Page 1 of 2 12 LastLast
Results 1 to 20 of 21
  1. Default Nexon's latest privacy transgression

    After yesterday's update, I took a closer look at the MapleStory client, as I usually do. This time, however, I noticed an anomaly: After connecting to a channel server, the client sends huge chunks of data (several kilobytes) to the server. While it is normal that there is much traffic directly after the connection was established, it's usually the server that sends much information (character data, keymaps, and all kinds of other things) to the client.

    I took a closer look at the data being sent and found this:

    The client sends a list with the paths of ALL running processes to the server. They split the list into several packets that are sized around 2000 bytes, and depending on your system configuration, about 5-6 such packets are sent. I find this highly intrusive - technically it's none of Nexon's business what kind of software I am running on my system. I'm fine with local checks (like HackShield's), but sending everything to the server, where they quite possibly save it, is a wholly different matter. Sadly, their Privacy Policy allows them to do just this - true to the motto "If you play our game we are allowed to log everything that takes place on your computer."

    You might think HackShield has always done this - it has not. While it is true that HS collects the same kind of information (and more), they just store it in their encrypted log files. Nothing of it is sent anywhere, unless you use their AhnReport utility.

    If you're interested in some technical information, here's what I collected:

    They want to achieve two things:
    1) Find out if the game executable (not its memory!) has been tampered with. This is only the case when the client has been unpacked, and only few people are able to do this nowadays.
    2) Find out if malicious processes are being executed, for example trainers.

    In the end it's just another failed measure in an endless row of useless security checks. It's a piece of cake for both target groups to disable/fake this data, so there's only one victim: The players, because their privacy is compromised. Maybe they'll reconsider sending these packets when enough people complain.

  2. Default Re: Nexon's latest privacy transgression

    Sure they are allowed to due to agreeing to terms of service but I'd rather not have my running processes stored on server for who knows how long. I don't get why they think this will help, either. It is pretty much just a local scan, just done remotely. If they can work around a program meant to scan your computer for illicit content, I'm sure they can stop or edit the sending of a packet to a remote server to do that same thing.
    Last edited by SaptaZapta; 2013-09-06 at 02:12 PM. Reason: cleaner

  3. Default Re: Nexon's latest privacy transgression

    Was hoping it would be a bit longer before this submerged, but as it has so will answer any questions to avoid misinformation.

    If the information about the processes / data collected is properly encrypted it would make it much safer for players and would no longer be readable. I can say that the issue is at least being monitored / looked into for the time being.

    It is only collected once when going on a character, not throughout being connected. If you feel that it's exposing your privacy or wish for an application to not be monitored, just open it after this point. It is mainly to see what is currently opened when you're first launching MapleStory likely to check for hacking clients and other malicious tools.

  4. Default Re: Nexon's latest privacy transgression

    Sure, the sending of the data not encrypted is even worse, but for a lot of players, myself included, would rather not have it stored on a server. Especially when they have a local scan that is grabbing the exact same information, but it stays local. Just seems like an extra, unneeded security step that is just going to cause people to "hack" or straight up quit. People enjoy their privacy.

  5. Orbital Bee Cannon
    IGN: SaptaZapta
    Server: Kradia
    Level: 232
    Job: Hero
    Guild: Matriarchy
    Alliance: Dominion

    Default Re: Nexon's latest privacy transgression

    Friendly reminder:

    Point Value: 2 points
    Definition: "The posting of information regarding how-to's on private servers or hacking."
    Additional comment: You can discuss the effects of private servers or hacks on the community. You can also discuss the basic premise of how and why the hack works. You cannot discuss how to perform hacks or link to places where hacks can be found. You cannot discuss how to set up a private server.

    Point Value: 16 points (Permanent Ban)
    Definition: "Posting that you are or you have hacked any online game."
    Additional comment: Known hackers from other forums are not banned on sight here. We, as admins and mods, cannot police every person that enters the site based on their behavior across the entire internet. We deal with what happens here, and that doesn't include extensive background checks on registering and lifelong monitoring thereafter. If a person is stupid enough to say, "I am a hacker", then he deserves a banning. This also includes people who post pictures where it's readily obvious the user hacked the game. Use of the Robin Hood Defense (hacking for the public good) will be determined by moderators.

    Just to be clear: interfering with the normal operation of the client, or its communication with the server, is "hacking" for the purposes of the above rules.

  6. Default Re: Nexon's latest privacy transgression

    Was unaware posting about basic knowledge on networking and packet structure/handling was saying how to preform any sort of hacking, but my apologies. Also, not really sure as to why the second part of the post was edited out, seemed like a harmless inquiry about the topic at hand but alright, my bad.

  7. Default Re: Nexon's latest privacy transgression

    Honestly i don't see a problem unless these "huge chunks of data" actually impact your connectivity and it doesn't look like it.

    Inb4 Nexon uses it to check for keylogging for compensation.

    Do you proofread what you post on the internet? Just wondering.

  8. Default Re: Nexon's latest privacy transgression

    I don't get why you think you can speak behalf of nexon, you didn't even know those notes were half finished and put southperry in a bad spot. You just no longer can speak with authority, especially when your credibility has been put into question twice now :| 3 times for certain people.


  9. Default Re: Nexon's latest privacy transgression


  10. Default Re: Nexon's latest privacy transgression

    The silly thing is that the extra server load from this info being sent probably costs more than just hiring GMs that will actually do something. And of course it's a lot less effective too.

  11. Default Re: Nexon's latest privacy transgression

    I feel like I should throw this in now as well:

    Tyler, pomegranate means shit. Shit. "To be a Pomegranate" literally translates to "To be a Shit".

  12. Default Re: Nexon's latest privacy transgression



  14. Default Re: Nexon's latest privacy transgression

    This is getting interesting...


  16. Default Re: Nexon's latest privacy transgression

    That's totally solid! Theres no way we can bypass that! Said no hacker ever.

    The people this is out to catch will strip the measure away before it can log the first 50 culprits.

  17. Default Re: Nexon's latest privacy transgression

    I can't help but think that none of this will end well.

  18. Default Re: Nexon's latest privacy transgression

    A mental breakdown or worse.


  19. Default Re: Nexon's latest privacy transgression


  20. Default Re: Nexon's latest privacy transgression

    Shouldn't it be like emerge rather than submerge since it has been ya whatever



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts