By being a bad security actor when asking permission and giving permission.
Comment on Arc Raiders was accidentally recording Discord conversations into an unencrypted local game file
Aielman15@lemmy.world 2 months ago
How do you “accidentally” other people’s conversations?
Master167@lemmy.world 2 months ago
shininghero@pawb.social 2 months ago
If I’m reading it right, it’s kinda like how that one guy “hacked” 70,000 robot vacuums. Bad scope limits. Game uses token to do the rich presence stuff, and instead of just getting a confirmation back, it gets everything.
tdawg@lemmy.world 2 months ago
So in other words rich presence shares your conversations with game makers
Quetzalcutlass@lemmy.world 2 months ago
Not necessarily. You choose what permissions your token has when you register it with Discord. In this case the game asked for an auth token with all permissions, so the game connects to Discord with the same access levels as your actual login.
tdawg@lemmy.world 2 months ago
Yeah that’s what the person before me said. I’m saying that the fact it’s possible at all is a horrible violation of privacy