💬 Discussion | open source gaming section? #871
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#871
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Issue requested at Matrix.
I personally think it may be a bit out of scope, but there is a counter argument on Privacytools also being a search engine, social network, a forum, a Reddit page, a Matrix chat, a git host etc.I was actually coming here to say "no this is not a good idea"
But when I thought it over a bit longer, now I am not so certain :-) There are lots of types of games available nowadays:
simple single-player games that you download and play ... tetris, etc ... but do they contain adverts, trackers, proprietary codebases? End2end crypto only helps if the endpoint-device is not compromised, and often people install games on a whim (sometimes even the same people that are very careful about never-install-random-binary-from-the-internet in most other contexts ... forget their precautions when they need some downtime)
online games, single-player or multiplayer, that you use in your browser ... there is already a section on productivity tools and note-taking tools. This includes fairly simple games such as cardgames, all the way up to massively multiplayer 3D worlds, though sometimes those will fall into the third category because they are not purely-in-the-browser
games that you install onto your local device, which have internet access. MMORPG and similar types of games. These are "just games" but have security ramifications
There are not, to my knowledge, any end2end-encrypted videogames :-) Almost all the games with an online component, purposely make the game-data visible to the world: if you need to encrypt your sekrit game-strategies so the competitors are unable to beat you, I do not thing privacyToolsIO can be of assistance. So the section on gaming, if it were to exist, would not be about keeping in-game-stuff private, such as Discord chats. That said, if there ARE videogames or gaming-systems which implement zero-knowledge servers or mesh player-vs-player networking or signalapp/riotIM/jami instead of Discord, or things along those lines, they would probably be worth calling out. I just don't think they exist.
So the purpose of the gaming-section, at first anyways, would primarily be to find games that are 1) libre-licensed client and if applicable server codebases, which 2) do not have trackers and cookies and other such things when NOT playing the videogame itself, and 3) that are actually fun enough and easy-enough-to-install that people would see them as viable alternative entertainment. This is going to be a pretty rarified list: there are a lot of not-very-fun open source videogames. And there are a lot of fun games packed to the rafters with adverts, trackers, etc.
But I do not think there are many which offer all three things: actually fun, libre license, no adverts and no tracking/disclosure outside the game-data itself. So a small well-curated list of the best most-funnest most-libre least-privacy-invasive games, kinda makes sense. Might be a useful section to encourage people to visit the website... maybe they drop in to find a few games for their children or their nieces or their grandkids (or themselves -- adults like cardgames and such). And then they stick around to skim the rest of the listings, upgrade their browser settings, get an encrypted webmail provider, learn what a VPN is, and so on
As I've said in comments on other discussions, the best thing we can offer is education. Even a game page that was just a bullet point lists of the privacy considerations shared above by @five-c-d would give people some food for thought about how playing games on their devices could compromise their privacy.
The addition of a curated list of fun, privacy-respecting, libre games might produce some human interest stories on sites like Lifehacker, MakeUseOf etc, which could prompt readers to visit PTIO for the first time, and maybe give the site a boost in search engine results. This would be a bonus, on top of the educational value of the page and its contents.
One of the under-sung features of LineageOS is that you can have a secondary-system-profile which you use for gaming and kicking the tires on apps... or maybe for apps you "have" to install because of work or some charity group or whatever, but do not trust.
compartmentalization is a good opsec-topic, which games are a nice way to motivate
Over in your primary-system-profile is where you can keep signalapp (or ahem wireapp) used for serious purposes + protonmail app or tutanota app used for 2FA purposes + firefox that you use to connect to your online banking... and in addition to OS-level process-sandboxing you are also able to get OS-level uid-compartmentalization. Over in the games-area you can install stuff for fun... and what better to install, than the curated listings from privacyToolsIO which are field-tested to be enjoyable :-)
Samsung devices running stock ROMs have a somewhat-similar feature known as SecureFolder (cf SamsungKnox). There is a performance-downside to these sorts of things: the android/AOSP equivalent of fastUserSwitching means that even when not in use, both the primary and the secondary profile (or the NormalPhone and SecureFolder phone) are going to be eating RAM/battlife/etc. This is in addition to the 'usability slowdowns' where you enter the phone-unlock passphrase, have to remember two of them, and so on: this is a bigger hassle than just the normal way people use their phones.
Note that I'm not recommending having an "encrypted part" versus an "unencrypted part" of the smartphone: both primary and secondary should be encrypted. You can install signalapp into both, with distinct telco-nums to register (worknum/landline vs personal cell type of arrangement is my usual recommendation for everyday endusers but personal cell + anonymized Czech-or-Netherlands-or-USA-secondary-phone-num is arguably better). I believe you can install wireapp into one or both, and sync them together... this does not improve compartmentalization obviously but it does alleviate the switching-hassle.
Protonmail in one compartment, Tutanota in the other, is not the worst recommendation... whichever you prefer. Both compartments should have VPN, and ideally firewall+IDS. If you have termux or similar "remote control type" software it would typically only go into the higher-security-compartment, but it depends on your threat-model, you might keep termux with the privacy-respecting games.
Point being, I think that introducing the games-aspect is a reasonably clever way to attract press coverage, an interesting narrative hook that will get endusers to visit, and can lead directly to the core philosophical discussions which will get people thinking/educated.
thought experiment: what if everybody on the internet knew your high score?
To be more specific, what if they could TRACK your high score, and SPY on how good you were, at SPECIFIC videogames? Tetris, in the year 2019, for instance. You have nothing to hide, right, you are a good person, right?
Same question, except instead of asking about their tetris high-score, now we want them to think about the routing-number to their bank account. Or the SSN/SIN of their elderly relative, their middle-schooler, their most profitable customer at work, and so on. Or the test-results from their medical examination: whether they have cancer, whether they have been tentatively diagnosed with mental illness, whether they have an STD, whether they are pregnant. Do you care as much about the IQ/SAT/TOEFL/etc test-results of your child, or your niece, as you do about your high score in tetris? Do you want your steamy love-letters to be stolen by the pornography industry and published for profit? What if they were altered to make it look like you were involved in some kind of [insert taboo or flat out illegal sexual conduct] from what you wrote? What if it was multimedia, rather the love-letters?
Do you trust everyone on the internet with your tetris high score? Do you trust everyone on the internet with your exact geolocation at all times, your and your entire family's financial info, your and your entire family's medical info, intimate photos, political stances, business dealings and customer details at your workplace, and so on? Do you want to upload the faces of your friends and family, for shady strangers to run face-recognition algorithms upon, extract geolocations via EXIF and triangulation trickery, so they can shadow-profile all of humanity? Are you sure you want to install apps which are not privacy-respecting?
And then list some games ;-) Or better yet, give a short blurb at the top: here are some privacy-respecting games, and this matters because "just an app" can have a lot of bad things in it -- spy on your location, sell you out to advertisers, maybe even malware. For more on why a privacy-site lists libre videogames, see below. Here are the top web-based games you play in a browser... here are the top android games... here are the top linux games... here are the top iOS games... here are the top windows games with notes on which are compatible with WINE... etc.
Then at the 'bottom' of the games-page, explain all the philosophy which goes into the listings. Why libre? because even games need auditing, think about whether your messenger [link to listing] is audited/auditable, think about whether your webmail service [link to listing] is audited/auditable, etc. Why does no-trackers no-adverts no-spyware matter? etc. The more I think about this games-listing idea the more I like it
Yes I would say this is out of scope. Gaming is a bit like art so what appeals to one person might not another. Sometimes there are titles I want that are proprietary. That's okay I have a special system just for that, which I consider insecure.
This is one of the reasons why I actually don't game on Linux. My Linux machine is my secure environment, whereas my Windows machine I consider is already compromised.
Where as comparing email providers, vpn providers and instant messenger programs all have the same comparible feature sets.
it was decided that this is out of scope.
Considering how PrivacyTools is operating a MineCraft server I am opening this for reconsideration whether this is has became scopical since August.
There is open source alternative for minecraft.
Minestest is the alternative, you can download a minetest plugin called "mineclone 2" that "transforms" the game in minecraft.
Of course you can set up a server for this minecraft alternative :)
Download Minetest: https://www.minetest.net/
Download Mineclone 2: https://git.minetest.land/Wuzzy/MineClone2/
In my opinion, it would be nice to add an open source games section.
If anything, Lichess is fully open source and they have very good privacy policies, it's not a videogame, but well. Also, GOG is DRM free and there are Itch.io and Game Jolt which both contain a lot of FLOSS videogames and some parts of their websites is also open sourced.
@ tya99
Maybe this could be part of the section on service providers, rather than downloadable software? I can imagine it being useful to evaluate, for example, the privacy implications of using the various online services for playing chess (eg Chess.com vs. Lichess). Even if we only focus on a small subset of very popular games, studying this section could help guide people in evaluating the privacy implications of gaming services we don't mention.
With all the controversy currently surrounding Valorants anti-cheat which essentially runs on ring 0, I think now would be a good time to incorporate a 'gaming' section to the site. Informing more on the subject, what can be done to protect yourself, what anti-cheats have what ring access, etc.
Valorant is not the first game to use an anti-cheat with ring 0 access, it surprises me how people are only freaking out now. I believe Valve tried making VAC into ring 0 a while back but people freaked out, and Valve reverted the decision. There are still other anti-cheats that use ring 0, I believe EasyAntiCheat is one, BattlEye may be? I thought it was ring 3, but I see people saying ring 0, but I also see people saying ring 3. So idk. And I know there's more.
The hard reality is even at ring 0, these anti-cheats really do utter shit, and the games are still loaded with cheaters. Even Valorant is in closed beta and they already have cheaters plus videos of cheaters.
I think it's highly needed to spread this awareness because with games you don't really have a choice. If you don't want it, then you can't even play the game. You can't just "not use it" or "use another anticheat" in the same way you can just not use windows and choose to use linux. It's either gamble and play, or don't play. But if stuff like this starts getting massive awareness and people are informed, it may be reconsidered on a developer side to stop doing shit like this so players don't have to make the choice. The gaming community doesn't really got a lot of love at all when it comes to this stuff, FOSS, privacy, etc. And is usually the hardest thing to deal with and sucks.
I genuinely think it would be great to have a 'Gaming' section added to Privacytools.io's site. Also I am curious if anyone has any similar resources as Privacytools.io but have gaming sections (similar to what I am suggesting is implemented into Privacytoolsio for reading)
What about an "Entertainment" section instead? It could have a broader meaning and therefore give some space for other stuff. I think VLC, Jellyfin, Lichess, and some other applications could fit in there so that it's not so focused on video games since there isn't a truly private place out there.
Related issues:
https://github.com/itchio/itch.io/issues/866
https://github.com/itchio/itch.io/issues/843
https://github.com/veloce/lichobile/issues/1121