Stories
Slash Boxes
Comments

Dev.SN ♥ developers

Gabe Newell Responds to DNS Snooping Allegations

posted by Dopefish on Tuesday February 18 2014, @01:00AM   Printer-friendly
from the move-along-nothing-to-see-here dept.

Lagg writes:

"We're in a climate where it's easy to accuse a company of spying on you by various means with a distinct possibility that you could be right, but sometimes a reality check is needed. A Reddit user recently posted a thread accusing Valve of writing code for VAC that iterates your DNS cache and sends the hashed entries to their server. The proof provided of this was a prettied disassembly (that was not easily reproducible due to how VAC loads symbols) that showed only that VAC was indeed iterating the DNS cache, which any knowledgeable programmer understands is not exactly an uncommon thing to do, as no socket code was to be seen. Today, Gabe Newell responded to these allegations by confirming that no they do not in fact snoop your cache entries.

There are probably a few things to learn from this, including not trusting a screenshot of code that looks complex without actually understanding what it's doing. A lack of any level-headed investigation is a bad idea and it's important to handle these situations before they snowball into a mob (as Redditors are bound to do)."

 
This discussion has been archived. No new comments can be posted.
Gabe Newell Responds to DNS Snooping Allegations | Log In/Create an Account | Top | 1000 moderator points   | 48 comments | Search Discussion
Display Options Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Informative) by SpallsHurgenson on Tuesday February 18 2014, @01:25AM

    by SpallsHurgenson (656) on Tuesday February 18 2014, @01:25AM (#1421)

    According to TFA, Valve does do some snooping. The Steam client / Valve Anti-Cheat system checks the DNS cache for certain DNS hits (for instance, the ones used by cheat-programmers to authenticate the licenses used in certain cheat programs). If VAC finds a match, it hashes the result and sends it to Valve, where the user is flagged for review. So they are peeking. However, Valve says they are not uploading the contents of the DNS cache in its entirety, so if you go to dev.soylentnews.org or slashdot.org, they will never know because they aren't checking for the DNS entries on either of those sites.

    Of course, this all assumes Valve is telling the truth, or that their software is working as intended. Given the current climate and unabashed greediness of corporations and governments for our personal data, you will have to forgive me if I take any and all such assurances with a large grain of salt.

    Starting Score:    1  point
    Moderation   +4  
       Insightful=1, Informative=3, Total=4
    Extra 'Informative' Modifier   0  
    Total Score:   5  

  • (Score: 2, Interesting) by Lagg on Tuesday February 18 2014, @02:10AM

    by Lagg (105) on Tuesday February 18 2014, @02:10AM (#1434) Homepage Journal
    Snooping to me would be actually sending records in the clear in their entirety. From what I can tell and what I'd expect anyone with some sense to do when writing their stuff, only matched hashes to a given list are sent. Far from the implication that your cache is being given to Valve as is stated in the original thread. Though I do have to give them credit for saying "Yes hashes are sent" and confirming the fact since they didn't actually have to do that due to the fact that there was no proof they were even opening a socket. They could have pulled the standard "there is no evidence that we do or do not do this thing" excuse.
    --
    http://lagg.me [lagg.me]
    9467 6082 8A35 2E1E 2D6B 76C4 5E9A ED56 076F 9E89

    • (Score: 1) by GeminiDomino on Tuesday February 18 2014, @10:50AM

      by GeminiDomino (661) on Tuesday February 18 2014, @10:50AM (#1622)

      Well, it's pretty clear from TFS which way your biases lie.

      --
      "We've been attacked by the intelligent, educated segment of our culture"

      • (Score: 1) by Lagg on Tuesday February 18 2014, @11:04AM

        by Lagg (105) on Tuesday February 18 2014, @11:04AM (#1635) Homepage Journal
        Accuse me of bias if you want. Maybe it's even true, Valve is one of the best software companies I've seen in years, I have friends there, I'm a recognized community contributor and I spend money on Steam games. I don't deny this, but what I will deny is that the summary is in any way intentionally inaccurate. I probably could have added a disclaimer. But would that have really helped in your impression of me and the summary? Something tells me no. But to say it's false and biased because the situation shifted in Valve's favor is really pushing it. There are a lot of things to criticize Valve for and some of them are pretty genuine concerns, but making up things from a prettied disassembly that shows nothing besides the fact that DNS cache entries are being iterated will only damage those concerns. And that is a situation where everyone loses. The fact of the matter is that this is not snooping, you can stretch the definition of it to make it fit under that term. But you'd really be grasping at straws. If you're going to go on a crusade about how me and the editors are slashdot relics at least make an attempt to distance yourself from the behavior you're complaining about.
        --
        http://lagg.me [lagg.me]
        9467 6082 8A35 2E1E 2D6B 76C4 5E9A ED56 076F 9E89

        • (Score: 3, Interesting) by GeminiDomino on Tuesday February 18 2014, @11:18AM

          by GeminiDomino (661) on Tuesday February 18 2014, @11:18AM (#1644)

          The fact of the matter is that this is not snooping, you can stretch the definition of it to make it fit under that term.

          Perhaps the "fact" is that anti-cheating systems need to "snoop" as part of their primary function, but no, the contents of the DNS cache -- data unrelated to the game being executed -- are being read, without disclosure (until now), and reported back. But no, you can repeat it as much as you like but you're the one redefining "snooping" in an attempt to put a positive spin on your particular brand-tribe.

          And I never said anything about "the editors", but even one of them acknowledged the slant after called out [dev.soylentnews.org] by someone else.

          --
          "We've been attacked by the intelligent, educated segment of our culture"

  • (Score: 2, Insightful) by FatPhil on Tuesday February 18 2014, @08:05AM

    by FatPhil (863) <reversethis-{if.fdsa} {ta} {tnelyos-cp}> on Tuesday February 18 2014, @08:05AM (#1550) Homepage Journal

    But surely DNS is a red herring. If they're sniffing for dodgy DNS records, implying a connection to a dodgy site, then why don't the dodgy hackers just use an IP address, and disappear under that radar?

    --
    Making a public pledge to no longer contribute to slashdot