ZOS integrated spyware RedShell by mistake, deleted from live, still in PTS folder

President_PUG

Doctordarkspawn wrote: »

WillS1888 wrote: »

xRIVALENx wrote: »

Where did this knowledge come from? Anyone actually check that RedShell.dll is being loaded and called when launching the ESO executable?

No but it would be easy to disable it. Isnt this kinda dangerous since it logs peoples finger prints? A finger print is usually enough to access most peoples personal things in todays world.

...In no way would a program like this log finger prints. It has no ability to.

However, I dislike being spied on. If you wanna know what I buy and why, ZOS, just ask.

“It turns out that every device behaves in a subtly different way when the code on the web page interacts with it, in a manner that’s completely invisible to the user, and this can be used to derive a fingerprint of the device, so the third parties can tell when the same user of the same device is visiting again.”This technique is known as canvas fingerprinting. When one of these scripts is running on a website you visit, it instructs your browser to draw an invisible image. Because every device does it in a unique way, it can be used to assign a number to your machine and effectively track your browsing.
Moral of the Story..Welcome to The Internet Plug in, Chill Out..

billp_ESO

PouletRico wrote: »

karthrag_inak wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

if anyone is interested, the decompiled cpp file for redshell.dll (not the one in /debug/) is available here :

https://nofile.io/f/38euVu05rMw/redshell.cpp

it's not for the faint of heart, particularly since it has embedded library functionality and arcane structuring, but maybe some folks might enjoy attempting to rebuild/reinterpret it.

I'm pretty sure decompiling and sharing code it's something illegal. Or, at least, would infringe any User Aggrements... Just telling tho.

It's a 3rd party program that I did not expressly allow on my machine, and as such, until demonstrated otherwise, I consider it malware. As such, decompiling/analyzing it for its impact and purpose is, as per DCMA 1205(I), considered fair use.

More information can be found here :

http://scholarship.law.marquette.edu/cgi/viewcontent.cgi?article=1087&context=iplr/

I was more concerned about sharing it.

One solution, I think, would be to block the api.readshell.io DNS on outgoing requests (in the windows firewall or a other software). Not sure the game would launch, could give a try tonight.

billp_ESO wrote: »

A couple of questions:

- Are they gathering machine information only? Like what CPU, how much mem, graphics, etc? That would help them figure out what their player base is. That seems totally fine.

- Or are they also gathering your browsing information that has nothing to do with the game? So if you looked up kitten mittens, ZoS would sell that information to marketers?

I think that the purpose of RedShell is to match game user with internet user. Match a player profile with their Facebook profile (for example). So I think that the game is gathering data related to your PC/Game, and then, they use data from Facebook to enrich them and make a whole new profile, having data from your game + from your Facebook profile.

Then I have little to worry about. I don't use Facebook or Google or Twitter. I have no accounts on them that could be linked.

Minno

billp_ESO wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

if anyone is interested, the decompiled cpp file for redshell.dll (not the one in /debug/) is available here :

https://nofile.io/f/38euVu05rMw/redshell.cpp

it's not for the faint of heart, particularly since it has embedded library functionality and arcane structuring, but maybe some folks might enjoy attempting to rebuild/reinterpret it.

I'm pretty sure decompiling and sharing code it's something illegal. Or, at least, would infringe any User Aggrements... Just telling tho.

It's a 3rd party program that I did not expressly allow on my machine, and as such, until demonstrated otherwise, I consider it malware. As such, decompiling/analyzing it for its impact and purpose is, as per DCMA 1205(I), considered fair use.

More information can be found here :

http://scholarship.law.marquette.edu/cgi/viewcontent.cgi?article=1087&context=iplr/

I was more concerned about sharing it.

One solution, I think, would be to block the api.readshell.io DNS on outgoing requests (in the windows firewall or a other software). Not sure the game would launch, could give a try tonight.

billp_ESO wrote: »

A couple of questions:

- Are they gathering machine information only? Like what CPU, how much mem, graphics, etc? That would help them figure out what their player base is. That seems totally fine.

- Or are they also gathering your browsing information that has nothing to do with the game? So if you looked up kitten mittens, ZoS would sell that information to marketers?

I think that the purpose of RedShell is to match game user with internet user. Match a player profile with their Facebook profile (for example). So I think that the game is gathering data related to your PC/Game, and then, they use data from Facebook to enrich them and make a whole new profile, having data from your game + from your Facebook profile.

Then I have little to worry about. I don't use Facebook or Google or Twitter. I have no accounts on them that could be linked.

Those services compile data on you even if you don't have an account.

Ever see a Facebook like button on a page? The website is using a script to record a browser footprint of your activities. Then you get a file created.

PouletRico

billp_ESO wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

if anyone is interested, the decompiled cpp file for redshell.dll (not the one in /debug/) is available here :

https://nofile.io/f/38euVu05rMw/redshell.cpp

it's not for the faint of heart, particularly since it has embedded library functionality and arcane structuring, but maybe some folks might enjoy attempting to rebuild/reinterpret it.

I'm pretty sure decompiling and sharing code it's something illegal. Or, at least, would infringe any User Aggrements... Just telling tho.

It's a 3rd party program that I did not expressly allow on my machine, and as such, until demonstrated otherwise, I consider it malware. As such, decompiling/analyzing it for its impact and purpose is, as per DCMA 1205(I), considered fair use.

More information can be found here :

http://scholarship.law.marquette.edu/cgi/viewcontent.cgi?article=1087&context=iplr/

I was more concerned about sharing it.

One solution, I think, would be to block the api.readshell.io DNS on outgoing requests (in the windows firewall or a other software). Not sure the game would launch, could give a try tonight.

billp_ESO wrote: »

A couple of questions:

- Are they gathering machine information only? Like what CPU, how much mem, graphics, etc? That would help them figure out what their player base is. That seems totally fine.

- Or are they also gathering your browsing information that has nothing to do with the game? So if you looked up kitten mittens, ZoS would sell that information to marketers?

I think that the purpose of RedShell is to match game user with internet user. Match a player profile with their Facebook profile (for example). So I think that the game is gathering data related to your PC/Game, and then, they use data from Facebook to enrich them and make a whole new profile, having data from your game + from your Facebook profile.

Then I have little to worry about. I don't use Facebook or Google or Twitter. I have no accounts on them that could be linked.

The non-exhaustive list (Facebook, Instagram and others big ones aren't listed but still usable):
https://docs.redshell.io/docs/third-party-integration

AdWords = every single Google services (you own an Android phone ?)

karthrag_inak

billp_ESO wrote: »

I have little to worry about. I don't use Facebook or Google or Twitter. I have no accounts on them that could be linked.

do you use a browser? buy tickets/hotels/stuff online? look at blogs or news sites? belong to forums? search on google? all of these mechanisms harvest varying degrees of information that can be easily unioned to form a surprisingly comprehensive and provably (info-theoretically) unique "fingerprint".

This information is like the proverbial "bell" - it cannot be unrung. Ironically, even the new EU restrictions for "the right to be forgotten" require sites to maintain a record of those who wish to be forgotten.

Kuwhar

PouletRico wrote: »

karthrag_inak wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

if anyone is interested, the decompiled cpp file for redshell.dll (not the one in /debug/) is available here :

https://nofile.io/f/38euVu05rMw/redshell.cpp

it's not for the faint of heart, particularly since it has embedded library functionality and arcane structuring, but maybe some folks might enjoy attempting to rebuild/reinterpret it.

I'm pretty sure decompiling and sharing code it's something illegal. Or, at least, would infringe any User Aggrements... Just telling tho.

It's a 3rd party program that I did not expressly allow on my machine, and as such, until demonstrated otherwise, I consider it malware. As such, decompiling/analyzing it for its impact and purpose is, as per DCMA 1205(I), considered fair use.

More information can be found here :

http://scholarship.law.marquette.edu/cgi/viewcontent.cgi?article=1087&context=iplr/

I was more concerned about sharing it.

One solution, I think, would be to block the api.readshell.io DNS on outgoing requests (in the windows firewall or a other software). Not sure the game would launch, could give a try tonight.

billp_ESO wrote: »

A couple of questions:

- Are they gathering machine information only? Like what CPU, how much mem, graphics, etc? That would help them figure out what their player base is. That seems totally fine.

- Or are they also gathering your browsing information that has nothing to do with the game? So if you looked up kitten mittens, ZoS would sell that information to marketers?

I think that the purpose of RedShell is to match game user with internet user. Match a player profile with their Facebook profile (for example). So I think that the game is gathering data related to your PC/Game, and then, they use data from Facebook to enrich them and make a whole new profile, having data from your game + from your Facebook profile.

Dont think that second part is whats going on. If you read redshells policy, its essentialy helping them target specific platforms not tracking you the individual user in order to advertise to you.

In fact i dont see anywhere that it talks about marketing, but more about OS, hardware, and browsers.

That matters when you are budgeting dev teams for PC and MAC for example. If you know that your playerbase is only roughly 10% using a MAC (lol) then you can save a lot by shifting resoures away from it.

Same goes for different CPU, if 80% use intel it would be a smart business decision to focus resources on optimizing it on intel so the majority of your playerbase can enjoy good performance (theoretically)

karthrag_inak

@ZOS_GinaBruno Can we please have an official response on the purpose and capabilities of redshell as it is used by ESO?

Belegnole

karthrag_inak wrote: »

@ZOS_GinaBruno Can we please have an official response on the purpose and capabilities of redshell as it is used by ESO?

No, we want an opt out.

Cpt_Teemo

Kuwhar wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

if anyone is interested, the decompiled cpp file for redshell.dll (not the one in /debug/) is available here :

https://nofile.io/f/38euVu05rMw/redshell.cpp

it's not for the faint of heart, particularly since it has embedded library functionality and arcane structuring, but maybe some folks might enjoy attempting to rebuild/reinterpret it.

I'm pretty sure decompiling and sharing code it's something illegal. Or, at least, would infringe any User Aggrements... Just telling tho.

It's a 3rd party program that I did not expressly allow on my machine, and as such, until demonstrated otherwise, I consider it malware. As such, decompiling/analyzing it for its impact and purpose is, as per DCMA 1205(I), considered fair use.

More information can be found here :

http://scholarship.law.marquette.edu/cgi/viewcontent.cgi?article=1087&context=iplr/

I was more concerned about sharing it.

One solution, I think, would be to block the api.readshell.io DNS on outgoing requests (in the windows firewall or a other software). Not sure the game would launch, could give a try tonight.

billp_ESO wrote: »

A couple of questions:

- Are they gathering machine information only? Like what CPU, how much mem, graphics, etc? That would help them figure out what their player base is. That seems totally fine.

- Or are they also gathering your browsing information that has nothing to do with the game? So if you looked up kitten mittens, ZoS would sell that information to marketers?

I think that the purpose of RedShell is to match game user with internet user. Match a player profile with their Facebook profile (for example). So I think that the game is gathering data related to your PC/Game, and then, they use data from Facebook to enrich them and make a whole new profile, having data from your game + from your Facebook profile.

Dont think that second part is whats going on. If you read redshells policy, its essentialy helping them target specific platforms not tracking you the individual user in order to advertise to you.

In fact i dont see anywhere that it talks about marketing, but more about OS, hardware, and browsers.

That matters when you are budgeting dev teams for PC and MAC for example. If you know that your playerbase is only roughly 10% using a MAC (lol) then you can save a lot by shifting resoures away from it.

Same goes for different CPU, if 80% use intel it would be a smart business decision to focus resources on optimizing it on intel so the majority of your playerbase can enjoy good performance (theoretically)

Might want to read the front page of the webpage again..

https://redshell.io/home

karthrag_inak

Kuwhar wrote: »

Dont think that second part is whats going on. If you read redshells policy, its essentialy helping them target specific platforms not tracking you the individual user in order to advertise to you.

In fact i dont see anywhere that it talks about marketing, but more about OS, hardware, and browsers.

That matters when you are budgeting dev teams for PC and MAC for example. If you know that your playerbase is only roughly 10% using a MAC (lol) then you can save a lot by shifting resoures away from it.

Same goes for different CPU, if 80% use intel it would be a smart business decision to focus resources on optimizing it on intel so the majority of your playerbase can enjoy good performance (theoretically)

From the privacy policy :

The data collected by the SDK includes information such as IP address, SDK version, anonymized User ID, timestamp, Developer API Key, OS version, screen resolution, timezone, system language, installed fonts, installed web browsers, and in-game events. Player’s data collected by the Red Shell platform is presented to our Customers to analyze the performance of their marketing and the performance of their game.

you can establish a unique fingerprint of a user purely from their browser configuration and installed fonts. that is what redshell is doing.

https://panopticlick.eff.org/about

pod88kk

Does this affect console players?

Kuwhar

Cpt_Teemo wrote: »

Kuwhar wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

if anyone is interested, the decompiled cpp file for redshell.dll (not the one in /debug/) is available here :

https://nofile.io/f/38euVu05rMw/redshell.cpp

it's not for the faint of heart, particularly since it has embedded library functionality and arcane structuring, but maybe some folks might enjoy attempting to rebuild/reinterpret it.

I'm pretty sure decompiling and sharing code it's something illegal. Or, at least, would infringe any User Aggrements... Just telling tho.

It's a 3rd party program that I did not expressly allow on my machine, and as such, until demonstrated otherwise, I consider it malware. As such, decompiling/analyzing it for its impact and purpose is, as per DCMA 1205(I), considered fair use.

More information can be found here :

http://scholarship.law.marquette.edu/cgi/viewcontent.cgi?article=1087&context=iplr/

I was more concerned about sharing it.

One solution, I think, would be to block the api.readshell.io DNS on outgoing requests (in the windows firewall or a other software). Not sure the game would launch, could give a try tonight.

billp_ESO wrote: »

A couple of questions:

- Are they gathering machine information only? Like what CPU, how much mem, graphics, etc? That would help them figure out what their player base is. That seems totally fine.

- Or are they also gathering your browsing information that has nothing to do with the game? So if you looked up kitten mittens, ZoS would sell that information to marketers?

I think that the purpose of RedShell is to match game user with internet user. Match a player profile with their Facebook profile (for example). So I think that the game is gathering data related to your PC/Game, and then, they use data from Facebook to enrich them and make a whole new profile, having data from your game + from your Facebook profile.

Dont think that second part is whats going on. If you read redshells policy, its essentialy helping them target specific platforms not tracking you the individual user in order to advertise to you.

In fact i dont see anywhere that it talks about marketing, but more about OS, hardware, and browsers.

That matters when you are budgeting dev teams for PC and MAC for example. If you know that your playerbase is only roughly 10% using a MAC (lol) then you can save a lot by shifting resoures away from it.

Same goes for different CPU, if 80% use intel it would be a smart business decision to focus resources on optimizing it on intel so the majority of your playerbase can enjoy good performance (theoretically)

Might want to read the front page of the webpage again..

https://redshell.io/home

Fair point, i mis-spoke. I meant i didnt see anywhere that it will be used for marketing.

Its used to measure the performance of THIER marketing, not used FOR marketing purposes.

Two very different things.

Cpt_Teemo

Kuwhar wrote: »

Cpt_Teemo wrote: »

Kuwhar wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

if anyone is interested, the decompiled cpp file for redshell.dll (not the one in /debug/) is available here :

https://nofile.io/f/38euVu05rMw/redshell.cpp

it's not for the faint of heart, particularly since it has embedded library functionality and arcane structuring, but maybe some folks might enjoy attempting to rebuild/reinterpret it.

I'm pretty sure decompiling and sharing code it's something illegal. Or, at least, would infringe any User Aggrements... Just telling tho.

It's a 3rd party program that I did not expressly allow on my machine, and as such, until demonstrated otherwise, I consider it malware. As such, decompiling/analyzing it for its impact and purpose is, as per DCMA 1205(I), considered fair use.

More information can be found here :

http://scholarship.law.marquette.edu/cgi/viewcontent.cgi?article=1087&context=iplr/

I was more concerned about sharing it.

One solution, I think, would be to block the api.readshell.io DNS on outgoing requests (in the windows firewall or a other software). Not sure the game would launch, could give a try tonight.

billp_ESO wrote: »

A couple of questions:

- Are they gathering machine information only? Like what CPU, how much mem, graphics, etc? That would help them figure out what their player base is. That seems totally fine.

- Or are they also gathering your browsing information that has nothing to do with the game? So if you looked up kitten mittens, ZoS would sell that information to marketers?

I think that the purpose of RedShell is to match game user with internet user. Match a player profile with their Facebook profile (for example). So I think that the game is gathering data related to your PC/Game, and then, they use data from Facebook to enrich them and make a whole new profile, having data from your game + from your Facebook profile.

Dont think that second part is whats going on. If you read redshells policy, its essentialy helping them target specific platforms not tracking you the individual user in order to advertise to you.

In fact i dont see anywhere that it talks about marketing, but more about OS, hardware, and browsers.

That matters when you are budgeting dev teams for PC and MAC for example. If you know that your playerbase is only roughly 10% using a MAC (lol) then you can save a lot by shifting resoures away from it.

Same goes for different CPU, if 80% use intel it would be a smart business decision to focus resources on optimizing it on intel so the majority of your playerbase can enjoy good performance (theoretically)

Might want to read the front page of the webpage again..

https://redshell.io/home

Fair point, i mis-spoke. I meant i didnt see anywhere that it will be used for marketing.

Its used to measure the performance of THIER marketing, not used FOR marketing purposes.

Two very different things.

True, but knowing big companies its the later.

yodased

edit your host file on windows

Press the Windows key.
Type Notepad in the search field.
In the search results, right-click Notepad and select Run as administrator.
From Notepad, open the following file: c:\Windows\System32\Drivers\etc\hosts.
Make the necessary changes to the file.
Click File > Save to save your changes.

add

0.0.0.0 api.redshell.io

at the bottom

This will block traffic from your computer to that server. You can block it from reporting through your modem or your router as well.

This is one of the main reasons that I'm gone too.

Kuwhar

"you can establish a unique fingerprint of a user purely from their browser configuration and installed fonts. that is what redshell is doing"

In that privacy policy it says: installed browsers.

Not browser configurations. Just what browsers you have installed.

They arent trying to target and track specific users to try and sell you stuff, thats my only point.

Marginis

Kuwhar wrote: »

Cpt_Teemo wrote: »

Kuwhar wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

if anyone is interested, the decompiled cpp file for redshell.dll (not the one in /debug/) is available here :

https://nofile.io/f/38euVu05rMw/redshell.cpp

it's not for the faint of heart, particularly since it has embedded library functionality and arcane structuring, but maybe some folks might enjoy attempting to rebuild/reinterpret it.

I'm pretty sure decompiling and sharing code it's something illegal. Or, at least, would infringe any User Aggrements... Just telling tho.

It's a 3rd party program that I did not expressly allow on my machine, and as such, until demonstrated otherwise, I consider it malware. As such, decompiling/analyzing it for its impact and purpose is, as per DCMA 1205(I), considered fair use.

More information can be found here :

http://scholarship.law.marquette.edu/cgi/viewcontent.cgi?article=1087&context=iplr/

I was more concerned about sharing it.

One solution, I think, would be to block the api.readshell.io DNS on outgoing requests (in the windows firewall or a other software). Not sure the game would launch, could give a try tonight.

billp_ESO wrote: »

A couple of questions:

- Are they gathering machine information only? Like what CPU, how much mem, graphics, etc? That would help them figure out what their player base is. That seems totally fine.

- Or are they also gathering your browsing information that has nothing to do with the game? So if you looked up kitten mittens, ZoS would sell that information to marketers?

I think that the purpose of RedShell is to match game user with internet user. Match a player profile with their Facebook profile (for example). So I think that the game is gathering data related to your PC/Game, and then, they use data from Facebook to enrich them and make a whole new profile, having data from your game + from your Facebook profile.

Dont think that second part is whats going on. If you read redshells policy, its essentialy helping them target specific platforms not tracking you the individual user in order to advertise to you.

In fact i dont see anywhere that it talks about marketing, but more about OS, hardware, and browsers.

That matters when you are budgeting dev teams for PC and MAC for example. If you know that your playerbase is only roughly 10% using a MAC (lol) then you can save a lot by shifting resoures away from it.

Same goes for different CPU, if 80% use intel it would be a smart business decision to focus resources on optimizing it on intel so the majority of your playerbase can enjoy good performance (theoretically)

Might want to read the front page of the webpage again..

https://redshell.io/home

Fair point, i mis-spoke. I meant i didnt see anywhere that it will be used for marketing.

Its used to measure the performance of THIER marketing, not used FOR marketing purposes.

Two very different things.

As someone with a background in marketing, I find it advisable to think about any wording on their site like a lawyer would. Try your best to find the loopholes, and be careful that you understand the bare minimum that they hold themselves to. The spirit of the words is not a thing when it comes to business like this.

PouletRico

Kuwhar wrote: »

Cpt_Teemo wrote: »

Kuwhar wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

PouletRico wrote: »

karthrag_inak wrote: »

if anyone is interested, the decompiled cpp file for redshell.dll (not the one in /debug/) is available here :

https://nofile.io/f/38euVu05rMw/redshell.cpp

it's not for the faint of heart, particularly since it has embedded library functionality and arcane structuring, but maybe some folks might enjoy attempting to rebuild/reinterpret it.

I'm pretty sure decompiling and sharing code it's something illegal. Or, at least, would infringe any User Aggrements... Just telling tho.

It's a 3rd party program that I did not expressly allow on my machine, and as such, until demonstrated otherwise, I consider it malware. As such, decompiling/analyzing it for its impact and purpose is, as per DCMA 1205(I), considered fair use.

More information can be found here :

http://scholarship.law.marquette.edu/cgi/viewcontent.cgi?article=1087&context=iplr/

I was more concerned about sharing it.

One solution, I think, would be to block the api.readshell.io DNS on outgoing requests (in the windows firewall or a other software). Not sure the game would launch, could give a try tonight.

billp_ESO wrote: »

A couple of questions:

- Are they gathering machine information only? Like what CPU, how much mem, graphics, etc? That would help them figure out what their player base is. That seems totally fine.

- Or are they also gathering your browsing information that has nothing to do with the game? So if you looked up kitten mittens, ZoS would sell that information to marketers?

I think that the purpose of RedShell is to match game user with internet user. Match a player profile with their Facebook profile (for example). So I think that the game is gathering data related to your PC/Game, and then, they use data from Facebook to enrich them and make a whole new profile, having data from your game + from your Facebook profile.

Dont think that second part is whats going on. If you read redshells policy, its essentialy helping them target specific platforms not tracking you the individual user in order to advertise to you.

In fact i dont see anywhere that it talks about marketing, but more about OS, hardware, and browsers.

That matters when you are budgeting dev teams for PC and MAC for example. If you know that your playerbase is only roughly 10% using a MAC (lol) then you can save a lot by shifting resoures away from it.

Same goes for different CPU, if 80% use intel it would be a smart business decision to focus resources on optimizing it on intel so the majority of your playerbase can enjoy good performance (theoretically)

Might want to read the front page of the webpage again..

https://redshell.io/home

Fair point, i mis-spoke. I meant i didnt see anywhere that it will be used for marketing.

Its used to measure the performance of THIER marketing, not used FOR marketing purposes.

Two very different things.

And who do you think pay for that technology ? Marketers obviously, to have insights on how they should sell/advertise their games (on which platforms, which age/gender etc...). It's basic marketing, who bought my games the last month, I'm going to target the same type of persons the next month.

yodased wrote: »

edit your host file on windows

Press the Windows key.
Type Notepad in the search field.
In the search results, right-click Notepad and select Run as administrator.
From Notepad, open the following file: c:\Windows\System32\Drivers\etc\hosts.
Make the necessary changes to the file.
Click File > Save to save your changes.

add

0.0.0.0 api.redshell.io

at the bottom

This will block traffic from your computer to that server. You can block it from reporting through your modem or your router as well.

This is one of the main reasons that I'm gone too.

Awesome, does the game starts without errors ?

Minno

yodased wrote: »

edit your host file on windows

Press the Windows key.
Type Notepad in the search field.
In the search results, right-click Notepad and select Run as administrator.
From Notepad, open the following file: c:\Windows\System32\Drivers\etc\hosts.
Make the necessary changes to the file.
Click File > Save to save your changes.

add

0.0.0.0 api.redshell.io

at the bottom

This will block traffic from your computer to that server. You can block it from reporting through your modem or your router as well.

This is one of the main reasons that I'm gone too.

I'm here till the new fallout MMO not made by zos comes out.

Valkysas154

The wording is a bit fishy to me

such as

includes information such as

On there policy, I would like to now Every thing being sent and collected and not just some of it.

N00BxV1

Belegnole wrote: »

karthrag_inak wrote: »

@ZOS_GinaBruno Can we please have an official response on the purpose and capabilities of redshell as it is used by ESO?

No, we want an opt out.

https://redshell.io/optout

I haven’t tried it but there it is.

karthrag_inak

Kuwhar wrote: »

"you can establish a unique fingerprint of a user purely from their browser configuration and installed fonts. that is what redshell is doing"

In that privacy policy it says: installed browsers.

Not browser configurations. Just what browsers you have installed.

They arent trying to target and track specific users to try and sell you stuff, thats my only point.

did you ignore everything else i posted? installed browsers infers browser configuration. this isn't some big secret maneuver - it's been around for a while, as was listed in the link I posted; and they aren't operating in a vacuum, they are scraping info to sell, because this information is valuable to many people. Ever wonder how google and facebook can not only operate, but seemingly make billions of dollars, when they don't seem to sell anything? They are the two biggest names in a vast ocean of companies that make millions of dollars selling information about individuals' online behavior. I used to work for one as a data scientist.

Belegnole

N00BxV1 wrote: »

Belegnole wrote: »

karthrag_inak wrote: »

@ZOS_GinaBruno Can we please have an official response on the purpose and capabilities of redshell as it is used by ESO?

No, we want an opt out.

https://redshell.io/optout

I haven’t tried it but there it is.

Sorry, but I mean from ZOS as they put the spyware into their software.

Kuwhar

karthrag_inak wrote: »

Kuwhar wrote: »

"you can establish a unique fingerprint of a user purely from their browser configuration and installed fonts. that is what redshell is doing"

In that privacy policy it says: installed browsers.

Not browser configurations. Just what browsers you have installed.

They arent trying to target and track specific users to try and sell you stuff, thats my only point.

did you ignore everything else i posted? installed browsers infers browser configuration. this isn't some big secret maneuver - it's been around for a while, as was listed in the link I posted; and they aren't operating in a vacuum, they are scraping info to sell, because this information is valuable to many people. Ever wonder how google and facebook can not only operate, but seemingly make billions of dollars, when they don't seem to sell anything? They are the two biggest names in a vast ocean of companies that make millions of dollars selling information about individuals' online behavior. I used to work for one as a data scientist.

Uh, i quoted what you said in its entirety. If you meant past posts then.... sorry lots of posts in here.

Why would "installed browsers" imply "browser configurations"?

So does ZOS use these uniquely identifying techniques on the main site? If not, why not? More people have visited the site than have downloaded the game right? Wouldnt it make more sense to track people who didnt buy the game and try to sell to them specifically?

Are you implying that they are using this service to track your every move on the web? Or to somehow uniquely identify you for marketing purposes?

I know all about facebook and google, and yahoo, and microsoft, and apple, and verizon, att, etc etc etc.

I just love the irony of everyone getting crazy about aggregate anonymous information gathering, while using Windows OS which gather far more personal info on a much larger scale.

I assume everyone here complaining clears their cookies and cache whenever they end a browser session?

Just stop trying to attach some nefarious intentions behind this.

Alinhbo_Tyaka

Bucky Balls wrote: »

It does not launch if you run eso64.exe directly. I suspect - but do not know - that this library exists simply to generate machine specific debug data for game crashes and report it.

Incidentally, I bought my game via steam but never use either steam nor the eso launcher (except for patching) to launch the game.

Yes it does. I skip the ESO launcher is redshell was loaded as part of eso64.exe processing. You can see it if you use ProcessExplorer to display the dll's loaded by the game.

Someone said they were successful blocking the redshell call home in their hosts file. What hostname or ip address is it using? If you don't want to divulge that's fine I'll just setup a sniffer.

Aebaradath

ZOS wants to spy on me and learn about my super secret pr0nz?

Fine. Maybe they can give some suggestions.

karthrag_inak

Kuwhar wrote: »

I know all about facebook and google, and yahoo, and microsoft, and apple, and verizon, att, etc etc etc.

I just love the irony of everyone getting crazy about aggregate anonymous information gathering, while using Windows OS which gather far more personal info on a much larger scale.

I assume everyone here complaining clears their cookies and cache whenever they end a browser session?

Just stop trying to attach some nefarious intentions behind this.

apparently you don't know "all about" any of those you mentioned, if you think that clearing your cache and your cookies is a meaningful remedy. You can build a unique online id/profile without any cookie data whatsoever, as I posted above, and that's with desktop browsers. It's even easier with mobile devices, which include timestamped geolocation information in every packet.

and there's nothing ironic about pointing this out. those of us doing so probably are more than aware, and have taken all necessary and appropriate steps to remedy, windows' built in telemetry gathering. don't ascribe to others ignorance that you exhibit. in fact, perhaps you out to attempt to enlighten yourself instead of dismissing something you obviously have minimal understanding of?

ADarklore

For those who keep claiming, like they have so many times before, that they are leaving the game because of (insert here whatever it is this time)... PLEASE leave the game completely, including the forums; I, like so many others, grow tired of all the negative nancies bemoaning every little thing that ZOS does.

Syncronaut

Thank you for telling us this. I will have a word with this company (shell).

Alinhbo_Tyaka

karthrag_inak wrote: »

if anyone is interested, the decompiled cpp file for redshell.dll (not the one in /debug/) is available here :

https://nofile.io/f/38euVu05rMw/redshell.cpp

it's not for the faint of heart, particularly since it has embedded library functionality and arcane structuring, but maybe some folks might enjoy attempting to rebuild/reinterpret it.

Thanks this should help. I was thinking of compiling my own redshell.dll that is just a return(0) to work around the problem.

Aebaradath

ADarklore wrote: »

For those who keep claiming, like they have so many times before, that they are leaving the game because of (insert here whatever it is this time)... PLEASE leave the game completely, including the forums; I, like so many others, grow tired of all the negative nancies bemoaning every little thing that ZOS does.

Hold up there. You forgot the most important thing: Give us their stuff.