[Suggestion] sanitize personal info from packet parses

I would really love to contribute to this project because I am very much attracted to the ideal of a community-based project such as this that promotes learning & creativity.

My coding skills are amateurish at best. Even that might be a bit of an overstatement. I decided that the best way to contribute would be to supply some relevant sniffs. As an exercise I ran a full sniff of Valley of Trial and Durotar from level 1-12 with all quests on a brand new orc shaman. I spent a lot of time dawdling, and following patrolling npc’s and mobs. I talked to every npc in game. Afterward I used the WowPacketParser to take a look and see what my efforts had generated, and I have to say that I am very very very uncomfortable with the amount of personal information that was contained in there.

Honestly, I don’t even like the idea of submitting them on a write only forum. I don’t like the idea of putting that information out there beyond my control and into the hands of people I don’t know at all. I get that the forum is write only in order to prevent unsavory characters from having access to it. But what guarantee is there that the people who DO have access to it are not going to misuse it? What guarantee is there that some talented programmer from Blizzard hasn’t wormed his way into the developing process of this open-source project?

My suggestion is that the code for the PacketParser be altered in such a way that it verifies that the data is genuine and then replaces personal (and completely irrelevant) information with garbled text, x’s, or something else that cannot be traced back to a source. There is no reason that anyone developing this project could possibly have to need to know my server name, account name, or the names and levels of all my toons.

I have been playing on my account for several years. I am in a mythic progression raiding guild and could offer some very good data if I felt more at ease about the possibility of negative repercussions. I do not want to place my account in a position to be compromised and/or banned. I’ve invested almost a decade and several hundred dollars into it.

I cannot speak for anyone else, but if you manage to find some way to sanitize personal data from parses, I can promise that you will be swimming in them from me. I’ll parse the whole damn game, front to back, every race/class combo.

edit: After thinking about it a bit. I do understand why knowling character level could be important. I mistyped. Also, I realize that the sanitizing change would have to be made to the sniffer and not the PacketParser. An unsanitized sniff could still be used to harvest personal information by anyone with half a brain.

We can’t, a lot of packets needs the personal info to work properly.
P.S for now no one has been banned because sharing the sniffs.

I was afraid that might be the case.

Also, the problem is bigger when it comes from unknown opcodes that can have personal data and we are unable to parse them (warden).

I have created an issue for you in the WPP repository at https://github.com/TrinityCore/WowPacketParser/issues/171

Let’s discuss the problem there, thanks.


–dup post–

Perhaps instead of reformatting entire packets, just parse what you know, as an example: creature,location for spawns and create a text file from that. Limit it to one type (like spawns, vendors) that you do know That way you can have individual files that have spawn data for each zone, area, etc., “spawns_stormwind”, “spawns_ironforge”, “spawns"shadowmoonvalley”. This would allow those working the db side to get initial data “bases” programatically entered with fine tuning/scripting coming later on.