TSR: IN UR COMPUTER, VIRUSIN' UR FILES!

[johan]

I can tell you exactly what it does since i'm the one who did that part
It sends five http requests to TSR, four requests for loading the images displayed on the welcome screen (what people have done with TSR Workshop) and the last one is to load an XML document with some news and version info that is also displayed on the welcome screen.
If you have some knowledge on TCP/IP you can easily verify this with a network traffic monitor such as WinDump or similar.
I also know that at least one person in the TS3 modding community has investigated this and found nothing else.

You are more than welcome not to use the tool though!

[Paden]

No problem on that, asshole, people around here don't like shit that installs what can be considered mal-ware on their personal property. That was part of the SecuROM shit, too, then again you being the ignorant fuck about conventions that you refuse to respect, you more than likely do not get that. We don't WANT our machines sending/receiving information that we have no use or desire for, dickhead. You have no right to put what is basically spyware onto machinery that you didn't pay for. Gee, people PAY your ass for the privilege of being bugged, who would have thought it? Of all the inconsiderate assholes on the internet, you rank right up there with the bastards that write a computer virus that takes all of your information or downloads something that wipes your hard drive. Go insert a floppy where the damn sun doesn't shine, bright boy and download onto THAT.

Edited due to a damn typo...

[dstar]

Applauds Paden and hands her some rum

[Lady Vader]

I wanted to comment, but Paden pretty much took the words out of my mouth.

I'll just add then, that Johan, DEAER, I'd trust a virus/malware/spyware warning comming from the cheapest, crappiest anti-vi/mal/spy program in the entire galaxy about your tool more, than I would trust a single word comming from your deceiving, debauched, payshit, TSR mouth. Trend Micro isn't a crappy program. I think that you should get the message now. You're smart enough, DEAER... Hmmm, or are you?

[Witchboy]

Quoted from Delphy @ MATY

So, the question is; What, exactly, is this supposed to "install to run on startup"?  Becuase I've looked, and I can't find a single thing. Absolutely no evidence of anything TSR related running on startup or otherwise unless I load the TSR workshop, which obviously then gets the ads and latest uploads so on.  msconfig shows nothing, and neither does the much more in depth autoruns.

Quoted from AmberDiceless @ MATY via Jfade

According to jfade, who says he also used a packet sniffer to double-check exactly what the thing does, Trend Micro Internet Security is known to throw false positives for a number of programs with similar functionality. He says, and I quote, that the Workshop "accesses TSR to download an XML document that tells if there's a new version as well as other news about the tool. Downloads 4 JPG images. THAT'S IT." Also, it can be successfully blocked by firewalls, etc.

[SoggyFox]

That's fine - I still would rather just get my tools that do what I need, rather than have a bunch of stuff I don't need.  That and I don't want to use something from TSR.

But to be fair, if all its doing is pulling update info, well, simpe does that too, iirc.

[CatOfWar]

I can tell you exactly what it does since i'm the one who did that part
It sends five http requests to TSR, four requests for loading the images displayed on the welcome screen (what people have done with TSR Workshop) and the last one is to load an XML document with some news and version info that is also displayed on the welcome screen.
If you have some knowledge on TCP/IP you can easily verify this with a network traffic monitor such as WinDump or similar.
I also know that at least one person in the TS3 modding community has investigated this and found nothing else.

Johan, I'll be civil, since you're being civil.  

We have been told that before the TSR tool was released, Steve sent it to FAs and was quite interested in how their virus detecters reacted to the tool.  When he got reports that the tool set off virus detectors, he said pirates had put in a virus.  Do you have light to shed on this?  

On an unrelated note, I meant to ask you about the angry, insulting post someone made using your account, but it seems to have been deleted.  Was that you, or did Thomas hide behind your account?  The tone did not match your other posts at all.

You are more than welcome not to use the tool though!

Why would we want to use it?  The free community has great tools, many developed before the TSR tool was released.  Even if TSR could offer the community something new and innovative and provably completely safe, many would refuse to use it simply to boycott TSR.  

* We have not forgotten Shakeshaft's theft.  Shakeshaft has not been punished, is still an FA, and their page is given as a shiny example of what FA minisites look like.  
* We have not forgotten the compromised user accounts at TSR, and the unencrypted passwords.  Are they encrypted now?
* We have not forgotten (because we're reminded daily) that TSR claims to be PG-13, but allows upload of Britney Spears stroking her crotch with a whip or a woman wearing only a tiny apron.  Are the ads for Evony and adult sex sites still showing on TSR?  Is Thomas still saying he can't be held responsible for ads he allows on the site?  Have you seen the More Smutty Than You thread?
* We have not forgotten being accused of just wanting free stuff and pirating EA software.  Have you read our reasons for pirating in the FAQ?  Seen the photos of our legally purchased software?  

Such past actions, and the lack of positive change in those areas, make us very distrustful of TSR and not interested in helping TSR promote its software.


edit: bulleted for clarity
edit: added links, in the faint, faint hope Johan will actually look at them


edit:
WB  Do we know what the TSR tool sends when someone uploads?  Do we know if it "watermarks"?  Does it put any personal info in uploaded files / send any personal info?  While what you and Delphy have said about net use on startup does sound harmless enough, it is not like SimPE getting update info on startup.  The big difference is I trust Peter and Inge, based on past behavior.  I do not trust TSR one bit, based on past behavior.  They would have to make a lot of changes, and do so consistently for some time, before I would trust anything of theirs, even if Delphy vouches for it.

[Witchboy]

WB  Do we know what the TSR tool sends when someone uploads?  Do we know if it "watermarks"?  Does it put any personal info in uploaded files / send any personal info?  While what you and Delphy have said about net use on startup does sound harmless enough, it is not like SimPE getting update info on startup.  The big difference is I trust Peter and Inge, based on past behavior.  I do not trust TSR one bit, based on past behavior.  They would have to make a lot of changes, and do so consistently for some time, before I would trust anything of theirs, even if Delphy vouches for it.

I'm not sure what it sends when uploading to TSR directly from the tool, as i have not done so. It does ask you to sign into your TSR account thru the tool to upload your items directly. Delphy or Jfade might know a bit more about that, but they haven't posted anything else on the subject as of yet at MATY.

[Missbonbon]

Very nicely put Paden and Cat. Both of you I think could sum up on how everyone feels about this issue. I too am curious as to what is actually sent with the files.  It was openly admitted that TSR's "watermark" they use will record user's IP address, and other tiny bits of information to try and detect who downloads what.

[justso]

Bloody missed that one, that will teach me to sleep, all hail Paden. 

[SnarkyShark]

While what you and Delphy have said about net use on startup does sound harmless enough, it is not like SimPE getting update info on startup.  The big difference is I trust Peter and Inge, based on past behavior. I do not trust TSR one bit, based on past behavior. They would have to make a lot of changes, and do so consistently for some time, before I would trust anything of theirs, even if Delphy vouches for it.

Totally agree with you, Cat. Trusting anything that their spokeshole has to say, knowing everything that we know about TSR's past behavior, is simply unwise.

[rum nate]

johan I have a question for you (if you come back).

The EULA forbids anyone from selling content made with the program because it is still in testing stage and not everything may work. I personally think this is smart. But I do find it odd that while no other site is allowed to sell content made with the tool for the above reason, why is TSR selling content made with the tool? If a subscriber pays for something, and it ended up not working, because the tool is still in testing stage, what is going to happen with the subscriber? Are they just going to have to deal with it not working, and have to wait until it can be fixed, and by that time they may not be a subscriber anymore. If people start having problems with content they paid for, its really going to turn people off to the site.

 Or is TSR trying to make it so they are one of the only paysites out there right now?

[Dr House]

Don't be fooled by which tool was used, even if you made an item using a tool your own ass magically pooped, if your CC need any sims game then it belongs to EA, point. I'm tired of that discussion as everyone if forgetting this simple fact: ALL CC belongs to EA and to no one else, no exception whatever. It's been the case since since 1 and it's been years that paysites try to turn around the EULA in all possible ways and now their using the tool argument. Fuck. I'm now pissed off.
I repeat in case someone missed the point:
All CC is copyright of EA and no one has the right to sell it except EA!

[Pescado]

I can tell you exactly what it does since i'm the one who did that part
It sends five http requests to TSR, four requests for loading the images displayed on the welcome screen (what people have done with TSR Workshop) and the last one is to load an XML document with some news and version info that is also displayed on the welcome screen.
If you have some knowledge on TCP/IP you can easily verify this with a network traffic monitor such as WinDump or similar.

This means little, and is exacty what you would be expected to say: After all, you know these tools as well as we do, so you'd know not to do anything that would obviously be detected. This is why you steg-encrypt the messages you're phoning home with into the requests, so that they look like harmless requests to any packet sniffer. After all, you said it yourself: You know these tools exist and that people know how to use them. If you expect your story to be more believable, it needs to be less obvious. Restating the obvious proves only that you have something unobvious that you are hiding!

But to be fair, if all its doing is pulling update info, well, simpe does that too, iirc.

Not quite, though: SimPE pulls ONLY the information you tell it to pull, WHEN you tell it to do so. This can be verified by examining SimPE's code. SimPE does NOT request extraneous information as cover for a steganographically concealled transmission to the mothership, and does NOT install strange DLLs into the system to maintain this linkup. SimPE also does not have a known history of consistently abusing personal information.

[Witchboy]

This is why you steg-encrypt the messages you're phoning home with into the requests, so that they look like harmless requests to any packet sniffer.

So the TSR tool is hiding data in something where you would not expect it to be hidden? Like a hidden message or data file within another file?