From the CSGO thread: http://www.reddit.com/r/GlobalOffensive/comments/1y0kc1/vac_now_reads_all_the_domains_you_have_visited/cfgj8up

Does that mean valve would actually ban based on internet history?

Because that's pretty funny

in response to LKincheloe. vac clearly has had the ability to do it for a while now.

The difference I see between Valve and ESEA is chiefly that Valve isn't run by LPKane, and VAC has no history of mining bitcoins.

I honestly don't see why this is that big of a deal even if they can see what websites you go to.
How is this any different from google tailoring ads to your web history?

Not trying to be condescending, genuinely want to understand

See #3
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.

On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.

If only Valve was an ISP... Complete me.

People don't like being tracked. Also people have things to hide. Even if they MD5 the websites, you can eventually figure out the sites by rainbow tabling a lot of sites.

Not saying it's likely for valve to do anything malicious, but they shouldn't need that data to do anti-cheat. It's like anal probing someone for a teeth cleaning, though less physically uncomfortable.

I'm just scared valve's gonna check my exhentai favs dude

Don't worry, it's hashed, they will only recognize them if they already knew those sites.

The reddit post linked gives a pretty good idea of why they probably do it.

It's really hard for a program to figure out what other programs are running accurately, because it's really easy for programs to pretend to be something else. We had software on our laptops in high school that blocked access to most programs; we were able to get around it by just tricking it into thinking we were running internet explorer.

However, it's hard for a hack to mask its website; if people are looking for a cheat client, they can't be expected to find it on a different website every day, which is the only way checking the DNS wouldn't work. Otherwise, if someone goes to organner.pl, Valve now has a bit more reason to believe there's cheating software on the client's computer, and that can help them figure out how to detect it.

Dammit, I really wanted to visit that site out of curiosity.

Then I remembered that might not be the greatest idea.

http://www.tobys.dk/cs/img/design/logo.png

http://mpgh.net/forum/mpghv2/logo.gif

Grats, just got everyone viewing this page a hack site in their DNS cache.

That's a horrible way to do AC. Just link to an image on a hack site and it's on your DNS. Sure, they can be clues, but the evidence is NEVER conclusive looking at DNS, and really why it's just free data mining from players.

The "perfect" AC would only scan your current game and the OS, but of course there's almost always a way to circumvent detection. DNS isn't any strong evidence.

not how it worked

That's it I'm boycotting Valve and moving to Origin.

acab

But that's to find a specific suspect; if they're not going to investigate someone because they've never visited a hack site/have a hack site on their DNS, then it's pretty useless information. I just don't see it being very useful or necessary information for them to have.

Also, I don't think they very often do individual investigations (except when profiling and what not new cheats) and instead look at a statistical pool. The exceptions being people like Mr Kaori and Drunken Fool, which often isn't even related to in game cheating.

You could match the list of people who visited X cheat website with the list of people who run Y programs alongside their games. If the only people who run a program called TotallyNotACheat.exe are also all on a list of people who visited TotallyACheat.com, then that's pretty convincing evidence that TotallyNotACheat.exe is, in fact, a cheat.

browny, did you purposely turn that MPGH logo into a gif? lol

Nope, literally just googled counter strike hacks and took the first two link's logos.

Also, it's been so fucking long since I went on MPGH. I remember getting my first Maplestory VAC hacks and GGG bypasses there. And learning how to change CE's source code to obfuscate functions, learning assembly, god those days.

So I could make a program that's called the same thing as a hack and visit the website, but not actually hack and still get banned? That's completely retarded and I'm pretty sure that's not how they do it.

AC should work on detecting injection or illegal memory reads, not reading your browser history and using circumstantial evidence. ACs should always catch a person in the act, not in any other way. Considering everybody is running VAC when they play on a VAC server, there shouldn't be any filtering between people who visited X website or not. It should be are you playing on a VAC server? If yes, run the VAC module and ban people who hack on these servers. Running a hack when you're not on a VAC server should not result in a VAC ban. You're "allowed" to do it (depends on the server owner obviously, but outside of valve's jurisdiction).

#19 VAC3 supports uploading executables and dlls to Valve directly for them to run them on VM, so that seems of little use to me in that case.

I think you're have trouble reading what I'm typing.

I'm not saying they're going to ban people who go to these websites; I'm also not saying they're only going to go after people who have certain websites in their history.

What I'm saying is it's a research tool; it provides evidence as to what may or may not be a cheat. I've never once said it's a way for them to ban people, it's a way for them to discover cheats that might not be as easily found.