Seeing Other People's Steam Accounts: The Christmas Caching Catastrophe 

"You can't sell someone a game they already own" EA: hold my business model

I may or may not have panicked and angrily emailed a German man demanding my account back. sorry German dude.

Loved how you started and ended with "Chinney Reckon". Thank you for explaining this whole debacle.

3:02 That was the moment I realized that the word "server" comes from "serve"....

Hey Tom! Thanks for the video explaining the issue. I was actually one of the guys at the MCR Creator day, great panel!

I guess you could call this problem.......................... A cache 22

"There's no point in trying to sell someone a game they already own" *Todd Howard chuckles in the distance*

People claiming that "someone" bought a load of shitty games on their accounts aren't necessarily lying, the might be just stupid. I had the brilliant Idea of adding some shitty games to someone else's wishlist and as I saw today, they endet up on mine. So if somebody tried to screw a random user by buying al lot of games for them, they might just have bought them for themselves and with their own money. Some might call this karma...

steam is always trying to sell me games I already own

“It’s Christmas, and I’m home with my family” How very 2015 of you

All the claims that people had stuff bought on their accounts are complete BS. As you said, the pages were just returning errors if you tried to change anything and credit card numbers were not leaked in full, just the last two digits. It was a pretty massive screw up, but thankfully it wasn't nearly as bad as it could have been.

Well, I have to admit: the second thing I thought of when learning of this Steam bug - right after "oh God does that mean that everybody can see my - oh wait no I'm not logged in, let's not log in" - was "I wonder if Tom Scott's gonna make a video about this". Love your stuff, as always!

Gotta love the "yes I already asked Nerd3" edit: oh look, 1200 likes after 4 years for some reason

6:38 It's sad that one of the requirements has to be "not a terrible human being"...

3kiksphillip! It looks like you two would get on together perfectly

seeing a snapshot of the steam homepage in late 2015 was an absolute treat thank you tom

I'm surprised that Steam only had 10K games in 2015 and has 30K games now. I thought it was in the millions.

This video was great. Everything explained so neatly and tying the end to the beginning was absolutely lovely. I'm gonna just have to marathon all your videos now.

"yes I already asked nerdcubed he's busy" still makes me smile to see that.

I love watching these videos. Even today, they're very useful. I'm a programmer myself, and watching these videos are great ways to make sure I don't make the same silly and devastating mistakes. I've made a few of these dumb mistakes before, and this channel (and others like it) are very entertaining and educational too. Personally, I use caches for static data. My websites are nearly always dynamically loaded. So if I was running steam, the basic boilerplate website would be sent to your browser (cached), and your browser would start running some JavaScript. This JavaScript would start loading in all the dynamic content. So, it might call the server asking for the top 100 games, and this data would be cached since top 100 won't change often. If it asked for recommended games, this data would be cached, but cached for that user only. By having all my pages split into static and dynamic content, I can cache a lot of the website. Like the page to buy a game, I can cache nearly all of the website, the image, the description, the price, all that. I just won't cache the portion that says if the game is purchased or not.

Not a terrible human being in or near London? That's a tall order friend, a tall order! I'm just kidding, I loved the time I spent working in London :P

Hey Tom, no chance you'd see this, but do you play video games, or does coding just take up your day?

I love how these videos on the one hand make me feel like a total idiot (I don't know anything about computers or the internet), but on the other hand manages to make me understand what is going on after a while.

How does such a young man, have such a wise and mature voice? I'm 25 and still sound like a kid.

I really like this channel, I really appreciate the way you go about everything with out the screaming, shouting, swearing, hating, I just really appreciate that.

I think the only thing missing was the phrase "idempotent". Requests that are eligible for caching are generally ones that are idempotent; that is, the data you get back generally won't change regardless of what state you're currently in. Overall, good video, and Happy Holidays.

I have no idea who are you are Tom, and I'm not big into your subject matter above gaming quiet a bit myself but you have the nicest delivery of any human being I have ever seen. Listening to you is like liquid velvet for my ears. Merry Belated Christmas and Happy New Year! Much love from Southampton

Disney+ managed to go one better. A nice big breach that meant that someone else logs into your account, changes the names of your family members, and starts adding their favourite content to your lists.

So... I know of a RU-vidr that matches the requirements (not sure about where he lives though; his accent sounds British, anyway), but I don't personally know him... His channel is called A+Start, I hope I'm not completely wrong about him being British.

Probably the best and simplest explanation of a computer/server issue I have ever heard. Kudos.

There was a time where any user could ask for a password change with the secret questions, even a wrong answer would let you ask for a password change. (thought the video would be about that :D)

Chinny Reckon!!!! Brilliant Tom. Had forgotten all about that. Have a great Christmas!!

Goddamn this guys voice is so soothing.

4 years ago. Time flies even when you aren't having fun.

Try Lewis Brindley from the Yogscast, he or someone else there might be what you're looking for. They have a business email on their website :)

Love that you not only explain it but make a well written explanation not just a thrown together one

I remember this. I was so confused , because I wanted to add some money to buy something and each time I clicked my vallet someone elses name showed up and their money. I never got to buy whatever it was I wanted that day :(

Great video, fantastic explanation. I really appreciate the effort you put in to these videos Tom. Have a great new year.

"It is Christmas, I'm home with my family." Not this year.

Just when you forget about the start of the video, he brings it back at the end. Great video.

"I already asked nerdcubed, he's busy." I'm laughing so hard

Thumbs up for working so hard and getting a video up even during the holiday weekend.

6:18 might be worth mentioning that the cached data includes a csrf token which is used to authorize the post request. Without it, any website can tell steam that you want to buy a game using your cookie and thus it was possible until they invalidated the sessionids that someone could have bought games with your account.

i see ferreros in the background lucky bastard

This is why you use Steam Gift Cards.

a RU-vidr that fits that description is surely ashens. he's brill, and I lovely bloke.

TotalBiscuit, The Cynical Brit - 2M+ Subscribers Good Guy with a subjective, thoughtful approach to game reviews and lets plays.

I love that you specified "Not a terrible human being" at the end there.

What about Dad³? ... Oh "*smart* and *not sweary/shouty*" well I guess I answered my own question :) Serious answers though: TotalBiscuit (EDIT: Didn't know he moved) TheMightyJingles Hat Films (EDIT: Yes they can be "sweary") EDIT: FrankieonPC (Not sure where he lives, and he won't show his face) 2kliksphilip/3kliksphilip (Again not sure where he lives)

The two youtubers/streamers I personally really like are The Mighty Jingles and Quickybaby. I do not know their excact living area except that it is in Britian. Nor do I know their shedule. However they do qualify for the rest of the criteria. They are very famous within the World of Tanks community to the extent of being guest commentators for the World of Tanks Grand Finals in Poland. They are gentleman. And some of the most decent poeple I know. The biggest example is the charity event quickybaby organized which raised over 22 thousend pounds. Jingles also helped with this. I think they are amazing, but that is just a personal opinion. Next to that thanks for taaking the extra time of on christmas for this video

ok youtube, you dont have to show me this video again. it was 5 years ago, ok?

Probably worth mentioning that everyone trying to check their account details to see if they were safe... we're ensuring that their account details page got cached too, hence people being able to see full names, addressed, and the last 2-4 digits of their card numbers. Whoops.

+3kliksphilip ? For the collaboration

Always at least "good" videos. Most times they are great. 2 videos in 1, thanks for the heads up about Steam. Bonus on the Chiny Wonder part (I think that's what you said, I have a cold I'm getting over). Here in the U.S., back in the 80s, we used Sike. That's how most spelled it. Sometimes I saw it spelled (years later in books) as Psych, or Syke. Which, you can understand where it came from. As in, "Are you trying to mess with my mind and psych me out?" We just said "sike". Usually, drawn out, with an elongated "si" & a very hard "k".

Hey Scott! Nice video, very well explained. I even understood over half the words! I'm no bigshot RU-vidr but I live in Essex (about an hour outside London) and I'm a gaming RU-vidr/streamer. I believe I would match your criteria and would love to discuss maybe doing a collab with you! I hit you up on Twitter too, Cheers mate, Merry Christmas.

I watch this every year now, its a minor tradition.

What about Enter Elysium, I think he lives near london and is pretty cool.

Lathland! He lives in Manchester, which is.. almost London. He is a bit more of a technical gamer, most certainly not a terrible human being and his accent is to die for. (seriously, that alone makes his videos worth-a-while).

I was thinking nerd 3 when reading the list 😂

Paul aka "Squirrel" meets all of these requirements and has an IT background. Love your vids, keep it up.

Ha, glad I read the whole thing because Nerd Cubed would be the best person to go with in my opinion. It's unfortunate that he's busy.

You're quick! My steam store page was in Russian yesterday, but I didn't think much of it. Interesting stuff...

You asked Nerdcubed? BUT HE LIVES IN CANADA

I totally remember chinny reckon. And Jackanory. I also wish I had enough of a following to be useful for your collaboration mentioned at the end. Great video - another sub gained.

this was three years and now in my recommended exactly three years later on Christmas 2018 good job yt🤦‍♂️

*reads the requirements* 'Oooh! I know, NerdCubed. Oh.'

"You can't sell someone a game they already own" EA: *Truth is... It was rigged from the start.*

I'd like to recommend TotalBiscuit. He's a very intelligent game journalist who would probably be ideal for anything you are planning. Big fan for a long time, keep up the funny and informative videos! Really enjoy the Citation Needed series too!

Does anyone know if Tom ended up making that vid with a streamer?

Wow, I would love a Tom Scott + Nerd³ video in the future! XD

3kliksphillip

maybe Scott Manley. He got (a) and certainly (b) covered. Usually (c) as well as (d).

Have you asked +ThatMumboJumbo yet? :)

Thanks TotalBiscuit for signal boosting this great, succint and understandable explanation that is very useful for less computer savvy people!

I would suggest Josh (RageGamingVideos) as you have already asked Nerd³ :D

NOOO! TOM AND NERDCUBED COULD'VE COLLABED BUT DIDN'T?! I'VE BEEN WAITING FOR THAT DAY FOR SO LONG!

come on people of 2020, lets talk about google services this december

Wait, this was in 2015? Damn, time flies.

80% percent on aoe2 is a fantastic deal though..

I can imagine his parents saying "c'mon Thomas, put your toys away".

Total biscuit! (aka cynical brit)

So, my Steam account was not online during this shitstorm, would that mean my info is pretty much safe? I changed my password (via the steam client), so I know it is secure in that regard.

The Mighty Jingles matches all of the requirements you set for a RU-vidr. He does lots of fun stuff! :)

I was going to say Nerd3, dammit.

I like your Christmas costume! It goes just with the festive colours.

If your requirement wasn't "in or near london" I would have suggested Totalbiscuit (TotalHalibut on youtube). Maybe you can have him on a skype call :D Another person that (as far as I know) actually lives in london is Sacriel (twitch.tv/sacriel and sacriel42 on youtube). He has a decent following and might be up for some collabs.

This feels like yesterday, Jesus Christ. I was 15 back then.

INPS 2020

Web servers in the '90s were essentially the doing the same job as a cache server does today, except they did not poll for updates: they just served a static pre generated html page until the webmaster wrote or updated a page by writing html and uploading it.

I live in Christchurch and I game stream is that close enough? I have about 3 viewers Kappa

Wow I always wondered why you'd occasionally get your store page in another language during a sale. This makes a lot of sense.

Hey nice! You said $2 as 2 Bucks! #AussiePride

Oh man the disappointment when I saw that Nerdcubed wasn't going to be doing the collab.

One take😳

The Mighty Jingles lives in Portsmouth I think, and is a bit sweary but not shouty.

I guess you could call it a cachtophe i will leave now

Happy 5 year anniversary!

Hahaha! Hi mum look i'm on RU-vid!

You know it's a UK Christmas when you've got the ferrero rocher out

I'd try GradeAunderA