|
Source
VALVe's security was recently shown for what it really is; no exsistant. A hacker known as MaddoxX recently infiltrated VALVe's web servers, exposing, what should be confidential information, to the public. The hacker managed to gain root access to the server, meaning they could view anything they wanted (Including Customer Credit Card details, and even VALVe's current assets). The hacker then ripped the site and created a "Release" (http://rapidshare.com/files/24958280/CafeHomies-PROViSiON.rar.html) in an attempt to grab VALVe's attention (Who are renouned for poor security). Included in the release are all CAS/CAC files (Including certificates), proving once again that their Cafe program is not as secure as they thought. Valve has yet to fix the exploit the hacker used, and has not yet even replied to him. It has also failed to reveal to it's customers that this event even occured, even though they're private details have been exposed. Please help us to inform the public and VALVe customers of this important news.
Pretty shitty of Steam not to inform their users that their CC information was stolen.
EDIT: As mentioned later in the thread, there is new information. This is something that has been suspected for a while now.
While there was a security breach, no CC #'s have been compromised, at least, not on Valve's side.
|
|
WTF. my info better not be stolen -_-
|
excuse my ignorance
what is valve/steam?
|
On April 19 2007 07:13 HorsementalitY wrote: excuse my ignorance
what is valve/steam?
valve is used to open up pipes and let the steam out
p.s. btw how did ur excel thing about time turn out, i wasnt able to get back to you in time about ur 2nd question.
|
On April 19 2007 07:13 HorsementalitY wrote: excuse my ignorance
what is valve/steam? Valve is the creator of Half-Life and all its mods/add-ons (Counter Strike, TFC, etc). Steam is required to play on most servers (like BWLauncher, but gay).
|
On April 19 2007 07:14 yisun518 wrote:Show nested quote +On April 19 2007 07:13 HorsementalitY wrote: excuse my ignorance
what is valve/steam? valve is used to open up pipes and let the steam out p.s. btw how did ur excel thing about time turn out, i wasnt able to get back to you in time about ur 2nd question.
oops....didn't see the link for the source in the 1st post
the excel thing worked perfectly. You saved me a shit load of time! Thanks again.
|
5377 Posts
Please keep us updated if you hear that the credit card list is released.
|
Damnit, I just bought garrys mod with my cc like 2 weeks ago.
|
On April 19 2007 07:56 Apophis wrote: Damnit, I just bought garrys mod with my cc like 2 weeks ago.
Same here. I bought it a couple weeks ago and I wont be happy if they screwed something up and my card number is out there.
|
Garrys mod costs money now?
|
Garry's Mod 10 does. It think it's the first one that costs anything.
And while I'm thinking of it, are there any other sources backing this article up?
|
Steams just odd like that guys. How do we know these security flaws aren't a feature instead of a bug?
|
|
Russian Federation4235 Posts
On April 19 2007 07:26 ~AreS] wrote:Show nested quote +On April 19 2007 07:13 HorsementalitY wrote: excuse my ignorance
what is valve/steam? Valve is the creator of Half-Life and all its mods/add-ons (Counter Strike, TFC, etc). Steam is required to play on most servers (like BWLauncher, but gay). Well, this isn't true. Steam is not like BWLauncher, it is a web-integrated interface that is used by Valve to maintain its connection to it's users.
Aside from being a required tool to run any recent Valve product, Steam is also required to activate every product.
For example, you have bought Half-Life 2, the discs only contain a Steam installer and heavily encrypted game files. Steam validates your application ID, registers it on the Valve servers and, if the registration is successful(i.e. product ID is valid and is not already activated from other Steam account), gets back the keyword used do decrypt the files. This is while Half-Life 2 took approximately 4 hours to install on my computer - the encryption is very complex and the decryption process takes a long time. Steam account database, therefore, includes keywords for all Steam-integrated applications and basic data on all Valve customers.
Also it is possible to buy Valve product using Steam - you just make a web-based bank transaction and just download the game files. It means that for every customer that used Steam to purchase any Valve product, Steam database holds their credit card numbers.
This is why news of Steam being hacked are a sensation - the data leak could potentially be extremely harmful for both Valve and its customers, and the whole implementation of this system relied on the best security measures possible. Guess nothing's perfect.
|
United States37500 Posts
Nice post BluzMan. Having never played any FPS before, it was a good read to know the setup intricacies of HL2.
|
This is why giving people your cred card # is scary
|
http://www.sb-1386.com/
California SB 1386 became effective in on 1st July 2003, amending civil codes 1798.29, 1798.82 and 1798.84.. It is a serious bill, with far reaching implications.
Essentially, it requires an agency, person or business that conducts business in California and owns or licenses computerized 'personal information' to disclose any breach of security (to any resident whose unencrypted data is believed to have been disclosed).
|
|
MURICA15980 Posts
Wow... I can't believe they are refusing to tell the public about this. That is going to totally backfire.
|
|
|
|