zlacker

[return to "Steam "Offline" status leaks exact login timestamps (Valve: Won't Fix)"]
1. bigyab+61[view] [source] 2026-01-20 22:52:44
>>xmrcat+(OP)
> Their logic: You have to be friends with the user to receive this packet. Therefore, a "trust relationship" exists.

That logic is acceptable. You could also DM an offline friend a tracking pixel to reconstruct their activity, a lot of this endpoint security is entirely up to the user.

◧◩
2. xmrcat+E1[view] [source] 2026-01-20 22:56:44
>>bigyab+61
True, but a tracking pixel is an active attack that leaves a visible trail. This leak is passive surveillance; I can silently graph the sleep cycles of 200 friends without ever interacting with them. Trust shouldn't imply consent for invisible, automated logging.
◧◩◪
3. nemoma+E2[view] [source] 2026-01-20 23:03:15
>>xmrcat+E1
How do you construct a sleep cycle out of login events? Does steam do one if the computer goes into standby etc?
◧◩◪◨
4. smiley+Z2[view] [source] 2026-01-20 23:05:21
>>nemoma+E2
Nope, going into standby is the same as logging off, since your client doesn't send keep alive packets anymore. (Not sure if macOS is an exception, because I think my MBP doesn't go into proper sleep if I keep Steam running)
[go to top]