Right now, Steam has a contest going on where one lucky person will win every video game on Steam. There are ways to get entries in every day for “free”. There are also ways to get extra entries by completing objectives in various purchasable games. Each piece of “coal” is an entry into the contest. Each Steam account can get more chances (and more coal). Steam also allows gamers to take coal, trade it, and then craft prizes with it…specifically, get free games.

Over at HumbleBundle.com, there are a bunch of games for really cheap. You can pay whatever you want. And they issue Steam keys for the games. Before today, you could be an ultra lame cheapskate and buy the bundle for one cent…and get Steam keys.

You probably see where this is going.

Some video gamers decided it would be “fun” to attempt to get tons of Steam coal by abusing this system. Unfortunately for them, Santa keeps a naughty and nice list and they are now squarely on the naughty list. These people set up a script and paid one cent for hundreds and hundreds of Humble Bundles. Then, they generated a bunch of Steam redemption codes and plugged them into new Steam accounts. Suddenly, they have tons of entries into the Steam contest for mere dollars, tons of coal, and tons of prizes (from a limited prize pool).

In addition to getting caught, PayPal transaction fees are 30 cents plus 2.9% of the transaction (usually). And, by buying so many copies at one cent, the average price on HumbleBundle.com has dropped significantly (approximately 25 cents according to one article). So, this little fiasco actually cost HumbleBundle money and will hurt them for a while longer. Fortunately, doing things like this is also against the Steam Subscriber Agreement and will hopefully result in permanent bans from Steam for their regular user accounts too (i.e. total loss of access to their entire digital collection). A suitable punishment for cheating and violating the Steam Terms of Service agreement. So, if you were directly involved in this stunt, here’s a big thumbs down from the gaming community. And a big shame on you too.

I also learned about a new website offering a near-clone of the Humble Bundle: indiegala.com. They only generate Steam keys but they generate one key per game, making the one cent thing even more tempting a target for video gamers without a conscience.

For the record, while I’m definitely a “cheapskate”, I still pay what I consider a reasonable amount for the games I want to own – and I’m patient for good deals. I also try to offset PayPal’s fees accordingly and I don’t cheat online systems. I’m okay with “cheating” in single player games – hey, game developers put in that infinite ammo code in single-player for a reason…. But even I understand and respect that an equal playing field is needed in the online world for everyone to have fun.

Here’s the original announcement for the change: $1 Min. Price For Getting Steam Keys. I originally heard about this via word of mouth.

If this legislation (S.978) passes through the U.S. Senate, House, and subsequently signed by the President – who wants it to pass, that YouTube video of yours with more than 10 views in the last 180 days will suddenly put you at serious risk of a prison term of five years. You could be wearing a random T-shirt from your closet with a logo on it while doing a game review or share a gameplay video so other people can see if they want to buy the game. Or, my personal favorite, posting speed runs of video games. It doesn’t matter – ANY material under copyright (which is basically anything) that is streamed over the Internet and watched by more than 10 people in 180 days makes you/me/whoever liable for criminal prosecution or an insane fine of thousands of dollars.

Throw children in the mix and you’ve got disaster in the making. That innocuous cat video could land you in prison too. Showing your friends gathered around a display someone else’s video could be construed as constituting a “performance”. EVERYONE is at risk.

The Entertainment Consumers Association has a nice little form letter on their website you can use to send your scathing reply to this abomination of a proposed law to Senator John McCain and Senator Jon Kyl.

S.978 is one of those bills that seems to be quietly passing without much press. Let’s make this into a massive uproar of disapproval. Send a big fat NO to Congress!

LulzSec, the group that claimed responsibility for the recent Sony PlayStation Network outage and identity theft, is now claiming that they have hacked into the Arizona Department of Public Safety (AZDPS) systems and stolen 400MB worth of data that supposedly contains personal home addresses of Border Patrol agents. The Arizona Daily Star and Arizona Republic have already published articles on this breaking news. And Three Sonorans and Social Citizen here on the Tucson Citizen have already done some basic forensics.

Obviously, at this point, no one has had time to sift through the entire 400MB data dump. For all we know, it could just be a ploy to gain access to other systems via malware in the PDFs and Word Documents within. I’ve seen comments that say some of the files in the data dump contain suspicious malware-like content. So, if you decide to look at it, be sure to isolate it from the rest of your computer network or you might find yourself the next target of LulzSec. A cursory glance at the data suggests it is legitimate. BUT! Only after people have had time to tear it apart will we know for certain.

So, let’s assume this is legitimate for a moment. I have no reason to doubt it isn’t. LulzSec seems to only make legitimate claims. But this is a far cry from hacking a gaming network. In the digital world, the only real loss is time and money and the customer loses a bit of privacy and peace of mind of control over their personal information. Big deal. If you use Facebook, then you’ve already lost those things anyway. In the case of PSN, there is likely no real association to what you do for a day job. And maybe your credit card information was stolen – the question of whether or not credit cards were stolen was conveniently never properly answered. You lost a month of time to play games on PSN and had to play other video games or, dare I say it, actually put on some suntan lotion and go outside and enjoy the amazing outdoors this state has to offer year-round. On the flip side of the coin, publishing real names and addresses of those known to put their lives on the line daily puts their immediate families’ lives in danger. That’s the difference here.

This shows how little people think about their actions and the potential repercussions of those actions. LulzSec is short for “Lulz Security” – making fun of how weak most IT systems are and then exploiting the weaknesses to force the organizations to start thinking seriously about securing their systems For Realz. A noble goal, I suppose. And it is true that most IT systems are horribly insecure. However, there are better things to do with one’s time than intentionally putting real lives in danger. Even playing video games with friends to build relationships is a better use of one’s time.