VAC3 now sends MD5 hashes of your DNS cache entries - Games

This thread is a good example of the social engineering Gabe talked about in his response to this. Altimor is pretty much a confirmed hacker. His opinion on this matter is extremely biased.

[QUOTE=Stents*;43985712]This thread is a good example of the social engineering Gabe talked about in his response to this. Altimor is pretty much a confirmed hacker. His opinion on this matter is extremely biased.[/QUOTE] I don't work for any cheat site, why would I be biased towards them?

[QUOTE=Altimor;43999603]I don't work for any cheat site, why would I be biased towards them?[/QUOTE] You get enjoyment from hacking obviously. So you would obviously benefit from lack of trust in VAC. [url]http://lmgtfy.com/?q=altimor+hack[/url] [url]http://forums.dayzgame.com/index.php?/topic/158903-have-a-hacker-who-literally-takes-pictures-of-his-hack-with-the-steam-overlay-and-shows-them-off-on-another-forum/[/url] [url]http://facepunch.com/showthread.php?t=1250139&p=43312862&viewfull=1#post43312862[/url] [url]http://steamcommunity.com/sharedfiles/filedetails/?id=208476113[/url] I honestly don't understand how you're not perma banned from steam.

VAC banned twice on the same account, nice work Altimor.

[QUOTE=Stents*;44001729]You get enjoyment from hacking obviously. So you would obviously benefit from lack of trust in VAC. [url]http://lmgtfy.com/?q=altimor+hack[/url] [url]http://forums.dayzgame.com/index.php?/topic/158903-have-a-hacker-who-literally-takes-pictures-of-his-hack-with-the-steam-overlay-and-shows-them-off-on-another-forum/[/url] [url]http://facepunch.com/showthread.php?t=1250139&p=43312862&viewfull=1#post43312862[/url] [url]http://steamcommunity.com/sharedfiles/filedetails/?id=208476113[/url] I honestly don't understand how you're not perma banned from steam.[/QUOTE] I'm not just any cheater, I'm a cheat programmer. Do you think a guy playing Mario would want Bowser to be removed? Regardless, this was a stupid move. If someone caught wind of it early enough and wanted to be a dick they could've img tagged links to cheat auth servers.

[QUOTE=Altimor;43930860] Not sure where this image originated but it's legit.[/QUOTE] Ofc it's legit, looks like VAC3 bins opened with some ASI program. You can see it too, just install a VAC3 game and that program. [editline]22nd February 2014[/editline] Please for the love of god don't reassemble anything into it or you might get the banhammer if VAC doesn't get the time to update itself :x [editline]22nd February 2014[/editline] Oh never mind you're already banned twice :P

Plus, I'm not sure if anybody will have time to brute or rainbow other people's DNS cache. Who the fuck needs that? Salted or unsalted, its not that easy. Plus, you might get some collisions before you get the actual result. Consider how long those cache entries are... Wtf, no automerge 0.0

[QUOTE=Altimor;44004385]I'm not just any cheater, I'm a cheat programmer. Do you think a guy playing Mario would want Bowser to be removed? Regardless, this was a stupid move. If someone caught wind of it early enough and wanted to be a dick they could've img tagged links to cheat auth servers.[/QUOTE]but gabe already explained that's not how that works so

[QUOTE=TehWhale;44008418]but gabe already explained that's not how that works so[/QUOTE] No? He explained it didn't send all of the cache entries, just the bad evil ones to make sure they're really bad evil and the VAC client didn't malfunction. [editline]22nd February 2014[/editline] [QUOTE=KD007;44006031]Ofc it's legit, looks like VAC3 bins opened with some ASI program. You can see it too, just install a VAC3 game and that program. [editline]22nd February 2014[/editline] Please for the love of god don't reassemble anything into it or you might get the banhammer if VAC doesn't get the time to update itself :x [editline]22nd February 2014[/editline] Oh never mind you're already banned twice :P[/QUOTE] Nah you can't just open up the VAC3 DLL, reassemble parts and replace it. It gets manually mapped in (meaning you will have to locate the start and end of the module and dump it for reversing) and streamed from Valve's servers. Not as easy as replacing a file on the hard drive.

so... you're outraged that valve is getting vac to send home proof of an end user validating ownership of a cheat? (and no other web history) explain to me again how I'm supposed to be angry at this [editline]23rd February 2014[/editline] oh i get it you think vac would take the presence of this dns entry ONLY as hard proof of cheating wow have you heard yourself you really think vac is that scattershot after all these years of development haha

[QUOTE=subenji99;44015022]so... you're outraged that valve is getting vac to send home proof of an end user validating ownership of a cheat? (and no other web history) explain to me again how I'm supposed to be angry at this [editline]23rd February 2014[/editline] oh i get it you think vac would take the presence of this dns entry ONLY as hard proof of cheating wow have you heard yourself you really think vac is that scattershot after all these years of development haha[/QUOTE] If they could detect the cheats without DNS cache checks why wouldn't they just do that I also have no doubt that after years of fighting an unwinnable war they are beginning to lose their minds

anti-cheat is never going to be 100% effective, but no one is going to stop until they can rid all cheaters from their games

[QUOTE=TehWhale;44021061]anti-cheat is never going to be 100% effective, but no one is going to stop until they can rid all cheaters from their games[/QUOTE] There comes a point when a cheat disables all possible detection methods and an anticheat stops all ways of disabling detection methods. At this point it's whichever loads first and then things are going to get wildly gay

[QUOTE=Altimor;44021596]There comes a point when a cheat disables all possible detection methods and an anticheat stops all ways of disabling detection methods. At this point it's whichever loads first and then things are going to get wildly gay[/QUOTE] You're part of the reason it's getting wildly gay, cheat-maker.

[QUOTE=elixwhitetail;44021616]You're part of the reason it's getting wildly gay, cheat-maker.[/QUOTE] I've never released anti-anticheat methods publicly because I fear the day streaming services and heuristic anticheats are popular. But this isn't what the thread is about, can we go back to discussing whether the DNS cache checking was a good idea or not?

It was a great idea while the tactic remained unknown. Now that it's been revealed it's unusable going forward because it's far too open to abuse and circumvention. I'm not here to debate the ethics of creating hacks, but it's fucking rich seeing you whinge about the inevitable end state of the cheater-anticheat arms race when you form part of the problem, public releases or not.

[QUOTE=elixwhitetail;44022820]It was a great idea while the tactic remained unknown. Now that it's been revealed it's unusable going forward because it's far too open to abuse and circumvention. I'm not here to debate the ethics of creating hacks, but it's fucking rich seeing you whinge about the inevitable end state of the cheater-anticheat arms race when you form part of the problem, public releases or not.[/QUOTE] "img tag links to cheat auth servers" was an immediate response to that reddit post, it's possible someone found out beforehand and did just that. Even if instead of banning solely on this they used it to back up an error-prone method of detecting some paycheats, there's a small chance some poor guy got banned with no way to prove his innocence. I don't see why they'd use both this and a solid method of detecting whatever paycheats unless it's all part of a master scheme to put cheat sites out of business by encouraging people to pirate them.

i love how it's the cheaters and cheat-creators getting pissed at the way vac works stop crying you pieces of shit

[QUOTE=TehWhale;44022981]i love how it's the cheaters and cheat-creators getting pissed at the way vac works stop crying you pieces of shit[/QUOTE] You should try reading my post

[QUOTE=Altimor;44022961]"img tag links to cheat auth servers" was an immediate response to that reddit post, it's possible someone found out beforehand and did just that. Even if instead of banning solely on this they used it to back up an error-prone method of detecting some paycheats, there's a small chance[B] some poor guy got banned with no way to prove his innocence.[/B] I don't see why they'd use both this and a solid method of detecting whatever paycheats unless it's all part of a master scheme to put cheat sites out of business by encouraging people to pirate them.[/QUOTE] Well considering he'd already have to be running cheats to trigger this check, I doubt he's that innocent.

[QUOTE=TheDecryptor;44024025]Well considering he'd already have to be running cheats to trigger this check, I doubt he's that innocent.[/QUOTE] >error-prone method of detecting some paycheats They wouldn't have the DNS checks if they had a false positive free method

[QUOTE=Altimor;44027899]>error-prone method of detecting some paycheats They wouldn't have the DNS checks if they had a false positive free method[/QUOTE] The lady doth protest too much.

I know gabe said he wasn't scanning peoples history, I am just glad my gay furry porn isn't getting shown to him.

wow you still think a dns entry would trigger a ban far more likely and reasonable to believe it was just data gathering You know - know which are the most popular and worth dedicating efforts against but no you're on a moral crusade to denounce the people protecting their games from abuse

[QUOTE=subenji99;44030696]wow you still think a dns entry would trigger a ban far more likely and reasonable to believe it was just data gathering You know - know which are the most popular and worth dedicating efforts against but no you're on a moral crusade to denounce the people protecting their games from abuse[/QUOTE] Gabe himself said it was used for banning.