Posted December 30, 2014
PirateNeilsouth
New User
PirateNeilsouth Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Sep 2008
From United Kingdom
Ganni1987
'My Rewards' is DRM
Ganni1987 Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Sep 2011
From Malta
Posted December 30, 2014
Gowor: Wow
When I left this thread, my last words were that I'll try to get "Wine mode" nogui switch working again, and one paragraph before - that I'm open to ideas that could be implemented. Thanks for some by the way.
After partially debugging the Wine fix, I returned to this thread, and noticed that it escalated quite a bit overnight.
While I'm open to ideas (and I implemented some requested changes before, like the way Foxit is installed), I'm only a programmer, not a PR person. I'm afraid in this situation I cannot continue this discussion. Sorry, it doesn't mean I don't care about this issue, but I’m here to write code and I wouldn’t like to be misunderstood.
As Benanov said, you might want to get the PR team ready. When I left this thread, my last words were that I'll try to get "Wine mode" nogui switch working again, and one paragraph before - that I'm open to ideas that could be implemented. Thanks for some by the way.
After partially debugging the Wine fix, I returned to this thread, and noticed that it escalated quite a bit overnight.
While I'm open to ideas (and I implemented some requested changes before, like the way Foxit is installed), I'm only a programmer, not a PR person. I'm afraid in this situation I cannot continue this discussion. Sorry, it doesn't mean I don't care about this issue, but I’m here to write code and I wouldn’t like to be misunderstood.
It isn't something such as "gog games being distributed with malware on torrents" that is making news, but this very encryption itself, here: http://www.gamingonlinux.com/articles/gogs-installer-encryption-proving-to-be-difficult-for-linux-users.4761
Might I add, that GamingonLinux.com is probably the best Linux gaming site around. I know you didn't intend to create this situation but this is exactly what happens when you force an unneeded protection in someone's throat.
If I was you, I'd get that password off and try something different, like the community has proposed in the past few pages.
Post edited December 30, 2014 by Ganni1987
Dalswyn
Xi Jinping = Winnie-the-Pooh Moron
Dalswyn Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Mar 2009
From Taiwan
Posted December 30, 2014
Gowor: Wow
When I left this thread, my last words were that I'll try to get "Wine mode" nogui switch working again, and one paragraph before - that I'm open to ideas that could be implemented. Thanks for some by the way.
After partially debugging the Wine fix, I returned to this thread, and noticed that it escalated quite a bit overnight.
While I'm open to ideas (and I implemented some requested changes before, like the way Foxit is installed), I'm only a programmer, not a PR person. I'm afraid in this situation I cannot continue this discussion. Sorry, it doesn't mean I don't care about this issue, but I’m here to write code and I wouldn’t like to be misunderstood.
Cheer up. :) When I left this thread, my last words were that I'll try to get "Wine mode" nogui switch working again, and one paragraph before - that I'm open to ideas that could be implemented. Thanks for some by the way.
After partially debugging the Wine fix, I returned to this thread, and noticed that it escalated quite a bit overnight.
While I'm open to ideas (and I implemented some requested changes before, like the way Foxit is installed), I'm only a programmer, not a PR person. I'm afraid in this situation I cannot continue this discussion. Sorry, it doesn't mean I don't care about this issue, but I’m here to write code and I wouldn’t like to be misunderstood.
The technical details are beyond my current abilities, and therefore I don't understand some points of the debate, but let me just tell you it is nice to see one of Gog's programmers post on the forums and explain things. IMHO, people should calm down and discuss. Gowor's proven that Gog design is open to user input. Let them consider your advise, no need to flare up.
Post edited December 30, 2014 by Dalswyn
Klumpen0815
+91
Klumpen0815 Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Dec 2012
From Germany
Posted December 30, 2014
What exactly do you guys hope for?
The PR team will only do its job by sugarcoating and not changing the facts,
so that GoG can carry on shitting on their former values and selling the mess as finest mousse au chocolat... and people will take it.
Best case would be, that they just didn't think this through, but seeing the recent development my hopes are low.
The PR team will only do its job by sugarcoating and not changing the facts,
so that GoG can carry on shitting on their former values and selling the mess as finest mousse au chocolat... and people will take it.
Best case would be, that they just didn't think this through, but seeing the recent development my hopes are low.
Post edited December 30, 2014 by Klumpen0815
Rixasha
Mangeon Duster
Rixasha Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Jul 2012
From Finland
Posted December 30, 2014
You may be right that the PR team will lack authority to say anything meaningful. We may need someone higher up.
I want them to acknowledge that intentionally placing digital restrictions on purchased files in an attempt to prevent anything but pre-approved ways of using them goes blatantly against their mission statement.
I want them to promise to stop doing that and either fix the affected installers, or (since they're large, and not everyone wants to re-download them) at least visibly show the passwords to each of them on their site.
Finally, if they think it's important that I'm left with any feeling of positivity after this treatment, they could even say sorry. But that's up to them.
I want them to acknowledge that intentionally placing digital restrictions on purchased files in an attempt to prevent anything but pre-approved ways of using them goes blatantly against their mission statement.
I want them to promise to stop doing that and either fix the affected installers, or (since they're large, and not everyone wants to re-download them) at least visibly show the passwords to each of them on their site.
Finally, if they think it's important that I'm left with any feeling of positivity after this treatment, they could even say sorry. But that's up to them.
immi101
User
immi101 Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: May 2010
From Germany
Posted December 30, 2014
since you have found this thread, you are not locked out of your purchases :p
just go back a couple of pages to the scripts posted there and you can simply unpack the installer.
it's really not much different than using innoextract (from a purely pragmatic viewpoint)
just go back a couple of pages to the scripts posted there and you can simply unpack the installer.
it's really not much different than using innoextract (from a purely pragmatic viewpoint)
Rixasha
Mangeon Duster
Rixasha Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Jul 2012
From Finland
Posted December 30, 2014
It is good that this is at least currently possible, but it's a small comfort akin to the DVD encryption being at least pretty easy to break when what you paid for was to not have to resort to that..
Maybe we should put up a site with md5sums of the gameids for those who find it hard to scrape the information or calculate them. We could call them "GOG no-installer cracks". Or a maybe make a web form by the name of "GOG keyfile generator".. ;(
Maybe we should put up a site with md5sums of the gameids for those who find it hard to scrape the information or calculate them. We could call them "GOG no-installer cracks". Or a maybe make a web form by the name of "GOG keyfile generator".. ;(
immi101
User
immi101 Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: May 2010
From Germany
Posted December 30, 2014
*shrug*
if you can type "innoextract installer.exe" into your terminal, you should be able to download the script posted here[1], and type "gog_unrar.py installer.exe" ...
I wouldn't waste too much effort on something like your proposal.
[1] https://gist.github.com/ssokolow/7368450647df37c40830
if you can type "innoextract installer.exe" into your terminal, you should be able to download the script posted here[1], and type "gog_unrar.py installer.exe" ...
I wouldn't waste too much effort on something like your proposal.
[1] https://gist.github.com/ssokolow/7368450647df37c40830
HypersomniacLive
The Reluctant Voter
HypersomniacLive Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Sep 2011
From Vatican City
Posted December 30, 2014
high rated
Gowor: Wow
When I left this thread, my last words were that I'll try to get "Wine mode" nogui switch working again, and one paragraph before - that I'm open to ideas that could be implemented. Thanks for some by the way.
After partially debugging the Wine fix, I returned to this thread, and noticed that it escalated quite a bit overnight.
While I'm open to ideas (and I implemented some requested changes before, like the way Foxit is installed), I'm only a programmer, not a PR person. I'm afraid in this situation I cannot continue this discussion. Sorry, it doesn't mean I don't care about this issue, but I’m here to write code and I wouldn’t like to be misunderstood.
That's understandable. But since you're not the right person to continue this discussion, you should at least pass what's going on to those at GOG that can and should continue it, so that they show up and do so. Because now it almost sounds like you've made the decision that any discussion between GOG and us is closed now. When I left this thread, my last words were that I'll try to get "Wine mode" nogui switch working again, and one paragraph before - that I'm open to ideas that could be implemented. Thanks for some by the way.
After partially debugging the Wine fix, I returned to this thread, and noticed that it escalated quite a bit overnight.
While I'm open to ideas (and I implemented some requested changes before, like the way Foxit is installed), I'm only a programmer, not a PR person. I'm afraid in this situation I cannot continue this discussion. Sorry, it doesn't mean I don't care about this issue, but I’m here to write code and I wouldn’t like to be misunderstood.
And I'm not sure that the PR people are the right ones - this is a matter that goes beyond PR; the discussion needs someone at GOG to go into the substance of the matter, and not just defend the public image of GOG.
As for taking in ideas and suggestions - if the password won't be removed, I don't see how taking in any of the suggestions made here, on top of the password, improves the situation.
So, please, before going back to writing code, make an effort and bring this matter to the attention of the decision making people at GOG.
Ganni1987: As Benanov said, you might want to get the PR team ready.
It isn't something such as "gog games being distributed with malware on torrents" that is making news, but this very encryption itself, here: http://www.gamingonlinux.com/articles/gogs-installer-encryption-proving-to-be-difficult-for-linux-users.4761
Might I add, that GamingonLinux.com is probably the best Linux gaming site around. I know you didn't intend to create this situation but this is exactly what happens when you force an unneeded protection in someone's throat.
If I was you, I'd get that password off and try something different, like the community has proposed in the past few pages.
I may be missing something, but how exactly does the link you provided support the effort made here and count as affecting GOG's public image? In spite of the number of views, there are few comments, and among them even fewer that are supportive.It isn't something such as "gog games being distributed with malware on torrents" that is making news, but this very encryption itself, here: http://www.gamingonlinux.com/articles/gogs-installer-encryption-proving-to-be-difficult-for-linux-users.4761
Might I add, that GamingonLinux.com is probably the best Linux gaming site around. I know you didn't intend to create this situation but this is exactly what happens when you force an unneeded protection in someone's throat.
If I was you, I'd get that password off and try something different, like the community has proposed in the past few pages.
Gersen
New User
Gersen Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Sep 2008
From Switzerland
Posted December 30, 2014
HypersomniacLive: As for taking in ideas and suggestions - if the password won't be removed, I don't see how taking in any of the suggestions made here, on top of the password, improves the situation.
Well by making the new installers work with Wine like the old ones. Something he already said he would be working when he would have time. I am starting to think that GoG is or will soon regret having used InnoSetup and not any of the other setup creation program for which no extraction tool exists, it would have simplified their lives...
Jalister
Linux & DRM free!
Jalister Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Sep 2008
From United States
Posted December 30, 2014
Ganni1987: It isn't something such as "gog games being distributed with malware on torrents" that is making news, but this very encryption itself, here: http://www.gamingonlinux.com/articles/gogs-installer-encryption-proving-to-be-difficult-for-linux-users.4761
I came across this article too. GamingOnLinux is one of the sites that my RSS reader checks regularly.goglin
sporty knight
goglin Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: May 2013
From Christmas Island
Jalister
Linux & DRM free!
Jalister Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Sep 2008
From United States
Posted December 30, 2014
I've noticed that site doesn't generally get a lot of commenters, but I do believe that site gets a lot of Linux readers. I can't say for certain if it is affecting the public image or not, but I'm sure a lot of people have read it.
MajorLunaC
New User
MajorLunaC Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Jul 2014
From United States
Posted December 30, 2014
Gowor: -Rars are used for convenience, as they have some features that the old archives lack. For example when making a test build of the game, it's faster for us to update the archives than to repack them from scratch when making small changes for testers.
You can update/add to a 7zip just the same, and it's completely free and open-source, not $29.99 for WinRAR. Gowor: -Yes, the archives are password-protected. Here's why:
The supported way of installing the games is by using the Installer, which apart from unpacking the files, also creates registry entries, shortcuts, compatibility fixes etc. We want to avoid having the situation, when user will see a unprotected rar file, download and unpack it, and get a "broken" installation, because he didn't use the installer.
There were situations, when users would download just a single part of the installer, or try to unrar it manually (because apparently some browsers detect our new archives as rar files), or even try to open the .bin files with the VLC Video Player.
In such a situation I think it's better to give immediate "it won't work that way" message, rather than allow someone to make a "partial" installation, which may or may not work, without any information.
The main point of an installer is to put everything in the right place, because most people can't find their way out of a wet cardboard box, much less find and put everything in the right place on their own computer (mainly Windows). I don't know about Windows, but on Linux I really don't need to install any games; Good games often come in a nice neat archive with everything in place and can run in place (nothing to move). Didn't some Windows games used to run right off a CD or DVD without install? The supported way of installing the games is by using the Installer, which apart from unpacking the files, also creates registry entries, shortcuts, compatibility fixes etc. We want to avoid having the situation, when user will see a unprotected rar file, download and unpack it, and get a "broken" installation, because he didn't use the installer.
There were situations, when users would download just a single part of the installer, or try to unrar it manually (because apparently some browsers detect our new archives as rar files), or even try to open the .bin files with the VLC Video Player.
In such a situation I think it's better to give immediate "it won't work that way" message, rather than allow someone to make a "partial" installation, which may or may not work, without any information.
Gowor: Another reason - I want to avoid the situation where someone tampers with the archives (let's say adding malware, or some illegal content), and uploads the modified version on torrents. I don't want the GOG Installer installing anything else than it was supposed to, and it doesn't matter how it was obtained.
The Installer is designed mostly for reliability and ease of use for any user. And it's intentionally designed as it is.
Mind you - if you are using the supported installation mode, you don't have to enter the password anywhere. Nor is it in any way dependent on username, or hardware, or anything else. It's more or less hardcoded into the installer (I see you guys already figured out how), as much as the decompression algorithm. You can still use the installer exactly as you could since the beginning of GOG, and install your games wherever, whenever, and however many times you want. It doesn't detect where was it downloaded from either. That hasn't changed at all.
You're saying someone can't extract the password, extract the archive, put malware in the archive, and put the same password on the new archive? And considering you can add to RARs without repackaging them, can't someone add malware without repackaging them (never tested such a strange thing)? The Installer is designed mostly for reliability and ease of use for any user. And it's intentionally designed as it is.
Mind you - if you are using the supported installation mode, you don't have to enter the password anywhere. Nor is it in any way dependent on username, or hardware, or anything else. It's more or less hardcoded into the installer (I see you guys already figured out how), as much as the decompression algorithm. You can still use the installer exactly as you could since the beginning of GOG, and install your games wherever, whenever, and however many times you want. It doesn't detect where was it downloaded from either. That hasn't changed at all.
And to put it simply, no one can say that you guys don't care about gamers: You even care about the safety and security of those who pirate your games! I mean, personally, even if I owned the most generous, friendly, and open gaming company, I would say "Screw you pirates, you get what you deserve (for trusting pirate rippers and for stealing a game that you should normally purchase if you truly think it's a game worth playing)".
And finally, as mentioned before, adding a password does NOT ensure file integrity (be it from malware or a bad connection or a badly uploaded file). Hashes do ensure file integrity. I recommend a combination of reasonably long hashes, because even hashes can be mimicked to a degree. But while getting a modified file to have the same single hash as the original file is possible, getting it to have 2 or more different types of hashes to be the same nears absolute impossibility. Just include the hashes on the download pages and have a note to check the hashes, as well as having the installer check the hashes. You don't need hashes on every file, just on the archives should be enough. Again, multiple hashes: md5sum (MD5 has known attacks where collisions can be produced), CRC32, sha1sum, sha256sum, whirlpool, etc. RHash program has a nice list of what it can make: http://rhash.anz.ru/
Post edited December 30, 2014 by MajorLunaC
Jalister
Linux & DRM free!
Jalister Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... Unblock chat Registered: Sep 2008
From United States
Posted December 30, 2014