A few days ago, a rumour appeared on Reddit that Valve Anti-Cheat, the software Valve use to crush aimbots and wallhacks across their games, was spying on people’s DNS cache and sending that information home. In other words, the Seattle game developer was watching every website you ever visited. It was only a rumour, and an unlikely one, but Gabe Newell appeared on Reddit last night to explain the situation. It’s a typically interesting look into Valve’s mindset and their approach to cheating.



There’s something poetic at the core of all this: cheat creators struggle to get users to pay for their cheats, and so put DRM inside their cheats. They put software to stop cheats inside their cheat software. “These cheats phone home to a DRM server that confirms that a cheater has actually paid to use the cheat,” according to Newell. That’s why Valve went looking inside your DNS cache. If they found evidence of phoning home, they knew a person was cheating and were able to ban them.

Newell makes clear that he wouldn’t normally reveal this kind of detail, but is doing so in this instance because the method of detection no longer works. “The cheat providers have worked around it by manipulating the DNS cache of their customers’ client machines.”

Ultimately, Newell argues this all comes down to an issue of trust. “Trust is a critical part of a multiplayer game community – trust in the developer, trust in the system, and trust in the other players. Cheats are a negative sum game, where a minority benefits less than the majority is harmed,” writes Newell. “There are a bunch of different ways to attack a trust-based system including writing a bunch of code (hacks), or through social engineering (for example convincing people that the system isn’t as trustworthy as they thought it was).”

Valve take cheating seriously because it erodes people’s trust in the system. That’s certainly true; Counter-Strike servers were paranoid places for years, in which any demonstration of skill was met with an accusation of cheating. It took a long for trust among players to return, far longer than it took to erode, and I still see more accusations of cheating in Counter-Strike than I ever did in Team Fortress or, really, any other modern multiplayer game.

Newell also suggests that some of the rumour-spreading might have been caused by cheat developers – that “social engineering” bit above. “VAC is inherently a scary looking piece of software, because it is trying to be obscure, it is going after code that is trying to attack it, and it is sneaky,” writes Newell. “For most cheat developers, social engineering might be a cheaper way to attack the system than continuing the code arms race, which means that there will be more Reddit posts trying to cast VAC in a sinister light.”

Valve are essentially fighting back with a little bit of social engineering of their own. They know that if they open up, and do so directly to the Reddit community, then they’ll win a lot of people over to their side. “Our response is to make it clear what we were actually doing and why with enough transparency that people can make their own judgements as to whether or not we are trustworthy,” as Newell puts it.

Somehow this post has come out longer than the original statement, so go read the full post through on Reddit.