Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gabe Newell Responds: Yes, We're Looking For Cheaters Via DNS

Posted by timothy on from the but-maybe-you-were-just-visiting dept.

dotarray writes "Valve has stepped up to answer allegations that the company's anti-cheat system was scanning users' internet history. Rather than a simple, sanitized press release or a refusal to comment on 'rumours and innuendo,' Valve CEO and gaming hero Gabe Newell has personally responded." Newell or not, not everyone will like the answer. The short version is that Yes, Valve is scanning DNS caches, with a two-tiered approach intended to find cheating users by looking for cheat servers in their histories. Says Newell: "Less than a tenth of one percent of clients triggered this second check, accessing the DNS cache. 570 cheaters are being banned due to DNS searches."

3 of 511 comments (clear)

  1. Less Than 0.1% by Anonymous Coward · · Score: 0, Troll

    The Holocaust only killed 0.3% of the world population. Didn't make it right.

  2. Re:Not sending history to Valve by Anonymous Coward · · Score: 0, Troll

    Well, that's what they claim the software does. Without transparency (read open source), we just have to take their word on the matter.

  3. Re:Still abusive by sexconker · · Score: 0, Troll

    did you even read his response? They look for indications that the cheat is in play, THEN they check DNS as verification, and send a HASH of the dns name to their servers for comparison. This means they don't even see the actual dns name on their side, they can just check against known hashes of the sites the DRM used for verification. That is why it is two staged. Simple existence of the names in your DNS cache won't trigger the ban hammer.

    You're a tool.

    "indications that the cheat is in play" can be anything or nothing

    "they check DNS as verification" is bullshit
      - what if I got my cheat from a friend? I'd never be banned since the DNS verification step marks me as clear. This is not the case.
      - what if I looked up videos of cheats for a game after encountering cheaters in a game to confirm my suspicions? DNS isn't verifying anything, it's circumstantial guilt by association

    "send a HASH of the dns name to their servers for comparison" means nothing
      - a hash comparison needs a known hash to compare against
      - that known hash has to be generated from a plaintext source

    "they don't even see the actual dns name on their side" bullshit
      - from the above, they absolutely know what your hash matches up to

    "Simple existence of the names in your DNS cache won't trigger the ban hammer." you have no way of knowing their internal policy now or at any point in the future, nor do you have any way of knowing the details of their actual implementation and the potential fuckups or abuses it allows