Gamers warn that the AXS Mobile App needed to enter BlizzCon is ‘spyware level bad’

    
40

Those who are headed to this year’s BlizzCon event are being required to use the AXS Mobile App as part of efforts to deter dupes and fraud. A bit of sleuthing from the folks at Reddit, however, has unearthed the revelation that this particular app seems… intrusive, to put it mildly.

A quick look at the needed permissions for the app to run includes giving up your mobile device’s contact information, your location, your camera, your wi-fi connection information, your network information as well as full network access and the ability to receive data from the internet, the ability to pair with Bluetooth devices, your battery stats, permission to run at phone startup, and permission to prevent the device from sleeping. These Big Brother-level permissions are likely to ensure folks who are attending BlizzCon are supposed to be there (i.e., preventing scalping) as well as to track which parts of the event saw high attendance, but the ability to adjust system settings could mean that it could theoretically turn on GPS even if you manually told your phone not to and rather dangerously scrape and transmit reams of personal data over the internet without your direct knowledge. And it’s all a bit much for a glorified ticket app.

An article from The Outline posted last year goes deeper, exploring the AXS app’s privacy policy, which expressly states that it has permission to send all of this collected data to “current or future affiliated entities, subsidiaries, and parent companies” as well as “trusted third parties, such as our Partners, sponsors, or their affiliates and subsidiaries and other related entities for marketing, advertising, or other commercial purposes, [as well as] allow third parties to access certain Sites for marketing purposes.” This is pretty much boilerplate for a privacy policy, mind you, but given just how much data this app is collecting, you might be less inclined to click “agree” for this particular app.

A blue post has offered a potential workaround in the form of going to the “Solutions Desk” for those experiencing problems with the app, so attendees who are concerned about privacy are being urged to not install the app and instead head to this desk. Of course, there are those who see a mountain out of a molehill or believe this is not a concern. You, of course, should be the judge and arbiter of your own mobile privacy destiny.

source: World of Warcraft subreddit, more. Thanks, Mordyjuice and Paragon!

40
LEAVE A COMMENT

Please Login to comment
  Subscribe  
newest oldest most liked
Subscribe to:
Reader
Tithian

I guess people with no phones will not be able to experience all the new and exciting games Blizzard will announce, so it’s better to filter the crowd beforehand.

MurderHobo
Reader
MurderHobo

Should just chip ’em like pets at the door. Go big or go home.

Reader
Robert Mann

Blizzard knows you HAVE a phone… you MUST let them download Diablo Mobile and you MUST play. Or else.

Reader
Sorenthaz

Stuff like this should be straight-up illegal.

Reader
Loyal Patron
Patreon Donor
Kickstarter Donor
Paragon Lost

Glad to help. I was just so astounded to read Blizzard totally stepping on it again, they really are becoming the miss-step company. No one should down play the importance of them requiring this app.

Your phone for most of us in this day is the center of control of so much of our lives, multiple security violations of this nature are totally unacceptable. I personally think that they are counting on most not wanting to deal with the hassle and just installing the app.

I know I’d be very pissed off if I had flown out there, booked and paid for a hotel and took time off from work only to find them demanding me install malware onto my phone to get access to an event that I paid ahead of time. Just, wow. Anyhow back to focusing on recovery from the flu/fever.

Reader
Kickstarter Donor
Patreon Donor
Loyal Patron
Ashfyn Ninegold

When I was growing up, my mother was very clear: never give anyone your name, address or phone number. Never tell anyone where you live. And, most particularly, never write anything down that would embarrass you on the front page of the NYT. Yes, she really said this.

Nowadays, people throw their entire lives up on the internet with apparently no reflection about it. Their kids, pictures of their houses, what their plans for the weekend are completely accessible. People link every damn thing to their phones, including all their financial information via their bank apps. R U kidding me?

I have one computer just for gaming, one for my work stuff, and one only for banking/finance. And they never touch each other. Not even just for laughs.

Lemon (fresh) tea with honey for that flu.

Reader
Loyal Patron
Patreon Donor
Kickstarter Donor
Paragon Lost

Your mom sounds like a very wise person. 😃 Thanks for the tea reminder!

Reader
Aaron Weddle

i have to point out as someone who has a great deal of experiance in IT having a seprate computer for banking/fiances isn’t really needed as that computer would be connected to the same network pass through the same router have the same outward facing IP address. having a seprate computer only for banking doesn’t really protect you from anything only makes life a lil more complicated

MurderHobo
Reader
MurderHobo

I trust my monitoring service and strong password discipline for the most part, but my gaming box is still the leper colony on my network, and I tail my wireshark logs and maintain my hosts file and firewalls accordingly.

It may be illusory, but I trust my Devuan box to leak less information in general.

seculaparsec
Reader
seculaparsec

I was ready to open my purse for a Classic sub but this wont happen now.

So many great private servers out there anyway…free.

Bye, Scumzard.

ejester
Reader
ejester

companies that make bullshit apps like this should be sued out of existence. Stop treating our personal information like your own personal fucking piggy banks.

Reader
Loyal Patron
Patreon Donor
Kickstarter Donor
Paragon Lost

This, until this start becoming the norm, nothing will change.

Reader
David Goodman

Sheesh. From a company standpoint, I understand how much easier it is to just pre-purchase a liscense to something that already does what you want it to. Why develop something yourself, when there’s a third party whose already designed a scaleable solution?

This. This is the reason why. Because these third-party “solutions” have issues that YOU are going to have to deal with.

My own company does this – practically every other aspect of it is an “integration” with something else, and whenever we need support for something, there’s a MINIMUM of two layers of people we have to go through.

I would still trust Blizzard and Blizzcon (even after that horrifying Diablo Immortal announcement) if I could afford to attend (travel PLUS ticket is a nay nay). However, a random third party company? I barely like giving my name to my family because they’ll start asking me for stuff like food every bloody fourteen hours in a cage.

Reader
Kickstarter Donor
Greaterdivinity

Man, this after the “don’t you have phones?” facepalm from last year and the heightened awareness about personal data/data security.

I swear, it’s like folks at Blizzard get together for weekly meetings to see how they can do the dumbest thing possible at any given moment.

It won’t matter for a good chunk of attendees who don’t know/care about this stuff, but it continues the trend of Blizzard making decisions that make them look terrible to the gaming-news-following crowd.

Reader
Jeremy Barnes

That’s exactly why! Now they *know* you have a phone and don’t have to ask! That was obviously the problem last year…that too many people without phones got in.

Reader
Dug From The Earth

everyone should just show up at blizzcon without their phones.

“No, we DONT have phones”

Reader
Jim Bergevin Jr

Exactly. It’s just Blizz’s way of ensuring that Diablo Mobile will be a huge success because they will know for certain that everyone does indeed have a phone.