Shady thing happens -> Lucky enough for issue to go viral -> Company makes an apology mainly bragging about how much they've paid out on H1 and playing some blame game.<p>Count me not surprised.<p>A company that goes out of their way to dispute the CVE, to turn around a day after a PR firestorm, is not actually turning around. They are saving face.
Valves been on the down for years. Last minute chat app trying to mimic discord/curse, and introducing laughable vulnerabilities. VR gear more expensive and less relevant than competitors, no advancement on the tech that worked (steam controller, steam streaming box). Better mods through other sites and curse client. No more valve games, holding onto a dead engine.<p>Valve is coasting on prior success. If discord or curse was done better steams market share would nosedive.<p>This is one of many mistakes that happen when you dont compete and innovate.
Well, maybe future serious bugs in valve/steam software should just go to open/public disclosure until they've actually paid out for the two bugs they denied previously.