Dear Gaben I am sorry. Dear Paypal plz fix. Dear viewers watching on 0.25x speed not only makes me sound drunk it also quadruples the watch time in the youtube algoritm. Edit: Praise be gaben steam is fixed. I am unsure about PayPal but will update this comment if I hear any news!
@@The_Real_Dream_Chaser that is possible. Break law to make money after multiple rather convulted steps. Make someone "clean" the money. Do jail once. Do it again but you can pay the fees directly with previous money (that was trhoughly lost trace off thanks to mondialisation). Scale the thing because you are innnocent until proven guilty
I think its a massive oversight of both companies. Rookie mistake even maybe. How are you not validating the id's on the server. On both ends. There should not be business logic on the front-end lol.
He has to put the disclaimer because he know people are stupid enough to still go through with it. You do not mess with fraud, at least in the US. Fraud is a big deal because it usually leaves a trail so it's pretty easy track down the account. And for liability reasons banks and payment processing will absolutely give that account up. Not to mention the potential damages they will absolutely use that person as an example.
@@allstarwoo4 I imagine the people doing this for real severely underestimate the potential consequences there. Historically, fraudsters often receive a length of incarceration that makes child abuse sentencing look like a brief stint. Better yet, the companies you defrauded can still file civil suits on you beyond whatever criminal charges the state/fed pressed, so you might do 15 years just to get out and have any money you make heavily garnished for the rest of your life.
It professional here: checking this is absolut basic security. I have literally no idea how they missed this. Either once you are in the payment process your cart becomes frozen, or - if new items are added - becomes invalid. However under no circumstances must the client system be allowed to dictate any of this ever. Because Everything that runs in the browser is completely open source and can be hacked by anyone with even basic programming skills.
They missed this because their focus isn't on the product as it should be. Games are constantly broken and it's just bad code written by coders. How are any other programs any different?
No, the problem is doing that on the freaking frontend side. I HAVE TO SCREAM, I hate incompetent developers. That's just basic software engineering, but when it comes to JS, all bets are lost.
@@randomidiot8142 Games aren't critical pieces of infrastructure that deal with people's money. Paypal deserves more than just public shaming. But what do you expect from a company that "allegedly" committed public fraud and money laundering and got away with it.
Step 1. Find the Pelosi tracker website Step 2. Buy all the same stocks she does Step 3. Laugh all the way to the bank with your derived insider profits
How you force companies to fix issues: make millions of people aware of the exploit. Suddenly, it's no longer a "fixing it costs us $100,000, but just dealing with a minor amount of customer service tickets costs us nothing" situation, suddenly it's a "we have two thousand people doing the exploits every minute now, CS is overworked, and companies are threatening to sue, this is gonna cost us millions if we don't fix it." And that's why some software engineers at Valve and PayPal are now working closely together and won't stop working until they solves these issues, getting themselves a negative mark on their records for having this expensive bug in the first place, and seeing their bosses get a higher bonus for making the right choices in a stressful situation.
I found out in these last 10 minutes that there's tons of lost games & demos I could play without pirating... and then immediately that it is now too late very precisely because I could even know this.
@@Glorious_Potatoe Really? Why? The Spiffing Brit is the closest thing to a non-dev white hat you can get. He exposes the fraud so it is quickly ended.
Valve? With exploiting McDonalds, UA-cam, PayPal and many more (multiple times)? Let's be honest. Every 3 letter organization is watching him. Closely.
thank you so much for speaking on this issue spiff, im a small streamer that got completely demoralized by paypal's terrible system, and knowing big eyes are watching what they do is definitely a huge boost towards a resolution. Ive been here since like the early 900k subs era, and am super proud of how far youve come in recent years! Hope we continue to enjoy our tea and find LEGAL AND DEFINITELY NOT INHUMAN exploits!
Honestly the only solution I see to that is for every platform to stop accepting PayPal as a valid payment method, because people have been running that kind of scams with it for years. I see no reason to think they'll ever have any intention of fixing it.
and people are complaining about "responsible disclouse" you don't do that to companies like Paypal that have no self-accountability. There's no responsible disclosure for companies that don't fix the problems and don't care about the people being damaged by it, public shaming works, its called accountability.
games' copyright does expire eventually, but that doesn't give steam a mandate to distribute them. I wonder what we will see when the copyright of landmark videogames expires.
@@AleAsLisonAbandonware is generally free to distribute. It's a bit legally grey, but failure to enforce copyright or trademarks is what leads to the loss of those protections.
I very much dislike the fact that games just... "disappear" & cannot be played & enjoyed by anyone ever again! This may seem like a great way to save them, but I did read / hear the disclaimer! Bravo Spiff 😉
When a game is delisted it's still available to people who obtained the game beforehand. It's very rare that a game gets actually removed from Steam altogether.
@@LutraLovegood Ah I see. Okay. But SO many games have been lost to time (not really talking MMORPGs here) that they aren't really available unless you get a specific console or some such emulator. It's a shame how much art has been lost to greed 😕
@@sywrexile3078 well... everything that once upon a time was sold to us is being preserved, just gotta run through hoops like anti-piracy laws (be it roms that can either be used by emulators or the actual console if burned to a disc/cartridge properly like you said or.. you know... the PC version of it. hell, we even preserve games that we shouldn't preserve as we never got around to ever own a license for them, like Far Cry 3, which instead should be one of the many games that shouldn't have "sold" and make that method of "business" a non-viable business).
Spiff: "This Should Not Be Reproduced" Also Spiff 3 Seconds Later: "So Here Is What We Are Going To Do" Edit: i got 700 more likes than the official yt account lol.
There's a point where publicity of a problem is more likely to get the lazy ass devs at PayPal off their 6 digit salary asses and fix issues than just a simple bug report
@@4547466 This is pretty much entirely an exploit on the Steam side, PayPal is just processing a (for the first example) 71 pence transaction as requested by Steam.
@@4547466I'm not convinced this is a PayPal bug, this very much seems to be a flaw in how shopping carts are implemented on websites, and I don't see any reason this would only apply to PayPal given the commands are being run on the shop page rather than the PayPal page
Please do a jolly cheerful playthrough of that there game you bought, "I Have No Mouth and I Must Scream"! Exploit it by having a happy cheerful time of it all.
What makes me laugh is that if you had used the hell out if this exploit and been community banned until 2040 (only 16 years from now) by the time you get it back your sellable items might be worth hundreds of thousands at which point you could simply sell the account.
@@myhandlewastakenandIgaveup they will most likely not get unbanned, same thing happened with that guy that bought the banned kato14 stickers account and should have been unbanned in march 2024 and wasnt
*Wet blanket INCOMING* Can't stop me from whipping out my phone and getting on steam there tho...that app can't run games. Which is weird for being a gaming app, but that's another topic.
don't need that long, just make the "game" keep itself open for two hours and prevent them from acessing help during that time (So, ransomware for a day)
the delisted games exploit has been out there for years, i know a few people that got their access to closed betas (that they didn't have access to legitimately) by using this exploit. it sucks but at least its not really actual "theft" per say however, the steam marketplace exploit i was not aware of, but it now makes sense to me why the value of super rare CSGO skins started to fluctuate considerably in the past year.
@@edwardvdc6287 honestly the ability to print money is already bad enough. sad it ruins the ability to archive what would of been lost media. if a little non legal
Well there's a lot of private developer builds of games that should never be purchasable, might have no DRM on them and lead to widespread piracy of those games as a result of the exploit. Developer builds might also have access to tools that could be usable online on the main game to cheat like what happened when they accidentally leaked the dark souls developer build.
I remember one of the early sales, I bought Crysis and put it in my Inventory, yeah that was a thing. I sent a gift to a friend, he redeemed it (Crysis) but there was an Error and the game was still In my Inventory, so I redeemed it myself. I lived in fear since then.
I stumbled in to the sticker trick by hoarding some of the first round of team stickers and boy did that feel pretty great when I finally unloaded them. I'm 90% sure there's money laundering going on with the stickers but 300% return on my initial investment was fucking awesome. I'm proud to be even accidentally tangentially as clever as you.
*This exploit is very similar to packet editing in online video games, i seriously can't believe it nobody bothers to fix some lines of code STILL to this day.*
That bug is a big part of why I set up donations via patreon instead of paypal. I didn't want to open up monetary attack avenues, and paypal has a long history of this sort of thing.
@@antmydude236 Because people certainly can't possibly come up with the same idea in the same context? No need to be an ass about it. The now highlighted comment was not yet highlighted when I made mine so I hadn't seen it.
Compared to all the wacky and funny stuff from previous years this one is actually really serious. Props to you and Pirates software working together to inform people about this
I thought I was subscribed lol xD If Steam already fixed the issue does it means the once unobtainable games and then obtainable with the glitch are unobtainable AGAIN? 🤦♂
Paypal has had the chargeback expoit for years now. I've had to close my server due to having to return 2000 or so euros for "products" that people didn't receive. Worst thing is, as long as there exists a record of the transaction they can do that for 180 days to you. And if you complain to paypal they always side with the customer, regardless of proof.
ohh noo, you mean the company which had a bad rep from the start and then sided with the us gov against wikileaks and stopped processing wikileaks donations, when wikileaks published the warcrimes of america, you mean this company is somewhat shady or untrustworthy? I am shocked! Not to say that paypal was always a place of fraud, especially with the family and friends stuff...
yea chargebacks are an interesting thing they are needed for customers but also can be abused like I was renting a rust server and the server didn't work shockbyte the host tried to claim that I was "past the refund" and refused to work so I told them I would chargeback them and magically it was fixed less then an hour later
@@admiralkaede Absolutely, I'm a big fan of consumer protections like that and they can be very strong even as just a threat like it was for you, but I will warn anyone reading that you should always try to work with the vendor first because if you go straight to a chargeback there are some companies that will blacklist your payment method on the assumption that the initial charge is being reversed because it was fraudulent and your payment method is compromised. (At least, that's the stated reason. They might just figure that someone who does a chargeback once is more likely to do it again. Who knows!) If you never want to trust them with your money again that's all fine, but if it's just a once off it can be a major hassle until you get a new credit card/payment account.
Maybe try getting it on a burner account, if it doesn't get banned in a few weeks trade it over? Purely a hypothetical of course, I would never advocate doing such a thing...
@@JosephFaulkner2k8 i got rocket league on steam, if you use greenluma to unlock DLC's to it you get free car skins, because they didn't pretdict people would do that
@@goluboch how is telling people of an exploit a ruination of youtube. UA-cam was already ruined conceptually in 2016 and creatively in 2020 what planet are you from? Certainly not earth.
When you said "adding items into our cards we arent able to purchase" and then followed up by "actually no its really easy" I started to sweat profusely thinking you had discovered the way Ive found, but alas its different so no need to worry there.^^
Well done Spiff, excellent video. Some genuine and important video games journalism there (and no stock footage office heads) made this quite engaging in content and delivery
ive been training in cyber security and this is literally one of the things i did in the virtual environment except it was a donut shop??? like this is a known exploit!
@@khaledahmed9136 well Spiff said only those who abused it for the market items were getting banned. I doubt they'd ban you for getting a bunch of de-listed games with this, they have no real "value". At worst, prolly just remove them from your account.
@@PerSixPlus I would have loved to get Ultimate Alliance 1&2 and Amazing Spiderman 1 &2 that I once got illegally and wanted to own on Steam. I'd buy it if it came back to Steam.
Geez spiff this was the feel good video I wasn't expecting! Love the stance on preserving gaming history. Also love the awareness out there to help steam and help the community. A better steam can better care for the community, and vice versa!
We boiled all the water on UA-cam's server cooling systems on your birthday stream, I've lose some fine CPU processors that glorious day. Now, we have an exploit so powerful that requires an actual legal disclaimer to show. This channel has been pushing the Algorythm to new silly places, and my tea is ready.
Can't believe you're close to 4 million subscribers. I remember the time you had like a few thousands, the stock image drama, SpiffCo inauguration, etc.. is it that long ago already?
Damn. I think I'd have probably been tempted to risk it for a biscuit and grab a couple of cheeky unlisted games I've been lamenting missing out on for years if that was the only part of this exploit... But with the Market exploits going on too, punishments are going to end up being a lot harsher than they probably would have been otherwise, and I don't think it's worth the risk of getting caught in the collateral.
We’re all on the same page… Yeah, it’s disappointing we can’t get delisted formerly free games, I would’ve made a second account just to do that. But with the internet being what it is, and all my emails being linked to one another (in one way or another), it’s not worth the risk, since it’s being misused.
so this video is about to use the same exploit you could do in the 2000's (edit the page and prices) to your liking. good work finding out that this works again with the addition of paypals service.
Unfortunately, it seems this has been patched, meaning the Black Rose is once again unavailable in TF2 for anyone who didn't already have it, as are the Poker Night and Poker Night 2 achievement items.
@@jackboyeditor200 Internet Archive has archived Poker Night 1 & 2 which you can download for free. The TF2 and Borderlands items don't work, but the game is available as abandonware (which is piracy, but who cares for delisted games?)
There's another layer to this you didn't mention in the video, luckily because Steam just put a bandaid fix that would prevent this from being possible, game developers tend to have packages containing every game they ever released as a private SubID for developers in the company which can be publicly read through SteamDB. If that were added to your cart you would have permanent access to every game published by the large company you took from whether it was Capcom, Ubisoft, WB Games, or any other company that has these packages.
If Ubisoft can remove any game they like from you Uplay account, I don't see why we can't get Perma access to their entire catalog since buying isn't owning >:3
Someone from Steam probably has the channel on immediate notification of a video posted so that they can see these exploits and fix them as fast as possible.
damn lol, I have RL (on steam) on my main but i literally just tried to get it on my 2nd account incase something happens to my main. It didn't work and then i read your comment.
@@GentleWruzzPuppet @electr0cute170 The ban waves are most probably because the summer update is around the corner and they want TF2's image to be clean for that date and to get people to spend their money on lootboxes, I ain't falling for that shit if I'm right
Paypal devs waking up from a nightmare just to realise it wasn't a nightmare, just their bosses calling and begging for them to stop the floodgates that a bunch of degens lead by an unhinged brit brandishing a cup of tea had unleashed upon them
So hypothetically I can use this to obtain games like Titanfall 1 and even Flock which work perfectly fine but publishers have removed them from steam for no reason
I genuinely wanna know if this would class as fraud. Theres no other way to purchase said games apart from like 2nd hand (I don’t think there’s physical copies of Flock) or just pirating them
I would really love to get one or two delisted games I had on my consoles that no longer work :( However I don't want to commit any kind of fraud or get banned for it ^^'
The unlisted games one is neat. I'd use it, as I'm also a collector, but now I fear I might be lumped in with worse and get a ban. So... maybe not. Remember folks, the only true sure way to protect your customer's rights and preserve art is to sail the high seas. Out of the reach of companies.
what specific customor rights do you mean? on steam you have a subscriber agreement, or do you think that pruchasing a netflix subscription gives you a moral right to rip all netflix series?
Knockout City is a great example for how to preserve a game! They closed their public servers in 2022, but release a private server version on steam were you can still play the game on user made servers. Every Game should do this!
You know it's gonna be a great exploit if Spiff has to give a full legal disclaimer at the start 😂 Edit: Genuine question, if you use this exploit to just get a delisted game into your account, and not make any money off it, will steam come after you? The game in question has been delisted for over five years and there is no way to get a copy of it in 2024
@@unusualusername8847 yeah I've realized that. The pirated copy is pretty broken and doesn't include certain content the Steam version would, but it's not worth the risk.
@@traingameiacs oh so me getting a game with currently no value is illegal but corporations collecting (and selling) my data without consent is legal... What a democracy we all live in... I think its about the time I dedicate myself to learning ethical (and unethical) hacking so I can fuck around with these "capitalists"
Cool video :) There are security companies who does the same.. Give's a head's up about a bug/exploits in a program to the companies owning it , write's email " found this bug/exploit, please fix this in x Day's or i will go public" . If it's fixed, it stay's a secret.. If it's not, whole world will know about it and maybe use it and that way force the company to fix the problem. They will send email's not to make the bug public, but there was a trick to avoid to get silenced down about the bug.. But don't rembemer it...
@@tornadotaylor8956 they will be able to track how it was activated and if it was something that wasn't public facing you will likely have it removed and possibly have your account banned. I 100% would not risk it at all unless you do it on a throwaway account you dont care about risking
People made bags of money from this, while steam doesn't refund a game I bought(I meet all the guidelines for refunding). Use the system or the system will use you
Gabe, I just want poker night at the inventory I want the Iron Curtain Note to Valve : I'm willing to pay full price for the unlisted game I want to illegaly get oh nevermind ypu patched it already :c
Dear Gaben I am sorry.
Dear Paypal plz fix.
Dear viewers watching on 0.25x speed not only makes me sound drunk it also quadruples the watch time in the youtube algoritm.
Edit: Praise be gaben steam is fixed. I am unsure about PayPal but will update this comment if I hear any news!
Time to conquer the Steam Market and rebuild the Glorious British Empire!
Thank you for giving us all free games with this exploit lmao
Pay the man
oh ma days
My favourite spiff videos are his grafting for a small amount of money vids. I'm not sure why I just love them
and brit strikes again...
lol
Uh someone forgot to log out of UA-cam account
youtube maybe endorsing fraud is the best thing theyve ever done
lol
@@dandumb fr
Next video: jail is perfectly balanced
@@The_Real_Dream_Chaser that is possible.
Break law to make money after multiple rather convulted steps.
Make someone "clean" the money.
Do jail once.
Do it again but you can pay the fees directly with previous money (that was trhoughly lost trace off thanks to mondialisation).
Scale the thing because you are innnocent until proven guilty
"Jail Glitch, jailbreaking an actual jail"
What do you mean? From prisoner to warden where in the end he becomes the next primeminister of England?... That would be sick tho, not gonna lie
@@webbie7503 lol
He did put out the disclaimer along the lines of... o 0 O (I didn't do these exploits myself)
Oh wow. As a UI guy, this is a nightmare to witness. Anything that starts with "press F12" is already off to an alarming start.
@@thesuitablecommand this is why all validation should also be run on the backend. Never trust the client!
"And then open a new tab..."
I think its a massive oversight of both companies. Rookie mistake even maybe. How are you not validating the id's on the server. On both ends. There should not be business logic on the front-end lol.
Sometimes you have to use a console to fix a broken site so that it actually lets you buy what you should be able to buy XD
DataScientist student here, I'm taking notes, this is terrifing
You know this exploit is overpowered when even the Spiffing Brit has to put a disclaimer
If even a God gets nervous about something he's done dozens of times...
Or just plain illegal
Forget the disclaimer, he offered his TEA. This is a serious issue.
He has to put the disclaimer because he know people are stupid enough to still go through with it. You do not mess with fraud, at least in the US. Fraud is a big deal because it usually leaves a trail so it's pretty easy track down the account. And for liability reasons banks and payment processing will absolutely give that account up. Not to mention the potential damages they will absolutely use that person as an example.
@@allstarwoo4 I imagine the people doing this for real severely underestimate the potential consequences there. Historically, fraudsters often receive a length of incarceration that makes child abuse sentencing look like a brief stint. Better yet, the companies you defrauded can still file civil suits on you beyond whatever criminal charges the state/fed pressed, so you might do 15 years just to get out and have any money you make heavily garnished for the rest of your life.
It professional here: checking this is absolut basic security. I have literally no idea how they missed this. Either once you are in the payment process your cart becomes frozen, or - if new items are added - becomes invalid. However under no circumstances must the client system be allowed to dictate any of this ever. Because Everything that runs in the browser is completely open source and can be hacked by anyone with even basic programming skills.
i like big latinas too
They missed this because their focus isn't on the product as it should be.
Games are constantly broken and it's just bad code written by coders. How are any other programs any different?
My guess is they're Yank companies, therefore their "security" (or lack thereof) isn't anything much to write home about 🤷♂️😏😂
No, the problem is doing that on the freaking frontend side. I HAVE TO SCREAM, I hate incompetent developers. That's just basic software engineering, but when it comes to JS, all bets are lost.
@@randomidiot8142 Games aren't critical pieces of infrastructure that deal with people's money. Paypal deserves more than just public shaming. But what do you expect from a company that "allegedly" committed public fraud and money laundering and got away with it.
How has Spiff graduated from exploits to just plain fraud
I mean the shtick has always been capitalism, it's not his fault capitalism is just scams now.
Realistically, fraud is just a real life exploit.
He's been wearing a black hat the whole time 🤠🧐
We live in a simulation.
@@nuance9000 Not the little hat, though.
At some point i'm expecting a "The bank is perfectly balanced with no exploits" video where Spiff just commits actual mass fraud and escapes to Dubai.
Maybe one for the stock market.
Step 1. Find the Pelosi tracker website
Step 2. Buy all the same stocks she does
Step 3. Laugh all the way to the bank with your derived insider profits
@@LutraLovegood A cheeky little exploit to add delisted Enron stock back on the NYSE
Spawning a "free out of jail" card in SBF's cell.
Spiff just explains fractional reserve banking.
How you force companies to fix issues: make millions of people aware of the exploit. Suddenly, it's no longer a "fixing it costs us $100,000, but just dealing with a minor amount of customer service tickets costs us nothing" situation, suddenly it's a "we have two thousand people doing the exploits every minute now, CS is overworked, and companies are threatening to sue, this is gonna cost us millions if we don't fix it."
And that's why some software engineers at Valve and PayPal are now working closely together and won't stop working until they solves these issues, getting themselves a negative mark on their records for having this expensive bug in the first place, and seeing their bosses get a higher bonus for making the right choices in a stressful situation.
BY CLOSING HIS PAYPAL ACCOUNT THATS NOT RIGHT.
Or just ban this channel's paypal account and proceed to act like nothing happened
I found out in these last 10 minutes that there's tons of lost games & demos I could play without pirating... and then immediately that it is now too late very precisely because I could even know this.
@@ChrisD__ I think I heard on a podcast that someone bought Unreal Tournament on steam by just emailing Valve's customer service lol
what are you yapping about?
Steve here, I CARE!
I'm not alone!
Thanks for caring, Steve!
Back to you Steve
5800X3D benchmark results are missing from this comment!
Thanks Steve!
I’d like to imagine that Gaben hates you but, that man has probably just made a killing from the banana game alone
its crazy how big that game got out of nowhere lmao
@@dwarvo Greatest scam of the year
Gaben would be happy that someone is doing bug hunting for free
First few minutes was all "oh spiffing you lil rapscallion" to "Oh nooo, OH NOOOO!"
this isnt nearly as bad as i had expected lol
@@TimypimS I mean, people are stealing money from streamers, it’s kinda worse then I expected since individuals might be hit extremely hard
@@RenABFF0 yeah the 1st part was cool… then it was theft… then it was worse theft
Valve employies monitoring this guy 24/7:
Shit, again?!?!?!
I mean look what he did the last years. If i were Valve i too would be nervous about what he is doing.
@@Glorious_Potatoe
Really? Why?
The Spiffing Brit is the closest thing to a non-dev white hat you can get.
He exposes the fraud so it is quickly ended.
He's just a glorified unpaid QA department for Valve at this point XD
Valve? With exploiting McDonalds, UA-cam, PayPal and many more (multiple times)? Let's be honest. Every 3 letter organization is watching him. Closely.
@@adimemo2134 got to get my copy of deadlocked now
One day I’m going to find a video titled “Spiff Breaks Reality” where he games the laws of physics and ends up accidentally going light speed
But what if I decide snail speed would be more entertaining ;)
accidentally?
@@thespiffingbrit you can already do that, it’s not an exploit. It just needs a lot of patience
@@thespiffingbrit snails exist already though :(
drinking tea at ftl speeds
thank you so much for speaking on this issue spiff, im a small streamer that got completely demoralized by paypal's terrible system, and knowing big eyes are watching what they do is definitely a huge boost towards a resolution. Ive been here since like the early 900k subs era, and am super proud of how far youve come in recent years! Hope we continue to enjoy our tea and find LEGAL AND DEFINITELY NOT INHUMAN exploits!
Honestly the only solution I see to that is for every platform to stop accepting PayPal as a valid payment method, because people have been running that kind of scams with it for years. I see no reason to think they'll ever have any intention of fixing it.
and people are complaining about "responsible disclouse" you don't do that to companies like Paypal that have no self-accountability. There's no responsible disclosure for companies that don't fix the problems and don't care about the people being damaged by it, public shaming works, its called accountability.
4:12 honestly full delisted games should be permanently free after a while for the sake of game preservation
games' copyright does expire eventually, but that doesn't give steam a mandate to distribute them. I wonder what we will see when the copyright of landmark videogames expires.
@@AleAsLison Copyright in the US generally lasts 70 years after the death of the author, so most of us here will not be alive to find out.
That's not how... any of this works for so many common sense and legal reasons.
I dunno about that chief. Legal issues aside, they still have to pay for the bandwidth on that.
@@AleAsLisonAbandonware is generally free to distribute. It's a bit legally grey, but failure to enforce copyright or trademarks is what leads to the loss of those protections.
"GabeN, Spiff has released another exploit video"
'How bad?'
"Real bad"
@@robertdascoli949 😂😂😂
It's fixed already. gg
except this exploit has been patched 2 months ago but spiff won't tell you that.
Sir, a second spiff just hit the second bug.
@@MrDanielcool13 that should be obvious about any exploit disclosure, unless he wanted to be processed
you know it's gonna be a good one if they gotta read a formal lawyers statement as the introduction of the video xD
1:00 Spiff gets a lawyer
The UK legal system is perfectly balanced....
"educationally" balanced
KhronosVII by a chance? :)
I very much dislike the fact that games just... "disappear" & cannot be played & enjoyed by anyone ever again!
This may seem like a great way to save them, but I did read / hear the disclaimer!
Bravo Spiff 😉
When a game is delisted it's still available to people who obtained the game beforehand. It's very rare that a game gets actually removed from Steam altogether.
@@LutraLovegood Ah I see. Okay. But SO many games have been lost to time (not really talking MMORPGs here) that they aren't really available unless you get a specific console or some such emulator. It's a shame how much art has been lost to greed 😕
@@sywrexile3078 well...
everything that once upon a time was sold to us is being preserved, just gotta run through hoops like anti-piracy laws (be it roms that can either be used by emulators or the actual console if burned to a disc/cartridge properly like you said or.. you know... the PC version of it. hell, we even preserve games that we shouldn't preserve as we never got around to ever own a license for them, like Far Cry 3, which instead should be one of the many games that shouldn't have "sold" and make that method of "business" a non-viable business).
delisted games can still be downloaded, they just cant be purchased anymore
@@scratthesquirrel5242 yeah, and guess what, most delisted games are not owned by a majority of the people.
1:11 ''I have not performed this exploit myself" the title: 👁👄👁
Spiff: "This Should Not Be Reproduced"
Also Spiff 3 Seconds Later: "So Here Is What We Are Going To Do"
Edit: i got 700 more likes than the official yt account lol.
There's a point where publicity of a problem is more likely to get the lazy ass devs at PayPal off their 6 digit salary asses and fix issues than just a simple bug report
that also happens with people who promote hacking clients
for games and then say "dont do this" but also put 20 links in
their video to install it
@@4547466 This is pretty much entirely an exploit on the Steam side, PayPal is just processing a (for the first example) 71 pence transaction as requested by Steam.
@@4547466I'm not convinced this is a PayPal bug, this very much seems to be a flaw in how shopping carts are implemented on websites, and I don't see any reason this would only apply to PayPal given the commands are being run on the shop page rather than the PayPal page
@@4547466 Yea, let's hope they quickly click that "fix bugs" button a couple times.
So happy to hear you collabed with PirateSoftware for this video, you both are two of my favorite UA-camrs :)
He and his wonderful team are an absolute blessing for the online videogame community and industry
Why do they want you to pirate software tho?
@@chrisk9001 "I need that money!"
@@thespiffingbrit piratesoftware is a legend and you compliment eachother's style and morals VERY well
Please do a jolly cheerful playthrough of that there game you bought, "I Have No Mouth and I Must Scream"! Exploit it by having a happy cheerful time of it all.
What makes me laugh is that if you had used the hell out if this exploit and been community banned until 2040 (only 16 years from now) by the time you get it back your sellable items might be worth hundreds of thousands at which point you could simply sell the account.
Either Valve has something planned for 2040 or they're not expecting you to live that long.
... possibly it's not an OR but an AND situation.
if Steam hadn't deleted them from your inventory during that time, that is
It's trackable and they will delete your items
@@myhandlewastakenandIgaveup they will most likely not get unbanned, same thing happened with that guy that bought the banned kato14 stickers account and should have been unbanned in march 2024 and wasnt
@@ThePamimo its not your items anymore cause you sell them before even get banned
Brilliant steam exploit, design a game that is just ransomware that prevents people from accessing steam help for 2 weeks.
@@slade6666 art
@@slade6666 This sounds like a Ubisoft product
*Wet blanket INCOMING*
Can't stop me from whipping out my phone and getting on steam there tho...that app can't run games. Which is weird for being a gaming app, but that's another topic.
I need a gif for "wet blanket INCOMING". it's important
don't need that long, just make the "game" keep itself open for two hours and prevent them from acessing help during that time (So, ransomware for a day)
the delisted games exploit has been out there for years,
i know a few people that got their access to closed betas (that they didn't have access to legitimately) by using this exploit.
it sucks but at least its not really actual "theft" per say
however, the steam marketplace exploit i was not aware of, but it now makes sense to me why the value of super rare CSGO skins started to fluctuate considerably in the past year.
me: huh, man that's a funny exploit, how is this so broken?
vid: unlisted CSGO items
me: ah
no, no...
It gets worse
@@edwardvdc6287 honestly the ability to print money is already bad enough. sad it ruins the ability to archive what would of been lost media. if a little non legal
Original Dark Souls keys go for 400 dollars, I expect to see cheap steam accounts on sale with delisted games.
@@0GTXR This alone would have been worth it, dang...
Well there's a lot of private developer builds of games that should never be purchasable, might have no DRM on them and lead to widespread piracy of those games as a result of the exploit. Developer builds might also have access to tools that could be usable online on the main game to cheat like what happened when they accidentally leaked the dark souls developer build.
This is actually trackable. Don’t do it.
Yup 100% trackable which is how it was first discovered to us members of the public
@@thespiffingbrit yorkshire tea 🍵 🍵 🍵🤑🤑🤑🤑
@@thespiffingbrit How quick do you think Gabe will get this fixed? Also, I wonder if they will block PayPal over this.
@@thespiffingbrit Any info on the sub-id's of the CS items? I'd actually like to risk it all XD
Ye
I salute your butt joke, sir. Perfectly placed and unassuming. Caught me right off guard. Spiffing.
"...all you need is Google Chrome" (tears up ticket in disgust)
I think it's literally any browser, just not the steam client, which doesn't let you access the console
>Oh this isnt even that bad
>Some people started messing with Counter Strike
Fury of 1 trillion gabens
Would this work for hollow knight Silksong??
Silksong is as real as half life 3
I see. No one will ever use this exploit because no matter how many free games you have it is not worth having chrome installed.
Virtual Machine
Edge
should work on every browser with console available.
I have a chrome book though...
@@mavericksetsuna7396 those free games are worth more than your chromebook
"In MOST countries fraud is illegal" I need to find in which country it isnt lmao
there are quite a few micro nations without or bare bone legal system. Also what is fraud in a country might not considered fraud in another
@@pinkysweets guide me the way!!
Theres a few countries where fraud will land you the top spot in the political system
@@pinkysweets Or just corrupt countries depending on who you are.
Fraud by definition is illegal just like murder by definition is wrong. The issue is what qualifies as fraud.
I remember one of the early sales, I bought Crysis and put it in my Inventory, yeah that was a thing.
I sent a gift to a friend, he redeemed it (Crysis) but there was an Error and the game was still In my Inventory, so I redeemed it myself.
I lived in fear since then.
I stumbled in to the sticker trick by hoarding some of the first round of team stickers and boy did that feel pretty great when I finally unloaded them. I'm 90% sure there's money laundering going on with the stickers but 300% return on my initial investment was fucking awesome. I'm proud to be even accidentally tangentially as clever as you.
*This exploit is very similar to packet editing in online video games, i seriously can't believe it nobody bothers to fix some lines of code STILL to this day.*
That bug is a big part of why I set up donations via patreon instead of paypal. I didn't want to open up monetary attack avenues, and paypal has a long history of this sort of thing.
damn, you know a spiffing brit exploit is overpowered when it has to start with a legal disclaimer
@@anomnomnomynous lmao you just copied someone else's comment, how sad.
@@antmydude236 cry about it, let people have fun lol
@@antmydude236 Because people certainly can't possibly come up with the same idea in the same context? No need to be an ass about it. The now highlighted comment was not yet highlighted when I made mine so I hadn't seen it.
@@anomnomnomynous lol you try too hard for UA-cam likes 🤣
Oh, I did have a good chuckle when you asked Paypal of all things to fix something. Oh boy is that man politely talks to clouds.
Compared to all the wacky and funny stuff from previous years this one is actually really serious. Props to you and Pirates software working together to inform people about this
"We need you Gaben, now more than ever."
I expect quid pro quo on my energy contribution.
I thought I was subscribed lol xD
If Steam already fixed the issue does it means the once unobtainable games and then obtainable with the glitch are unobtainable AGAIN? 🤦♂
Paypal has had the chargeback expoit for years now. I've had to close my server due to having to return 2000 or so euros for "products" that people didn't receive. Worst thing is, as long as there exists a record of the transaction they can do that for 180 days to you. And if you complain to paypal they always side with the customer, regardless of proof.
ohh noo, you mean the company which had a bad rep from the start and then sided with the us gov against wikileaks and stopped processing wikileaks donations, when wikileaks published the warcrimes of america, you mean this company is somewhat shady or untrustworthy?
I am shocked!
Not to say that paypal was always a place of fraud, especially with the family and friends stuff...
Yup, when he mentioned it I was like "Wait.. they STILL haven't fixed this yet!?" it's been around and known for at least six years.
yea chargebacks are an interesting thing they are needed for customers but also can be abused like I was renting a rust server and the server didn't work shockbyte the host tried to claim that I was "past the refund" and refused to work so I told them I would chargeback them and magically it was fixed less then an hour later
also avoid shockbyte they are NOT good
@@admiralkaede Absolutely, I'm a big fan of consumer protections like that and they can be very strong even as just a threat like it was for you, but I will warn anyone reading that you should always try to work with the vendor first because if you go straight to a chargeback there are some companies that will blacklist your payment method on the assumption that the initial charge is being reversed because it was fraudulent and your payment method is compromised. (At least, that's the stated reason. They might just figure that someone who does a chargeback once is more likely to do it again. Who knows!) If you never want to trust them with your money again that's all fine, but if it's just a once off it can be a major hassle until you get a new credit card/payment account.
Digital scarcity is a scam.
But shiny weapon skin makes me feel good 😢
Someone should really inform the countless cryptocurrencies
@@OurHeroXero laws have loopholes, and even then, not every country wants to shut off the possible income that these scams generate
@@evhan the entire banking system is a scam
Tell the Federal Reserve that about Fiat currency
My oh my. That was a quick response. Wish pay pal could fix things as fast as they make snap decisions
The mental calculus between "steam might consider it fraud" and "Dark Souls PtDE is unlisted anyways and I really want it" is taxing
Same, I only want rocket league on steam...
@@JosephFaulkner2k8 Rocket League isn't on Steam anymore??
@@LutraLovegood nope, it's now an epic games exclusive
Maybe try getting it on a burner account, if it doesn't get banned in a few weeks trade it over?
Purely a hypothetical of course, I would never advocate doing such a thing...
@@JosephFaulkner2k8 i got rocket league on steam, if you use greenluma to unlock DLC's to it you get free car skins, because they didn't pretdict people would do that
Title: How I Robbed Steam
Content: I didn't, but could have
Well I dunno about you but Steam IS the market so I wouldn't wanna be banned from like groceries and such.
WHAT some guy with the small number of 3.9 Million Subs does not upload a video where he commits fraud? Crazy stuff smh smh
@@dd_hd what some guy clickbaits and ruins content on youtube like it's nothing
@@goluboch lmaooo
@@goluboch how is telling people of an exploit a ruination of youtube. UA-cam was already ruined conceptually in 2016 and creatively in 2020 what planet are you from? Certainly not earth.
When you said "adding items into our cards we arent able to purchase" and then followed up by "actually no its really easy" I started to sweat profusely thinking you had discovered the way Ive found, but alas its different so no need to worry there.^^
Pls whisper me how ^^, i swear i only use myself and wont tell anyone !
@@DraconicKobold I’d also like the whisper, I tried earlier but I spent too long adding 72 games lol
whisper me too pls, shenanigans!!
What is your way??
Well done Spiff, excellent video. Some genuine and important video games journalism there (and no stock footage office heads) made this quite engaging in content and delivery
your reporting of these exploits is really entertaining and will hopefully stop these kinds of exploits it the future good work
ive been training in cyber security and this is literally one of the things i did in the virtual environment except it was a donut shop??? like this is a known exploit!
Aw the first one im early to is fraud :(
E
All were fraud
This video hasn't even been out long enough for me to watch it so I'm commenting for engagement.
E
[happy algorithm noises]
Fuck. As a collector, I wish I had seen this while it was still doable. 😔
Pretty sure your steam account would've gotten banned
its probably for the best we missed it dude, its not worth being banned
@@khaledahmed9136 well Spiff said only those who abused it for the market items were getting banned. I doubt they'd ban you for getting a bunch of de-listed games with this, they have no real "value". At worst, prolly just remove them from your account.
@@PerSixPlus I hope SteamDB got some of the titles they were missing at least.
@@PerSixPlus I would have loved to get Ultimate Alliance 1&2 and Amazing Spiderman 1 &2 that I once got illegally and wanted to own on Steam. I'd buy it if it came back to Steam.
Geez spiff this was the feel good video I wasn't expecting! Love the stance on preserving gaming history. Also love the awareness out there to help steam and help the community. A better steam can better care for the community, and vice versa!
We boiled all the water on UA-cam's server cooling systems on your birthday stream, I've lose some fine CPU processors that glorious day. Now, we have an exploit so powerful that requires an actual legal disclaimer to show. This channel has been pushing the Algorythm to new silly places, and my tea is ready.
Can't believe you're close to 4 million subscribers. I remember the time you had like a few thousands, the stock image drama, SpiffCo inauguration, etc.. is it that long ago already?
Damn.
I think I'd have probably been tempted to risk it for a biscuit and grab a couple of cheeky unlisted games I've been lamenting missing out on for years if that was the only part of this exploit... But with the Market exploits going on too, punishments are going to end up being a lot harsher than they probably would have been otherwise, and I don't think it's worth the risk of getting caught in the collateral.
damn, I really want rocket league in steam but I have to use the epic games store. was wondering to use this exploit to get myself rocket league :/
Same thought I had honestly.
I just wanted to get LoL on my account :c rip
We’re all on the same page… Yeah, it’s disappointing we can’t get delisted formerly free games, I would’ve made a second account just to do that.
But with the internet being what it is, and all my emails being linked to one another (in one way or another), it’s not worth the risk, since it’s being misused.
would have liked to get Deadpool and Age of Booty. Not worth the risk though.
Next time "The Universe Is A Perfectly Balanced Existence With No Exploits."
@@GreasusGoldtooth Transistors
The Laws Of Thermodynamics Are Perfectly Balanced
When spiff needs to put a legal disclaimer on an exploit you're so screwed, glad you fixed it Valvr
this is the first time that i actually made it to one your videos and not days after it got patched, how perfectly balanced 😄
How do you know it is not patched, yet? ;)
That is some insane stuff. Thank you, Spiff!
so this video is about to use the same exploit you could do in the 2000's (edit the page and prices) to your liking. good work finding out that this works again with the addition of paypals service.
Unfortunately, it seems this has been patched, meaning the Black Rose is once again unavailable in TF2 for anyone who didn't already have it, as are the Poker Night and Poker Night 2 achievement items.
I was about to try for poker night 2 because my gf wants the zero skin for borderlands 2
@@loganarzuaga8316 oh i didnt knew that there was a Zero skin on Poker Night but i personaly want the Dangeresque Too ngl
@@loganarzuaga8316 you can probably save edit so she has the BL2 stuff.
black rose? the spy knife from that shitty cs clone? how much you tryna pay for it?
you can still get it, black rose isnt just a promotional item, there are tradable copies of it too
Watching the video, pretty good.
Watching the video on 0.25 with sound muted, priceless.
Dammm What was that disclaimer?
Don't surrender Spiffing Brit
We are here with you!
The desire for delisted games. But knowing it'll get you banned. Yup. Definitely not doing this. Extremely trackable.
same :( I want delisted games more than steam money.
It’s a shame as I was really tempted to try this out with Poker Night and the Inventory but don’t want to risk my account
@@jackboyeditor200 this exactly
@@jackboyeditor200 Internet Archive has archived Poker Night 1 & 2 which you can download for free.
The TF2 and Borderlands items don't work, but the game is available as abandonware (which is piracy, but who cares for delisted games?)
@@jackboyeditor200 me too but mainly for the Dangeresque Too ngl
You know it’s a big video when spiff has to have a long disclaimer at the start of the video
>implying streamers losing money is bad
This exploit was a blessing.
There's another layer to this you didn't mention in the video, luckily because Steam just put a bandaid fix that would prevent this from being possible, game developers tend to have packages containing every game they ever released as a private SubID for developers in the company which can be publicly read through SteamDB. If that were added to your cart you would have permanent access to every game published by the large company you took from whether it was Capcom, Ubisoft, WB Games, or any other company that has these packages.
Eeehm, could you name some :3
@@mid- better not teach it to you since you might get in legal trouble kid. Leave professional work for people who actually put in the effort
Like??
@@mid- 677 Ubisoft Complimentary, 211 Sega Complimentary
If Ubisoft can remove any game they like from you Uplay account, I don't see why we can't get Perma access to their entire catalog since buying isn't owning >:3
Someone from Steam probably has the channel on immediate notification of a video posted so that they can see these exploits and fix them as fast as possible.
More likely an api that emails them or every day someone checks his channel, notifications are not reliable.
Man it's fixed... all I wanted to do was to get rocket league on steam...
Same
Buy it. It's cheap
@@leonidasvonsparta rocket league is no longer available on steam
it is epic exclusive
and it's free 😂
@@leonidasvonsparta it's removed from the steam completely, only available on shitty epic games launcher
damn lol, I have RL (on steam) on my main but i literally just tried to get it on my 2nd account incase something happens to my main. It didn't work and then i read your comment.
0:43 We need you Gaben, TF2 needs your exploit to fix the bot crisis
Didnt the fix already start tho
Go check out delfy, they've been ban waving hundreds of bots and their hosters.
What's TF2? Team Fortress or Titanfall?
@@leodf1titanfall is TF-2
@@GentleWruzzPuppet @electr0cute170 The ban waves are most probably because the summer update is around the corner and they want TF2's image to be clean for that date and to get people to spend their money on lootboxes, I ain't falling for that shit if I'm right
Paypal devs waking up from a nightmare just to realise it wasn't a nightmare, just their bosses calling and begging for them to stop the floodgates that a bunch of degens lead by an unhinged brit brandishing a cup of tea had unleashed upon them
MY GOD man. I keeps watching and every minute is worse. What a disaster. Excellent work on this, it's gotta get fixed.
So hypothetically I can use this to obtain games like Titanfall 1 and even Flock which work perfectly fine but publishers have removed them from steam for no reason
@@kawalek5 if they do not have a price attached to them anymore like the CS items then theoretically yes
I genuinely wanna know if this would class as fraud. Theres no other way to purchase said games apart from like 2nd hand (I don’t think there’s physical copies of Flock) or just pirating them
I would really love to get one or two delisted games I had on my consoles that no longer work :(
However I don't want to commit any kind of fraud or get banned for it ^^'
@@kawalek5I'd love to buy poker night at inventory or blur on steam, but sadly they are delisted and very expensive on second hand market
@@vascoalves00 same ;; I wanted to get PES 2019 and Max Payne 1, both being delisted on my country.
I think spiff has learned from the last few steam sales to put that disclaimer. Don't want to loose your account again, eh?
It's almost like Valve shouldn't be trying to manage an unregulated gambling economy.
yeah lol, valve actually stopped them in the past, but then magically allowed them again, makes you wonder
@@arvetis or a regulated gambling economy
I fear what this man does in his free time does he just sit there like "how I ran into a wall exploiting atoms to teleport"
Oh man i cant do this exploit because of the disclaimer
Thank you for informing before hand
Planning on going to sleep right about now. Thanks for your nice soothing voice
My favourite time of year, Steam exploitation
Upcoming video:
"How I Managed To Force a Mistrial - Justice System Is Perfectly Balanced With NO EXPLOITS"
how ironic, spiffing brit talking about yorkshire tea whilst i drink my yorkshire tea. That truly is.. Spiffing
Damn shoulda had notifications on for this one
my first instinct is getting delisted deadpool :D but my account has a lot of games, so not risking it
same here
I just tried to get Deadpool :( but it didn't work
War in the North 😢
oh yea i remember that game why was it delisted?
@@admiralkaede Copyright... it's always about copyright, sadly...
You’re telling me someone could’ve potentially added the deadpool game to their steam profile? That’s crazy.
The unlisted games one is neat. I'd use it, as I'm also a collector, but now I fear I might be lumped in with worse and get a ban. So... maybe not.
Remember folks, the only true sure way to protect your customer's rights and preserve art is to sail the high seas. Out of the reach of companies.
what specific customor rights do you mean? on steam you have a subscriber agreement, or do you think that pruchasing a netflix subscription gives you a moral right to rip all netflix series?
Did anything happen to ur acc?
Can you not use a second steam account to buy the delisted item as a gift for your main account?
Yeah. I'd like to "buy" some delisted games I missed out on. But risking my account might not be worth it.
Vid starting with a free jab on asmongold. Now that is absolute cinema right there! 👌
Knockout City is a great example for how to preserve a game! They closed their public servers in 2022, but release a private server version on steam were you can still play the game on user made servers. Every Game should do this!
You know it's gonna be a great exploit if Spiff has to give a full legal disclaimer at the start 😂
Edit: Genuine question, if you use this exploit to just get a delisted game into your account, and not make any money off it, will steam come after you? The game in question has been delisted for over five years and there is no way to get a copy of it in 2024
ehh, other people said that they will probably just remove it. Honestly I dunno, you could try it but I would rather just pirate
I don't think it's worth the risk.
You're sure you can't get it by sailing the high seas?
looks like its already fixed so it doesnt matter anyway, really wanted gta 1 but oh well
It'd be legally safer to just pirate the game.
@@unusualusername8847 yeah I've realized that. The pirated copy is pretty broken and doesn't include certain content the Steam version would, but it's not worth the risk.
Thank god i waited for a Spiffing Brit video before buying anything, now i can buy and exploit >:)
the secret ingredient this year is CRIME :)
@@thespiffingbrit I think I should tell you that Paypal uses users private data for advertising and financial gain
@@traingameiacs oh so me getting a game with currently no value is illegal but corporations collecting (and selling) my data without consent is legal... What a democracy we all live in... I think its about the time I dedicate myself to learning ethical (and unethical) hacking so I can fuck around with these "capitalists"
@@danilojonicwhat do you mean? You give your consent every time you pay
@@danilojonic hmm, yeah
Cool video :) There are security companies who does the same.. Give's a head's up about a bug/exploits in a program to the companies owning it , write's email " found this bug/exploit, please fix this in x Day's or i will go public" . If it's fixed, it stay's a secret.. If it's not, whole world will know about it and maybe use it and that way force the company to fix the problem. They will send email's not to make the bug public, but there was a trick to avoid to get silenced down about the bug.. But don't rembemer it...
hey Spiff you need to pay your blur intern less he missed 2 frames of blurring your steam username :P
Anyone who does this is going to get absolutely FUUUUUUUUCKED and will lose their accounts. Don't try at home kids lol.
Is that just for the stuff like the cs items? Or just getting old things that dont exist anymore
@@tornadotaylor8956 they will be able to track how it was activated and if it was something that wasn't public facing you will likely have it removed and possibly have your account banned. I 100% would not risk it at all unless you do it on a throwaway account you dont care about risking
People made bags of money from this, while steam doesn't refund a game I bought(I meet all the guidelines for refunding). Use the system or the system will use you
Gabe, I just want poker night at the inventory
I want the Iron Curtain
Note to Valve : I'm willing to pay full price for the unlisted game I want to illegaly get oh nevermind ypu patched it already :c
that's what i would use this exploit for
the third party key sellers are selling keys of that game for a ridiculous amount of money
@@AbdAbdAbdAbdI'm thinking in doing it as well but i don't wanna loose my steam account
@@v.gabriel4372 do it on a 2nd account then family share it that'd be a smart strategy
Driver San Francisco pls! I wonder if it would register successfully with Uplay though
someone do it 😈
eveyone else: IM going to use this to make money
Me: I want to use this to get every removed game on steam.