1 edit | bah My credit card! Well, I hope this is made up don't want to spend the day getting a new credit card. | |
|
 | | | Re: bah I think he only got the cc info for the cyber cafe accounts. Unless you have a cyber cafe you are probably fine. | |
|
| |  KrytorReminiscing The FuturePremium
join:2001-07-07
Indianapolis, IN | Re: bah In the Steam forums I found a forum mod reply to someone with an account question. According to the mod, Steam only keeps the last four CC digits. I imagine accounts with reoccurring payments would be different. (Cyber cafe owners?) | |
|
| | | | | Re: bah Valve forum moderators largely don't have a clue what they are talking about..
In this case, they are definitely wrong though. | |
|
| | | | | | Re: bah You, Ive seen you before. Are you that sourceforts developer? | |
|
|  BIGMIKEPremium
join:2002-06-07
Westminster, CA | Bank of America on line Banking temporary credit card numbers, with expiration dates.
--
Type "miserable failure" in Google | |
|
 yockTFTCPremium
join:2000-11-21
Miamisburg, OH
kudos:3 | Sure Sounds Like BS Some random user finds critical Steam "login" information in a file? What file? Where did he login? Steam? Is he asserting that Valve's customer data is accessible from the internet simply with a certain set of Steam login credentials?
I'll believe it when I see it.
--
Laughter is the closest distance between two people. --Victor Borge
"The opposite of war isn't peace, it's creation." | |
|
| | | Re: Sure Sounds Like BS I agree. I think this guy is just looking for some attention and to slime Valve in the process.
"I was browsing some stuff, came across this, found some files." Yeah, that's the ticket! | |
|
|  FiLPremium
join:2005-08-16
Silver Spring, MD | Wait, wait, wait.
You mean to tell me that it's NOT possible to "hack" into database servers where this kind of info gets stored? As if Microsoft and the friggin' GOVERNMENT don't ever get their information stolen through "hacking"?
This is very possible. Did this guy get any infomation on customers? Maybe, maybe not. But you can't possibly be like "he hacked into a secure system from his home? Yea Right!"
Attempts like that happend everyday. | |
|
| | yockTFTCPremium
join:2000-11-21
Miamisburg, OH
kudos:3 | Re: Sure Sounds Like BS Don't be silly, of course it's possible. This just sounds like a load of BS to me. Read this post, the poster there echos my feelings about the situation exactly.
--
Laughter is the closest distance between two people. --Victor Borge
"The opposite of war isn't peace, it's creation." | |
|
xbbdc
join:2005-06-30
Hollywood, FL | maddoxx he is not a random user, he's been hacking valve since steam came out. he's cracked it in almost every way possible. this is by no means a "random user" at all. | |
|
| |
|  ThrowDemsOutIf you can't convince 'em, confuse 'emPremium
join:2002-03-03
Mullica Hill, NJ
kudos:4 | said by xbbdc:he is not a random user, he's been hacking valve since steam came out. he's cracked it in almost every way possible. this is by no means a "random user" at all. So, he is some scum hacker. I hope they track him down and throw him in prison.
--
--
My BLOG
My Web Page | |
|
| |  Uhawl-- watching --Premium
join:2000-10-21
Asylum | Re: maddoxx said by ThrowDemsOut:said by xbbdc:he is not a random user, he's been hacking valve since steam came out. he's cracked it in almost every way possible. this is by no means a "random user" at all. So, he is some scum hacker. I hope they track him down and throw him in prison. Well, I hope Valve takes the time to improve their product and thank Maddox for his efforts in "external quality control." | |
|
| |  gaforcesUnited We Stand, Divided We Fall
join:2002-04-07
Santa Cruz, CA | The bill SB 1386
would permit the notifications required by its provisions to be
delayed if a law enforcement agency determines that it would impede a
criminal investigation.
Looks like they are going for maddox.
--
The will of the people is the best law. -Ulysses S Grant | |
|
| |  Fool Steam Ahead!
Internet extortion! | |
|
| |
|
|  Ima
join:2003-10-23
Little Rock, AR | Re: Website. Maddox has been hacking Steam since it's initial release years back. You'd have thought Valve would've learned a thing or two about security after their source code for Half-Life 2 was stolen.
But apparantly that's all wishful thinking.. they're as vulnerable as ever. | |
|
| | compPremium
join:2001-08-16
Cranberry Twp, PA | Re: Website. some how i dont buy this. Also i didnt even know steam stored credit card data | |
|
| | | | | Re: Website. I would guess this is from their cyber cafe program. Only thing they have that has recurring payments. Either way seems very odd to have CC info in a plain text database but ..yea. | |
|
| | |
| |  fegulPremium
join:2004-08-23
united state | Yeah I remember him back in the Emporio release days.
--
Fegul.com | |
|
 trey_w
join:2002-07-03
Plano, TX | PCI Compliance? Can you say PCI compliance or lack of.... I believe they are required to notify customers. | |
|
| compPremium
join:2001-08-16
Cranberry Twp, PA | Re: PCI Compliance? Which is why i think this might be BS | |
|
| Derfel
join:2004-06-06
Winnipeg, MB | Should notify does not mean will notify... if they think they can handle it "in-house", then maybe they'd prefer it stay quiet. Personally, I'm contacting Steam now to tell them to delete my credit card info post haste. | |
|
| | | | Re: PCI Compliance? said by Derfel:Should notify does not mean will notify... if they think they can handle it "in-house", then maybe they'd prefer it stay quiet. Personally, I'm contacting Steam now to tell them to delete my credit card info post haste. What good would that do? If he downloaded the DB w/ your data in days ago, removing said data now would do what?
If anything you should cancel the card and get a replacement.
--
Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.
Benjamin Franklin, Historical Review of Pennsylvania, 1759 | |
|
| | Hacked I can not believe no one is bitching about the guy that hacked the system. I guess it is alright to hack into a system.  | |
|
| MADx
join:2005-05-25
Richmond, IN Reviews:
 ·Comcast
1 edit | Re: Hacked I still don't see how hacking into a system proves anything other than bragging rights for the hacker. So, the company being hack gets bad PR and embarrass, but it doesn't necessarily prove that hacking can cause a company to improve security, and if it does than the hacker will hack again and again tell this behavior is dealt with by law. | |
|
| |  envoid
join:2002-12-21
Duluth, GA | Re: Hacked hacking helps to some extent, depending on the hacker that finds the holes. a decent hacker that tells the company and does not sell the valuable data found or the route to obtain the access is good for the users and the company. | |
|
|  CPUYODA
join:2003-01-25
Johnson City, TN
·Comcast
| I've avoided HL2 for this very reason,in fact....I was in the first batch of "purges" for no reason....they reinstated me...and I got my money back.....and closed my account.
But seriously,hackers are a needed asset for security IMHO,just not the extorsionist kind | |
|
| | haha thats funny That's great, that's hilarious. I hope this is the death sentence to this crapware they've been pushing. If you used it, and game them your credit card info, well........sucks to be you. | |
|
| | | Re: haha thats funny What's "crapware" about it? Steam is about the most lenient content protection system I'm aware of. It beats the heck out of annoying activation schemes that Microsoft has latched onto or CD-ROM copy protection BS. | |
|
|  mrchrisOut and aroundPremium
join:2002-10-01
North Babylon, NY | I paid with cash in the store in Dec '04 so no worries for me.. | |
|
|
Eek2121Lovin Verizon FIOS
join:2002-10-12
Newton, NJ Reviews:
·Service Electric..
| Some questions Okay, assuming this is true (I actually read about it yesterday) I have some questions for valve.
1) Why in the HELL is credit card information stored on the same system as the hosting for steam?
2) Why is financial information for valve stored on that same system?
3) Why aren't user logins restricted by host, etc.
When i design secure payment systems, credit card information is NEVER kept on a system serving web pages of any sort. It is also heavily encrypted and no incoming connections are allowed, save a 'safe list' of hosts via SSH on a non standard port. Further more, i never store credit card information unless i absolutely need to. | |
|
 MchartFirst There.
join:2004-01-21
Gurnee, IL | Well at least.. The hackers site is now dead from being slashdotted/dugg. | |
|
| mrchrisOut and aroundPremium
join:2002-10-01
North Babylon, NY | Re: Well at least.. Still works for me. | |
|
| | MchartFirst There.
join:2004-01-21
Gurnee, IL | Re: Well at least.. said by mrchris:Still works for me. Only works for me if I wait forever, and the majority of the time it will return with a SQL error. Only worked twice after refreshing and waiting about a billion times. | |
|
moe300
join:2001-06-30
Iowa City, IA | Post deletions on steam forums... I find it funny that they are deleting posts about the hack on the steam forums so quickly. They sure as hell don't ever read the hl2dm forums for all the bugs and gameplay problems we report.... Ironic | |
|
|
|
Don't think of him as some "random user". 
·
·