Gabe Newell Responds: Yes, We're Looking For Cheaters Via DNS

dotarray writes "Valve has stepped up to answer allegations that the company's anti-cheat system was scanning users' internet history. Rather than a simple, sanitized press release or a refusal to comment on 'rumours and innuendo,' Valve CEO and gaming hero Gabe Newell has personally responded." Newell or not, not everyone will like the answer. The short version is that Yes, Valve is scanning DNS caches, with a two-tiered approach intended to find cheating users by looking for cheat servers in their histories. Says Newell: "Less than a tenth of one percent of clients triggered this second check, accessing the DNS cache. 570 cheaters are being banned due to DNS searches."

Still abusive

[i+kan+reed]

Sorry Gabe, you're not allowed to see my DNS history. You aren't allowed to see GabeNewellNatiliePortmanHotGritsFanFiciton.net in my history. That's not allowed.

Re:Still abusive

[PhrostyMcByte]

The app is comparing DNS records with a client-side database of cheat sites, and if it finds a match sending it to Valve's servers for verification & ban-hammer. It's not sending every site you visit, unless the only sites you visit were via DNS records used by cheat developers.

Re:Still abusive

Part of my job involves me going to these kind of sites and seeing what's happening. Visiting does not imply guilt, and, in fact, I am not cheating at any games. Not that I even own multiplayer Steam games, but that just furthers my point. Why should I be considered at risk of being banned when I am not cheating?

Re:Still abusive

[Andy+Dodd]

So what if someone puts a URL for a cheat site in a forum comment somewhere, disguised as something else?

Re:Still abusive

[ebrandsberg]

did you even read his response? They look for indications that the cheat is in play, THEN they check DNS as verification, and send a HASH of the dns name to their servers for comparison. This means they don't even see the actual dns name on their side, they can just check against known hashes of the sites the DRM used for verification. That is why it is two staged. Simple existence of the names in your DNS cache won't trigger the ban hammer.

Re:Still abusive

[Zembar]

He specifically says that it doesn't care about what web sites you are visiting, it's the adresses to the cheat DRM servers it looks for, to detect if a cheat has dialed home from that computer. It only checked this if the account was already suspected of using the cheat.

So, in an impressive turn of events, many cheats now include DRM and anti-cheat codes. These phone home to a DRM server that confirms whether or not a cheater has paid to use that particular cheat

Also, he says that since the cheats invented countermeasures to this in just 13 days, they already stopped doing it. The summary is quite misleading. (Not necessarily a big surprise on slashdot...)

Re:Still abusive

So you can't be good at video game and curious about technologies at the same time?

Re:Still abusive

Not only did you fail to RTFA, you failed to read the fucking comment you replied to. Please stop posting.

Re:Still abusive

[Bob9113]

The app is comparing DNS records with a client-side database of cheat sites, and if it finds a match sending it to Valve's servers for verification & ban-hammer. It's not sending every site you visit, unless the only sites you visit were via DNS records used by cheat developers.

Compare: We record images using your laptop's webcam, but we only look at them if our software algorithm thinks the images show you doing something that violates our ToS.

Re:Still abusive

[jittles]

The app is comparing DNS records with a client-side database of cheat sites, and if it finds a match sending it to Valve's servers for verification & ban-hammer. It's not sending every site you visit, unless the only sites you visit were via DNS records used by cheat developers.

I don't care what it is sending or not sending to Valve. It's still an unnecessary invasion of privacy. In fact, its so easy to circumvent that I have a hard time believing that he is even being honest about why they are looking at the DNS records to begin with. How hard is it to clear my history, browse in Incognito mode, or do all of my cheating on a separate machine or in a VM? Trivial. And in fact, it may incorrectly flag me as a potential cheater anyway. I have looked up exploit information for games. I did not look in order to cheat at the game, but because I kept running into people who were not being busted for cheating and I wanted to know how they were exploiting the game. I was looking for a better way to tell when someone was cheating, not to actually cheat myself. The fact that so many companies are doing anything they can to get your GPS, browsing history, and other metrics from everyone's phones and personal computers is something that needs to be addressed. It's just not reasonable to expect the end user to know what is going on with their private data. It's too easy for an application to steal that info without the user having any idea.

Re:Still abusive

[Cley+Faye]

If you manually visit the domain used internally by cheats for DRM checking, it's beyond curiosity.

Re:Still abusive

[wagnerrp]

It's more like an anti-theft service that when it thinks the laptop may have been stolen, it then turns on the camera to see who is using the laptop. Access to the DNS cache is only triggered by some other first-tier behavior.

Re:Still abusive

[QuietLagoon]

did you even read his response? They look for indications that the cheat is in play, THEN they check DNS as verification...

Explaining something does not justify it. They should not go rummaging through my computer. Period.

Re:Still abusive

[Anubis+IV]

So you can't be good at video game and curious about technologies at the same time?

You can be, actually. As Gabe pointed out, the cheats these days have DRM installed to ensure that users of the cheat are actually paying for it. VAC, if it detects indications of the cheat, checks to see if the DRM's phone-home servers are in your DNS record, then sends back hashes of those servers for verification in Valve's system. It was made pretty clear that merely visiting the site for a cheat to check it out, whether intentional or accidental, would not result in getting flagged for the DNS check, let alone getting banned. Even purchasing the cheat would not get you banned, in and of itself.

Basically, the DNS check only kicks in after you've purchased a cheat and used it in a game, at which point you've crossed the line from mere curiosity into abuse, and even then, they weren't banning people immediately, but rather doing the DNS check for final confirmation of cheating activity. And even then, it's only looking for the phone-home servers, not the web servers, used for those cheats, so people who were merely good players and had looked at the servers for the cheat without ever installing and running it would be perfectly fine.

So...what's your gripe then?

Re:Still abusive

[wagnerrp]

I don't care what it is sending or not sending to Valve. It's still an unnecessary invasion of privacy. In fact, its so easy to circumvent that I have a hard time believing that he is even being honest about why they are looking at the DNS records to begin with. How hard is it to clear my history, browse in Incognito mode, or do all of my cheating on a separate machine or in a VM? Trivial.

It's not your web browser accessing cheat websites, it's your cheat software itself accessing its servers. Clearing your history or browsing in Incognito mode won't do anything. You cannot use a VM, since the cheat software must be run on the same machine as you are running the game (and VAC).

And in fact, it may incorrectly flag me as a potential cheater anyway. I have looked up exploit information for games. I did not look in order to cheat at the game, but because I kept running into people who were not being busted for cheating and I wanted to know how they were exploiting the game. I was looking for a better way to tell when someone was cheating, not to actually cheat myself.

Then it will not flag you as a potential cheater, since you were not running the cheat software to access the DNS entries in question. Further, it would never flag you as a potential anyway. This mechanism is only triggered after some other behavior has already flagged you as a potential cheater. This is a confirmation mechanism.

While the basic idea of a piece of software accessing and reporting this information, at least in Valve's public explanation of what they were doing, it was entirely in good faith.

Re:Still abusive

[AC-x]

Don't worry, all the DNS names were MD5 hashed, so Gabe will only know you visited b80747491a0922eeaf0d800983ddc886 :)

Re:Still abusive

[Krojack]

I once wrote a fishing bot for World of Warcraft. I was curious how it worked and if I, myself, could make one. I was successful. Afterwords I never used it again.

It's my way of learning little things on my off time when I'm bored. It's better than watching reality TV afterall.

Re: Still abusive

If there are no false positives pre-check of DNS then why would they need to go all NSA on our asses? And if there are false positives then there are going to be skilled players who get wrongly banned cause they visited a site.

Re:Still abusive

[mrchaotica]

So what? It's still a violation of my privacy and therefore unethical.

Re:Still abusive

[The+MAZZTer]

Fortunately, the DNS cache is only checked if VAC detects you USING a cheat. Furthermore, you can visit cheat sites all day, VAC doesn't care. What it does care about are whether your PC is talking to DRM auth servers used by some cheats... only the cheats are going to be connecting to those servers.

Re:Still abusive

[Krojack]

I agree with you 100% however I'm guessing somewhere in the super duper fine print that you agree to when installing Steam, you give them permission to do this. If it's not there it will be within the next week.

Re:Still abusive

[toopok4k3]

Uninstall steam then. You have that option.

Re:Still abusive

[Wovel]

It's not your browser cache...

Re:Still abusive

[Ronin+Developer]

I am not a gamer so I don't know if this is permitted by their TOS.

However, I don't care if they are sending a hash or the actual DNS inquiry. If they have a matching hash on their end, they are simply translating one entry into another form and back again. How do we know the limit of hashes for sites they have accumulated outside of known cheat sites?

If their TOS permits it, well, then buyer beware. But, I remember how everyone kicked and screamed when Apple and Microsoft did similar things.

They ARE examining your personal DNS history cache and sending, supposedly, matching entries. That is spyware - pure, simple and evil.

Re:Still abusive

[jader3rd]

Sorry Gabe, you're not allowed to see my DNS history.

So what OS model can we use to isolate one program from another? Do we want that kind of model?

Re:Still abusive

[jader3rd]

They should not go rummaging through my computer. Period.

Then prevent them. Use an OS that prevents on application from rummaging through your computer.

Re:Still abusive

[toopok4k3]

Yes, so what?

Re:Still abusive

[Bob9113]

It's more like an anti-theft service that when it thinks the laptop may have been stolen, it then turns on the camera to see who is using the laptop.

That would be me choosing to enlist my private sensors in a service that is specific to the use of those sensors. Two significant differences in this case: In the narrow sense, the user has not given informed consent to the use of his private sensors. In the broader sense, our society has not had a frank discussion about requiring access to a person's private sensors as a condition of the sale of an urelated product.

Re:Still abusive

Zembar said, "He specifically says that it doesn't care about what web sites you are visiting,"

Well, not yet at least.

Re:Still abusive

[ebrandsberg]

If you think looking at DNS is abusive, you probably don't want to know what it takes to find installed rootkit based cheats or similar. The fact that they are only sending hashes of the names found, in my mind, makes this a reasonable approach as a 2nd pass to verify that they don't have false positives. From the way I read this, the idea is to do a 2nd check just to verify that the first check didn't flag you incorrectly.

Re:Still abusive

So thou can't protesteth too much and maintain their innocence at the same time?

Re:Still abusive

[CrankyFool]

This isn't quite the same as that old "well, just don't use it" canard.

Valve was engaging in a set of behaviors which you considered acceptable, and so "purchased" (more on why "purchased" is in quotes in a second) some games from them.

They've changed their behavior. Let's say you don't want to do business with them anymore. You could, of course, stop using Steam ... and lose access to all your games, which you probably thought you "purchased" in some sort of "I can use it for the rest of my life" sense, but actually just got a license to use for as long as they feel like it. This is different from a "service" where the expectation is that the benefit you're getting from them is recurring on some sort of cycle.

Someone will, doubtlessly, point out that you can put the Steam client into offline mode. To which I'll say that you can't do it indefinitely. To which they'll say "but Valve says you should be able to do that," to which I'll point to http://www.pcgamer.com/2013/11... which basically says "Valve says they want to make offline mode work 'forever', but they're not there yet."

It doesn't really matter, IMHO, that the scope of what they did here was relatively minor. The issue is that Valve, much like Sony, feels like they can trawl through your computer in areas that have nothing to do with playing the game. Today it was minor because it makes sense to start small; but if they feel comfortable trawling your DNS history -- and Newell clearly says that he has no problem with this practice -- what else do they feel comfortable doing?

Re:Still abusive

[AnttiV]

That's all fine and well and I don't have any problems with that... provided that system is ONLY activated for multi-player games. If I - or anyone else - wants to cheat in a single-player game (even if the game itself has multi-player, but the cheating happens in a single-player campaign) that's my - or their - own business and nobody SHOULD be able to prevent anyone from doing that, let alone BAN based on that.

I hate, hate, HATE cheating in multi-player games. I don't usually do it in a single-player game either, but there have been occasions when I've played a particular game n+1 times through and I just want to have some fun and see what is possible with cheats. This SHOULD BE allowed in all instances, as it does NOT, in any way, shape or form harm - or indeed affect - anyone else's gameplay.

I sincerely hope that system does not flag anyone based on cheats used while playing single-player. At MOST what a system like that should do, is disable on-line functionality while the cheat is in use. Nothing else. At LEAST not BAN anyone based on that, that just insane.

Re:Still abusive

And, if I'm using my cheat in a game I only play in single player?

Re:Still abusive

So what if someone puts a URL for a cheat site in a forum comment somewhere, disguised as something else?

Nothing would happen, since their computer would look for that URL using whatever DNS server they're already setup with (probably their ISPs DNS) rather than the special cheat DNS servers that the cheats themselves use.

Re:Still abusive

[vux984]

I am not the person you are responding to, but for my part:

At this stage I have no real gripe at all and would have opted into this without hesitation, had it been disclosed. (I also understand that disclosing it mitigates its effectiveness as the cheat makers will now all switch to ip based lookups, or rotating dns names etc to make detection more difficult, however, as this cat and mouse game between valve and cheaters is being waged on MY computer I still feel I should have some idea what is going on.)

That said, I do find it... somewhat disturbing that they took the liberty they did. The fact that they didn't abuse it still raises the issue that they could have.

When the next shoe drops will it be revealed that some anti-cheat / anti-virus / anti-malware software is quietly reading my bank statements when I view them online automatically for evidence of cheating / infection / whatever.

And it raises the point yet again just how little we collectively realize what applications are doing with data on our system, how desperately we need to figure out how to mainstream sandboxing / selinux type permissions / application partitioning etc in a way that makes it both easy and reliable, and how much information even the host operating system leaks about us to other applications.

Re:Still abusive

[squiggleslash]

Nothing. Unless you're actually doing things on an online game that would make the admins think you were cheating, you won't be victimized simply because you follow a link.

And bear in mind that they're not looking for public website domain names unless by sheer coincidence (or cheaping out on the part of the cheats vendor - yes, that's what we're talking about) the same server AND domain name is being used for both the vendor's website and for the DRM checking code in their cheat patch.

I don't think it'd make any sense for Valve to get upset about people visiting websites discussing cheats. Too many innocent hits, and besides, many websites with information like "Install this DLL for infinite lives" are also going to come up with stuff like "You get past the Hamster of Doom by picking up the Golden Sunflower Seed under the third rock, throw the seed at the hamster, and then jump, dart left, dart right, and hop over the Hamster as he swipes at you."

Everyone reading the story seems to think they're blocking the latter. They're not. They're looking for people using commercial cheats, and looking for evidence (in this case, in the DNS cache) that the commercial cheat is installed by looking at DNS lookups that would be performed by the commercial cheat itself.

Re:Still abusive

[Lumpy]

So just run a script to purge the DNS cache every 10 minutes. Solves the problem.

Re:Still abusive

[Anubis+IV]

And it raises the point yet again just how little we collectively realize what applications are doing with data on our system, how desperately we need to figure out how to mainstream sandboxing / selinux type permissions / application partitioning etc in a way that makes it both easy and reliable, and how much information even the host operating system leaks about us to other applications.

I think this is what it really boils down to. They've always been able to abuse it. The fact that they didn't when they had the chance is a good indication that they're not planning to do so, but that doesn't mean that others aren't currently abusing it. Most of the outrage here seems to be directed at Valve because they reminded us of just how vulnerable our data actually is, even if they themselves didn't abuse it.

We can use more reminders like that, though, as you said, I'd prefer that I knew about them in advance.

Re:Still abusive

Compare: We record images using your laptop's webcam, but we only look at them if our software algorithm thinks the images show you doing something that violates our ToS.

Alright, comparing... Nope, not the same, weak analogy.

First, the image from the webcam can't (in any way I can imagine) be used to detect cheating in software, so it would be irrelevant. DNS records used by known cheats are not irrelevant so it falls within the stated purpose of the VAC, and if i'm not mistaken, VAC only runs when you're actually in a VAC secured game.

Second, If the DNS record (or image in the analogy) triggers the algorithm it is hashed and the non-reversible hash is sent to Valve and compared to their hash of the offending DNS record (image), So unless they already identified that exact same DNS (picture) that you sent them a hash for, it means nothing to them except that it wasn't what they were actually looking for, they can't even tell if it was a custom DNS or Google Public DNS or whatever. (admittedly, this is where trust DOES factor in, there's nothing that would stop them from having server side hashes of a bunch of other non-cheat DNS records, but that's accusing them of something because they have the capability of doing it, not because we caught them doing it. Kind of like getting a speeding ticket because your car CAN go 120 MPH in a 45 MPH zone so obviously you were going 120 MPH.)

Re:Still abusive

[Anubis+IV]

Completely agree, and I have no idea what VAC is doing in this particular case.

Re:Still abusive

Define rummage. Not insightful. The justification was in the explanation. Justifying something does justify it.

Re:Still abusive

[ShakaUVM]

>Explaining something does not justify it. They should not go rummaging through my computer. Period.

Do you understand how VAC and similar anti-cheat software looks? It will scan through your memory looking for certain DLLs loaded, look through your computer files for cheats, and so forth.

Other than you being ignorant of what is actually happening before, I don't see anything that has changed with this announcement.

It's not like they're recording all of your metadata, uploading all your facebook posts to a data center in Utah, and targeting people for drone strikes using cell phone records.

Re:Still abusive

You have to use a detectable cheat for the software to initiate the check. And then the check looks just for that cheat's contact to a specific domain. All of this is done locally on your computer and only the results of the check tell Valve to flag for ban. As Gabe said, the actual DNS check that is triggered by the initial cheat is not sent to valve.

The way this is represented here is somewhat misleading.

Re:Still abusive

[ebrandsberg]

Not a valid comparison, because even then, they don't actually send the dns names. They send a hash of them, meaning you can't reverse the hash and find the name. In your comparison, they would send a value that allows them to determine if someone else's webcam had the exact same image visible, but nothing more. Privacy is protected.

Re:Still abusive

[SlippyToad]

Have you been banned, or are you just being a concern-troll asshole, and whining about something you don't actually understand.

Re:Still abusive

Looks like you'll be uninstalling for vague reasons then. Also, they don't rummage through your computer. when the cheat is detected locally, your own computer locally rummages itself, and if it does find that DNS evidence, only the results (presence/absence) of the check for the specific domain are relayed. Please read.

Re:Still abusive

[Baloroth]

That's all fine and well and I don't have any problems with that... provided that system is ONLY activated for multi-player games. If I - or anyone else - wants to cheat in a single-player game (even if the game itself has multi-player, but the cheating happens in a single-player campaign) that's my - or their - own business and nobody SHOULD be able to prevent anyone from doing that, let alone BAN based on that.

VAC is only activated in multiplayer games that support it, and usually only on VAC-enabled servers (in fact, you can find servers for many of those games that explicitly permit cheats). Some games only support VAC servers (specifically, some of the CODs), but those are exceptions.

Re:Still abusive

[SlippyToad]

Then don't play the fucking game.

Re:Still abusive

[erroneus]

So you're saying "yes, that's what they are doing, but your privacy is secure because they are only comparing hashes against known cheat-sites." Yeah, that's not good enough because the hash list can always be expanded to include other, more invasive hash searches for reasons other than banning. And in addition to that, this is a limit on free speech and of freedom to learn and understand how things work. Finally, it doesn't account for accidental or unintentional access to said sites.

It's tyrannical and completely unacceptable.

Re:Still abusive

[Baloroth]

Then don't connect to VAC enabled servers. It's that simple. If you connect to a VAC enabled server, you are implicitly giving Valve permission to rummage around in your computer for cheats, because that is how anti-cheat software works (all anti-cheat software. That's how they work: scanning the memory, running programs, etc.) It's quite simple, really: if you want to connect to someone else's server, and that person requires you to use VAC, then you use VAC or you don't connect.

Except for some of the CODs, you don't even have to connect to a VAC server to play multiplayer anyways.

Re:Still abusive

[Minupla]

OK, I'm going to rant a bit here, and it's not specifically directed at the parent comment.

Hashs are NOT a form of magic pixie dust you spread on information to make them magiclly private.

Consider:
You enter your SSN, the app hashes it and then sends it to me to compare against a hashed list of SSNs from some other source. I never get your unhashed SSN.

Are you safe?

No. There is NOTHING preventing me from hashing every possible SSN and comparing them. the total number of possible SSNs (ignoring for the moment that I can narrow the attack space significantly by ruling out SSNs that have not been issued yet) is not computationally prohibitive to search, even salted.

OK, now bringing us back to the case in point.

Does hashing the DNS address provide you any useful privacy preservation benefit?

Well Valve has already said that they have a list of DNS addresses they're searching for. Ergo, they have hashed that list ot compare against your DNS. How hard would it be to hash the $(sites viewed as evil by your cultural/legal framework) and compare it to your hashed DNS list. Trivial.

Do you feel like your privacy is preserved?

Min

Re:Still abusive

[higuita]

No, he can still play... just don't cheat!!
This way his DNS history will be totally safe

Re:Still abusive

[Baloroth]

And, if I'm using my cheat in a game I only play in single player?

Then, unless you have deliberately activated VAC on your private server while running the cheat (in which case, you're a moron), VAC won't do anything at all whatsoever, because VAC only turns on when you connect to a VAC enabled server in a multiplayer game..

Re:Still abusive

[pmikell]

So Valve have empowered the producers of commercial cheats to flag innocent players as cheaters simply by hosting their DRM servers on the same physical box as another non-cheat related service that gamers are likely to use.

But that power won't be abused of course because there's no correlation between charging money for enabling players to cheat in video games and being a douchebag </sarcasm>.

Re:Still abusive

[Em+Adespoton]

If you think looking at DNS is abusive, you probably don't want to know what it takes to find installed rootkit based cheats or similar. The fact that they are only sending hashes of the names found, in my mind, makes this a reasonable approach as a 2nd pass to verify that they don't have false positives. From the way I read this, the idea is to do a 2nd check just to verify that the first check didn't flag you incorrectly.

So are you saying that if I go through your mail and send the contents of anything that looks sketchy to someone, that's bad... but if I translate the contents into a different language before I send them, that's OK?

A hash is just a shortened form of the same thing. If a hash is being sent, Valve knows the site was in your DNS cache.

What they SHOULD be doing is downloading their hash list to YOUR computer, comparing THEIR list against your cache, and setting a flag if there's a match. Then, if the suspected cheat algorithm is triggered, it can check that flag (which is, of course, signed with a public key) to see its value.

This way, they've got their "possible cheat sign" without sending details back to their servers where they can track.

You see, when they're sending hashes back, they're collecting a history on each user that they can then store for as long as they feel like. They know which suspect site you've visited (after all, THEY hashed the domain in the first place; they know what it is), and the system can be easily abused.

Of course, if it's done locally, then all it takes is a quick hack to get around the detection system, and they're no further ahead. But now that the system is known, all people have to do is flush their DNS cache prior to playing and THIS system is stymied too.

Re:Still abusive

[Baloroth]

That would be me choosing to enlist my private sensors in a service that is specific to the use of those sensors.

Except in the case of VAC you did choose to enlist the use of VAC to prevent cheats, specifically, when you connected to a VAC enabled multiplayer server. VAC isn't some generic thing Valve sticks on all Steam games, you know: it's only enabled when you connect to a server that is VAC enabled (which is in every game I've player very clearly marked as such). You don't want VAC poking around on your computer? Don't play on a VAC server.

Re:Still abusive

[jittles]

I read that it was monitoring their browsing history. If they are monitoring all of my DNS activity then they are monitoring all of my network activity. Local and WAN. That's even worse.

Re:Still abusive

Nothing. Read the fucking article before asking dumbshit questions.

Re:Still abusive

[jittles]

So in other words they are monitoring all of my network activity. That's even worse. But I thought the article said browsing history.

Re:Still abusive

[acariquara]

That's all fine and well and I don't have any problems with that... provided that system is ONLY activated for multi-player games.

...You just described VAC, buddy. It's only active for a few multiplayer games, IF you connect to a VAC-enabled server. There are even multiplayer game servers that encourage cheating.

Re:Still abusive

[dmomo]

Why? Give me those domains.. I want to go ahead and manually visit them. I'm curious. And I don't even use Steam.

Re:Still abusive

[gnick]

Use an OS that prevents on application from rummaging through your computer.

It seems reasonable to you to change your OS in order to play a Windows-based game (and everything else you've purchased that runs on Windows) in a VM environment and set up all the appropriate proxies, etc., for all of your software? Methinks you're not a typical gamer... And have a lot of time on your hands.

Problem: "I think it's unreasonable for police to enter my house and randomly search everything."
Solution: "Then prevent them. Move your family to Mexico and you can all just fly back and forth every day to prevent them from rummaging through your house."

Yeah - It's just that easy.

Re:Still abusive

[Splab]

Then you probably should stop playing games - pretty much all online games with a bit of weight behind them have some form of active anti cheat software running. They will not only be scanning your files, but also actively checking memory for mischievous software.

And that was years ago when I was playing - I can't imagine their scanners are less intrusive these days...

Re:Still abusive

[pla]

So...what's your gripe then?

"I am altering the deal. Pray I don't alter it any further."

That about do it for ya?

Re:Still abusive

Someone will, doubtlessly, point out that you can put the Steam client into offline mode. To which I'll say that you can't do it indefinitely.

It's worse than that, you can't put yourself in offline mode unless you're already online. As I found out the hard way after Hurricane Sandy, when the power had been restored but the Internet was still offline and would be for a few more days. It was then I was enlightened about why DRM is never acceptable, in any form, ever.

Re:Still abusive

[jandrese]

Explaining something does not justify it. They should not go rummaging through my computer. Period.

You do understand what Valve Anti-Cheat is trying to do right? By definition it has to go rummaging through your computer to find third party cheat applications. If you don't like this, then you need to play games that don't have anti-cheating measures in place. They're a little hard to find though, because those games online communities tend to be destroyed by the cheaters.

Re:Still abusive

[Sowelu]

Sounds good. It's nice that Free games are out there. However, after playing games that don't try to detect this stuff, I'm very happy to not only give VAC permission to check my stuff but also PAY for the privilege of playing against other people who do the same thing. I guess it's kind of like going to a restaurant with a dress code... sure, maybe it "infringes" on your "rights" to wear whatever you want, but there's people who choose to pay to be in a space where everyone follows the same restrictions. It gives a certain atmosphere. But hey, go ahead and cook bacon at home in your underpants, I'm not doing anything to stop you.

Re:Still abusive

[Anubis+IV]

Not really. Valve only had the DNS check in place for 13 days, and it was only aimed at a specific set of cheats that were not engaged in the behavior you're describing. Once the cheat creators caught on, they simply modified the DNS records, rendering the DNS check worthless. Besides which, it's in their best interests to do it that way, since the last thing they'd want to do is give the impression that you could get banned for even checking out their site.

Re:Still abusive

How do you know if your fishbot worked? I'm guessing you had to test it at some point, that's a violation of the ToS. It's not a huge crime but if blizzard banned you, you'd have no right to be angry.

Re:Still abusive

[Lothsahn]

I think this was a bug. I too, experienced this behavior in the past, but on my recent travels, even when I've forgotten to put it in offline mode, I was able to play with it starting in offline mode.

While that bug was annoying, I believe it's been resolved, and you won't find this is a problem anymore. I haven't found it to be in the last 2 months.

Re:Still abusive

Which is likely to be 100% invalid in some countries (likely the entire EU).

It's not like that you can put "we get the right to sell your firstborn" in an EULA and magically it's valid.

Re:Still abusive

[Beerdood]

Most single player games on valve, or single player versions have achievements (at least 100% of the games I've purchased, around 30 or so). If you're using a cheat on single player and you're able to get those achievements as a result, then they've been devalued. I suppose they could start disabling achievements if a hack is detected, but what would be the benefit to them for implementing such a system? Then it's a constant game of cat and mouse with detectable hacks and cheats in the game.

Maybe you and others don't care about achievements or think them silly or stupid, but plenty of gamers get some sense of accomplishment or satisfaction when they're completed - especially the harder ones. We don't want these tarnished by people with hacks and cheats.

Re:Still abusive

[Anubis+IV]

Yours is a perfectly valid complaint that I wouldn't disagree with in the least. That said, suggesting that it in any way contradicts my comment would be a case of moving the goal posts, since I never stated that there weren't any valid gripes. I merely pointed out that the previous commenter hadn't voiced one.

Re:Still abusive

"So...what's your gripe then?"

The gripe for most is that slippery slopes always start off innocently.

Re:Still abusive

[Rakarra]

So are you saying that if I go through your mail and send the contents of anything that looks sketchy to someone, that's bad... but if I translate the contents into a different language before I send them, that's OK?

Oh, if the FBI had evidence that you'd, say, been sending letters to terrorist cells, then yes, I think it would be totally reasonable for them to go through your mail. If they had no such suspicion, no, that wouldn't be reasonable. That's the analogy that (somewhat works).

What they SHOULD be doing is downloading their hash list to YOUR computer, comparing THEIR list against your cache, and setting a flag if there's a match.

As every game company knows, the server should not expose any information to the client that you don't want the user to know, whether the software will tell them or not. Valve likely does not want the list of websites to get out, as not finding your favorite website in the banned list means you can view it with impunity. I wouldn't trust the public key security (all they have to do is mess it up), so why should they bother when they can run the checks server-side instead?

Of course, if it's done locally, then all it takes is a quick hack to get around the detection system, and they're no further ahead. But now that the system is known, all people have to do is flush their DNS cache prior to playing and THIS system is stymied too.

That's true, the system will only catch the unwary cheater.

Re:Still abusive

[vakuona]

You are using their service. You agree to their terms. Don't like it, don't use their service.

They are only looking out for their honest customers who would otherwise be affected by the cheating that would go on, and who may then decide to leave and not return.

Re:Still abusive

[Rakarra]

So just run a script to purge the DNS cache every 10 minutes. Solves the problem.

I think the problem is that the cheat has to be online-connected to a cheat server, so it may randomly repopulate the DNS cache.

Re:Still abusive

[dougisfunny]

Then VAC won't be running.

Re:Still abusive

[squiggleslash]

You want to visit a bunch of servers that run nothing but web services, if they run a web server at all?

Because that's the type of server we're talking about here. Something cheat.dll uses to phone home, connecting to port 1234 on drm-server-73.cheatcorp.com. Not www.cheapcheats.com where you bought the cheat from.

Re:Still abusive

[hypergreatthing]

Usually this is done with the authorization of one who has his laptop stolen.
When it's done without knowledge of the owner, it's called hacking or fraud.

Re:Still abusive

[ArsonSmith]

Great point, when it's a company like Valve, just take your business elsewhere. It's quite simple. But when it's government the restrictions on what they can do should be great and well enforced.

Re:Still abusive

[rudy_wayne]

This whole thing started when somebody posted a screenshot of some disassembled code, which showed, among other things, that the software is using undocumented functions to enumerate all the cached entries.

So Valve spent X number of man hours developing this anti-cheating module, plus XX more hours figuring out undocumented functions that they need to accomplish this, and then, THEY ABANDONED THE WHOLE THING AFTER 13 DAYS because people figured out a way around it..

I understand that Valve want to stop cheating and that's OK. But, seriously, did nobody at Valve just think for a minute and say "before we spend a lot of time developing this, how easy will it be for the cheaters to circumvent?"

Re:Still abusive

They can still go blow nasty goats. Unless they have a legal contract with my signature & that of my lawyer, Newell can kiss my ass.

Re:Still abusive

[Cley+Faye]

Well then if you do this for valve games, you just don't do it on VAC-enabled servers...
A good question would be "is VAC running all the time, or only on a VAC-enabled game"...

Re:Still abusive

[lgw]

I've had more entertainment with some MMOs writing bots than playing the actual game. I wrote a bot for Everquest 2 crafting that was great fun to write and tune (there was actually some game strategy to that goofy crafting system, so there was a neat optimization puzzle there). But you should anticipate the ban hammer when you do stuff like this - don't have any linkage between the meta-game and any game account you actually care about.

Re:Still abusive

The odd thing about this -- as someone who's never used Steam or even looked at Valve's site (if that's even how you get Steam) -- is I always thought Steam was a sort of long-term rental service, so I'm confused how people who actually use it got any other idea about it. Did they just think Steam's games were so cheap out of the goodness of Valve's heart?

Re:Still abusive

Problem: "I think it's unreasonable for police to enter my house and randomly search everything."...

Except this is different in the sense you have to make the decision to install the game(s), and be aware that under most typical situations, installed programs on a computer have access to a lot of stuff you probably don't actually want them to go through. This is more like inviting servicemen, or other employees of some company you don't have a personal connection to, into your house and expecting them to not read papers you left out on a table. Common decency suggests they won't go through your stuff, but there will be people who do anyway. Whether it was out of boredom, because they were looking for something that might help them do a better job for what they were hired, or because they have less noble intent, doesn't matter. If you want to be sure something is not messed with, you either don't invite them into your home, or you take precautions to make sure it is not possible to do so if they tried.

Re:Still abusive

[wagnerrp]

It was done with authorization. You authorized it when you agreed to the terms of use of a VAC-protected game, playing on VAC-protected servers.

The trouble with this is the same as trouble with things like IDS, it only works through obscurity. As an IDS protects against an attacker, anti-cheat protects against you, and the only way it is going to work is if you don't know what it is doing. If you knew how it operated, you could alter your actions to bypass its detection mechanisms, as has supposedly happened now that the behavior has become public.

Re: Still abusive

No-one cares that you have achievements. They're a personal goal at best, and you know if you earned them fairly or not.

No-one is losing money if you cheat and get an achievement. Cheating in multiplayer games can mean you pay less real world $ for something because you were able to cheatfarm it instead, or you simply devalue other player's experience they paid good money for.

Re:Still abusive

What they SHOULD be doing is downloading their hash list to YOUR computer, comparing THEIR list against your cache, and setting a flag if there's a match.

This is what they are claiming to do. The particular hash and details of the first cheat check that lead to the DNS check only get sent back after they did a comparison to known cheat DRM services.

Re:Still abusive

[DrGamez]

This is incorrect on a few levels.

1. This isn't beyond curiosity. Just because I read about Hitler and the Holocaust doesn't mean I have more than a passing morbid curiosity in the history.

2. You can be really good AND visit these sites all day. Unless VAC trips on you (and being "really good" never gets you caught, they look for specific actual hacks and vectors, not just some K:D ratio), it will never check your DNS.

3. The DNS entry it's looking for isn't "www.hacks.com", it's looking for the call-home function of the hack itself; because hackers don't pay (imagine that) the hacks themselves need DRM.

You have to be caught by VAC (using a hack) and then you need to have a current call-home function to a known hacking service/program to get tripped up by this. That's why it "only" caught ~500 users, this isn't some massive dragnet to ban anyone who's googled the words "counter strike hack".

Re:Still abusive

[DrGamez]

Most, if not all, anti-cheat programs do this.

I know this is a big issue for some, but clearly you have not done your due-diligence when it comes to knowing what services you allow to run on your machines.

Re: Still abusive

VAC will continue to do things like this. This is your notification to allow that or to stop playing VAC-enabled multiplayer games.

Re:Still abusive

[DrGamez]

It means you still haven't read the article.
(Sorry, that's rude, but seriously go have a read, you're 100% safe to visit all the terrible hacking website you want. Just don't use the hacks they sell.)

Re:Still abusive

How is this different for any other program? Any program you download and run on your computer has access to whatever userspace it runs in. "My media player/games/office suite/image editor/browser/anti-virus programs don't upload my browsing history... at least not yet."

Re:Still abusive

[DrGamez]

But he won't. :)

Re: Still abusive

[LocalH]

You didn't actually read what they did. Or the fact that they're not doing it anymore because it lost it's usefulness.

Re:Still abusive

No. There is NOTHING preventing me from hashing every possible SSN and comparing them. the total number of possible SSNs (ignoring for the moment that I can narrow the attack space significantly by ruling out SSNs that have not been issued yet) is not computationally prohibitive to search, even salted.

Unless the hash has a smaller size and less information than the original source...

Re:Still abusive

[sosume]

That means, if Johnny Random wants to be able to play the game in a certain way (getting achievements), that I cannot play the game in the way that I want to. Only the way the game developers intend to.

Re:Still abusive

[sosume]

It would be much easier to replace your ipconfig executable (or disallow access to it from steam)

Re:Still abusive

[poetmatt]

It's also perhaps not great that this is the method they are tracking cheats, because using a VPN or proxy will likely thwart some of the positives they would be looking for here. So the method of tracking was via obscurity, which is now gone.

Re:Still abusive

Did your fishing bot have DRM that called home to your webserver to ensure that the person using the bot paid for the bot?

If not, then this is not comparable.

Re:Still abusive

[sosume]

I am a consumer. I have lots of rights or Steam wouldn't be allowed to take my money. I don't care about their terms when they are illegal. If they think they can take drastic measures they'd better be well prepared for consumer watchdog hell to be unleashed. Especially for a service which is rumored to bring in over a billion dollar in yearly revenue.

Re:Still abusive

[BattleApple]

I like achievements, but I do wish I could bypass some of them. Not because they're difficult, but because they require you to do things like play a game with a certain number of friends. I neither have nor want any friends (online or in the real world)

Re:Still abusive

[sexconker]

did you even read his response? They look for indications that the cheat is in play, THEN they check DNS as verification, and send a HASH of the dns name to their servers for comparison. This means they don't even see the actual dns name on their side, they can just check against known hashes of the sites the DRM used for verification. That is why it is two staged. Simple existence of the names in your DNS cache won't trigger the ban hammer.

You're a tool.

"indications that the cheat is in play" can be anything or nothing

"they check DNS as verification" is bullshit
  - what if I got my cheat from a friend? I'd never be banned since the DNS verification step marks me as clear. This is not the case.
  - what if I looked up videos of cheats for a game after encountering cheaters in a game to confirm my suspicions? DNS isn't verifying anything, it's circumstantial guilt by association

"send a HASH of the dns name to their servers for comparison" means nothing
  - a hash comparison needs a known hash to compare against
  - that known hash has to be generated from a plaintext source

"they don't even see the actual dns name on their side" bullshit
  - from the above, they absolutely know what your hash matches up to

"Simple existence of the names in your DNS cache won't trigger the ban hammer." you have no way of knowing their internal policy now or at any point in the future, nor do you have any way of knowing the details of their actual implementation and the potential fuckups or abuses it allows

Re:Still abusive

[sosume]

I'm sure you can somehow change your DNS cache to flush immediately.
Run a local DNS server on the same machine for extra points. I bet the cheat authors will respond by implementing their own DNS lookup.

Re:Still abusive

[cbhacking]

And what if I don't "manually" visit it, but instead somebody posts an image to some forum I read, and the image source is the domain in question? It doesn't even matter that there's no web server running there; my browser will still attempt the lookup (*it* doesn't know there's nothing listening on 80) and therefore my DNS resolver will still cache the result. Boom, I am a "confirmed" cheater, despite never having used the tool in question at all.

Re:Still abusive

[Cley+Faye]

Uhh, you're contradicting yourself on point 2 and 3: the domain we're talking about didn't host anything to "visit".

Re:Still abusive

[Cley+Faye]

No, you have one flag. This is not a "DNS entry present == cheater" system; it just acted as a confirmation when the hack itself was detected. Don't use boom as a shortcut.

Re:Still abusive

[Jane+Q.+Public]

"The app is comparing DNS records with a client-side database of cheat sites, and if it finds a match sending it to Valve's servers for verification & ban-hammer. It's not sending every site you visit, unless the only sites you visit were via DNS records used by cheat developers."

It doesn't matter. Privacy violation is still privacy violation. It's akin to the NSA's "metadata". "We have it, we're just not looking at it." Does that make you angry? It should. Do Valve's actions make you angry? They should.

Saying you "only" violated the privacy of 1/10 of 1% of users is no excuse. NSA saying it's "only" actually examining the meta-data for some people is no excuse. It's violation of privacy, plain and simple.

I very much doubt people who signed the EULA knew this was going to happen. And if you didn't know it was part of the agreement, then you didn't actually agree to it. (But it is a good reminder that you should read the fine print, because if it's in there, and you signed it, you're screwed.)

Re:Still abusive

[rjstanford]

I like achievements, but I do wish I could bypass some of them. Not because they're difficult, but because they require you to do things like play a game with a certain number of friends. I neither have nor want any friends (online or in the real world)

So don't get those achievements. Simple. Once you cheat to get a single one, what's the value in the remaining ones?

Re:Still abusive

[Ash+Vince]

I am not a gamer so I don't know if this is permitted by their TOS.

However, I don't care if they are sending a hash or the actual DNS inquiry. If they have a matching hash on their end, they are simply translating one entry into another form and back again. How do we know the limit of hashes for sites they have accumulated outside of known cheat sites?

If their TOS permits it, well, then buyer beware. But, I remember how everyone kicked and screamed when Apple and Microsoft did similar things.

They ARE examining your personal DNS history cache and sending, supposedly, matching entries. That is spyware - pure, simple and evil.

If you are not a gamer then why bother contributing to a discussion that specifically deals with online gaming?

The truth is that to make a successful online game now you need to do something about cheats. They ruin the game for everyone.

The two main anticheat products I know of are VAC and Punkbuster and both are pretty invasive. They need to be.

The moron who noticed this behaviour then posted it on hacking forum so you can be fairly sure he was a cheating scumbag trying to find out how he got caught. We don't know how many innocent people have this happening if any.

Re: Still abusive

But what else does their DRM do? After installing Steam on my laptop, upon the next reboot, the system froze on the initial screen while in the middle of attempting to connect to the wireless net. Can I say for certain it was Steam? Of course not. Will I waste my time installing Steam again? Again, of course not. It may only be conjecture, but my trust in their software has somewhat diminished. Why waste hours rebuilding my laptop to put their filth back on it?

Re:Still abusive

[rahvin112]

This isn't the government. It's a private service with terms that you must obey. If you don't like it don't use it.

Given that there are apparently companies or individuals clearly breaching the steam and valve TOS for money I just have to question why valve doesn't go after these people/groups in court. If they are in a western country you could fairly easily eviscerate them and take all the profits and likely get them in serious trouble. Even if they are outside the west they should be able to use the court to effectively freeze all money conduits which will remove the profit incentive. Without the profit incentive I dare say the ability for the cheat to develop rapid countermeasures would go away. Oh there is still going to be people that develop the cheats for fun but I dare say they wouldn't share the cheats because they run the risk of being banned as a result.

This is one area where I actually agree that court action should be used, cheats in multiplayer can do severe damage to a game and the companies should aggressively go after people/companies developing these cheats. Honestly if the cheats have progressed to the point where people are paying for it and the cheat itself is running DRM then the people involved should be easy to target.

Re:Still abusive

[arth1]

You see, when they're sending hashes back, they're collecting a history on each user that they can then store for as long as they feel like. They know which suspect site you've visited (after all, THEY hashed the domain in the first place; they know what it is), and the system can be easily abused.

It probably already is.
How much would you bet that there isn't a copy of the DNS history going to a three letter agency, and Steam not being allowed to disclose this?

Re:Still abusive

The MD5 of a domain name is probably unique. If they have the original list of DNShash that they used to create the list of hashes that users have, then they can translate the submitted hash to a DNS-name in O(log n).

This is equivalent to submitting the DNSes directly to Valve.

Also, what prevents a developer or admin from accidentally/"accidentally" including a regular domain name in the list of banned domain names? Or for someone to order them to include "wikileaks.org" in the list?

Re: Still abusive

So why should they care about your rights when you are violating theirs?

Re:Still abusive

[BattleApple]

If I get 99 out of 100 achievements, it's not like I'd feel guilty for cheating on the last one if it's something I would never complete otherwise. I just like to see them all completed. And maybe something happens when they're all complete. As for multiplayer, I'm very much against cheating if it affects other players.

Re:Still abusive

[Em+Adespoton]

What they SHOULD be doing is downloading their hash list to YOUR computer, comparing THEIR list against your cache, and setting a flag if there's a match.

This is what they are claiming to do. The particular hash and details of the first cheat check that lead to the DNS check only get sent back after they did a comparison to known cheat DRM services.

No; they shouldn't be sending back the hash -- a "hash" of a domain is equivalent to the domain itself; there's nothing being hidden. They should send back the result of the hash comparison if there's a match.

Re: Still abusive

[Em+Adespoton]

So why should they care about your rights when you are violating theirs?

Visiting a website isn't violating their rights.

However, unless the trigger that causes the lookup is an FP, they are within their rights to terminate the contract.

So the issue here is that they're exfiltrating data, not that they're checking the site and terminating the contract.

As a comparison, if I were doing drugs, that doesn't give the police the right to bust down my door to search for drugs. A warrant based on suspicious activity gives them that right. This is equivalent to "that guy looks shady, lets search his place and see if there are indications he has visited those shady places". Police need a warrant for that. Valve is not the police, so this could get them prosecuted under the same hacking laws that would apply to you or me searching someone's computer without authorization.

Re:Still abusive

[Em+Adespoton]

So are you saying that if I go through your mail and send the contents of anything that looks sketchy to someone, that's bad... but if I translate the contents into a different language before I send them, that's OK?

Oh, if the FBI had evidence that you'd, say, been sending letters to terrorist cells, then yes, I think it would be totally reasonable for them to go through your mail. If they had no such suspicion, no, that wouldn't be reasonable. That's the analogy that (somewhat works).

That comment wasn't about whether going through the mail was reasonable, it was about whether translating the mail before sending it back somehow changed its legality or "OK"ness. There's nothing magic about a hash.

Re:Still abusive

[Em+Adespoton]

In this case, I doubt it -- the TLA can et the DNS history directly from your ISP. Unless the TLA was targeting a specific set of Steam users, it wouldn't give them anything useful.

Now if it hashed and uploaded your entire DNS history....

Re:Still abusive

I vastly prefer the ability to control software installed on my system. Take your silly achievements and stuff 'em, because you're not going to control my singleplayer experience.

Re:Still abusive

[gIobaljustin]

The fact that they didn't when they had the chance is a good indication that they're not planning to do so

That logic is utterly preposterous.

Re:Still abusive

[gIobaljustin]

X is worse than Y, so Y isn't bad. Great logic.

Re: Still abusive

After reading all this I actually have *more* respect for them.

Re:Still abusive

[nblender]

So are you saying that if I go through your mail and send the contents of anything that looks sketchy to someone, that's bad... but if I translate the contents into a different language before I send them, that's OK?

A hash is just a shortened form of the same thing.

Here, I just translated your inbox into MD5 for you. But you can get it back anytime: 22fc90d5d9d1daece424aafaec7698c8

Re:Still abusive

I read that it was monitoring their browsing history. If they are monitoring all of my DNS activity then they are monitoring all of my network activity. Local and WAN. That's even worse.

Really people, read up a little before discussing, this thread is so full of complete misunderstandings being discussed with fervor.

It's not "monitoring" anything. If VAC flags you for potential cheating on a VAC server then it checks your DNS logs for secondary confirmation that a cheat has been connecting to its home server, and a hit on any of these specific servers are the only information being submitted. These are not servers you visit for any reason. But, the bigger point, people here seem to be completely clueless about VAC -- what do you think it is doing on your PC? It is searching through your memory and files, scanning for cheats, and always been doing this -- and it is something you voluntarily agree to to be able to play on the servers that use VAC to prevent cheating.

Re:Still abusive

[batkiwi]

You can still play your games without using VAC.

You can still play your games ONLINE without using VAC.

You simply cannot play on VAC enabled servers (run by the community, not by valve) without using VAC.

Re:Still abusive

D: D: D: OH NOES THE SKYNET IS FALLING!

No, they're looking at your DNS cache. What you read was stupid, and you got worked up and stupid about it, and now you're continuing to be stupid when it has been shown that this is a non-issue.

Gamers are the dumbest people in the world, especially when they think they know how something technical works. There is, in fairness, a small amount of people who have deep knowledge of computers, and who also play video games, but keeping up with tech typically requires a great deal of leisure time spent in study. The more the word "gamer" describes you, the more likely you are to be a semi-literate luser.

Just to recap, your first sentence was misinformation, and the second one is simply false -- it does not follow that tracking one protocol would necessitate tracking others, and even if they were doing real-time monitoring of DNS, which they are not, watching all network traffic would be far too low a SnR to be useful for anything. Play around with wireshark sometime, you will see why. But first stop dragging down our SnR and read the rest of the comments.

Re:Still abusive

[CrankyFool]

This significantly changes the situation, I think, and makes it much more palatable -- you either opt in to the protections of VAC (and its attendant privacy breaches) or you opt out, but you can still play. I can live with that.

(I feel like I'm violating some sort of implicit slashdot rule by not flaming you for disagreeing with me; apologies).

-roy

Re:Still abusive

[X0563511]

How long do you think it will take for these cheating applications to implement their own DNS client code?

From the countermeasures perspective, you couldn't possibly ding someone for connecting to, say. 8.8.8.8:53.

Re:Still abusive

You are using their service. You agree to their terms. Don't like it, don't use their service.

Yeah, yeah. Blah, blah, blah. The same tripe we hear every time someone criticizes a company.

And that's what's happening: The company is being criticized with the hope (however unlikely it may be) that they'll change. Nothing wrong with that. Don't like it? Don't fuckin' read it.

They are only looking out for their honest customers who would otherwise be affected by the cheating that would go on, and who may then decide to leave and not return.

Ignored are the people caught by this proprietary junk who aren't cheating. Pretending that any of this garbage is foolproof is just silly and naive.

Re: Still abusive

You own games you buy in Steam. Waiting for a sale is not renting. I don't know what gave you that idea, it certainly isn't in the EULA.
Furthermore if you buy a game you are free to crack it and run it without Steam running, and run it offline.

Re:Still abusive

DNS cache is easy to turn off anyway

net stop dnscache

Rely on your router to cache your dns queries.

Re:Still abusive

[arth1]

In this case, I doubt it -- the TLA can et the DNS history directly from your ISP.

Sure they can, - if you and your ISP are in the US.
But even so, it means they would have to target you and the ISP first. And unfortunately, it looks like our finest no longer bother to only collect data on suspects, with reasonable suspicion as justification, but instead cast nets and see what they can drag up.

So when they see that aa.darko.de hosted an islamist FPS, they hash aa.darko.de and get 98af902dda8088d7204251fe2ff6d7fc, and then search the collected Steam DNS logs for this DNS hash. Those that match are then further targeted.

A couple of years ago, one would think this to be far fetched. After what's been disclosed since then, I think we should expect things like this to happen.
All in the name of public safety, of course. Don't you feel better already?

Re:Still abusive

[Twanfox]

If the 'found' DNS entry is not something that they were looking for, when the client hashes it and sends it to the Valve servers, it would be difficult to translate back into a DNS name. If Valve knows the hash of the specific DNS names they want to know about and your client sends them that then yes, they know. However, given a hash and the wealth of DNS names in the wild, it would be difficult to identify the specific DNS name using just that hash value. That is, after all, one of the primary points of using hash values in the first place.

If they chose to hash every DNS name ever and build a hash table of that, they MIGHT be able to know what sites you visit, but hash collisions and the sheer size of the input set make it difficult to obtain any useful information.

Personally, I'm on the fence whether what they're doing is abusive or not. However, it does appear as though they are trying to take steps to protect user privacy.

Re: Still abusive

Corporations do not have rights. People have rights.

Re:Still abusive

[Frobnicator]

It is actually pretty funny from a distant and abstract view.

When most companies dig through your machine, evaluate records and browser caches, and otherwise dig through the garbage that is sure to exist, most people start screaming about privacy rights, corporations and governments intruding in personal lives, and the huge potential for abuse. Assertions that it is only to catch the bad actors are usually dismissed by the crowd.

Valve does exactly the same thing, searches through your machine, digs through all the garbage, and has the potential to collect quite a lot of incriminating details. Assertions that it is only to catch the bad actors are followed by ... mostly acceptance.

0.000876% -- the 570 bad actors that scanning 65 million Valve user accounts has identified.
0.0142% -- the "around 1,000,000 Terrorist Watch List names in March 2009" relative to the number of people the NSA spies on.

So... I guess that means Valve is spying on 65 million people with even less effectiveness than the NSA spying? Or maybe this make it less bad somehow because Steam is voluntary? Maybe we can vote with our wallet! That means go back in time over the past decade, choose someone else to buy the games from, locking us to their platform instead, and... wait...

Re:Still abusive

[Anubis+IV]

That logic is utterly preposterous.

Only if you don't believe that we can trust others. If you believe it's possible to establish trust by being consistent in how one deals with sensitive matters, then it's not preposterous in the least. The fact that they've had the ability to abuse this all along and haven't is a good indication that they are not likely to do so in the future, barring some unforeseen changes.

Re: Still abusive

[Rob+Simpson]

You own games you buy in Steam. Waiting for a sale is not renting. I don't know what gave you that idea, it certainly isn't in the EULA.

No. You can sell the things you own.

Furthermore if you buy a game you are free to crack it and run it without Steam running, and run it offline.

I doubt that's in the EULA.

I bought Skyrim because it said it just needed Steam for activation. Ha! I won't make that mistake again.

Re:Still abusive

[Em+Adespoton]

Thanks! I'm glad you backed up my inbox for me. I'll send you the appropriate hash when I want to roll back to those contents.

I think you miss the point here -- this is a list of hashes Valve has created, not a random list of hashed contents of your DNS cache. They created the original hashes, they're storing the results paired against UID when they find people who match the "interesting" hashes. They know what those hashes represent, and are guaranteed to keep a mapping list.

Your argument is out of context with the thread discussion.

Re:Still abusive

It means you still haven't read the article.
(Sorry, that's rude, but seriously go have a read, you're 100% safe to visit all the terrible hacking website you want. Just don't use the hacks they sell.)

The presence of "anti-cheat" software simply indicates that it's a shitty game. Such programs are simply an excuse for lazy and/or incompetent developers to produce shitty, exploitable code and not patch it. If someone CAN "cheat" in your game, then fix your fucking game instead of asking me to install a rootkit on my system.

Re:Still abusive

It's not your web browser accessing cheat websites, it's your cheat software itself accessing its servers.

No, it's ANY software which does a DNS lookup that matches a list which Valve has decided is "not OK" and leaves a trace in the resolver cache. You don't even have to have cheat software installed, or even attempt to access the actual site they have blacklisted, for this to happen.

You cannot use a VM, since the cheat software must be run on the same machine as you are running the game (and VAC)

Not true as a blanket statement. Some types of cheat software, yes. Many types can be run in a VM or on a transparent proxy.

The number one rule of writing exploit-free code is NEVER TRUST THE CLIENT. EVER. There should NEVER be ANYTHING a user can do or run on their machine which can give them an advantage or opportunity to cheat... if they can then YOU fucked up when you wrote the code.

But it's easier to put a rootkit on your computer and play "whack a mole" with your users than to hire developers who are worth a shit.

Re:Still abusive

[Zynder]

I also agree with you 100% but that doesn't mean it's ok. They could put in the ToS that you'll let them bang your mom but that doesn't mean it is right or lawful.

Re:Still abusive

[Zynder]

I agree with your sentiment but nothing will change. Blizzard does some kind of anti-cheating bullshit with their Warden software. No one seems to have bothered to sue them and Blizz has actually used it to beat down MMOGlider bot software as mentioned in that link.

Re:Still abusive

[wagnerrp]

The number one rule of writing exploit-free code is NEVER TRUST THE CLIENT. EVER. There should NEVER be ANYTHING a user can do or run on their machine which can give them an advantage or opportunity to cheat... if they can then YOU fucked up when you wrote the code.

In other words, all games must operate in a mainframe/terminal fashion, where the client is just a dumb viewer and all game code is running on a private server outside the user's control. Even then, you would still have to worry about applications running mechanical vision algorithms and guiding the mouse and keyboard inputs autonomously.

Re: Still abusive

[vakuona]

No one is being banned for visiting a website. People are being banned if the software determines that they are cheating, and verifies this by checking to see if they have performed a DNS lookup to servers known to be used for cheating in the games. Basically, they are using the DNS to try and prevent false positives.

If they let the cheats degrade the user experience, they might end up losing their good customers, and this ruins their business.

Basically, the DNS probably only "saves" you if you aren't actually cheating. If you are, then refusal to allow the check may be taken at tacit admission that you are, in fact, using the cheats.

Re:Still abusive

[gIobaljustin]

Saying that they didn't abuse their powers in the past, so they likely won't in the future is, in fact, ridiculous. Corporations change. The people in corporations change. New people come in. The logic just doesn't work.

Re:Still abusive

They preserve your privacy by only sending information related to cheating back to their servers.

You just have to trust they won't check for unrelated things that would violate your privacy. Gabe Newell talked about trust in his post. If you don't trust them then maybe it is unwise to use their services.

Re:Still abusive

[Windwraith]

Do you know of any false positive? Because with all the people misunderstanding what's going on, I am surprised nobody has jumped with "I got banned" whether it's true or not.

Out of all the "privacy outrages" this one doesn't even qualify. And they aren't being criticized with the hope of them changing because they already did. Anything else is just FUD at this point.
I know reddit is a nest of weird people but go read the threads where this stuff originated, and then the response. And with read I mean read it, not reading someone else's interpretation of it.
The accusation threads are the most FUD-filled package of half-truths you can see around, it's really worth a check just to laugh at this "incident" that really isn't.

And besides do you know the kind of shit anti-hack programs do? VAC is extremely tame in comparison, hashed DNSs or not.

Re:Still abusive

- what if I got my cheat from a friend? I'd never be banned since the DNS verification step marks me as clear. This is not the case. - what if I looked up videos of cheats for a game after encountering cheaters in a game to confirm my suspicions? DNS isn't verifying anything, it's circumstantial guilt by association

Neither of which has to do with checking the DNS cache for accesses to cheat DRM servers. It has nothing to do with where you get the executable for the cheat program, and instead deals with the fact some specific cheats have DRM that connects to specific servers in order to work.

Re:Still abusive

[Windwraith]

Yes, you aren't mistaken, VAC only runs in specific games AND specific servers. I for example don't have any game using VAC in any form (and then again I am in linux, and I do nothing but steam on my windows install)

Re:Still abusive

You talk a good game Lumpy. Write it. You're not even as good as a script kiddie. All you do is talk.

Re:Still abusive

Lumpy won't reply as it pulls unjustifiable downmods he made http://games.slashdot.org/comm... to that and other posts that show Lumpy's b.s. post is that of a chump (lol, lumpy the chump who talks a good game but can't even write a script like a script kiddie would)

Re:Still abusive

[d33tah]

Hashing is just not going to help there. The DNS domain space is basically so little that it could probably even be bruteforced offline, not to mention web crawlers. You can easily download the rDNS for the whole internet as of 2012 from Internet Census 2012 database for free (http://internetcensus2012.bitbucket.org/paper.html). While it's not forward DNS, I would expect to get a very high match rate just by hashing it all. Definitely feasible.

Re: Still abusive

Doesn't matter if they are hashing it or not; still illegal in my country. Ill be filing a complaint in the morning

Re:Still abusive

Let me setup my rainbow tables to get your joke... not.

Re:Still abusive

[squiggleslash]

The fact that you can use some of the same terms to describe entirely different things doesn't mean that someone is applying a double standard if they agree with one thing and not another.

The message you're responding to actually makes it clear that this is not an example of "the bad thing". It was a correction to drivel people are posting because, well, they hear "Valve is digging through your cache" and think that Valve is indiscriminately looking at your cache, and sending private information it has no right to know.

People are suggesting that Valve is sending your entire DNS cache to Valve so it can look for cheating. This is wrong. It's not true. That is what I was correcting. Valve is not receiving anything from your computer beyond a yes/no flag as to whether a particular DNS lookup was made recently, where that DNS lookup would not be a user initiated event.

When people are upset about "digging through your machine", they're worried not about an anti-cheat algorithm sending a yes/no answer to the question "Is Frobnicator cheating", they're worried about a long answer to "What has Frobnicator been doing recently?"

Your comment ignores nuance, ignores differences, pretends that disimilar things are similar, and equates flawed anti-terror policies that invade privacy and harm innocent people with locally stored logic that confirms if you've been cheating on a game, and then only if there's reason to believe that. Your attempt to promote an aura of aloof objectivity falls flat, it's absurd, and you should know better.

Re: Still abusive

VAC only functions on VAC enabled games.
VAC also only works on servers that have VAC enabled.

Unless both those things are enabled, VAC does absolutely nothing.

Re:Still abusive

In that case, I'm going to come into your house every day, and look through your belongings. But it's okay, I'm not going to take everything, just stuff that I say you're not allowed to have.

Re:Still abusive

So, is this VAC software only installed when you join a VAC server?

Re:Still abusive

[konohitowa]

Oh, for Pete's sake. Stop RTFA! How do you expect this circle jerk to maintain itself when you keep polluting this thread with your "facts" and "reason"? Jerk.

Re:Still abusive

Even if it's not activated, it's still spyware installed as part of Steam. So how do I completely remove this spyware from my system and still play my games?

I personally don't have to: I have never trusted Steam, and have always pirated games which require Steam. I accept that it's a risk to trust random crackers, but none of the pirated games I've installed are even trying to phone home, and Steam definitely would.

Re:Still abusive

[Frobnicator]

The message you're responding to actually makes it clear that this is not an example of "the bad thing". It was a correction to drivel people are posting because, well, they hear "Valve is digging through your cache" and think that Valve is indiscriminately looking at your cache, and sending private information it has no right to know.

When people are upset about "digging through your machine", they're worried not about an anti-cheat algorithm sending a yes/no answer to the question "Is Frobnicator cheating", they're worried about a long answer to "What has Frobnicator been doing recently?"

No, that is exactly the point I was trying to make. There was nothing accidental about it.

It is everywhere. Just minutes ago I read a news report on license plate scans. The police are adamant: We only send results back if there are illegal immigration concerns, we don't look at anything else, and we only transmit the data if there is a match.

That's great that they don't send the whole thing back for evaluation, because that would be blatantly evil and would invite the pitchforks.

EITHER WAY, government organizations or business organizations or criminal organizations, the organizations are paying a visit and digging in to potentially valuable, potentially incriminating, and always very sensitive personal information.

Both the government agencies and the business are clear about it: THIS TIME they are only using it for good. THIS TIME the scans won't be archived or searched. THIS TIME we use it identify specific bad guys. THIS TIME we are invading your privacy for a good cause.

The doctor may say "THIS TIME I am sticking my hand up there to check for colon cancer, nothing to worry about." I don't care how many times it happens, I want to know EVERY TIME. I want to know well in advance EVERY TIME they want to poke in. I want to know EVERY TIME what they are doing, why they are doing it. I want to know EVERY TIME so I can check the results and monitor them and make sure that THIS TIME is still acceptable to me. Because maybe THIS TIME it is not.

Re:Still abusive

Scheduled job every minute......ipconfig /flushdns

Re:Still abusive

[netik]

Clearly you have not heard of salting a hash. That's what stops the rainbow table attack you describe.

On the other hand, going through my DNS history is a violation of my privacy and I'm not going to play this game.

Re:Still abusive

... Hashs are NOT a form of magic pixie dust you spread on information to make them magiclly private.

Consider:
You enter your SSN, the app hashes it and then sends it to me to compare against a hashed list of SSNs from some other source. I never get your unhashed SSN.

Are you safe?

No. There is NOTHING preventing me from hashing every possible SSN and comparing them...

A hash is not a unique "pointer" unless the data that was hashed is equal to or shorter than the length of the hash field. Which is not that long.
Consider the bit length of the hash field and the largest number that could be represented there.
Consider the data length as bits, and the largest number that could be represented there.
Divide the second by the first. The answer is the number of hits you could get with an exhaustive search.
It's usually a lot!!

Re:Still abusive

[jamiedolan]

Soon the fine print will allow them to search my basement and review my medical records without further notice or warning. Slippery slow, and sadly we are already sliding down it.

Re:Still abusive

[Anubis+IV]

I don't deny that the situation can change, and I even explicitly said so. All I claimed was that we have a good indication that they are not planning to abuse their power. Could they later? Sure. But if they were currently intending to do it, wouldn't they have already done it in the 10 years prior when they had the opportunity and motivation to do so yet didn't?

Re:Still abusive

> Oh, if the FBI had evidence that you'd, say, been sending letters to terrorist cells, then yes, I think it would be totally reasonable for them to go through your mail. If they had no such suspicion, no, that wouldn't be reasonable. That's the analogy that (somewhat works).

The fact that someone wants to equate Valve to the FBI and suspected cheaters to terrorists makes me want to vomit.

Just how far will you fanboys go to justify this blatantly abusive and unacceptable practice?

Just because it's Valve doesn't mean they get a free pass. This is a blatant abuse of the trust that has been granted to them.

Re:Still abusive

Defend Valve all you want but please don't start trying to defame people doing security research by writing them off as a "cheating scumbag" or whatever.

This sort of research is necessary and important. Just because you don't like what it's dug up this time doesn't mean we should start pretending people would only ever do such research for nefarious purposes.

"We don't know how many innocent people have this happening if any."

Of course we don't, because people like you are insisting there should be no transparency by trying to write off people who seek it as cheating scumbags. As such anyone Valve bans and declares to be a cheater is in your eyes, there is no innocent until proven guilty to you, so the system is flawless. Just like Assad's system is flawless in finding and killing terrorists because he just simply defines anyone he killed as a terrorist so they obviously must have been right?

Re:Still abusive

[Xest]

This is sensible advice. I wrote an aimbot, speed hack, and auto dispenser detonate for Quake/TF but I only ever used it on a private server with the full knowledge of everyone else on the server because I was well aware of both the consequences of it's use and the ethics of using such a thing (frankly, I fucking hate cheaters, and I hate hypocrits, so it'd be stupid to ever use it live).

It was one of the most valuable learning experiences I've ever had, I learnt a hell of a lot about network programming, Windows internals, security, and game math.

It's a thing that I'd absolutely say is worth doing as a learning experience without a doubt, but don't ever actually do it in a manner that genuinely effects other players at least without their consent, otherwise you get what you deserve.

Re:Still abusive

[bingoUV]

But most applications you install on your computer/phone/server could abuse their powers. If not right now, maybe in future when you install "security" updates, since corporations change.

I don't see you complaining this about emacs.

Re:Still abusive

[jittles]

D: D: D: OH NOES THE SKYNET IS FALLING!

No, they're looking at your DNS cache. What you read was stupid, and you got worked up and stupid about it, and now you're continuing to be stupid when it has been shown that this is a non-issue.

Gamers are the dumbest people in the world, especially when they think they know how something technical works. There is, in fairness, a small amount of people who have deep knowledge of computers, and who also play video games, but keeping up with tech typically requires a great deal of leisure time spent in study. The more the word "gamer" describes you, the more likely you are to be a semi-literate luser.

Just to recap, your first sentence was misinformation, and the second one is simply false -- it does not follow that tracking one protocol would necessitate tracking others, and even if they were doing real-time monitoring of DNS, which they are not, watching all network traffic would be far too low a SnR to be useful for anything. Play around with wireshark sometime, you will see why. But first stop dragging down our SnR and read the rest of the comments.

How is reading my DNS cache not monitoring my network activity? THey may not have my NIC in promiscuous mode but they now know every local and remote host I have used DNS to connect to. That's none of their business. If they want to make sure I'm not running a cheat program by scanning my memory during the execution of the game, then fine. go for it. I expect that. I don't expect them to be snooping through everything I've done since my DNS cache was last flushed. That's spying, its easily circumvented via proxies and flushing my DNS cache, and there is no reason or excuse for it.

Re:Still abusive

[gIobaljustin]

But most applications you install on your computer/phone/server could abuse their powers. If not right now, maybe in future when you install "security" updates, since corporations change.

Yes? That's why I try to limit my exposure to proprietary software, as those companies have proven themselves to be untrustworthy. Valve already has, as we see here. The fact that they'd even do this shows that they lack morals.

I don't see you complaining this about emacs.

Do I have to complain about everything I have a problem with, lest you assume that I have no problems with the things I didn't complain about?

With that said, I usually wait for a while after an update comes out to begin with.

Re: Still abusive

you'd have no right to be angry.

Well, no. You would definitely still have the right to be angry, you just wouldn't be justified. Please stop giving away my rights.

Re:Still abusive

[Giblet535]

I think Valve's DNS check is a good start, and an excellent way to someday backdoor a PC with the user's permission. What kind of terrorist activities are you up to, that you would question authority in the way some here are doing?

Re:Still abusive

You are missing the point. Here VAC rummages through the innards of your computer, supposedly, without average user having any idea about it. To give a simple analogy, imagine a postoffice guy brings you a package and unlocks your apartment while you are away and turns all the underwear in your closet upside down. It doesn't matter that you hadn't been caught hiding heroin during that, are you gonna be happy after this? Guess no. So equally your answer about "only" ~500 users getting caught as the result of this quite plainly malicious software being put onto everyone's computer doesn't make sense either.

I think what's being much much worse is the recent trend in software and IT where certain government services and corporations alike feel all permisiveness, to invade and trash your computers or online info like never before. You'd never let people install a security cam in your bathroom or toilet, read your personal notes or rummage your underwear, but that's exactly what's been happening all over. And the worst thing of all, the people in charge openly say "IT'S OK' :(.

Re:Still abusive

Believe Valve at your own peril.

Valve can fuck off.

Re:Still abusive

1. Valve sucks
2. You are a fucking moron

Using an analogy is not the same thing as equating two things. If you can't understand please go back to third grade and try and again.

In describing your idiocy I can use an analogy with rocks and horse shit, that doesn't mean I am equating you to those things.

Re:Still abusive

You are a fucking moron.

Valve hashed the DNS records for these sites that enable cheating. Therefore, when sending back a hash that matches their list of hashes, they know exactly what it is.

Furthermore, they can hash ever DNS entry on the internet so yes, that hash tells them a lot of information.

That is completely different than hashing something that no one else knows what its original value was.

Re:Still abusive

[vilanye]

The best way to avoid having your game overrun by cheaters is by making it near impossible to cheat on it.

But that takes actual skill and effort unlike using invasive cheat detectors.

Re:Still abusive

How retarded are you?

Your computer does not, on its own hook, rummage itself.

Valve wrote a program that they pushed to your computer via steam and that program does the rummaging.

You a fucking technically illiterate shithead.

Re:Still abusive

[Ash+Vince]

The best way to avoid having your game overrun by cheaters is by making it near impossible to cheat on it.

But that takes actual skill and effort unlike using invasive cheat detectors.

Your post is pretty light on details of how to do that, what do you recommend?

For instance on many FPS the cheats overlay something over the game graphics indicating where other players are on the map, effectively allowing you to see through walls. The game itself running on your PC has to known what is on the other side of the wall so you hit them if you shoot through it, a cheat (running as admin) can eavesdrop on the memory the games uses, extract info like this and the display it to you.

This is the big problem, the cheat software usually runs with elevated privileges and can then use them to inspect the memory the game uses. I guess the game could try and encrypt everything it stored in memory in real time but I am guessing that would incur a performance hit.

You could try and push more stuff like this to the server so only the server knew where everyone was and your own running copy of the game only knew about people you could actually see but that means so much stuff is bound by your network latency.

Then you have the problem about using the same overlaying technique to help identify targets at distance or camouflaged. In this case they can show up on normal players screens so the local running copy of the game has to know about them, but you can overlay a bright red outline or something to make them stand out as part of your cheat software.

Re:Still abusive

[hobarrera]

I belive this applies to windows only. I don't other OS's allow any program to scan the memory of other programs.

Also, even in windows, can't you just run steam as a different user than the cheat itself?

Re:Still abusive

If it's being waged on your computer, then you are evil cheating scum and deserve everything you get :)

Re:Still abusive

[Actually,+I+do+RTFA]

Use an OS that prevents on application from rummaging through your computer.

Suggestions please?

Re:Still abusive

[jader3rd]

The only two that I know of are Windows RT and iOS. They have the problem of being a walled garden, but that doesn't mean that a non-walled garden OS could be created where an app is only allowed to see what it bring to the table, and what the user gives to see.

Is it in the TOS?

[NotQuiteReal]

Is this search in the TOS, or is it an "unauthorized" search?

Re:Is it in the TOS?

Is this search in the TOS, or is it an "unauthorized" search?

Uh, who's TOS? Valve, or your ISP?

Seems you might want to better understand who "owns" that data first, and how you've already authorized it's (ab)use via the agreement you've already inked with your ISP before making any claims of unauthorized activity. You would be surprised what's buried in paragraph 173, subsection ZZ-174, right under the area where they state they reserve the right to re-sell your dead pixels...

Re: Is it in the TOS?

In the TOS or not, it's still likely against EU law. You cannot sign away your right to free speech, which includes receiving information without limitations.

Re:Is it in the TOS?

[interkin3tic]

You ask that as if ANYONE has any idea what is in the TOS. I assume it's standard TOS stuff like you won't sue us for any reason ever, we own you and can do whatever we want, you own nothing, you pledge your soul to serve in our undead army against God in the end days... That probably covers these searches.

Re:Is it in the TOS?

[Raenex]

you pledge your soul to serve in our undead army against God in the end days...

Sorry Valve, that one has to be signed in blood.

Re: Is it in the TOS?

[Sowelu]

If you're in a poker tournament, and there's a guy standing behind your opponent telling you what cards he has, is that free speech as well?

Re:Is it in the TOS?

IANAL, nor can I afford to ask one.

If contracts for sex and commiting crimes are invalid under the law, why would any click through agreement, or other "contract" permit them to use their software to back door other people's computers etc?

Additionally, in states with laws similar to Texas, wouldn't such forensic investigation require a private investigator's license when done by anyone not connected to a Justice department with a warrant? Seem to recall a Texas judge ordering some RIAA attack dogs to stop activity in Texas without a PI license.

Re:Is it in the TOS?

[Japher]

I'm fairly certain that my ISP can't authorize a third party to conduct searches on my local computer. If VAC were asking my ISP for DNS history, you might have a point... but that's not what was happening here.

Re:Is it in the TOS?

Mate, if it isn't they'll throw it in and if you don't want to agree with it you'll have those awesome Valve/Steam employees tell you this:
http://www.escapistmagazine.com/forums/read/9.384228-Accpet-Steams-New-EULA-or-Say-Goodbye-To-Your-Steam-Account-UPDATED

I really love Steam they are the very Best in everything. I also find it absolutely awesome that everyone supports those guys and that they are constantly on the news because of us which helps them spread even more ...

[sarcasm off] ... like a fucking cancer.

Seriously now, why in gods green Earth people still support that cesspool of a corrupt company is beyond me. Don't people realize it would be like supporting North Korea? That's how bad Valve/Steam are. And the only reason why they are still around is because they know if they remain social and keep others confused about their dealings folks will keep on coming, like lambs to the slaughter.

How common is cheating with VAC?

[Galaga88]

I know in the olden days, I just assume everybody else was cheating (they usually were) but how common is cheating now that VAC has been around for a while?

Re:How common is cheating with VAC?

[feedayeen]

I think that this is a, 'we don't have any gays in Iran,' type of situation.

Re:How common is cheating with VAC?

[CastrTroy]

This is why I don't like the idea that games seemed to have moved away from hosting your own server. Online games were great when you knew the guy you were playing against. There wasn't as many problems with cheating, or perhaps you could agree on which cheats could be used, and the in-game chat was a lot more tolerable. Now that you're just playing against a random selection of people from the internet, I just don't get as much enjoyment out of it.

Re:How common is cheating with VAC?

I think that this is a, 'we don't have any gays in Iran,' type of situation.

Uh, and now it's not. It's more like a '570 players out of millions' type of situation.

In other words, it's NOT a situation at all, unless somehow that 'one-tenth of one percent' is affecting the gameplay (and revenue) of millions.

Kinda doubt it.

Re:How common is cheating with VAC?

[drinkypoo]

This is why I don't like the idea that games seemed to have moved away from hosting your own server.

Sadly, even most of the games with random matching force one of the players to serve as the server. Only MMOs really work in the way you describe.

Re:How common is cheating with VAC?

[KermodeBear]

Like you I imagine, I've been playing online games for a long time. I even ran a half dozen TFC / Natural Selection / CounterStrike / Half-Life Deathmatch / etc. servers for three or four years. I never found cheating to be common except for CounterStrike. For some reason that game attracted cheaters like crazy. The other games, not so much. Cheating wasn't just uncommon - it was rare.

When PunkBuster and similar products became popular it was amazing how much better I became compared to other players when playing on a protected server. (o:

VAC has, in my opinion, done a very good job overall of keeping up with the cheating crowd. I can't remember the last time I came across a player that I suspected of cheating - and having had to do detection manually by watching player behavior, I'm very confident in this.

There's a few things you can look for manually when looking for cheaters.

Your typical aimbot is easy to detect. Jump into spectator mode or whatever and pick the first person view for the selected player. Instead of the smooth movements a typical player will have, you'll see the player's aim snap to positions on a screen. It's rare to see these anymore because detection is so incredibly easy.

Driver hacks to provide see-through textures, or model hacks that have a long cross through them that extend through walls, are also pretty easy to detect by watching the player. Is someone across the map and scoring head shots through walls? Does he always seem to know where the enemy is? He's using one of these.

The interesting cheat is the second one (wall / model hacks) which allows one to see opponents behind objects, because it's not a mechanical advantage like an aim bot; it's a strategic advantage, an information advantage. It doesn't change the ability of the cheater to aim more accurately; it changes the cheater's behavior. A player without the cheat information will act as if the opponent is not there; a player with the information will.

So, you'll see tactical advances / retreats, shots fired / grenades thrown, etc. that would not occur in normal non-cheating game play. Yes; there will always be the person who gets the lucky what-the-hell shot. That happens.Sometimes more than once. What you need to look for is a consistent pattern over time that cannot be attributed to simply being "good", having a better overall strategy, or having an unusual play style.

I bet that with enough information collected it would be possible to detect this kind of behavior and flag individual players for follow-up manual inspection. It would be a fascinating bit of research, really.

Resource hacks are very dead these days, as information about resources (ammunition carried, money earned, life amount, etc.) are all stored server-side for most games. There's no way for the client to fiddle with that data.

Re:How common is cheating with VAC?

Cheaters pretty much made people quit CS:GO. You can only take so much cheating without it completely ruining all trust and fun from the games. The games are much better when cheaters get banned.

Re:How common is cheating with VAC?

[Luckyo]

I think that's the negative part of it. Scanning user's DNS and doing something with it is a massive red flag today in post-Snowden world. Even though you told us what you're doing with it, as a US based company, we know that US companies that harvest data are basically nothing but NSA fronts when it comes to spying and your trustworthiness in things like "scanning user's machine for private data" is in negative by default in today's world and no there's nothing you or us can do about it other than start financing people who would be against it into US legislative and executive branch. It's not even up to you as CEO - as a big company you have NSA moles who will do it without you ever knowing it or intending it.

As a result, I would argue that purging less than a thousand cheaters out of pool of tens of millions of players is far too little of a benefit for such a draconian measure. The medicine is far more destructive than the amount of disease it helps to cure.

Re:How common is cheating with VAC?

How about "off topic"?

Re:How common is cheating with VAC?

[PhilHibbs]

That's what friend lists are for. I only ever play Counterstrike online if I see a friend online, and *click* I'm on the same server he or she is on.

Re:How common is cheating with VAC?

[jandrese]

It's certainly not perfect, but it helps. Reducing the load from "everybody cheats, get over it" to "you can kick the occasional cheater you find from the match" is a huge improvement.

Re:How common is cheating with VAC?

[Lothsahn]

When I was in college, my friend had a roommate who played CS nearly all the time. His roommate actually failed out of college because all he did was CS.

While I think most of your points stand, I can say with 100% certainty that he acted like he could see through walls. He was so good that he routinely killed people (with headshots, even) through walls. Had I not seen his monitor with my own eyes, I would have known he was cheating. He was frequently accused of cheating. In fact, he could only play on his clan's server because he'd get banned nearly everywhere else. He'd routinely go 51/2 K/D in a match. Sometimes when we played with him, we would all have to reassure people that he wasn't cheating by vouching for him.

Just something to think about before anyone accuses a really elite play of hacking. What they can accomplish is rather insane.

Re:How common is cheating with VAC?

[Rakarra]

This is why I don't like the idea that games seemed to have moved away from hosting your own server.

Sadly, even most of the games with random matching force one of the players to serve as the server. Only MMOs really work in the way you describe.

I think Blizzard's non-MMO games use game servers instead of having one person host. Diablo 3, Starcraft II, etc. Though Starcraft 1 did make one person host, and that caused chaos when one person has a slower (dialup) connection than everyone else (dsl).

Re:How common is cheating with VAC?

[DrGamez]

570 players caught with this one test over the short one/two week period.

The reason hackers don't seem to be much of a problem is because: vaccines^H^H^H^H^H^H^H^H VAC works.

Re:How common is cheating with VAC?

One of the best cheats I ever saw was in CS around 1.6. Rather than aimbot, this guy had cheat where his weapons automatically fired whenever his curser was over an enemy. This was a stupidly powerful cheat that was really hard to see via spectate as you still have to aim but you simply only shot when you were aiming at a valid target. He got found out when he went AFK but didn't log out so he sat motionless at the spawn but would suddenly open fire when you walked in front of him only to stop as soon as you moved out of the way.

Re:How common is cheating with VAC?

[LesFerg]

heh, you don't take into account paranoid players, who act as if there is a bad guy behind every wall. I just naturally use that strategy :)

Re:How common is cheating with VAC?

[Windwraith]

You underestimate the effect of cheats on an online game. Basically since the game is unwinnable because of those 570 players, people stops bothering and will only remember the game as a cheat-infested hellhole.
Those people targeted by this VAC procedure PAID for their cheat tools. That's the real news here, that people are sad enough to paid for cheat programs. Cheat programs WITH DRM.

When people can go to such lengths, expect their effect to be noticeable.

Re:How common is cheating with VAC?

Only if you are homophobic.

Re:How common is cheating with VAC?

[LeeRyman]

I am a senior game admin for a relatively large gaming network.

I tend to find VAC is delayed by a couple of months. Every once and a while a new edition of a cheat will come out and we see an influx and peak of reports and first-hand cases. Some people are really stupid (spinbots, snap-happy, etc). Others are more cunning (trigger-bots, wall-watching). Eventually that edition is detected by VAC and the problem mostly goes away until the next revision is released.

Similar to what KermodeBear described, there is a fairly rigorous review process for demo's before we place a ban. We ensure that it is beyond reasonable doubt - covering off other 'indicators' like game sounds, radar, good tactical awareness, deaths of other players, etc. It can be difficult at times and we err on the side of caution (we would rather a cheater or two go free than ban an innocent player). As KermodeBear eludes to, sometimes the easiest way to initially spot a cheater is when the server suddenly starts sending data about an opposing player as they come within range, and the waller involuntary reacts to the new information. Think when you are playing a game legitimately and a enemy player walks around a corner in front of you - you react automatically in-game by stopping, shifting your aim, shooting, maybe moving to cover. Wallers do this when they suddenly see people though textures, and they react in a similar manner. It sticks out like a sore toe, and definitely prompts us to look for more evidence.

I know that for some games (BF series and an old CSS mod come to mind) there are cheat predictors which capture such events and provide a cheating probability. They can work quite accurately, but we don't use them to 'convict' someone.

Most cheaters actually play very poorly from a tactical and strategic point of view, and can often have very average scores as a result (unless they are aimbotting, which is pretty obvious). And they all get caught eventually, few of them are terribly bright when it comes to taking best advantage of the hacks. Some even forget to turn off the automatic say spam that the cheat sends. It may as well say "BAN ME NOW".

(Actually, the biggest reason for bans on our servers at the moment is derogatory, racist or abusive language. We can't and don't tolerate it much at all. I have no idea why some players cannot go 10 seconds without calling someone else a part of the female anatomy)

Re:How common is cheating with VAC?

CS has pretty good audio for locating people, I think that's often overlooked.

(Distance you see someone through a wall matters in that case)

Re:How common is cheating with VAC?

[Andtalath]

So play with your friends...

Not sending history to Valve

[pavon]

The biggest part of his announcement is that this checking is done client side; your DNS history is not sent to Valve. They also only record MD5 hashes that match the cheat sites they are looking for, not your entire DNS history. Finally, they claim to only check for DNS lookups of servers used by the cheat software itself, not just websites where you might read about and download cheats (although in some cases I imagine these could be the same), and use this as a second check after the client has already detected a cheat installed on you machine. So simply visiting cheat software websites without using them shouldn't get you banned.

Re:Not sending history to Valve

Well, that's what they claim the software does. Without transparency (read open source), we just have to take their word on the matter.

Re:Not sending history to Valve

[CanHasDIY]

Why couldn't they just MD5 the files for the actual game, to verify that they match with the official binaries? Seems a lot less intrusive, and less potential for abuse.

FWIW, it shouldn't matter what information I discover; what matters is what I do with it. Maybe I hack games, maybe I like to visit the sites that teach you how so I can understand what that means; either way, unless I'm using the knowledge I gained from game-hacking websites to.. er, well, hack Steam games, then IMO it's none of Gabe's fucking business what websites I visit, nor anyone elses.

Re:Not sending history to Valve

Cheats have evolved beyond file tampering. Most are done with code injection, and boy is that history a long one. I suspect the actual DNS being hunted for are the cheats' "DRM" servers that ensure you paid the guy who made the cheat money. CheatHappens.com or whatever they're calling themselves these days was one of the first to start doing this in a big way.

Re:Not sending history to Valve

Why couldn't they just MD5 the files for the actual game, to verify that they match with the official binaries? Seems a lot less intrusive, and less potential for abuse.

A lot of anti-cheat systems already do things similar to that, but it only catches one category of cheats. It doesn't help so much for cheats that change the game after it is loaded into memory, ones that change behavior of the video card that make things easier to see without touching the game, and ones that help control inputs without editing the game.

maybe I like to visit the sites that teach you how so I can understand what that means;

Then this check won't flag you, because that is not what it is looking for. Various cheat programs these days have their own DRM system because the makers want to make money, yet know what type of crowd they are dealing with. The anti-cheat software is said to be checking for connections to the DRM validation servers for known cheats, not to websites by or about the cheats.

Re:Not sending history to Valve

[szap]

Don't need to change the actual files to patch it. See DLL Injection: http://en.wikipedia.org/wiki/D...

Re:Not sending history to Valve

[Bob9113]

Sure, we put a camera in your bathroom, but it's OK, we don't look at the footage.

Re:Not sending history to Valve

[Cheburator-2]

I suspect the actual DNS being hunted for are the cheats' "DRM" servers that ensure you paid the guy who made the cheat money.

Imagine, Newell said exactly this. Only DRM sites, not web sites. How did you guess it?

Re:Not sending history to Valve

[dave562]

Often times they are not modifying the binaries themselves. The cheats are separate DLLs that are injected into the process at run time.

Re:Not sending history to Valve

DRM already check signature of executable. Cheat software are network tool that modify the packets (like a firewall that intercept, modify and reroute), as they are sent to the server.

Re:Not sending history to Valve

[frinsore]

Checking the MD5 hash is one of the oldest methods of anti-cheat. Nowadays file hashes are signed by a private key and verified locally with the corresponding public key, if the hashes don't match then it's an invalid file. But like I said, this is one of the oldest methods and has been worked around for years. The simplest method is to modify system dlls that the executable depends upon to inject code into the running game. This then leads to signing everything that the executable could depend upon. The next easiest method is to launch the executable, pause execution, overwrite some data/functions, and then resume. This has been combated by having the executable live at a random offset. Instead of the executable living at 0 in memory it could live at position 1024 or 756.

The problem is that all anti-cheat software is essentially DRM and running DRM on am open platform like a PC is inherently problematic.

Re:Not sending history to Valve

< flame mode="high">
Jesus christ you fucking idiot, do you even code?
</flame>

Here's why: Because it's on the internet. Because most games communicate over UDP. Because encryption in a real time protocol slows it down. Because most games push a host "as far as the platform will let it" and crypto is an added layer of unecessary computationally expensive overhead. Because any sort of crypto keys in this system could be pulled out of memory anyway. No, you don't actually have tools good enough to prevent this -- I don't care what the marketer told you.

In short he can't /just/ md5 a binary -- because people not you actually understand how the internet works. For that matter, they understand how software works too.

Yes, there's abuse potential. As long as there's second hand validation after the fact, all this really does is red-flag people for further inspection. Yes, I agree it's none of Valve's damned business and find it objectionable without it being clearly laid out in the ToS. And I find it naive, because I learned years ago not to shit where I eat -- which is to say, you don't do your hacking or research on your home box.

But you can't just md5 the binaries, because I can and have rewritten packets that are coming in and going out over the wire. In fact, it's what pretty much every fucking firewall in existence does. Or did you forget about packet filters with that ultra cool course that taught you about MD5?

<flame mode="moderate">
So please take your simplistic, naive notion of how the internet works, shove it up your ass, and let the big boys that understand the network fix things. It's clear not only that you don't actually understand the problem, but that you also don't understand your naive proposed solution. An MD5... wtf. Do you even realize how often those used to get patched in-memory nearly a decade ago ?
</flame>

Really, people need to realize the world isn't as simple as they conceptualize it. Complexity doesn't excuse itself, but there's probably a damned good reason it evolved.

Re:Not sending history to Valve

Why couldn't they just MD5 the files for the actual game, to verify that they match with the official binaries?

Because they are not dealing with script kiddies and people who think Ruby on Rails is a programming language.

Re:Not sending history to Valve

[blincoln]

Most cheating involves modifying processes in memory, not the files on disk.

I do agree that it's really heavy-handed of Valve to ban players over DNS entries, though. What's to stop me from posting a page on some heavily-trafficked site with embedded image tags pointing to those systems (they may not load, since who knows if the cheat servers are even running web server components, but visiting machines will still cache the DNS entries), trying to get anyone who visits it banned on Steam?

Re:Not sending history to Valve

[The+MAZZTer]

If it just MD5ed fhe files, the games would be hacker heaven, since you don't need to touch the files.

There are tons of ways to do this. You can attach a custom DLL to run code, or just inject code directly. You can do this when the program starts up even before it has a chance to run any code itself. You could modify your graphics driver to change the way the game renders so that the game itself sees everything about itself is fine because it is.

Also, files for the actual game are hashed, at least in Source. That is an sv_pure check and is not a VAC thing (though working around it would trigger VAC).

Re:Not sending history to Valve

Why was this modded down? This is right. You can't trust proprietary garbage.

Re:Not sending history to Valve

[Sowelu]

Yes, and you can't trust the guys who do steroid testing in baseball, either. Who knows what they are doing with your precious bodily fluids?!

Re:Not sending history to Valve

[Rakarra]

I suspect the actual DNS being hunted for are the cheats' "DRM" servers that ensure you paid the guy who made the cheat money.

Imagine, Newell said exactly this. Only DRM sites, not web sites. How did you guess it?

He has access to a magical scroll of knowledge that tells him more details about a story than what the Slashdot summary says. It's a remarkable device!

Re:Not sending history to Valve

[fph+il+quozientatore]

I suspect the actual DNS being hunted for are the cheats' "DRM" servers that ensure you paid the guy who made the cheat money.

So, this raises the question: is there a meta-cheat that cracks the DRM?

Re:Not sending history to Valve

[DrGamez]

We need transparency, says the person who has not even bothered to commit a username to this thought.

Re:Not sending history to Valve

Checking the DNS entries was a second stage check that was done only after the first check flagged up signs of cheating. Note that Valve are now no-longer using this method of cheat detection as the cheat authors have already worked around this cheat detection code.

Retention...

The issue is more what information they keep - what happens to it and who else has access to it - than anything else.

Valve vs NSA

I trust Valve more than the NSA.
The NSA doesn't protect me against hackers.

Re:Valve vs NSA

[coolsnowmen]

I trust Valve more than the NSA.

Of course, becaues Valve has no actual power over me to get me sent to guantanimo.

But still: LOW BAR!

Re:Valve vs NSA

[Luckyo]

NSA thanks you for your useful idiocy. As a large company, Valve just like its peers is thoroughly infiltrated and your data is siphoned as deemed necessary in the name of national security.

Less Than 0.1%

The Holocaust only killed 0.3% of the world population. Didn't make it right.

Re:Less Than 0.1%

If the Jews bothered using aimbots history would be very, very different.

At least someone admits it

It's in the Steam ToS, so you have already agreed to get scanned. Personally I'd be more angry at people so determined to cheat they got this countermeasure instituted in the first place.

Not good for their aspirations

If Valve hopes to see linux, And particularly their brand of linux (SteamOS) become a real competitor or potentially a disruptive change of platforms then they cant be invasive like this. Just not going to work. They will ruin everything they are seeking to achieve.

Re:Not good for their aspirations

Only half true. It's hard to get more restrictive and invasive than Apple's products, but idiots are back into buying that crap again.

The good news is that Apple is reverting back to their old tricks that nearly destroyed their company 20 years ago.

Re:Not good for their aspirations

[Sowelu]

Yeah, I can't see Linux players being allowed on any servers for some games. "No VAC on Linux" is a reasonable statement. VAC-only games (I think CoD?) will therefore never make it onto the platform. Can you imagine if only one operating system didn't have cheat detection? Why not wave a big flag around saying "If you want to cheat, run Linux"?

There's a lot of players who actively choose VAC games over non-VAC games, even with full information about these countermeasures, because they want to lower the chances that they are playing against a cheater. Saying "I run Linux but please let me play your game" is like saying "I'm not willing to take a drug test but please hire me". Some places might. Some places never will.

Whoosh

[wjousts]

No need to check your DNS history to tell you haven't visited OhNowIGetTheJoke.net

Re:Whoosh

What joke? I thought i kan reed was being completely serious about not wanting Valve to know the sites they visit.

Visiting a Site Isn't Cheating

[Luthair]

Are DNS entries really indicative of cheating? It doesn't necessarily follow that someone who has viewed a site about cheating is actually cheating. And now that it is known, it is virtually guaranteed that anyone actually cheating will simply use a secondary PC to surf the sites.

Re:Visiting a Site Isn't Cheating

The code isn't just checking for any websites you've visited. A number of hacks need to be connected to a remote web server in order to function properly or to verify that you've actually purchased the hack. The code in question is supposed to look for these phone home servers in your dns cache after VAC has detected that you may already be cheating.

Re:Visiting a Site Isn't Cheating

[DarkFencer]

Assuming Gabe is being truthful when he states that this is a secondary check triggered by some other evidence for cheating, then just visiting these sites wouldn't be enough.

Its suspicious activity (reported by players? detected through other methods? not sure) that triggers the additional check(s).

Re:Visiting a Site Isn't Cheating

The summary is actually wrong and if you read the article you'll notice that he points out that they specifically look for the non-web dns entries that point to the DRM servers in the cache. As such simply visiting the website wouldn't trigger anything. Also as he points out it is simple to modify the dns cache and this specific test is no longer effective.

Re:Visiting a Site Isn't Cheating

To bad most cheats require a "subscription" which means the client logs into the service.

Re:Visiting a Site Isn't Cheating

[newcastlejon]

It's not an issue of viewing cheating sites; Steam is looking for DNS lookups performed on DRM servers (not the Steam ones). Many cheats are paid-for so, in a cruel twist of fate some might say, they use DRM to check if the cheater has paid for the priviledge of doing so.

gaben himself has said that this tactic only lasted a matter of weeks anyway, until the cheatware started futzing around with the player's DNS cache to avoid these checks.

Re:Visiting a Site Isn't Cheating

[Somebody+Is+Using+My]

Mind you, it's less checking if you visited a site and more if your computer accessed a proscribed host.

Many of the cheats VAC is checking for are not only sold, but protected by a form of DRM that checks an authorization server before they let you use the cheat. VAC is more often looking to see if your computer is connecting to the authorization server; e.g., they are more interested in seeing if you visit authorization.cheaters.com than forums.cheaters.com

Not that I think that is much better, and I imagine that - especially now that the method has become common knowledge - it will become far less effective. The hacks will probably start using some sort of commonly used proxy to redirect and obfuscate the authentication request; perhaps the next version of WallHack.exe will come bundled with a TOR client.

Of course, the best option would be to give customers a choice: play on sponsored, VAC protected servers - albeit at a cost to your privacy - or allow VAC to be turned off and play the game on player-hosted servers, where you may (or may not) encounter people using cheat tools.

Re:Visiting a Site Isn't Cheating

Try RTFA.

Re:Visiting a Site Isn't Cheating

Go read yesterday's thread, or just RTFA. This isn't meant to catch people who google 'how i aimhack conter strike.'

Re:Visiting a Site Isn't Cheating

Its not that simple. The cheats were using a type of DRM which checked if the cheater has paid against cheat developer's billing server or whatever DMR they had in place. It is those lookups that Valve was matching against the DNS cache. To answer your question, yes, the DNS lookups were a clear indication that a cheat was checking whether they had paid for it.

Now the cheat developers are going to code their own DNS resolution rather then relaying on the host operating system and thus continues the game of cat and mouse.

Re:Visiting a Site Isn't Cheating

Would be amazing if any of you twats actually stopped and read the response.
It answers all your questions, quite satisfactorily

Re:Visiting a Site Isn't Cheating

[QuasiSteve]

The point is that these aren't sites you would normally visit out on the interwebs. It's a bit like saying "oh but what if I somehow stumbled upon udashdiasd.dashbduiqidasdjkasd.dasbdaskd.hdasuida.something.com?" when the only known vector for ever hitting up udashdiasd.dashbduiqidasdjkasd.dasbdaskd.hdasuida.something.com is through a piece of malware, and complaining that your anti-malware package threw up a red flag.

More specifically, your comment's subject:

"So basically it wasn't pulling DNS for the entire machine but only looking for that one particular phone home call the cheat did? So merely looking at a cheat site won't get you banned?" - ava_ati

"Correct." - GabeNewellBellevue

- http://www.reddit.com/r/gaming...

Add to that that this check only occurs if VAC has already detected something fishy going on. So even if you did deliberately hit up these DRM servers (for science / research / because you want to lower the SNR for VAC).. unless you're actually using the cheat, VAC doesn't much care.

At least, them's the claims.

Re:Visiting a Site Isn't Cheating

[idontgno]

Mind you, it's less checking if you visited a site and more if your computer accessed a proscribed host.

The use of the emphasized phrase with a straight face is exactly what's wrong with this methodology.

It's the Internet. Sane societies don't have "proscribed hosts".

Re:Visiting a Site Isn't Cheating

Read. The. Article.

They clearly state that this check was effectively for only 13 days and is no longer effective.

Seriously, read the article.

It'd also be nice if moderators didn't up vote something "Insightful" when it's clear that the poster didn't read the article. There's nothing insightful about this...

Re:Visiting a Site Isn't Cheating

[TheCarp]

While I agree in general, I am not sure this applies here, for 2 reasons:

1. This is not society in general, this is on hosts which are running games, which are protected by VAC. The user signed up, the user installed the game, the user invoked the game, the user was warned that the game uses VAC and cheaters would be banned.

2. Even after the user has invoked the VAC protected game, these checks for "proscribed hosts" are not done as a primary check, but, as a followup to confirm an association for which there was already evidence.

#2 is important. Just going to a cheat site doesn't make you a cheater. However, if you are suspected to be a cheater for other reasons, and it turns out you go to the site for the cheat you are suspected of, that is confirmation. That is good investigation. If you look for whoever went to a site and then use that to bias your cheat detection, that is a good old fashioned witch hunt.

Re:Visiting a Site Isn't Cheating

Of course, the best option would be to give customers a choice: play on sponsored, VAC protected servers - albeit at a cost to your privacy - or allow VAC to be turned off and play the game on player-hosted servers, where you may (or may not) encounter people using cheat tools.

You can play vac protected games on non-vac servers. They don't care if you are banned or not. But don't play with a cheat on a vac server or you will get banned from all vac protected servers. Not sure what more they should do.

Re:Visiting a Site Isn't Cheating

gaben himself has said that this tactic only lasted a matter of weeks anyway, until the cheatware started futzing around with the player's DNS cache to avoid these checks.

So they didn't stop because of some concern for customer privacy, they stopped because it was becoming ineffective.
That's not very reassuring.

Exploitable?

[OhPlz]

Sounds like a possible exploit to me. All you need is a web page claiming to have cheats or walkthroughs or something, then have that page send the browser to a bunch of the likely-to-be black-listed sites. Now you've just screwed anyone on Steam that happens to hit the page. Then what recourse do the players have? Any? Game software should not be spying on its user outside the realm of the game.

Re:Exploitable?

not having the cheat-drm installed would help

Re:Exploitable?

[Ardyvee]

It should only trigger the dns check if VAC believes you are cheating.

VAC checked for the presence of these cheats. If they were detected VAC then checked to see which cheat DRM server was being contacted. This second check was done by looking for a partial match to those (non-web) cheat DRM servers in the DNS cache. If found, then hashes of the matching DNS entries were sent to the VAC servers. The match was double checked on our servers and then that client was marked for a future ban.

Emphasis mine.

Re:Exploitable?

[The+MAZZTer]

The more important bit is that your PC needs to have contacted the cheat DRM server. The only way this should happen is if you have a cheat installed that is trying to contact it. It's not something you would try to do with a web browser without the cheat.

Re:Exploitable?

[OhPlz]

A DNS hit is a DNS hit. Whether cheat software or your browser initiates the name resolve, it will end up in the DNS cache. The only protection is what the parent said, it already has to suspect that the player is cheating. Makes me wonder why the dip in the DNS cache is even necessary. To me, it implies that they're afraid of false-positives.

Read links, no answer

So, this VAC thing that collates all DNS data and "doesn't" send it anywhere, is that just for the military themed hat simulators, or does it run anytime I play anything that is Steam-linked?

Re:Read links, no answer

[Luckyo]

It does send it back to the mothership. Otherwise mothership wouldn't know how to ban. The detail they're arguing on is that they're doing comparison against database on your machine rather than theirs.

Of course, absolutely nothing stops a NSA mole inserting a few appropriate cites into target's VAC to check for sexual interests in case they need blackmail material to forward to CIA that specific person for example. And Gabe will be none the wiser, like the google and facebook CEOs were about NSA having essentially direct indexed search access to all their user data on demand.

Re:Read links, no answer

[EvanED]

Not all games are VAC-protected, and not all VAC-protected games have every server VAC-protected (I think). For instance, you won't have VAC running for single-player games.

Re:Read links, no answer

[Sowelu]

VAC only runs when you are actively connected to a VAC-enabled server.

Misleading article... read the real post by Gabe

They did not look at DNS histories of your browsing... there are cheats that have their own DRM that phone home to the cheat server to make sure you paid for the cheat (/irony). All Valve was looking for was the phone home to the cheat servers, not your bloody porn searches, or even visiting a cheat website.

Why do we still allow this sort of overeach?

[green1]

The more I see stories about various programs accessing all sorts of stuff they aren't supposed to, the more I wonder why we still allow this? I use my browser for something, there shouldn't be any other program on the computer that knows about it. It's time we eliminate this idea that every app has access to every file on our computers. I really don't understand why sandboxing every app is not only not the default, but also very rarely even available on most operating systems.

It seems these days most apps are hostile to the users, it's time we treated them as such and stopped letting them have the run of our computers.

Re:Why do we still allow this sort of overeach?

[dave562]

We tolerate it because cheaters ruin games. If do not want to play the game, or do not want your privacy violated, then do not play games on Steam.

For those of us that do play games, and do play them honestly, this is another step in the right direction. Cheating simply kills these games. I am willing to give up a bit of privacy in exchange for fewer aimbots and wallhacks in the FPS games that I play. If you read the article, or the comments, you would realize that the DNS scanning is a second level of review that takes place when other indicators point towards a person who might be cheating.

Re:Why do we still allow this sort of overeach?

[Kardos]

> It seems these days most apps are hostile to the users, it's time we treated them as such and stopped letting them have the run of our computers.

Well that the tradeoff when it comes to closed source software. You have to trust that the provider of the binary is Not Evil.

> It's time we eliminate this idea that every app has access to every file on our computers.

Mobile has made some progress here with "App Permissions", such that you can limit what an app can do. It's easy to do this when you build a new system, apps have to conform to it. With PCs, the "app can do whatever it wants" has been standard for years and it'll be hard to change it.

Re:Why do we still allow this sort of overeach?

[Ardyvee]

Don't use VAC. AFAIK (correct me if I'm wrong), it should only be activated if you join VAC-enabled servers. VAC is specifically Valve's Anti-Cheat System and it does what it says on the tin. Although I guess I do agree on the whole sandboxing thing. But you still have the problems of cheating in online games.

Re:Why do we still allow this sort of overeach?

[green1]

This particular case has a "noble" goal, but the exact same techniques could be used for much more nefarious purposes. There is no good reason why it is even possible for an app to do this.
Apps should NEVER have access to anything outside of themselves without explicit permission. There is no good reason for it, and it causes huge security holes.

Re:Why do we still allow this sort of overeach?

[green1]

Mobile has not really done any better. most mobile OSs will tell you what permissions an app is asking for, but won't allow you to select which ones to allow. In addition, the apps are still not fully sandboxed. For example on my android phone I have an app that won't run on rooted phones. It doesn't request root permission, so it SHOULD have no possible way of knowing I'm rooted, however it has full access to the file system (without any special permissions) and therefore can figure it out on it's own.
It's time we stopped letting apps have the run of our devices. Developers have repeatedly proven that they don't trust their users, it's time we stopped implicitly trusting them.

Re:Why do we still allow this sort of overeach?

[green1]

This particular case may have a "noble" goal, but the exact same techniques could be (and probably are) used for much more nefarious purposes. There is no good reason why it is even possible for any app to do this.
Apps should NEVER have access to anything outside of themselves without explicit permission. There is no good reason for it, under any circumstances, and it causes huge security holes.

Re:Why do we still allow this sort of overeach?

[jader3rd]

The more I see stories about various programs accessing all sorts of stuff they aren't supposed to, the more I wonder why we still allow this?

It's because we like it when programs work well together. As a result general purpose computers have the model that anything running as the user is the user. So preventing one application from interfacing with/messing with another program would be the same as blocking the user from doing the same. Any OS that tries to put up garden walls between programs is decried as an attack on computational liberty.

Re: Why do we still allow this sort of overeach?

VAC more or less has this permission. It's common knowledge that anti-cheat is somewhat invasive

Re:Why do we still allow this sort of overeach?

[Luckyo]

For those of us actually playing games, it's a massive leap in the wrong direction. I'll take ten times the amount of cheaters they banned with this in my games if that means they do not violate my privacy.

Re:Why do we still allow this sort of overeach?

[gIobaljustin]

So in other words, you tolerate it because you care more about the safety of your DRM-infested, proprietary games than you do about what these applications are actually doing. Such integrity.

Re: Why do we still allow this sort of overeach?

[gIobaljustin]

Then it should also be common knowledge that people should stay far away from their proprietary garbage. To do otherwise is to admit that one is profoundly ignorant.

Re: Why do we still allow this sort of overeach?

[green1]

Did your OS stop it from accessing random files on your hard drive until you gave it permission to do so? If not, are you saying that you have no problem with EVERY application on your computer having similar access to snoop through every file on your hard drive and tell whoever it likes?

Just because you happen to like what this one piece of software does, doesn't mean it isn't doing it in a way that should concern us about what our systems allow with no checks and balances.

Re:Why do we still allow this sort of overeach?

[dave562]

Exactly. As part of playing the game, I am willing to give up privacy in order to have to deal with fewer cheaters making up for their lack of skill (and ruining my game experience) with hacks and exploits.

It has nothing to do with "safety" of the games and everything to do with the quality of my playing experience.

They are already running an executable that is scanning memory in real time. Who cares if they are digging through DNS cache?

Everyone who responds to this about privacy in video games is barking up the wrong tree. The real privacy violations are happening upstream, at the ISPs with the full support of numerous three letter agencies. I am more concerned about the NSA colluding with Microsoft than I am with Valve scanning my DNS cache for servers used to authenticate cheats.

Re:Why do we still allow this sort of overeach?

[green1]

All I ask is that the OS asks first. and ideally gives you the choice of allowing, denying, or faking the results.

If I want my email program to be able to load an attachment to forward, I'll tell it that's ok. If some random game wants to see what my browser did last I'll either deny, or give it false info. (I don't cheat, nor do I visit cheat sites, but I also don't think they have any right to know what sites I do visit)

Re:Why do we still allow this sort of overeach?

[dave562]

The app already has explicit permission to go outside of itself. VAC is scanning memory when the game is running to detect cheats. THAT is way more invasive than doing a second step verification of MD5 hashes generated from the DNS cache.

There is a good reason for it. The reason is to reduce the instances of cheating. If you do not agree with that, do not play the games. I am willing to guess that you do not play very many FPS games, so you probably do not have to frequently deal with the frustration of being instantly killed by people you can barely even see. Nor do you deal with the frustrations of players knowing where you are at all times.

Re:Why do we still allow this sort of overeach?

[gIobaljustin]

So the addict speaks.

The real privacy violations are happening upstream, at the ISPs with the full support of numerous three letter agencies. I am more concerned about the NSA colluding with Microsoft than I am with Valve scanning my DNS cache for servers used to authenticate cheats.

X being worse than Y does not mean that Y isn't bad. All of these are real privacy violations, all of them are bad, and you really have no idea what this proprietary garbage is doing. Your logic is bad.

Re:Why do we still allow this sort of overeach?

I'll take ten times the amount of cheaters they banned with this in my games if that means they do not violate my privacy.

Guy who never played on a server with even one fucking aim bot. Nothing stops you from playing on VAC free servers, you can even filter them in most games. It isn't as if this was the time, games have been searching your computer ever since DRM became aware of Daemon tools and cohorts.

Re:Why do we still allow this sort of overeach?

[Sowelu]

Good god! I can only imagine all the nefarious purposes that drug testing companies use my samples for when I get tested for a job! Why, maybe they're even trying to pull my DNA out of them and sequence it so they can sell it to who-knows-what evildoers! If only a tinfoil hat worked for that.

No. I give VAC explicit permission, and it does its job. No VAC, no online games worth playing.

Re:Why do we still allow this sort of overeach?

[Luckyo]

I played games ever since duke nukem 3d over heat.net over 28800 baud modem days, thank you very much. I imagine I've met more cheaters than most people.

And while nothing "stops me from playing on vac free servers", nothing stops steam from running vac DNS checks on me either.

So the idea of the day is "understanding the issue, not being utterly stupid and posting as AC to cover it".

Re:Why do we still allow this sort of overeach?

[green1]

So you're ok with your word processor telling it's owners every website you've ever visited, and possibly your online banking info that was in your cache too while it's at it? how about your image viewer? that weather widget should be able to access every file on your computer and every register in memory too and phone it home, why not? after all, you gave it "explicit permission" (the same permission you gave VAC, a simple install, your OS didn't ask for more.)

The point is that whatever you think of this particular use, it just shows how we don't handle any form of security from the biggest threat on our computers, the apps we install. This SHOULD have come out when the first user installed it and his OS asked permission, instead it came out after people discovered it through other means. There's just no excuse for our OS (and I mean every common OS out there) allowing this by default for every single app.

The people and companies who write the apps don't trust us, so why do we continue to implicitly trust them?

Re:Why do we still allow this sort of overeach?

[ravenlord_hun]

I hope you don't run any anti-virus/malware software either, then. Because, you know, they use almost exactly the same methods (RAM, registry, full HDD scan and reporting home) for exactly the same ends - that is, preventing software they deem harmful from running.

Re:Why do we still allow this sort of overeach?

VAC did not and does not access your browser history.

Re: Why do we still allow this sort of overeach?

[ravenlord_hun]

Whether you use those things or not makes little difference as long as the underlying OS allows such things to happen. If people stayed away from VAC in protest, they would only give an absolutely free reign to cheaters who don't give a hoot about such ethical concerns.

This is a technical answer to a technical problem. Or do you have a better solution, short of no-one playing multiplayer on servers they don't host themselves?

Re:Why do we still allow this sort of overeach?

[jellomizer]

Well for one, I know a lot of gammers hate to hear it, IT IS JUST A GAME! If you don't like it don't play the game.

Secondly Cheaters really ruin it for everyone else. Most players play online because they want to test their skills against others using the fixed set of rules. I remember being impressed when I played War Craft II and I found my unintended army gone, with no alerts. Just because they were all turned into a bunch of sheep. Annoying yes, I didn't care to loose however the player was being creative with the rules in the game.

  If you want to win base off of cheating, you should find a server for cheaters and see who's cheats are the greatest.

Re:Why do we still allow this sort of overeach?

[gIobaljustin]

I don't run proprietary software, period. I'm the only one who should decide if software is "harmful," and Valve certainly shouldn't decide that software I installed on my computer is harmful for me.

Of course, again, this is why I don't use proprietary junk to begin with.

Re: Why do we still allow this sort of overeach?

[green1]

So your excuse is because this one application has a use you like, all OSs should allow ALL applications free reign.

This is a technical answer exploiting a security hole that shouldn't exist to try to prevent a social problem. If people stayed away from VAC in protest it wouldn't fix the underlying broken concept in every OS that says apps should have free reign over the system.

The problem here is not VAC, the problem is the OS allowing every single app unlimited access to the system, something we should not be allowing.

Re:Why do we still allow this sort of overeach?

[Kardos]

I can't speak for android, but BB10 gives pretty good control over permissions. There are a bunch of categories that you can control access (GPS location, phone, contacts, email, text messages, stored files, internet, etc). Many apps that request permissions will still run without them, for example a weather app can get location from GPS if you allow it, otherwise you specify the location you want the weather for. Of course, some apps won't run if you don't give them all permissions - these get promptly deleted.

Re:Why do we still allow this sort of overeach?

[green1]

Then I can give them permission to do so.
The OS should assume the worst from any application asking for access outside of itself, and let the user decide. I should be able to give it access, deny it access, or fake the results.

The problem here isn't what VAC is doing, the problem is that any app can do this without any oversight at all.

As a side note, anti-virus and anti-malware wouldn't be issues if we stopped this ridiculous idea that every app should have full and complete control of the user's system.

Re:Why do we still allow this sort of overeach?

[green1]

I think you misunderstand me, I'm actually not complaining about what VAC does, I'm complaining about what our modern OSs allow EVERY app to do. Not using this app doesn't fix the underlying security concern that every app on my computer has the same access and can do whatever it wants with the information.
This is what we need to fix. Our computers need to stop blindly trusting every app.

Re:Why do we still allow this sort of overeach?

[green1]

Sure it does, it just doesn't do it using the browser. it checks what DNS lookups you've made, and assumes that it's the same thing (which it pretty much is for this purpose)
The problem is, it shouldn't have access to read that file. Only your DNS resolver should. Security on modern OSs is a big problem, the fact that none of them take it seriously, and all of them allow every piece of software to do whatever it likes on your computer is what needs to change.

Re:Why do we still allow this sort of overeach?

[green1]

By default android takes an all or nothing approach, it tells you what permissions the app wants, and you decide if you want to install it or not. There are however 3rd party solutions for rooted phones which allow you to deny specific permissions and these work well (for example I told my weather app that it didn't need permission to vibrate the phone, I'm capable of deciding when I want to look at the weather). The problem here is two fold though:
1) you can allow or deny, but you can't fake, which means if an app decides not to run without reading your contact list to show you the weather, you can't show it a blank contact list to trick it in to running, I think you should.
2) and this one is more important. Accessing arbitrary files all over the internal file system (such as what VAC is doing in this case) is not considered a permission, it's allowed by default, and is not one of the things you can block, or even see if the app needs.

This is ridiculous. I could deny every permission in android, and a program like VAC could still read my DNS cache. Now I could stop it from contacting the internet, but obviously that's something I want an online game to be able to do. So even the most "advanced" OSs we have today in this area, STILL don't stop apps from accessing random files that they have no business accessing. This is a major security concern.

Re:Why do we still allow this sort of overeach?

[ravenlord_hun]

Interesting. So, out of curiosity... what do you use to keep your *nix box safe? Tripwire?

Re:Why do we still allow this sort of overeach?

[gIobaljustin]

Secondly Cheaters really ruin it for everyone else.

"Well for one, I know a lot of gammers hate to hear it, IT IS JUST A GAME! If you don't like it don't play the game."

???

Re: Why do we still allow this sort of overeach?

[ravenlord_hun]

Ah, I think you misunderstood me; I was approaching from the other angle. My point was: since all desktop OSes today give apps free reign - stuff like VAC is neccesary. Just like anti-malware, anti-rootkit, etc softwares - all of them neccesary in the given environment, even if it'd nice not having them running in the background 24/7.

Even Android - a relatively secure linux with some seperation between processes - will gladly allow you to mess around with any process, once you are root. So if you want to alter a process (inject cheat into a game, say)... then it won't stop you.

I understand the theory of having a properly compartmentalized OS (hypervisor running only completely sandboxed apps, etc), and I wouldn't mind having one. But, the thing is: we don't. Not in a state where they could run the majority of the apps we need an OS for today, anyway. Even so, we still want to play games. And without cheaters ruining it for all us, if possible.

Re:Why do we still allow this sort of overeach?

[ravenlord_hun]

You say let the user decide... but that's a ridicolously bankrupt concept. If some of the users weren't wanting to cheat, we wouldn't need VAC in the first place. By allowing the user to do the same poisonous behaviour they do today, you simply didn't change anything! Legit players will still need VAC, and VAC will still need underhanded methods to catch software that also operate unethically.

I agree on the OS part anyway; the OSes that are popular today were designed very, very long ago. But, that's something we'll have to live with for a good while. Designing an OS that would prohibit "super access" for any app by design... while nice in theory, would also require putting together completely new ones. And that's a lot of effort... so I guess we won't really get to see them for a while. Not to mention the inertia that - similarly to any other industry - is present in IT.

Anyway, permissions. You say you give those things permission. Fine. Permission for what? Scan you RAM? Your full HD? Basic requirements as far as antivirus softwares go... but that's way worse than browsing your DNS entries, right there! And some of those scan results will wind up in some global database, or else new virus definitions couldn't be made. So, how do you know what gets reported and how? Will you keep checking the source for all your antivirus apps? Every patch, every commit?

Re:Why do we still allow this sort of overeach?

[rogoshen1]

and thus, the only time in the history of warcraft II that someone actually won playing as human.

Surfing the sites won't trigger it

VAC looks for the DRM servers that ensure you're a paying user of the cheat. Check the Reddit post.

Not really

Not cheat sites. Specific non-web servers that the cheat software "phoned home" for authentication, since cheats are paid software and therefore have their own DRM. Valve was never even made aware of anyone just browsing a cheat site.

It should also be noted that VAC no longer does this check, as devs of cheat software have figured out how to manipulate their clients' DNS cache.

Re:Expect an exodus?

Nothing stopping you from rolling your own Linux, And installing steam on that with whatever walled off qualities you want. Which is looking like what im going to have to do.

Pssst... Shhhhh... Nobody please tell Gabe about i

Because that'll force him to hire router proctologists and that would cost a lot and Valve might go out of business.

Re: Visiting does not imply guilt

[DocSavage64109]

Then it's a good thing that the DNS scan is only for verification purposes in the second stage of the anti-cheat process.

No Local Resolver

Turn off your local resolver, and presto, no DNS cache to search. Web surfing may be slightly degraded but not much.

Re: No Local Resolver

[DrGamez]

I know this is AC but holy christ you didn't even read the summary.

Your ignorance is making me angry so please allow me this: fuck you.

Re: No Local Resolver

Dude:

"....The short version is that Yes, Valve is scanning DNS caches"

Nothing cached means nothing to san. WTF is your problem?

Banned from Battlecraft

[Spiked_Three]

I recently got banned from battlecraft (or whatever it is called) for cheating. That includes, warcraft, diablo, starcraft, others?

But here is the thing; I have not even logged on to play any of those games in over 3 years.

The vendor has come to a flawed conclusion I cheated, and prevented me from playing games I have spent hundreds of dollars for.

Mr Newell, I suggest that some, if not most of your apparent cheaters, are due to YOUR companies lack of technical skill. Stop punishing the innocent for that.

Re:Banned from Battlecraft

Perhaps whoever is using your account is cheating.

Re: Banned from Battlecraft

Sue them. Only by demanding justice for wronged innocents can this behavior be stopped.

Re:Banned from Battlecraft

What probably happened: Somebody ELSE tried to log into your account from somewhere else and your account has been flagged. You would have to contact them.

Re:Banned from Battlecraft

[dave562]

Mr Newell, I suggest that some, if not most of your apparent cheaters, are due to YOUR companies lack of technical skill.

While you may suggest that, it is a load of crap and doing so makes you look ignorant.

Cheaters have nothing to do with Valve's lack of technical skill, and everything to do with the client/server based nature of the games. As long as the games are running on hardware that the company does not control, there will be cheaters. It is the age old adage that if the attacker (in this case the cheater) has physical access to the server (or in this case, game client), there is nothing that you can do to protect yourself.

Re: Banned from Battlecraft

>Sue them.

Valve forced users to accept a binding mandatory arbitration agreement a couple of years ago or else they lost access to all previously purchased games that they hadn't downloaded prior to the agreement being sent. Even if downloaded, those games lost all online access.

Suing them now means you are kissing the boots of whatever dark lord/"judge" valve pays for to tell you that you're wrong because money.

Re:Banned from Battlecraft

[AC-x]

I don't think Mr Newell has anything to do with Battle.net so I'm not sure what you're complaining to him about it for. Have any examples of false positives in VAC games?

Re:Banned from Battlecraft

[Yosho]

Please go on. Tell us how Mr. Newell's lack of technical skill has anything to do with "Battlecraft."

By the way, you should at least learn the name of the service you're complaining about before you continue to make yourself look like a complete moron.

(Hint: It's Battle.net, and it has nothing to do with Valve or Steam)

Re: Banned from Battlecraft

Valve doesn't operate "Battlecraft" so that's a none issue.

Re:Banned from Battlecraft

[Spiked_Three]

How does some clowns hacking of my account, make me look ignorant?

Do you you honestly think battle.net is hackproof? And you think I am ignorant?

And for those of you who can not infer simple concepts, I used the words 'The vendor has come to a flawed conclusion' to indicate I knew they were not the same as valve. Sorry I did not take the time to spell it out for some of you (again, I'm the ignorant one (rolling eyes/).

Re:Banned from Battlecraft

Dude, you got malware email. I get those banned emails weekly and ignore them. I haven't logged into Battlenet since a month of Diablo 3's launch (the time it took me to realize Diablo 3 was horrible).

Re: Banned from Battlecraft

[dave562]

You do realize that Battle. Net and Steam are products from two different companies right? You addressed your post to one, not the other.

Re:Banned from Battlecraft

[dave562]

Nothing is hack proof. That is my point, and that is why your comment "cheaters [being] due to [Valve's] lack of technical skill." is an ignorant comment.

Re:Banned from Battlecraft

Your discontent is misdirected, friend. Battle.net, along with its associated games - Warcraft, Diablo, Starcraft, etc. - are part of Blizzard Entertainment, which is an entity of Activision. Neither Valve corporation, nor its CEO Gabe Newell, nor its products Steam and VAC, have any affiliation with Activision or Blizzard.

I do agree Battle.net is a ruthless DRM scheme, but I'm afraid it isn't relevant to this discussion. If I recall, VAC itself has quite a low number of false positives, and such cases are handled rather well.

Re: Banned from Battlecraft

[SlippyToad]

I pretty much figured he was ranting and had no exact clue what he was talking about.

I mean, he's not even entirely sure which game he got banned from, and hasn't played it in three years. Are you even sure you're banned? Maybe you just forgot how to play.

Re:Banned from Battlecraft

[SlippyToad]

You ignorantly shoot your mouth off, get virtually every important detail wrong, get called on it, and cry fuck off?

What a jackass. Did you forget to go over and swim in the fucking sewer on 4chan? Sounds like that's where you belong.

Re:Banned from Battlecraft

[jandrese]

Wow, that's quite a troll there. Wrong facts so people can "correct" you, hyperbolic complaints designed to issue the same. It's got quite the feature list.

Re:Banned from Battlecraft

[jxander]

Where to start?

1. It's Battle.Net not battlecraft. That's the actual website in addition to the common name. Mondegreens don't make you sound hip or cool. ("I don't twit on that twatter website, or whatever it's called *harumph*"
2. Valve isn't affiliated with Battle.Net in any way. Maybe if they were, Valve would have apprehended this criminal before they ransacked your account
3. Given 3 years uninterrupted, just about anyone interested could brute force your password by hand. Unsure of the relationship between your issue and DNS checks
4. You haven't logged in for 3 years, which means you haven't played any SC2 or D3 (not that I blame you) D2 characters hosted on Battle.Net expire after a certain dormant period (60 days?) Star Craft ladders reset, so there's really nothing to lose there. At best, they logged into your WoW account and sharded up your level 60 gear. This is such a non-issue, I can't even fathom why someone would WANT that account. There is literally nothing of value there, unless you have continued to pay subscription fees to WoW, in which case they might be using the account to Bot... but that's really not causing YOU any loss. If you've been paying the $15/month for the last 3 years, getting accused to cheating is really the LEAST of your worries

Re:Banned from Battlecraft

[Spiked_Three]

Thank goodness not all readers are as fucking stupid as you, and understood what I was saying :) I keep forgetting to write at kindergarten level for some of you. It is so hard connected dots, I know, right?

Re:Banned from Battlecraft

[Spiked_Three]

Let me retype me post for those who have trouble connecting the dots;

Another large company, with a large game community, falsely banned me for cheating. It had been some time since I played any of their games. I moved to Seattle in 2010, and I do not believe I played any of the games since I moved here.

It is very possible that that companies lack of technical skills was unable to prevent hackers from using MY account, and that is what lead to the ban. And ANY company in a similar position is likely to make the same mistakes.

/--- noreply@blizzard.com
12/10/13

to me
Greetings,

* * * NOTICE OF ACCOUNT CLOSURE * * *

A user of this account has recently been involved in actions deemed inappropriate for Diablo III by the In-Game Support staff of Blizzard Entertainment. This decision was made after a thorough investigation of the situation as a whole. Though we are unable to discuss the outcomes of our investigations due to privacy concerns, rest assured that this incident has been looked into very thoroughly, and the appropriate actions have been taken on all involved accounts.

Account Action: Account Closure
Offense: Unapproved Third Party Software
A third party program is any file or program that is used in addition to the game to gain an unfair advantage. These programs may increase movement speed or teleport heroes from one place to another beyond what is allowed by game design. It also includes any programs that obtain information from the game that is not normally available to the regular player or that transmit or modify any of the game files.

Cheat Programs ("Hacks")

We take action against accounts using hacks when a hero on the account is identified using a hack program. Hacks provide benefits normally not achievable in the game. Such benefits may include: increased speed, teleportation, or running through walls.

Automation Programs ("Bots")

We take action against accounts using automation programs or bots when one or more heroes on the account are identified using a bot to achieve automation.

This Diablo III account has been closed by our staff based on a review of the account and all related policy violations, in accordance with the Terms of Use and our In-Game Policies (http://us.battle.net/support/en/article/300722). Note that any open bids or auctions at the time of the account’s closure have been cancelled. Your open bids will be refunded to your original method of payment. Please allow 5-10 days for processing depending on the availability of your financial institution. Any bids or auctions completed prior to the account’s closure will neither be refunded nor reversed.

Moving forward, this Diablo III account and any Heroes or items associated with the account are no longer accessible. The only way to continue playing Diablo III is to purchase a new license, or to attempt to recover access by appealing account closure. While closure overturns are very unlikely, we advise that customers pursuing an appeal hold off on purchasing a new Diablo III license until the appeal process has completed. If you add a new Diablo III license, a new account will overwrite your old, without any prior Heroes or items from the closed account.

Any disputes or questions concerning this account action can only be addressed by Account Administration. To learn more about how Account Administration is able to assist you, and how to contact them via online ticket, please visit us at http://us.battle.net/support/e.... We will be unable to investigate account actions over the phone - an online ticket is the only way to contact Account Administration.

We understand that these policies may seem harsh, but they are in place to ensure that every player is able to fully enjoy their time spent on Battle.net. Thank you in advance for respecting our position.

Regards,

Blizzard Entertainment
Diablo III Customer Support
http://battle.net/support

Re:Banned from Battlecraft

[Spiked_Three]

So, I looked a little more, maybe it had not been 3 years since I played - but the point remains.

What especially pisses me off about this whole deal is knowing that I have 3 CD keys for half-life. Why? Yeah, friggin banned before by VALVE as well.

They may have gotten better, but there was a time in Mr Newell's past where his company was as bad, if not worse, in banning people without just cause.

Re: Banned from Battlecraft

[Uberbah]

You do realize that Battle. Net and Steam are products from two different companies right?

You do realize that's a non sequitur if he bought the games through Steam and has had his other Steam purchases blocked, right?

Re: Banned from Battlecraft

[dave562]

Where did you get that? He mentions Battle.Net and a slew of Blizzard games. No where does he mention purchasing games through Steam. The only reference that comes close to Steam is his comment directed to Gabe Newell.

Re: Banned from Battlecraft

[DrGamez]

(someone has access to your account and got it banned)

Mr Three, I suggest that some, if not most of the ignorance in your post, are due to YOUR accounts being compromised because of lack of technical skill. Stop punishing us, by making us read your bad comment.

Re:Banned from Battlecraft

The problem is that connecting the dots you attempt to lay out results in a moronic supposition.

You claim that some to most of the cheaters detected by Valve are not actual cheaters, and were only flagged due to Valve's poor technical skill. Your only argument to back this up? Your experience with Battle.net which is a Blizzard / Activision property.

How the one relates to the other is never explained, since there is no good explanation. You either mistook Valve for being responsible for Battle.net or you somehow think that the flaws of Blizzard in your case must somehow mean that Valve lacks the technical skills to correctly identify cheaters.

Because you ate a bad apple that one time, does not mean that this orange is rotten.

Learn to think above a 3rd grade level.

Re:Banned from Battlecraft

[Spiked_Three]

Oh, in case I forgot to mention it, informative person, double, make that triple fuck off

Re:Banned from Battlecraft

[Yosho]

Good news! Being banned due to cheating on Steam only blocks you from joining multiplayer games. You do not lose access to any of your library.

Or, I don't know, maybe you're just lying at this point while desperately trying to save face.

They are non-www servers, so it would be special i

They explain that these are non-www servers, so you can't visit them. They are used directly by the apps to find their license servers, it's not the servers where you can download the files.

And if you need to visit cheat sites for this, I would open them in some VM since these aren't the most trustworthy sites.

Neither does valve.

What they WILL do is abuse you and claim it protects you.

Just like the NSA.

Re:Neither does valve.

NSA claims to protect some people, not me. Valve doesn't claim anything, they just want the hackers to buy CS:GO for the fourth time.

Re:Neither does valve.

[gIobaljustin]

Or you, if they happen to falsely flag you as a cheater.

Re:Neither does valve.

[ravenlord_hun]

If something on your PC is calling home to some cheat-DRM address (not forum, not discussion board, not even a frikken' download site)... then you are probably not a false positive, though.

Re:Neither does valve.

[gIobaljustin]

You have no idea how their software works, as it's proprietary. Furthermore, the fact that you used the word "probably" says it all. You can't have absolute faith in any software, and certainly not if you can't see the source.

Re:Neither does valve.

[ravenlord_hun]

You could subtitue 98% of Linux and 100% of Windows systems and say the same. You say source - but we both know that if we're paranoid, just looking at the supposed does little good. Any binary you download could have been made from an altered source. So, how many OSes did you compile yourself? Which binary do you trust, and why?

Re:Neither does valve.

[gIobaljustin]

I consider the freedom to look at the source important in and of itself. And even if being able to look at the source doesn't stop 100% of all Bad Things, it's a hell of a lot better than dealing with binary blobs. Don't resort to the perfect solution fallacy.

Re:Neither does valve.

[ravenlord_hun]

Good for you. Me myself, I won't put that much more trust into the ability of looking at a source that's many thousands pages long and so utterly complicated it would take a team of experts to fully audit; also one that may or may not be the same software I wound up with. Theoretical possbilities I have no real means to use are that: theoretical possibilities.

If you are that paranoid, do what I do. Install a network filter at your endpoint and analyze your own traffic. That's the only way to be sure, unless the network filter/analyzer themselves are bugged. But that's a risk I'll live with.

(Now, I also value open source for some of its merits - long-term maintainabilitiy, the biggest among them. But that doesn't mean blind and exclusive faith, imho.)

Re:Neither does valve.

[gIobaljustin]

(Now, I also value open source for some of its merits - long-term maintainabilitiy, the biggest among them. But that doesn't mean blind and exclusive faith, imho.)

I don't have blind faith, as I even accepted that it doesn't provide 100% security at all. However, I'm definitely not going to make the situation worse with proprietary software, and as I said, being able to look at the source is more important to me.

As an added bonus

[Voyager529]

users for whom "activate.adobe.com" resolves to 127.0.0.1 will be placed under 'additional scrutiny'.

Also, Steam may find themselves with fewer users than Origin.

Not actual cheat websites being checked

[Pricetx]

One point that I don't think a lot of the commenters aren't getting, is that it isn't the actual "cheat websites" that are getting detected by this system, the system doesn't even check for them.

As Gabe explained, most cheating software uses DRM, similar to that of games themselves, which "phones home" to the cheat software publishers to ensure that all of the users of the software are actually paying for it. These "DRM servers" will have their own domain names, and it's these domain names which VAC is looking for. This is to avoid flagging people for simply having visited the cheat website.

It's also worth pointing out that this check is only triggered *AFTER* VAC has already detected that the player is cheating through other means, it can be thought of as a second factor of cheat authentication. This means that players can't get "tricked" into being VAC banned by having malicious javascript on a website causing their PC to perform DNS lookups on these blacklisted domains, as they won't even be checked by VAC unless the player is detected as cheating through other means.

That being said, there's always the possibility of false positives, and if you combine that with malicious javascript mention above, you could just be incredibly unlucky and accidentally get VAC banned.

Re:Expect an exodus?

[DocSavage64109]

An exodus of cheaters wouldn't be a bad thing. Note that the DNS scan is only after the software detects a cheat.

Steam hooks directly into the firefox.exe process

You can test this by trying to delete firefox.exe on Windows and see the process that has a lock on it via Unlocker

Better than nothing

[BlackPignouf]

I don't like the answer, but it could be worse, and it's nice the director answered honestly.

Re:Better than nothing

Totally agree. It's not some suit trying to spin shit, but the big man himself stepping up and giving people FACTS. Obama could learn a thing or two from Gabe's transparency, except that Obama has more to hide.

Re:Better than nothing

Agreed! It's refreshing to see Valves 'boss' on the front line for this. This type of thing is what attracts me to using companies. Be honest with your clients. Valve, I think, thoroughly understands their position and how it needs to be protected.

That said, I recognize that Valve needs to combat 'cheaters', in order to give its members a fair gaming experience. I'd like to think there would be another way, but perhaps this is what they've discovered as the least invasive method. And even then, I still consider it somewhat invasive. And there will of course be those who 'circumvent' around this method, now that it has been openly discussed. I'm sure they'll still have a small percentage that they can't verify as cheating, but less kids peeing in the pool is always better.

Re:Better than nothing

I don't think Gabe N. is "the director". It's my understanding that employees of valve have a great deal of autonomy. Gabe didn't present the response as a big boss man. He presented it as a celebrity.

VAC has always been invasive and the general publi

The average gamer yses gmail or hotmail and facebook, do you really think they care that much about a 2 step DNS check where info is only sent to Valve if you looked up some cheat dns name? They are not scanning for website dns names, but for control server dns names, so the chance that someone happens to "visit" that site without cheating is pretty damn remote.

RTFA

[Grantbridge]

From the actual article: 1)This is no longer in operation, it was only running for a couple of weeks in the constant cat-and-mouse game with cheat developers 2)It was targeted at the DNS for DRM servers which cheat authors used to SELL cheats to PAYING customers. The system simply reported if the MD5 hash matched the DNS for the known cheat DRM servers, once the cheat had been detected during gameplay already. The DRM servers were not running a website.

Re:Misleading article... read the real post by Gab

[Cheburator-2]

You seem the only person to actually go and read that article.

I always feel like...

[Trace+Bullet]

Gabe Newell's watching me~ http://www.youtube.com/watch?v...

Also cheating with single player is fine

[aepervius]

Despite that , you might get banned , because you visited and used a cheat for a single player, which will have the exact same symptom as cheating for , say, TF2 (primary and secondary DNS entries).

Re:Also cheating with single player is fine

[ravenlord_hun]

Barring a ridicolous lack of common sense, just why would you start your own VAC secure server if you intend to cheat anyway?

Why ban?

[MadCow42]

Why not just shuffle anyone detected cheating into a separate game room? If they're paying customers, then they can all cheat together, and everyone wins.

Re:Why ban?

Why not just shuffle anyone detected cheating into a separate game room? If they're paying customers, then they can all cheat together, and everyone wins.

This is already the case with VAC bans. VAC'ing your server is optional, and if you're VAC banned you can still play the game with any single player options, and multiplayer on non-VAC servers. The option of having VAC on a server is left to the server administrator.

Re:Why ban?

That's exactly what happens. You can no longer player on servers protected by VAC - Valve Anti Cheat. You can continue play on any others

Re:Why ban?

Why not just shuffle anyone detected cheating into a separate game room? If they're paying customers, then they can all cheat together, and everyone wins

Because cheating is wrong? Why not just create a special steroid Olympics where the athletes are allowed steroid use?

Honestly? it's because having infinite energy/health, perfect aim, etc makes a game less enjoyable over time. There's a reason they don't design it that way in the first place. They're trying to get you addicted to the challenge. The game company and the distribution system goes under as everyone becomes bored with watching everyone achieve everything, effortlessly. in your scenario, everyone loses.

Re:Why ban?

[gIobaljustin]

Because cheating is wrong?

According to who? You? Some people don't care, so don't decide this for them. Bottom line is, server administrators should be allowed to decide what they want to put up with, not you.

From the sound of it, what he suggested should happen is exactly what already happens, anyway.

Why not just create a special steroid Olympics where the athletes are allowed steroid use?

I don't know. Why not?

There's a reason they don't design it that way in the first place.

How they designed it is irrelevant to how people want to use the application.

everyone loses.

Only individuals can decide that for themselves.

Re:Why ban?

Why not just shuffle anyone detected cheating into a separate game room? If they're paying customers, then they can all cheat together, and everyone wins.

Because a lot of Valve games don't use matchmaking; you can access a giant list of servers to connect to, or, if you know the IP address, directly connect to one.

Re:Why ban?

That's exactly what they do.

VAC Bans versus Server Bans

The best indicator that your account has been banned by VAC is if you receive this message when attempting to access a VAC-secure server:

"Your connection to this secure server has been rejected. Because of past cheating violations, you have been banned from playing on all secure servers"

If you receive an error message stating "STEAMID IS BANNED" (or other similar messages) when attempting to connect to a server, your account is not banned by VAC - server administrators may ban you from a particular server (we cannot prevent this - whoever runs the server can ban players for any reason they desire).

If you find that you are banned from a large number of servers but your VAC status is in good standing, you have likely been banned by a third-party ban tool, such as Steambans or Punkbuster. These third-party tools are used by a large number of servers sharing a common database of banned IDs. These tools are unrelated to Steam and we cannot assist you in resolving this issue.

You will not be banned by the VAC system unless you login to a VAC-secure server with a cheat installed on your computer.

Re:Why ban?

That is in fact what happens, effectively. You are only 'banned' from servers running the VAC software that prevents cheating - if you want to host your own server, you can, if you want to join someone else's server not running VAC, you can. As you might imagine, these VAC-less servers are:

1) Occupied only by cheaters playing against other cheaters (because honest people like playing against non-cheaters).
2) Rarely occupied all that much at all (much lower playerbase).

Re:Why ban?

Why not just shuffle anyone detected cheating into a separate game room? If they're paying customers, then they can all cheat together, and everyone wins

Because cheating is wrong? Why not just create a special steroid Olympics where the athletes are allowed steroid use?

...

Given that two of the biggest PED users I can think of - Lance Armstrong and Alex Rodriguez - have between themselves ZERO failed drug tests from their respective sports, I suspect we probably already have a "special steroid Olympics".

Re:Why ban?

Open the multiplayer server list, pick a server that does not have "VAC-enabled" on it.

The game will connect and VAC will not run, you now get to enjoy losing to wallhacks.

Re:Why ban?

[gIobaljustin]

Exactly what other people pointed out, yet this guy acted as if that's not the case.

With that said, I play a number of games (Doom, with the Zandronum source port) online where the software is open source, and there isn't much of a cheating problem. The community self-regulates and server admins (both of individual servers and master server admins) take care of the problem. They don't need shitty, invasive anti-cheat software.

Re:Why ban?

You don't seem to understand the mentality of a cheater.

Re:Why ban?

[ragethehotey]

Why not just shuffle anyone detected cheating into a separate game room? If they're paying customers, then they can all cheat together, and everyone wins.

because even having the perception that you would allow cheating causes casual players to flee and never spend another dime.

i understand that your suggestion would be ideal, but in practice drives customers away.

Re:Why ban?

[ninjacheeseburger]

If you get VAC banned you can still play on non VAC servers.

Re:Why ban?

...and that's what servers without VAC enabled are.

This actually seems pretty damn reasonable, now he's explained it (code analysis backs up what he's saying as the truth).

Re:Why ban?

Why not just shuffle anyone detected cheating into a separate game room? If they're paying customers, then they can all cheat together, and everyone wins.

This is exactly what they are doing. They are removing the ability of cheaters from being able to play on VAC-enabled servers. Most VAC-enabled games can have non-VAC servers that can allow cheats and even VAC-banned players to play on.

If someone really wants to cheat, but not be VAC-banned, they should just play on a non-VAC server. Some non-VAC servers even encourage the use of cheats. The cheater could still get banned from the non-VAC server if the server admins do not allow cheats, but at least the cheater will not risk getting effectively locked out of more than 90 percent of the servers if they want to ever play legitimately.

proprietary license

This is what happens when you use software that restricts user freedoms. You lose your control of your software.

if you find it abusive, turn off VAC

Just turn it off. Nobody is forcing you to use VAC, oh unless of course if you want to play with non-cheating players.

Re:if you find it abusive, turn off VAC

[ArbitraryName]

You can't "turn off" VAC.

Re:if you find it abusive, turn off VAC

[ravenlord_hun]

Sure you can. Just don't connect to VAC secured servers.

Re:if you find it abusive, turn off VAC

[sosume]

net stop dnsclient

SteamOS Hacking?

[tlhIngan]

Given the openness of SteamOS - I'm guessing the side effect would be to develop anti-VAC kernel modules to fool VAC into thinking everything's sane and good even if the user is cheating to heck and back (and unless VAC is using a kernel module, it's pretty hard to protect against it...).

I mean, should Valve/Steam pull this off in the future, it's trivially simple for something the user puts on SteamOS to hide the DNS resolver cache, to hide the cheat processes and fake the file hashes from any process...

Newell sounds like a piece of work.

People who don't have any real power in life get their jollies by
controlling other people who are members of web forums or web-based
activities of any sort. All too often a moderator is a person who has deep-seated
desires to control others in a manner which won't withstand the cold light of reason.

The way to win with these situations is not to play.

Potential for a DoS to legit users

[fatboy]

Isn't this ripe for a DoS to legitimate users by simply posting a link to an image, in a popular gaming forum, that resides in one of the "cheat server" domains?

Just sayin........

Re:Potential for a DoS to legit users

[synaptik]

No, it isn't. If you'd RTFA, you'd learn that the DNS check only happens as a confirmation safety step, once an active cheat has already been detected by Steam.

Re:Potential for a DoS to legit users

[fatboy]

This is /.

Of course I didn't RTFA ;)

No, it isn't. If you'd RTFA, you'd learn that the DNS check only happens as a confirmation safety step, once an active cheat has already been detected by Steam.

TOS? Doesn't apply here....

[King_TJ]

The scanning is done client-side, which means it's just an internal function of the software.

It isn't divulging any of your internet browsing or usage history. It's just combing the local cache for specific things, and is a process it doesn't even do in the first place unless a user is suspected of trying to abuse Valve's gaming environment by cheating.

If the TOS has to state an app is going to access your local DNS cache, then Windows operating systems are probably in violation themselves!

Re:TOS? Doesn't apply here....

Ok, I'm going to come over to your house every day and look through your belongings. But I won't divulge any of it, so it's okay.

Nothing new here - RAM/DISK scans are part of AC

[Rotten]

Anticheat software have been scanning memory forever.and when if scans memory it's obviously comparing data to a pattern to decide if tha'ts a cheat or not.

Not sure what's the difference between you mail account lying open on the background holding all your personal communications beeing scanned by punkbuster or vac, or the dns cache beeing scanned too.

Code caves, hooking, etc. I'm not sure if anticheat software can't beat online game cheaters.

Trust

I trust both Valve and Gabe (due to their past behavior). I trust that VAC symbol means they are working toward keeping cheating to a minimum. I don't trust the government to handle most tasks. In the end you have a choice with using Valve and your government.

Reducing false positives [Re: Still abusive]

If there are no false positives pre-check of DNS then why would they need to go all NSA on our asses? And if there are false positives then there are going to be skilled players who get wrongly banned cause they visited a site.

The DNS verification is a check against false positives produced by other indications that suggest that the user is cheating.

If they banned people when they see indication of cheating, that would probably produce some false positives. They check the DNS for signs that the cheat actually exists-- in fact, that the cheater paid for the DRM-- and then ban the cheater. So, if it's false positives you're worried about: this method reduces false positives.

I don't like the idea of a game looking at my history. But "my history is private" is the reason. "What about false positives" is not the reason.

Re:Reducing false positives [Re: Still abusive]

[gIobaljustin]

Both should be a reason. The existence of false positives (and, as we've seen time and time again, these systems are as far from perfect as you can get) is but one of many reasons to oppose this.

fuck beta

[synapse7]

I trust valve, and fuck beta.

Denial of common sense attack

[WaffleMonster]

If you look in a DNS cache all you know is name request was made you don't have any evidence of what was done with that name.

Any web site you visit could cause entries for any DNS name it chooses to be loaded into the cache. It is not hard to imagine competing clans, those who dislike you or just want to create chaos operate a site which causes incriminating entries to be loaded into DNS caches.

I want to see Valve held criminally liable for rummaging thru computers and conducting investigations.

I stopped illegal activity, so it is ok now right?

I stopped killing people, I only did it for 13 days. No big deal right!?!

Then I literally "beat you @ your OWN game"

Mr. Newll/Game maker -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' sectiopn... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

wrong answer

People who cheat at video games shouldn't be denied the right to play those games. They should be euthanized. I mean seriously: not simply dishonest, but dishonest about something that doesn't matter at all. Putting someone that pathetic to death would be a mercy.

@QuietLagoon

If the servers detect cheating signtatures, it tells your platform to scan for the dns entries of the phone-home servers - an activity that runs on your system, running the game that you agreed to play (when you buy it, run it, you are agreeing to Steam's terms, which include cheat prevention/detection).

Don't want Steam rummaging through your dns entries, don't play steam games and cheat.

It only rummages if it detects signs of cheating.

If you don't cheat, then you'll never be searched.

sheesh. if you cheat, you deserve anything and everything you get.

all drug olympics SNL skit

https://www.youtube.com/watch?...

"Beat 'em @ their game" (pun intended) & why

See subject-line above, Mr. Newell/Game maker & THIS link -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

Re:Expect an exodus?

[scottbomb]

I don't cheat and nor do I tolerate software sticking its nose in business other than it's own and my DNS records are none of anyone's business,regardless of what they use it for.

"Beat 'em @ their OWN game" (pun intended)

Plus HOW & WHY (with many great side benefits too as a result): See subject-line above, Mr. Newell/Game maker & THIS link -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

"Beat 'em @ their OWN game" (pun intended)

Via a BETTER way than playing with TTL in dnscache or disabling it. Plus HOW & WHY (with many great side benefits too as a result): See subject-line above, & THIS link -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing (wish MS would FIX their usermode dnscache clientside service actually... I've noted it to them YEARS ago, squat was done))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

"Beat 'em @ their OWN game" (pun intended)

Plus HOW & WHY (with many great side benefits too as a result): See subject-line above, & THIS link -> http://yro.slashdot.org/commen...

(As to what YOU said though & I see his point, but don't agree with HIS tactics? When you reach into someone else's info. for a particular STATED ALLEGED reason, you open doors for abusing it too... period! Bad way to do what he did...)

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing (wish MS would FIX their usermode dnscache clientside service actually... I've noted it to them YEARS ago, squat was done))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

Re:Expect an exodus?

[Yunzil]

No, there won't be an exodus. This is a non-issue and no one cares.

baloney

He didn't say that, he said "In Iran, we don't have gays like you do." There are gays in Iran, but he was talking in the context of the speech about there being a lack of gay culture.

Funny

[viperidaenz]

1: Post image hosted on cheating server in a forum frequented by Value customers
2: Wait for them to all get banned.
3: ???

Re:Funny

1: Post image hosted on cheating server in a forum frequented by Value customers
2: Wait for them to all get banned.
3: ???

You still need to figure out how to do step 2 since step 1 and 2 are unconnected.

[The game needs to notice the presence of modified code being hot-loaded into its address space by the relevant running hack executable before the DNS check occurs]

Re:Nothing new here - RAM/DISK scans are part of A

[viperidaenz]

Anticheat software only scans the memory of the process it runs in.
Other processes don't have access to the memory of others.

Shame on Valve

It invasion of privacy thats what it is. Who made Valve a state police? Even real cops need court order in my country to even touch my property.

So much for me continue to use Valves products. Im voting with my wallet. Good luck Valve, your games were enjoyable. I guess you had too much money then..

I don't cheat, i hate cheaters, but more then that i hate corporations taking themselves a rights over our privacy.

  And who says one of those DRM control server are not working in same IP address as some perfectly legal and legit sites? Last i checked it has been possible at least 10 years to host several websites even in same ip address. not to mention slapping drm system that uses some other ports then 80 or 443...

Good luck Valve, your going to need it.

Re:Expect an exodus?

[ravenlord_hun]

If you hate software poking around your RAM, running processes etc, then you can already wave goodbye to multiplayer - almost every anti-cheat service is doing those now (and need to, given the arms race between cheat software and cheat detection).

Unless you don't mind rampant cheating, that is. But if that's indeed no biggie, then I wish you an enjoyable stay in wallhack-land.

Jep jep

You know that's an actual money maker... Special games under rule: no other rules, anything goes...

Re:Nothing new here - RAM/DISK scans are part of A

Not really, anticheat have to check further and deeper than the game process itself, since the cheating community moved from hacked game apps, to hacked libraries, and hacked operating system subsystems. On win32, checking for a simple d3d hook would be impossible if you detour/hook the d3d subsystem itself.

No Steam for me now

[future+assassin]

I was quite excited about the official Steam client for Linux and bought about a $100 worth of games when it came out. Cheating or not they no have right to scan for/look at anything outside of the Steam system ie Steam/game created files.

Yes I will not support Steam anymore as I have that power. $100+ lost but lesson learned.

Revise and extend

[ThatsNotPudding]

I really don't understand why sandboxing every app is not only not the default, but also

made a legal requirement, enforced by the FTC.

This.

[DarthVain]

I am a bit conflicted, I don't like the idea, but then again I also don't want to play against cheaters. At least I can respect that he laid it out on the table and was honest about it rather than the usual BS PR response that usually comes out for these sorts of things.

Re:Steam hooks directly into the firefox.exe proce

[sexconker]

You can test this by trying to delete firefox.exe on Windows and see the process that has a lock on it via Unlocker

Rename firefox.exe to FuckYouFatassNewell.exe . Enjoy.

Dont be so naive

How do you know its only triggered after X? Because some smuck told you so? Wheres the proof? How do you know its not running all the time because corporation decides its handy to have it run automatically every time?

One thing i have learned after years of following internet security news is, always assume worst. Corporations newer tell how they actually do, they will tell you what they think you want to hear from them.

But considering its perfectly legal to sell software, docent that mean Valve is interfering illegally with legal business? in my country corporation gets lawsuits if they do that. Would be almost as if Microsoft would erase everything in your computer and put you on blacklist because you have been browsing websites that are about Linux. Same thing.

What worries me most is Valve assuming they even have right to do this. Its invasion of peoples privacy. Considering some families have several people, do they ban all valve customers in that household if there's several of them?

Re:Nothing new here - RAM/DISK scans are part of A

[Edgewize]

That hasn't been true pretty much ever. Back before Windows did privilege separation, anti-cheats scanned everything they could find; after the rise of UAC, PunkBuster and other anti-cheat systems added a prompt to permanently authorize their system-level service on the first run.

Re:They are non-www servers, so it would be specia

[arth1]

They explain that these are non-www servers, so you can't visit them.

You don't have to visit them. Doing a name resolution query willl put them on the list, whether there's anything to visit or not.

Did you know that antivirus software, for example, may do a name resolution query on the hosts and IP addresses listed in the Received headers in an e-mail? That puts entries in your DNS cache, without you visiting anything. How about web boards that allow embedded images? A user can put [IMG]http://some.malicious.site/[/IMG] in a post, and there does not have to be a web server on that address for your browser to look up the address, and the OS cache it.

There are so many ways that your DNS cache can be full of entries that you have no control over, that it should never be used for evidence of anything. And what Steam does here is using it as secondary evidence.

Never mind that Windows should never allow unprivileged processes to display the complete DNS cache in the first place.

This is necessary

Catching cheaters is hard, and doing stuff like this (looking where they don't expect you to look) is exactly how they should be going about their business if they intend to catch most cheaters.
 
It's almost trivial to find where VAC does the obvious stuff like scan program memory looking for evidence of an injected cheat. You just attach a debugger and put a breakpoint on access in the program. From there ultimately it's just a matter of patching a few jumps and VAC is as blind as a bat.
 
Or even if you don't mess with VAC you can do stuff like setting a breakpoint and hooking the exception handler to take control without modifying the program directly.
 
So, these clever little tries from VAC is what catches the big pay-for-cheat companies with their pants down. Sure they reverse VAC all the time, but it's easy to miss something when you don't know to look for it.

Or...

in any way relevant to this conversation whatsoever, for that matter.

The best option...

"Of course, the best option would be to give customers a choice: play on sponsored, VAC protected servers - albeit at a cost to your privacy - or allow VAC to be turned off and play the game on player-hosted servers, where you may (or may not) encounter people using cheat tools."

This option is in place for most Valve games already - I know Team Fortress 2 allows you to check "VAC protected" in the server browser in game, and if you uncheck it, you can play on servers with hacks to your heart's content (many people run non-VAC protected servers for modded game modes that would be considered "cheating" on a VAC protected server).

I'm not sure if CS:GO offers that same option, since I haven't played it, but it would surprise me if they didn't; most of Valve's games have used the exact same server browser.

Did you read the article?

This post shows that you didn't read the article, only the slashdot blurb.

Before freaking out and making grand statements about what you're upset about, make sure you understand what you you're getting upset about and whether you even can technically freak out about it.

True!

"Well, that's what they claim the software does. Without transparency (read open source), we just have to take their word on the matter."

I'm pretty sure Microsoft has windows setup such that it sends emails to women I meet and tells them I an a schmuck. I've called them multiple times and they insist that windows doesn't do that, but unless they open up the source code, I just have to take their word for it.

Not to mention all those pumps at the hospital that "supposedly" give me the right amount of medication. Until I get all the specs and source code on how it works, I'm pretty sure it has a built in kill switch in the case that the doctor doesn't like me, no matter what those nurses tell me.

Re:Expect an exodus?

And nothing of value was lost.

Naysayers, I have two questions

To all the naysayers who blindly state that Valve, or any company, is not allowed to take preventative measures under *any* circumstances

1) How they hell do you people suggest Valve deal with cheaters? Do you at least agree that cheaters ruin the gameplay and ultimately destroy the ecosystem?

2) How can you lambast Valve for attempting to do anything to your computer when the people who make cheat software are probably also installing rootkits on your computer? Seriously, we're OK with the cheat software but we have issues with the legit game software????

I like anti-cheat.

[Kaenneth]

I always used to get accused of hax on public servers; now they can tell I am actually that good.

New Tactic for online games

[miroku000]

Convince your opponent to visit a web page that causes dns lookups of all the major cheating sites.

Please tell me I'm dreaming!

[wdhowellsr]

Please tell me the browser cache is screwing with me. Please tell me that my wife wants to have sex more often ( ok that isn't going to happen, I have a 12 and 15 year old) Do we really have Slashdot.org back?

"yes, im an invasive prick"

[nurb432]

Admitting it does not make it any less bad. Boycott. ( or brick thru the window )

Leapfrog

[Trogre]

I guess this whole punkbuster thing is a constant game of leapfrog, but I wonder how long until this is worked around by, say, a browser addon that maintains its own DNS caches for selected sites so the system DNS cache is never touched, or even more simply, cheaters publicize a few IP addresses to crack sites, bypassing DNS completely.

Why is Valve copying our internet histories and se

Seriously, why is Valve stealing all our browser histories and handing them over to hackers?

Why is Valve stealing all our personal data and me

I hear you man, Valve is stealing all our porn histories and selling them to hackers because they are trying to destroy our lives and we should use soemthing else like AOL.

YOu are the only person on here who understands that Valve is reaching around to its users and knows our privacy because they stolen identity of ours.

Battlecraft CEO Mr Newell, hello?

You should sue!

If I got banned from Battlecraft, I would sue!

This is an OUTRage!!!!

Thou shalt not obey!

[Zynder]

This isn't the government. It's a private service with terms that you must obey. If you don't like it don't use it.

There was a time here in the US when "those" people had to sit over there, and drink from that fountain while these "better" people got sit over here with a nicer chair and a cleaner fountain. Isn't it strange how these days that doesn't happen anymore? I guess enough of "those" people didn't like it so quit going to those establishments and they just withered away. Yay, capitalism! Oh wait, it didn't happen that way at all. The government had to make them stop being racist assholes. Just because some company says it has to be their way or the highway doesn't mean they are correct. They know this and that is why there still hasn't been a good definitive court case on the validity of ToS's. We all know they are one sided contracts and they don't want a precedent set.

You are like the dumbest monkey: "Battlecraft" Ser

You can't keep facts straight.

Your writing is a clusterfuck of ignorance and idiocy.

It's Battle.NET, idiot. Valve is a separate company.

fuk baita

I wasn't in it now i am.

Why is Gaben stealing my porn history??

Seriusly why does Gaben steal my porn and look at my DNS hash cache file because I got banned from Battle.net and he's selling my stolen identidy to terroists.

Re:There's a FAR better way (on many levels)

last time I checked APK is known for being the biggest joke there is on the internet.
Everything you have ever done is inferior, and we all know you simply copy other peoples stuff.

you are know to the world as an , "ankle biter"

Re:They are non-www servers, so it would be specia

[Windwraith]

Actually, yes, you don't have to visit them, but you have to be actively using the cheat, because the VAC method involves checking for DRM checks (phoning home for verification) for cheat programs (believe it, it's actually a thing). Looking online for cheats and all those FUDdy things people keeps spewing in the comments is not the point, the point is recognizing the DRM servers for the cheat tools, only sanely accessible when using the tool itself, I don't think anyone will stumble upon that host during daily browsing, no matter how many cheats they look at online.

And, damn, If you look around you can see this is true, such cheat programs exist and, yes, I also think that paying for a cheat program with DRM is incredibly stupid. I had a hard time believing it until I looked around and saw that people is stupid enough to pay to cheat in games, AND allowing DRM on them to boot!

The real news here is that some people is obsessed with winning random games to the point of using such services with perhaps more DRM than Steam itself... it's really sad when you think about it.

Re:There's a FAR better way (on many levels)

Biggest joke's Lumpy. He won't post with his name. That takes his downmods he can't justify away that he applied after logging out of his account to preserve the cookie state and now we now you're him too trolling by ac posts afterward.

ipconfig /flushdns

[sgt+scrub]

net stop dnscache

This solves this issue easily + yields gains

Plus HOW & WHY: Turn off the usermode local dnscache client service & use faster kernelmode services instead (with benefits in added speed, security, reliability, & even anonymity as a result) -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing (wish MS would FIX their usermode dnscache clientside service actually... I've noted it to them YEARS ago, squat was done))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

"Beat 'em @ their OWN game" (pun intended)

Plus HOW & WHY: Turn off the usermode local dnscache client service & use faster kernelmode services instead (with benefits in added speed, security, reliability, & even anonymity as a result) -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing (wish MS would FIX their usermode dnscache clientside service actually... I've noted it to them YEARS ago, squat was done))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

"Beat 'em @ their OWN game" (pun intended)

Plus HOW & WHY: Turn off the usermode local dnscache client service & use faster kernelmode services instead (with benefits in added speed, security, reliability, & even anonymity as a result) -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing (wish MS would FIX their usermode dnscache clientside service actually... I've noted it to them YEARS ago, squat was done))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

So cheating on a single player game could get you

So people using cheats on single player games they bought through steam are liable to be banned for something they didn't do (i.e. use a cheat or exploit in a multiplayer game)?

Or is it only suspicious behaviour in multiplayer games triggering a wider investigation?

"Beat 'em @ their OWN game" (pun intended)

Plus HOW & WHY: Turn off the usermode local dnscache client service & use faster kernelmode services instead (with benefits in added speed, security, reliability, & even anonymity as a result) -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing (wish MS would FIX their usermode dnscache clientside service actually... I've noted it to them YEARS ago, squat was done))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

"Beat 'em @ their OWN game" (pun intended)

Plus HOW & WHY: Turn off the usermode local dnscache client service & use faster kernelmode services instead (with benefits in added speed, security, reliability, & even anonymity as a result) -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing (wish MS would FIX their usermode dnscache clientside service actually... I've noted it to them YEARS ago, squat was done))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

Lumpy how'd "eating your words" taste?

ROTFLMAO @ "Chumpy" -> http://yro.slashdot.org/commen...

(You sure "talk a good game" -> http://games.slashdot.org/comm... but you can't even produce a MERE SCRIPT!, windbag...)

You aren't even on the level of a "script kiddie", & full of HOT AIR!

You certainly won't reply there in that 2nd link I posted either, as that would remove your downmods to my posts like this one you can't validly disprove or justify your downmod on -> http://games.slashdot.org/comm...

Oh, I suspect that IS the case here (simply logging out of a registered account & trolling by ac is a common troll trick around here OR using alternate registered 'luser' accounts sockpuppets to do the job will also, & Lumpy is LOADED with those & trolling - which doesn't matter: He PROVES he's all talk, no action (or skills, OR brains, lol))

(You're all TALK, & NO action "CHUMPY!)

* :)

(You know it, I know it, & so does anyone reading AND laughing their asses off @ you now... lol!)

APK

P.S.=> Answer the question in the subject-line Lumpy - since you had to "eat your wrods" in the 1st link above flavored with your FOOT IN YOUR MOUTH + the "bitter taste of SELF-defeat", lol...

... apk

"Beat 'em @ their OWN game" (pun intended)

Plus HOW & WHY: Turn off the usermode local dnscache client service & use faster kernelmode services instead (with benefits in added speed, security, reliability, & even anonymity as a result) -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing (wish MS would FIX their usermode dnscache clientside service actually... I've noted it to them YEARS ago, squat was done))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

Don't waste cpu cycles on dnscache (& gain)

Turn off the local dnscache clientside usermode service & use kernelmode services (faster by far) instead ->http://yro.slashdot.org/comments.pl?sid=4800765&cid=46273875

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing (wish MS would FIX their usermode dnscache clientside service actually... I've noted it to them YEARS ago, squat was done))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

If you break the rules you get more scrutinized?

[rhyous]

If you break the rules you get more scrutinized?

Wow! That isn't far. (Dripping with sarcasm) The world doesn't work that way! I am shocked and appalled.

[sourcode]
If (YouAreACheater()) CheckForMoreEvidenceOfYourCheating();
[/sourcecode]

Move along.

Nothing new to see here and nothing than really violates your rights or privacy.

Re:A far better way than Lumpy the wannabe's

You are such a fun little loser. How cute that you are so unable to do anything but try to bother him. All you are doing is proving to everyone that you cant code crap.

Why post ac now Lumpy?

Afraid apk will show you hit and run downmod his posts http://slashdot.org/comments.p... you can't prove him wrong on? Answer is obvious yes since those downmods of yours you can't justify will disappear and apk and all of slashdot will laugh at you. Just as they did when he burned you for libeling him and you ran http://yro.slashdot.org/commen...

Far BETTER way than wannabe Lumpy's

Since the clientside dnscache in Windows = faulty. HOW & WHY you gain by a technique (in benefits in added speed, security, reliability, & even anonymity (to an extent only on the latter) too as a result)-> http://games.slashdot.org/comm...

* "Lumpy" (you pitiful douche, lol), don't you KNOW that? Yes, you do!

Turning OFF the faulty local DNS clientside usermode level cache & beating it with 2 kernelmode FASTER services, in TCP.IP & the diskcaching subsystem do it better!

You also gain FAR MORE on top of those things noted already you save CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing).

Wanna "downmod via sockpuppets" CHUMPY?

Go for it!

(I'll post this to spite your ass until you RUN DRY of your effete modpoints (test me on this moron, I will as always, win!))

APK

P.S.=> Lumpy' knows my way's better OR he'd prove me wrong instead of downmodding all my posts and refusing to reply here with his Lumpy user account here (since it would remove ALL his downmods & show he is nothing but a cowardly "hit & run" downmodder with NO skills in computing I suspect). It gives more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) ->http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

... apk

Re:A far better way than Lumpy the wannabe's

Not as big as Lumpy the libeler here where apk blew him away http://yro.slashdot.org/commen...

Lumpy how'd "eating your words" taste?

Where you libeled me and facts I posted dusted you-> http://yro.slashdot.org/commen...

(You sure "talk a good game" -> http://games.slashdot.org/comm... but you can't even produce a MERE SCRIPT!)

You aren't even on the leve of a "script kiddie", & full of HOT AIR, windbag!

(You're all TALK, & NO action "CHUMPY!)

* :)

(You know it, I know it, & so does anyone reading AND laughing their asses off @ you now... lol!)

APK

P.S.=> Answer the question in the subject-line Lumpy - OR, is it you won't since it will remove the unjustifiable downmods you applied to my other post here -> http://yro.slashdot.org/commen... ? Oh, I suspect that IS the case here (simply logging out of a registered account & trolling by ac is a common troll trick around here OR using alternate registered 'luser' accounts sockpuppets to do the job will also, & Lumpy is LOADED with those & trolling - which doesn't matter: He PROVES he's all talk, no action (or skills, OR brains, lol))...

... apkL

Re:So cheating on a single player game could get y

[Anubis+IV]

Based on what others are saying, it's just multiplayer mode in multiplayer games, and even then, only those where you're playing on a VAC-enabled server.

Security exploit

[Hypotensive]

It seems there is a security exploit here, and it is being performed by Valve. Windows (1) keeps an unencrypted cache of DNS lookups and (2) allows unfettered access to it from any application. This is pretty bad, but clearly it was not the intent when creating the cache to let random applications spy on your browsing history, so Valve's access to the cache has to be considered an exploit, possibly even a crime?

Nonetheless the take home message here is that better operating systems need to be designed that don't allow applications to access each other's memory and log files by default.

"Beat 'em @ their OWN game" (pun intended)

Plus HOW & WHY: Turn off the usermode local dnscache client service & use faster kernelmode services instead (with benefits in added speed, security, reliability, & even anonymity as a result) -> http://yro.slashdot.org/commen...

* :)

(Just like how custom hosts files can beat the redirect NOBODY asked for here - see termination of that link in its 'p.s.' section... & a LOT more in added speed, security, reliability, + even anonymity (to an extent only on the latter, but FAR MORE ontop of those things too... saving CPU cycles WASTED on a faulty service, as well as RAM, & other forms of I/O too, by cutting off a SLOWER usermode service & doing BETTER using 2 kernelmode FAR FASTER subsystems via hosts (OS diskcaching kernelmode subsystem + IP stack instead & a GOOD solid logical layout in the hosts file itself to take maximum advantage of them both - offsetting loss of indexing (wish MS would FIX their usermode dnscache clientside service actually... I've noted it to them YEARS ago, squat was done))

APK

P.S.=> LOL, somehow, I find that "intended pun" in my subject-line above, VERY satisfying to have uttered... don't know why: I don't play this game, but I DO have a way around it for those interested, + a lot more to offer as well enumerated here (especially vs. INFERIOR "So-called 'solutions'" like Adblock & Ghostery the 2 foxes in the henhouse 'souled-out' to advertisers, the folks they initially WERE against afaik, + even shoring up DNS' faults in redirection, etc.) -> http://start64.com/index.php?o...

... apk

Post again as Lumpy

I'd almost bet my downmods go away: Am I right Lumpy? Oh, of course I am (I'd almost bank on it)

* You've been challenged to do so, all day - why won't you?

(Oh... lol, WE know WHY - You cheat the moderation system, don't you Lumpy? Yes... you do!)

Posting in a post YOU posted in where you performed a downmod after you made a downmod would show that much. However, per troll countertrolling, logging out of your account so the cookie state saves as 'no downmods' (whatever( is how you beat that. So would a sockpuppet.

"BUSTED"? It's starting to look that way Lumpy... you know it, I know it, & anyone reading this will too.

APK

P.S.=> Prove me wrong (I don't think you can) & you certainly can't prove me wrong here where you libeled me & I dusted you with undeniable facts -> http://yro.slashdot.org/commen... when you called a ware I wrote a trojan... that's libel you know, & worst type, that tries to harm someone's professional career status.... apk

Paid hack login system.

Odds are they are targeting a paid hack login system that operates over non-standardized ports. Not all this visiting cheat/hack forum and/or hashing your foot fetish sites that operate over 80/443.

No, Valve has not "stopped doing it"

From Gabe Newell: This specific VAC test for this specific round of cheats was effective for 13 days, which is fairly typical.

FTFA: To put it another way: VAC was looking at your DNS cache, but it was only looking for one particular phone-home call from one particular cheat. This was a banworthy offense. If it was not found, no further action was taken.

The FTA got it wrong,and so did you. Clearly, GN is talking about one specific test for one specific round of cheats that ran for at least 13 days (most likely a bit longer than that, to catch any stragglers that didn't get the cheat software update). There are and were and will be many more tests than the one that is referenced by GN.

Really, the greater question here is, where the f^#$ is HL 2 Ep 3, Gabe? Can't deliver?

There are other VAC tests for other "rounds of cheats"

Incorrect, RTFA

arrogance and ignorance rolled into one.

STFU

Just because you learned about host files doesn't mean you have to spam about it.

Enough already.

Cheaters never prosper (well, maybe they do)

[FreedomFirstThenPeac]

Seems to me that you can either play fair games with friends or play unfair games with cheaters. Auto-aim bots make FPS games no fun at all if you are playing against a random set of players. But giving up your browser history to get a fair game? Ought to be offered as an Opt-In and be done with it.

Sandboxing would be easy too.

Sandboxing really should be the normal case. Very few programs need access to every file on the computer, and the vast majority of them are things that should come with the OS anyway (file browsers, backup software, zip/unzip, etc.). Your average program needs no more file access than can be provided by calling an OS-provided API function that brings up a file open/save dialoge where the user specifies which file the program is allowed access to, and the program can access files in no other way. For the most part things would work exactly like they do now from the perspective of the user, they'd just be a lot more secure.