Epic Games Launcher accused of extracting data from our PC without permission

In the forum of reset has left a good con Epic games, so it is that the same video game developer had to come out to provide explanations. User ‘Madjoki’ has discovered that Epic Launcher retrieves enough Steam information to reach our friends list as our game story.

Does Epic Games Launcher Work Like Malware?

The theme is that to perform Epic Games Launcher is to search the Steam installation and proceed to get a list of files from our Steam Cloud. It literally says this;

“Steam Cloud is stored under user data \[account id]\ if you want to check

It will also create an encrypted copy of config \ localconfig.vdf.
This file contains your Steam friends, their namespace (groups you are part of are considered “friends”).

It seems that friends can be used for friend suggestions, but I do not even use that feature and it collects more than that.

Although it is called “localhistory”, it is synchronized from the cloud

It will read, encrypt and then copy to: C: \ ProgramData \ Epic \ SocialBackup \ RANDOM HEX CODE_STEAM ACCOUNT ID.bak
It will also store historical records there. “


As many would think, people have come to the conclusion that there is a clear indication that “Epic Launcher is behaving like a malware” spying on our PC and storing information that it does not need to have access to.

Epic Games sells a defender

Epic Games has responded to these allegations, stating that it only imports our Steam buddy list with our express permission.

We use a tracking file (tracking.js) for our Support-A-Creator program to pay creators. We also keep track of the statistics on the page.

The launcher submits a hardware survey (CPU, GPU, etc.) at regular intervals, as described in our privacy policy (see section “Information we collect or receive”). You can find the code here.

The UDP traffic in this post is a warning feature for communicating with the Unreal Editor. The source of the child system is available on github.

Most of the launcher’s user interface is implemented using web technology already rendered by Chromium (which is open source). The authentication certificate and the access to the above cookies are the result of the normal operation of the web browser.

The launcher analyzes active processes to avoid updating the games currently running. This information was not sent to Epic.

We only import your Steam friends with your express permission. The launcher creates a hardened local copy of its localconfig.vdf Steam file. Without limitation, the information in this file will only be sent to Epic if they decide to import it to their Steam friends, and subsequently only the hash IDs of their friends and no other information in the file will be sent.

Last hour update;

Tim Sweeney, head of Epic Games, acknowledged on Reddit that Epic Launcher should only have access to localconfig.vdf from Steam after the user has chosen to import their Steam buddy list, and not before.

“The current implementation is a remnant of our commitment to implement social features in the early days of Fortnite. In fact, it’s my fault that I pressured the launch team to support it too quickly and then identify that we need to change it. , “He wrote.” Now that this case has gone to first place, let’s solve it. “

I would also like to clarify that Launcher accesses Steam data files directly instead of using Steam’s own API, and says that Epic seeks to minimize the use of third-party libraries for security and privacy reasons, not with Valve specifically, but «on due to the general availability of APIs that capture more data than expected ”.

What do you think of all this?

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *