firefox or Chrome in any way beyond getting their names? Nope.
- Indications that Origin is potentially capturing any information at all beyond the names of some running processes? Nope.
Cheat detection has been named a couple of times, and that's certainly plausible. I'd imagine ROT13 is used to prevent Origin from being spuriously picked up by antivirus software.
Direct access to the video hardware is the main thing that holds back the virtualization of gaming or other graphics-heavy activities. We desperately need a solution to that.
The problem is COST. These are designed for VDI servers supporting 25/50/100 desktop users not 1 gamer and are priced as enterprise equipment.
A similar thing happened for me with Googleupdate.exe it scanned all my hard drives ... They don't do it any more but I still remove googleupdate.exe every time it magically gets installed on my system.
See slide 21 http://www.slideshare.net/DICEStudio/battlelog-building-scal...
That doesn't mean there isn't any leakage they technically can/can't see. No clue if any of that info gets phoned home.
There is definitely 0 reason that they should be scanning all of the files on your computer and storing them in some sketchy gibberish registry settings. Who knows what else they are looking at.
This is no different then Sony putting rootkits on their audio CD's in order to "prevent piracy". http://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootki...
Can you expand a little bit if you have some knowledge on the subject?
Edit: I did find mention of it on the Wikipedia article about Warden: http://en.wikipedia.org/wiki/Warden_(software)
On 23 June 2010 Blizzard updated the Warden Anti-Cheat Platform to version 2 - named Warden 2.0 - with World of Warcraft Patch 3.3.5.
Warden now scans Warcraft II and III game memory space only, with exception of a few tools.
Obviously it's a Wikipedia article, and no source listed for that claim, so who knows if it's accurate.