2 hours ago, B777ER said:

PR fallout

It's already reached catastrophic proportions – you only have to look in other corners of the internet.

What's happening right now can only be explained by the producers' boundless overconfidence.

To put it cautiously (and so far based only on rumors, which are, however, becoming increasingly credible): If it turns out in the coming weeks that OC3 is more or less scanning all hard drives of PMDG's customers, then that would be a clear violation not only of EU data protection laws.

It looks like exciting times are ahead (at least) for IT lawyers.

Edited December 16, 2025Dec 16 by MaGer1965

If the price for a discounted upgrade is $49.99 USD that is $75 for us Australians and that is a massive rip off and PMDG lied.

I wouldn't pay more than $30 USD. Let's just wait and see.

 

43 minutes ago, MaGer1965 said:

It's already reached catastrophic proportions – you only have to look in other corners of the internet.

What's happening right now can only be explained by the producers' boundless overconfidence.

To put it cautiously (and so far based only on rumors, which are, however, becoming increasingly credible): If it turns out in the coming weeks that OC3 is more or less scanning all hard drives of PMDG's customers, then that would be a clear violation not only of EU data protection laws.

It looks like exciting times are ahead (at least) for IT lawyers.

In some chat group, some members claimed they used a leaked version of the PMDG 737 for MSFS 2024 and subsequently received warning emails demanding payment. Even users who are legitimate customers of other PMDG products reportedly got banned as well. How did PMDG find out these individuals were using the leaked 737 (of course, using a leaked copy is wrong), especially since some say they even renamed the file directories, yet were still detected? Could it be that OC3 at least scanned the community folder? For now, this issue hasn't gained widespread attention yet.

For me, scanning my computer is unacceptable. I might stop using PMDG—or at least OC3—even though I’ve purchased the 737, 777, and DC-6.

24 minutes ago, MayuyuYukirin said:

In some chat group, some members claimed they used a leaked version of the PMDG 737 for MSFS 2024 and subsequently received warning emails demanding payment. Even users who are legitimate customers of other PMDG products reportedly got banned as well. How did PMDG find out these individuals were using the leaked 737 (of course, using a leaked copy is wrong), especially since some say they even renamed the file directories, yet were still detected? Could it be that OC3 at least scanned the community folder? For now, this issue hasn't gained widespread attention yet.

For me, scanning my computer is unacceptable. I might stop using PMDG—or at least OC3—even though I’ve purchased the 737, 777, and DC-6.

more apps do this. Contrail app shows also the add-on bought through other vendors. It can only do that because they looked up the entries in community folder. 

Also how would you handle updating. It needs to check what version is on your system.

1 hour ago, MaGer1965 said:

It's already reached catastrophic proportions – you only have to look in other corners of the internet.

What's happening right now can only be explained by the producers' boundless overconfidence.

To put it cautiously (and so far based only on rumors, which are, however, becoming increasingly credible): If it turns out in the coming weeks that OC3 is more or less scanning all hard drives of PMDG's customers, then that would be a clear violation not only of EU data protection laws.

It looks like exciting times are ahead (at least) for IT lawyers.

I think we're getting a bit ahead of ourselves with these claims.

OC3 wouldn't need to scan a full hard drive.   Just like A2A, PMDG addons have an encrypted signature, tied to the purchaser.   In the leaked beta, that version will be tied to the controlled beta release.

So OC3 will naturally check the licence and will see that it is the beta licence.  

I don't think there's anything illegal with software checking for a current, legitimate licence.

5 hours ago, JYW said:

I don't think there's anything illegal with software checking for a current, legitimate licence.

This also ignores some very relevant history in this hobby.

We’ve already been here before with the FSLabs malware incident, where “copy protection” crossed a line and the community quite rightly reacted with outrage. Back then, the argument was also that it was about protecting IP — and it was still unacceptable once it touched users’ systems in opaque and invasive ways.

What’s puzzling now is the double standard. When FSLabs did it, the reaction was universal condemnation. When PMDG is suspected of doing something even remotely similar, suddenly we’re told to relax, trust the developer, and assume everything is fine.

That’s not how trust works — especially under EU data protection law, where assumptions and good intentions are irrelevant. Transparency, proportionality, and informed consent are the baseline.

Yes, licence checks themselves aren’t illegal. No one is arguing that.

But after past incidents, users are absolutely justified in demanding clear technical disclosure of what OC3 accesses, how broadly, and for what purpose — before dismissing concerns as hysteria.

If anything, history shows that skepticism here isn’t paranoia — it’s learned behavior.

Edited December 16, 2025Dec 16 by Ray Proudfoot
Converted to standard text.

2 hours ago, MikeH99 said:

If the price for a discounted upgrade is $49.99 USD that is $75 for us Australians and that is a massive rip off and PMDG lied.

I wouldn't pay more than $30 USD. Let's just wait and see.

 

Let's give PMDG a chance to charge a fair price before being critical about their pricing policy.

28 minutes ago, Johnny19 said:

This also ignores some very relevant history in this hobby.

This is different because OC3 is doing what all launchers do already - they scan and manage files within your Community folder. That's how they can tell if the addon is installed, if it needs updating, if a livery you've downloaded has an update, and so on. Contrail, Simmarket, Fenix, etc etc etc all do this.

For PMDG to run their copy protection is part of this function, and very likely completely non-intrusive to the user. Because all it has to do as part of it's normal operations is to see that the new 737 is installed but it doesn't have your licensing details on file. So how can that be? Therefore, you can flag that user as a potential pirate and trigger a warning. Even better - PMDG knows the licensing info or person-specific data that will be included with every copy of the leaked addon so all they need to do is simply look for that.

Like I said - all of this is reasonable within the functionality you'd expect from an addon launcher. Very likely no personal data is actually transmitted. The check is done on the user's machine and the system just flags the account - something you need for OC3 anyway.

Let's compare this to the absolute staggering malicious incompetence from the FSLabs team:

They...
- infected copies with malware that attached to the kernel of whatever machine it infects
- received all stored passwords and sensitive data that the malware would scoop up (completely unencrypted to boot)
- caused harm to actual paying customers, not just the pirates - who by the way removed the protection as quickly as it was noticed
- acted like absolute nonces and threatened lawsuits for anyone who dared to challenge them on this

Nothing of what they did was within any reasonable attempt at copy protection, and I'd argue the fallout says more about the kind of company they are than the act itself.

Edited December 16, 2025Dec 16 by Georgleboui

@Georgleboui

I don’t think this comparison really holds up, and I do think some relevant history is being conveniently glossed over here.

Yes, launchers scan the Community folder — that part is not disputed. The intent and scope of what’s being scanned absolutely is. There’s a big difference between:

checking whether your own product is installed / up to date
and

actively scanning for other products and using that information to flag users as potential pirates

That’s where this crosses a line for a lot of people.

The argument of “it’s very likely non-intrusive” is doing a lot of heavy lifting without evidence. Users are being asked to simply trust that:

no personal data is transmitted

no data beyond what’s strictly necessary is checked

no false positives occur

no future expansion of this behavior will happen

Given PMDG’s past attitude toward customers, skepticism is entirely reasonable.

And yes — FSLabs was objectively worse. No one is arguing otherwise. Kernel-level malware was insane, and they deserved every bit of backlash they got. But “this isn’t as bad as FSLabs” is a very low bar, not a defense.

The real issue isn’t how bad it is compared to FSLabs — it’s whether this behavior should be considered acceptable at all. History matters here because the community already learned, the hard way, that normalizing intrusive DRM under the banner of “copy protection” leads to bad outcomes.

Once you normalize:

“It’s okay for a launcher to look around and make judgments about what else you have installed”

you’ve shifted the trust boundary — and getting that trust back later is almost impossible.

So no, this isn’t malware.

No, it’s not FSLabs-level insanity.

But it is a step in a direction many of us don’t like, and pushing back early is exactly how you avoid repeating past mistakes.

Edited December 16, 2025Dec 16 by Ray Proudfoot
Converted to standard text

Software protection systems should never, under any circumstance, deal with actual owner data (nor scan anything without user consent). Use auth tokens, like every properly implemented security system or similar approaches.

Edited December 16, 2025Dec 16 by Nuno Pinto

6 minutes ago, Johnny19 said:

actively scanning for other products and using that information to flag users as potential pirates

If by 'other products' you mean the products it's supposed to manage then yes. It's not looking at whether you have iFly and then wiping your flight sim install.

The PMDG 737 for 2024 is a PMDG product that is normally managed by OC3. Again, it's reasonable that if OC3 detects you have that product but either a) you don't have a license on file or b) the installed copy has a fingerprint of the leaked beta then it flags it. 

Also don't shift the goal posts on me. You asked the question why we aren't all condemning PMDG when FSLabs did something similar. My point is that one is a fairly standard copy protection system in the industry, and the other is exceptionally bad and illegal.

1 hour ago, Johnny19 said:

This also ignores some very relevant history in this hobby.

 

We’ve already been here before with the FSLabs malware incident, where “copy protection” crossed a line and the community quite rightly reacted with outrage. Back then, the argument was also that it was about protecting IP — and it was still unacceptable once it touched users’ systems in opaque and invasive ways.

 

What’s puzzling now is the double standard. When FSLabs did it, the reaction was universal condemnation. When PMDG is suspected of doing something even remotely similar, suddenly we’re told to relax, trust the developer, and assume everything is fine.

 

That’s not how trust works — especially under EU data protection law, where assumptions and good intentions are irrelevant. Transparency, proportionality, and informed consent are the baseline.

 

Yes, licence checks themselves aren’t illegal. No one is arguing that.

But after past incidents, users are absolutely justified in demanding clear technical disclosure of what OC3 accesses, how broadly, and for what purpose — before dismissing concerns as hysteria.

 

If anything, history shows that skepticism here isn’t paranoia — it’s learned behavior.

What in the Ai is this? 

11 minutes ago, MikeV1 said:

What in the Ai is this? 

If calmly explaining how launchers have worked for the last decade counts as AI now, then sure. It’s called Ivan, who’s been around this hobby long enough, 25 years to be exact, long to remember how launchers have worked for years.

4 hours ago, MayuyuYukirin said:

Even users who are legitimate customers of other PMDG products reportedly got banned as well.

I don’t believe them. A lot of us, especially on their Discord, copied over the 2020 version. No one here posted that they got banned. None of the regulars on their Discord or forums posted about the false positive. 

That’s because OC3 will see the version as 2020, note you own it, and go on with its life. 

What these people likely did was load OC3 to try and install liveries and OC3, rightly, flagged the accounts. 

2 hours ago, Johnny19 said:

@Georgleboui

I don’t think this comparison really holds up, and I do think some relevant history is being conveniently glossed over here.

 

Yes, launchers scan the Community folder — that part is not disputed. The intent and scope of what’s being scanned absolutely is. There’s a big difference between:

 

• checking whether your own product is installed / up to date
  and
• actively scanning for other products and using that information to flag users as potential pirates

 

 

That’s where this crosses a line for a lot of people.

 

The argument of “it’s very likely non-intrusive” is doing a lot of heavy lifting without evidence. Users are being asked to simply trust that:

 

• no personal data is transmitted
• no data beyond what’s strictly necessary is checked
• no false positives occur
• no future expansion of this behavior will happen

 

 

Given PMDG’s past attitude toward customers, skepticism is entirely reasonable.

 

And yes — FSLabs was objectively worse. No one is arguing otherwise. Kernel-level malware was insane, and they deserved every bit of backlash they got. But “this isn’t as bad as FSLabs” is a very low bar, not a defense.

 

The real issue isn’t how bad it is compared to FSLabs — it’s whether this behavior should be considered acceptable at all. History matters here because the community already learned, the hard way, that normalizing intrusive DRM under the banner of “copy protection” leads to bad outcomes.

 

Once you normalize:

 

“It’s okay for a launcher to look around and make judgments about what else you have installed”

 

you’ve shifted the trust boundary — and getting that trust back later is almost impossible.

 

So no, this isn’t malware.

No, it’s not FSLabs-level insanity.

 

But it is a step in a direction many of us don’t like, and pushing back early is exactly how you avoid repeating past mistakes.

This is directly and obviously ChatGPT. Not saying it’s right or wrong, just telling you guys that all these comments are copy pasted from ChatGPT. So you decide whether you want to argue with AI via this forum or go argue directly on ChatGPT’s site.