Results 1 to 11 of 11

Thread: Valve explains "Steam's troubled Christmas"

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    Valve explains "Steam's troubled Christmas"

    Sensitive user info spill was caused by flawed caching configuration used during DoS attack.
    Read more.

  2. #2
    Senior Member
    Join Date
    Dec 2013
    Posts
    3,526
    Thanks
    504
    Thanked
    468 times in 326 posts

    Re: Valve explains "Steam's troubled Christmas"

    I can't understand the mentality behind DDoS attacks, the people, and i use that term loosely, often claim it's to highlight vulnerabilities but I'm not sure what the claimed vulnerability is, if it's that their vulnerable to DDoS what exactly do they expect companies to do about that?

  3. #3
    RIP Peterb ik9000's Avatar
    Join Date
    Nov 2009
    Posts
    7,710
    Thanks
    1,842
    Thanked
    1,435 times in 1,058 posts
    • ik9000's system
      • Motherboard:
      • Asus P7H55-M/USB3
      • CPU:
      • i7-870, Prolimatech Megahalems, 2x Akasa Apache 120mm
      • Memory:
      • 4x4GB Corsair Vengeance 2133 11-11-11-27
      • Storage:
      • 2x256GB Samsung 840-Pro, 1TB Seagate 7200.12, 1TB Seagate ES.2
      • Graphics card(s):
      • Gigabyte GTX 460 1GB SuperOverClocked
      • PSU:
      • NZXT Hale 90 750w
      • Case:
      • BitFenix Survivor + Bitfenix spectre LED fans, LG BluRay R/W optical drive
      • Operating System:
      • Windows 7 Professional
      • Monitor(s):
      • Dell U2414h, U2311h 1920x1080
      • Internet:
      • 200Mb/s Fibre and 4G wifi

    Re: Valve explains "Steam's troubled Christmas"

    so did this stop people playing their games over Christmas?

  4. #4
    Senior Member
    Join Date
    Mar 2007
    Location
    Aberlour, NE Scotland
    Posts
    609
    Thanks
    16
    Thanked
    27 times in 26 posts
    • pastymuncher's system
      • Motherboard:
      • Gigabyte Z390 Aorus Pro
      • CPU:
      • i5 9600K @ 5Ghz
      • Memory:
      • 16Gb Gskill Trident 3866mhz
      • Storage:
      • 250Gb Samsung 970 Evo Polaris+960GB Corsair MP510
      • Graphics card(s):
      • Inno3D GTX1070 iChill Air Boss X3
      • PSU:
      • BeQuiet Straight Power 11 550w
      • Case:
      • Self built desk mod
      • Operating System:
      • Windows 10 Pro 64bit
      • Monitor(s):
      • Dell S2716DG Rev A04
      • Internet:
      • BT Fibre

    Re: Valve explains "Steam's troubled Christmas"

    I think it only affected the store side of steam which has been buggy as hell all through the sale anyway.

  5. Received thanks from:

    ik9000 (31-12-2015)

  6. #5
    Registered+
    Join Date
    Feb 2011
    Posts
    15
    Thanks
    0
    Thanked
    0 times in 0 posts

    Re: Valve explains "Steam's troubled Christmas"

    Quote Originally Posted by ik9000 View Post
    so did this stop people playing their games over Christmas?
    No.I played over the holiday. It was only the store that was affected.

  7. #6
    Registered+
    Join Date
    Jan 2016
    Posts
    20
    Thanks
    0
    Thanked
    1 time in 1 post

    Re: Valve explains "Steam's troubled Christmas"

    I think it's good that they are going to individually address to each victim, but taking so long to communicate with the community (it's the lack of communication which caused the ****storm on Reddit and Twitter more than the **** up) really damaged valves reputation

  8. #7
    Senior Member
    Join Date
    Jun 2012
    Location
    Earth
    Posts
    279
    Thanks
    12
    Thanked
    25 times in 16 posts

    Re: Valve explains "Steam's troubled Christmas"

    If any of this is incoherent or rambles on, I apologise, very tired here

    More excuses, and still no apologies.

    If you want to know to which extent the breach of privacy was, attempt to purchase something from steam, and proceed to the checkout page. The information on my account include the last 2 numbers of my visa, the last 4 of which are viewable on a different page, my full name, full address, home phone number and even my steam account name.

    I know for sure you could see up to this amount of personal information as I was attempting to purchase a game during the error and managed to get that far. Clicking on purchase did nothing, but the information was still visible.

    Valve also appears to be blaming one of their caching partners, but change controls in these environments are usually frozen over Christmas, so no changes would have taken place unless it was performed by Valve remotely or the third party was requested to do so by Valve as a matter of urgency. Changes need to go through certain boards to determine the possible risks and to provide instructions in the event of such a change failing, which is usually to reverse all changes which is why changes over Christmas are not common.

    Valve just seems to be repeating 'DDOS' in the hopes that they can shift blame to "hackers" rather than themselves, but all the DDOS did was to increase traffic making valve systems use of more caching servers to balance the load - the underlying issue had to have already been there and was overlooked so their security practices are certainly in question now.

  9. #8
    Ryzen Master race outwar6010's Avatar
    Join Date
    Oct 2011
    Location
    Londinium
    Posts
    1,965
    Thanks
    429
    Thanked
    240 times in 160 posts
    • outwar6010's system
      • Motherboard:
      • asus Crosshair x370
      • CPU:
      • 1800x @ 4ghz
      • Memory:
      • Team Group Dark Pro Edition 16GB (2X8GB) DDR4 PC4-25600C14 3200MHZ
      • Storage:
      • More than most
      • Graphics card(s):
      • evga 1080ti
      • PSU:
      • corsair ax 760
      • Case:
      • Corsair 900d
      • Operating System:
      • windows 10 pro 64 bit
      • Monitor(s):
      • hp omen 32
      • Internet:
      • Bt infinite

    Re: Valve explains "Steam's troubled Christmas"

    Didn't total biscuit say there wasn't a ddos but a dodgy update to the client and messed up the caching.....
    "A society grows great when old men plant trees whose shade they know they shall never sit in."


  10. #9
    Senior Member
    Join Date
    Jun 2012
    Location
    Earth
    Posts
    279
    Thanks
    12
    Thanked
    25 times in 16 posts

    Re: Valve explains "Steam's troubled Christmas"

    Quote Originally Posted by outwar6010 View Post
    Didn't total biscuit say there wasn't a ddos but a dodgy update to the client and messed up the caching.....
    Apparently they deployed configurations as a response to the dos attacks, but they still made the error themselves. I'm not sure exactly what TB said, but he is technically correct in saying that this was not caused by a dos attack, as this was in response to the attacks by the sound of it.

    " During the Christmas attack, traffic to the Steam store increased 2000% over the average traffic during the Steam Sale.

    In response to this specific attack, caching rules managed by a Steam web caching partner were deployed in order to both minimize the impact on Steam Store servers and continue to route legitimate user traffic. During the second wave of this attack, a second caching configuration was deployed that incorrectly cached web traffic for authenticated users. "

  11. #10
    Senior Member
    Join Date
    Mar 2007
    Location
    Aberlour, NE Scotland
    Posts
    609
    Thanks
    16
    Thanked
    27 times in 26 posts
    • pastymuncher's system
      • Motherboard:
      • Gigabyte Z390 Aorus Pro
      • CPU:
      • i5 9600K @ 5Ghz
      • Memory:
      • 16Gb Gskill Trident 3866mhz
      • Storage:
      • 250Gb Samsung 970 Evo Polaris+960GB Corsair MP510
      • Graphics card(s):
      • Inno3D GTX1070 iChill Air Boss X3
      • PSU:
      • BeQuiet Straight Power 11 550w
      • Case:
      • Self built desk mod
      • Operating System:
      • Windows 10 Pro 64bit
      • Monitor(s):
      • Dell S2716DG Rev A04
      • Internet:
      • BT Fibre

    Re: Valve explains "Steam's troubled Christmas"

    It's about time that the authorities came down extremely hard on data breaches. It's not just Valve, there have been many high profile data breaches over the past couple of years and these companies either get off scot free or get a small fine. They need to be hit and hit hard with big fines so that they get it into their heads that this is unacceptable and cannot go on. These companies have so much information about us and it's about time they locked everything down tight so that no matter what goes wrong, whether it's a hack attack, software/hardware fault or even human error that nobodys information is revealed, accessed or downloaded by anybody. If it cost's them money then tough, that's the way they have decided to do business so they need to protect our information and if they don't then they need to be hit in the pocket where it hurts.

  12. #11
    RIP Peterb ik9000's Avatar
    Join Date
    Nov 2009
    Posts
    7,710
    Thanks
    1,842
    Thanked
    1,435 times in 1,058 posts
    • ik9000's system
      • Motherboard:
      • Asus P7H55-M/USB3
      • CPU:
      • i7-870, Prolimatech Megahalems, 2x Akasa Apache 120mm
      • Memory:
      • 4x4GB Corsair Vengeance 2133 11-11-11-27
      • Storage:
      • 2x256GB Samsung 840-Pro, 1TB Seagate 7200.12, 1TB Seagate ES.2
      • Graphics card(s):
      • Gigabyte GTX 460 1GB SuperOverClocked
      • PSU:
      • NZXT Hale 90 750w
      • Case:
      • BitFenix Survivor + Bitfenix spectre LED fans, LG BluRay R/W optical drive
      • Operating System:
      • Windows 7 Professional
      • Monitor(s):
      • Dell U2414h, U2311h 1920x1080
      • Internet:
      • 200Mb/s Fibre and 4G wifi

    Re: Valve explains "Steam's troubled Christmas"

    Quote Originally Posted by pastymuncher View Post
    and if they don't then they need to be hit in the pocket where it hurts.
    I agree. however it is worth pointing out that the cost will simply be passed on to end users. At which point people then belly ache about the increased costs. Quality, cost, time/efficiency. choose two, but you can't have all three.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •