all replys from: Omnix " Admin-Pucksbusted.com"
Source:
http://www.punksbusted.com/forums/in...opic=21151&hl=
It might not surprise you to know that it was a cheat writer who wrote the above.
I'll pick out a few points.
Quote:
|
While in the past PB would only scan for running processes, it is now actively scanning the hard drive, and looking for .txt files in certain folders.
|
reply:
As I'll come onto, these are the extra MD5Tool checks that we distribute for our members. They look for particular files in the game directory. Only the game directory.
Quote:
|
It was logged with ethereal that punkbuster actually SENT the contents of a txt file to its servers (presumably for further investigation) Now while in this case it wasnt a huge issue, as the text file was just some install data for a codec, it could have been much more serious. (Think tax information, Social securitys #’s, Finances, etc..)
|
reply:
PunkBuster sends a 2KB hash of the file to the server. As any self-respecting programmer will tell you, a hash is a one-way process and the original contents of the file are not recoverable.
Secondly, the checks we use are looking for specific files in the game directory with cheat names. They are not hunting around your computer for "tax information", "finances" etc - this is emotive language to try and grab attention. People do not keep their finances in the BF2 install directory with the same name as popular cheats. If that happens, then you will get kicked and a hash of the file taken. The original information is not sent.
Quote:
|
While the streams of “dialog” arent exactly open between myself and punkbuster, I consider this to be a huge breach of trust with the public.
|
reply:
Of course they're not open. He writes cheats for a living and regularly gets banned because of it. Funnily enough because of breaches of the EULA - not to mention his numerous breaches of trust with his customers.
Quote:
|
The fact that PB is even actively scanning text files is a huge security issue that needs to be addressed, as it isnt even scanning inside the bf2 folder, it is computer wide, and any file that becomes ‘flagged’ is uploaded to PB.
|
reply:
This is totally false. The checks, as taken in the screenshot can only be searched for in the game directory. It's how it works. It is hardly new either - he's just slow to the game.
Quote:
|
Here is a screenshot showing a passive scan while searching for a .txt file.
|
Reply:
The screenshot in question was a section of a BF2 server log showing our MD5Tool list loaded. This is full of popular cheat names, not "Finances 2006.txt".
As for the EULA, this particular person has decided to analyse it before. You might find peel's blog entry "Legend in his own lunchtime" an amusing read as he takes the argument apart:
http://www.punksbusted.com/forums/bl...?showentry=234
Not to mention that he quotes the EULA for saying that items which PB may scan "includes, but is not limited to, devices and any files residing on the hard-drive and in the memory of the computer". Why is he suddenly surprised that this is happening?
===========================================
my reply: CHief ADFP
i only hope this clean the air on what this cheater maker is trying to sell.........by the way he is selling cheats on the internet for all to buy......get that lol no joke