SketchySeaBeast

joined 2 years ago
[–] SketchySeaBeast 2 points 3 weeks ago

The phone numbers I guess kind of have been, but they don't seem to be linked to an account, and the codes are useless. I think at worst people with those numbers might need to prepare for focused phishing attempts to get more info from them.

[–] SketchySeaBeast 2 points 3 weeks ago (1 children)

Well, no, but if they were plaintext it wouldn't matter what they are. Regardless, I'm sure they are hashed and salted, and I'm not worried about my unique 64 character password being compromised by a dictionary attack.

[–] SketchySeaBeast 2 points 3 weeks ago (1 children)

And here's an article saying otherwise.

https://www.vg247.com/steam-vendor-data-breach-passwords-89-million-users-dark-web

Again, the panic smells rotten because Steam should not have a plaintext copy of your password, it should be hashed, and there's just no way steam isn't doing that.

[–] SketchySeaBeast 1 points 3 weeks ago (3 children)

Who shouldn't be within a thousand feet of passwords.

[–] SketchySeaBeast 1 points 3 weeks ago (1 children)

But why would the passwords be available unhashed?

[–] SketchySeaBeast 7 points 3 weeks ago (2 children)

It's not about being stubborn, it's about having enough education and professional experience in the topic to have doubts about journalist claims.

[–] SketchySeaBeast 2 points 3 weeks ago (5 children)

I hear that being said, but how? If Steam is following best practices of the last several decades, which I'm sure it does, it doesn't have the passwords in usable form.

[–] SketchySeaBeast 14 points 3 weeks ago (34 children)

I hate articles like this. Given I am 99% certain Steam will not be storing my password in a compromisable way, what is the point of changing it?

[–] SketchySeaBeast 27 points 1 month ago

Make no sense? They all make sense:

Picture of my cat. Picture of my cat. Picture of my cat. Picture of my cat.

[–] SketchySeaBeast 14 points 2 months ago (1 children)

Yes, and at this point it's the United States' only hope.

[–] SketchySeaBeast 4 points 2 months ago

That's not why. It's the dependency trees that run a dozen layers deep and end up importing "isEven". If you're building a react app odds are good you'll import way more code than you ever write yourself.

And no one should be leaving commented-out code in their app, that's what source control is for.

view more: next ›