SketchySeaBeast

joined 2 years ago
[–] SketchySeaBeast 2 points 1 month ago

The phone numbers I guess kind of have been, but they don't seem to be linked to an account, and the codes are useless. I think at worst people with those numbers might need to prepare for focused phishing attempts to get more info from them.

[–] SketchySeaBeast 2 points 1 month ago (1 children)

Well, no, but if they were plaintext it wouldn't matter what they are. Regardless, I'm sure they are hashed and salted, and I'm not worried about my unique 64 character password being compromised by a dictionary attack.

[–] SketchySeaBeast 2 points 1 month ago (1 children)

And here's an article saying otherwise.

https://www.vg247.com/steam-vendor-data-breach-passwords-89-million-users-dark-web

Again, the panic smells rotten because Steam should not have a plaintext copy of your password, it should be hashed, and there's just no way steam isn't doing that.

[–] SketchySeaBeast 1 points 1 month ago (3 children)

Who shouldn't be within a thousand feet of passwords.

[–] SketchySeaBeast 1 points 1 month ago (1 children)

But why would the passwords be available unhashed?

[–] SketchySeaBeast 7 points 1 month ago (2 children)

It's not about being stubborn, it's about having enough education and professional experience in the topic to have doubts about journalist claims.

[–] SketchySeaBeast 2 points 1 month ago (5 children)

I hear that being said, but how? If Steam is following best practices of the last several decades, which I'm sure it does, it doesn't have the passwords in usable form.

[–] SketchySeaBeast 14 points 1 month ago (34 children)

I hate articles like this. Given I am 99% certain Steam will not be storing my password in a compromisable way, what is the point of changing it?

[–] SketchySeaBeast 27 points 2 months ago

Make no sense? They all make sense:

Picture of my cat. Picture of my cat. Picture of my cat. Picture of my cat.

[–] SketchySeaBeast 14 points 2 months ago (1 children)

Yes, and at this point it's the United States' only hope.

[–] SketchySeaBeast 4 points 2 months ago

That's not why. It's the dependency trees that run a dozen layers deep and end up importing "isEven". If you're building a react app odds are good you'll import way more code than you ever write yourself.

And no one should be leaving commented-out code in their app, that's what source control is for.

view more: next ›