Originally Posted by
dheir
Yes hacks that are external are safe...... Means BOXESP's. RPM only hacks.
By safe, I mean they are as safe as they have always been.
It seems that this guy is trying to insight a riot, while I understand being careful is good, especially around an update time. He has unfounded reasons for saying these read memory process hacks are not safe. He even says DATA offsets have changed.... They have not.
Sure some of the mem offsets changed. Not all of them, and the ones that did not change are used by RPM, we don't ever touch WPM API's so we dont push val's and offsets to the game that can trigger a ban.
Let me clarify something. If Valve, Activision, whoever, wanted to know if we were reading their process in memory they would have to either have a ring3 driver installed on our system (which is questionable morally, legally) or hook all running processes and watch for an API call to RPM for their process ( which is also questionable morally, and practically and legally).
Simply put in some parts of the world that is illegal. They are not going to do it.
Now to further understand what is going on here....
If they employed these tactics before, then they could have already caught us.
So what is the difference if they do it now?
They did not change their system to do these things... I am 99% sure of it.
1% because we saw what Sony did a few years ago with rootkits.
Themonsterman, doesn't sound very knowledgeable in this area to me. Not saying he's not smart and I'm sure he is smart in area's similar to this. But in order for Valve etc to have the ability to see us Read Memory they would have to have employed one of the two options above, or a very similar method. The did not do this. Here is how I see it...
They have created their executable to contain dummy offsets that proxy real values and also give actual results for WPM hacks. This is to trigger bans for hacks like Catalyst hacks etc. (This is my opinion, remember that). But in no way did the Data offsets change, and even if they had, say there was 2 sets of all offsets, which is ridiculous in practice, and even practicality, then what would be the difference in us reading those values or other values?
If they can't catch us reading the values.... Then why would they do that? Hence the reason that there is not two values for DATA offsets.
They can not know that we are reading those values... So hack away with your external hacks. Beware of updates, and don't use hacks after updates unless someone tells you it's OK, and is a knowledgeable person.
Another thought on this, they don't even have to know what values we are reading, but that we are reading values in their process period... Lots of programs use RPM in their routines, modules etc.... This is too risky to ban for RPM, since someone could be working on a new product like FRAPS, or something similar, they can't mass ban people because they think someone is hacking, they have to know, or a class action lawsuit will ensue. This is my opinion means that VAC2 would have to have a major overhaul, and they would have to have proper detection of hack files, whether that is a CRC or Hash of some kind. The python version of the boxesp has a random module generator, which changes the offsets of our hack everytime it runs.... How can they detect a pattern in that?