Epic Games head Tim Sweeney has popped into a Reddit thread to address concerns that the Epic Games Store client was showing sketchy behaviors by poking around into unnecessary files.

Most of the accusations brought up by the thread are unfounded, though Sweeney notes that one file accessed by the Store should only be done after a user opts into the feature and will be changed in the future. Both Sweeney and Epic's VP of Engineering Daniel Vogel address the uses for the specific files called out in the thread, offering a somewhat unusual, transparent look at how the storefront interacts with the machine running it.  

The original author of that thread agrees that the accusations are born out of “amateur analysis,” analysis presented alongside a conspiracy theory while raising concerns that Tencent’s minority stake in Epic means the store reports private data to the Chinese government, a conspiracy theory Ars Technica says Sweeney has had to refute several times in the past.

This time around, Sweeney notes that he’s happy to see more and more PC players poking around into and analyzing what their software is doing, but that it’s important that fact remain separate from wild speculation when that does happen.

"In analyzing the results, it's important to distinguish the normal from the abnormal; e.g. much of the commentary is over what the normal open-source Chromium embedded web browser does upon startup; and to separate technical analysis from inflammatory rhetoric, such as the insane claim that we're a bunch of Chinese spies," wrote Sweeney.

This thread, meanwhile, says that the Epic Games Store pokes around in a computer and enumerates running processes on a computer, accesses DLLs in directories for other applications, looks at Internet Explorer cookies, and stores hardware information. Another person in the replies points out that the Epic Games Store also makes a copy of Steam’s localconfig.vdf file if the competing storefront is installed on the same machine.

In most cases, those actions are perfectly innocuous and are used to feed data into things like an anonymized hardware survey or Epic’s Support-a-Creator program, explains a response from Vogel. 

That Steam file is the one Sweeney says will be addressed in an upcoming update. The current set up has the Epic Games Store pull the localconfig.vdf file from Steam right away, but only uses it if an EGS user tries to import their Steam friends list into the Epic Games Store. It’s a remnant from the early days of Fortnite, Sweeney says, and one that was born out of the pressure he put on the client team to quickly roll out social features for the game early on. 

"You guys are right that we ought to only access the localconfig.vdf file after the user chooses to import Steam friends. The current implementation is a remnant left over from our rush to implement social features in the early days of Fortnite," wrote Sweeney. "It's actually my fault for pushing the launcher team to support it super quickly and then identifying that we had to change it. Since this issue came to the forefront we're going to fix it."