I’ll post Epic Games response in the thread here also.<p>———————————<p>We use a tracking pixel (tracking.js) for our Support-A-Creator program so we can pay creators. We also track page statistics.<p>The launcher sends a hardware survey (CPU, GPU, and the like) at a regular interval as outlined in our privacy policy(see the “Information We Collect or Receive” section). You can find the code here.<p>The UDP traffic highlighted in this post is a launcher feature for communication with the Unreal Editor. The source of the underlying system is available on github.<p>The majority of the launcher UI is implemented using web technology that is being rendered by Chromium (which is open source). The root certificate and cookie access mentioned above is a result of normal web browser start up.<p>The launcher scans your active processes to prevent updating games that are currently running. This information is not sent to Epic.<p>We only import your Steam friends with your explicit permission. The launcher makes an encrypted local copy of your localconfig.vdf Steam file. However information from this file is only sent to Epic if you choose to import your Steam friends, and then only hashed ids of your friends are sent and no other information from the file.<p>Epic is controlled by Tim Sweeney. We have lots of external shareholders, none of whom have access to customer data.<p>Daniel Vogel
VP of Engineering
Epic Games Inc.
I bought Metro Exodus on Epic Games recently. It was my second experience outside of playing Fortnite on PC.<p>I completely understand why people do not want to pay the Steam tax, but the Epic launcher is a scummy experience. Steam is popular and has a loud following because it does not make unethical choices that annoy users. I have no issue installing multiple launchers, either, but I don't want something running on my system that operates in an unethical manor. And it's tiring how common it is for companies to operate in this way, so we, as users, have to scrutinize their behavior heavily.<p>For example:<p>1) By default, the Epic launcher appears to advertise "free games" via Windows notification (popups). I never deliberately opted in to this. When I first saw the notification, I was certain I had some sort of spyware on my system. It looked like a spammy advertisement you see in free mobile games. I don't believe even EA/ORIGIN has been gutsy enough to try something like this.<p>2) Epic launcher defaults to starting when Windows starts. I never explicitly opted in to this. I'm sure I "affirmed" this somehow via some kind of user agreement, but I don't ever remember seeing an explicit option.
I just attempted to sign up with Epic. Only my email address had already been signed up. I used the password reset and took over the account. No games just setup with a strange name and in Thailand. Now I can’t buy games because of the country. I can’t change country. Support wants a photo of my passport, that’s not happening, to change country.<p>I found an article showing many email addresses had been signed up in the same way. Epic was not validating email addresses.<p>They’ve lost my business.
The fact that they even mess with files outside their directory means any answer they give is ingenuous.<p>Some other steam games have much worse behavior. The EULA you had to accept for Square Enix games was so horrible that I have games purchased on my system that I will not play. I should probably ask steam for a refund.<p>If you want an interesting book to read, I recommend Dan Ariely's "The honest truth about dishonesty".<p>In particular, license agreements seem to work like disclosure he mentions. The way it works is that there is a veneer of justification that allows for all sorts of unethical behavior.
Note that the original reddit thread[1] is pretty suspect and alarmist. The OP is clearly inexperienced with the process inspection tools they are playing around with. They complain about the launcher using minified JS, opening dlls, and checking root certificates among other things all of which are very normal things for a desktop application to do.<p>[1]<a href="https://www.reddit.com/r/PhoenixPoint/comments/b0rxdq/epic_game_store_spyware_tracking_and_you/" rel="nofollow">https://www.reddit.com/r/PhoenixPoint/comments/b0rxdq/epic_g...</a>
I don't see what's wrong with this if they asked for permission first. I gave access to Epic Games to collect info on who my steam friends are so I could play Apex with them.
I don't know if it was in response to this debacle, but Epic Games have published a public roadmap for the Epic Games launcher on Trello:<p><a href="https://trello.com/b/GXLc34hk/epic-games-store-roadmap" rel="nofollow">https://trello.com/b/GXLc34hk/epic-games-store-roadmap</a>
On a related note, Steam could (should?) also encrypt that data on disk, using a key derived from your Steam account ID (not your Steam password, because you may need to change the password), so that no other process can snoop on your Steam profile without your explicit consent to begin with.
Why I'm not surprised some people are already defending or at least minimizing this?<p>I certainly don't want one program snooping data from other installed programs without my explicit permission.<p>And this explains how Galyonkin knew how much of the Fortnite players had Steam installed and, specifically, were using it on a regular basis.
There's also this annoying problem with the launcher multicasting stuff on network constantly.<p><a href="https://www.epicgames.com/fortnite/forums/bug-reports/battle-royale-aa/455395-aggressive-multicasting" rel="nofollow">https://www.epicgames.com/fortnite/forums/bug-reports/battle...</a>
I mean, they're owned by Tencent and have zero experience with this outside of Fortnite. Pretty much what I expected to happen (not this specific gaffe but in general).<p>About what I expected. Say what you want about Steam but they made most of their most dumbass mistakes years ago and learned from them.