Gabe Newell Responds: Yes, We're Looking For Cheaters Via DNS 511
dotarray writes "Valve has stepped up to answer allegations that the company's anti-cheat system was scanning users' internet history. Rather than a simple, sanitized press release or a refusal to comment on 'rumours and innuendo,' Valve CEO and gaming hero Gabe Newell has personally responded."
Newell or not, not everyone will like the answer. The short version is that Yes, Valve is scanning DNS caches, with a two-tiered approach intended to find cheating users by looking for cheat servers in their histories. Says Newell: "Less than a tenth of one percent of clients triggered this second check, accessing the DNS cache. 570 cheaters are being banned due to DNS searches."
Is it in the TOS? (Score:5, Interesting)
Re:How common is cheating with VAC? (Score:5, Interesting)
Re:Still abusive (Score:1, Interesting)
Part of my job involves me going to these kind of sites and seeing what's happening. Visiting does not imply guilt, and, in fact, I am not cheating at any games. Not that I even own multiplayer Steam games, but that just furthers my point. Why should I be considered at risk of being banned when I am not cheating?
Re:Still abusive (Score:0, Interesting)
Re:Not sending history to Valve (Score:4, Interesting)
Cheats have evolved beyond file tampering. Most are done with code injection, and boy is that history a long one. I suspect the actual DNS being hunted for are the cheats' "DRM" servers that ensure you paid the guy who made the cheat money. CheatHappens.com or whatever they're calling themselves these days was one of the first to start doing this in a big way.
Banned from Battlecraft (Score:1, Interesting)
But here is the thing; I have not even logged on to play any of those games in over 3 years.
The vendor has come to a flawed conclusion I cheated, and prevented me from playing games I have spent hundreds of dollars for.
Mr Newell, I suggest that some, if not most of your apparent cheaters, are due to YOUR companies lack of technical skill. Stop punishing the innocent for that.
Why ban? (Score:5, Interesting)
Why not just shuffle anyone detected cheating into a separate game room? If they're paying customers, then they can all cheat together, and everyone wins.
Re:Still abusive (Score:2, Interesting)
Re:Still abusive (Score:4, Interesting)
I once wrote a fishing bot for World of Warcraft. I was curious how it worked and if I, myself, could make one. I was successful. Afterwords I never used it again.
It's my way of learning little things on my off time when I'm bored. It's better than watching reality TV afterall.
Re:How common is cheating with VAC? (Score:5, Interesting)
Like you I imagine, I've been playing online games for a long time. I even ran a half dozen TFC / Natural Selection / CounterStrike / Half-Life Deathmatch / etc. servers for three or four years. I never found cheating to be common except for CounterStrike. For some reason that game attracted cheaters like crazy. The other games, not so much. Cheating wasn't just uncommon - it was rare.
When PunkBuster and similar products became popular it was amazing how much better I became compared to other players when playing on a protected server. (o:
VAC has, in my opinion, done a very good job overall of keeping up with the cheating crowd. I can't remember the last time I came across a player that I suspected of cheating - and having had to do detection manually by watching player behavior, I'm very confident in this.
There's a few things you can look for manually when looking for cheaters.
Your typical aimbot is easy to detect. Jump into spectator mode or whatever and pick the first person view for the selected player. Instead of the smooth movements a typical player will have, you'll see the player's aim snap to positions on a screen. It's rare to see these anymore because detection is so incredibly easy.
Driver hacks to provide see-through textures, or model hacks that have a long cross through them that extend through walls, are also pretty easy to detect by watching the player. Is someone across the map and scoring head shots through walls? Does he always seem to know where the enemy is? He's using one of these.
The interesting cheat is the second one (wall / model hacks) which allows one to see opponents behind objects, because it's not a mechanical advantage like an aim bot; it's a strategic advantage, an information advantage. It doesn't change the ability of the cheater to aim more accurately; it changes the cheater's behavior. A player without the cheat information will act as if the opponent is not there; a player with the information will.
So, you'll see tactical advances / retreats, shots fired / grenades thrown, etc. that would not occur in normal non-cheating game play. Yes; there will always be the person who gets the lucky what-the-hell shot. That happens.Sometimes more than once. What you need to look for is a consistent pattern over time that cannot be attributed to simply being "good", having a better overall strategy, or having an unusual play style.
I bet that with enough information collected it would be possible to detect this kind of behavior and flag individual players for follow-up manual inspection. It would be a fascinating bit of research, really.
Resource hacks are very dead these days, as information about resources (ammunition carried, money earned, life amount, etc.) are all stored server-side for most games. There's no way for the client to fiddle with that data.
TOS? Doesn't apply here.... (Score:4, Interesting)
The scanning is done client-side, which means it's just an internal function of the software.
It isn't divulging any of your internet browsing or usage history. It's just combing the local cache for specific things, and is a process it doesn't even do in the first place unless a user is suspected of trying to abuse Valve's gaming environment by cheating.
If the TOS has to state an app is going to access your local DNS cache, then Windows operating systems are probably in violation themselves!
Re:Still abusive (Score:0, Interesting)
Zembar said, "He specifically says that it doesn't care about what web sites you are visiting,"
Well, not yet at least.
Re:Still abusive (Score:5, Interesting)
>Explaining something does not justify it. They should not go rummaging through my computer. Period.
Do you understand how VAC and similar anti-cheat software looks? It will scan through your memory looking for certain DLLs loaded, look through your computer files for cheats, and so forth.
Other than you being ignorant of what is actually happening before, I don't see anything that has changed with this announcement.
It's not like they're recording all of your metadata, uploading all your facebook posts to a data center in Utah, and targeting people for drone strikes using cell phone records.
Re:Still abusive (Score:4, Interesting)
Then don't connect to VAC enabled servers. It's that simple. If you connect to a VAC enabled server, you are implicitly giving Valve permission to rummage around in your computer for cheats, because that is how anti-cheat software works (all anti-cheat software. That's how they work: scanning the memory, running programs, etc.) It's quite simple, really: if you want to connect to someone else's server, and that person requires you to use VAC, then you use VAC or you don't connect.
Except for some of the CODs, you don't even have to connect to a VAC server to play multiplayer anyways.
Re:Still abusive (Score:4, Interesting)
A good question would be "is VAC running all the time, or only on a VAC-enabled game"...
Re:Still abusive (Score:4, Interesting)
I am not a gamer so I don't know if this is permitted by their TOS.
However, I don't care if they are sending a hash or the actual DNS inquiry. If they have a matching hash on their end, they are simply translating one entry into another form and back again. How do we know the limit of hashes for sites they have accumulated outside of known cheat sites?
If their TOS permits it, well, then buyer beware. But, I remember how everyone kicked and screamed when Apple and Microsoft did similar things.
They ARE examining your personal DNS history cache and sending, supposedly, matching entries. That is spyware - pure, simple and evil.
If you are not a gamer then why bother contributing to a discussion that specifically deals with online gaming?
The truth is that to make a successful online game now you need to do something about cheats. They ruin the game for everyone.
The two main anticheat products I know of are VAC and Punkbuster and both are pretty invasive. They need to be.
The moron who noticed this behaviour then posted it on hacking forum so you can be fairly sure he was a cheating scumbag trying to find out how he got caught. We don't know how many innocent people have this happening if any.