Dear Gaben I am sorry. Dear Paypal plz fix. Dear viewers watching on 0.25x speed not only makes me sound drunk it also quadruples the watch time in the youtube algoritm. Edit: Praise be gaben steam is fixed. I am unsure about PayPal but will update this comment if I hear any news!
@@The_Real_Dream_Chaser that is possible. Break law to make money after multiple rather convulted steps. Make someone "clean" the money. Do jail once. Do it again but you can pay the fees directly with previous money (that was trhoughly lost trace off thanks to mondialisation). Scale the thing because you are innnocent until proven guilty
He has to put the disclaimer because he know people are stupid enough to still go through with it. You do not mess with fraud, at least in the US. Fraud is a big deal because it usually leaves a trail so it's pretty easy track down the account. And for liability reasons banks and payment processing will absolutely give that account up. Not to mention the potential damages they will absolutely use that person as an example.
@@allstarwoo4 I imagine the people doing this for real severely underestimate the potential consequences there. Historically, fraudsters often receive a length of incarceration that makes child abuse sentencing look like a brief stint. Better yet, the companies you defrauded can still file civil suits on you beyond whatever criminal charges the state/fed pressed, so you might do 15 years just to get out and have any money you make heavily garnished for the rest of your life.
I think its a massive oversight of both companies. Rookie mistake even maybe. How are you not validating the id's on the server. On both ends. There should not be business logic on the front-end lol.
Step 1. Find the Pelosi tracker website Step 2. Buy all the same stocks she does Step 3. Laugh all the way to the bank with your derived insider profits
How you force companies to fix issues: make millions of people aware of the exploit. Suddenly, it's no longer a "fixing it costs us $100,000, but just dealing with a minor amount of customer service tickets costs us nothing" situation, suddenly it's a "we have two thousand people doing the exploits every minute now, CS is overworked, and companies are threatening to sue, this is gonna cost us millions if we don't fix it." And that's why some software engineers at Valve and PayPal are now working closely together and won't stop working until they solves these issues, getting themselves a negative mark on their records for having this expensive bug in the first place, and seeing their bosses get a higher bonus for making the right choices in a stressful situation.
I found out in these last 10 minutes that there's tons of lost games & demos I could play without pirating... and then immediately that it is now too late very precisely because I could even know this.
@@Glorious_Potatoe Really? Why? The Spiffing Brit is the closest thing to a non-dev white hat you can get. He exposes the fraud so it is quickly ended.
Valve? With exploiting McDonalds, UA-cam, PayPal and many more (multiple times)? Let's be honest. Every 3 letter organization is watching him. Closely.
It professional here: checking this is absolut basic security. I have literally no idea how they missed this. Either once you are in the payment process your cart becomes frozen, or - if new items are added - becomes invalid. However under no circumstances must the client system be allowed to dictate any of this ever. Because Everything that runs in the browser is completely open source and can be hacked by anyone with even basic programming skills.
They missed this because their focus isn't on the product as it should be. Games are constantly broken and it's just bad code written by coders. How are any other programs any different?
No, the problem is doing that on the freaking frontend side. I HAVE TO SCREAM, I hate incompetent developers. That's just basic software engineering, but when it comes to JS, all bets are lost.
@@randomidiot8142 Games aren't critical pieces of infrastructure that deal with people's money. Paypal deserves more than just public shaming. But what do you expect from a company that "allegedly" committed public fraud and money laundering and got away with it.
What makes me laugh is that if you had used the hell out if this exploit and been community banned until 2040 (only 16 years from now) by the time you get it back your sellable items might be worth hundreds of thousands at which point you could simply sell the account.
@@myhandlewastakenandIgaveup they will most likely not get unbanned, same thing happened with that guy that bought the banned kato14 stickers account and should have been unbanned in march 2024 and wasnt
thank you so much for speaking on this issue spiff, im a small streamer that got completely demoralized by paypal's terrible system, and knowing big eyes are watching what they do is definitely a huge boost towards a resolution. Ive been here since like the early 900k subs era, and am super proud of how far youve come in recent years! Hope we continue to enjoy our tea and find LEGAL AND DEFINITELY NOT INHUMAN exploits!
Honestly the only solution I see to that is for every platform to stop accepting PayPal as a valid payment method, because people have been running that kind of scams with it for years. I see no reason to think they'll ever have any intention of fixing it.
and people are complaining about "responsible disclouse" you don't do that to companies like Paypal that have no self-accountability. There's no responsible disclosure for companies that don't fix the problems and don't care about the people being damaged by it, public shaming works, its called accountability.
games' copyright does expire eventually, but that doesn't give steam a mandate to distribute them. I wonder what we will see when the copyright of landmark videogames expires.
@@AleAsLisonAbandonware is generally free to distribute. It's a bit legally grey, but failure to enforce copyright or trademarks is what leads to the loss of those protections.
*Wet blanket INCOMING* Can't stop me from whipping out my phone and getting on steam there tho...that app can't run games. Which is weird for being a gaming app, but that's another topic.
don't need that long, just make the "game" keep itself open for two hours and prevent them from acessing help during that time (So, ransomware for a day)
@@edwardvdc6287 honestly the ability to print money is already bad enough. sad it ruins the ability to archive what would of been lost media. if a little non legal
Well there's a lot of private developer builds of games that should never be purchasable, might have no DRM on them and lead to widespread piracy of those games as a result of the exploit. Developer builds might also have access to tools that could be usable online on the main game to cheat like what happened when they accidentally leaked the dark souls developer build.
I very much dislike the fact that games just... "disappear" & cannot be played & enjoyed by anyone ever again! This may seem like a great way to save them, but I did read / hear the disclaimer! Bravo Spiff 😉
When a game is delisted it's still available to people who obtained the game beforehand. It's very rare that a game gets actually removed from Steam altogether.
@@LutraLovegood Ah I see. Okay. But SO many games have been lost to time (not really talking MMORPGs here) that they aren't really available unless you get a specific console or some such emulator. It's a shame how much art has been lost to greed 😕
@@sywrexile3078 well... everything that once upon a time was sold to us is being preserved, just gotta run through hoops like anti-piracy laws (be it roms that can either be used by emulators or the actual console if burned to a disc/cartridge properly like you said or.. you know... the PC version of it. hell, we even preserve games that we shouldn't preserve as we never got around to ever own a license for them, like Far Cry 3, which instead should be one of the many games that shouldn't have "sold" and make that method of "business" a non-viable business).
Spiff: "This Should Not Be Reproduced" Also Spiff 3 Seconds Later: "So Here Is What We Are Going To Do" Edit: i got 700 more likes than the official yt account lol.
There's a point where publicity of a problem is more likely to get the lazy ass devs at PayPal off their 6 digit salary asses and fix issues than just a simple bug report
@@4547466 This is pretty much entirely an exploit on the Steam side, PayPal is just processing a (for the first example) 71 pence transaction as requested by Steam.
@@4547466I'm not convinced this is a PayPal bug, this very much seems to be a flaw in how shopping carts are implemented on websites, and I don't see any reason this would only apply to PayPal given the commands are being run on the shop page rather than the PayPal page
@@antmydude236 Because people certainly can't possibly come up with the same idea in the same context? No need to be an ass about it. The now highlighted comment was not yet highlighted when I made mine so I hadn't seen it.
the delisted games exploit has been out there for years, i know a few people that got their access to closed betas (that they didn't have access to legitimately) by using this exploit. it sucks but at least its not really actual "theft" per say however, the steam marketplace exploit i was not aware of, but it now makes sense to me why the value of super rare CSGO skins started to fluctuate considerably in the past year.
I stumbled in to the sticker trick by hoarding some of the first round of team stickers and boy did that feel pretty great when I finally unloaded them. I'm 90% sure there's money laundering going on with the stickers but 300% return on my initial investment was fucking awesome. I'm proud to be even accidentally tangentially as clever as you.
Compared to all the wacky and funny stuff from previous years this one is actually really serious. Props to you and Pirates software working together to inform people about this
Please do a jolly cheerful playthrough of that there game you bought, "I Have No Mouth and I Must Scream"! Exploit it by having a happy cheerful time of it all.
*This exploit is very similar to packet editing in online video games, i seriously can't believe it nobody bothers to fix some lines of code STILL to this day.*
Paypal has had the chargeback expoit for years now. I've had to close my server due to having to return 2000 or so euros for "products" that people didn't receive. Worst thing is, as long as there exists a record of the transaction they can do that for 180 days to you. And if you complain to paypal they always side with the customer, regardless of proof.
ohh noo, you mean the company which had a bad rep from the start and then sided with the us gov against wikileaks and stopped processing wikileaks donations, when wikileaks published the warcrimes of america, you mean this company is somewhat shady or untrustworthy? I am shocked! Not to say that paypal was always a place of fraud, especially with the family and friends stuff...
yea chargebacks are an interesting thing they are needed for customers but also can be abused like I was renting a rust server and the server didn't work shockbyte the host tried to claim that I was "past the refund" and refused to work so I told them I would chargeback them and magically it was fixed less then an hour later
@@admiralkaede Absolutely, I'm a big fan of consumer protections like that and they can be very strong even as just a threat like it was for you, but I will warn anyone reading that you should always try to work with the vendor first because if you go straight to a chargeback there are some companies that will blacklist your payment method on the assumption that the initial charge is being reversed because it was fraudulent and your payment method is compromised. (At least, that's the stated reason. They might just figure that someone who does a chargeback once is more likely to do it again. Who knows!) If you never want to trust them with your money again that's all fine, but if it's just a once off it can be a major hassle until you get a new credit card/payment account.
That bug is a big part of why I set up donations via patreon instead of paypal. I didn't want to open up monetary attack avenues, and paypal has a long history of this sort of thing.
Maybe try getting it on a burner account, if it doesn't get banned in a few weeks trade it over? Purely a hypothetical of course, I would never advocate doing such a thing...
@@JosephFaulkner2k8 i got rocket league on steam, if you use greenluma to unlock DLC's to it you get free car skins, because they didn't pretdict people would do that
@@goluboch how is telling people of an exploit a ruination of youtube. UA-cam was already ruined conceptually in 2016 and creatively in 2020 what planet are you from? Certainly not earth.
Well done Spiff, excellent video. Some genuine and important video games journalism there (and no stock footage office heads) made this quite engaging in content and delivery
Geez spiff this was the feel good video I wasn't expecting! Love the stance on preserving gaming history. Also love the awareness out there to help steam and help the community. A better steam can better care for the community, and vice versa!
Damn. I think I'd have probably been tempted to risk it for a biscuit and grab a couple of cheeky unlisted games I've been lamenting missing out on for years if that was the only part of this exploit... But with the Market exploits going on too, punishments are going to end up being a lot harsher than they probably would have been otherwise, and I don't think it's worth the risk of getting caught in the collateral.
We’re all on the same page… Yeah, it’s disappointing we can’t get delisted formerly free games, I would’ve made a second account just to do that. But with the internet being what it is, and all my emails being linked to one another (in one way or another), it’s not worth the risk, since it’s being misused.
Unfortunately, it seems this has been patched, meaning the Black Rose is once again unavailable in TF2 for anyone who didn't already have it, as are the Poker Night and Poker Night 2 achievement items.
So hypothetically I can use this to obtain games like Titanfall 1 and even Flock which work perfectly fine but publishers have removed them from steam for no reason
I genuinely wanna know if this would class as fraud. Theres no other way to purchase said games apart from like 2nd hand (I don’t think there’s physical copies of Flock) or just pirating them
I would really love to get one or two delisted games I had on my consoles that no longer work :( However I don't want to commit any kind of fraud or get banned for it ^^'
@@GentleWruzzPuppet @electr0cute170 The ban waves are most probably because the summer update is around the corner and they want TF2's image to be clean for that date and to get people to spend their money on lootboxes, I ain't falling for that shit if I'm right
Dear spiffingbrit. plz more content like this. Very interesting. Watch all day. Girlfriend left before dinner time. Hungry but don't care...watching again....
There's another layer to this you didn't mention in the video, luckily because Steam just put a bandaid fix that would prevent this from being possible, game developers tend to have packages containing every game they ever released as a private SubID for developers in the company which can be publicly read through SteamDB. If that were added to your cart you would have permanent access to every game published by the large company you took from whether it was Capcom, Ubisoft, WB Games, or any other company that has these packages.
If Ubisoft can remove any game they like from you Uplay account, I don't see why we can't get Perma access to their entire catalog since buying isn't owning >:3
We boiled all the water on UA-cam's server cooling systems on your birthday stream, I've lose some fine CPU processors that glorious day. Now, we have an exploit so powerful that requires an actual legal disclaimer to show. This channel has been pushing the Algorythm to new silly places, and my tea is ready.
When you said "adding items into our cards we arent able to purchase" and then followed up by "actually no its really easy" I started to sweat profusely thinking you had discovered the way Ive found, but alas its different so no need to worry there.^^
@@jackboyeditor200 Internet Archive has archived Poker Night 1 & 2 which you can download for free. The TF2 and Borderlands items don't work, but the game is available as abandonware (which is piracy, but who cares for delisted games?)
Someone from Steam probably has the channel on immediate notification of a video posted so that they can see these exploits and fix them as fast as possible.
This is fixed already. When you add an item, it will say that it is restricted in your country and you won't be able to make the purchase even with open window.
Paypal devs waking up from a nightmare just to realise it wasn't a nightmare, just their bosses calling and begging for them to stop the floodgates that a bunch of degens lead by an unhinged brit brandishing a cup of tea had unleashed upon them
so this video is about to use the same exploit you could do in the 2000's (edit the page and prices) to your liking. good work finding out that this works again with the addition of paypals service.
Cool video :) There are security companies who does the same.. Give's a head's up about a bug/exploits in a program to the companies owning it , write's email " found this bug/exploit, please fix this in x Day's or i will go public" . If it's fixed, it stay's a secret.. If it's not, whole world will know about it and maybe use it and that way force the company to fix the problem. They will send email's not to make the bug public, but there was a trick to avoid to get silenced down about the bug.. But don't rembemer it...
The unlisted games one is neat. I'd use it, as I'm also a collector, but now I fear I might be lumped in with worse and get a ban. So... maybe not. Remember folks, the only true sure way to protect your customer's rights and preserve art is to sail the high seas. Out of the reach of companies.
what specific customor rights do you mean? on steam you have a subscriber agreement, or do you think that pruchasing a netflix subscription gives you a moral right to rip all netflix series?
@@traingameiacs oh so me getting a game with currently no value is illegal but corporations collecting (and selling) my data without consent is legal... What a democracy we all live in... I think its about the time I dedicate myself to learning ethical (and unethical) hacking so I can fuck around with these "capitalists"
@@tornadotaylor8956 they will be able to track how it was activated and if it was something that wasn't public facing you will likely have it removed and possibly have your account banned. I 100% would not risk it at all unless you do it on a throwaway account you dont care about risking
The exploit was already fixed. If you try to change the payment method it will say that the item you are trying to purchase is not available in your country
ive been training in cyber security and this is literally one of the things i did in the virtual environment except it was a donut shop??? like this is a known exploit!
You know it's gonna be a great exploit if Spiff has to give a full legal disclaimer at the start 😂 Edit: Genuine question, if you use this exploit to just get a delisted game into your account, and not make any money off it, will steam come after you? The game in question has been delisted for over five years and there is no way to get a copy of it in 2024
@@unusualusername8847 yeah I've realized that. The pirated copy is pretty broken and doesn't include certain content the Steam version would, but it's not worth the risk.
I remember one of the early sales, I bought Crysis and put it in my Inventory, yeah that was a thing. I sent a gift to a friend, he redeemed it (Crysis) but there was an Error and the game was still In my Inventory, so I redeemed it myself. I lived in fear since then.
Dear Gaben I am sorry.
Dear Paypal plz fix.
Dear viewers watching on 0.25x speed not only makes me sound drunk it also quadruples the watch time in the youtube algoritm.
Edit: Praise be gaben steam is fixed. I am unsure about PayPal but will update this comment if I hear any news!
Time to conquer the Steam Market and rebuild the Glorious British Empire!
Thank you for giving us all free games with this exploit lmao
Pay the man
oh ma days
My favourite spiff videos are his grafting for a small amount of money vids. I'm not sure why I just love them
Next video: jail is perfectly balanced
@@The_Real_Dream_Chaser that is possible.
Break law to make money after multiple rather convulted steps.
Make someone "clean" the money.
Do jail once.
Do it again but you can pay the fees directly with previous money (that was trhoughly lost trace off thanks to mondialisation).
Scale the thing because you are innnocent until proven guilty
"Jail Glitch, jailbreaking an actual jail"
What do you mean? From prisoner to warden where in the end he becomes the next primeminister of England?... That would be sick tho, not gonna lie
@@webbie7503 lol
He did put out the disclaimer along the lines of... o 0 O (I didn't do these exploits myself)
You know this exploit is overpowered when even the Spiffing Brit has to put a disclaimer
If even a God gets nervous about something he's done dozens of times...
Or just plain illegal
Forget the disclaimer, he offered his TEA. This is a serious issue.
He has to put the disclaimer because he know people are stupid enough to still go through with it. You do not mess with fraud, at least in the US. Fraud is a big deal because it usually leaves a trail so it's pretty easy track down the account. And for liability reasons banks and payment processing will absolutely give that account up. Not to mention the potential damages they will absolutely use that person as an example.
@@allstarwoo4 I imagine the people doing this for real severely underestimate the potential consequences there. Historically, fraudsters often receive a length of incarceration that makes child abuse sentencing look like a brief stint. Better yet, the companies you defrauded can still file civil suits on you beyond whatever criminal charges the state/fed pressed, so you might do 15 years just to get out and have any money you make heavily garnished for the rest of your life.
and brit strikes again...
lol
Uh someone forgot to log out of UA-cam account
youtube maybe endorsing fraud is the best thing theyve ever done
lol
@@dandumb fr
How has Spiff graduated from exploits to just plain fraud
I mean the shtick has always been capitalism, it's not his fault capitalism is just scams now.
Realistically, fraud is just a real life exploit.
He's been wearing a black hat the whole time 🤠🧐
We live in a simulation.
@@nuance9000 Not the little hat, though.
Oh wow. As a UI guy, this is a nightmare to witness. Anything that starts with "press F12" is already off to an alarming start.
@@thesuitablecommand this is why all validation should also be run on the backend. Never trust the client!
"And then open a new tab..."
I think its a massive oversight of both companies. Rookie mistake even maybe. How are you not validating the id's on the server. On both ends. There should not be business logic on the front-end lol.
Sometimes you have to use a console to fix a broken site so that it actually lets you buy what you should be able to buy XD
DataScientist student here, I'm taking notes, this is terrifing
At some point i'm expecting a "The bank is perfectly balanced with no exploits" video where Spiff just commits actual mass fraud and escapes to Dubai.
Maybe one for the stock market.
Step 1. Find the Pelosi tracker website
Step 2. Buy all the same stocks she does
Step 3. Laugh all the way to the bank with your derived insider profits
@@LutraLovegood A cheeky little exploit to add delisted Enron stock back on the NYSE
Spawning a "free out of jail" card in SBF's cell.
Spiff just explains fractional reserve banking.
Steve here, I CARE!
I'm not alone!
Thanks for caring, Steve!
Back to you Steve
5800X3D benchmark results are missing from this comment!
Thanks Steve!
How you force companies to fix issues: make millions of people aware of the exploit. Suddenly, it's no longer a "fixing it costs us $100,000, but just dealing with a minor amount of customer service tickets costs us nothing" situation, suddenly it's a "we have two thousand people doing the exploits every minute now, CS is overworked, and companies are threatening to sue, this is gonna cost us millions if we don't fix it."
And that's why some software engineers at Valve and PayPal are now working closely together and won't stop working until they solves these issues, getting themselves a negative mark on their records for having this expensive bug in the first place, and seeing their bosses get a higher bonus for making the right choices in a stressful situation.
BY CLOSING HIS PAYPAL ACCOUNT THATS NOT RIGHT.
Or just ban this channel's paypal account and proceed to act like nothing happened
I found out in these last 10 minutes that there's tons of lost games & demos I could play without pirating... and then immediately that it is now too late very precisely because I could even know this.
@@ChrisD__ I think I heard on a podcast that someone bought Unreal Tournament on steam by just emailing Valve's customer service lol
what are you yapping about?
One day I’m going to find a video titled “Spiff Breaks Reality” where he games the laws of physics and ends up accidentally going light speed
But what if I decide snail speed would be more entertaining ;)
accidentally?
@@thespiffingbrit you can already do that, it’s not an exploit. It just needs a lot of patience
@@thespiffingbrit snails exist already though :(
drinking tea at ftl speeds
Valve employies monitoring this guy 24/7:
Shit, again?!?!?!
I mean look what he did the last years. If i were Valve i too would be nervous about what he is doing.
@@Glorious_Potatoe
Really? Why?
The Spiffing Brit is the closest thing to a non-dev white hat you can get.
He exposes the fraud so it is quickly ended.
He's just a glorified unpaid QA department for Valve at this point XD
Valve? With exploiting McDonalds, UA-cam, PayPal and many more (multiple times)? Let's be honest. Every 3 letter organization is watching him. Closely.
@@adimemo2134 got to get my copy of deadlocked now
First few minutes was all "oh spiffing you lil rapscallion" to "Oh nooo, OH NOOOO!"
this isnt nearly as bad as i had expected lol
@@TimypimS I mean, people are stealing money from streamers, it’s kinda worse then I expected since individuals might be hit extremely hard
@@RenABFF0 yeah the 1st part was cool… then it was theft… then it was worse theft
I’d like to imagine that Gaben hates you but, that man has probably just made a killing from the banana game alone
its crazy how big that game got out of nowhere lmao
@@dwarvo Greatest scam of the year
Gaben would be happy that someone is doing bug hunting for free
1:00 Spiff gets a lawyer
The UK legal system is perfectly balanced....
"educationally" balanced
KhronosVII by a chance? :)
It professional here: checking this is absolut basic security. I have literally no idea how they missed this. Either once you are in the payment process your cart becomes frozen, or - if new items are added - becomes invalid. However under no circumstances must the client system be allowed to dictate any of this ever. Because Everything that runs in the browser is completely open source and can be hacked by anyone with even basic programming skills.
i like big latinas too
They missed this because their focus isn't on the product as it should be.
Games are constantly broken and it's just bad code written by coders. How are any other programs any different?
My guess is they're Yank companies, therefore their "security" (or lack thereof) isn't anything much to write home about 🤷♂️😏😂
No, the problem is doing that on the freaking frontend side. I HAVE TO SCREAM, I hate incompetent developers. That's just basic software engineering, but when it comes to JS, all bets are lost.
@@randomidiot8142 Games aren't critical pieces of infrastructure that deal with people's money. Paypal deserves more than just public shaming. But what do you expect from a company that "allegedly" committed public fraud and money laundering and got away with it.
"GabeN, Spiff has released another exploit video"
'How bad?'
"Real bad"
@@robertdascoli949 😂😂😂
It's fixed already. gg
except this exploit has been patched 2 months ago but spiff won't tell you that.
Sir, a second spiff just hit the second bug.
@@MrDanielcool13 that should be obvious about any exploit disclosure, unless he wanted to be processed
What makes me laugh is that if you had used the hell out if this exploit and been community banned until 2040 (only 16 years from now) by the time you get it back your sellable items might be worth hundreds of thousands at which point you could simply sell the account.
Either Valve has something planned for 2040 or they're not expecting you to live that long.
... possibly it's not an OR but an AND situation.
if Steam hadn't deleted them from your inventory during that time, that is
It's trackable and they will delete your items
@@myhandlewastakenandIgaveup they will most likely not get unbanned, same thing happened with that guy that bought the banned kato14 stickers account and should have been unbanned in march 2024 and wasnt
@@ThePamimo its not your items anymore cause you sell them before even get banned
thank you so much for speaking on this issue spiff, im a small streamer that got completely demoralized by paypal's terrible system, and knowing big eyes are watching what they do is definitely a huge boost towards a resolution. Ive been here since like the early 900k subs era, and am super proud of how far youve come in recent years! Hope we continue to enjoy our tea and find LEGAL AND DEFINITELY NOT INHUMAN exploits!
Honestly the only solution I see to that is for every platform to stop accepting PayPal as a valid payment method, because people have been running that kind of scams with it for years. I see no reason to think they'll ever have any intention of fixing it.
and people are complaining about "responsible disclouse" you don't do that to companies like Paypal that have no self-accountability. There's no responsible disclosure for companies that don't fix the problems and don't care about the people being damaged by it, public shaming works, its called accountability.
"In MOST countries fraud is illegal" I need to find in which country it isnt lmao
there are quite a few micro nations without or bare bone legal system. Also what is fraud in a country might not considered fraud in another
@@pinkysweets guide me the way!!
Theres a few countries where fraud will land you the top spot in the political system
@@pinkysweets Or just corrupt countries depending on who you are.
Fraud by definition is illegal just like murder by definition is wrong. The issue is what qualifies as fraud.
4:12 honestly full delisted games should be permanently free after a while for the sake of game preservation
games' copyright does expire eventually, but that doesn't give steam a mandate to distribute them. I wonder what we will see when the copyright of landmark videogames expires.
@@AleAsLison Copyright in the US generally lasts 70 years after the death of the author, so most of us here will not be alive to find out.
That's not how... any of this works for so many common sense and legal reasons.
I dunno about that chief. Legal issues aside, they still have to pay for the bandwidth on that.
@@AleAsLisonAbandonware is generally free to distribute. It's a bit legally grey, but failure to enforce copyright or trademarks is what leads to the loss of those protections.
you know it's gonna be a good one if they gotta read a formal lawyers statement as the introduction of the video xD
So happy to hear you collabed with PirateSoftware for this video, you both are two of my favorite UA-camrs :)
He and his wonderful team are an absolute blessing for the online videogame community and industry
Why do they want you to pirate software tho?
@@chrisk9001 "I need that money!"
@@thespiffingbrit piratesoftware is a legend and you compliment eachother's style and morals VERY well
Brilliant steam exploit, design a game that is just ransomware that prevents people from accessing steam help for 2 weeks.
@@slade6666 art
@@slade6666 This sounds like a Ubisoft product
*Wet blanket INCOMING*
Can't stop me from whipping out my phone and getting on steam there tho...that app can't run games. Which is weird for being a gaming app, but that's another topic.
I need a gif for "wet blanket INCOMING". it's important
don't need that long, just make the "game" keep itself open for two hours and prevent them from acessing help during that time (So, ransomware for a day)
1:11 ''I have not performed this exploit myself" the title: 👁👄👁
me: huh, man that's a funny exploit, how is this so broken?
vid: unlisted CSGO items
me: ah
no, no...
It gets worse
@@edwardvdc6287 honestly the ability to print money is already bad enough. sad it ruins the ability to archive what would of been lost media. if a little non legal
Original Dark Souls keys go for 400 dollars, I expect to see cheap steam accounts on sale with delisted games.
@@0GTXR This alone would have been worth it, dang...
Well there's a lot of private developer builds of games that should never be purchasable, might have no DRM on them and lead to widespread piracy of those games as a result of the exploit. Developer builds might also have access to tools that could be usable online on the main game to cheat like what happened when they accidentally leaked the dark souls developer build.
"...all you need is Google Chrome" (tears up ticket in disgust)
I think it's literally any browser, just not the steam client, which doesn't let you access the console
>Oh this isnt even that bad
>Some people started messing with Counter Strike
Fury of 1 trillion gabens
This is actually trackable. Don’t do it.
Yup 100% trackable which is how it was first discovered to us members of the public
@@thespiffingbrit yorkshire tea 🍵 🍵 🍵🤑🤑🤑🤑
@@thespiffingbrit How quick do you think Gabe will get this fixed? Also, I wonder if they will block PayPal over this.
@@thespiffingbrit Any info on the sub-id's of the CS items? I'd actually like to risk it all XD
Ye
It's almost like Valve shouldn't be trying to manage an unregulated gambling economy.
yeah lol, valve actually stopped them in the past, but then magically allowed them again, makes you wonder
@@arvetis or a regulated gambling economy
I very much dislike the fact that games just... "disappear" & cannot be played & enjoyed by anyone ever again!
This may seem like a great way to save them, but I did read / hear the disclaimer!
Bravo Spiff 😉
When a game is delisted it's still available to people who obtained the game beforehand. It's very rare that a game gets actually removed from Steam altogether.
@@LutraLovegood Ah I see. Okay. But SO many games have been lost to time (not really talking MMORPGs here) that they aren't really available unless you get a specific console or some such emulator. It's a shame how much art has been lost to greed 😕
@@sywrexile3078 well...
everything that once upon a time was sold to us is being preserved, just gotta run through hoops like anti-piracy laws (be it roms that can either be used by emulators or the actual console if burned to a disc/cartridge properly like you said or.. you know... the PC version of it. hell, we even preserve games that we shouldn't preserve as we never got around to ever own a license for them, like Far Cry 3, which instead should be one of the many games that shouldn't have "sold" and make that method of "business" a non-viable business).
delisted games can still be downloaded, they just cant be purchased anymore
@@scratthesquirrel5242 yeah, and guess what, most delisted games are not owned by a majority of the people.
Spiff: "This Should Not Be Reproduced"
Also Spiff 3 Seconds Later: "So Here Is What We Are Going To Do"
Edit: i got 700 more likes than the official yt account lol.
There's a point where publicity of a problem is more likely to get the lazy ass devs at PayPal off their 6 digit salary asses and fix issues than just a simple bug report
that also happens with people who promote hacking clients
for games and then say "dont do this" but also put 20 links in
their video to install it
@@4547466 This is pretty much entirely an exploit on the Steam side, PayPal is just processing a (for the first example) 71 pence transaction as requested by Steam.
@@4547466I'm not convinced this is a PayPal bug, this very much seems to be a flaw in how shopping carts are implemented on websites, and I don't see any reason this would only apply to PayPal given the commands are being run on the shop page rather than the PayPal page
@@4547466 Yea, let's hope they quickly click that "fix bugs" button a couple times.
I salute your butt joke, sir. Perfectly placed and unassuming. Caught me right off guard. Spiffing.
I see. No one will ever use this exploit because no matter how many free games you have it is not worth having chrome installed.
Virtual Machine
Edge
should work on every browser with console available.
I have a chrome book though...
@@mavericksetsuna7396 those free games are worth more than your chromebook
damn, you know a spiffing brit exploit is overpowered when it has to start with a legal disclaimer
@@anomnomnomynous lmao you just copied someone else's comment, how sad.
@@antmydude236 cry about it, let people have fun lol
@@antmydude236 Because people certainly can't possibly come up with the same idea in the same context? No need to be an ass about it. The now highlighted comment was not yet highlighted when I made mine so I hadn't seen it.
@@anomnomnomynous lol you try too hard for UA-cam likes 🤣
the delisted games exploit has been out there for years,
i know a few people that got their access to closed betas (that they didn't have access to legitimately) by using this exploit.
it sucks but at least its not really actual "theft" per say
however, the steam marketplace exploit i was not aware of, but it now makes sense to me why the value of super rare CSGO skins started to fluctuate considerably in the past year.
I stumbled in to the sticker trick by hoarding some of the first round of team stickers and boy did that feel pretty great when I finally unloaded them. I'm 90% sure there's money laundering going on with the stickers but 300% return on my initial investment was fucking awesome. I'm proud to be even accidentally tangentially as clever as you.
Compared to all the wacky and funny stuff from previous years this one is actually really serious. Props to you and Pirates software working together to inform people about this
Please do a jolly cheerful playthrough of that there game you bought, "I Have No Mouth and I Must Scream"! Exploit it by having a happy cheerful time of it all.
Digital scarcity is a scam.
But shiny weapon skin makes me feel good 😢
Someone should really inform the countless cryptocurrencies
@@OurHeroXero laws have loopholes, and even then, not every country wants to shut off the possible income that these scams generate
@@evhan the entire banking system is a scam
Tell the Federal Reserve that about Fiat currency
*This exploit is very similar to packet editing in online video games, i seriously can't believe it nobody bothers to fix some lines of code STILL to this day.*
Would this work for hollow knight Silksong??
Silksong is as real as half life 3
Paypal has had the chargeback expoit for years now. I've had to close my server due to having to return 2000 or so euros for "products" that people didn't receive. Worst thing is, as long as there exists a record of the transaction they can do that for 180 days to you. And if you complain to paypal they always side with the customer, regardless of proof.
ohh noo, you mean the company which had a bad rep from the start and then sided with the us gov against wikileaks and stopped processing wikileaks donations, when wikileaks published the warcrimes of america, you mean this company is somewhat shady or untrustworthy?
I am shocked!
Not to say that paypal was always a place of fraud, especially with the family and friends stuff...
Yup, when he mentioned it I was like "Wait.. they STILL haven't fixed this yet!?" it's been around and known for at least six years.
yea chargebacks are an interesting thing they are needed for customers but also can be abused like I was renting a rust server and the server didn't work shockbyte the host tried to claim that I was "past the refund" and refused to work so I told them I would chargeback them and magically it was fixed less then an hour later
also avoid shockbyte they are NOT good
@@admiralkaede Absolutely, I'm a big fan of consumer protections like that and they can be very strong even as just a threat like it was for you, but I will warn anyone reading that you should always try to work with the vendor first because if you go straight to a chargeback there are some companies that will blacklist your payment method on the assumption that the initial charge is being reversed because it was fraudulent and your payment method is compromised. (At least, that's the stated reason. They might just figure that someone who does a chargeback once is more likely to do it again. Who knows!) If you never want to trust them with your money again that's all fine, but if it's just a once off it can be a major hassle until you get a new credit card/payment account.
That bug is a big part of why I set up donations via patreon instead of paypal. I didn't want to open up monetary attack avenues, and paypal has a long history of this sort of thing.
Planning on going to sleep right about now. Thanks for your nice soothing voice
The mental calculus between "steam might consider it fraud" and "Dark Souls PtDE is unlisted anyways and I really want it" is taxing
Same, I only want rocket league on steam...
@@JosephFaulkner2k8 Rocket League isn't on Steam anymore??
@@LutraLovegood nope, it's now an epic games exclusive
Maybe try getting it on a burner account, if it doesn't get banned in a few weeks trade it over?
Purely a hypothetical of course, I would never advocate doing such a thing...
@@JosephFaulkner2k8 i got rocket league on steam, if you use greenluma to unlock DLC's to it you get free car skins, because they didn't pretdict people would do that
your reporting of these exploits is really entertaining and will hopefully stop these kinds of exploits it the future good work
Title: How I Robbed Steam
Content: I didn't, but could have
Well I dunno about you but Steam IS the market so I wouldn't wanna be banned from like groceries and such.
WHAT some guy with the small number of 3.9 Million Subs does not upload a video where he commits fraud? Crazy stuff smh smh
@@dd_hd what some guy clickbaits and ruins content on youtube like it's nothing
@@goluboch lmaooo
@@goluboch how is telling people of an exploit a ruination of youtube. UA-cam was already ruined conceptually in 2016 and creatively in 2020 what planet are you from? Certainly not earth.
Well done Spiff, excellent video. Some genuine and important video games journalism there (and no stock footage office heads) made this quite engaging in content and delivery
Oh, I did have a good chuckle when you asked Paypal of all things to fix something. Oh boy is that man politely talks to clouds.
This video hasn't even been out long enough for me to watch it so I'm commenting for engagement.
E
[happy algorithm noises]
That is some insane stuff. Thank you, Spiff!
0:10 Speak for your self! In the last year I moved 1 game from the "to play" to the "finished" category in my library!
Geez spiff this was the feel good video I wasn't expecting! Love the stance on preserving gaming history. Also love the awareness out there to help steam and help the community. A better steam can better care for the community, and vice versa!
Damn.
I think I'd have probably been tempted to risk it for a biscuit and grab a couple of cheeky unlisted games I've been lamenting missing out on for years if that was the only part of this exploit... But with the Market exploits going on too, punishments are going to end up being a lot harsher than they probably would have been otherwise, and I don't think it's worth the risk of getting caught in the collateral.
damn, I really want rocket league in steam but I have to use the epic games store. was wondering to use this exploit to get myself rocket league :/
Same thought I had honestly.
I just wanted to get LoL on my account :c rip
We’re all on the same page… Yeah, it’s disappointing we can’t get delisted formerly free games, I would’ve made a second account just to do that.
But with the internet being what it is, and all my emails being linked to one another (in one way or another), it’s not worth the risk, since it’s being misused.
would have liked to get Deadpool and Age of Booty. Not worth the risk though.
My oh my. That was a quick response. Wish pay pal could fix things as fast as they make snap decisions
Unfortunately, it seems this has been patched, meaning the Black Rose is once again unavailable in TF2 for anyone who didn't already have it, as are the Poker Night and Poker Night 2 achievement items.
I was about to try for poker night 2 because my gf wants the zero skin for borderlands 2
@@loganarzuaga8316 oh i didnt knew that there was a Zero skin on Poker Night but i personaly want the Dangeresque Too ngl
@@loganarzuaga8316 you can probably save edit so she has the BL2 stuff.
you can still get it, black rose isnt just a promotional item, there are tradable copies of it too
@@ValuableBlueberry just use a borderlands 2 save editors to get those skins in that game. It’s pretty easy.
this is the first time that i actually made it to one your videos and not days after it got patched, how perfectly balanced 😄
How do you know it is not patched, yet? ;)
one love brit been here for idek how long now and youre still making bangers
"We need you Gaben, now more than ever."
I expect quid pro quo on my energy contribution.
Next time "The Universe Is A Perfectly Balanced Existence With No Exploits."
@@GreasusGoldtooth Transistors
The Laws Of Thermodynamics Are Perfectly Balanced
When spiff needs to put a legal disclaimer on an exploit you're so screwed, glad you fixed it Valvr
Aw the first one im early to is fraud :(
E
All were fraud
Watching the video, pretty good.
Watching the video on 0.25 with sound muted, priceless.
This was so helpful, thank you!
So hypothetically I can use this to obtain games like Titanfall 1 and even Flock which work perfectly fine but publishers have removed them from steam for no reason
@@kawalek5 if they do not have a price attached to them anymore like the CS items then theoretically yes
I genuinely wanna know if this would class as fraud. Theres no other way to purchase said games apart from like 2nd hand (I don’t think there’s physical copies of Flock) or just pirating them
I would really love to get one or two delisted games I had on my consoles that no longer work :(
However I don't want to commit any kind of fraud or get banned for it ^^'
@@kawalek5I'd love to buy poker night at inventory or blur on steam, but sadly they are delisted and very expensive on second hand market
@@vascoalves00 same ;; I wanted to get PES 2019 and Max Payne 1, both being delisted on my country.
0:43 We need you Gaben, TF2 needs your exploit to fix the bot crisis
Didnt the fix already start tho
Go check out delfy, they've been ban waving hundreds of bots and their hosters.
What's TF2? Team Fortress or Titanfall?
@@leodf1titanfall is TF-2
@@GentleWruzzPuppet @electr0cute170 The ban waves are most probably because the summer update is around the corner and they want TF2's image to be clean for that date and to get people to spend their money on lootboxes, I ain't falling for that shit if I'm right
Dear spiffingbrit. plz more content like this. Very interesting. Watch all day. Girlfriend left before dinner time. Hungry but don't care...watching again....
There's another layer to this you didn't mention in the video, luckily because Steam just put a bandaid fix that would prevent this from being possible, game developers tend to have packages containing every game they ever released as a private SubID for developers in the company which can be publicly read through SteamDB. If that were added to your cart you would have permanent access to every game published by the large company you took from whether it was Capcom, Ubisoft, WB Games, or any other company that has these packages.
Eeehm, could you name some :3
@@mid- better not teach it to you since you might get in legal trouble kid. Leave professional work for people who actually put in the effort
Like??
@@mid- 677 Ubisoft Complimentary, 211 Sega Complimentary
If Ubisoft can remove any game they like from you Uplay account, I don't see why we can't get Perma access to their entire catalog since buying isn't owning >:3
We boiled all the water on UA-cam's server cooling systems on your birthday stream, I've lose some fine CPU processors that glorious day. Now, we have an exploit so powerful that requires an actual legal disclaimer to show. This channel has been pushing the Algorythm to new silly places, and my tea is ready.
When you said "adding items into our cards we arent able to purchase" and then followed up by "actually no its really easy" I started to sweat profusely thinking you had discovered the way Ive found, but alas its different so no need to worry there.^^
Pls whisper me how ^^, i swear i only use myself and wont tell anyone !
@@DraconicKobold I’d also like the whisper, I tried earlier but I spent too long adding 72 games lol
whisper me too pls, shenanigans!!
What is your way??
HEY kislux !! I have been watching you for years and im so proud of where you have made it! I love you so much! Also thanks for making my day
The desire for delisted games. But knowing it'll get you banned. Yup. Definitely not doing this. Extremely trackable.
same :( I want delisted games more than steam money.
It’s a shame as I was really tempted to try this out with Poker Night and the Inventory but don’t want to risk my account
@@jackboyeditor200 this exactly
@@jackboyeditor200 Internet Archive has archived Poker Night 1 & 2 which you can download for free.
The TF2 and Borderlands items don't work, but the game is available as abandonware (which is piracy, but who cares for delisted games?)
@@jackboyeditor200 me too but mainly for the Dangeresque Too ngl
Someone from Steam probably has the channel on immediate notification of a video posted so that they can see these exploits and fix them as fast as possible.
More likely an api that emails them or every day someone checks his channel, notifications are not reliable.
MY GOD man. I keeps watching and every minute is worse. What a disaster. Excellent work on this, it's gotta get fixed.
Oh man i cant do this exploit because of the disclaimer
Thank you for informing before hand
Edit: For anyone wondering apparently the steam exploit was patched before this video went live. RIP the dream of getting our delisted games
Same with pokernight, and his vid is the only info I can find
Same for me, no way its patched already right?
@shinyrayquaza9 Apparently, it's been patched before the video went live. RIP
@@Shero1337 dang, wasted like $8, but atleast that last 5 I can use on keys. People are family sharing poker for 2 keys and burner is way safer to use
This is fixed already. When you add an item, it will say that it is restricted in your country and you won't be able to make the purchase even with open window.
Paypal devs waking up from a nightmare just to realise it wasn't a nightmare, just their bosses calling and begging for them to stop the floodgates that a bunch of degens lead by an unhinged brit brandishing a cup of tea had unleashed upon them
Upcoming video:
"How I Managed To Force a Mistrial - Justice System Is Perfectly Balanced With NO EXPLOITS"
so this video is about to use the same exploit you could do in the 2000's (edit the page and prices) to your liking. good work finding out that this works again with the addition of paypals service.
You know it’s a big video when spiff has to have a long disclaimer at the start of the video
I fear what this man does in his free time does he just sit there like "how I ran into a wall exploiting atoms to teleport"
Cool video :) There are security companies who does the same.. Give's a head's up about a bug/exploits in a program to the companies owning it , write's email " found this bug/exploit, please fix this in x Day's or i will go public" . If it's fixed, it stay's a secret.. If it's not, whole world will know about it and maybe use it and that way force the company to fix the problem. They will send email's not to make the bug public, but there was a trick to avoid to get silenced down about the bug.. But don't rembemer it...
The unlisted games one is neat. I'd use it, as I'm also a collector, but now I fear I might be lumped in with worse and get a ban. So... maybe not.
Remember folks, the only true sure way to protect your customer's rights and preserve art is to sail the high seas. Out of the reach of companies.
what specific customor rights do you mean? on steam you have a subscriber agreement, or do you think that pruchasing a netflix subscription gives you a moral right to rip all netflix series?
Did anything happen to ur acc?
Can you not use a second steam account to buy the delisted item as a gift for your main account?
Yeah. I'd like to "buy" some delisted games I missed out on. But risking my account might not be worth it.
Vid starting with a free jab on asmongold. Now that is absolute cinema right there! 👌
I think spiff has learned from the last few steam sales to put that disclaimer. Don't want to loose your account again, eh?
Damn shoulda had notifications on for this one
Yorkshire Tea cup was the best part of this video. Only tea worth drinking.
My favourite time of year, Steam exploitation
Thank god i waited for a Spiffing Brit video before buying anything, now i can buy and exploit >:)
the secret ingredient this year is CRIME :)
@@thespiffingbrit I think I should tell you that Paypal uses users private data for advertising and financial gain
@@traingameiacs oh so me getting a game with currently no value is illegal but corporations collecting (and selling) my data without consent is legal... What a democracy we all live in... I think its about the time I dedicate myself to learning ethical (and unethical) hacking so I can fuck around with these "capitalists"
@@danilojonicwhat do you mean? You give your consent every time you pay
@@danilojonic hmm, yeah
You’re telling me someone could’ve potentially added the deadpool game to their steam profile? That’s crazy.
Anyone who does this is going to get absolutely FUUUUUUUUCKED and will lose their accounts. Don't try at home kids lol.
Is that just for the stuff like the cs items? Or just getting old things that dont exist anymore
@@tornadotaylor8956 they will be able to track how it was activated and if it was something that wasn't public facing you will likely have it removed and possibly have your account banned. I 100% would not risk it at all unless you do it on a throwaway account you dont care about risking
my first instinct is getting delisted deadpool :D but my account has a lot of games, so not risking it
same here
I just tried to get Deadpool :( but it didn't work
War in the North 😢
oh yea i remember that game why was it delisted?
@@admiralkaede Copyright... it's always about copyright, sadly...
You do a better job of finding this stuff out then the U.S Government 😂
The exploit was already fixed. If you try to change the payment method it will say that the item you are trying to purchase is not available in your country
Damn, thanks for letting us know though.
Yeah same for me
god fucking dammit. I wanted Blur. You havent been able to buy it for YEARS and YEARs now. A steam key for it sells for about $4000 which is absurd..
@@Airtroops83 wtf
Spiff: i don't use or condone doing this exploit
Spiff in literally the next sentence: so what i'm gonna do (proceeds to do the exploit)
ive been training in cyber security and this is literally one of the things i did in the virtual environment except it was a donut shop??? like this is a known exploit!
You know it's gonna be a great exploit if Spiff has to give a full legal disclaimer at the start 😂
Edit: Genuine question, if you use this exploit to just get a delisted game into your account, and not make any money off it, will steam come after you? The game in question has been delisted for over five years and there is no way to get a copy of it in 2024
ehh, other people said that they will probably just remove it. Honestly I dunno, you could try it but I would rather just pirate
I don't think it's worth the risk.
You're sure you can't get it by sailing the high seas?
looks like its already fixed so it doesnt matter anyway, really wanted gta 1 but oh well
It'd be legally safer to just pirate the game.
@@unusualusername8847 yeah I've realized that. The pirated copy is pretty broken and doesn't include certain content the Steam version would, but it's not worth the risk.
I remember one of the early sales, I bought Crysis and put it in my Inventory, yeah that was a thing.
I sent a gift to a friend, he redeemed it (Crysis) but there was an Error and the game was still In my Inventory, so I redeemed it myself.
I lived in fear since then.
I feel like I'm gonna go to jail just by watching this. Thanks Spif!