Steam Hardware survey (May 2020): pulling confidential info?

[b1k3rdude]

So just had the Steam hardware survey request pop-up and went through the list of what info it was pulling from my system. Why is the survey pulling the serial hash of my hard drive? I am not cool with this. Valve do not need or nor should they be asking for confidential information like this.

 

Whats is a harddrive 'serial hash'? If this isn't the serial number, why does it have 'serial' in the line..?

[Radium_Angel]

13 minutes ago, b1k3rdude said:

confidential information

This is why I don't fill out this form. It asks for too much that is none of their business, "hashed" or not, they don't need to know anything more than OS, CPU and RAM.

[b1k3rdude]

Exactly. And I think this new info-gather is new, as I have always scroll through what was being sent to them.

[porina]

I'm guessing this is some form of hardware identification they may be using to improve the validity of the data. Without it, it may be possible to get multiple submissions from the same hardware. The hash is a fixed method of converting some data into another output format that may not necessarily have the full original information encoded. For example, while doing file downloads, you might also be offered the MD5 hash. This is a hopefully unique value describing whatever was hashed. If the hash output is smaller than the input, you simply can't hold the same amount of information in it, but the hash value can still be used to compare if different results probably came from the same source. There is a risk of two different inputs giving the same output, you can estimate by considering the number of possibilities in output. Anyway, as long as the hash output is smaller than the input, there is no way they can work backwards to obtain what the serial number was. At most, there might be a way to determine what values they could have been, but this is computationally very expensive.