From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 352 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1272 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 715 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 688 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 1909 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1400 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 1838 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 1603 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1612 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116256 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87106 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 81639 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 80003 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 70419 times Read more...
Displaying items by tag: Steam
Modern Warfare pulls in $400 million and other gaming news
Let’s talk about gaming for a little bit. In the last couple of weeks we have watched the launch of the third installment in both the Battlefield and Modern Warfare franchises. These two games have been long awaited and have already spawned more than a few comments, arguments and in some cases violence. In addition to the happy news of these two game launches we heard that Steam’s servers were hacked and some user information was accessed. Each of these has been a significant event and deserves a little time.
The first item up in our gaming recap is the incident with Steam’s servers. One of the things that has attracted users to Steam has been its perceived safety. Consumers can enter their information (credit card and billing etc) and purchase new items with relative ease. Many have also begun to enjoy the simplicity of being able to have their games installed on more than one computer without the need to tote DVDs or CD-ROMs around from machine to machine. Steam also hosts a large number of game servers and an online forum.
In one attack much of the safety and security that people felt using Steam has been crushed. When the news of this broke, before I had even read the whole article I found myself checking my credit card balance and then my account information. I am sure that more than a few people will discontinue using the service for purchases at least for the present.
Once the initial reaction passed I dug into it and found that user information was compromised. The attackers were able to gather user names, hashed and salted passwords. User purchase histories and encrypted credit card numbers were also accessible. So far Steam is saying that they do not think the encryption for the credit card numbers has been broken, but they do urge people to check their balances. This will affect Steam and now puts them into same category as the PSN and Xbox networks. Both of these have been hacked in the past with the loss of user information; looks like it is true that nothing that can be connected to via the internet is safe.
The next big gaming event was the launch of Battlefield 3. This long awaited game hit the internet to rave reviews which seemed to falter after a few people began to actually play the game. As it stands right now there are still complaints that there are areas of the game that simply cannot be gotten around unless have help. We have also heard that the game is relatively linear, but still a lot of fun. We have a copy and will be checking it out on our new gaming platform next week.
The final bit of information is the launch of Infinity Ward’s Modern Warfare 3. This game has had some very mixed reactions. These differing opinions have not stopped it from racking up about $400 million in sales so far. This is another one that we have in house and will be trying out in the coming week (we have a pressing project going right now). So far the complaints are; the single player game is too short, the graphics are still DX9 (meaning it is a console port again), some buildings and many of the textures have been reused for this game.
Still is has been an exciting couple of weeks for the gamers out there. We will bring you more information about the Steam hack as well as our thoughts on both Battlefield 3 and Modern Warfare 3 soon.
Discuss in our Forums
Steam; "Piracy is not an issue"
We have heard many comments about Steam, Vale’s distribution service these range from very bad to it is the greatest thing since the invention of the internet. Our personal feelings fall in the middle. It is a great service and has some very competitive pricing, but we would like to be able to turn a few things off from the social side and as a parent I would like to be able to monitor it a little better.
Still no matter what you think about Steam one thing cannot be denied. Steam has found a way to make money even in Russia, where the majority of games and software are pirated. How have they done this? Well they have decided not to try and stop piracy (which is impossible) but to compete head to head with it. To quote Gabe Newell "The best way to fight piracy is to create a service that people need," We would add at least a service that people want. Gabe recently spoke to Kotaku about this subject and their concerns over companies Like EA and Sony developing their own Steam-Like services. Gabe said he is not concerned about either.
The problem as Gabe sees it is that companies like EA (who has their own problems with their recent EULA mistake), Sony, and others are making their games “Worth Less” (not to be confused with worthless) by adding in more DRM restrictions to protect and monetize their games. This is often presented as a way to thwart piracy (which is, of course, impossible) but is more and more commonly meant to nickel and dime the consumer and try to make more money per game title. Instead of worrying about this type of approach Gabe thinks that companies need to provide a service to the consumers, this way they will feel the value of the game and the service behind it; "Customers want to know everything is going to be there for them no matter what: Their saved games and configurations will be there. They don't want any uncertainty." Which is what you get when you get many of today’s games uncertainty , you never know if you are going to get what you pay for or if the game will run due to restrictive DRM that is forced on you to try and “prevent piracy” (which is impossible).
Gabe also mentioned that Steam will not be standing still, as the market moves from the PC to the Console to the Integrated TV, Steam will have to evolve. To put is in his own words “"Where we are today is trivial to where we will be down the line. We need to be focusing on where we are headed."
He also goes on to say that he knows that if they make a big enough mistake Steam can fail and become nothing more than the “answer to a trivia question."
Source Kotaku
Discuss this in our Forum
EA's Origin may be a little too intrusive
Wow, file this one under both stupid and scary. It would seem that EA is seriously pushing the boundaries of acceptable behavior. Someone read the full EULA for this new service and has found a clause that is incredibly frightening. We went ahead and downloaded the installer and read and printed the EULA
Under a section marked “2. Consent to Collection and Use of Data” we found the following;
“You agree that EA may collect, use, store and transmit technical and related information that identifies your computer (including the Internet Protocol Address), operating system, Application usage (including but not limited to successful installation and/or removal), software, software usage and peripheral hardware, that may be gathered periodically to facilitate the provision of software updates, dynamically served content, product support and other services to you, including online services. EA may also use this information combined with personal information for marketing purposes and to improve our products and services. We may also share that data with our third party service providers in a form that does not personally identify you. IF YOU DO NOT WANT EA TO COLLECT, USE, STORE, TRANSMIT OR DISPLAY THE DATA DESCRIBED IN THIS SECTION, PLEASE DO NOT INSTALL OR USE THE APPLICATION.
This and all other data provided to EA and/or collected by EA in connection with your installation and use of this Application is collected, used, stored and transmitted in accordance with EA’s Privacy Policy located at www.ea.com. To the extent that anything in this section conflicts with the terms of EA’s Privacy Policy, the terms of the Privacy Policy shall control. “
Now, many companies collect hardware and peripheral data along with the installed version of the OS for a customer, but to actually say that a user’s personal information can be used for marketing is a little bit much. We could not find anything that limited this use to EA alone. In fact in EA’s Privacy Policy (section 5. On Third Party Ad Serving Technology) it says;
“We or third parties operating the advertisement serving technology may use demographic information such as age and gender as well as information logged from your hardware or device to ensure that appropriate advertising is presented within the site, online or mobile product or service and to calculate or control the number of unique and repeat views of a given ad, and/or deliver ads that relate to your interests and measure the effectiveness of ad campaigns. We or third parties may log data for this purpose including IP address (including for purposes of determining your approximate geographic location), unique device I.D., information about your software, applications and hardware, browser information (and/or information passed via your browser), hardware, machine or device make and model, advertisement(s) served, in game location, length of time an advertisement was visible, other Internet and website usage information, web pages and mobile internet sites which have been viewed by you (as well as date and time), domain type, size of the advertisement, advertisement response (if any), and angle of view. The foregoing data may be used and disclosed per this policy and the privacy policy of the company providing the ad serving technology and to other third parties in a form that does not personally identify you.”
EA then goes on to say “EA will never share your personal information with third parties without your consent. We may, however, share anonymous, non-personal, aggregated and/or public information with third parties. There may be circumstances where you may share information on your own. Please see section XI for more details about your rights to information you share publicly on EA and other third party sites and forums. You may also opt in to allow EA to share your personal information with companies and organizations that provide products or services that we believe may be of interest to you. To opt out of further communications from a marketing partner or sponsor with whom your information has been shared, please contact that partner or sponsor directly.”
The hitch here is that by clicking on the “I agree” check box you are giving your consent. We wonder how many people will be ok with this once they take a look at all of the facts. We will also be looking at EULA’s from other software distribution companies to see if theirs are any better in the next few days and will let you know what we find. For now we would advise people to take caution with Origin, it is not only the online content distribution application, but the replacement for the EA Downloader for patches and updates… This makes me consider removing some of the EA games that I have.
The Whole EULA can be seen on our forum in PDF format