A couple of days ago, a thread appeared on Reddit that warned users about the Valve Anti-Cheat system was going through users’ DNS caches and reporting back to its servers. It triggered a short bout of concern that Valve was engaged in active spying of customers internet activity, despite a lack of evidence that the system was actually transmitting any information.
In a rare appearance, Valve co-founder Gabe Newell posted a lengthy explanation of what the VAC does and why it goes through users’ DNS history.
“VAC checked for the presence of these cheats. If they were detected VAC then checked to see which cheat DRM server was being contacted. This second check was done by looking for a partial match to those (non-web) cheat DRM servers in the DNS cache. If found, then hashes of the matching DNS entries were sent to the VAC servers. The match was double checked on our servers and then that client was marked for a future ban. Less than a tenth of one percent of clients triggered the second check. 570 cheaters are being banned as a result,” wrote Newell.
He also went on to claim that the concerns raised could be the work of cheaters who want to reduce Valve’s capability to reducing in-game cheating. Creating a cheat that is capable of overcoming the built in safeguard takes a massive amount of investment, and these cheaters often charge people to use the service.
Newell explained, “for most cheat developers, social engineering might be a cheaper way to attack the system than continuing the code arms race, which means that there will be more Reddit posts trying to cast VAC in a sinister light.”