Steam Security Hole Closed

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
For those of you that missed this earlier, Valve has closed that Steam security hole that was allowing anyone to hijack another person's account in minutes.

As this video demonstrates, this involved simply entering a blank in place of a required security response code, making it a trivial matter to hijack any account only by knowing a user's name. Valve says this resulted from a bug which was active between July 21-25 which has now been fixed.
 
I lucked out and didn't get hacked, not that it would have mattered in this case but I did activate the two step authentication though so hopefully that will help in the future.
 
p.i.m.p said:
and the person who made that video was hacked himself

karma biotch
Click to expand...

It's karma for exposing a gaping security flaw so that it could be patched? You really think it would have been preferable for him not to demonstrate it as proof of concept?
 
minor, at least they dont have my ssn, address..........
 
techrat said:
It's karma for exposing a gaping security flaw so that it could be patched? You really think it would have been preferable for him not to demonstrate it as proof of concept?
Click to expand...
Some people's thought processes work better than others.
 
techrat said:
It's karma for exposing a gaping security flaw so that it could be patched? You really think it would have been preferable for him not to demonstrate it as proof of concept?
Click to expand...

Well, he could have setup a new account, and then shown the video with that, rather than use his normal account.
Not so much karma as much as common sense fail.
 
You must log in or register to reply here.
Back
Top