Unity: We have to charge for every install because we only see totals. Also Unity: We can tell which install is which, so you won’t be overcharged.
The whole thing seems rushed because the CEO of Unity, John Riccitiello, was the leading advocate of microtransactions when he was at EA, and now he is instilling the same culture at Unity.
How will they differentiate between pirated copies and legitimate copies? How will they distinguish first-time installs from repeat installs? Can we trust their algorithm? It just doesn’t seem possible.
Unity: Everyone really seems to hate EA
Also Unity: Let’s hire the CEO of EA
🤦
It may have been more like:
Unity: “We love money and hate our customers, who can we hire to realize that vision?”
EA CEO: “Finally, a job that understands me”
Unity:
Everyone really seems to hate EAEA sure is making a lot of moneyAlso Unity: Let’s hire the CEO of EA
🤦
Ftfy
If there was a foolproof way of checking for a pirated copy they wouldn’t be making a game engine they’d be making DRM
Guy just sank the ship
Seems like every tech company lately
Key bit feels like “can we trust their algorithm”
It’s hard to enforce a “just trust me, this is what you owe”
I’m not sure why they hired him.
“Hey we’re looking for a new captain, why don’t we go for the guy who repeatedly sails into rocks? He’ll be good.”
Unfortunately a story as old as Wall Street. CEOs designed and hired to kill companies are a thing.
Meaning that this is on purpose? If so, who would profit from this? (besides the incompetent CEO themselves)
Short sellers, and the corporation that absorbs them at bargain prices.
You can usually tell a unique machine apart from another via MAC address, but even that has issues, and that’s giving Unity the benefit of the doubt when they haven’t earned it.
If I buy a new computer, they shouldn’t be charged again because I installed on the new machine.
his is ignoring the “we don’t collect personal data” but “we will definitely know if you install it once or multiple times “we have ways””
MAC addresses are per network Interface, my computer has three technically and uses two of them on a regular basis.
A terrible tracking method.
And nowadays you have randomized MAC addresses on IPV6.
Vendors also re-use MAC addresses to cheap out on costs.
MAC addresses are absolutely trivial to spoof, to the point that it’s just a drop-down option on linux lmao, so yeah good luck with that one
Are MAC address even shared ocer IP? as I understand MAC is for routers and other equipment to connect themselves, what MAC address are they going to receive? The one of the PC or the one of my router?
The game could read the Mac address and send it. It would probably violate GDPR because it’s not required for the game to perform its function, but it’s technically trivial.
GDPR would probably allow it under “legitimate interest”
Except iOS will randomize its mac adress at each boot / after a while to prevent users being tracked by rogue WiFi networks, which is actually a thing being used to track consumers in commercial spaces etc. So that wouldn’t work.
So did Windows at one point at least.
I don’t think it randomizes its actual mac address, it just gives a different one to different wifis
I think this is rather about checking the MAC “from the inside”, as a program running on the computer. This will work on a PC, as I think neither Windows or Linux systems restrict reading the MAC addresses of network interfaces and such, by default at least. On phones, I don’t know. But the point is that now the “attacker” is not on the wifi network you want to connect to, but inside your computer, and wifi mac randomization is worthless. Not just that they might have access to the original MAC of the wifi interface, what about the MAC of other interfaces like the cellular data interface or ethernet (over USB, when its supported), and then theres tons of other info too by which they can identify the device.
Well, if your mac address changes every time you connect to a different network, Unity would be detecting and billing for a lot of false positives, so it would be a bad method to identify unique devices.
There is still a lot of questions. How many components can I change and it still be the same computer and not a new computer? If I replace one component every two months after about a year I’ll have a new computer I’ve kind of ship of Theseused may way to a new rig. At what point would I have to buy a new licence?
If I don’t ever have to buy a new licence in that scenario why do I have to buy a new licence if I buy a new computer outright, it’s functionally the same difference.
You’re asking all the same questions we asked 15 years ago, when DRM started limiting installs on games like BioShock.
The MAC address is the address of the network card, which can be either built into the motherboard, or on a replaceable card… so if that was the only thing they tracked, you could replace everything except that… unless you have a network card with an editable MAC (they don’t need to be unique worldwide, only on the network they directly connect to).
Microsoft seems to use a slightly different system, where they’d generate a sort of hash for all the components, then allow a limited number of changes per year, so you can change the while computer a limited number of times a year… but they call home all the time.
My phone at least has a setting where I can choose what it does regarding a MAC address.
It can either use a randomised MAC address or it can use the MAC address of the router itself (can’t really see why you’d ever want to do that). So while I am sure traditionally the MAC address comes from the network card it’s clearly not the only way to derive one.
Also I’m almost positive that I went to change my graphics card and that changed my MAC address. It was years ago so I can’t remember the details but I remember it causing some problems with some work software until I realised that’s what had happend and just remapped the licence.
The MAC address is the Ethernet address of a network card endpoint, whether fixed or not. Multiple network cards, multiple MAC addresses. A single network card can also respond to more than one MAC address, or use randomized ones like in the case of your phone. They still tend to come with a factory fixed one, that is just used as a default when nothing else is changing it.
it can use the MAC address of the router itself (can’t really see why you’d ever want to do that)
That’s… are you sure is what it says? There are MDM managed networks where a router can push an MDM profile to a device, and set its MAC that way, maybe it’s something like that?
A graphics card “shouldn’t” have a MAC address… unless it has an output which can push Ethernet traffic (FireWire, HDMI HEC, etc.). A bit weird to have a licence locked to the GPU’s whatever-port MAC, but possible.
Lying about collecting that data, because they do (and I block it). Not lying, but backtracking on everything else.
You’re right, they’re absolutely collecting data, but saying they can’t differentiate between activations and then saying “oh yeah, actually, we can when it comes to (piracy/bundles/charity/etc.)” less than 24 hours later tells me that not only do they not care about game devs, but they think we’re stupid too.
It also tells me that this is the first time their internal devs have heard about these plans. This is the C-level‘s wet dream, not something they have actually implemented yet.
But hey, it can’t be that hard, can it? The code monkeys should be able to get it to work in three months, right?
Can you share, how are you blocking it? On the firewall?
There’s a couple of ways to block it.
-
Via an application Firewall, which will run on your PC. Safing’s Portmaster works on both Linux and Windows. Objective-See’s LuLu is a good Mac option. Both of these tools are free and open source.
-
If you know Unity’s IPs, you could block it in your firewall. I’m guessing you do not. Though, with a little work, it can be done.
-
If you can’t do either, you could at the very least block it at the DNS level. This will stop the software getting those IPs. It doesn’t really work if the IPs are already baked into the software, but that is incredibly unlikely in games. A great configurable DNS provider is NextDNS. If you have the know how to self-host a Pi-Hole or Adguard Home are great options.
There’s also ways to analyse that traffic, which I won’t go into here.
Thank you for the inputs. I guess that it can also be blocked at a router level, I guess?
-
Ok so if they are now only charging for the first install, why aren’t they just charging an extra fee per sale? Wouldn’t that accomplish effectively the same thing? (And actually work out in unity favour since not everyone who buys a game downloads it)
Because they realize that a huge number of their customers are small indies, and they want to be able to squeeze them - the majority of their customer base - not just the minority of big companies (who are also the most likely to fight back legally).
Just look at how their scheme squeezes smaller, poorer developers way more than big ones. If Unity went by points like, say Epic does with Unreal, they could shake down the big developers… but wouldn’t get much out of the indies.
Which is the opposite of what smart companies like Adobe do. You facilitate the small players in hope that they grow big and keep using your products at a larger scale.
[This comment has been deleted by an automated system]
That’s probably pretty negligible numbers. In fact I’d suspect that the number of people who buy a single copy that they then install on multiple devices is lower than the number of people who buy a game and never play it.
It’s also much simpler to implement and the numbers are verifiable. Unless… that’s exactly what Unity wants; just “trust me bro this is the correct number” kind of deal.
People eventually upgrade their computers. Swapping out mainboards and/or reinstalling Windows probably counts as a new device.
Also Steam Deck - every install and uninstall is considered a new computer. That’s true for Linux gaming using Proton in general, but the rest of Linux gaming is not as relevant.
Trust me bro won’t work when devs phone home custom install analytics tho.
The only major reason I can think of is people playing on PC and Steam Deck, using the cloud save to play on both. Sometimes I want to play the same game on the big screen and sometimes in bed.
I don’t think so. Even casual players reinstall their favorite games on everything they can manage. Think of Stardew Valley.
It work for paid games, youd have to apply it to microtransaction level if by f2p game, which is the real target for the change.
Which is why Unreal Engine charges by revenue rather than by sale/install. It doesn’t matter if the game if F2P, money earned is money earned.
Was Unity lying yesterday or are they lying today?
Yes and yes. It’s not an either-or situation.
Good point, they can’t both be true…but they CAN both be false. I’m hiring you as my lawyer.
Well it kind of is. Either they can differentiate between a new install and a repeat install, or they can’t.
It’s also possible that they can’t track new installs either.
FAQ:
How is Unity collecting the number of installs?
We leverage our own proprietary data model and will provide estimates of the number of times the runtime is distributed for a given project – this estimate will cover an invoice for all platforms.
Which is some kind of weird nebulous BS.
They’re not saying their engine phones home and/or collects data from end-user devices. With the associated data protection nightmares.
Oof. This is corporate lingo for “we’ll pull a number out of our ass and charge the dev accordingly”. “Proprietary data model” makes it clear they intend to remain conveniently (for them) opaque about it.
deleted by creator
If they see things other than the totals and devs will still be overcharged, then they have lied both times
The fact that they went forward with this decision means they’re not so wise at lying. It sounds more like last-minute damage control, but I doubt this will stop their greed. What I’m wondering now is how will the Chinese game companies react? Everybody get your popcorns ready.
So does this mean every single unity game will have unity online drm now? Or how else will they be able to tell? Seem so much more convenient to take a cut from sales instead
Considering it applies to games released before 2024… they would have to already have their own tracking built in
This is wizards of the cost all over again. Unity learned nothing from them.
It’s just capitalism.
Sounds trustworthy to me! /s
Don’t worry bro, if we make a terribly designed system that directly benefits our bottom line, we will totally fix it and make it fair. Trust us.
Relevant username is relevant
What does ‘install’ mean here anyway? Most unity games I play are either distributed as archives or installed through third party launchers.
Has anybody send Unity a GDPR request? I’d be curious what data they collect to make install tracking possible.
deleted by creator
So what is a better game engine to use now?
Unreal for “commercial, highly documented, also an industry standard”
Godot for “this is actually libre software and you can trust it to not enshittify itself in a couple years”
This is the perfect answer.
Godot is FOSS.
Unreal is decent too i guess but… not free. (Though iirc its free if you publish your game on epic)
Godot