most likely you have generated Gift links and dont use it
a hacker could steal them using brute
Comment has been collapsed.
hmmm, yes i generated gift links and i didn't used them for a while. So stupid humblebundle is not safe at all, it didn't cross my mind that, yea using brute you can guess generated links and get your gifts.
Comment has been collapsed.
It's more likely that someone logged into your account and grabbed everything that wasn't redeemed yet. It'd be pretty hard to brute-force anything, and nigh-on impossible if there is any form of rate limiting (which I hope there is...)
Anyway, why don't you contact the support? Shouldn't be too hard to find out what happened to those gifts and then have them revoke the Steam keys. I know they can reset download pages because I accidentally claimed a gift purchase once.
Comment has been collapsed.
Nope, no way someone logged into my account unless they hacked it. and now days it's not hard to brute force and crack a password with bitcoin miner machine you can do it really fast, i cracked .zip file password in less than 1 day. But it very much depends on type of security which i hope humblebundle made it good. I contacted them 2 times already in last week but they seems to been busy and didn't replied to me yet.
Comment has been collapsed.
and that's Humble bundles fault how?
Anything can be brute forced given enough time and attempts. I think the fault lies on the person who created the gift links which made it possible to brute force them. If you hadn't created the gift links, it would not have been possible.
The other possibility is that you use the same password on multiple sites and as lunboks suggested, someone simply logged in and took everything. In the end, both of them kinda come back on you though.
Sorry for your loss, but at least you can learn from your mistakes.
Comment has been collapsed.
blaming the victim
Are you a moral degenerate or just an idiot?
Comment has been collapsed.
Ill give you intelligent reply, blaming humblebundle, and their fault is because my keys from older bundles are not redeemed, only their newer method of giving links for oauth steam activation is redeemed. So if someone hacked my account, he would redeem keys too, but keys are not redeemed(i just activated 2 of them and no problem) however making something that it won't like the users at first, and thus making it insecure, yes it's their fault. If generating a gift link can be brute forced they should not use that system.
Comment has been collapsed.
You don't seem to understand.
ANYTHING can be brute forced including your passwords, e-mail, steam account and anything else that uses letters and numbers and symbols.
If YOU hit the gift link button and it generated a gift code. BUT did not use that gift code right away, it could be brute forced easily. The reason is because after YOU hit the gift button they key is made and will not change from that point on. How is Humble Bundle suppose to know that you didn't give the key to someone who used it and then you go back to them crying that it didn't work to get a second key.
I do agree that the key links should be longer, at least 10 to 20 letters and numbers mixed with different cases and varying lengths as that would make things much harder to brute force, though not impossible. Once someone makes a program to make a list of all the possible combos of keys, all they have to do is let a computer run 24/7 trying each key. And while there could be trillions of combos (I haven't actually sat down to figure out how many it would be), a computer could easily check 10,000s of thousands if not millions of keys an hour.
(ok I lied, I did sit down to figure it out for just 10 spaces. At 62 possible letters and numbers (10 numbers, 26 upper and 26 lower case letters) per space at 10 spaces it would be a possible 839,299,365,868,340,224 (839 Quadrillion possible keys, at 10 million keys an hours it would take roughly 9,581,042 years to go through all the keys, that is if a computer can only do 10 million keys an hour, pretty sure they could do more)) Oh god I'm a nerd sometimes...
Humble could make it much harder by doing what steam used to do, after so many failed attempts with keys you get error message and have to wait an hour before trying more. If this was limited to say 10 failed attempts per IP address in a 1 hour period the IP address would be forced to take a 1 hour break and only receive error messages if it kept trying even if they put in a legit one, it would then make brute forcing pretty much impossible unless they just happened to luck onto it.
They could also already being doing this.
In the end, if you hit the key gift button and then just sat on the keys and didn't use them (and you admitted you have in one of the above posts), then its more your fault then it is Humbles fault.
Don't hit the key gift button till you are actually ready to send the gift to someone and then if it fails right at that moment, then you can actually blame Humble Bundle and contact them for help.
Comment has been collapsed.
old gift urls like HIB1 or HIB2, can same bruted, so do not keep them, do not buy bundles for resell
Comment has been collapsed.
do not make laugh me, open Google and search stores that sell brut gift links to bundles
Comment has been collapsed.
As far as I know, if such sites actually existed they are only there to fool people because a brute forcer would never know if the key actually works unless they test it and it can't be tested without actually using it and connecting it to an account.
So of course there would be no working brute forced humble bundle/steam keys for sale. If someone is out there brute forcing keys from humble they are not selling them, they are keeping them for themselves.
Comment has been collapsed.
example: 1 guy buy sega weekly 15 USD for ressel as s gift url, 2 guy bruted it and activate on his email, and sold bundle in shop like 3 gifts url...
Comment has been collapsed.
I have no idea what you are talking about. If you mean they are selling accounts that they have made to add brute forced game codes onto, then thats totally different then selling the actual links. Again unless the person adds it to an account they have no idea if the gift url they brute forced actually worked.
If you mean the gift url that is made when you buy it to give to someone so they get the whole package then that doesn't sound like what the OP did. It sounds like he bought the package and then went in to the individual games and hit the key gift link for each individual game and then just held onto the links.
What you said is possible, but again does not sound like what the OP of this thread did. And as has been stated, it doesn't look like anyone is selling humble bundle gift links in online stores. Unless you have other proof of this, if so please post google links and tell us which ones it is so that we can report it to humble bundle.
Comment has been collapsed.
Yes ofcourse someone must have bruted your link to gain access to your 6 dollars worth of space research that can cure cancer and aids.
There is no other way it could have happend.
Maybe it was magicians who did it, some evil wizards from jupiter and from the future aswell came all the way back here to "hack" your giftlinks that are worth almost as much as this thread is.
Comment has been collapsed.
Someone actually DID do that to me, a few hours ago. Logged in, changed my e-mail for HB, and goodbye~~~
Comment has been collapsed.
That's retarded, clearly the evil wizards are from Pluto, and they're involved in an illuminati plot to remain secret, that's why Pluto is no longer considered a planet. And time travel is just absurd, they're from the dimension of the lizard men, everyone knows that.
Comment has been collapsed.
Actual explanation for people wondering. This is because during the early hours of Humble Bundle 11, there was a small glitch that meant that after redeeming keys on a page, they reset and appeared to not be redeemed again. This meant that the system would let you gift them, even though the steam key itself in the actual link was redeemed, creating that error you describe. Fortunately, this means you actually didn't lose anything, since you never should've had those keys in the first place. I can only assume this is what happened, as otherwise you'd have noticed immediately.
Comment has been collapsed.
21 Comments - Last post 9 minutes ago by Beer4myself
25 Comments - Last post 11 minutes ago by Seibitsu
35 Comments - Last post 1 hour ago by TinTG
17 Comments - Last post 1 hour ago by iGnome
2,131 Comments - Last post 1 hour ago by Seibitsu
864 Comments - Last post 1 hour ago by wigglenose
114 Comments - Last post 2 hours ago by OwieczkaDollyv21
17 Comments - Last post 29 seconds ago by FullMetalZ
114 Comments - Last post 5 minutes ago by Minir
15 Comments - Last post 6 minutes ago by 1stCheater
1,173 Comments - Last post 11 minutes ago by MouseWithBeer
26,623 Comments - Last post 21 minutes ago by jahas10
10,883 Comments - Last post 21 minutes ago by usercar007
809 Comments - Last post 41 minutes ago by Mdk25
I wanted to gift 1 game yesterday, when i sent him a gift link it said it's already redeemed. When i went and checked for other gifts on humblebundle all of them are redeemed. To every and each it says this gift is already redeemed.
But i didn't gave any of those links to anyone before, few of them that i redeemed it already says it's redeemed to my account. And it's not few games from one bundle, it's on few bundles that i have.
Did anyone else had this kind of a problem?
Comment has been collapsed.