[dubcanada]

Makes sense to me. For example if you play warcraft 3, and you visit Shadow French all the time. You are most likely a hacker. Obviously that doesn't seem to be the only check they do. But it's a very easy one. And they would only need to keep a list of common "game hacking" sites and check it.

So far there seems to be zero evidence that this is used to send data to valve.

[kbuck]

I don't think this was made to capture people just visiting cheat sites. Elsewhere I've heard people mentioning that this functionality exists to detect a new and evolving set of cheats wherein you enter credentials into an innocuous-looking executable and start up a game. In the background, this executable connects to a cheat distribution server, authenticates you, and live-patches whatever game you're playing. The DNS hosts they're looking for are these endpoints.

Is this a reasonable way of detecting cheats? In my opinion, yes. They can't send the hostnames to the client (even in hashed format), because then the cheat authors could see if their hostname(s) are listed and subsequently change them, even if the list sent to the client is hashed (they'd just have to run their own hostnames through the same hashing function). Having my DNS cache sent to VALVe and used (likely ephemerally) is a small price to pay for multiplayer games that I enjoy to continue to be fun.

[makomk]

It's a terribly ineffective way of detecting cheats - all the executable has to do is carry out its own DNS lookups directly without going through the cache and Valve won't see anything amiss.

[kjackson2012]

So, now you can be banned by Valve because of a thought crime? Shouldn't you actually be cheating to be kicked off the network, instead of just reading up on it? What if you visit a Warcraft 3 fan site that has href to images on Shadow French or other thought crime sites? Won't that show up in your DNS cache as well? (Answer: yes it will)

[ehPReth]

You wouldn't even have to consciously visit a cheating site to have it in your DNS cache. For example: someone could embed an image hosted on said cheating site in their signature on a popular gaming forum and you'd have it in your cache