Slash Boxes

SoylentNews is people

posted by Dopefish on Tuesday February 18 2014, @05:00AM   Printer-friendly
from the move-along-nothing-to-see-here dept.

Lagg writes:

"We're in a climate where it's easy to accuse a company of spying on you by various means with a distinct possibility that you could be right, but sometimes a reality check is needed. A Reddit user recently posted a thread accusing Valve of writing code for VAC that iterates your DNS cache and sends the hashed entries to their server. The proof provided of this was a prettied disassembly (that was not easily reproducible due to how VAC loads symbols) that showed only that VAC was indeed iterating the DNS cache, which any knowledgeable programmer understands is not exactly an uncommon thing to do, as no socket code was to be seen. Today, Gabe Newell responded to these allegations by confirming that no they do not in fact snoop your cache entries.

There are probably a few things to learn from this, including not trusting a screenshot of code that looks complex without actually understanding what it's doing. A lack of any level-headed investigation is a bad idea and it's important to handle these situations before they snowball into a mob (as Redditors are bound to do)."

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1) by paddym on Tuesday February 18 2014, @03:55PM

    by paddym (196) on Tuesday February 18 2014, @03:55PM (#1667)

    The only thing I can think of is that when dealing with DNS for looking up IP address information, it is definitely faster to find that in the cache than elsewhere. So iterating through the cache may happen; although I would tend to think that calls to the operating system's gethostbyname would do that iteration for the programmer. That would make it very common, but examining each entry is not common, to my knowledge. I don't see why a program would iterate through the cache looking at entries that have nothing to do with the context of the program, unless it's security software.