No announcement yet.

Steam Had A Very Rough Christmas With A Major Security Issue

  • Filter
  • Time
  • Show
Clear All
new posts

  • Steam Had A Very Rough Christmas With A Major Security Issue

    Phoronix: Steam Had A Very Rough Christmas With A Major Security Issue

    Steam has had a very rough day with first being hit by a DDoS attack and then a major security hole...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    No one is exempt from human error and while precautions should prevent such events from occurring they don't "always".

    This is a good example of a "single point of failure" be it you store your things in Dropbox, Steam, Microsoft, Google Drive, etc...

    At least out of the categories of things "Video Games" isn't top of my list of things to protect.


    • #3
      Fortunately nothing very sensitive leaked as far as we know at this moment. If someone sees my email address, the worst they can do is send me spam or sing me up on random porn sites, right? None of this has happened yet. Maybe I wasn't even cached.

      It must hurt Valve a lot more. Taking off the store in the middle of one of the the largest events in the year must cost a lot even if we only take lost sales into consideration.


      • #4
        Seems like the Grinch got caught up with the 21st century.


        • #5
          I don't think the DDoS did anything significant, though.

          Also, Valve has released an official statement: and one of their community mods posted this:


          • #6
            So the issues boils down to that the steam store was showing the wrong persons information when attempting to make a purchase. I'd say that this is just another one of those cases where we really aught to take the point home: we need a method to be able to transact value with companies like steam that does not require any information at all to sent to steam, in any way other than the transaction itself.

            You know, like bitcoin.


            • #7
              So, it explains why I wasn't able to access Steam until 1am CET


              • #8
                These problems tend to happen when people use PHP.


                • #9
                  Originally posted by Veske View Post
                  These problems tend to happen when people use PHP.

                  Veske is right. Because all, yes all, other programming languages besides PHP have a "do_not_leak_personal_info()" function in their standard library which would've prevented Steam's problem.

                  A few advanced languages even have the "fix_all_bugs_upfront_regardless_of_system_size_or _complexity()" function. But not PHP. Definitely too bad for all those PHP users.
                  Last edited by lkraav; 26 December 2015, 10:26 AM.


                  • #10
                    As regards the DDoS attack, I think many Steam users were expecting it.