We outsmarted CSGO cheaters with IdentityLogger

(mobeigi.com)

379 points mobeigi | 1 comments | 16 Oct 24 18:18 UTC | HN request time: 0.001s | source

Show context

Retr0id ◴[16 Oct 24 19:30 UTC] No.41862899[source]▶

>>41862028 (OP) #

> Wonderful, we have found a way to silently persist a cookie for each player as they join the server.

This violates GDPR, no?

Edit: It sounds like this took place before GDPR was being enforced.

replies(2): >>41863024 #>>41867747 #

kemitche ◴[16 Oct 24 19:41 UTC] No.41863024[source]▶

>>41862899 #

GDPR isn't a blanket ban on cookies. You don't require a cookie notice for strictly necessary cookies, which you have a "grounds of legitimate interest" for: https://commission.europa.eu/law/law-topic/data-protection/r...

Fraud prevention is listed as an example of a "legitimate interest."

So no, by my layman's interpretation, they would not have been bound by GDPR to notify the user of cookies or other fingerprinting used solely for anti-cheat. They'd run into trouble if they use that same ID for marketing/advertising without consent, though.

replies(2): >>41863188 #>>41863514 #

newZWhoDis ◴[16 Oct 24 20:28 UTC] No.41863514[source]▶

>>41863024 #

GDPR is toothless eurotrash.

I saw a consent form that had 72 optional, 21 “legitimate interest” cookies.

GFB

replies(2): >>41864372 #>>41867902 #

1. Ylpertnodi ◴[16 Oct 24 22:15 UTC] No.41864372[source]▶

>>41863514 #

That means gdpr is working.

↑