Powered by Jitbit .Net Forum free trial version.

Failbetter Games Community

show rated messages only

HomeFallen London » The Bazaar

This is the place to discuss playing the game. Find tips, debate the best places to find certain items and share advice.

Data Mining in Fallen London Messages in this topic - RSS

Absintheuse
Absintheuse
Posts: 348

6/20/2017 		We’ve become aware recently of a Fallen London player who has been data mining the app to gain undisclosed information about the upcoming Election, which they have been sharing through hinted forum posts and other social media accounts.

This is unacceptable for a multitude of reasons.
  • Leaks like this spoil the surprises for other players, and undermines the pace of the story - particularly in quick-moving content like the Election.
  • It ruins our writers' plans and makes it less worthwhile for the team to create this type of content.
  • It impedes our planned communications work for announcements and social engagement.
  • Consistent misuse of data mining also makes us less inclined to maintain the mobile app. If people persist with this type of misuse, we may eventually be forced to remove the app from sale.


Actions have been taken against the current offender. This type of behaviour ruins the fun for all - players and creators. We will continue to take steps against people who engage in it, in order to ensure that the vast majority of players have the best experience possible.
+26 link
Mr Sables
Mr Sables
Posts: 597

6/20/2017 		Huh, that's rather disheartening to hear upset

On that note, I never understood the need for an app, anyway? The website version works perfectly fine on smartphones; granted, it's a bit fiddly, but a lot of sites (including this one used for the forum) have an option to switch between a "mobile version" and a "desktop version". It always seemed to me it'd be a LOT less work for staff - and generally more convenient overall - just to have a mobile version of the site (which would probably prevent data-mining, by the sounds of it).

Granted, I'm not an app user and never use apps, and I have no idea about profit or work or what goes on behind the scenes, so it could well be a silly idea or just not a practical one . . . still, I hope this doesn't happen again, as I'm kind of a bit sad some bits have been spoiled :-/ I was looking forward to the surprise :-/
+2 link
Spht
Spht
Posts: 11

6/20/2017 		WIthout trying to spoil things more, I'm going to assume that it's as trivial to do this in the mobile app as it is in Sunless Seas. There's a fine line to walk here, but maybe it's worth spending some development time into storing this particular data encrypted, and un-encrypt it on start? Or is it really just the sharing that's the problem?
+4 link
Saklad
Saklad
Posts: 528

6/20/2017 		I find the app less enjoyable than using the website on a mobile device. It’s way too slow to take any actions, and it invalidates all your other sessions.

I’ve never really understood why it isn’t just a wrapper that connects to the Fallen London server, perhaps while caching images as they are viewed and such. Wouldn’t that be simpler than whatever you are doing now? That would also prevent people from finding data in the app, I imagine.

Actually, if it isn’t too much to ask, could you explain why data mining is even possible? I’m curious.

--
Saklad5, a man of many talents
+5 link
Kaijyuu
Kaijyuu
Posts: 1047

6/20/2017 		My understanding is the app is for people with intermittent connections (and maybe people with really low data caps).

Also kids these days just love their phone apps.
edited by Kaijyuu on 6/20/2017

--
Be of good cheer. Our contacts have assured us that your sins are forgiven.
0 link
friendshipranger
friendshipranger
Posts: 274

6/20/2017 		I really enjoy the audio of the app. I'd use it more, but my phone is old- when I upgrade I will probably use it as my primary FL source.

--
http://fallenlondon.storynexus.com/Profile/J.L.%20Moriarty
0 link
PSGarak
PSGarak
Posts: 834

6/20/2017 		Spht wrote:
WIthout trying to spoil things more, I'm going to assume that it's as trivial to do this in the mobile app as it is in Sunless Seas. There's a fine line to walk here, but maybe it's worth spending some development time into storing this particular data encrypted, and un-encrypt it on start? Or is it really just the sharing that's the problem?

But that's an extra maintenance and development burden. Probably not a trivial one either, encryption is difficult to get right. Plus, if the app is meant to be used offline, then the encryption credentials would have to be stored in the app, so the protection would be minimal.

--
http://fallenlondon.com/Profile/PSGarak
0 link
Kaijyuu
Kaijyuu
Posts: 1047

6/20/2017 		Sometimes you put a lock on things just to send the message that you'd prefer people not look inside, not because you think the lock will actually deter any determined person.

--
Be of good cheer. Our contacts have assured us that your sins are forgiven.
0 link
An Individual
An Individual
Posts: 589

6/20/2017 		Spht wrote:
WIthout trying to spoil things more, I'm going to assume that it's as trivial to do this in the mobile app as it is in Sunless Seas. There's a fine line to walk here, but maybe it's worth spending some development time into storing this particular data encrypted, and un-encrypt it on start? Or is it really just the sharing that's the problem?


This is a good idea but it only really raises the technical bar for this type of abuse. If the app can decrypt it then someone can decompile the app and figure out how to decrypt it. This isn't to say it's useless, but as long as the data is on the device someone will find a way to read it.

A more secure approach would be to find a way to keep time released content off the devices until it is supposed to become available. Without knowing the technical details of the app I have no idea how difficult this would be. It may also introduce some infrastructure challenges as you could end up with a rush on the servers to download the new content when the clock ticks over.

Honestly, the design of the app that allows it to run offline has always seemed rather strange to me. It's resulted in a lot of problems (especially when it comes to player interactions) that wouldn't have appeared if the app was just a solid mobile friendly skin over the existing server infrastructure. The web UI works on mobile but it's kind of awkward. Between that and the marketing advantages of having the game in app stores I could have seen this being a compelling value add (or, at least, it's something I would have found compelling).

--
An Individual's Profile
The RNG giveth and the RNG taketh away.
Goat Farming or Cider Brewing? This browser extension may help.
Want a Cider sip? Please refer to this guide before requesting.
Scholaring the Correspondence? A Brief Guide to Courier's Footprint.
Contemplating Oblivion? First Steps on the Seeking Road.
Gone NORTH? Opened the gate? Throw your character in a well.
+3 link
An Individual
An Individual
Posts: 589

6/20/2017 		Saklad wrote:
Actually, if it isn’t too much to ask, could you explain why data mining is even possible? I’m curious.


Assuming the app is using similar tech as Sunless Sea, it will download all the game's story content in a format which, while not particularly human readable, is readable enough that with some technical knowledge (or a lot of perseverance) you could start stitching it together. (I may or may not have spent some time digging through the Sunless Sea files after Alexis buried a now extinct clue related to a certain ambition in them.)

--
An Individual's Profile
The RNG giveth and the RNG taketh away.
Goat Farming or Cider Brewing? This browser extension may help.
Want a Cider sip? Please refer to this guide before requesting.
Scholaring the Correspondence? A Brief Guide to Courier's Footprint.
Contemplating Oblivion? First Steps on the Seeking Road.
Gone NORTH? Opened the gate? Throw your character in a well.
0 link
Optimatum
Optimatum
Posts: 3666

6/20/2017 		Spht wrote:
WIthout trying to spoil things more, I'm going to assume that it's as trivial to do this in the mobile app as it is in Sunless Seas. There's a fine line to walk here, but maybe it's worth spending some development time into storing this particular data encrypted, and un-encrypt it on start? Or is it really just the sharing that's the problem?

It's actually a lot more complicated than for SSea, at least on iOS. The operating system won't let you dig through app data or download it onto computers without being jailbroken.

--
Optimatum, a ruthless and merciful gentleman. No plant battles, Affluent Photographer requests, or healing offers; all other social actions welcome.

Want a sip of Cider? Just say hi!

PM me for information enigmatic or Fated. Though the forum please, not FL itself.
0 link
Gallmarch
Gallmarch
Posts: 111

6/20/2017 		An Individual wrote:
Spht wrote:
WIthout trying to spoil things more, I'm going to assume that it's as trivial to do this in the mobile app as it is in Sunless Seas. There's a fine line to walk here, but maybe it's worth spending some development time into storing this particular data encrypted, and un-encrypt it on start? Or is it really just the sharing that's the problem?


This is a good idea but it only really raises the technical bar for this type of abuse. If the app can decrypt it then someone can decompile the app and figure out how to decrypt it. This isn't to say it's useless, but as long as the data is on the device someone will find a way to read it.


You could send the seasonal content encrypted and password-protected and send the password during the user's first sync after some arbitrary date/time (e.g., today, for Feducci-related content), which would be robust against decompilation on rooted devices. None of this is remotely my field so I have no idea how straightforward this would be to implement, but it appears to be what, for example, EA do when you download a game before launch (cf. their FAQ).


In general, though, your point stands: ultimately, allowing users to make any progress at all between syncs means putting at least some unencrypted (or locally decryptable) game content onto their devices. Tough problem.

--
My profile: https://www.fallenlondon.com/profile/Gallmarch
+1 link
An Individual
An Individual
Posts: 589

6/20/2017 		Gallmarch wrote:
An Individual wrote:
Spht wrote:
WIthout trying to spoil things more, I'm going to assume that it's as trivial to do this in the mobile app as it is in Sunless Seas. There's a fine line to walk here, but maybe it's worth spending some development time into storing this particular data encrypted, and un-encrypt it on start? Or is it really just the sharing that's the problem?


This is a good idea but it only really raises the technical bar for this type of abuse. If the app can decrypt it then someone can decompile the app and figure out how to decrypt it. This isn't to say it's useless, but as long as the data is on the device someone will find a way to read it.


You could send the seasonal content encrypted and password-protected and send the password during the user's first sync after some arbitrary date/time (e.g., today, for Feducci-related content), which would be robust against decompilation on rooted devices. None of this is remotely my field so I have no idea how straightforward this would be to implement, but it appears to be what, for example, EA do when you download a game before launch (cf. their FAQ).


That's a good approach. Send it out locked with an AES key (or similar encryption technique) and open up the key when the event starts. Much lower server impact than keeping the content off the device entirely. Probably a similar level of difficulty as well.

--
An Individual's Profile
The RNG giveth and the RNG taketh away.
Goat Farming or Cider Brewing? This browser extension may help.
Want a Cider sip? Please refer to this guide before requesting.
Scholaring the Correspondence? A Brief Guide to Courier's Footprint.
Contemplating Oblivion? First Steps on the Seeking Road.
Gone NORTH? Opened the gate? Throw your character in a well.
+1 link
Estelle Knoht
Estelle Knoht
Posts: 1751

6/20/2017 		I am more in favor of having a wrapper for the web version than some sort of encryption arm races, but if anything this post should deter most people from being indiscreet. At least, I assume most people who are invested enough to do any sort of digging are courteous enough. smile
edited by Estelle Knoht on 6/20/2017

--
Estelle Knoht, a juvenile, unreliable and respectable lady.
I currently do not accept any catbox, cider, suppers, calling cards or proteges.
+4 link
Spht
Spht
Posts: 11

6/20/2017 		An Individual wrote:

That's a good approach. Send it out locked with an AES key (or similar encryption technique) and open up the key when the event starts. Much lower server impact than keeping the content off the device entirely. Probably a similar level of difficulty as well.


For the record, something like this is what I had in mind, and shouldn't be a large development burden as I'm pretty sure there's enough out there to leverage for this.

And no, it won't stop _everyone_ but it will also as someone else said be a clearly posted sign post to people digging and perhaps be enough to discourage the very enthusiastic fanbase this game enjoys from sharing details. If the bar isn't much higher than "download the apk, extract, fire up hex editor", you're going to have people finding stuff out. If the only real problem is public sharing of knowledge, just embed a "DO NOT SHARE THIS, SEE THIS LINK FOR OUR FAN GUIDELINES" at the top and bottom of the embedded text and move along.
0 link
acorncap
acorncap
Posts: 30

6/21/2017 		Personally, I enjoy using the app for mindless grinding when I'm out and about. I do Actual Story Content when I'm at home and able to properly appreciate it. It wouldn't be the end of the world to lose the mobile app, but it's convenient for me because I hate wasting energy.

--
Dr. Adelaide Capella - The Steadfast Doctor - Also a Watchful Patron
+2 link
Gillsing
Gillsing
Posts: 1203

6/22/2017 		So that post I remember reading about how someone was waiting for the Implacable Detective to announce her candidacy was due to the data mining then? Until this thread, I thought it was just someone's wishful thinking, or an attempt to guess a candidate ahead of time.
0 link
Azothi
Azothi
Posts: 586

6/22/2017 		Yep. Those posts were deleted.

--
Azoth I, the Emissary of Cardinals - A Paramount Presence (not currently accepting new Proteges)
Away to where the Chain cannot bind us.
Hesperidean.
0 link
Cernunnas
Cernunnas
Posts: 12

6/26/2017 		I'm very sad that someone decided to go ahead and do that. What's the fun in that? Whoever it was, I'm disappointed. And to Failbetter Games, please don't be discouraged. You know us players are a bunch of patient people who are in for the thrill. Fallen London is a delightful journey to be enjoyed, and spoilers or not, we are incredibly exited about the election. I personally don't use the app, but I guess it would be upsetting for some folk if you stopped developing it.

--
http://fallenlondon.storynexus.com/Profile/Cernunnas

Shrewd and ruthless lady, dwells in the shadows, has a fascination for Devils and adores all things grotesque and bizarre. She prefers solitude, but despite her unpredictability, hunger for raw flesh and almost psychotic nature, will accept any social interaction if accompanied by a proper message.
0 link



Powered by Jitbit Forum 8.0.2.0 © 2006-2013 Jitbit Software