http://teamfortress.tv/forum/thread/14006-meatshot-8-vol-5/11#post-229503
i told you so
VAC sending info to valve
posted in
TF2 General Discussion
http://www.reddit.com/r/GlobalOffensive/comments/1y0kc1/vac_now_reads_all_the_domains_you_have_visited/
http://teamfortress.tv/forum/thread/14006-meatshot-8-vol-5/11#post-229503
i told you so
http://teamfortress.tv/forum/thread/14006-meatshot-8-vol-5/11#post-229503
i told you so
From the CSGO thread: http://www.reddit.com/r/GlobalOffensive/comments/1y0kc1/vac_now_reads_all_the_domains_you_have_visited/cfgj8up
As someone who reverse engineers things for fun, and can read the C "pseudocode" generated via decompilation pretty easily, I am going to have to disagree with the assumptions made in this post.
First, there's no proof this is from Steam, I've poked around a few of the DLLs since I saw this and am unable to find anything even remotely close to what this does.
Second, this method does NOT send anything to Valve. This method grabs the DNS cache, yes. And it MD5s the entries, then it stores it. This method itself does nothing more with the hashes. For all we know VAC could be doing a LOCAL scan of the list, and comparing it to an internal list of "known" cheat subscription servers.
Until someone posts details of exactly where in Steam this is (What DLL is all that's required to verify), and the calling method that supposedly sends this information to Valve, I would take this with a very massive grain of salt.
From the CSGO thread: http://www.reddit.com/r/GlobalOffensive/comments/1y0kc1/vac_now_reads_all_the_domains_you_have_visited/cfgj8up
[quote]As someone who reverse engineers things for fun, and can read the C "pseudocode" generated via decompilation pretty easily, I am going to have to disagree with the assumptions made in this post.
First, there's no proof this is from Steam, I've poked around a few of the DLLs since I saw this and am unable to find anything even remotely close to what this does.
Second, this method does NOT send anything to Valve. This method grabs the DNS cache, yes. And it MD5s the entries, then it stores it. This method itself does nothing more with the hashes. For all we know VAC could be doing a LOCAL scan of the list, and comparing it to an internal list of "known" cheat subscription servers.
Until someone posts details of exactly where in Steam this is (What DLL is all that's required to verify), and the calling method that supposedly sends this information to Valve, I would take this with a very massive grain of salt.
[/quote]
[quote]As someone who reverse engineers things for fun, and can read the C "pseudocode" generated via decompilation pretty easily, I am going to have to disagree with the assumptions made in this post.
First, there's no proof this is from Steam, I've poked around a few of the DLLs since I saw this and am unable to find anything even remotely close to what this does.
Second, this method does NOT send anything to Valve. This method grabs the DNS cache, yes. And it MD5s the entries, then it stores it. This method itself does nothing more with the hashes. For all we know VAC could be doing a LOCAL scan of the list, and comparing it to an internal list of "known" cheat subscription servers.
Until someone posts details of exactly where in Steam this is (What DLL is all that's required to verify), and the calling method that supposedly sends this information to Valve, I would take this with a very massive grain of salt.
[/quote]
Does that mean valve would actually ban based on internet history?
Because that's pretty funny
Does that mean valve would actually ban based on internet history?
Because that's pretty funny
Because that's pretty funny
if you continue examining the code, you will notice that it will read the first 80 bytes of the .cfg file, hash it and send it to Valve along with other information.
in response to LKincheloe. vac clearly has had the ability to do it for a while now.
[quote]if you continue examining the code, you will notice that it will read the first 80 bytes of the .cfg file, hash it and send it to Valve along with other information.[/quote]
in response to LKincheloe. vac clearly has had the ability to do it for a while now.
in response to LKincheloe. vac clearly has had the ability to do it for a while now.
PapaSmurf323http://www.reddit.com/r/GlobalOffensive/comments/1y0kc1/vac_now_reads_all_the_domains_you_have_visited/
http://teamfortress.tv/forum/thread/14006-meatshot-8-vol-5/11#post-229503
i told you so
The difference I see between Valve and ESEA is chiefly that Valve isn't run by LPKane, and VAC has no history of mining bitcoins.
[quote=PapaSmurf323]http://www.reddit.com/r/GlobalOffensive/comments/1y0kc1/vac_now_reads_all_the_domains_you_have_visited/
http://teamfortress.tv/forum/thread/14006-meatshot-8-vol-5/11#post-229503
i told you so[/quote]
The difference I see between Valve and ESEA is chiefly that Valve isn't run by LPKane, and VAC has no history of mining bitcoins.
http://teamfortress.tv/forum/thread/14006-meatshot-8-vol-5/11#post-229503
i told you so[/quote]
The difference I see between Valve and ESEA is chiefly that Valve isn't run by LPKane, and VAC has no history of mining bitcoins.
I honestly don't see why this is that big of a deal even if they can see what websites you go to.
How is this any different from google tailoring ads to your web history?
Not trying to be condescending, genuinely want to understand
I honestly don't see why this is that big of a deal even if they can see what websites you go to.
How is this any different from google tailoring ads to your web history?
Not trying to be condescending, genuinely want to understand
How is this any different from google tailoring ads to your web history?
Not trying to be condescending, genuinely want to understand
See #3
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.
See #3
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.
SetsulSee #3
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.
I'm just scared valve's gonna check my exhentai favs dude
[quote=Setsul]See #3
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.[/quote]
I'm just scared valve's gonna check my exhentai favs dude
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.[/quote]
I'm just scared valve's gonna check my exhentai favs dude
eeeSetsulSee #3I'm just scared valve's gonna check my exhentai favs dude
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.
Don't worry, it's hashed, they will only recognize them if they already knew those sites.
[quote=eee][quote=Setsul]See #3
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.[/quote]
I'm just scared valve's gonna check my exhentai favs dude[/quote]
Don't worry, it's hashed, they will only recognize them if they already knew those sites.
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.[/quote]
I'm just scared valve's gonna check my exhentai favs dude[/quote]
Don't worry, it's hashed, they will only recognize them if they already knew those sites.
brownymasterNot saying it's likely for valve to do anything malicious, but they shouldn't need that data to do anti-cheat. It's like anal probing someone for a teeth cleaning, though less physically uncomfortable.
The reddit post linked gives a pretty good idea of why they probably do it.
It's really hard for a program to figure out what other programs are running accurately, because it's really easy for programs to pretend to be something else. We had software on our laptops in high school that blocked access to most programs; we were able to get around it by just tricking it into thinking we were running internet explorer.
However, it's hard for a hack to mask its website; if people are looking for a cheat client, they can't be expected to find it on a different website every day, which is the only way checking the DNS wouldn't work. Otherwise, if someone goes to organner.pl, Valve now has a bit more reason to believe there's cheating software on the client's computer, and that can help them figure out how to detect it.
[quote=brownymaster]Not saying it's likely for valve to do anything malicious, but they shouldn't need that data to do anti-cheat. It's like anal probing someone for a teeth cleaning, though less physically uncomfortable.[/quote]
The reddit post linked gives a pretty good idea of why they probably do it.
It's really hard for a program to figure out what other programs are running accurately, because it's really easy for programs to pretend to be something else. We had software on our laptops in high school that blocked access to most programs; we were able to get around it by just tricking it into thinking we were running internet explorer.
However, it's hard for a hack to mask its website; if people are looking for a cheat client, they can't be expected to find it on a different website every day, which is the only way checking the DNS wouldn't work. Otherwise, if someone goes to organner.pl, Valve now has a bit more reason to believe there's cheating software on the client's computer, and that can help them figure out how to detect it.
The reddit post linked gives a pretty good idea of why they probably do it.
It's really hard for a program to figure out what other programs are running accurately, because it's really easy for programs to pretend to be something else. We had software on our laptops in high school that blocked access to most programs; we were able to get around it by just tricking it into thinking we were running internet explorer.
However, it's hard for a hack to mask its website; if people are looking for a cheat client, they can't be expected to find it on a different website every day, which is the only way checking the DNS wouldn't work. Otherwise, if someone goes to organner.pl, Valve now has a bit more reason to believe there's cheating software on the client's computer, and that can help them figure out how to detect it.
synchroHowever, it's hard for a hack to mask its website; if people are looking for a cheat client, they can't be expected to find it on a different website every day, which is the only way checking the DNS wouldn't work. Otherwise, if someone goes to organner.pl, Valve now has a bit more reason to believe there's cheating software on the client's computer, and that can help them figure out how to detect it.
Dammit, I really wanted to visit that site out of curiosity.
Then I remembered that might not be the greatest idea.
[quote=synchro]
However, it's hard for a hack to mask its website; if people are looking for a cheat client, they can't be expected to find it on a different website every day, which is the only way checking the DNS wouldn't work. Otherwise, if someone goes to organner.pl, Valve now has a bit more reason to believe there's cheating software on the client's computer, and that can help them figure out how to detect it.
[/quote]
Dammit, I really wanted to visit that site out of curiosity.
Then I remembered that might not be the greatest idea.
However, it's hard for a hack to mask its website; if people are looking for a cheat client, they can't be expected to find it on a different website every day, which is the only way checking the DNS wouldn't work. Otherwise, if someone goes to organner.pl, Valve now has a bit more reason to believe there's cheating software on the client's computer, and that can help them figure out how to detect it.
[/quote]
Dammit, I really wanted to visit that site out of curiosity.
Then I remembered that might not be the greatest idea.
SetsulSee #3
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.
not how it worked
[quote=Setsul]See #3
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.[/quote]
not how it worked
If you're not comfortable with VAC checking wether you use cheats or not while playing on a VAC secure server, then you shouldn't play on VAC secure servers. I mean that's the point of AC, checking for cheats.
On the other hand an AC client that is able to access every file on your PC while mining bitcoins, when it shouldn't even be running is clearly doing a little bit more than just checking for cheats.[/quote]
not how it worked
That's it I'm boycotting Valve and moving to Origin.
That's it I'm boycotting Valve and moving to Origin.
brownymasterThat's a horrible way to do AC. Just link to an image on a hack site and it's on your DNS.
acab
[quote=brownymaster]That's a horrible way to do AC. Just link to an image on a hack site and it's on your DNS.[/quote]
acab
acab
brownymasterI just don't see it being very useful or necessary information for them to have.
You could match the list of people who visited X cheat website with the list of people who run Y programs alongside their games. If the only people who run a program called TotallyNotACheat.exe are also all on a list of people who visited TotallyACheat.com, then that's pretty convincing evidence that TotallyNotACheat.exe is, in fact, a cheat.
[quote=brownymaster]I just don't see it being very useful or necessary information for them to have.[/quote]
You could match the list of people who visited X cheat website with the list of people who run Y programs alongside their games. If the only people who run a program called TotallyNotACheat.exe are also all on a list of people who visited TotallyACheat.com, then that's pretty convincing evidence that TotallyNotACheat.exe is, in fact, a cheat.
You could match the list of people who visited X cheat website with the list of people who run Y programs alongside their games. If the only people who run a program called TotallyNotACheat.exe are also all on a list of people who visited TotallyACheat.com, then that's pretty convincing evidence that TotallyNotACheat.exe is, in fact, a cheat.
browny, did you purposely turn that MPGH logo into a gif? lol
browny, did you purposely turn that MPGH logo into a gif? lol
#19 VAC3 supports uploading executables and dlls to Valve directly for them to run them on VM, so that seems of little use to me in that case.
#19 VAC3 supports uploading executables and dlls to Valve directly for them to run them on VM, so that seems of little use to me in that case.
brownymasterwords?
I think you're have trouble reading what I'm typing.
I'm not saying they're going to ban people who go to these websites; I'm also not saying they're only going to go after people who have certain websites in their history.
What I'm saying is it's a research tool; it provides evidence as to what may or may not be a cheat. I've never once said it's a way for them to ban people, it's a way for them to discover cheats that might not be as easily found.
[quote=brownymaster]words?[/quote]
I think you're have trouble reading what I'm typing.
I'm not saying they're going to ban people who go to these websites; I'm also not saying they're only going to go after people who have certain websites in their history.
What I'm saying is it's a [u]research tool[/u]; it provides [u]evidence[/u] as to what may or may not be a cheat. I've never once said it's a way for them to ban people, [b]it's a way for them to discover cheats[/b] that might not be as easily found.
I think you're have trouble reading what I'm typing.
I'm not saying they're going to ban people who go to these websites; I'm also not saying they're only going to go after people who have certain websites in their history.
What I'm saying is it's a [u]research tool[/u]; it provides [u]evidence[/u] as to what may or may not be a cheat. I've never once said it's a way for them to ban people, [b]it's a way for them to discover cheats[/b] that might not be as easily found.
Please
sign in through STEAM
to post a comment.