shubla wrote:
Characters positions are indeed sent to the map server, along with name and hat, they're used for player icons. They are not saved for more than a few seconds, nor used by anyone else than users of the map with the specific token itself.
They can be accessed by the randomly generated token in the client, when private map generation is enabled.
So you force-opt in your users to send potentially sensitive data related to where they are at in the world. This data includes their position, character name, marker data and even their hat res. Quite frankly this is entirely disingenuous. None of that data is needed to contribute to a world map. Further more, to re-iterate the above point this is forced upon the user. It is not an opt-in process, nor is there even a way to opt out of it. It is by definition spyware. The only barrier you have presented to the security of such information gathering is to just "trust" that you hold the data for only a few seconds. To drive this even further it is also an abuse of the bandwidth for those who may have data caps -- and issues to anyone who has a weak connection as it can induce lag and frequent disconnects by sending unnecessary data.
Characters positions are indeed sent to the map server, along with name and hat, they're used for player icons. They are not saved for more than a few seconds, nor used by anyone else than users of the map with the specific token itself.
They can be accessed by the randomly generated token in the client, when private map generation is enabled.
shubla wrote:Every player that's around you
Every player that's around you
Your kin's character names
The hat of every player around you
None of this is true, not sure why OP is lieing, maybe he is just too bad to read the code properly
This bit is true, After looking at the code it does not send the player information around you, though this can be changed by the simple flip of a boolean in any future update of the client. I wouldn't let this distract you from the aforementioned information that is being sent. Which I think bares repeating
This information gathering is forced-in and not opt-in and this it is indeed being sent for everyone who uses it.
To add on to the point once again. You are trusting someone who forces his users to have these features enabled by default to not abuse the data you give him. There is no way to opt-out of any of this.