Deleted last post. Think I get it

Steam wouldn't just "have code" by random hackers into it. They would need to enter the server via hacking into it. (Is there a better word for hacking?)

They run a number of virus scans on files uploaded to Steam by developers. Obviously they can't catch every possible virus but they do what they can and have plenty of details (including banking details) about the company that uploaded the files the would pass on the law enforcement during any investigation.

Raven の投稿を引用：

https://www.reddit.com/r/arma/comments/2750n0/battleye_is_sending_files_from_your_hard_drive_to/

Something to be aware of since you play Arma, Ark, and Insurgency.

Consdiering most of that post is basically just FUD

BE is not a 'malicious code'

I am 50+ years old and I don't know a whole lot about modern code. I learned Basic early on when TRS80s were popular, but that's about it.

Why would playing a title as Admin open one up to more risk?

Because you give the program elevated priviliges. Same as handing you over a general key for an office building instead of just the one for your office.

Its more likely that malware creators dont want their yet undetected code to be burned very quick by exposing it to steam, before it even gets handed out.

Also they need a working game product first, which would be burned as well.

But if a fine game has a security hole, things can happen.

Well that's not good. None of my Steam games are played as Admin but I have an app or two that I set to "Run as Admin" because I was told it "improves functionality" with title "X"

(I have left off the names of the applications involved so I can investigate further)

I do not believe BE or VAC are "evil". Something has to be in place to stop or at least hinder the cheaters.

Also I am not all that up to date with current privacy Laws to make a statement on what is or is not legal for these Anti-Cheat applications to do.

Arguments about transparency can be made for both sides of this issue.

I will endeavor to further educate myself.

I thank you all for taking the time to respond to my concerns and I feel more secure in my purchases through Steam as a result.

Oldwolf out.

Oldwolf の投稿を引用：

Hello,

I buy a lot of games through my Steam. Recently with all the news and media alive with claims of who hacked who, I got to thinking if hackers could get this damaging code to us through our Steam Purchases.


Is this possible?

What measures are in place to screen games that are presented for sale on Steam?

If malicious code gets through do we have any protections as the consumer?

Can I get a link to any existing policy in place to protect us the consumer?

All the software on steam is certified and if any of them do contain malicious goals. Well Valve has a name and a bank account tied to the oublisher and developer. Creation of malicious code like a virus or something designed to harm a user is illegal in quite a few countries. The distribution of such code is even moreso. So a dev doing such deliberately will basically get his ass landed in jail. or at the very least be liable to damages.

That said. Most people who talk of being 'hacked' are using 3rd party software that is not distributed by steam. FOr example TeamSpeak. There's no protection from this beyond the user applying good safety practices and common sense.

A common pattern for Teamspeak for example is they are connecting to some custom server that tells them they're out of date or something and the person that invites gives a link toa doctored installer.

Most other scams and hijackings work this way. People deliberately dload and run the malicious ncode and compromise their own security. Your machine and it's security is your responsibility.

Consumers seem to get less and less protection as big buisiness finds more ways to make themselves less liable.

Less Liable. No software company ever accepted liability for the actions of a piece of software they did not make, onor have they ever accepted responsibility for you misusing or modifying their software.

I am not interested in pointing fingers or finding fault. This may seem a contradiction to the previous statement but I was just stating a fact of buisiness.

Not really. you just started your assumptions based on limited observation. Have you ever read the EULA that comes with any software.

Now granted if the software itself causes damages or issues, then there is limited liability. Which is why patches, and updates are a thing.

I am however, interested in a solution if vulnerabilities exist.

The most frequently exploited vulnerability is the person using the computer. Plain and simple. people whgo actually practice proper computer safety almost never get viruses, malaware or find themselves hacked.

Start_Running,

Thanks for your reply.

And yes I have read the EULA on most of my purchases, i.e. a quick perusal.

I suppose what stuck in my mind was the Arbitration clause in which the developer gets to chose who arbitrates any complaints about code they wrote.

I also assumed this somehow makes them less liable from the standpoint of keeping them out of court.

I did not mean to imply the developer should be liable for code they themselves did not write.

My ignorance of this topic was bound to cause confusion but I tried to be as clear as I knew how.

I was imagining this huge conspiracy where an evil developer releases PC doom like a wave of plague accross the world through our games lol.

Your reply is very enlightening and I appreciate you taking the time, thank you.

Maybe BattleEye and EasyAntiCheats aren't malicious, they work as keyloggers. They capture your screen, monitor everything you type, scan every open process in task manager, and send everything to their server.
Oh, and they continue to work even if you close the game.

But to answer OP's question, injecting a virus or other kind of malware through games is possible, but very unlikely as Steam's probably got the best protection there is. And they have all informations about the developer of such software, so they could easily take legal action. Do I have to remind you that devs who created cheats for Overwatch just recently lost a court case and have now to pay over 8 million dollars to Blizzard?

Tycho の投稿を引用：

Maybe BattleEye and EasyAntiCheats
Oh, and they continue to work even if you close the game.

They send files and keystrokes all the time even after closing the game?

Oldwolf の投稿を引用：

Start_Running,

Thanks for your reply.

And yes I have read the EULA on most of my purchases, i.e. a quick perusal.

I suppose what stuck in my mind was the Arbitration clause in which the developer gets to chose who arbitrates any complaints about code they wrote.

That's kinda necessary since differing countries have different laws. I.e. yyou can't apply your laws to spm,ething that was done in another country.

I also assumed this somehow makes them less liable from the standpoint of keeping them out of court.

I did not mean to imply the developer should be liable for code they themselves did not write.

It's basically a standard practice to limit the grounds for arbitration and the damages that may be sought. I mean you have the right to refuse to agree to such things but that means more or less not using the software.

My ignorance of this topic was bound to cause confusion but I tried to be as clear as I knew how.

I was imagining this huge conspiracy where an evil developer releases PC doom like a wave of plague accross the world through our games lol.

Your reply is very enlightening and I appreciate you taking the time, thank you.

That could be done, but yeah. Name and bank account. And since most countries in the world have laws on the books regarding that. You'd basically have to vanish from the face of the earth. There would also be no reasonable way for anyone to detect or guard against that.

I mean it is technically possible to write a piece of code into a video game that will max out the gtpu , and cpu causing spiking temps and eventually overheating and chip damage.

Muppet among Puppets の投稿を引用：

Tycho の投稿を引用：

Maybe BattleEye and EasyAntiCheats
Oh, and they continue to work even if you close the game.

They send files and keystrokes all the time even after closing the game?

If the game doesn't properly shut them down. They are third party processes.
It's basically like punkbuster back in the days. you have to download a client side applet which communicates with the server. Some games already include it, but nothing stops you from running a server using that independent of the game.

Start_Running の投稿を引用：

I mean it is technically possible to write a piece of code into a video game that will max out the gtpu , and cpu causing spiking temps and eventually overheating and chip damage.

Actually, that would only show that the thermal management on the hardware doesm't work.