Steam security breached

Quote:

---

Originally Posted by xLethal

Piracy is worse for companies and legitimate customers than hacking in a general sense. Hacking can be pretty much completely mitigated, but piracy is nearly impossible to stop because the user actually owns the product and can copy it easily in many cases.

---

But, ever since they started including digital copies with just about everything, you can't really get sued unless you distribute the pirated discs. =/. Of course there's exceptions, such as software, but yknow what I mean :p

Quote:

---

Originally Posted by Jolin88

hashed and salted means uncrackable?

You can bruteforce a 8-9 letter md5 hashed password in less than an hour if you use OpenCL or CUDA and a high end gfx card

---

After cryptanalysis, SHA256 has a complexity of 2^253, whereas MD5 isn't remotely collision-resistant -- something I'd wager Steam developers took into consideration. A preimage attack might work fine against a single insecure password, but in an SQL database of potentially hundreds of thousands of accounts, your options are either to pray that a secure password hash is never encountered, or run an attack against every hash in parallel before testing the cracked forum passwords against their corresponding Steam accounts which may use different passwords altogether.

Keep track of your games and such ? Better be safe then sorry !