Gabe Newell Responds On VAC Reports; We do not care what porn sites you visit
- Thread starter fluffydelusions
- Start date
What are you even talking about?
Hellsing321
Member
They aren't collecting every Steam users DNS cache. Read the fucking OP.
Stumpokapow
listen to the mad man
The OP argues that they did not collect every single Steam user's DNS cache. In fact it argues that they didn't collect any Steam user's DNS cache. For users who were already identified as cheaters, they ran targeted queries against the DNS cache. You are arguing that there's a difference between a dragnet and targeted surveillance; how would you change this to not be a dragnet?
It doesn't collect everything, it locally searches for certain matches to non-web-based cheat services and reports only those hashes back to Valve, IF ANY ONLY IF ANOTHER CHEAT IS FIRST DETECTED BY VAC.
ElectricBlanketFire
Member
This has to be the most uses of the word "dragnet" in the history of GAF.
And where are you getting "collecting every single steam user's DNS cache" from? Gabe is claiming that the collection of that information is after the usage of a cheat engine, not before, and on an individual account basis. Is he wrong?
terrisus
Member
Thank you very much for the actual response Stump, I appreciate it.
As you said, certainly any program could theoretically do that once it's installed, and one is limited to either trusting what the program says it's doing, or running checks to ensure it's doing what it says. Or, alternatively, an antivirus or antimalware program designating it as a piece of malware and removing it, as it would with other things that can track what you're doing.
As far as the second part, I would say the fact that it's doing that to "certain types of information" is cause for concern that in the future it could be used to do that for other types of information - or that the "types of information" that Valve deems to be something it wants to track might not be something that one agrees with.
Any executable you run could violate your privacy. Any executable you run that gets updates over the internet could be updated to violate your privacy.
Stumpokapow
listen to the mad man
Okay, so what's the issue here? Are antiviruses or antimalware programs designating Steam as a piece of malware?
You've changed the subject. Your initial point was that you don't believe him. Your new point is that "What if some time in the future they do something worse?"
The NSA collecting metadata and data in bulk, on all American citizens before any point of incrimination is not analogous to Valve selectively collecting metadata and data on individuals after they're flagged with wrongdoing in the system.
Stumpokapow
listen to the mad man
Disable your DNS cache, run an alternate OS with better privilege isolation for that kind of stuff, or don't run games with VAC enabled / run stuff in offline mode? By definition any program in Windows can do this, there's no sandbox that would prevent it from doing so. Your web browser might be doing it right now, you never know.
terrisus
Member
Well, my point is that they should be.
And, I apologize if I'm not staying on point. I can see where the issue is that if it's not currently doing this. My point is that there should be concerns about something that can do this - which it currently can, it's just "only doing it with certain types of information."
But the point is anything that ends with .exe can do this.
CurlySaysX
Banned
Gabe is welcome to view my Web activity any time.
I can never know for sure, but I can complain if I actually find out that the source code has mechanisms to collect that type of information. I don't think valve really needs the information they were scanning for if they were only collecting it when they already caught someone cheating.
The Technomancer
card-carrying scientician
This. Did people actually read what was written? Or are they really that bad at interpreting even basic networking jargon? I mean I suck at networking knowledge, I really truly honestly do, and I'm pretty sure I've got an accurate bead on what this entailed.
terrisus
Member
How many PC games do you play? If you think that this qualifies Steam as malware, you should be aware that basically every modern MMOs and almost any other game with cheat detection is at least as aggressive as Steam, if not more. Hell, Punkbuster has carte blanche to silently take and send back screenshots of your desktop that can include windows other than the game.
So what is the issue? If your point is VAC is no more or less dangerous than any average piece of software on your PC, we agree.
terrisus
Member
Pretty much just stuff through GoG
Yes, I do play some online games. But, I do so with the understanding that they can (and probably are) tracking what I'm doing, and it's a trade-off that I'm willing to accept in that case.
But this is getting significantly closer to doing that than most other programs.
VAC only works when you play on VAC-secured servers of multiplayer games (Not even on the act of running the game itself, but running on a secured server). Wouldn't that fall under the same condition then?
Mr Touchdown
Member
DEAD
terrisus
Member
How many games are VAC-secured versus not VAC-secured? And is there a clear indication as to which are and which aren't? And notification when that changes with an option to return the product for the purchase price?
The servers themselves indicate if they're VAC-secured, and you can filter by this criteria in most games that use it on the server browser itself.
Microsoft has never told me Excel isn't scanning my DNS cache locally to find pirated activation servers.
The issue is the VAC has specifically coded in a process by which it can scan your DNS when prompted. Of course any program could do the same. But I know for sure that VAC has such a mechanism and even though this implementation looks innocent, I don't think they've really justified its inclusion in their anti cheat software. If I found my browser or Excel did the same thing I would complain as well.
terrisus
Member
Alright, that's good at least then.
I'm thankful to actually be getting some answers.
I would guess that Valve implemented this second check because they knew that the initial process of VAC searching for the presence of specific cheats was not 100% accurate, and it was possible for a non-cheater to get flagged as a cheater. The second check of VAC searching through the user's DNS cache for blacklisted domains would serve as a filter to try and get rid of those innocent users from the pool of people flagged to be banned. You can, of course, argue about how useful the DNS information actually is for identifying cheaters.
Here's a list of games that support VAC. Whether or not a particular server you play on is VAC secured is usually listed in-game, often as a sorting criteria in the server browser.
XANDER CAGE
Member
Did you actually read the OP, or the post linked? None of what you are using to make this flimsy comparison actually happened. They ran targeted checks on people who had already been flagged by the VAC anti-cheat system, which is about as Orwellian as a professor checking to see if your newly submitted essay is plagiarized after you've already been caught plagiarizing.
ElectricBlanketFire
Member
If I'm being completely honest, the goodwill I have toward Valve made me far less suspicious at first blush than had it been Origin/XBox Live/etc...
Mainly because I don't know the ins and outs (and what have yous) of how this all works (though the explanations in this thread help).
Mainly because I don't know the ins and outs (and what have yous) of how this all works (though the explanations in this thread help).
terrisus
Member
Following the source link ->
From Valve
Alright, so at least they're being upfront and transparent about what is and what isn't using it, so that's good.
Of course, it would be more convenient to have a list of ones that didn't have it, as opposed to just stuff that does, but nonetheless.
It's a cheat detection mechanism. It collects a datapoint - does this specific entry exist in the DNS cache? That data point, combined with the fact they've already satisfied some other requirement(s) regarding detection helps ensure people are not unjustifiably banned from something they paid for. The jump from scanning and confirming, client side, the existence of a specific hash to wholesale collection of DNS cache info is large enough that we may as well suspect Solitaire is doing it, too.
did you feel the same when Sony was secretly bundling DRM into their software? Or if Microsoft was doing this with gfwl? Or EA with origin?
I really feel most people just come to the defense of these things for companies they like. Valve usually gets a pass yet if EA did the exact same thing and gave the same answer these people would be up in arms.
You're not forced to use VAC even on games that support it, just don't play on VAC secured servers.
EA uses Punkbuster in many of their their games, and PB is quite a bit more invasive VAC. WoW has a cheat detection method called Warden that has a spooky amount of freedom when it comes to scanning other programs you have in memory. Valve is being fairly scrutinized over this and everyone else is getting a free pass.
SteveWinwood
Member
Well yeah, they view it as a selling point. It's not like they'd hide it.
I pretty much trust Steam and doubt they would ever use this for wholesale collection of DNS information, but I think just on general principle programs I install on my computer should stick to data I have authorized them to collect. I'm not going to boycott Valve over this or anything, but I think Anti-cheat software should stick to scanning for actual cheats and shouldn't even have programmed in a process to collect ancillary information.
Then you don't get to ever complain about any type of false positives.
It's doing it specifically to detect cheats. This DNS entry is there because the cheat program is connecting to some kind of specific authentication server. I don't understand how that's not an attempt to detect cheats. Can it examine your running processes to detect cheats? Can it take screen shots? I don't see how that reasoning could apply to this method but not those.
Stumpokapow
listen to the mad man
So what happened in this thread is that you basically entered, declared that Steam was evil, got told that maybe you weren't really approaching this in a very reasonable way, did some further research, and then said "oh, well, maybe I overshot a little bit here".
The thing is, you just enter every single Valve or Steam thread to remind people that you don't like DRM or Steam and boycott both .Clearly you have the right to your opinion but do you maybe think you might protest too much?
Again, going DRM-free, whatever, it's your business not any of ours. But do you think maybe your dogmatism here impacts your ability to approach this subject without getting it wrong bigtime?
Edit: I'm 100% sure this comes off as me being a jerk and picking on you, and I'm sorry because I really try not to do anything like that (and I'm cognizant of the red name effect that anything I post is going to get amplified a thousand times over because I posted it and that sucks, sorry). I'm just saying it feels like you entered the thread with a conclusion, and then people talked you into asking the questions that actually gave you the information you needed to form a conclusion. When ideally someone enters, reads, and forms a provisional conclusion, gets more info, refines conclusion, etc. And I feel like the reason you were so sure that the malice was there is because you presumed that, and I feel that based on the fact that like 90% of the posts I've seen you make are reminding people how bad Steam is. Do you get my point?
I just think that DNS information is far enough removed from the actual cheat, that I don't think this process justifies its existence. It's a matter of degrees I suppose.
Far enough removed? That doesn't make any sense at all. It's a thing the cheat does when it's running. How is that different from examining other processes on the PC? I don't understand this arbitrary distinction you're trying to draw.
ElectricBlanketFire
Member
Now THAT'S a dragnet.
jim-jam bongs
Member
who's the bearded private mod who's a sex machine to all the chicks?
stump
you're damn right
stump
you're damn right
SteveWinwood
Member
all hamlet up in heres
Similar threads
- Locked