Steam's offline mode accidentally reveals exact user login timestamps through network activity. Researchers discovered that even when appearing offline, the client broadcasts precise timing data that can expose when users actually sign in.

This privacy flaw undermines Steam's invisibility feature, which many users rely on for safety and privacy. The timestamp leakage occurs through background network requests that don't properly mask timing information. Security researchers demonstrated reliable detection methods.

Valve has acknowledged the issue but decided not to implement a fix. The company cited technical complexity and existing architecture limitations. Users concerned about privacy may need to adjust their usage patterns or seek alternative platforms for sensitive situations.

Security experts recommend disabling automatic startup and being selective about when true offline privacy is required. This incident highlights ongoing challenges in implementing robust privacy controls in complex networked applications.