In this guide, I will examine if and when it is possible to block spyware from Epic Games, Inc.

Many individuals on Steam publish "guides" that contain either incorrect information or are incomplete. Often, not only are facts missing, but false statements are also made and there is a lot of opinion without evidence.

This is neither helpful for people interested in protecting their data nor do the guides deliver on their promises of privacy.

Criticizing account linking while praising a game that removed it (even though similar mechanics are found in hundreds of other titles without account linking) is short-sighted. The transmitted data remains the same; the only difference is an additional user permission.

These are harsh words, but they are necessary, even if many may not like them.

More important than blocking is understanding why and what you need to block to enhance your privacy. Many people do not even know what is happening on their own devices and how companies are interconnected in this industry.

To be honest, the people at Epic Games, Inc. are far from ignorant. They have multiple mechanisms to track consumers on their platform, as well as on platforms like Steam and other cross-over devices.

Given this, it should be clear that blocking a handful of addresses, as some guides suggest, is overly simplistic and naive.

This is the main issue I find with many tutorials on this platform, as well as on Reddit and similar sites.

Many contributors lack a deep understanding of the topic and fail to engage with it comprehensively. Periodically, some users initiate witch hunts, which fade away without bringing about significant change.

Additionally, Steam is not a suitable platform for presenting complex interrelationships in a clear and detailed manner. There are numerous reliable sources on the web, including company profiles, documentation or SDKs.

To understand what Epic Online Services (EOS) entail, users must comprehend what underlies this service. EOS is a collection of functions that are often required for playing:

1. Achievements
   
2. AntiCheat
   
3. Connect
   
4. Leaderboards
   
5. Lobbies
   
6. Matchmaking
   
7. Metrics
   
8. Notifications
   
9. PlayerDataStorage
   
10. PlayerReports
    
11. ProgressionSnapshot
    
12. Sanctions
    
13. Stats
    
14. TitleStorage
    
15. Voice

The drawback, however, is the mandatory online requirement. If the service is deactivated or shut down, the product either ceases to function entirely or operates with limited functionality.

Second drawback is that even if users do not consciously use Epic's services, EOS remains active in the background and forces a connection to Epic's servers. If not for the listed core functions, then for telemetry. The latter is so integrated with EOS that it cannot be disabled individually.

Datarouter is one of Epic's mechanics to track and collect data from consumers. This service exist in multiple versions and is highly flexible and customizable. I already published a lot of examples for datarouter telemetry on Steam and on my site.

Examples how games or regulary software is using the Datarouter telemetry

Version 1:
Datarouter initialization during product startup (old)
Version 2:
Delayed Datarouter initialization during the first 30 seconds in game (old)
Version 3:
As a component of other mechanisms e.g. the api.epicgames.dev (new)

In addition to different implementations, we also have different addresses that are contacted, and that's where the problem lies.

One block with endpoints for the old telemetry service

Can the service be blocked?
Yes, Version 1 and 2 of Datarouter are easy to block and do not interfere with the actual game behaviour.

Version 3 comes along with api.epicgames.dev. This is the "EOS" we know, talk about and have to deal with.

This one is the interesting and complicated part and i have seen some so-called guides who mention to block the API. Well, they forgot one important point.

Many games with blocked api.epicgames.dev won't work anymore. The witch hunt that Tomb Raider from SQUARE ENIX CO., LTD. caused recently aside. As already mentioned, the data is the same, with or without account-linking.

Because why? Epic Games, Inc. started someday to implement mandatory telemetry and online functions together for games. Blocking API? Games no longer works at all or only half of the time on Steam or other platforms. Short said. Mandatory core-function.

I got a lot of requests during the last 4 years about my blocklists[hosts.gameindustry.eu]. Why is my game not working anymore? Why i can't login to service XY? Why my multiplayer mode is blocked? And so on. Especially when it came to games with EPIC mandatory online features, some people were desperate why their game no longer works.Then try to explain why some functions were blocked and evidence with facts.

But do not forget, it's the consumer's choice.

https://gtm.steamproxy.vip/sharedfiles/filedetails/?id=2400229282
https://gtm.steamproxy.vip/sharedfiles/filedetails/?id=2631388199
https://gtm.steamproxy.vip/sharedfiles/filedetails/?id=2191649409
Even linking with Tomb-Raider was no mandatory. But telemetry and online functions. For Satisfactory it was mandatory to access online features. Same counts for Deep Rock Galactic's matchmaking as example. And there are countless other products with the same behaviour these days
Including: Id's, game lobby data, player actions, purchases, achievements, statistics, session data, account data/user info/ownership tokes, heartbeats, leaderboards, total players, anti-cheat and banstatus as well as instructions for further services from Epic.

That's where i've seen some "guides" lately from people who don't know what exactly is happening at all... but say, "Hey here...you need to block that, it's evil... (and epic)".

Sure, do it, but then don't be surprised if nothing works and you still want to play. You have to think about and why what can and must be blocked where and how.

Account-Linking snippet from the API

API with Endpoints

V2 Endpoints

Metrics with example URL

Can the service be blocked?
Consumer and product depentent. As written. Disable the API and a game maybe won't work or just half. Users must decide for themselves.

Beside the Datarouter Telemetry there are other functions who can track users and it is product depending how these are used.

tracking.epicgames.com - Is used for Javascripts, Pageviews, Trackingpixel and it activates on pretty much every page with actual data and recording of single steps. Well, of course it's part of the launcher or when it comes to Account linking.

So it's a core function and more or less active on every site there. Examples with AWS Endpoints

Can the service be blocked?
Mandatory at least ONCE to login into the Epic Game Launcher. After that the service can be disabled.

The ET Service is also mentioned in a few "guides".

et.epicgames.com and et2.epicgames.com itself contains session data, unique timestamps and machine/device ID's, platform data, product version and much more. Example game? Valhalla Hills. The funny thing here. On the one side, anonymously data is captured... but together with unique identifiers.

This service is more or less obsolete and is more used in older products.

Can the service be blocked?
Yes.

QOS as example is linked with ingame user-agreements. No agreement? No game. Its that simple, especially when games weren't patched.


Can the service be blocked?
Product dependent

Heartbeats are some kind of diagnostic telemetry at regular intervals. For games connected to the new EPIC-API, such a service can be found that regularly contacts their servers

Heartbeat contains: AppID, AppVersion, AppEnviromentnumer, Uploadtype of the Metrics itself, SessionID

Example from Killing Floor 2

Example from Remnant - From the Ashes

Can the service be blocked?
Part of api.epicgames.dev. Product / consumer dependent.

Just another Heartbeat mechanic in games with Epic game services

Can the service be blocked?
Yes

Funnel-Analytics involves mapping and analyzing a series of events that lead to a defined goal, such as in online advertising a path that results from an offer to a purchase, or the individual steps that begin with initial user engagement in a mobile app and end with a sale on an eCommerce platform.

This one can be found on several sites of Epic games, including Account settings- and linking features including subpages, friends connections, requests, suggestions and more.


Can the service be blocked?
Core-function. Yes.

Google describes Crashlytics pretty accurately

Fixing bugs and incompatibilities in client software that ships to millions of users around the world is a daunting task. User reports and manual reproduction of crashes can work, but even given a user report, often times the problem is not readily reproducible. This is for various reasons, such as e.g. system version or third-party software incompatibility, or the problem can happen due to a race of some sort. Users are also unlikely to report problems they encounter, and user reports are often of poor quality, as unfortunately most users don’t have experience with making good bug reports.

In other words. Consumers are too stupid, so we take data anyways. And since we save ourselves the permission with it also, all is helped. Counts for the whole industry now...with few exceptions.

Gas Station Simulator from Movie Games, S.A. with Epic service
Gas Station Simulator was one of the latest products i tested for my website and curation group. It includes default Epic telemetry block with some unique identifiers, tied to Crashlytics sent to Epic without active acknowledgement. A lazy way to get data from users without asking.

Why? "Everyone" wants games to be developed and improved, so they are okay with that. OR NOT? At least that's a deadbait-argument from consumers and developers i often read on Steam.

The screenshot is showing only the "normal/default" hidden background Datarouter-telemetry from Gas Station Simulator which is contacting Epic Servers with Unique Identifiers and Timestamps. The more important is, there was no crash. So data is taken anyways. Instead of that title, it can also be another game. The procedure is the same.

The following code sample is taken from the CrashreportClient.exe user interface which is visibly shown to users, but behaves differently than is apparent to users. For more details, read my review about Gas Station Simulator
Crashlytics often can be deleted. Files can be found in installation folders and have names like "steamerrorreporter.exe", "unitycrashhandler64.exe", "crash_reporter.exe", "CrashReportClient.exe" and so on. Some have also dependencies and were checked during game initialization.

Who's interested, i published a batch together with my Steam-Skin or as standalone version to clear Crashlytics and Spywarefiles from your Steam-Folders within few seconds.
https://gtm.steamproxy.vip/sharedfiles/filedetails/?id=2345138818

Anyone who has looked through the infos here can discover pretty quickly that Epic Games, Inc. uses the services of the company Amazon.com, Inc.. And thus Epic has an almost unlimited pool of addresses at its disposal.

This can also be observed in any games with Epic Telemetry. For the data router service alone, I've gathered over 120 addresses so far which are connected through games, and that's only a small part.

They can be seen with more details on a self published summary for Epic.

Link: Epic Games, Inc. profile[gameindustry.eu] (Examples english)

Note that gameindustry.eu is not affiliated with Epic Games, Inc.

No worry, I have to destroy your illusions. They already gather a lot of Metadata from consumers with deterministic and probabilistic tracking from games, websites and devices people use and play with each day. Active linking? Not required.

That can be

1. App tracking data and session histories
   
2. Heatmap data
   
3. Crashlytics data, including files and Screenshots
   
4. Input data and user generated content
   
5. Persistent (tracking) cookies
   
6. Telemetry & diagnostic data, crash(lytics)logs/crash reports.
   
7. Profiling through input text analysis
   
8. Hardware data (processor, graphics card, RAM, mainboard, hard disk identifiers etc)
   
9. Software data (operating system, programs used, program versions)
   
10. Language settings, folder structures on own hard disks
    
11. Referaltracking, Affiliate marketing and funnel analysis (tracking the customer to the specified target)
    
12. Account names including uniquely assigned ID numbers (Correlation, UUID, GUID)
    
13. User assigned computer & system names of own operating system
    
14. Player names not to forget or login names of the respective or thirdparty client
    
15. Single user actions e.g. clicks, viewed areas, dwell time
    
16. Currency, purchasing behavior, purchasing power, bank data
    
17. Decisions made by consumers and thus conclusions about behavior and interests (what decision was made in a game) This would also include moral aspects.

There is a lot more and developer depending which identifier are implemeted. Do not forget, other games and platforms do the same. Like Steam. Some more as Epic, some less.

Account linked? Congratulations. They gather more data. Metadata can be fill few sites with different identifier.

Correleation Id's are e sent along with connections with userdata to Epic. Everytime. It's also a core element in their infrastructure. No matter if an account was linked or not.

A "correlation ID" is a unique identifier (GUID) that is used for cross-platform and cross-device tracking queries. As mentioned, they already have your data.

Correlation ID Example

Those Id's can be used by many "services" and companies to track and identify users and useractions cross-over-devices. Depends how the service work they know if users open a website, open a video, login into a game/platform or whatever.

As time does not stand still with analytics services and they are sometimes replaced or improved, Epic has also replaced the original service with EOS.

Instead of the original forced connections to the Epic servers, various addresses on Steam are now addressed each time a game is launched. On the one hand, connections to Valve Corporation's Captive Portal are forced, and on the other hand, the device is checked for IPv6 compatibility.

For this purpose, around 100 different IPv6 addresses are contacted, as well as some Valve Corporation domains.

Like the telemetry service itself, this behavior raises several security and data protection concerns which were summarized in the article for the Captive Portal Checks..

Since it's a bit of info, everything discovered can be read here:

https://gameindustry.eu/katalog/valve-corporation/ipv6check/
https://gameindustry.eu/katalog/valve-corporation/captive-portal/

This passage is just for thought since it's always a topic on Steam.

Since Tencent Holdings Limited has bought Shares from Epic Games, Inc. in 2013, various people frightened about to give data away. That's rather laughable for various reasons and especially for 3 reasons alone.

1. What happens to the data itself is known only to the initiated.
2. Epic Games, Inc. did the same before Tencent
3. Double morality and standards

Tencent itself can be compared to Microsoft, Google, Facebook, Amazon, or Apple. It's a technology company and one of asian Big Players. Next to Alibaba Group Holdings Ltd.or Huawei Technologies Co., Ltd.. in China or as example Sony Entertainment, Inc., or Sammy Holdings in Japan.

The US companies do the same as Tencent and vice versa. However, all corporations have one thing in common. They represent their own interests, have been steering states for 120 years in some cases, and would prefer to completely abolish things like privacy.

Difference? So-called "western hemisphere" has "a" government for each country along with NSA, FBI, Interpol, BKA, GCHQ and many more privacy and rights violating institutions. I don't need to remind anyone that major gaming platforms have also been targeted by security intelligence agencies in US and Europe. Data traffic was directly diverted and read out as in the case of Blizzard Entertainment and World of Warcraft.

In china we have "the" government and many unknown variables. Therefore, people should also deal with it and not as it happens partly show anti-asian behavior without knowledge.

And one more difference. Chinese companies take data more obviously. Western companies more hidden. If western companies would have their way, the GDPR for example, would have been abolished as soon as possible. Facebook as a US privacy breaking technology company has just shown the way few days ago. They do not care about everything and do their thing. Like the whole business. And users? Complain about a single game....

I don't want to defend anyone, the opposite! Both sides are a pests - It's just annoying every time to read, "Ehhhk, Epic, data, china, government".... but when people asked what exactly they don't like? Often enough nothing comes around or better? They play anyways.

And maybe the next thing those people do, they'll ordering from Amazon or buying products from the supermarket on which is written *Made in China*.

Some know me already from my reviews i mostly write in german. I check games and programs for connections since many years and have build ap an growing database where i publish Spyware mechanics and host lists for users to enhance privacy and deliver some facts for general.

The host is an essential part of operating systems and can be used as Adblock and first defense-line for own digital security. Works for all devices. Systemwide for Desktop and Mobile.

The host list i published can be downloaded on my website or Github in several versions. For people who are not familiar with it, a separate setup has been written. Other stuff would be a Spywarecleaner for Steam, a minimal Steam-Skin and much more.

Especially for gaming the host itself contains now around 1800 games from nearly 1120 publishers with already blocked connections and it's growing slowly. Published and sorted with Publisher,- and product names, additional informations and on my site with many pictures and background stuff about an industry who claims data self-legitimated and often steal without asking for permission.

Host Download
Website: Host Templates[hosts.gameindustry.eu]
Github: Host Templates on Github[github.com]

Respect copyrights for my content and terms of use for the further use of the published host files

Product Search
Each already captured game can be seen in a database with additional infos and connections. It's possible to search for publisher, product titles, Steam App Id's and game related exe files for Desktop games.

Link: Product-Search[gameindustry.eu]

This is what i can do for others. The rest is own behaviour. So, what are you doing?

As you can see, it is not so simple people to block Epic with a handful of adresses and beside of that the stuff i mentioned here is not complete. This has to do with the fact that Epic Games, Inc. sits on huge structures and changes them partly at will. In addition, there are regional differences in queries.

The host files of mine include approx 200 entries for Epic Games, Inc. Together with collected code examples, checked games and pictures it's a huge **** piece of work to analyze stuff, keep it up-to-date and block it to give people a better privacy feeling. Especially when they want to "play" their products.

But I hope that I could bring a few details close, which are not available in other "guides".

Consumers can do a lot, but it's not possible to block Epic games telemetry behaviour as a whole thing, if users do not change their behavior or are not prepared to do without products with Epic Services or make use of refunds. This can be extended other related companies and services as well.

I don't like to use the term "gamer", but they have to learn (like everyone else should), how to deal with the companies and products they use every day. And above all ask yourself the question. What does the product actually do? This doesn't just apply to individual products or a service. Do not accept everything and fight for your own privacy rights against the whole business.

Especially gaming is a billion dollar market and data are easier to come by here than almost anywhere else. For free!

So it's no wonder that in addition to the big tech companies (who all own commercial and entertainment platforms) there are numerous small companies that are also getting rich off us, stealing data and taking everything for granted. Games today are built around analytics and spyware and devs do often do not care about.

To mention a few company names which are often seen in games (Desktop and Mobile):
Microsoft Corporation, Mixpanel, Inc., Unity Technologies, ApS, Amplitude, Inc., Google, LLC, deltaDNA Limited, GameAnalytics, AppsFlyer, Flurry, TrackJS, IronSource, Facebook, Inc., Amazon.com, Inc. and countless more. Product dependent stuff can be found as well in Epic games, next to Datarouter-Services who can work together or replace each other.

Can anything of this Epic stuff be blocked?
Comments have been made on relevant passages. Even if you don't use Epic's service active, passive (META) data, will be send to their servers. If you don't need any online functions you can even disable the api and other stuff (as long as it is not required for the product initialization).

Otherwise it is simple. Refund your games, don't use Epic's platform, don't link your accounts, don't get baited with "goodies" like dogs, don't play games with UE Engine, don't play games with Epic services, renounce and above all... refrain from mendacious double standards that often occurs.

If you like the article, leave me a rating or award here, browse through the other guides and articles, share infos and see what you can do yourself. If there are any comments, questions, requests, additions or corrections I will gladly take note of them.

Steam
Add me, use the comments on my profile, my primary group or group-chat. No membership mandatory
Please note Steam's platform rules

Website
Github: Host Templates and more[github.com]
Website[gameindustry.eu] and Contact[www.gameindustry.eu]

Original article on gameindustry.eu
Link: https://gameindustry.eu/blog/block-spyware-from-epic-games-inc/