Lagg writes:
"We're in a climate where it's easy to accuse a company of spying on you by various means with a distinct possibility that you could be right, but sometimes a reality check is needed. A Reddit user recently posted a thread accusing Valve of writing code for VAC that iterates your DNS cache and sends the hashed entries to their server. The proof provided of this was a prettied disassembly (that was not easily reproducible due to how VAC loads symbols) that showed only that VAC was indeed iterating the DNS cache, which any knowledgeable programmer understands is not exactly an uncommon thing to do, as no socket code was to be seen. Today, Gabe Newell responded to these allegations by confirming that no they do not in fact snoop your cache entries.
There are probably a few things to learn from this, including not trusting a screenshot of code that looks complex without actually understanding what it's doing. A lack of any level-headed investigation is a bad idea and it's important to handle these situations before they snowball into a mob (as Redditors are bound to do)."
(Score: 1, Insightful) by Anonymous Coward on Tuesday February 18 2014, @03:35PM
"VAC was indeed iterating the DNS cache, which any knowledgeable programmer understands is not exactly an uncommon thing to do,"
I'm a knowledgeable programmer but I never deal with games or DNS (believe it or not!). The programming domain might be larger than you realize. Why is this not an uncommon thing to do? Thanks.
(Score: 1) by Lagg on Tuesday February 18 2014, @03:42PM
http://lagg.me [lagg.me] 🗿
(Score: 1) by paddym on Tuesday February 18 2014, @03:55PM
The only thing I can think of is that when dealing with DNS for looking up IP address information, it is definitely faster to find that in the cache than elsewhere. So iterating through the cache may happen; although I would tend to think that calls to the operating system's gethostbyname would do that iteration for the programmer. That would make it very common, but examining each entry is not common, to my knowledge. I don't see why a program would iterate through the cache looking at entries that have nothing to do with the context of the program, unless it's security software.