Valve Explains Christmas Day Issue On Steam

[heirdeux]

After nearly a week's silence, Valve finally opened up about what caused the error on Steam during Christmas. Players could see the account information of other users and sometimes saw the Steam page in a different language.

Valve Explains Christmas Day Issue On Steam : Read more

 

[nukemaster]

It was MORE than 2 hours and I could not get email(authentication or trade/community market) from steam for days after.

I am not sure what else happened, but it was strange to buy games for people and not get email confirmation and be unable to log in on other computers/browsers/ect because the confirmation emails never made it.

 

[RCguitarist]

Thanks hacking nerds. Another one of those helping society things you do all the time.

 

[10tacle]

[quotemsg=17227306,0,1293427]Thanks hacking nerds. Another one of those helping society things you do all the time. [/quotemsg]

Things like this do not make the Hacktivist community look any better, to be sure. But you also have to remember that they are not a coordinated and self-policed group. There are rogue young and up-and-comers who try and make a name for themselves or are just otherwise exploring their newfound "skills." Others are just criminals.

In any event, one of my Christmas gifts was a Steam card for Christmas, but fortunately I was out of town spending the holidays with family and was not with my gaming PC when this went down. This is one reason why I never, EVER store any credit card info online. I've been through both Sony PSN hacks, so I leave nothing to chance anymore.

 

[TechyInAZ]

It seems like Steam is always getting hit by DOS attacks. I hope that in the future, firewalls will get good enough to prevent something like this from happening.

 

[dstarr3]

Thanks hacking nerds. Another one of those helping society things you do all the time.

It reminds me of when Anonymous vowed to take down ISIS. It's like... yeah. Twitter hacking will bring down a terrorist organization, no problem. Go for it, guys. Thanks for your help. Now kindly step aside while the adults come in to do the real work.

 

[Alec Mowat]

You should thank the hacking nerds (on every site) for showing how vulnerable your info really is.

On the other hand, maybe you should reconsider how much information you allow steam to hold? I certainly wasn't going to give them my phone number for "security reasons"

 

[beayn]

[quotemsg=17227306,0,1293427]Thanks hacking nerds. Another one of those helping society things you do all the time. [/quotemsg]

There are rogue young and up-and-comers who try and make a name for themselves or are just otherwise exploring their newfound "skills." Others are just criminals.

We call these "script kiddies"

 

[Alec Mowat]

[quotemsg=17228070,0,1612573]

Thanks hacking nerds. Another one of those helping society things you do all the time.

It reminds me of when Anonymous vowed to take down ISIS. It's like... yeah. Twitter hacking will bring down a terrorist organization, no problem. Go for it, guys. Thanks for your help. Now kindly step aside while the adults come in to do the real work.[/quotemsg]

None of the accounts flagged were even ISIS accounts.
You seem to think Anonymous supports the US agenda, they do not. They troll more often than they help.

 

[dstarr3]

[quotemsg=17228070,0,1612573]

Thanks hacking nerds. Another one of those helping society things you do all the time.

It reminds me of when Anonymous vowed to take down ISIS. It's like... yeah. Twitter hacking will bring down a terrorist organization, no problem. Go for it, guys. Thanks for your help. Now kindly step aside while the adults come in to do the real work.[/quotemsg]

None of the accounts flagged were even ISIS accounts.
You seem to think Anonymous supports the US agenda, they do not. They troll more often than they help.

Oh, I'm well aware that they are trolls more than they are activists or warriors. I always laugh when a Facebook friend who's watched the Matrix one too many times gets all excited about new Anonymous threats.

 

[TechyInAZ]

[quotemsg=17228162,0,1543622]You should thank the hacking nerds (on every site) for showing how vulnerable your info really is.

On the other hand, maybe you should reconsider how much information you allow steam to hold? I certainly wasn't going to give them my phone number for "security reasons"[/quotemsg]

Agreed. I don't give them any private info for both hacking reasons and because steam doesn't need to know.

 

[alidan]

[quotemsg=17228070,0,1612573]

Thanks hacking nerds. Another one of those helping society things you do all the time.

It reminds me of when Anonymous vowed to take down ISIS. It's like... yeah. Twitter hacking will bring down a terrorist organization, no problem. Go for it, guys. Thanks for your help. Now kindly step aside while the adults come in to do the real work.[/quotemsg]

None of the accounts flagged were even ISIS accounts.
You seem to think Anonymous supports the US agenda, they do not. They troll more often than they help.

Oh, I'm well aware that they are trolls more than they are activists or warriors. I always laugh when a Facebook friend who's watched the Matrix one too many times gets all excited about new Anonymous threats.

its still always fun to see what they will do next.

 

[UltraFireFX]

Are you telling us it was just a high fluctuation of traffic or a real DDOS attack? Lots of people redeeming cards is not a DDOS attack.

 

[LookItsRain]

Still hilarious how these "hackers" think DDOS is "hacking".

You should thank the hacking nerds (on every site) for showing how vulnerable your info really is.

On the other hand, maybe you should reconsider how much information you allow steam to hold? I certainly wasn't going to give them my phone number for "security reasons"

So with this logic, i could tell you how good of a doctor i know, and shoot you in the leg so you know he is a good doctor after he might fix your leg. Real "hackers" (DDOS isnt even hacking( can help companies with security flaws without bringing down services thousands of people use. They only bring down services to make them fell better about themselves.

 

[UltraFireFX]

[quotemsg=17233687,0,1333631]Still hilarious how these "hackers" think DDOS is "hacking".

You should thank the hacking nerds (on every site) for showing how vulnerable your info really is.

On the other hand, maybe you should reconsider how much information you allow steam to hold? I certainly wasn't going to give them my phone number for "security reasons"

So with this logic, i could tell you how good of a doctor i know, and shoot you in the leg so you know he is a good doctor after he might fix your leg. Real "hackers" (DDOS isnt even hacking( can help companies with security flaws without bringing down services thousands of people use. They only bring down services to make them fell better about themselves.[/quotemsg]

Exactly, white-hat hackers help companies by working with them to find security flaws, but because of that black-hat hackers do, they normally go under another name (such as information technology security professionals), black-hat hackers do what they do to either get money, attention or some other form of profit (bragging rights, ect.).

 

[cats_Paw]

And then people wonder why i "Dont save my personal info for future purchases" or use "paypass" from a Debit Card.

This is bad yet not catastrophic.
Last digits from card is something that usually are printed on receipts so those would be at hand in any store you use your debit card in.
I have to say that Steam had a close to spotless record in my book till this, now, Ill simply be more careful.

 

[ammaross]

It seems like Steam is always getting hit by DOS attacks. I hope that in the future, firewalls will get good enough to prevent something like this from happening.

Even IF firewalls become able to magically drop SYN packets only from a DDOS attacker (or even a full page request, depending on how they adjust their attack to counter your magic firewall), the idea of a DDOS is to utilize all available sockets AND/OR flood an internet connection to the point of denying legitimate traffic. Even if your firewall is properly dropping packets (as they currently DO have SYN flood, etc type filters btw), it does nothing to improve your upstream bandwidth utilization. If you have a 10Gbps trunk to the internet, but are being hammered with 30Gbps of DDOS traffic, you gain nothing. It is dependent on your upstream provider assisting in stemming the tide. Once that flood is at your door (firewall), you're mostly already sunk.

 

[Alec Mowat]

[quotemsg=17255866,0,444610]

It seems like Steam is always getting hit by DOS attacks. I hope that in the future, firewalls will get good enough to prevent something like this from happening.

Even IF firewalls become able to magically drop SYN packets only from a DDOS attacker (or even a full page request, depending on how they adjust their attack to counter your magic firewall), the idea of a DDOS is to utilize all available sockets AND/OR flood an internet connection to the point of denying legitimate traffic. Even if your firewall is properly dropping packets (as they currently DO have SYN flood, etc type filters btw), it does nothing to improve your upstream bandwidth utilization. If you have a 10Gbps trunk to the internet, but are being hammered with 30Gbps of DDOS traffic, you gain nothing. It is dependent on your upstream provider assisting in stemming the tide. Once that flood is at your door (firewall), you're mostly already sunk.[/quotemsg]

This, the DDOS does not need to get passed the firewall. It just needs to ping the firewall, the firewall doesn't even have to respond. It will still clog up the inbound traffic.