Overwolf denies a high interest student loan.
Yep. Now piss off.
1 Like
Well I am a Worgen, watch what you wish for. Also, take your own advice. :3
Can someone give the TLDR on why overwolf is seen as bad or if it’s just the wow forums being weird I use wowup as of now anyways
https://www.reddit.com/r/wow/comments/j1gpay/heads_up_in_regards_to_overwolfcurseforge_app_in/
https://swordbytes.com/blog/security-advisory-overwolf-1-click-remote-code-execution-cve-2021-33501/ Just last May. Critical security breach, “This vulnerability allows remote unauthenticated attackers to execute arbitrary commands on the underlying operating system that hosts Overwolf’s Client Application. By combining the XSS issue with a Chromium Embedded Framework (CEF) sandbox escape, it is possible for attackers to achieve Remote Code Execution on the victim’s computer.”
TL;DR Overwolf still has all the issues it had previously, which is Security issues, data gathering/selling issues, and still considered to be a ‘bloated app’ full of stuff that’s not needed.
Some people have a fine experience, a significant amount of people have had poor experiences using it.
6 Likes
Oh look, another case of “validate input people!”…and lol@their API allowing file writes and executions to/from the windows temp directory. Yeesh.
HOWEVER, I’ll give them huge kudos for not brushing off Swordfish and releasing a hotfix in a relatively quick manner. That shows some level of responsibility.
1 Like
Not sure if it has been brought up, but the reason for the denial is wowup teaming up with wago.io, competition to Overwolf https://www.mmo-champion.com/content/10341-Wago-io-Partners-up-with-WowUp-CurseForge-Denies-WowUp-s-Application-for-API-Access. So with that in mind, while OW could still be the scum of the earth, at least in this situation they were will within their rights.
It was after MONTHS of Overwolf ignoring their messages, by the way.
1 Like
Overwolf were threatening WowUP with denied API access as soon as WowUP appeared as an application and long before any association with Wago. They need a better BS excuse that isn’t contradicted by their own press releases.
1 Like
That’s an oversimplification of the matter.
Here’s the meeting info from last November’s Overwolf meeting for addon developers.
Scroll down for the YT recording of the meeting: https://trello.com/c/Rb6DvMji/317-3rd-authors-gathering
In this meeting, Overwolf discloses their intention to lock the API down and require persons who want to use it to apply for access. They also disclose that the API will not be able to be used for monetization. Unfortunately there is a perception floating around that Overwolf made a last minute change to policy in order to deny WowUp’s application. Clearly this was not the case as WowUp’s application was denied on the basis of monetization via Wago that was announced on January 6th.
Had not been for the Wago deal, WowUp would have almost certainly been approved. There’s nothing to stop them from trying again with a condition that upon approval and before using the API that they discontinue showing Wago ads and see what Overwolf says. As far as I know, WowUp would be limited to retrieving addons which authors have not specifically opted out of allowing 3rd party API access, because, as it should be, this is our choice to make as addon authors. Upon WowUp’s approval, I am inclined to opt in and allow them access to my addons based on seeing how I’m now uncovering a lot of miscommunications and undisclosed details which actually matter and misunderstandings surrounding this and would personally like to give WowUp a second chance.
WowUp is of course going to probably have to find a way to accomplish serving the addons in a manner which works with other restrictions, such as limited bandwidth use. Probably Overwolf isn’t going to let WowUp serve all of its users without WowUp either paying for bandwidth or implementing a cache at WowUps own expense.
4 Likes
No, that’s literally what happened:
They stated from the very onset, well before any November meetings, that they were against any and all forms of alternative to their own by jumping up and down over “scraping”. The only reason they care about this, is because they want a directed ad revenue stream. They don’t care about addon developers beyond attracting traffic and they sure as hell don’t care about the concerns of end users.
Wago’s involvement is singularly irrelevant to any considerations they might have invented to justify their already expressed desire to not compete.
2 Likes
This site exists.
Overwolf got into the shed and tore up everything. Your father’s tools are all in the yard.
1 Like
I didn’t say inaccurate, I said oversimplified. There’s a lot that the community has wrong about the details which is what people draw their own conclusions from. In this case especially, the details change the narrative entirely.
It is evident to me that the new API, its terms and conditions, and the addon author opt-out option were heavily influenced by the idea of giving WowUp and others who might follow a pathway to move forward. All of the evidence is out there for anyone who was willing to ask the right questions, listen, and observe when actions align with those answers. I did that. The fact that WowUp’s application was declined for a very dumb dumb dumb reason is WowUp’s own fault for not paying attention. They didn’t know that their deal with Wago would be a deal breaker because they neither attended nor sought out the recording of the meeting pertinent to this topic. That’s just plain negligence on WowUp’s part considering how critical the use of a Curseforge API is to the mission of WowUp.
Overwolf left the old API alone in lieu of waiting until they had a better solution. They did that for us, the players. If that meant tolerating WowUp costing them money, so be it. If that meant they would have to build an API that they can actually manage as a business so that WowUp can still do their thing, they did that, again for us, the players. They are smart enough to understand that they are not going to win any points by forcing people to use Overwolf so ensuring there is another choice makes perfect sense regardless of if they don’t like that they couldn’t come to amicable terms with WowUp over a year ago. They understand that some players are simply never going to forgive or trust Overwolf for the past, but they’ve still offered a lot to try to make this work.
Old API problems: No agreement in place because people just reverse-engineered it and used it. No agreement for addon developers to authorize Overwolf to let 3rd parties copy their work to other sites, which means Overwolf has to serve the files one by one directly to each user for free, without any benefit to themselves. Overwolf is not a charity.
New API solutions: Formal agreement in place. Ability to change the CF policy to now include authorization to allow 3rd parties to copy the addons. Ability for addon authors to opt out of this if they desire, as, the other option would be that some addon authors would simply leave if they were forced to authorize this in order to stay at CF. Ability to limit the amount of bandwidth a 3rd party may throw onto the CF network, as, with the copy authorization, 3rd parties can now have options to build their own caches, etc., at their own expense if they need to serve a larger audience.
We would be in a different place with our ability to manage our addons right now if we didn’t have about 1000 ‘Pawsers’ out there muddying the waters, and exactly 1 WowUp author to be more diligent about communicating better and doing their part to not fuel the fire.
Sadly, this is on us (as a community as a whole).
1 Like
TomCat#1000 on Discord
Not a breach. Vulnerability was discovered. Vulnerability is to breach as matches are to fire. Is there a report of someone having lit a match? Any malicious site found that published a malicious overwolfstore:// link that users were willing to click and then confirm with the prompt in their browser that they did want to open the link in Overwolf? If so, how many people were affected? If not, piss off. They fixed it.
1 Like
Everyone already knew Overwolf would be declining what are effectively show applications. No one thought for a second it was going to be fair or legitimate. They never had any intent of authorising any other addon manager and anyone who believes otherwise is daft. Their blog post made that very clear and everyone was expecting it, both from WowUP and the general userbase. We already knew Overwolf were scumbags, because they were kind enough to tell us a decade ahead of time. You might be happy to disregard their solid history of shady behaviour, but none of us are being paid to disregard the simple reality of it.
I think everyone’s known since Overwolf’s takeover that it was time to let Curse die. That doesn’t change Overwolf’s behaviour being scummy. We can live without Curse, Overwolf can’t live without money. Cutting Curse out as a mainstay of addons was always going to happen with Overwolf’s reputation and their actions only accelerated it. They’ve provided motivation to the competition and so it goes.
Doing PR for a bare bit of business survival is not for the players. It’s to save themselves from the giant burning fiery wall of hostility that they knew would immediately ensue. Hostility that they are now enjoying as a reward for their previous poor business practices. Funny how maintaining a good reputation matters with users, because they’ve got long memories and short of Curse being sold off again, people are done with it so long as it’s attached to Overwolf. They cannot erase their history. Again, you get money from this arrangement. We don’t. We don’t care if you earn money if the company you rely on has a history of degeneracy. Not our problem for the many reasons previously listed in this thread. The writing has been on the wall for them for years.
Correct, but nor are the players a charity. No part of WoW’s TOS requires us to compensate addon developers in any manner, on site, off site, in game or otherwise. We pay for the game and if addons are impacted by drama to the point of being a pain to use, then it’s far more Blizzard’s issue to resolve than it is ours. We already paid our price. It’s on Blizzard to regulate their IP and clean up their mess, whether that’s banning all revenue or bringing development in house if they want to avoid more loss of earnings. Overwolf bleeding money isn’t a priority when we never agreed to be involved with them in any capacity. We signed a contract with Blizzard, not them.
All things that are not end user concerns and things that we don’t care about, especially with Overwolf’s reputation. Again, this isn’t what we signed up for as Blizzard customers and it should remain irrelevant to our experience with the game’s features. If the largest repository gets sold off to the local scumbag, then people will deal with the inconvenience while a better option arises, whether that’s another third party or Blizzard cracking the TOS whip. We’ve navigated Shadowlands, we can navigate this as well.
No, we wouldn’t because Overwolf was never onboard with allowing anything that wasn’t big $$$$$$ to their well known and insidious data collection/advertising practices. Communication isn’t going to to make the local dishonest company any less dishonest, it just gives you more warning of the dishonesty.
4 Likes
To bad, but 99% of the mods I use are on github or lab…so no need to touch overwolf…if people are on Linux or Mac strongbox is a decent add-on manager…
Plus if you use arch strongbox is in the AUR
I can live without mods. The few I still have can just be updated manually. I’ve been gradually whittling them down anyways, since the majority of mods will really lag your client, especially when they aren’t updated for the current patch. I’m sure plenty of people have ran out and bought new computer parts thinking they were dying, when it’s usually just a mod with a memory leak or constant repeating error eating up the cpu.
Ironically, it was downloading the mod AddonUsage that showed me just how terrible many of my favorite mods really were in terms of computer resources. Now I’ll just flip them on while using them then turn them right back off, like Auctionator to list my auctions for instance. My game runs much more smoothly now.
Raid mods are just a crutch anyways. You should just learn by doing it and be able to respond unconsciously. When driving a car, do you stop and think “I have to flip the turn signal on” or do you just do it automatically? Cheating yourself out of that experience just makes you rely on a crutch, like using a dashboard gps navigator and listening to what it tells you instead of just knowing what to do inherently. In time, you’ll just be able to sense the timers themselves and react without consciously thinking about it.
Ignore him Tomcat. He’s a known concern troll. Make a note of that somewhere you can see as a daily reminder and just let him go. We’ve got a few of those that do nothing but stir the pot to see what bubbles over. Thankfully the Discourse software was updated last year to fully enable the mute and ignore functions.
3 Likes