forgive me if I'm wrong, but, aren't our CD keys tied to our steamid? I mean, I can't go making 15 accounts and use the same CD key in all of them. The second account will give an error stating that the CD key has already been registered to the first account.
On Fri, 17 Dec 2004 10:48:08 -0800, Darren J. Mason <[EMAIL PROTECTED]> wrote: > CDKeys can and should be used FOR verification (since we all have them, and > the internet cafes pay for them as well). Screw SteamIDs, email addys, and > everything else. Why am I thinking that WON was a way better system than > what we have now? Because Valve had a database of all our CDKEYS and it was > a hell of a lot harder to get online with a keygen'd key than it is now. > Perhaps there isn't enough money left in Valve's pretty purse to run a CDKEY > verification server now???? > > Come on fellas - how about some communication Valve! What the heck is going > [EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]&[EMAIL PROTECTED] > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] > Sent: Friday, December 17, 2004 10:22 AM > To: [EMAIL PROTECTED] > Subject: Re: [hlds] When will the "nosteam" hacks be fixed? > > The STEAM_ID databases are as secure as any other online database system, > the problem is their identification of registering users. > They use an email address to tie it to a person. > The problem isn't just the abundance of free email services. There are also > temporary email services that allow you to register with them with no > personal information, they give you a temporary email address to use > to register for a forum/ steam id / whatever. Once you register with > this address, you check the mailbox, respond to the mail in it to confirm > it is a legit address and then the account is gone a day later. > > Email should not be used for identification as one person can have as many > accounts as they please. > > CD key can't really be used as some people play from internet cafe's so they > may have loads of people registering from the same installation (unless > valve did a multi user license key that cost more but allowed an unlimited > amount of users to register from it and much stronger > authentication of the purchaser. This would still allow people to get > another ID if they used all their own ones) Or a family PC may have > several users of the same game. I suppose having a maximum of 5 users > per retail CD key would be an option as there would only be a finite number > of times someone could re-register without having to part with some cash for > another copy of the game. > > IP address changes, so that's no use. MAC address can be changed. > > CPU ID, Computers have the ability to use a unique identifier on the CPU but > the bios has the ability to disable it, so that's no use. > > Credit card number and registered billing address. Probably th most > reliable and traceable, but that limits the customer base as not everyone > has one and there is one thing companies hate doing and that is limiting > their customer base, so despite this being probably the best solution, I > doubt that valve will use it. > > Public key certificates from a trusted third party. This could work > but is just moving the problem one link further back in the chain. The > Certificate Authority still needs to identify a person and you would need to > ensure they couldn't register for more than one certificate per > person. In the long term I see a market for selling these if several > game developers used the system. It would have to be slightly > different to the current CA's around as you can register for as many > certificates as you are willing to pay for with the existing ones. > > Basically until their is an international ID card with a centrally > verifiable database (around 2048 I reckon, and half life 8 will be out then > with the same problems :) ) or the implementation of the Trusted Computer > Base, it is very hard to uniquely identify a machine or user. > The closest thing there is to a centrally identifiable card tied to a > persons address, that is internationally recognized is a credit card. > > End brain dump. > > I'd better do some real work now :) > > SlyOne > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > -- Clayton Macleod _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
