Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.
posted by Dopefish on Tuesday February 18 2014, @05:00AM   Printer-friendly
from the move-along-nothing-to-see-here dept.

Lagg writes:

"We're in a climate where it's easy to accuse a company of spying on you by various means with a distinct possibility that you could be right, but sometimes a reality check is needed. A Reddit user recently posted a thread accusing Valve of writing code for VAC that iterates your DNS cache and sends the hashed entries to their server. The proof provided of this was a prettied disassembly (that was not easily reproducible due to how VAC loads symbols) that showed only that VAC was indeed iterating the DNS cache, which any knowledgeable programmer understands is not exactly an uncommon thing to do, as no socket code was to be seen. Today, Gabe Newell responded to these allegations by confirming that no they do not in fact snoop your cache entries.

There are probably a few things to learn from this, including not trusting a screenshot of code that looks complex without actually understanding what it's doing. A lack of any level-headed investigation is a bad idea and it's important to handle these situations before they snowball into a mob (as Redditors are bound to do)."

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Interesting) by Lagg on Tuesday February 18 2014, @06:10AM

    by Lagg (105) on Tuesday February 18 2014, @06:10AM (#1434) Homepage Journal
    Snooping to me would be actually sending records in the clear in their entirety. From what I can tell and what I'd expect anyone with some sense to do when writing their stuff, only matched hashes to a given list are sent. Far from the implication that your cache is being given to Valve as is stated in the original thread. Though I do have to give them credit for saying "Yes hashes are sent" and confirming the fact since they didn't actually have to do that due to the fact that there was no proof they were even opening a socket. They could have pulled the standard "there is no evidence that we do or do not do this thing" excuse.
    --
    http://lagg.me [lagg.me] 🗿
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  

    Total Score:   2  
  • (Score: 1) by GeminiDomino on Tuesday February 18 2014, @02:50PM

    by GeminiDomino (661) on Tuesday February 18 2014, @02:50PM (#1622)

    Well, it's pretty clear from TFS which way your biases lie.

    --
    "We've been attacked by the intelligent, educated segment of our culture"
    • (Score: 1) by Lagg on Tuesday February 18 2014, @03:04PM

      by Lagg (105) on Tuesday February 18 2014, @03:04PM (#1635) Homepage Journal
      Accuse me of bias if you want. Maybe it's even true, Valve is one of the best software companies I've seen in years, I have friends there, I'm a recognized community contributor and I spend money on Steam games. I don't deny this, but what I will deny is that the summary is in any way intentionally inaccurate. I probably could have added a disclaimer. But would that have really helped in your impression of me and the summary? Something tells me no. But to say it's false and biased because the situation shifted in Valve's favor is really pushing it. There are a lot of things to criticize Valve for and some of them are pretty genuine concerns, but making up things from a prettied disassembly that shows nothing besides the fact that DNS cache entries are being iterated will only damage those concerns. And that is a situation where everyone loses. The fact of the matter is that this is not snooping, you can stretch the definition of it to make it fit under that term. But you'd really be grasping at straws. If you're going to go on a crusade about how me and the editors are slashdot relics at least make an attempt to distance yourself from the behavior you're complaining about.
      --
      http://lagg.me [lagg.me] 🗿
      • (Score: 3, Interesting) by GeminiDomino on Tuesday February 18 2014, @03:18PM

        by GeminiDomino (661) on Tuesday February 18 2014, @03:18PM (#1644)

        The fact of the matter is that this is not snooping, you can stretch the definition of it to make it fit under that term.

        Perhaps the "fact" is that anti-cheating systems need to "snoop" as part of their primary function, but no, the contents of the DNS cache -- data unrelated to the game being executed -- are being read, without disclosure (until now), and reported back. But no, you can repeat it as much as you like but you're the one redefining "snooping" in an attempt to put a positive spin on your particular brand-tribe.

        And I never said anything about "the editors", but even one of them acknowledged the slant after called out [soylentnews.org] by someone else.

        --
        "We've been attacked by the intelligent, educated segment of our culture"