Steam bug
-
Twitter users reporting logging into steam and getting into other users' accounts. I'm not near the PC at the moment can anyone confirm or deny?
.
-
-
-
Yep, seems like they're caching way too aggressively.
-
-
this is not a security breach
However, if you don't want your email address getting shown to random people from all over the internet, maybe don't go to that page.
-
I get an error trying to access the page in a browser or in Steam.
Steam helpfully renders the error text and the background in the same colour so you can only see it if you select the text.
-
Holy shit. This year's Christmas present from Valve: A random person's credit card info and email address.
-
Steam helpfully renders the error text and the background in the same colour so you can only see it if you select the text.
Ah, that's why I'm getting a blank page. I can get to my library, but I think I'll avoid my account page for a while.
-
A friend told me to log out. I think I'll just wait for this to settle down...
-
I haven't been able to visit store pages from the desktop app at all. Guessed they have load problems.
-
-
100% off on select Steam accounts! Today only!
-
Confirm, I suspect a bad deploy that's letting others see sensitive info like email, partial card numbers, money in account and wallet amount.
-
You should probably censor the email there.
-
What, you think people are going to spam someone because I posted a screenshot of their email address on an obscure internet forum?
-
@aol.com
LOL
-
You think it's appropriate to share someone else's email on an account you randomly logged in to?
-
https://www.reddit.com/r/Steam/comments/3y7r0b/do_not_login_to_any_steam_websites/
Apparently, the thing to do here is to post images of their house...
-
In case it's not obvious, a steam account + email is enough to find out a lot about a person. Seeing as this is an IT forum, we should be doing our part to respect people's privacy, even if someone else may come across the data from the original breach. We should be responsible enough to say "hey, that's kind of fucked up."
-
Apparently, the thing to do here is to post images of their house...
Like this?
http://gossipextra.com/wp-content/uploads/2013/01/bill_gates_mallet_outside.jpg
-
Apparently, the thing to do here is to post images of their house...
How do you even know about that? That thread was already dead when you joined.
Wait, let me re-phrase that question: Whose sock puppet are you?
-
Who the fuck does deploy on christmas!?
-
I suspect it was overload traffic due to so many people being off, and a caching layer was changed because some sysop guy saw the endpoint being slammed and didn't realize the ramifications of his actions of changing session cache to global cache.
-
someone has brought it up a bunch of times on the forum.
-
Yeah don't do that shit people.
-
What's the current status?
-
Fixed, apparently.
-
Misleading article title. It didn't give you account access.
-
Just FYI, your information can only be viewed if you yourself viewed it. Otherwise there's no way it could have gotten cached and shown to others. So, if you didn't view any of your account info, you're guaranteed to not be affected. Also the issue is fixed now.
-
Indeed not - it's just the title that's wrong though.
-
Goddamn, blakeyrat's pimpin' it fo-style.
-
-
Steam probably fucked up in Akamai by caching account pages and shit that shouldn't be cached (maybe they were trying to fix a load problem caused by xmas with aggressive caching?) Then after they realized "OH FUCK, THIS IS WRONG" they tried to globally purge the CDN's cache. In doing so, they probably DDoS'ed their origin servers which caused
AkamaiDiscourse to barf 504 errors for everyone.Good job Valve.
EDIT: Yep, confirmed:
"Steam is back up and running without any known issues," a Valve spokesperson told GameSpot. "As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users."
[source]
-
"Hey steam Valve guys, should we push out this untested website config on christmas day?"
"OF course, duh!!!"
"Ok boss"
"What better time to push out a config update than christmas day? On a service used to buy millions of christmas presents? DUH!"
-
Yeah, the configuration change totally wasn't in response to high demand as a result of Christmas. No siree, that's unpossible! My name is blakeyrat and I prefer to just assume that everyone else is a complete and total fuckwit!
-
-
Christmas presents are a thing, too.
-
Well yeah but the winter sale is probably why everyone was buying things.
Because HOLY CRAP LOW PRICES
-
Am I allowed to post this?
[deleted]
Let's find out!
--
Mod- PJH - Stop that Ben.
-
-
Given that it's a total fabrication, I don't see the problem.
-
Am I allowed to post this?
Given that it's a total fabrication,
Pretend or not, if we start getting into the situation where people start posting others' details we'll get to to a situation where everyone does it.
Posting your own (fake or not) - fine. Don't target others though, please.
-
-
My name is blakeyrat and I prefer to just assume that everyone else is a complete and total fuckwit!
In all fairness, that assumption will be right far more often than not.
-
Yeah, the configuration change totally wasn't in response to high demand as a result of Christmas. No siree, that's unpossible! My name is blakeyrat and I prefer to just assume that everyone else is a complete and total fuckwit!
I've used Steam since it was brand new and yes, the people who run their servers are complete and total fuckwits. The "Activity" page has an up-time average of maybe 75%. That's a generous estimate. (It's down completely as I type this, as is all the "Community" pages.) Once, they deleted all my Skyrim mods, or at least they all disappeared, then they started showing me someone else's in Chinese, then the mods miraculously re-appeared. All on the same day. I once had all my games in neat categories but every time Steam connected, it had a chance to delete a category due to bugs and over a couple months all the categories disappeared.
Yes. Yes they are total fuckwits.
-
have you heard of the word lurking?
oh, ok I admit it. I am Nagesh's sockpuppet.
-
I've used Steam since it was brand new and yes, the people who run their servers are complete and total fuckwits. The "Activity" page has an up-time average of maybe 75%. That's a generous estimate. (It's down completely as I type this, as is all the "Community" pages.) Once, they deleted all my Skyrim mods, or at least they all disappeared, then they started showing me someone else's in Chinese, then the mods miraculously re-appeared. All on the same day. I once had all my games in neat categories but every time Steam connected, it had a chance to delete a category due to bugs and over a couple months all the categories disappeared.
Yes. Yes they are total fuckwits.
In other not news, steam is completely unsuitable to manage a game library if you have more than 50 Games. Why the F do they not display the hover text (from the store page) in the game detail, but instead some 4 year old news by rock paper shotgun?
-
oh, ok I admit it. I am Nagesh's sockpuppet.
I'm just going to assume you're @morbiuswilters' re-incarnation if that's okay.
-
Not enough purple dildo for that.