STEAM GROUP
Steam Broadcasting STMBRDCST
STEAM GROUP
Steam Broadcasting STMBRDCST
1,239
IN-GAME
10,354
ONLINE
Founded
December 2, 2014
Cixi Dec 2, 2014 @ 12:02pm
Completely opting out of 'broadcasting'
I have zero interest in actually broadcasting anything, but what I -do- have are privacy and security concerns.

So, what I'd really like to see is an option to -completely- opt out of the broadcasting part. So that it is never possible to broadcast, not even accidently (or for instance due to a potential bug in the steam broadcasting service).

The 'Only friends I invite can watch my games' option is not good enough for me, I want something explicit like 'Nobody can watch my games' which completely removes the possibility of streaming.
< >
Showing 31-45 of 130 comments
Sohei Dec 2, 2014 @ 10:03pm 
Originally posted by Xiro:
That goes for Steam in general. Honestly I think you're overselling your fear mongering there, buddy.
The Steam client creates some security concerns but they are very minor compared to the scale of the security risk created by this new feature. I have been involved with computer security professionally and I have experience dealing with software features creating security holes.
Last edited by Sohei; Dec 2, 2014 @ 10:12pm
Sohei Dec 2, 2014 @ 10:09pm 
Originally posted by John Caveson:
Agree with Xiro, if your Steam Client was able to be hacked without help from malicious link/programs, then many people would have already been hacked way before this was even implemented, with far more devious methods instead of just watching your screen for passwords that are starred out anyways.
Steam accounts get hacked all the time. Steam has also been attacked directly. I can't go into too much detail about these because it could be against forum rules but you can do a search on your own. This feature though has the potential to reveal personal information outside of the Steam client because of desktop viewing which is a much bigger deal than losing your account.
[FP] Dr. McKay Dec 2, 2014 @ 10:13pm 
Originally posted by Sohei:
It is just a terrible idea to have such code on your computer that could be activated by some malicious action by a third party or a bug.
You'd better uninstall your operating system then.

You guys are going way overboard here. The streaming module doesn't activate until someone requests to start watching, and if you set it invite-only, then nobody can request to start watching. Simple as that.

And even if there was an option to disable it, who's to say that this mythical bug/exploit/hacker couldn't just bypass that option? You'd need to remove the functionality entirely.

But wait, Steam also has screenshots! Who's to say that it won't screenshot your online banking and upload it to Steam Cloud?! Better remove that too.

But wait, Steam also has a self-updater! Who's to say that this mythical bug won't make Steam update itself to reenable these features. Better remove that too.

But wait, your operating system also has a self-updater! Better disable that.
Last edited by [FP] Dr. McKay; Dec 2, 2014 @ 10:18pm
The simple fact that this feature exists won't casue these security issues, bugs and poor built-in security of the client will. There are potential issues with many programs but they do not happen, becasue they are avoidable by having good built-in security

You are asking for features that functionally already exist in the form of invite only streaming. Don't invite people and no one can watch. Simple. Resources should not be being used when no one is watching you, and if they are then that should be fixed becasue I highly doubt that's intended.
Last edited by Really_Huge_Cock_Broly.jpg; Dec 2, 2014 @ 10:30pm
Sohei Dec 2, 2014 @ 10:37pm 
Originally posted by FP Dr. McKay:
even if there was an option to disable it, who's to say that this mythical bug/exploit/hacker couldn't just bypass that option? You'd need to remove the functionality entirely.

This is exactly what I suggested above. The feature should be removed from the main client entirely.

Your other flippant remarks make you appear to be naive about computer security. I do not know if that is the case or not. I have experience with computer security working in a a number of organizations that are very serious about security. So I am probably more aware of the potential risks than the average computer user and take the matter very seriously.
Last edited by Sohei; Dec 2, 2014 @ 10:38pm
Originally posted by Sohei:
This is exactly what I suggested above. The feature should be removed from the main client entirely.

That's an absolutely ridiculous request when your entire complaint is "maybe something bad will happen if Valve completely screws up and doesn't do anything to prevent these potential problems. I used a computer before I'm an expert"

Do you really think Valve doesn't have staff to deal with security in the same way you do?
Last edited by Really_Huge_Cock_Broly.jpg; Dec 2, 2014 @ 10:49pm
[FP] Dr. McKay Dec 2, 2014 @ 10:48pm 
Originally posted by Sohei:
Originally posted by FP Dr. McKay:
even if there was an option to disable it, who's to say that this mythical bug/exploit/hacker couldn't just bypass that option? You'd need to remove the functionality entirely.

This is exactly what I suggested above. The feature should be removed from the main client entirely.

Your other flippant remarks make you appear to be naive about computer security. I do not know if that is the case or not. I have experience with computer security working in a a number of organizations that are very serious about security. So I am probably more aware of the potential risks than the average computer user and take the matter very seriously.
I'm not naive, I'm just not insanely paranoid. Wanting bits and pieces of the Steam client to be separated into different forks/branches is insanity.
Sandriell Dec 2, 2014 @ 11:02pm 
I swear the number of poeple who misuse the word "hack" all the time is astounding. Steam accounts are not "hacked", they are stolen. People are careless with their passwords and in turn their accounts are accessed fruadulently. That is not hacking, its either social engineering or you have a keylogger on your system.

Additionally, the steam client itself has never been hacked, however the steam backend servers were through the website to access the forum and some databases, though passwords and credit cards are encrypted and neither was ever broken.
BDK Dec 2, 2014 @ 11:13pm 
You actually can see stuff from the overlay when you stream if you hover your mouse over stuff. Anyone with a screen grabber will be able to get that info. Security = nill with this beta.
info_intern_start Dec 2, 2014 @ 11:13pm 
I want that option too.
PvtVain Dec 2, 2014 @ 11:27pm 
Good job being paranoid.
Last edited by PvtVain; Dec 2, 2014 @ 11:28pm
Knights Dec 2, 2014 @ 11:30pm 
Relax, for now joining in the beta of Steam I'm sure they took out the disable feature just because you're contributing to testing out new things with steam. When they do release this to the public I'm sure they will have an opt out so you're not bothered by others to watch you playing...
Aesop Dec 2, 2014 @ 11:34pm 
You're being paranoid.

Do you honestly think Steam would just be like "hurr durr let's poorly implement a feature to our client with security threats!!1!!"

jeez.
Last edited by Aesop; Dec 2, 2014 @ 11:34pm
Sharky🦈 Dec 3, 2014 @ 12:03am 
Like others said, there is an option "Only friends that I invite" (... can watch). Don't invite anyone to watch and you will never stream. I do agree with the sentiment that there should be a global on/off switch though, for convenience.

Originally posted by Sohei:
[...] even if the feature is disabled with a check box it is still a major security hole simply by having the functionality exist in the Steam client code at all.

The biggest problem is that the code also allows viewing of your desktop with a checkbox option. Since the Steam client is not secure at all this could also be exploited in theory and make everything you do on your computer viewable by others. The pathetic scurity that is built into Steam is not adequate for dealing with the security risk that these new features add. Even if it was up to snuff, it would still be an unnecessary security risk.
There's easier and more lightweight (read: unnoticeable) ways to capture snapshots or video of your screen (trojans did that before it was cool). I've never heard of an exploit targeting the steam desktop client or using it as an attack vector before. The steam binary is DEP and ASLR enabled which, granted, wouldn't make it impossible but at least really really difficult for anyone to try and push malware through the client. I'd be more paranoid about downloaded programs that sneakily interact with the steamworks API, but even then - valve learned their lesson not to expose risky functions in their APIs years ago.
Originally posted by Aesop:
You're being paranoid.

Do you honestly think Steam would just be like "hurr durr let's poorly implement a feature to our client with security threats!!1!!"

jeez.

Not really paranoid, Steam has had multiple security issues in the past. One for example was a simple sniffer while in a Steam Voice Call used to expose IP addresses. Not even sure if that's fixed yet. It would be nice to see this feature be turned off completely... similar to how you can toggle in-home streaming.

you could always just close steam. That completely shuts it down :3
< >
Showing 31-45 of 130 comments
Per page: 15 30 50

Date Posted: Dec 2, 2014 @ 12:02pm
Posts: 130