Apparently the GShade devs have decided to "own" someone by installing malware in the latest GShade update. Because they don't want someone using a "competitor" of their free software that is a fork of ReShade to begin with.
So yeah. Twitter is in a meltdown over this, as you might imagine.
Save your presets and uninstall from the file folder, not the launcher, as it'll force you to install an update (with the malware on it!) first.
Which'll restart your system if you try to use something other than GShade.
Also:
CAN WE GO A DAY WITHOUT SOMEONE IN THIS COMMUNITY GETTING UP THEIR OWN ASS ABOUT HOW IMPORTANT THEY THINK THEY ARE TO A FRACTURED-OVER-SOCIAL-MEDIA GLOBAL FANDOM?!
An update. A bit late and maybe they should have explained things to start instead of trying to browbeat a kid in the chat. Between this and the weird as heck image a lot of folks got throwing text all over their screens insisting they check the FAQ, they've been real weird lately.
On the recent concerns involving GShade:
I would like to personally apologize for the undue stress I may have caused both the community and our Moderators in the process of attempting to improperly address an ongoing situation.
As part of a conflict with third parties attempting to redistribute copyrighted assets with GShade without permission, an anti-tampering function was added to GShade's installer to trigger restarts in the event that a third party, external software, or library utilized the GShade installer's functions without actually running it. It was not possible to trigger this function by running the GShade installer normally.
This function has been removed from the GShade installer, and will never be re-implemented again. Moving forward, I will also be looking into easing up the update requirements associated with GShade, as they are ultimately what led to this conflict in the first place.
Software developer here. I work for a large software company you almost certainly have heard of. Opinions here do not reflect those of my employer. You know the drill. I am seeing some arguments that this gshade update does not meet the admittedly nebulous definition of malware. I disagree. While it is a very minor case of such, the fact is, the software is taking action that the end user does not expect, that is not necessary for the operation of said software, and can have an adverse outcome. A restart is mild, but the software has no need to invoke a restart, does not warn the user that it is doing so, and is not expected to do so. Pretty simple. As a software developer, my duty is first to the end user (or, less often, to a client). As such, it is my responsibility to act in their best interests first. Putting in a change that restarts the user's machine just because I do not like -how- they are choosing to use the software violates this duty, in my opinion. I see a few comments that this kind of action is not uncommon in proprietary software. I would like to examine that and ask the question as to whether or not we should view that as acceptable behaviour either. Wanting to protect your own work is, I believe, reasonable. Taking actions to protect your own work from external or malicious actors is also reasonable. However, as the saying goes, your right to swing your fist ends at my face. Actions you take to protect your software should end at the boundaries of that software. And the nature of our work, as developers, is that our software is only part of the equation. The other parts are the environment in which it runs, which we do not control, and the hardware it runs on, which we do not own.
The end user has a right to decide what runs, and how, on their machine. I believe they should also have the right to interact with it how they see fit. The most appropriate way to handle this (if there is an appropriate way at all) would have been, perhaps, at most, a trigger to shut down in the GShade process if it detected tampering. That is it. Triggering a restart on the host machine, which again, is hardware that belongs to someone else in an environment created by someone else, is an overreach, unless you already have a pre-existing agreement in place with the person or persons who ultimately own and control the environment the code will run in. I believe that GShade is, at this point, malicious software from a developer I no longer trust.
Triggering a restart also potentially mess up with people's data. Causing corrupt or loss of data. And in extreme cases can cause problems with the system (e.g., restarting while in the background something is updating).
And as @driftward had explained, it was a totally unexpected action. I mean, when I'm updating drivers, I will close everything because a Restart is part and parcel of updating drivers. ReShade -- from which Gshade was forked -- is a per-app injector that does not need a restart because it fully exists in userspace, and not running when the app in which it's doing its injection is not.
So it's borderline malware.
