This AMA is about the new ownership, and they talk about allowing online services as a form of DRM in it. So at least that policy is staying in place.

I’ve got “Good Old Games” that are more than 20 years old with self hostable online multiplayer. No accounts, no CD keys, nothing. Make a random plain text display name, forward some ports or use a community/proxy server, and you can play with whoever you like. GOG can make excuses as much as they want to try to appeal to publishers, but they are by definition hosting games with DRM.

I will admit that I foolishly believed someone else’s summation on the situation; that sourced report, assuming the emails are real, is pretty damning. Notably the email correspondence between publishers/developers and Valve does not mention any official policy, but without additional context comes off as threatening… multiple examples of punishment and out right removal from the store, wow.

And incidents as recent as 2022. I would have figured the older examples would be there because Valve was a lot more blatantly corrupt when they were first forcing the Steam client on consumers. People tend not to bring up when Valve was buying exclusivity of already released retail CD games and taking them off shelves to force Steam exclusivity. Wonder why its taken this long to come out in a court case? Its not like there isn’t a long, recent history of indie devs yelling publicly on the internet about the dumb shit Valve puts them through.

Thats part of the problem though. Supposedly catfriend1 gave researchxxl their signing keys, and researchxxl used these on their new github account. No one was aware that catfriend1 was not maintaining the repo anymore until users saw unexpected/unannounced updates and looked into the matter. This sparked a short lived discussion on F-Droid forums about what should be done when maintainer transfers are handled poorly like this. F-Droid admins decided that it wasn’t that big of an issue, which is problematic… this supposedly happened between two people meeting each other online and discussing it with each other. But its possible that catfriend1 is being blackmailed or otherwise coerced into handing off this data. This type of credential attack could happen with a compromised machine, without the victim ever realizing it in time. The fact that F-Droid treats this so casually is upsetting. Signed developer certificates protect you from MITM attacks, it does not protect you from the sources themselves being compromised.

Years ago, official development of an android app of syncthing was abandoned by the official developers. Most android users migrated to an already existing fork by a github maintainer catfriend1.

Catfriend1 unceremoniously disappeared, with their github repositories being taken over by a new user researchxxl. This was entirely unannounced and wasn’t really discovered until people with automatic updates enabled on *Obtanium noticed it.

researchxxl is not a known community member, and is being very reclusive when interacting with the syncthing community. Their github account was made specifically for the repository transfer, and their method of handling existing credentials is suspicious; looking no different than a hostile take over.

At this point in time, they are collaborating with Nexon, a user who worked with catfriend to publish syncthing fork builds to Google Play. They are more well known and trusted. If you can trust Nexon, and trust that end users in general are putting more scrutiny on the github source code after this whole situation, you can probably trust the recent releases for now.

Sorry for any details I may have gotten wrong. AFAIK, no one has taken the time to document all the things that have gone down. I would have linked to such a document otherwise. A lot of the discussion on this is happening in separate discussion threads, one of them being researchxxl’s github issue page, which they are censoring/deleting discussions from with(till recently) no oversight.

*Edit: this is also a poor summary. There is a lot of additional context that I don’t feel comfortable trying to encompass. Like why the official syncthing developers stopped their official android app, or catfriend1’s forum account coming back for a short time to try to explain their side of the story. Frankly, for how many people are using syncthing, I don’t think this story is getting enough attention.

**Telling developers that they can’t have bigger discounts on other store fronts is an unsubstantiated claim by one developer. The official policy has to do with discounting Steam keys, ie selling a Steam game for less than on the Steam store, while keeping all profits and taking advantage of Steams features.

If general sales were actually being restricted by Steam, it would have been made immediately obvious with sites like isthereanydeal. Such a site would have no reason to exist if the Steam store would always have the best discounts due to forced store policy.

*EDIT: Was gonna strike through this text, can’t get formatting to work. See below comment by Rose@lemmy.zip

“Overwhelmingly positive” please spend at least 5 minutes reading the GOG general discussion forums and get back to me. GOG is constantly being criticized by their main user base for how poorly they run their store and their nonsensical business decisions. I don’t think this is a bad thing tbh; its a better situation than the Steam fanboys being creepy boot lickers. But I would not describe GOGs most adamant supports being universally “positive” about the state of the store and company.

The general customer base of GOG does not care about the Galaxy 2.0 client, or GOGs collaboration with Amazon Luna for streaming owned titles. I don’t know what other “good features” you could be referring to. GOG is barebones, but competent, in the world of digital store fronts/game launchers. But obviously being competent is not enough when dealing with an entrenched monopoly.

Most gamers do not care about DRM. This is the same market that is suffering from enshittification at an abnormal rate. This market has already long normalized things like gambling mechanics advertised towards children, or installing spyware for the sole purpose of stopping cheaters. Outside of the bubble of online discussions, the target audience does not think about these things and will buy whatever slop is put in front of them. Clearly the people who buy Denuvo releases at launch on Steam do not feel any reason to buy games on GOG specifically. And judging by public sales/player data, that’s a lot of people.

They aren’t even reliably committed to no DRM. They frequently sell games that require GOG Galaxy accounts to access certain content(online/multiplayer functionality, DLC packs). GOG has explicitly gone on record saying that these forms of DRM are acceptable, despite running a store for years without them.

And preservation of old games(at least how they are doing it) is an inherently unprofitable service. Them preserving games that they don’t even have the licensed right to sell is one of the dumbest decisions they have made so far. Most of their older releases have just been grabbing a bunch of existing fan patches into a more polished installer; these sorts of tasks will always end up in the hands of hobbyists who would do this work without being paid.

I feel like at this point, you have to focus on individual developers/publishers if you want to properly support DRM free releases. Having brand loyalty to GOG will get you nothing.

I don’t see anyone mentioning Fooyin, which seems to be an attempt at being an open source clone of Foobar2000, right down to its plug in system.

Its making me feel concerned. Is there a reason foobar fans aren’t using it? Do they just not know about it? Its missing a few features here and there, but the UI is so 1 to 1 that I can’t imagine trying to use anything else as a replacement.