All Discussions > Steam Forums > Suggestions / Ideas > Topic Details
ollie Oct 6, 2016 @ 10:46am
Block certain console commands/links being sent to Valve servers
Hey all,

I know some of you may do this, but I see it as unfair to others who don't know how to do such a thing.

When you sign in on a new PC, you are blocked from trading for 7 days, and this is fair enough right? It's to keep your account secure. However, many people, including hackers, who have access to an account on a new computer can simply add a -console tag on the end of the Steam.exe application properties, this gives people access to a console, where they can execute certain commands.

This allows people to bypass the 7 day trade ban by opening the link to a trade window in the console, they would type "open [Steam Trade Link URL Here]" and then this would allow them to bypass the ban and let them trade.

I feel that this is unfair to users who don't have the technical knowledge to do something like this. So maybe it would be possible for Valve to block regular user IPs from sending commands such as "open" to Valve servers, stopping this type of thing happening.

I look forward to reading your thoughts.
< >
Showing 1-4 of 4 comments
Tev Oct 6, 2016 @ 10:55am 
Excuse me, but how exactly does that bypass it?

You're going to enter the said URL when you press someone's [Trade Offer] -link.
#1
ollie Oct 6, 2016 @ 11:01am 
Originally posted by Teutep:
Excuse me, but how exactly does that bypass it?

You're going to enter the said URL when you press someone's [Trade Offer] -link.
It's hard to explain, but basically, it launches a second client within your basic steam client that is not registered as a part of the main steam client.

Also, sorry for the confusion here, the trade URL is not the trade link of someone else's profile. It's the URL of the actual trade client. So say you offer someone a trade in your browser (Chrome, Firefox etc), you could copy and paste the URL of that trade offer and open it via the console which henceforth opens the seperate client.

I am not just on about the bypassing of the trade ban, I'm on about Valve having a possible review as to what a user can execute in that console.

Thanks for your comment.
#2
Tev Oct 6, 2016 @ 11:14am 
That aside, don't most hackers try to obtain control of the victim's computer with malicious files in order to liquify the items out of their accounts?

While not to belittle the New Device Restriction, especially if there is indeed a way to bypass it (which I honestly still don't quite understand, but in all honesty - me understanding it or not wouldn't really make a darn difference anyway), don't the holds already take care of most of the problems that could occur to those accounts not protected with Steam Guard Mobile Authenticator?

Anyway, you might be able to be a bit more open about the issue here:
http://www.valvesoftware.com/security/
Last edited by Tev; Oct 6, 2016 @ 11:15am
#3
Satoru Oct 6, 2016 @ 12:39pm 
Opening the trade url does not magically bypass the restrictions

All that does is open the URL

At that poitn you get put into the trade confirmation, which then will explicitly tell you that the trade will be restricted. You can't bypass that with console commands because its controlled on the back end. The client does not determine if the trade is restricted or not, the server does. and no amount of console commands does anything to get around that.
#4
< >
Showing 1-4 of 4 comments
Per page: 1530 50

All Discussions > Steam Forums > Suggestions / Ideas > Topic Details
Date Posted: Oct 6, 2016 @ 10:46am
Posts: 4
Start a New Discussion

Discussions Rules and Guidelines