Steam: No "Unauthorized Actions" On Exposed Accounts 33
The Steam bug that allowed users to see other users' account details may not have been as harmful as it first appeared. Valve said in a statement (reported on Mashable) that while cached data showed usernames, "sensitive details such as credit card numbers are automatically censored on user account pages, which mitigates the potential harm of someone having seen your personal data." From Mashable's report:
"Steam is back up and running without any known issues," Valve told Game Informer in a statement. "As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users."
Re: (Score:3)
Gabe Newell is a known democrat.
Wait, so you're telling me... (Score:2, Insightful)
That people over reacted for no reason!? What world are we living in for this to happen...
Seriously, there was never any reason for people to go crazy over this. It's not some hacking group seeing "your info", it's just other gamers around the world.
At most, your email is now on a spamming list and someone knows your home address if you let steam save that info. That's it. Nothing that you haven't already shared with spammers or on facebook at some point.
Re:Wait, so you're telling me... (Score:5, Informative)
If you had any care for email privacy anyway, you'd buy a stupendously cheap domain, activate forwarding on the catch-all, and then use a bunch of one-time addresses.
I know what address I gave Steam. I know it's never been spammed. Because only they and I know what it was. If it does get spammed, someone hacked Steam, or me, or something like this happened.
So I then generate another address, change my steam email to that, block the now-public one, and carry on with my life.
The problem with people who claim the sky is falling is that they never stop to think about how to stop it falling on them.
Re: (Score:3)
Or you could just memorize one passphrase and use something like KeePass. /sarcasm I guess Ctrl-C & Ctrl-V is too much work. :-)
> Unique passwords for each service are simply an encoding scheme that uses the service name.
The problem is some sites are so retarded to allow long passwords so one is forced to cap it at 8-12 characters.
Re: (Score:1)
Or you could just memorize one passphrase
Or you could just memorize one strong password. Passphrases are vulnerable to dictionary permutation attacks... and that's the type of attack most commonly used.
That's why you pad your passphrase with a random number of symbols. [grc.com]
Re: (Score:1)
I don't bother with one time addresses. I just create a new address based on a pattern for all signups, e.g.
nospam.slashdot@mydomain.com
That way, if slashdot gives out my email address, not only do I just can the address, but I also get to know WHO sold me out based on the destination.
Thus far, a *lot* of my spam has been to my paypal address, presumably because crappy merchants decided to add it to their mailing list after I bought some $5 part on eBay.
Re: (Score:1)
In case you haven't noticed, the people submitting articles at this site are typically paranoid, reactionary, and batshit insane.
"sensitive details" expeect your name and address (Score:3)