It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
high rated
I'm too old for this shit. Why should anybody be interested in somebody's playtime, achievements and owned games??? And why, GOG, is it not possible to hide this information?
avatar
elcook: What happened to your GOG Wallet?
avatar
xyem: It says I have used one amount on the wallet page but there a different amount on the order itself, which is leaving me with wallet funds I don't think I should have.
well if you somehow gain money make sure to buy more games :P
By the by, people unhappy with the change can vote here:
https://www.gog.com/wishlist/site/disable_view_profile_function_for_customers_who_care_for_their_privacy
Please vote, as complaining here won't let them hear your voice as nicely as a big wishlist entry.
avatar
Vainamoinen: Instead, GOG has now facilitated harassment even more in a forum already known far and wide for the respective social media forms of harassment.
Except no, because it was already easy for anyone who wanted to harass you to do so. The only way GOG could help you is if they made the forums viewable only to people who are logged in, and even that wouldn't protect you from others GOG users.

What GOG did was implement something that lots of people have asked for, and that in the end shows data that either can't be used to hurt you in any way or just duplicates info that was already readily available anyway.

I do not mean to sound callous because I've been the victim of bullying and abuse in my life. But ironically that's precisely why I'm saying what I am: Because as a result of having to think about those concerns from a pragmatic angle, I am aware that the stuff that you're wringing your hands over can't actually hurt you any more than you can already be hurt, and conversely, that the privacy options you're asking for won't actually do much to help you other than being meaningless feel-good things.

And I know that isn't what some of you folks want to hear but that doesn't make it any less true. The privacy convo is one that should be had, but profiles like this are too superficial a level to be having it from. You have to dig a lot deeper and broader.

The real privacy issues are things that underpin the entire internet and that neither GOG or FB can solve or even make inroads on singlehandedly. There's reasons why people like political dissidents who genuinely have to hide have to spend practically 24/7 vigilance to do so and why utilities like TOR are so heavy-duty and hard to use properly: Because true privacy is just that hard nowadays, especially if you simultaneously still need the ability to communicate. It's likely not even solvable by technology alone since the web was designed from the word go for easy data sharing to begin with; it will almost certainly require major paradigm shifts in how people approach privacy towards each other.

Doing hysterical things like handwringing over people seeing what games you play or castigating GOG for implementing something that many people actively wanted, doesn't actually solve any of your real privacy issues; it just makes it that much harder to have serious convos about the matter.
avatar
Jeysie: Likewise, reading the article indicates that the security issue was on the end of the website, not on FB's end. So a site that's insecure enough to have its FB login hijacked is insecure enough to have its own data hijacked, meaning a direct login wouldn't save you much.
If you get your facebook credentials stolen (because say, someone replicates the facebook login form and MITM's the site's form), they gain access to your facebook and everything else that has "login with facebook" enabled.

Otherwise, they only get the credentials for that one site, presuming you didn't use the same password for every site, which is essentially the same thing. Add in that your card details aren't saved and you've lost what? GOG wallet funds at most?

So yeah, it saves you a lot (and is a basic security principle to boot).
avatar
xyem: It says I have used one amount on the wallet page but there a different amount on the order itself, which is leaving me with wallet funds I don't think I should have.
avatar
KnightW0lf: well if you somehow gain money make sure to buy more games :P
Sorry, I'm not GOG. I have principles and I stick to them.
Post edited April 23, 2018 by xyem
low rated
avatar
xyem: If you get your facebook credentials stolen (because say, someone replicates the facebook login form and MITM's the site's form), they gain access to your facebook and everything else that has "login with facebook" enabled.
You're conflating two different things here.

Yes, someone could spoof the FB login page itself, but that's because any login page on any website can be spoofed. You have to be vigilant about every website for that, not just FB itself.

But "Login with Facebook" is specifically token-based authentication, which is an entirely different beast. That's why the exploit you posted only grabbed the profile information and not your entire FB account or any kind of passwords or so on, because tokens are deliberately limited. Likewise, from looking at the article, the security issue wasn't on FB's end, it was on the end of the website who allowed malicious code to be injected onto their server.

I recommend actually looking up "Token based authentication" and what it does and doesn't do. You do have legitimate concerns, but your understanding of where the concerns should be aimed at is a bit off. In particular, treating FB as the sole boogeyman where ignoring them makes it all go away and you safe, isn't actually the case because the problems either go way beyond FB alone or aren't on FB's end of things.

Like it honestly bugs me that everything's laser focused on FB or superficial things like GOG's profile, both because the legitimate issues go way way beyond just FB or gaming profiles and because it gives people a false sense of security that all we have to do is wall off/police FB or GOG profiles or so on and everything becomes hunky dory.
avatar
elcook: The announcement is now live: https://www.gog.com/news/introducing_gog_profiles

We wanted to soft launch it and make all the necessary fixes, that's why the delay. Hope you like the feature.
avatar
Digital_CHE: FINALLY!
Now, it will be interesting to know how many accounts are here...

With this feature of public profiles, I hope a clone of SteamSpy can be created..
That is important info If we want for more AAA publishers joining GOG.
You are behind the times. SteamSpy is no more...
In addition to the other suggestions people have about fine-tuning the settings, the "Visibility" setting also needs to be broken down into two separate options. I'm fine with GOG users finding me by user name, but not by email address.

Also, the Visibility setting itself is not well explained. The way it's written now, it's unclear whether we are making ourselves searchable only by GOG users, or by the entire internet.
low rated
avatar
Desmight: Yup. The number of "Games owned" in particular can be a dangerous information to display if you don't want to.
You get jailed if you own too little games? Or too many? :)
high rated
Please turn all this stuff OFF by default and private. This is 2018 I dont want my private data given away thanks. And no "friends" and "public" does not count as off. By default it should be "just me" and "private". While I understand some people might get some value out of this feature I don't. I love GOG BECAUSE its not Steam. I want no DRM and I want privacy. That is your competitive advantage. I ask you stick to that not waste time and effort on "social" features. Thanks and good luck!
low rated
avatar
adaliabooks: Actually really impressed with this. Makes some sense to have friends now as it shows when they've posted in the forums (and the game stuff which is less interesting to me but still nice)

Looks pretty too. Good job GOG.
Finally a nice solid statement in the ocean of cryriver :) Let me hold on it too! :)
high rated
avatar
Jeysie: I recommend actually looking up "Token based authentication" and what it does and doesn't do. You do have legitimate concerns, but your understanding of where the concerns should be aimed at is a bit off.
I know what it is and what it does. You think I'm conflating things but I'm not. You think I am griping about Facebook specifically.. but I'm not.

People using the same credentials (either by using the same email/password for different accounts or logging into a single service to authenticate, in this case, Facebook) is bad because it only takes one site to get attacked and they get access to everything using those credentials. Your claim that it is more secure to use the Facebook login is wrong.

Seeing as GOG itself has had a vulnerability that allowed forum users to execute javascript on other people's machines, this is a pretty valid concern..

EDIT: And just to be clear, it may not have been limited to the forum, that is just where it was discovered.
Post edited April 23, 2018 by xyem
high rated
avatar
richlind33: On the other hand, Facebook is a toxic shithole that promotes and profits from consumer ignorance, so maybe there's good reason to be pissed about GOG partnering up with another sleazy, backstabbing outfit.
avatar
Jeysie: So you're pissed because GOG offered a (completely voluntary and optional) "Login with Facebook" option that's extremely bog-standard for about a zillion other websites and apps at this point, which means GOG was just catching up to adding a feature that was, again, extremely common and normal for everywhere else on the web. Good to know the sane and proportional reactions that convince people to take you seriously continue.

Also, yay, the game library option is indeed locked to GOG-only and thus mostly useless for me. Hooray. :/
I'm a little shocked at the timing. They held off all this time, but then pull the trigger right after zuckturd's shit hits the fan. But it's hard to be pissed about it when MS is embedding ad servers into the games that used to be included in the OS that we pay hundreds of dollars for every few years.

You seem to think there's something wrong with wanting to buck the herd and get away from this kind of crap, but I think there's something wrong with *not* wanting to get away from it. Seriously wrong. And I'm not the slightest bit concerned about "not being taken seriously" by people who are constitutionally incapable of questioning authority, and why should I, because popularity dictates what's wrong and what's right? Really?

That's pitiful, my friend. Utterly and wholly pitiful. o.O
Post edited April 23, 2018 by richlind33
avatar
Desmight: Yup. The number of "Games owned" in particular can be a dangerous information to display if you don't want to.
avatar
Lin545: You get jailed if you own too little games? Or too many? :)
Let's say that a thief could be more interested in an account with 2000 games than an account with only 35-40 games. It's just hypothetical, but it's still private info. There's no need to be paranoid like other people in the thread, though.
high rated
avatar
Jeysie: Doing hysterical things like handwringing over people seeing what games you play or castigating GOG for implementing something that many people actively wanted, doesn't actually solve any of your real privacy issues; it just makes it that much harder to have serious convos about the matter.
This argument isn't going anywhere. The fact remains: It's not GOG's business to tell. It's my private data, and GOG is giving it away. I have no say in the matter after eight years on the platform. I understand well that you don't see it that way, but that is some sicko shit.

And you have no business to declare some of my data that GOG is giving away harmless and not worth whining over. Nothing that's given away is unimportant. It was the "harmless", everyday, unimportant private data that Cambridge Analytica mined, analysed, and abused from facebook.

The paradigm shift you're asking for? We've just missed the glaring opportunity by a mile because we're already too deep in this shit.

avatar
Jeysie: Because true privacy is just that hard nowadays, especially if you simultaneously still need the ability to communicate. It's likely not even solvable by technology alone since the web was designed from the word go for easy data sharing to begin with; it will almost certainly require major paradigm shifts in how people approach privacy towards each other.
These paradigm shifts would only reverse shifts slowly but surely made during the last two decades. You should definitely not just make the enablers responsible, the fucking Zuckerbergs and the fucking Newells, the fucking Nadellas and the fucking Cooks, but also the people who consent to what they perceive as the inescapable standard, and indeed start asking for it.

The people who vocally do not consent are not "handwringing".
Post edited April 23, 2018 by Vainamoinen