Gabe Newell has taken to social media site, Reddit, to try and defuse a situation which arose after Steam’s anti-cheat system VAC (Valve Anti Cheat) was reverse engineered and found to be sending some browsing detail information back to the Half Life developer in an attempt to catch further cheats. The basis of his post is around trust, not only trusting Valve but also the system and other players, a trust system which he feels cheats are abusing.
Trust is a critical part of a multiplayer game community – trust in the developer, trust in the system, and trust in the other players. Cheats are a negative sum game, where a minority benefits less than the majority is harmed.
There are a bunch of different ways to attack a trust-based system including writing a bunch of code (hacks), or through social engineering (for example convincing people that the system isn’t as trustworthy as they thought it was).
Gabe posted on Reddit in response to the original thread that flagged the potential privacy intrusion – http://www.reddit.com/r/Games/comments/1y1uuc/vac_now_reads_all_the_domains_you_have_visited/
VAC looks at a Windows log which is automatically generated as you browse the Internet for the names of servers known to be used by people and groups that sell cheats. These servers are destinations that are used to verify that a person has actually paid to use a cheat. Only if a machine was spotted contacting one of these verification servers was information passed back to Valve. According to Newell, 570 people have been banned by this checking system.
At the end of his post he covers a short Q&A
1) Do we send your browsing history to Valve? No.
2) Do we care what porn sites you visit? Oh, dear god, no. My brain just melted.
3) Is Valve using its market success to go evil? I don’t think so, but you have to make the call if we are trustworthy. We try really hard to earn and keep your trust.