Re: Regarding the Use of Third-Party Programs and Player Safety

Quote:

---

Originally Posted by AshtonCrowe

. . But was your stalker cute tho?

/s

---

They were pretty cute.

(It was a long time ago and not as severe as many, I can laugh about it now :p)

Quote:

---

Originally Posted by KairiElise

Just watched the youtube video and wow...dude that made this is clearly a psychopath and all because someone undercut him on the market.

---

After a guy made his own data crawler, scoring system and Google doc because healers were complaining about the state of the role, this does not surprise me in the slightest.

Quote:

---

Originally Posted by PercibelTheren

After a guy made his own data crawler, scoring system and Google doc because healers were complaining about the state of the role, this does not surprise me in the slightest.

---

I FORGOT ABOUT THAT LOOOL

Quote:

---

Originally Posted by PercibelTheren

After a guy made his own data crawler, scoring system and Google doc because healers were complaining about the state of the role, this does not surprise me in the slightest.

---

I also recall that when they got called out for their antics they doubled down and added some sentence that says "Hahahlol if you're upset, I make this because y'all should've just shut up and suck it up ;')" (paraphrased) before that spreadsheet was finally taken down. I do vaguely recall there's somebody archived the spreadsheet for future evidence though.

Only crazy people would act like that, and people are 'okay' to potentially giving these type of people more power? Smh.

man, i forgot about spreadsheet guy. have to imagine if the stalker plugin were around back then they would have used it to connect posters' alts and logs too.

How much do people want to bet that they'll fumble the fix and this problem will still exist after today's maint.

Quote:

---

Originally Posted by ovIm

If someone can code something that clings onto the game to extract data, that individual can also code an addon to Wireshark that filters FFXIV network data and saves it in a nice, readable format. Wireshark openly supports plugins, after all.

Add to the fact that an AntiCheat is a very invasive bit of software with a plethora of problems. What you are not seeing is that implementing an AntiCheat will most likely cause many issues with regular playing folk as well. Imagine the AntiCheat gives a false positive and bans your account. Do you trust Square Enix Support to resolve that, with how they are handling this dilemma right now? What if they buy in an AntiCheat like Denuvo that is proven to be an actual issue with customer PCs, in terms of performance. Too many AC solutions also hook very deep into your computer, running constantly. Just look at all the problems Valorants AntiCheat caused.
Asking for an AntiCheat implementation is literally inviting the devil into your home. What about Steam Deck players, they would be excluded from playing as well.

AntiCheat is literally the worst kind of solution to this problem. I'd rather they implement something properly server side.

---

I am so glad that FF14 is one of the few(er?) online/live-service games that doesn't use anti-cheat. If they ever implement any kernel-level anti-cheat that will be my cue to leave the PC version.
(And I neither want to nor can buy a PS5 in the foreseeable future so once PS4 support is phased out that would be it for me.)

I've decided against playing many fun games because of kernel-level anti-cheat and as much as I still love FF14 this is just something I am not willing to do for SE, especially given their horrendous player and data security policy.

Sorry, but I do not trust this company to implement any kind of "trustworthy" and "secure" anti-cheat if they can't even or don't even want to protect player IDs.

AHAHAHAHAHAHAHAAH

https://bsky.app/profile/notnite.com/post/3lladdcxq5s2h

Quote:

---

Originally Posted by Kazuke_Miso

AHAHAHAHAHAHAHAAH

https://bsky.app/profile/notnite.com/post/3lladdcxq5s2h

---

Ah, so it sounds like they took the approach of encrypting it client-side rather than just removing the client from the equation at all. Remember folks; in cyber security, never trust the client.

Seriously, what were they expecting? They're better off removing account-wide blacklisting and removing any mention of client IDs on the client rather than just obfuscating them. Jackasses may be able to make another character to harass someone, but that's preferable than to let the harasser also know what alts you have. Do they have the job design team doing double duty on cyber security?

Just for my understanding are you talking about the character id or account id?

Quote:

---

Originally Posted by GiR_Zippo

Just for my understanding are you talking about the character id or account id?

---

https://i.imgur.com/FLSUOg8.png

Quote:

---

Originally Posted by Daralii

https://i.imgur.com/FLSUOg8.png

---

It's worse than that. There is a one-to-one mapping from the account ID received on your client to the 'real' account ID. You don't even need to build some relational database to correlate the characters together. They just literally need to figure out the algorithm that obfuscates the ID, and this has already been done. The only question is when the stalking plugin creator will do the same.

Genius level solution!!!

They can't nuke the plugin functionality or the Mare Lamentorum house party crowd (70% of all subs) will be gone. And the self-proclaimed 'top raider' YouTubers who prog content with 50 plugins and XIVcombo autorotation off-camera will also be gone for good.

Not too great for business, eh?

Why am I not surprised that their "fix" is dismantled within 24h. Not only did they see no reason to actually fix it asap, no we just wait for the next patch because duh and now that? Square clearly doesn't care that people get stalked and doesn't care that they're effectively enable stalking with these questionable things. So people are either left being stalked left and right or have to rely on the stalker data to defend themself from said stalkers. Nice move Square! On the other side, looking on the known issues with this patch...I have no faith at all anymore. At this point just hire someone who has actual knowledge on this topic so this can actually get fixed.
Tho actually I am surprised that you failed so spectacularly on fixing this issue. Like cool, the stalkers dont get the actual ID anymore, yet they can still map all your alts and retainers to one account with this altered ID. GGWP nothing changes, you just shifted the problem from Point A to Point B, please look forward to it! :)

This is incompetence. Pure and simple. CBU3 just proved that their technical know-how is simply not up to par.

The "fix" is a joke and half-baked.

Stop having the client do any kind of processing and have it do a simple "isOnAccountBlacklist(Target)" check on the server with a simple yes/no return.

The client should not be seeing IDs AT ALL. Honestly shocked at this.

the level of incompetence on display from these devs, while expected, is still kind of shocking lol. there was only ever one acceptable fix for this entire issue and they still screwed it up. like, did the idea of "stop sending trackable info to clients" just not come up at all?

I was so dead set sure that this would be fixed in this patch to the point of siding with SE in another thread that it would be fixed. Since SURELY you cannot be stupid enough to half-ass it when you've taken heat on it, spoken about it on live letter etc...
Anything reversible will be reversed yet still they do it ????

The "fix" that isn't a fix didn't even need a major patch to implement they just used it to justify blacklist reset or as a patch feature point.

Why does this community have to be so freaking weird that this is even a issue to begin with, we have websites that maintain a profile of you based on your lodestone information history going back years (Past name's, free companies etc... whatever lodestone exposed), plugin's that once more use lodestone to maintain character name changes (It was in the github readme as one of the plugins that inspired it). "Want to be a weirdo ? Come play FFXIV, there's a home for you here !"

Quote:

---

Originally Posted by NaoSen

I was so dead set sure that this would be fixed in this patch to the point of siding with SE in another thread that it would be fixed. Since SURELY you cannot be stupid enough to half-ass it when you've taken heat on it, spoken about it on live letter etc...
Anything reversible will be reversed yet still they do it ????

The "fix" that isn't a fix didn't even need a major patch to implement they just used it to justify blacklist reset or as a patch feature point.

Why does this community have to be so freaking weird that this is even a issue to begin with, we have websites that maintain a profile of you based on your lodestone information history going back years (Past name's, free companies etc... whatever lodestone exposed), plugin's that once more use lodestone to maintain character name changes (It was in the github readme as one of the plugins that inspired it). "Want to be a weirdo ? Come play FFXIV, there's a home for you here !"

---

Honestly I don't think the weird-ness is actually exclusive to XIV, some other communities are just as bad... The only major difference is that Yoshida's stance on third party tools, etc., just allows for these things to go utterly unchecked in broad daylight because heaven forbid we risk upsetting players by taking a hard stance on topics that should have a hard stance. If there were a backbone and if they actually enforced their own ToS, then people wouldn't dare try this stunt, just as they wouldn't in many other games.

Quote:

---

Originally Posted by NaoSen

I was so dead set sure that this would be fixed in this patch to the point of siding with SE in another thread that it would be fixed. Since SURELY you cannot be stupid enough to half-ass it when you've taken heat on it, spoken about it on live letter etc...
Anything reversible will be reversed yet still they do it ????

The "fix" that isn't a fix didn't even need a major patch to implement they just used it to justify blacklist reset or as a patch feature point.

Why does this community have to be so freaking weird that this is even a issue to begin with, we have websites that maintain a profile of you based on your lodestone information history going back years (Past name's, free companies etc... whatever lodestone exposed), plugin's that once more use lodestone to maintain character name changes (It was in the github readme as one of the plugins that inspired it). "Want to be a weirdo ? Come play FFXIV, there's a home for you here !"

---

I was wondering how you felt about this, considering everything that was said before (and admittedly, I was rude about it... sorry!)

For me, this was unfortunately completely within expectations. It took them a second addressing after "kindly stop pls" didn't work and considering the incredibly bad explanations we've had in the past, such as while they were explaining why the hiding players at quest NPCs feature was so limited, I just don't think anyone there really cares. It's often all a bunch of lip service that doesn't really make sense if you have any background in computing.

Just based on the fact that it wasn't a priority for them to fix it ASAP, it was always clear that this wasn't really a concern for them. And it sucks, really. I hate that I'm talking like this about a game that I used to love dearly.

I definitely agree with that last statement, this game is... genuinely inviting to weirdos, and the community is overall very accommodating for it as well.

The stalking plugin was the breaking point for many players who decided to quit recently, yet even that wasn’t enough to make SE take real action. Instead, we got a 'solution' that makes updating the plugin slightly harder.

At this rate, I don’t know what else needs to happen for them to wake up, but I’d rather not be around to see it.

Quote:

---

Originally Posted by Kaurhz

Honestly I don't think the weird-ness is actually exclusive to XIV, some other communities are just as bad... The only major difference is that Yoshida's stance on third party tools, etc., just allows for these things to go utterly unchecked in broad daylight because heaven forbid we risk upsetting players by taking a hard stance on topics that should have a hard stance. If there were a backbone and if they actually enforced their own ToS, then people wouldn't dare try this stunt, just as they wouldn't in many other games.

---

They do enforce their ToS, it's just against players using Ungarmax, someone saying "your DPS sucks", or people posting an ERP party under Other on PF. :rolleyes:

Oh, but against the big boys? No, nah, never.

Quote:

---

Originally Posted by kajv95

Just based on the fact that it wasn't a priority for them to fix it ASAP, it was always clear that this wasn't really a concern for them. And it sucks, really. I hate that I'm talking like this about a game that I used to love dearly.

---

This game genuinely feels like maintenance mode in all but name. The content might as well be pumped out of an AI with how regurgitated and formulaic they are. They're just going through the motions.

Another reason I regret re-subbing to this shittified game just to have fun with a friend. There's no defending this company in any way at this point.

Quote:

---

Originally Posted by MatchaokaCha

Another reason I regret re-subbing to this shittified game just to have fun with a friend. There's no defending this company in any way at this point.

---

Honestly I would never sub to FF14 just to play with a friend lmao. I pretty much only play BG3 or Helldivers 2 with friends right now. Low-key glad none of my friends are interested in FF14 anymore.

Yet another one for the long list of things that were patched without actually being patched. Emote cancels, teleport trading, you name it, it's probably got a workaround in the current version because the game's held together with paperclips and prayers running on PS3/4 architecture.

we really gonna let this get swept under the rug then or

Quote:

---

Originally Posted by VerdeLuck

Just add an anticheat in 8.0 we need it at this rate.

---

Can't wait for that anticheat to ruin normal user experience more than the plugin users, since they ll have one to bypass it.
Not even mentioning the fact, concidering SE poor technical skill when it comes to FF XIV.
It may false flag people using "gaming" peripherals and such or even create performance issues.

I remember anticheat in Elden Ring caused me so many performance issues the only way I could really play it was by getting rid of it and playing offline only. People who pirated it probably had a smoother experience lol

reminder that anticheat will do absolutely nothing to solve this issue.

To be honest, given they can't even get a blacklist function right, I don't even want to know how bad their anti-cheat will be.. Regardless of whether they elect to go for in-house or third-party.

and frankly, anti-cheat wouldn't solve this specific case, and not only that it would be at a serious loss to the game, and the developers know that they stand to actually gain very little from it, and much more to lose.

Quote:

---

Originally Posted by kajv95

we really gonna let this get swept under the rug then or

---

They are deleting every new thread about the stalking plugin now :rolleyes:

Quote:

---

Originally Posted by Wyssahtyn

reminder that anticheat will do absolutely nothing to solve this issue.

---

No, at this point, no. But they don't even bother trying to enforce anything. Even RMT bots barely get banned, once every 2 years if even that.

Hey Square, just a friendly reminder that trying to ignore the problem doesn't make the problem go away. :) Unless you're waiting for actual serious damage to the community and/or individuals because it's not a secret that small parts of this community are rotten to the core. ¯\_(シ)_/¯
It's already bad enough that people have to deal with weirdos who think this is a dating sim or XXX game but having to deal with actual unhealthy obsession from stalkers and worse people? Enough is enough.
Do something about this issue that is not dismantled and laughed at in less than 24h. Like how do you even mess up this badly? QA on vacation? Trainee? Even effing ChatGPT would've done a better job, let that sink in. Also again failing to publicly acknowledge your absolute mess yet again is a pathetic display but not surprising anymore. Hire some external company to fix this if you're incapable of doing so, we don't care, just fix it already. Basically we want to see actual actions and not just hear empty phrases or pure ignorance.


Thank you for coming to my cat-talk.

So the thread that brought awareness that the privacy issue SE claimed to take a priority to fix was not actually fixed in the slightest - got deleted silently? To what end?

They just have a bunch of interns being paid Starbucks gift cards running the game. There's no way they can't find competent talent unless they have crap salaries. That or their management has an ego to uphold.