Steam possibly hacked...

[Smurf]

I have a PS3, and I wasn't affected by it at all.

[Shadedancer]

Consider the flak there have always been between the BF and COD series, I would wager the COD releasetime as being more likely as the cause of attack than Skyrim launching. There aren't any "battles" that I am aware of between Elder scrolls series and other series/studios.

It's interesting if the hackers being named by screenshots are denying it. I would have thought a thing like being able to get into Valves system would be something people would brag about if it was done at the "private hacker" level...

[Sheddy]

Steam is nothing but a grade A nightmare!

[Shadedancer]

Steam is nothing but a grade A nightmare!

I disagree. I'm pretty happy with steam to the point that I now almost excusively make my purchases through that portal.

As an effect, I now have a total of 321 games in my steam library.

Steam sales made me try out a LOT of games I prob would never have bothered with if they lay in a box in a shop.

[daylight]

Steam is nothing but a grade A nightmare!

I agree with Shadedancer,Steam is just fantastic for my gaming needs,I joined Steam a bit late(2006)and these days I could not imagine playing PC games without it.

I wonder how many new users that are whining about Steam at the moment will login around Christmas time and will be saying "Wtf....why are all these games so cheap..I mean 80% off Dead Island,75% off the full Fallout New Vegas collection,this Steam is great".

..FYI Steam has a huge sale at Christmas time and also in the Summer.

Also I have tried helping quite a few people on this forum when it comes to Steam and almost every time it is user error and not Steam's fault,people just tend to rush through things without stopping to read how Steam works,it really is not complicated,I have had 1 problem in 5 years and after a day it had sorted itself.

[x42bn6]

I wonder how many new users that are whining about Steam at the moment will login around Christmas time and will be saying "Wtf....why are all these games so cheap..I mean 80% off Dead Island,75% off the full Fallout New Vegas collection,this Steam is great".

If they are whining about Steam, why would they log in? ...

Steam's pricing means a lot of countries in Europe get ripped off anyway, so a Steam sale is actually just going to bring prices down to what they are in the retail stores.

Personally, I don't really care about new games, which is why I am still playing FM08 and PES 6.

[daylight]

If they are whining about Steam, why would they log in? ...

Steam's pricing means a lot of countries in Europe get ripped off anyway, so a Steam sale is actually just going to bring prices down to what they are in the retail stores.

I would imagine that quite a few players will not set there Steam to offline as they are always connected to the internet and just launch the game from there Steam library and when they start Steam it shows the sales on the main page.

Also your 2nd point is just wrong,I take it you have never seen a Steam sale?I picked up quite a few games in there Summer sale and checked many many other on-line stores and they were no-where near the prices Steam was offering during there sale and the retail guys can't compete when it comes to the Steam sale...Did you read that they offer games at anywhere between 50-80% off?..I have seen games that were selling at 40 Euro's being sold for 10 Euro's...how is that retail price?..I am not talking about games that are years old either....

[Jibby123]

Also I have tried helping quite a few people on this forum when it comes to Steam and almost every time it is user error and not Steam's fault,people just tend to rush through things without stopping to read how Steam works,it really is not complicated.

That's a fair point, and you can't fault SI or the users of this forum for the support they give when there is a problem, but if so many are having problems because they're doing something wrong with a 3rd party software then it's over-cooking it to say it's the user's fault imho.

Not to sound like my Grandad, but is this Steam crap really better than it used to be when you bought a game, put it in the drive, click click click and played when and where you wanted to?? I don't get it.

[daylight]

That's a fair point, and you can't fault SI or the users of this forum for the support they give when there is a problem, but if so many are having problems because they're doing something wrong with a 3rd party software then it's over-cooking it to say it's the user's fault imho.

Not to sound like my Grandad, but is this Steam crap really better than it used to be when you bought a game, put it in the drive, click click click and played when and where you wanted to?? I don't get it.

They use it to cut down on piracy and I do not see that changing for future releases,I have to honestly say if Steam was the fault for players not able to play the game then every single person would not be able to play the game as everyone has to use Steam,I understand there is a problem with the Mac release that both SI and Steam are working on but out of the 100's of thousands if not million's of copies sold only a very small percentage are having problems launching and playing the game..so yes I would say it is a user fault for almost every case.

[Jibby123]

Fair one Daylight. I completely get why SI would protect what they put the man hours in to creating. That's only right.

Blame the leeches who hack the game, but it's just not progress to me. I am computer-illiterate (so maybe I am like my Grandad ) so when somebody says "check your cache" they might as well say it in Swahili because I have to google it to understand what they're on about. It's only through loads of frustration I've just about cracked downloading skins/logo's etc.

Is it just PC games, or do X-box/Playstation games need this nause??

I have a bee in my bonnet about how "you need online access" to even play a game now. It's assuming the whole world can get online to play it and the "I'm alright jack" attitude that brings. That's not progress to me.

[daylight]

Yeah I do understand your point mate,I really do.

As you said SI have to protect there product and in this day and age if they did not then they could lose 1000's of sale's.

As for verifying your cache etc there are a lot of threads on how to do it,including 1 in the stickies on this forum,also there is a lot of info on the Steam forum about this,or you can just post a thread in this forum and I am 100% sure someone will guide a player through it.

It basically comes down to that the player is not used to using a 3rd party to play there game and are already unnerved at the fact that they have to,When I 1st used Steam I was a bit "Ohh FFS how does this work" but as I said I could not imagine having my PC gaming hobby without it.

Honestly Steam has around 4 million users on-line at any given time.....they do not get those numbers because there system does not work

[Shadedancer]

That's a fair point, and you can't fault SI or the users of this forum for the support they give when there is a problem, but if so many are having problems because they're doing something wrong with a 3rd party software then it's over-cooking it to say it's the user's fault imho.

Not to sound like my Grandad, but is this Steam crap really better than it used to be when you bought a game, put it in the drive, click click click and played when and where you wanted to?? I don't get it.

you don't have to mess around with cd's.

My ex-girlfriend used to hassle me because of the growing wall of gameboxes along the wall. It also started to annoy myself when I figured I wanted to try out a pseicific game and needed to romp through all my boxes to find the right one. I remember ending up with a huge mess where instead of having cd's organized I ended up having some organized, and some in a pile near the computer cause I used to play them often. Except that the often played ended up at some point not being often played and just became a pile of random games that were unorganized.

I've even bought some games on Steam I had hard copies of on cd's, simply because it makes things easier for me when I don't have to mess around with physical mediums.

Start up pc -> click, click, click -> play game

is alot more preferable to me than

start up pc -> rummage through gameboxes to find the game -> find out the box is empty -> try to remember where I put the cd -> find cd -> put cd in drive -> wait for the system to accept and pop up start screen -> click -> play

When I bought as physical copies only, I had to sort my games at somewhat regular intervals and figure out which ones I could live with not owning anymore and then throw them out or see if I could get a few scrapes for them at the local secondhand game store. Physical media just fills too much of my livingspace.

[grep]

NASA and FBI pcs are not impenetrable, Steam is a piece of cake for skilled hackers.

[Shadedancer]

NASA and FBI pcs are not impenetrable, Steam is a piece of cake for skilled hackers.

It was their forums, not their gameservice that got messed with. Quite a difference...

[grep]

It was their forums, not their gameservice that got messed with. Quite a difference...

You do not have knowledge in the matter. If they want to go into the gameservice section they will.

[Shadedancer]

You do not have knowledge in the matter. If they want to go into the gameservice section they will.

1) forums and game servers are totally different and even seperate different logins/passwords

2) forums was brought down asap by steam with the detectino of the hack, gameservice is up and running without any hitches at all

Sorry. You're just fearmongering for the sake of fearmongering.

The way to attack systems is to either

a) be incredible lucky at guessing

b) attack known (to you) exploits in the code

c) attack the 'human link'.

a) nobody can guard against, but the odds of it happening is in the order where becomming a multibillionare through a single lottery coupon is more likely, and more worthwhile too

b) is all about how sloppily the programs/OS-utilized were written. While nobody can know up front about all possible exploits, the chance of an exploit being utilizable in 2 vastly different systems (forums AND game servers) brings you back to the amount of 'luck' you would need for point 'a)' to happen. In other words: Not bloody likely.

c) is the easiest source to attack through, and why background checks and continued monitoring of companytime is more and more commonplace in jobs where you have responsibilities. While you can never cut out this weakness entirely, alot can be done to make it less likely, and I asume Valve are doing what they can to make sure their employees are loyal. Point 'c)' can still be exploited by making a dedicated attack on an emplyees private systems, which is likely less guarded than the corporate system, in order to unearth info.

Most likely scenario: Someone working with the forums was unlucky enough to get a malware on their system that allowed info of his/her login routines to the forums to be leaked. Working on forums from home isn't unlikely so seems plausible.

Working with the forums from home =/= working with gameservers from a protected system in a protected facility.

And given the security routines st up for regular users just using the client and forums, there's no way in hell they would have LESS security on supervisor abilities.

[wild2475]

This is the issue and one that was laughed off not that long ago by many people.

If you target the pirates they will target you, target them by bringing in Steam and they will hit your weak point, Steam

Appears to only be the Forums that were hit but based on Steam refusing to make any official response of the hack or any clarification on what the hack achieved it is kinda worrying.

Also there have been numerous sites with a range of information (some appear credible) on what the hack achieved which is even more worrying.

[x42bn6]

I would imagine that quite a few players will not set there Steam to offline as they are always connected to the internet and just launch the game from there Steam library and when they start Steam it shows the sales on the main page.

Not the point - you said that people whining about Steam would somehow log on to Steam (if they dislike something, why would they log on?) to see the sales...

Also your 2nd point is just wrong,I take it you have never seen a Steam sale?

I don't have Steam.

I picked up quite a few games in there Summer sale and checked many many other on-line stores and they were no-where near the prices Steam was offering during there sale and the retail guys can't compete when it comes to the Steam sale...Did you read that they offer games at anywhere between 50-80% off?..I have seen games that were selling at 40 Euro's being sold for 10 Euro's...how is that retail price?..I am not talking about games that are years old either....

In some parts of Europe, Steam rips off people anyway, so a huge discount is only making things "they way they should have been".

1) forums and game servers are totally different and even seperate different logins/passwords

2) forums was brought down asap by steam with the detectino of the hack, gameservice is up and running without any hitches at all

Sorry. You're just fearmongering for the sake of fearmongering.

The way to attack systems is to either

a) be incredible lucky at guessing

b) attack known (to you) exploits in the code

c) attack the 'human link'.

a) nobody can guard against, but the odds of it happening is in the order where becomming a multibillionare through a single lottery coupon is more likely, and more worthwhile too

b) is all about how sloppily the programs/OS-utilized were written. While nobody can know up front about all possible exploits, the chance of an exploit being utilizable in 2 vastly different systems (forums AND game servers) brings you back to the amount of 'luck' you would need for point 'a)' to happen. In other words: Not bloody likely.

c) is the easiest source to attack through, and why background checks and continued monitoring of companytime is more and more commonplace in jobs where you have responsibilities. While you can never cut out this weakness entirely, alot can be done to make it less likely, and I asume Valve are doing what they can to make sure their employees are loyal. Point 'c)' can still be exploited by making a dedicated attack on an emplyees private systems, which is likely less guarded than the corporate system, in order to unearth info.

Most likely scenario: Someone working with the forums was unlucky enough to get a malware on their system that allowed info of his/her login routines to the forums to be leaked. Working on forums from home isn't unlikely so seems plausible.

Working with the forums from home =/= working with gameservers from a protected system in a protected facility.

And given the security routines st up for regular users just using the client and forums, there's no way in hell they would have LESS security on supervisor abilities.

This is why the average person on the Internet gets hacked all the time. Misguided ideas on security being thrown around all the time.

The way to attack systems is to either

a) be incredible lucky at guessing

Brute force isn't a standard attack nowadays, but there's nothing "lucky" about chucking millions of guesses per minute at a system and getting a single hit.

Collision attacks and man-in-the-middle attacks can exploit luck to make things luckier than standard brute force, too.

b) attack known (to you) exploits in the code

Not really. Closed systems are unknown but get hacked all the time, due to things like SQL injection and replay attacks.

With SQL injection, you don't need to know anything about the database but with a few queries can know what to hit and eventually get juicy details.

I'd also note that systems based on open-source software are not necessarily weaker than closed-source despite the fact that the code is available to everyone and so are the exploits. All it comes down to is how well the code is written.

c) attack the 'human link'.

Fairly common but not the most reliable method, as humans are unpredictable.

[CuRvZ]

This is the issue and one that was laughed off not that long ago by many people.

If you target the pirates they will target you, target them by bringing in Steam and they will hit your weak point, Steam

Appears to only be the Forums that were hit but based on Steam refusing to make any official response of the hack or any clarification on what the hack achieved it is kinda worrying.

Also there have been numerous sites with a range of information (some appear credible) on what the hack achieved which is even more worrying.

Actually, that is nonsense. I assume that with 'pirates' you refer to the release groups cracking the games, who are actually people that hack computer software as a hobby/passion. They do not see Steam as an enemy, they see it as a challenge and the harder it is to crack the more they see it as a challenge. There also seems to be somewhat of a competition going between different release groups as to who gets a game out first. All they do is remove software protection from games, and release those.

The people hacking into websites and forums are a different crowd, and this time it seems to be made up of a group that codes cheats for games and some other nasty stuff. The people that crack the games would have absolutely no benefit from hacking into the steam forums at all, nor would they benefit from the removal of all anti-piracy measures, cuz that would leave them without stuff to crack. I honestly wouldn't know how much these different groups overlap, but they are not the same. So not to laugh it off, but this has nothing to do with pirates.

Anyway, Valve always take their time with everything, but I would also love to have an official response from them.

[grep]

1) forums and game servers are totally different and even seperate different logins/passwords

2) forums was brought down asap by steam with the detectino of the hack, gameservice is up and running without any hitches at all

Sorry. You're just fearmongering for the sake of fearmongering.

The way to attack systems is to either

a) be incredible lucky at guessing

b) attack known (to you) exploits in the code

c) attack the 'human link'.

a) nobody can guard against, but the odds of it happening is in the order where becomming a multibillionare through a single lottery coupon is more likely, and more worthwhile too

b) is all about how sloppily the programs/OS-utilized were written. While nobody can know up front about all possible exploits, the chance of an exploit being utilizable in 2 vastly different systems (forums AND game servers) brings you back to the amount of 'luck' you would need for point 'a)' to happen. In other words: Not bloody likely.

c) is the easiest source to attack through, and why background checks and continued monitoring of companytime is more and more commonplace in jobs where you have responsibilities. While you can never cut out this weakness entirely, alot can be done to make it less likely, and I asume Valve are doing what they can to make sure their employees are loyal. Point 'c)' can still be exploited by making a dedicated attack on an emplyees private systems, which is likely less guarded than the corporate system, in order to unearth info.

Most likely scenario: Someone working with the forums was unlucky enough to get a malware on their system that allowed info of his/her login routines to the forums to be leaked. Working on forums from home isn't unlikely so seems plausible.

Working with the forums from home =/= working with gameservers from a protected system in a protected facility.

And given the security routines st up for regular users just using the client and forums, there's no way in hell they would have LESS security on supervisor abilities.

Reading your post it seems Steam is safer than Fort Knox and the web world is impenetrable.

I respect your opinion but if Nasa, White House, FBI etc site have been violated I see no reason to think that Steam could be safer.

Told that, if you feel confident about that, I understand.

[CuRvZ]

Reading your post it seems Steam is safer than Fort Knox and the web world is impenetrable.

I respect your opinion but if Nasa, White House, FBI etc site have been violated I see no reason to think that Steam could be safer.

Told that, if you feel confident about that, I understand.

I think what he meant to say is that getting into Steam is very hard to achieve, and would need a considerable amount of luck (if their security is up to scratch). Nothing on the interwebs is impossible to hack, and from screenshots I have seen from the forums, it did seem like the account of one of the admins was hacked, which could be thanks to malware on his pc, or someone figuring out/guessing his password.

[grep]

I think what he meant to say is that getting into Steam is very hard to achieve, and would need a considerable amount of luck (if their security is up to scratch). Nothing on the interwebs is impossible to hack, and from screenshots I have seen from the forums, it did seem like the account of one of the admins was hacked, which could be thanks to malware on his pc, or someone figuring out/guessing his password.

Told like that I agree except one statement.

To gain credentials of a forum is of course really hard but it does not relies on luck but on skill and determination instead.

[Kriss]

As this really isn't anything to do with FM (until such time as actual accounts get hacked) and people are so damned argumentative

Closed.