Support NeoGAF

[NotSelf]

Thanks for The Journey Down Arthea.

 

[HoosTrax]

He did let them know discretely months ago. They declined to fix it because it is purportedly not a bug. This was responsible disclosure.

They were notified months ago, apparently

Ah ok, I only read the initial comment, which didn't make it clear the timeline of events.

Some of the game developers currently selling on Steam, particularly some of the ones added since Greenlight, aren't exactly what I would call reputable, so trusting them implicitly is kind of dangerous. I mean, I expect some semblance of professionalism from AAA developers, but not necessarily some of the ones exploiting Early Access or neglecting to finish their games and cutting-and-running, for example.

 

[Mupod]

Hm, got a random steam password reset email. Reset my password anyways just to be sure, lo and behold the formatting of the REAL reset email is totally different even though the original says it's from noreply@steampowered.com. The fake reset code they gave was way longer than the real one as well. Not sure what they have to gain by sending a spam email like that, but changed my password around just to be sure...I have steam guard enabled of course.

 

[LurkerPrime]

Hm, got a random steam password reset email. Reset my password anyways just to be sure, lo and behold the formatting of the REAL reset email is totally different even though the original says it's from noreply@steampowered.com. The fake reset code they gave was way longer than the real one as well. Not sure what they have to gain by sending a spam email like that, but changed my password around just to be sure...I have steam guard enabled of course.

Probably an attempt to get you to log in on their spoof site instead of Steam after the password reset fails.

Or else it was a really sad phishing attempt, hoping you'd email them for support.

 

[JakeD]

i've always assumed that there was at least some review process that goes on in regards to a games actual content. if there isn't, i'll probably hold off on downloading certain bundle trash

 

[The_Super_Inframan]

ooooh Secret Files pack 80% off

Who Wants To Be A Millionaire 80% off on Gamersgate, unironic fuck yeah!

Stop doing mean things to my wallet

*considers to buy both packs... starts crying*

 

[Joe Molotov]

i've always assumed that there was at least some review process that goes on in regards to a games actual content. if there isn't, i'll probably hold off on downloading certain bundle trash

Air Control says otherwise.

 

[jshackles]

i've always assumed that there was at least some review process that goes on in regards to a games actual content. if there isn't, i'll probably hold off on downloading certain bundle trash

As far as I know, there is only an initial review (ie when the game originally goes up on Steam). Patches and updates don't go through the same process.

 

[nexen]

Yeah, but if a dev account is compromised, the "hacker" or whatever could both post some javascript hidden in a Community Announcements, and, like, patching one of the dev games with a full fledged virus...

So, again, if Valve is "forced" to trust devs with their games, why shouldn't they trust them with blogging privileges?

I'm admittedly out of my depth here but I would hope that Valve at the very least scans patch updates for viruses and malware. Also local antivirus/malware checkers could catch it.
While not 100% foolproof it does seem like a much more difficult path to getting what you want than the one the developer exploited.

 

[Burt]

I need wishlist suggestions! I feel like I'm walking into this week without anything that I actually want, but there has to be a ton of good stuff out there that I've just passed by.

Dark Souls 2, I guess, although I never beat the first one because I ran into some GFWL crap that I never managed/bothered to fix. Arkham Origins also comes to mind, although as much as I enjoy those games I often have trouble finding the will to finish them. Couldn't see myself spending more than $10 on Watch_Dogs. Hopefully there'll be some good indies.

 

[LurkerPrime]

I'm admittedly out of my depth here but I would hope that Valve at the very least scans patch updates for viruses and malware. Also local antivirus/malware checkers could catch it. While not 100% foolproof it does seem like a much more difficult path to getting what you want than the one the developer exploited.

Valve trusts the developers.

Especially if they develop using the Source Engine.

I need wishlist suggestions! I feel like I'm walking into this week without anything that I actually want, but there has to be a ton of good stuff out there that I've just passed by.

Dark Souls 2, I guess, although I never beat the first one because I ran into some GFWL crap that I never managed/bothered to fix. Arkham Origins also comes to mind, although as much as I enjoy those games I often have trouble finding the will to finish them. Couldn't see myself spending more than $10 on Watch_Dogs. Hopefully there'll be some good indies.

I'll assume you like RPGs, open world games, and action games. Here are some of my suggestions:

• Just Cause 2
• Sleeping Dogs
• State of Decay
• Mount&Blade Warband
• Hammerfight
• Binary Domain
• Alpha Protocol
• FEAR 1
• XCOM: Enemy Unknown and its xpac Enemy Within (for your Dark Souls-esque punishment)
• Age of Wonders 3 (Bonus good game, unrelated to your interests)

 

[ChimpanzeeThat]

FAO my fellow Brits, AoCiante on Reddit works for Currys and says that from Wednesday they are doing a deal where you can get two £20 Steam vouchers for just £30.

 

[JaseC]

I only want the single player story stuff, so dominatrix and santa

Who Wants To Be A Millionaire 80% off on Gamersgate, unironic fuck yeah!

Although, their complete pack isnt complete at all, its missing 2 DLC /rage

Did you buy the pack? I'd like to know if the South Park DLC is actually included. It was pulled from Steam yonks ago (and the Star Trek DLC followed suit back in April, but I have it already).

 

[Tizoc]

Credit isn't really relevant though, as it's comparable to Steam's "card money", not to mention that many GMG customers don't have a playfire account or don't bother with the rewards program. What matters are the discounts themselves, which have been progressively worse since GMG changed it's pricing policy and introduced the rewards system.

Actually Playfire account= GMG account now.
I get what you mean now though, I forget that not everyone uses the Playfire rewards ^^;

 

[Rhaknar]

Stop doing mean things to my wallet

*considers to buy both packs... starts crying*

the who wants to be a millionaire pack is weird. It doesnt have the videogame DLC, but its on gamersgate also 80% off

it also doesnt have a few that are on Steam, but those arent even on gamersgate (Junior, Millenium, Science Fiction DLCs)

But it DOES have the Star Trek and the South Park DLCs, which are more expensive than the rest, and are NOT on steam (anymore? I know the star trek one was during the xmas sale, its not anymore)

Did you buy the pack? I'd like to know if the South Park DLC is actually included. It was pulled from Steam yonks ago (and the Star Trek DLC followed suit back in April, but I have it already).

yes I bought it and it does have the SP dlc. its all seperate keys too. just waiting for GGs stupid "your keys will be available in 10 minutes" bullshit. WTF is that about?

 

[JaseC]

yes I bought it and it does have the SP dlc. its all seperate keys too. just waiting for GGs stupid "your keys will be available in 10 minutes" bullshit. WTF is that about?

Cheers. I'll jump on it myself, then.

 

[tav7623]

Cleaning out stuff - have at it!

Got Guacamelee!, Thanks clockworkinyou!

 

[Copons]

Well, I would assume that a person would only need access to a developer's account, not that they would need to be a developer for Steam themselves. After Heartbleed, which compromised Steam itself, they should have taken steps to fix the issue.

By punishing the ETS2 developer for revealing it, Valve was aware that the exploit could be abused. But they chose not to act, because it is easier to use security through obscurity than to actually fix the problem.

Valve's response of "We trust the developers" seems arrogant, because it suggests that Valve's judgment in accepting developers is perfect. We know that's not the case, and all we need to do to reaffirm this is take a look at the handful of games pulled from Steam for being scams or misleading.

I agree with you on the bolded paragraph, but as for the other two:

If someone gain access to a dev account, they would be able to:
1) post some javascript in a blog post;
2) publish a patch containing a virus that would be automatically pushed to anyone who has the game installed.

Now, Valve is forced to trust devs to not relase viruses or other shit.
And if they entrust devs with probably the most powerful privilege in computer science, why they shouldn't entrust them with a kinda trivial blogging one?

I guess from Valve standpoint, the ability to post javascript should be used for sort of useful stuff in devs post (IDK, like they post a table full of data and they want to have a system that alphabetically orders rows when you click on the table header, or any other "dynamic" stuff you could imagine). I mean, javascript is not harmful per se. Every single site in the world uses javascript. Enhanced Steam is pretty much all javascript.

So, I repeat: if Valve trust devs there they should easily trust them here.


Now, the problem would be if the dev is a son of a bitch in the first place, but in that case some javascript in a blog post would probably be my (and Valve's) last concern.

i've always assumed that there was at least some review process that goes on in regards to a games actual content. if there isn't, i'll probably hold off on downloading certain bundle trash

I'm admittedly out of my depth here but I would hope that Valve at the very least scans patch updates for viruses and malware. Also local antivirus/malware checkers could catch it.
While not 100% foolproof it does seem like a much more difficult path to getting what you want than the one the developer exploited.

I actually don't know this, I'm just speculating.
But really, with the sheer amount of stuff that is released on Steam everyday, if Valve needed to check every single patch devs would need years to get their updates approved to release.
Of course, a simple virus scan would be fine, but could still be worked around by someone who knows what he's doing (aka not me).

 

[Darkroronoa]

So, how "sure" we are that summer sale starts at 19? I dont want to be disappointed :/

 

[Halo 2]

So, how "sure" we are thta summer sale starts at 19? I dont want to be dissapointed :/

I've been hearing 94-97%

 

[The_Super_Inframan]

So, how "sure" we are thta summer sale starts at 19? I dont want to be dissapointed :/

It should be clear tomorrow when we know at which time the Midweek Sales end


And thanks for the info Rhaknar

 

[derExperte]

It should be clear tomorrow when we know at which time the Midweek Sales end

Or today when no weeklong deals appear.

 

[Joe Molotov]

Or today when no weeklong deals appear.

Or Thursday when the sales either start or they don't.

 

[Darkroronoa]

Or today when no weeklong deals appear.

Agony

 

[The_Super_Inframan]

Or today when no weeklong deals appear.

Right, forgot about the weeklys

 

[morningbus]

So, how "sure" we are that summer sale starts at 19? I dont want to be disappointed :/

It is either happening on the 19th or not. So 50/50.

 

[JaseC]

Spares:

I am giving away 2 Steam keys. To enter this giveaway, send a PM to ModBot with any subject line. In the body, copy and paste the entire line below that corresponds to the key you want (if you include more than one game, you will be blocked from entering).

Rules for this Giveaway:
- Do not trade keys you win off-site to enrich yourself. Don't try to claim games you have no interest in collecting or playing. Don't claim games to give them to friends off-site.
- If the key is already taken you will not receive a reply. Replies may take a minute or two:


Who Wants To Be A Millionaire? Special Editions + various DLC -- MB-BC16B3F822A9C5C2 - Taken by The_Super_Inframan
Contraption Maker -- MB-96CF844584F8328C - Taken by Chairmanchuck

 

[Authority]

This is so funny. Regarding copy protection,

• Superior Soccer had no outward signs of copy protection, but if it decided it was illegally copied, it would make the soccer ball in the game invisible, making it impossible to play the game.
• In Sid Meier's Pirates, if the player entered in the wrong information, they could still play the game, but at a level that would be very hard to make it far in the game.
• While the copy protection in Zak McKracken and the Alien Mindbenders was not hidden as such, the repercussions of missing the codes was unusual: the player would end up in jail (permanently), and the police officer would give a lengthy and condescending speech about software copying.
• In case of copied versions of Settlers 3, the iron smelters - who are essential to create weapons - would only produce pig irons, making the players inevitably lose weapons because of the lack of armour.
• Bohemia Interactive Studio developed a unique and very subtle protection system for its game Operation Flashpoint: Cold War Crisis. Dubbed FADE, if it detects an unauthorized copy, it does not inform the player immediately but instead progressively corrupts aspects of the game (such as reducing the weapon accuracy to 0) to the point that it eventually becomes unplayable. The message "Original discs don't FADE" will eventually appear if the game is detected as being an unauthorized copy. FADE is also used in ArmA II. They continued these methods in Take On Helicopters, where the screen would blur and distort when playing a pirated copy.
• More recently, Batman: Arkham Asylum implemented a copy protection system where the game disables Batman's glide system and various other features, rendering the player unable to continue beyond a certain point.
• The PC version of Grand Theft Auto IV has a copy protection that swings the camera as though the player was drunk. If the player enters a vehicle it will automatically throttle, making it difficult to steer. It also damages the vehicle, making it vulnerable to collisions and bullets. An update to the game prevented unauthorised copies from accessing the in-game Internet browser, making it impossible to finish the game as some missions involve browsing the web for objectives.
• In Earthbound, unauthorized copies of the game will trigger a checksum that makes enemy encounters appear much more often than in an authorized copy, and if the player progresses through the game without giving up (or cracks this protection), a second checksum code will activate before the final boss battle, freezing the game and deleting all the save files.
• In an unauthorized version of the PC edition of Mass Effect, the game save mechanism would not work and the in-game galactic map would cause the game to crash. As the galactic map is needed to travel to different sections of the game, the player would be stuck in the first section of the game.
• If an unauthorized version of The Sims 2 was used, the Build Mode would not work properly. Walls would not be able to be built on the player's property, which prevents the player from building any custom houses. Some furniture and clothing selections would not be available either.
• A March 2009 update to the BeeJive IM iPhone app included special functionality for users of the pirated version: the screen would read "PC LOAD LETTER" whenever the user tried to establish a connection to any IM service, then quickly switch to a YouTube clip from the movie Office Space.
• Red Alert 2 has a copy protection system, where if an illegal version of it is detected, the player's entire base is destroyed within 30 seconds of the player joining a match.
• The DS version of Michael Jackson: The Experience has a copy protection system where vuvuzela noises are heard as the music is playing, the notes are invisible, making the game impossible to play, and the game freezes upon the player pausing it.
• Older versions of Autodesk 3ds Max use a dongle for copy protection; if it is missing, the program will randomly corrupt the points of the user's model during usage, destroying their work.
• Older versions of CDRWIN used a serial number for initial copy protection. However, if this check was bypassed, a second hidden check would activate causing a random factor to be introduced into the CD burning process, producing corrupted "coaster" disks.
• Terminate, a BBS terminal package, would appear to operate normally if cracked but would insert a warning that a pirated copy was in use into the IEMSI login packet it transmitted, where the sysop of any BBS the user called could clearly read it.
• Ubik's Musik, a music creation tool for the Commodore 64, would transform into a Space Invaders game if it detected that a cartridge-based copying device had attempted to interrupt it. This combined copy protection and an easter egg, as the message that appears when it occurs is not hostile ("Plug joystick in port 1, press fire, and no more resetting/experting!")
• The Amiga version of Bomberman featured a multitap peripheral that also acted as a dongle. Data from the multitap was used to calculate the time limit of each level. If the multitap was missing, the time limit would be calculated as 0, causing the level to end immediately.
• Never Mind, a puzzle game for the Amiga, contained code that caused any pirated version of the game to behave as a demo. The game would play three levels sampled from throughout the game, and then give the message "You have completed three levels; however there are 100 levels to complete on the original disc."

• In Spyro: Year of the Dragon a character named Zoe will tell the player outside the room containing the balloon to Midday Garden Home and several other areas that they are using a pirated copy. This conversation purposely corrupts data. When corrupted, the game would not only remove stray gems and the ability to progress in certain areas but also make the final boss unbeatable, returning the player to the beginning of the game (and removing the save file at the same time) after about 8 seconds into the battle.
• The Atari Jaguar console would freeze at startup and play the sound of an enraged jaguar snarling if the inserted cartridge failed the initial security check.
• The Lenslok copy protection system gave an obvious message if the lens-coded letters were entered incorrectly, but if the user soft-reset the machine, the areas of memory occupied by the game would be flooded with the message "THANK YOU FOR YOUR INTEREST IN OUR PRODUCT. NICE TRY. LOVE BJ/NJ" to prevent the user examining leftover code to crack the protection.
• An update to the sandbox game Garry's Mod enabled a copy protection mechanism that outputs the error "Unable to shade polygon normals" if the game detects that it is pirated. The error also includes the user's Steam ID as an error ID, meaning that pirates can be identified by their Steam account when asking for help about the error on the Internet.
• The Atari version of Alternate Reality: The Dungeon would have the player's character attacked by two unbeatable "FBI Agents" if it detected a pirated version. The FBI agents would also appear when restoring a save which was created by a pirated version, even if the version restoring the save was legal.
• VGA Planets, a play-by-BBS strategy game, contained code in its server which would check all clients' submitted turns for pirated registration codes. Any player deemed to be using an illegal copy, or cheating in the game, would have random forces destroyed throughout the game by an unbeatable enemy called "The Tim Continuum" (after the game's author, Tim Wissemann). A similar commercial game, Stars!, would issue empty turn updates for players with invalid registration codes, meaning that none of their orders would ever be carried out.
• On a copied version of the original PC version of Postal, as soon as the game was started the player character would immediately shoot himself in the head.
• The pirated version of Serious Sam 3: BFE spawns a large immortal monster early on in the game.
• A pirated copy of Pokémon Black or White runs as it was normal, but the Pokémon will not gain any experience points after a battle.
• If Gyakuten Kenji 2 detects a pirated or downloaded copy of the game, it will convert the entire game's text into the game's symbol based foreign language, Borginian, which cannot be translated in any way.
• The pirated version of indie game Game Dev Tycoon, in which the player runs a game development company, will dramatically increase the piracy rate of the games the player releases to the point where no money can be made at all, and disable the player's ability to take any action against it
• In Crytek's "Crysis 3", if a player used a pirated copy of the game, they would not be able to defeat the last boss (The Alpha Ceph), thus making it impossible to beat the game since the last boss was made invincible even if a player shoots at its "weak spots". If a player wanted to fully complete the game they would have to have a legal version of the game.

 

[LurkerPrime]

I agree with you on the bolded paragraph, but as for the other two:

If someone gain access to a dev account, they would be able to:
1) post some javascript in a blog post;
2) publish a patch containing a virus that would be automatically pushed to anyone who has the game installed.

Now, Valve is forced to trust devs to not relase viruses or other shit.
And if they entrust devs with probably the most powerful privilege in computer science, why they shouldn't entrust them with a kinda trivial blogging one?

I guess from Valve standpoint, the ability to post javascript should be used for sort of useful stuff in devs post (IDK, like they post a table full of data and they want to have a system that alphabetically orders rows when you click on the table header, or any other "dynamic" stuff you could imagine). I mean, javascript is not harmful per se. Every single site in the world uses javascript. Enhanced Steam is pretty much all javascript.

So, I repeat: if Valve trust devs there they should easily trust them here.


Now, the problem would be if the dev is a son of a bitch in the first place, but in that case some javascript in a blog post would probably be my (and Valve's) last concern.

I guess in the end it comes down to improving their website and client which Valve seems.. resistent to. (For some reason the name "jshackles" comes to mind.)

This is so funny. Regarding copy protection,

• More recently, Batman: Arkham Asylum implemented a copy protection system where the game disables Batman's glide system and various other features, rendering the player unable to continue beyond a certain point.

This one is really great, because a bunch of them went to the tech support forums regarding this heinous glitch. It's akin to the Xbox Live "Why was I banned" forum.

The only bummer is if this sort of clever copy protection affected real customers. If it hasn't happened yet, it eventually will.

 

[phantomspiker]

It is either happening on the 19th or not. So 50/50.

hmmmmm, that math seems okay to me.

 

[jshackles]

Now, the problem would be if the dev is a son of a bitch in the first place, but in that case some javascript in a blog post would probably be my (and Valve's) last concern.

Not entirely. There are a surprising number of nefarious things you can do with javascript that aren't normally detected or blocked by things like a client antivirus. If they publish a patch that contains malware, it's likely to be quickly detected and blocked - though there will always be people that don't use antivirus.

I actually don't know this, I'm just speculating.
But really, with the sheer amount of stuff that is released on Steam everyday, if Valve needed to check every single patch devs would need years to get their updates approved to release.
Of course, a simple virus scan would be fine, but could still be worked around by someone who knows what he's doing (aka not me).

You would need to deliver a 0-day exploit to be successful, and even then a lot of antivirus applications use heuristic scanning methods to detect a lot of known types of exploits. As a javascript developer, I can say you're much more likely to be exploited by javascript, especially if you run a decent antivirus / antimalware solution.

EDIT: I'm not trying to scare people, I'm just helping point out that allowing things like <script> tags on community posts from developers may not be a good thing.

 

[The_Super_Inframan]

Spares:

Thanks a lot for the game!

 

[Rhaknar]

Deep Silver discounts on Gamersgate are pretty good I must say

 

[lucebuce12]

This is so funny. Regarding copy protection,

Didn't Crysis: Warhead also have a thing where you'd only shoot chickens that didn't hurt anyone if your copy was pirated?

 

[BinaryPork2737]

In order to save some summer sale money, have some games now

edited: damn, forgot rules, including free for all

Thank you for Inescapable, Arthea!

I already died ridiculous amounts of times in this room - very fun game though!

I hated this level so much. It felt like a terrible escort mission that wouldn't end because I couldn't make it past this screen for so long.

 

[nexen]

Oh, I'm LTTP but The Incredible Adventures of Van Helsing is a good game.

The controller based interface takes a hell of a lot of getting used to, but once you do it is a lot of fun.

 

[Burt]

Valve trusts the developers.

Especially if they develop using the Source Engine.



I'll assume you like RPGs, open world games, and action games. Here are some of my suggestions:

• Just Cause 2
• Sleeping Dogs
• State of Decay
• Mount&Blade Warband
• Hammerfight
• Binary Domain
• Alpha Protocol
• FEAR 1
• XCOM: Enemy Unknown and its xpac Enemy Within (for your Dark Souls-esque punishment)
• Age of Wonders 3 (Bonus good game, unrelated to your interests)

Haha thanks, but I own literally every one of those. Hence my problem

Did manage to remember South Park and Transistor though, so it's a start.

 

[jshackles]

I guess in the end it comes down to improving their website and client which Valve seems.. resistent to. (For some reason the name "jshackles" comes to mind.)

As someone who currently works in network security, I feel like my contributions to Valve in this area would be two-fold.

 

[RS4-]

All I really want is Broforce

 

[Rhaknar]

there are new Weekly deals, like Farm for your Life for example

welp...doesnt mean anything...right guys? >_>

edit: nvm its a new release, im stupid

 

[Chairmanchuck]

Spares:

Thanks.

I won so many games the past 2 weeks. Gotta give some of the love back during the Summer Sale

 

[Copons]

Not entirely. There are a surprising number of nefarious things you can do with javascript that aren't normally detected or blocked by things like a client antivirus. If they publish a patch that contains malware, it's likely to be quickly detected and blocked - though there will always be people that don't use antivirus.



You would need to deliver a 0-day exploit to be successful, and even then a lot of antivirus applications use heuristic scanning methods to detect a lot of known types of exploits. As a javascript developer, I can say you're much more likely to be exploited by javascript, especially if you run a decent antivirus / antimalware solution.

Thanks for the explanations, as my knowledge in security is extremely lacking.

But then again, my point is that the problem here shouldn't be the means provided by Valve but the maliciousness of the devs using those means.

So, while Valve should be blamed for overreacting against the ETS2 dev (and btw Valve always seemed to be super friendly with ETS2 team), I'm still not sure they should be blamed for anything else.

In some ways, could be like if tomorrow IsThereAnyDeal started to replace prices history with little boner pics, and suddenly those dicks will pop up on every Steam pages through Enhanced Steam. I wouldn't blame you for getting data from ITAD, but them for choosing boners instead of Saoirse pics.

EDIT: of course is a dumb example, but still.

 

[derExperte]

All I really want is Broforce

With the sale so close I would be (happily) surprised if the discount gets higher than it was last week.

 

[HoosTrax]

This is so funny. Regarding copy protection,

I never knew this:

In Sid Meier's Pirates, if the player entered in the wrong information, they could still play the game, but at a level that would be very hard to make it far in the game.

Now I'm half-tempted to try it with either my Steam copy or my DVD version. Just intentionally type in a wrong serial code right?

 

[BinaryPork2737]

there are new Weekly deals, like Farm for your Life for example

welp...doesnt mean anything...right guys? >_>

edit: nvm its a new release, im stupid

This sort of looks like a Harvest Moon game. Too bad it looks like it doesn't have waifus.

 

[Benedict]

according to modbot, these games are still for taking and it seems I have older ones not taken still, I had no idea, so I'll try to make updated giveaway with those too.

send a PM to ModBot

Zero Gear -- MB-F7E9939CC5830A56 - Taken by fuzzy123
Humanity Asset -- MB-7014DFAE1CE4EAB3
Nosferatu Wrath of Malachi -- MB-84E0C7DF03F32D23
Tiny & Big in Grandpa's Leftovers -- MB-97BE5D82EBEDAA2B
Lume -- MB-B5CB63AB46C717C2
Hostile Waters Antaeus Rising -- MB-1EF032A8FF7F1BCD

Grimind #2 -- MB-D493CE42C15AFBF6
Metal Drift -- MB-C1E1405ACD1CBB3E
Grimind -- MB-0DF8FB1C177E6D17
Cognition An Erica Reed Thriller 1 -- MB-F7FECF5722E46F04
Foreign Legion Multi Massacre -- MB-2A9A4D6F4C91BD44
The Journey Down Chapter 1 -- MB-06294FBDC8B4A5BA
Beatbuddy: Tale of the Guardians -- MB-9D6E148D94838F4F
Ether Vapor Remaster -- MB-B456F45E739052D3
GEARCRACK Arena -- MB-A4AEB1A2EB4EDEBB
Thomas Was Alone -- MB-F382D80290122803
Time Gentlemen Please Ben There, Dan That -- MB-1B04BF4362422588
Soulbringer #2 -- MB-E986708C55038141

edited: if I nuke some keys, should I get reply from modbot these were nuked, or not? Last time I tried to nuke keys, it didn't work, so I don't know. Or should I pm my loot again, to be sure?

Thank you for Grimind #2

 

[LurkerPrime]

Haha thanks, but I own literally every one of those. Hence my problem

Did manage to remember South Park and Transistor though, so it's a start.

Wow, ok... I can confirm that you're in a bind!

I guess your only option now is to dig deeper and dive into classic games.

Edit: Or perhaps revivals of old classics.

 

[jshackles]

Thanks for the explanations, as my knowledge in security is extremely lacking.

But then again, my point is that the problem here shouldn't be the means provided by Valve but the maliciousness of the devs using those means.

So, while Valve should be blamed for overreacting against the ETS2 dev (and btw Valve always seemed to be super friendly with ETS2 team), I'm still not sure they should be blamed for anything else.

In some ways, could be like if tomorrow IsThereAnyDeal started to replace prices history with little boner pics, and suddenly those dicks will pop up on every Steam pages through Enhanced Steam. I wouldn't blame you for getting data from ITAD, but them for choosing boners instead of Saoirse pics.

EDIT: of course is a dumb example, but still.

I agree - even though Valve closed the security hole regarding <script> tags promptly after the update for ETS2 was published with the Harlem Shake script, there are still a lot of other tags still available that can do the same thing, like onClick, onLoad, and onError properties for <img> tags. The result is the same.

And before anyone gets scared about boners showing up from Enhanced Steam, it properly sanitizes all HTML elements from the JSON results data we receive from external data sources. aka "this shouldn't ever happen"

 

[Tizoc]

Deep Silver discounts on Gamersgate are pretty good I must say

Eh I'll wait for SR4 to be $10 before I get it, that or wait for the GotY to be $15.

 

[Deques]

Spares:

I'd like to know from which bundle(s)