Friday, November 11, 2011

Steam game service hit by hackers

The Steam video game service, used by 35 million people, has been compromised by hackers.

Its owner and operator, Valve, uncovered an intrusion into a user database while investigating a security breach of its discussion forums.

The attackers used login details from the forum hack to access a database that held ID and credit card data.

Valve said that, so far, it had no evidence that credit cards were being misused or Steam accounts abused.

Losing trust

The defacement took place on 6 November and the Steam forums were taken offline when Valve learned of the attack.

At first the firm said the discussion groups were offline for maintenance.

However, a message posted to the front page of the forums by Valve boss Gabe Newell on 10 November has revealed that the sites were shut down because of the defacement.

Valve's investigation of that incident revealed that the "the intrusion goes beyond the Steam forums".

The initial investigation showed that the attackers gained access to a Steam database that held "user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information".

Valve has not said whether this was the full database of Steam's 35 million active accounts or a subset of that total.

Mr Newell said Valve had no evidence that the encrypted credit card information or personal information on gamers had been taken. However, he added, "we are still investigating".

He said it had only discovered that a few forum accounts had been compromised and used to carry out the defacement.

But Mr Newell added that all forum users will be required to change their passwords when the discussion site re-opens, which the firm is trying to achieve as quickly as possible.

He advised users to change passwords on other accounts if they are the same as the one used for the Steam forums.

"I am truly sorry this happened, and I apologize for the inconvenience," concluded Mr Newell.

Code changes

Steam is a gaming service that lets people buy, download, play and chat about a huge variety of games, only some of which are made by Valve itself.

About 1,500 titles are currently available on Steam including Skyrim, LA Noire and Modern Warfare 3 as well as many independent and free games.

Security expert Paul Ducklin, writing on the blog of security firm Sophos, handed down advice about what to do following the breach.

He said users should change passwords, monitor credit card statements, consider removing card numbers from Valve's servers and sign up for the Steam Guard security service.

He also urged users to insist businesses take steps to make it much harder for hackers to penetrate their systems and use stolen data.

"Community pressure has persuaded many businesses to improve their password-handling code," he said.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement

Facebook privacy overhaul, report

Privacy campaigners have welcomed a report that Facebook is to ask users to opt into any changes in the way it uses their personal information.

The social network previously announced alterations to its members' settings without asking for fresh consent.

The website is changing its policy after an investigation by the US Federal Trade Commission, according to a report by the Wall Street Journal.

Facebook is not commenting on the story at this time.

The report suggests the site has also agreed to privacy audits by an independent organisation over the next 20 years.

However, it says the FTC does not prescribe how consent should be obtained.

Suspicion

"Facebook has historically been extremely resistant to transparency in its own operations, so we welcome measures that would force the company to obtain express consent of its users," said the London based advocacy group Privacy International.

"However, it seems likely that the FTC's demands will only present a temporary obstacle in the path of Facebook's ambitions to collect its users' information.

"Faced with reams of small print, most users are likely to automatically agree to policy changes, with each change bringing us one step closer to Zuckerberg's vision of a privacy-free future."

The website's founder, Mark Zuckerberg, was questioned about the firm's privacy policies on the US television network PBS' Charlie Rose show earlier this week.

"You have control over every single thing you've shared on Facebook," he said, "You can take it down."

He also said other search engines and advertising networks gather "huge amount of information" about internet users through cookies, which he claimed was "less transparent than what is happening at Facebook".



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement

Illegal game downloads 'up 20%'

Copies of CoD: MW3 Big budget games like CoD: MW3 can lose millions through illegal downloads <!-- Empty - Wide embedded hyper -->

The number of illegally downloaded video games has gone up nearly 20% in the last five years.

Figures from research firm Envisional also suggest the top five games from 2010 were pirated online almost a million times.

Industry executives are worried these figures mean a generation of people will expect to get games for free.

But some gamers dispute industry claims about how much of a problem online piracy is.

Illegal 'testing'

Newsbeat met Sam who illegally downloads around 100 titles a year and ends up buying around 50 of them.

"I buy games because I've pirated them, if I don't get to try them I never would have bothered picking them up."

Sam, who didn't want to give his surname, says he's not put off by the threat of being fined or sent to prison.

"I've never been fined. I've been doing this since I was 14 and I'm now 23.

"Games that I enjoy I purchase, ones that I don't enjoy I delete."

But the video games industry says all piracy is theft full stop and the answer lies in offering fair-priced alternatives to illegal downloads.

Andy Payne, chairman of the Association for UK Interactive Entertainment (UKIE) believes it's something the industry is already doing.

"You can be playing that game every single day for a year.

"Look at FIFA, Modern Warfare, Black Ops, those games people are playing all the time. That's great value."

Jobs threat

Earlier this year video game executives told Newsbeat online piracy costs the industry hundreds of jobs and millions of pounds.

However, UKIE is reluctant to give a similar estimate for either, saying it is nearly impossible to get an accurate figure.

It is keen though to emphasise that big blockbuster titles can cost millions of pounds to produce.

"[Some] 200, 250 people sat in a studio for two years building the latest Modern Warfare 3," says Andy Payne.

"This costs real money."



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement