Reminder that people have been getting DDoS'd through this game for the past four years.

The fact it seems unique to the steam version indicates to me that it's something that might require valve to assist/fix. And I don't see their incentive.

The issue lies within steam, not BHVR necessarily.

People have been getting ddos'd since before behaviour was a company as well dont forget about that.

This might not actually be true, take a look here:

I imagine majority of people have never touched this setting before, so it would be set to 'Default'

Default says that IPs are not shared unless it 'appears necessary'

Again, BHVR is not saying all reports were due to crashes. They're just saying many of the reports they received were related to a separate issue with crashes. There WERE crashing issues with the new patch, and I experienced them plenty, so it's weirder to act like THAT didn't happen. The issue is that lots of people don't know the difference, and KNOWING that the DDOS issues were happening, panicked and assumed the issues they had were related when they weren't. The non-streamer part of the playerbase is much larger than the streaming part and those were the people being addressed there.

The attacks started with Steam. They continued for some people when they switched platforms, but if they hadn't changed their IP after the first attack, changing platforms wouldn't matter.

Sorry, what part of the tweet says "there were no DDOS attacks after all, it was all a bug that caused crashes"? No part, because that's not what it's saying.

That's not what it says and if you'd quell madposting instinct for half a second you'd see that.

Here is the full statement:

"We have thoroughly investigated these reports over the past week. As of yet, there is no evidence we've seen to suggest any personal IP addresses have been leaked. Many of the reports we have received correlate to a crash, which has since been fixed in our last update.

Your safety remains an utmost concern to us. 

We will continue to monitor the situation to ensure that everyone can safely enjoy the game, and we encourage anyone who may have information on this or other vulnerabilities to reach out to us."

AS OF YET = they are continuing to investigate

"there is no evidence we've seen to suggest any personal IP addresses have been leaked" = they cannot find any IP leakages in the game itself. This is all they CAN say, because the game itself is the only thing they'd be able to investigate!

They say that they received many reports that were actually related to the crashing issue, but people erroneously thought they may be related to the DDOS attacks. MANY and ALL are not the same words and do not have the same meaning.

Again reiterating that they're monitoring the situation and encouraging people to continue reporting issues they face.

None of it is dismissal. It's an honest update stating that they fixed one issue, could not find the source of another, and are still monitoring the problem.

But if the leak is not through DBD, and its through Steam as others have put forth, then they can't make that sort of claim or acknowledgement. Because they don't know. They can't go pointing the finger at other companies, it'll get them in trouble. They're saying everything is clear on their end.

You say this started happening today. You've had your internet connection knocked out multiple times in one day? Have you reported this to your ISP and gotten their confirmation that it was an attack? Do you have Steam Networking on? Have you clicked any weird links lately? There are so many ways your IP could have leaked and it's important that all avenues are properly acknowledged and investigated because otherwise people get whipped into a panic like this. It's understandable to be freaked out, and nobody's berating y'all for that. The issue is that there's too many unknowns for anyone to be able to "confirm" anything.

The tweet in their quote tweet thread is literally acknowledging the DDOSing. You remember that twitter has a character limit, right? Like, maybe they could have phrased it more clearly, but they had a character limit (btw I hate Twitter for reasons like this).

You can say it "sounded like" they said something, but they didn't. Read the tweet again. "Many" does not mean "all". I'm also not sure what your third sentence is trying to convey, sorry. I believe you that your internet crashed but I'm not your ISP so I can't tell you why. Report the issue to them and they can give you more information, and they might change your IP address too to further protect you.

Because that might have been the reason behind *some* of the disconnection issues. In their investigation they very well might have found a glitch that has been kicking people from their games. This does *not* mean people aren't being DDOSed. I think it's pretty clear people are being DDOSed. Anyone with half a brain cell can see it's happening.

But again, if they can't find evidence of a leak on their end then they can't go making any sort of claim. They're not going to say anything that risks any sort of lawsuit dropping on their heads.

I do believe it's a targeted attack since it seems a little too weird how it started happening again and to random players after their tweet. Some unofficial websites show crash reports of the game around the same time, conveniently in the middle of the night for EU players and during the day for US players

I never have internet problems either. Good ping, great upload, incredibly stable. ######### still happens. The only way to 100% confirm is through your ISP. The upside, though, is that they can change your IP for you, so if anyone does have your info still, you'll be better protected against them.

I'm glad turning off Steam Networking seems to have helped. I think it's weird that it's on by default anyways. I know they say the default option only shares your IP if it finds it necessary, but their page doesn't really define what it considers to be necessary. 200ms? 50ms?

Okay, so which content creator that cares so deeply about the community is going to stream without a VPN on Steam to bait out being DDOSed? I'm sorry, I meant bait out random crashing?

I cannot fathom that the solution is this simple. Would be tremendously hilarious though.

GTA online has the issue much worse from what I know anyway

The main log won't be helpful, since I did a trial match after flushing my DNS and changing my Steam Networking settings. Would the backup files work? I see 2 last updated around the time of the crashes. I might also be able to get the logs of the other player

With the greatest respect, IMHO you are approaching this from completely the wrong angle asking for users to send log files. Obtaining the software the hackers are using, either by hiring external security consultants to "infiltrate" or by purchasing it from one of their websites, might prove to resolve this a darn site quicker.

Why do I say this? Last year when I was modding for a streamer who was held hostage, prior to OTZ publicising it to the point where it could not be ignored, I had a whispered conversation with a hacker who came to gloat.... He was able to give the IP address that the streamer was using. He claimed that the software he was using to "insert" himself into a lobby with the streamer was able to show various information about people in the lobby including MMR and IP address.

Great bot reply. Why would I want to be a Fog Whisperer? I'm not a streamer. All I did was re-post what they'd already posted and broke it down fifth grade English-teacher style so people that prefer getting angry over reading no longer have a choice. There isn't a big red "fix it" button that BHVR is just refusing to press, and they are not omnipotent -- if you don't do your basic due diligence in gathering information about what you experienced, how do you expect BHVR to get that information themselves?

Giving BHVR a data log when reporting an issue is not "jumping through hoops" it's standard procedure when investigating problems. You guys have a completely cartoonish understanding of the way the world works. I've never said the issue is in no way related to BHVR, but they're not going to hold your hand and call your ISP for you.

Some random on twitter does not have "more credibility" than BHVR. I could go on there now and make a tweet about how Cote broke into my house and put his fingers in my peanut butter jars and half the playerbase would believe it because they've primed themselves to believe anything that supports their base emotional kneejerks. You are all just frustrated and taking that frustration out in the easiest way you can without actually examining the situation you're in, and it's making you shortsighted. The frustration is understandable but we are presumably all adults here and capable of working with people to solve problems instead of just expecting them to solve themselves.

Also if the issue IS with Steam Networking like... yes, turning it off is the quickest easiest way you can protect yourself, and for many people who have posted about it in these very forums, it has helped. Why you WOULDN'T flip a switch to make your life easier is beyond me.

"Some random on twitter does not have "more credibility" than BHVR."

Yes, they have. Even Otz himself gives him credibility and I doubt he would believe some random person on the internet, I don't agree with him on a lot of things but I'll accept his judgement or inner knowledge on this issue.

As far as BHVR is concerned, what exactly did they do when the Artist PTB was out and the DDOS-ing issue surfaced? They issued a warning on the forum and then...nothing. Weeks went by, months went by, years went by. I remember Pebsie advertising a VPN service after like a year where everyone long completely dropped the issue. None of the big name streamers brought it up and everyone on BHVR's side was absolutely silent, sweeping it under the rug. You had a thread asking about the DDOS situation every odd month or so. No information whatsoever, official or otherwise.

It was never addressed whether or not THAT particular leak was fixed. Or if they even admit that actually existed in the first place. They literally ignored the problem until it came back to bite them in the back. Peanits himself could reply to this post and tell us details instead of the usual corporate response of 'taking the issue very seriously' and I wouldn't believe a single word. No offense to anyone on the dev team personally, at this point I fully believe the solution is strictly hindered by a monetary problem that is not approved from the higher ups. The devs are powerless to do anything, so they are hoping that the problem will go away when people get bored of paying money for the DDOS farms since streamers are mostly protected with VPN/preferential matchmaking.

So perhaps I can shed a little bit of light. There are things where you need specific files or key to decrypt. I'm notoriously a bad explainer of things but I'll try to be clear. For instance, take HTTPS - there is a public key and a private key used to generate the certificate that website's used to encrypt the traffic. If someone gets a hold of that private key they could decrypt that traffic (or in this case log files), but assuming that they use some sort of secure encryption to encrypt the logs it would be unlikely that it would be reverse engineered that easily. Think of it also like maybe email service like protonmail, that uses end to end encryption to make it so that only you can see the content because you have the key that to decrypt it, that is unlocked by your password. Or like a password manager as well.

So a TLDR if it's encrypted securely a third-party person can't decrypt it without some sort of a key, and not in a timely manner with our processing power that we have today. I say that last part because of course all encryptions will be broken eventually, It's just a matter of time and processing power.

This is a late edit to say I misspelled end to end encryption as internet encryption