ProgrammerHumor
iNeedSomeContext
Discussion
The senator or Captain Phillips?
Probably the YouTuber.
Honestly it would probably be better to just be blissfully unaware of the issues faced by Internet personalities
Unless you're a gamer in EU, or the UK, then you really ought to be aware of this one and participate, because it also has to do with gamer consumer advocacy.
The TLDR is: the guy is extremely arrogant, made some mistakes, doubled down and the Interner decided he'll be the next "dunked on guy" (a title that will last for a few months).
Funnily enough, it all started with a World of Warcraft drama.
For this sub in particular, he keeps bragging he was some kind of senior developer at Blizzard for years when he in fact was a social engeneer for a red team and (therefore) has poor coding skills, hence the YandereDev-level coding memes.
Yeah I first heard of him when I saw some YouTube shorts and he was explaining game concepts with the paint app. I thought he put things in a concise way and was good at talking, didn't really think about him again for months until the hardcore WoW thing, and now this.
It's easy to say it won't matter or will only last a few months, but I'm sure there's a lot of people like me who know of him and now won't watch his content. I don't think he'll fall completely out of his success, but it is a few steps back. He'll only pull in new fans from people who don't know anything about this.Ā
Yup, I'm on the same page. Didn't know the guy, didn't care about it. Now, I'm actively avoiding his content because I believe he's too arrogant.
In fairness Jason never claimed to be a developer at Blizzard from what I can find. What he does do is he wields the fact that he even worked at Blizzard as a club to assert his authority on all topics game development/design related even when he clearly has no idea what he's talking about.
He opens every statement with "As someone who worked at Blizzard for 7 years, here's why XYZ game design ABC is good/bad." and whenever someone challenges him on one of his (usually bad/niave) takes he goes "Oh yeah, and did you learn that working 7 years at Blizzard? Oh wait that was me not you." he has been pretty consistent with the roles he held while at Blizzard which were QA tester and some sort of Security/Redhat role that was catching botters/dupers or something like that.
https://www.youtube.com/live/ssu3kTydJ14?si=6wsNOkX7VnxFceH9&t=8006
"I was the first second generation game developer at blizzard"
he just never keeps his story straight.
Yeah it's pretty funny how often he flip flops on that. In some situations he's openly admitted he got his first role at Blizzard because of his dad who was one of the first 10 employees before Blizzard was Blizzard, but then gets super butt mad whenever people call him a nepotism hire because he's deluded himself into thinking that when he applied the second time no one knew whose kid he was lol.
He definitely calls himself a game developer many times
Technically he is a game developer because he is working on a game.
me when i send a bug report about a grammar error in quest text
No yeah that part is true, I was mostly just correcting the part where the other person said Jason claimed to be a senior developer at Blizzard. For all the other stuff PS lies about he's been pretty forward about his roles at Blizzard being QA and later on some sort of security role.
Slight corrections: he never claimed to have been a Senior Developer. He just keeps saying he worked at blizzard (a job he got because his dad worked there) and in the past he did say he worked there in QA
Also the internet is not dunking on him, it's holding him accountable for his lies
People saying he isn't lying, lies of omission are still lies. Especially with the intent to deceive. Which he has because it gets him clout.
He talked about his jobs and what he did in it. He said he was in qa and I think some form of red team. He never claimed to work on the code.
He does uses the word dev too loosely. I think he thinks that anyone who works for a game company helps develop the game, so he considers himself a blizzard dev.
I think he is wrong, but I don't actually care that much and just wish people would stop bringing him up.
He wishes people would stop bringing it up yet he keeps addressing it every time someone in his chat brings it up and he could have had this not escalate by simply apologizing when this whole thing started š¤£
he could have had this not escalate by simply apologizing when this whole thing started š¤£
That was 7 months ago man. The mob has been keeping this on my daily feed for 7 months. The first few weeks were on him. The last 6 months are on the insane people that cant let this go.
the thing is the internet actually forget very quickly because ppl attention span is very short. It's actually a known strategy to do absolutely nothing for a while and let things blow over. Jason's inability to stop fanning the flame is 1000% what keeps it going.
I never said he wasn't lying. he's been absolutely despicable in this whole drama
Iirc he did claim to have 20+ years of game Dev experience for a while, then when he started getting called out on it too much started lying by omission claiming to be a game Dev and have worked in the industry for 20+years (omitting the fact that zero of them were being employed as a developer)
What is a social engineer anf what is a red team?
The easiest way to hack into someone's account is by tricking them to give you their password. That's what social engineers do. He tested to make sure people weren't falling for those tricks
Which is a totally valid and somewhat important job in our growing world of seemingly tech illiterate employees and "specialists". It just doesn't make you game developer Jesus.
Honestly a couple of places I've worked for could probably use some of that training and testing. A place I used to work in IT support for once had a client agent (like a low-level lawyer) accidentally post their client's private info, including the social security number, in their WhatsApp bio...
The problem isn't the job, the problem is that he misrepresents the job as game development experience, uses his claimed expertise to spout idiotic bs like using booleans is bad practice, and insults anyone who criticizes them while claiming to know better because he worked at blizzard doing an unrelated task that has nothing to do with programming competency, meanwhile he is quite possibly the least competent programmer ever, even yandere Dev is literally an order of magnitude more productive than him.
Basically he works for a company by attempting to break into their systems. Most frequently by tricking people into giving them access.
Right now the internet seems to have found their ādunked on guyā in the Coldplay CEO affair dude. This title will probably also only last a few months.
it all started with a World of Warcraft drama
Just amazing how him fucking up in one dungeon and running away led to all this hate. [insert domino meme here]
made some mistakes, doubled down
What do you mean? He was always right, it's not doubling down if you're right!
"For those that scream 'he's doubling down', yes I damn well am!" -PirateSoftware
Edit: Since it's apparently needed: /s.
Did you forget "/s"?
I hoped obviously quoting him twice with his own obviously contradictory statements would be obvious enough for the readers here tbh. Oh well.
All you need to know is: heās YandereDev 2.0, but with ludicrous bragging
But who is yanderedev
Ah, well, heās a developer who is known for making a game (still incomplete) called āYandere Simulatorā, which had its source code leaked, and it is some of the worst code youāve ever seen; mostly in terms of abusing conditional statements. Hereās a video that goes over some of the greatest hits from the code.
Important to note, Yandere Dev went into game dev as a complete novice and made mistakes you'd expect from one.
PirateSoftware makes comparably bad mistakes but also claims to have 20 years experience in the games industry.
Also worth noting the quantity and quality of their mistakes.
Even decades in, I make many dumb mistakes, but...yeah...not like that.
Oh yea 100%. My first exposure to this was people giving him shit for not using a for loop to set 5 variables. Which is a massive reach, who uses a for loops fo do 5 lines?
The lighting system he ended up using and the lack of a data structure to manage his dialog system made me second guess him. But the fact he threatened to sue the guy making videos on him is when it became clear he was a POS.
He didn't just not use a for loop to set 5 variables, he had the entire visible area in his ide showing lines of manually assigning zero every entry in an array instead of using a for loop or anything else quicker than at least dozens of lines (we don't get to see how long it takes to scroll through the assignments, just that you would need to scroll to see them all) of code that are identical except for the magic number indicating which array index to access. They picked the 5 line example because it fits on the screen.
Itās important to note that yanderedev is not just writing bad code, he has been procrastinating while draining his patrons (he has been developing for 11 years at this point), has shifted the blame on ānot writing codeā to his fans sending too many emails, once paired with an actual dev and then fired him because he couldnāt understand the codeā¦ and thatās just the surface stuff, not even going into the grooming accusations, if I was to complete the list we would be here all day.
I donāt follow the whole drama but I am 99% certain that even if pirate software is proven a hypocrite and a worse developer than yanderedev, he is still a better person just by how low that bar is.
Pirate software has been doing the same thing, but yandere Dev has produced dozens of times more "working" code and has created orders of magnitude more content. He is yanderedev but worse in every way.
Last time I tried yandere sim it was unplayable, mostly used store bought assets (the mascot being one such asset) and the rest was made by volunteers, it had a bunch of game design problems and barely any progress made on its main mechanic (ārivalsā), I believe thereās 2/10 now.
But okay, I havenāt followed pirate softwareās game, letās say heās just as much of a scam, I still need a ton other problems and sexual misconduct to put the two on the same level of awful human beings.
Similar thing goes for PirateSoftware though, not delivering the updates, not finishing the game for years etc.
Yeah, some of it is not great, but it mostly warrants a "heh", but they make it a "hahahahaHAha", and they do it before they've understood the context.
Did Yan dev brag tho? I know his code was something else but I don't recall him having an ego.
I don't either, in fact he usually would make fun of himself as he learned more by posting screenshots of his bad code.
Thatās not his code (or tweet even), itās edited. He didnāt brag as far as I know but he also didnāt trust anyone else with code, even though people volunteered.
I somewhat heard about this. Is there any reason why he was the only one that could make this game and someone else couldnāt just do it.
Oh poor summer child
Haha, this made me blow air from my nose
Tbf, there has been drama I've asked to know more of where someone does inform me and the rest of my day is made a little worse.
And a voice changer (based on clips I saw of him at a convention)Ā
Yeah but YandereDev admits to being a beginner.
He was a first second generation employee at blizzard.
They literally had to draw the line at him.
To start, there is a movement called Stop Killing Games, which is a movement that seeks to end the now common practice of creating games that depend on a central server, selling those games to customers, then shutting down those servers without fixing the dependency and leaving their paying customers with nothing.
PirateSoftware either misunderstood or purposefully misinterpreted the movement and attacked it repeatedly on false pretenses. And these weren't minor misinterpretations, these were him declaring that the core message of the movement was one thing when he was literally on a page that contradicted him. He then refused to discuss the movement with the originator, refused to acknowledge that he was wrong, insulted him repeatedly, and banned all pro-SKG content from his streams.
This stymied the movement, as he was fairly well regarded at the time with what people consider reasonable standing to object as a developer and no one wanted to enter drama with him.
Fast forward a while, and he lost a lot of cred when he did something ban in WoW hardcore that led to multiple high level deaths and he refused to acknowledge any fault or wrongdoing. I don't know if this is relevant, but apparently people didn't like this.
Later, Ross Scott, the organizer of Stop Killing Games, released this video talking about how, at the rate at the time, the SKG initiatives were dead. I linked it at a time where he starts talking about PirateSoftware. PirateSoftware doubled down on his false attacks on the movement, even though he was clearly attacking a straw man of his own devising.
What is the strawman?
I realize I misread your comment with my first response. You aren't asking me what strawmen are, but what his strawman is.
The strawman PirateSoftware made was that Stop Killing Games (1) only applied to single player games, (2) demanded that servers stay up forever, (3) requires that multiplayer games be made in to single player games, (4) requires that publishers support and maintain their software forever, and (5) accuses the initiative of being vague for not having direct quotes to support his false assumptions and misrepresentations.
None of these statements are true about the SKG initiative. But PirateSoftware digs in to these consistently and gets mad at anyone who tells him he's wrong, even when they have evidence to back it up. And he throws insults at Ross or anyone else who tries to point out that he's wrong.
Thank you for your answer. Now, I rewatched both of his videos on the matter (and some comments of his), and I believe many, if not all of these points were either never said, heavily misinterpreted, or are, as a matter of fact, true.
1) He said that this would apply to ALL games with online components, which, if taken at face value, is true.
2) He clearly stated the consequences (that he believes) would be of both the case where games are forced to be enabled forever, and the case were server binaries are forced to be given (which is one of the potential solutions being pushed). At that point in time, the SKG petition did not include any notes correcting this particular case, but they were added later.
3) This, for the most part, is true. The three potential solutions I've heard in discourse are (1) Convert the multiplayer game in a game playable as single player (2) Free server binaries, or (3) Offer a definite "minimum End-Of-Life" date for the game (though this was is in the minority, since it doesn't cover the demands for both "game conservation" or "game ownership").
4) Similar to (2).
5) Again, this is true. The initiative is extremely vague. Perhaps dangerously so. It definitely doesn't leave any devs with peace of mind. The argument I've seen against this is that EU initiatives have to be vague and even have a word limit, but the fact is the concept of a "playable state" is not defined whatsoever, and the solutions I've seen in discourse (see (3)) are not particularly promising, where each one has a series of serious issues to answer to.
Both? He released at least 5 videos and streams on the matter. But I will link sections of Ross's video to see where PirateSoftware said each one.
- Time 1. He specifically says that the movement is targeting single player games. Time 2. This is from his second video, where he is still fixated on "single player." While Ross and others in the movement have said that this is especially egregious for single player games, the movement does not target single player games, but instead all games sold as goods and purchased in good faith. He even says "No where in there does it say it is directly targeting always-online single-player games. It is vague." It not saying that does not mean that it is vague.
- It is completely false to say that SKG advocates continuing services. As the initiative itself says, "The initiative does not seek to acquire ownership of said videogames, associated intellectual rights or monetization rights, neither does it expect the publisher to provide resources for the said videogame once they discontinue it while leaving it in a reasonably functional (playable) state." I don't know of any SKG material from the actual leaders of the movement that calls for this. If you have a quote from Ross or anyone else leading the movement that counters the literal text of the initiative, please provide it. Time 3 is where he says the line.
- It absolutely is not true that the movement is asking for multiplayer games to be made single player. If I buy a game like Stick Fight, a single player version of that would be pointless. I play that game to blast my friends, not to fight with bots! Making the multiplayer game single player is NOT an acceptable solution and would not satisfy an ideal SKG law. Fortunately, Stick Fight includes local shared screen multiplayer, so it is SKG approved. Single player versions of multiplayer games are NOT the game as purchased. There isn't even a quote talking about anything like that in the initiative. I do not know of any literature or statements from the SKG leadership that states this. If this is not the case, I would love to see it, so please provide a quote to that effect. Here and here is where he says that.
- Once they release working server software or a patch to enable local multiplayer or whatever mechanism they choose to make the advertised gameplay accessible, it is on the players and fans to figure out how to keep the game running as time goes on. They are under no obligation to provide bug fixes or make sure it works on future hardware. Once they release a working server, patch, or other mechanism, they can wash their hands of the game and never look at it again or spend another cent on it. Just like, for example, how the makers of Star Trek: Elite Force (2000) are under no obligation to make sure their game works on Windows 11 or modern hardware. They released a game designed to work on hardware in 2000, and it's on me and other players of the game to keep it working today. But I actually think he might not have said that and instead I am remembering discussions with other people, so I withdraw 4 unless you have a quote of him saying it.
- The initiative is only vague in its statement of "reasonably functional (playable) state." It doesn't specify how to do that because how could they possibly do that for all kinds of existing games and all potential kinds of future games in less than 1,100 characters? And even if they tried, the solutions they would provide would not work in all cases. Everything else is specific, describing the exact problem, why it's bad, and what their goal is, and a set of legal precedents that apply. Keep in mind that the initiative isn't the bill that will be voted on, but instead is a starting point of a negotiation. It is a complaint specifying a problem and asking for the government to come in and resolve it. I don't see any other vagueness in the initiative. PirateSoftware calls it vague because it doesn't say the thing he thinks it's trying to say. And a document not saying what you want it to say does not imply vagueness. Here is him saying something that is vague is not, and here is a compilation of him calling vague over and over. If you have examples of vagueness, please provide them.
EDIT: And here, he says something entirely false. In fact, I don't think there is a single non-subscription live-service game that has an expiration date on it. But he says that the statement "Most live service games do not do this," where "this" is provide a date at which the service is to be discontinued, is patently false. I can provide dozens of games that proves PirateSoftware's statement false.
Please feel free to provide context if I am missing.
I'll make sure to take a look at the videos tomorrow. Thanks for your detailed answer!
A straw man is an underhanded argumentative technique where a person create a fake version of another person or their arguments which have obvious flaws, then attack those flaws rather than the actual person or their real stance.
It's a logical fallacy where person A attacks a fake version of the argument or stance of Person B rather than a real one. So, rather than having to take on the real viewpoint of the person B, person A can appear to pull out victories by beating up the straw man instead, despite the fact that person A never actually addressed person B's actual views or argument.
You can look up examples online if you want to know more. Look up "Straw Man fallacy" or "Straw Man fallacy examples".
Nice video from Bellular will put it into perspective with Stop Killing Games
That mofo is even invading my YouTube feed.
you can tell youtube to stop recommending a certain channel. 3 dots submenu on something
I've only seen him in shorts so I don't actually know what he's about.
named PirateSoftware
against consumer rights
visible confusion
If you go to his stream and calls him ānepo babyā he gets you banned š
Also an auto-ban if you say the words "out of mana"
Context for this please haha
If I get this right, on a WoW server with permadeath he ran as fast as he could during raid when things went south (as opposed to running while also doing what he was supposed to do to help his teammates; two teammates lost their characters because of that), and when questioned why, he said "I was out of mana" (and everyone could see in his stream that he had at least two options to restore his mana)
Shortly after berating another one of his guild mates about how a first wizard shouldn't immediately run away as quickly as possible is a retreat is called for and that they should use their abilities to slow down the enemies and help the group escape, he did a dungeon run as a frost mage and did exactly that, then when the party members asked where he was he wasted all his mana for no reason and then claimed he couldn't do anything because he was out of mana, multiple party members died after this. Then when discussing what when wrong he was extremely smug and arrogant about the whole thing and refused to admit he could have done anything better. He has made a habit of similar behavior while participating in teams in multiplayer games.
I'm not going to start arguing with people again, all I'll say is please do your own research on this topic before just taking anyone else's beliefs as your own
A half assed dev who got popular and has some unorthodox opinions so now heās the evil spawn of Satan (seriously guys stfu about this man who hurt you)
People like Jason (arrogant narcissists) hurt me, so Iām very much enjoying watching his downfall.
Also āhas some unorthodox opinionsā is the understatement of the century. He did serious damage to the SKG movement by attacking it on false pretences, ran away from his party and got them killed as they got killed in hardcore WoW without apologising, lies to his audience on a regular basis, overstates his game dev experience and has collected a bunch of money from his fans expecting a game from him and 8 years later he now spends more time watching his subscriber count than he does writing code.
the guy who gave us:
if true = 1\ then = 1\ fi
It's just large communities acting like zombies.
Mujin did a video on this topic if you're curious
It's an hour long but covers all the beats
I've seen so much coverage dunking on the dude, but i honestly have no clue what his basis is for originally being against the SKG objective, like I get everyone can be pro or con on something, but I think I've missed the initial objection that happened before people started digging into his code, was it basically a case where his arrogant ass said "I know better because everything is write is gold and everyone else writes garbage"?
It was literally all strawman and ad hominem attacks, he didn't have a single point that had anything to do with any of the goals of the initiative. He criticized it for not specifically stating it would only apply to single player games despite the fact that he had the web page for the initiative very specifically says it is not only about single player games, claims that the initiative would require developers to pay to run servers forever when it very specifically says it wouldn't do that, etc.
His daddy worked for Blizzard, he's hanging off the coat tails lying about his employment history, taking advantage of young lads ten years his junior while married, and making furry porn while pretending he "worked for" second life. Extends far beyond his unfounded SKG criticism.
Not many people know this, but I heard a rumor he worked at Blizzard.
He would watch bots walk in a straight line and place rocks in their way. Very serious hacking business.
He was the first second generation blizzard employee btw.
Programmer streamers were a mistake
Popular streamer got people perms killed in WOW by mistake and now has gotten non stop hated from grass allergic neets who put everything he does under a microscope
It's not just this. He acted like a dick blaming everyone else
Heās a dickhead that canāt back down because he dug in too deep
Basically a nepo-baby that claims to be the top dog and a coder with godlike skills, but in reality, he is just an achievement third wheeler who says he did everything himself.
Unlike him, I don't need to lie about my incredible coding skills because I'm honest about the fact that the only thing about my coding that's incredible is how incredibly shit I am at coding.
some grifters shit on someone's pet projects while advertising their leetcode website
Anyone else hate this karma farming template?
that seems hard to believe considering this sub has been filled with posts about him, with each one having someone saying "im ootl who is this" and another fully explaining the same thing again and again
popular stramer brags of having +20 years of experience in important companies, being a game dev, and a cyber security hacker.
Speaks against a popular petition to prevent big corpos to pull the cable and make their games unplayable.
Other dev youtubers check his code and it ends up that his code is from someone with no dev experience whatsoever, code that everyone [even users of this sub ( Ķ”Ā° ĶŹ Ķ”Ā° )] would feel ashamed of.
While in reality he has no coding skills at all since his time at blizzard was working in Quality Assurance, and his cyber security hacking was just social engineering not actual hacking
He's actually an amazing social engineering hacker. He was able to convince hundred of thousands of people that he actually got any dev skills at all.
I think we just call those "con men".
Still counts.
That's what social engineering is
It's the study of how to con people to gain access to things u shouldn't have access to so that they can defend against it. Basically, the same mentality as the most common idea of what software security is, except instead of operating on the software, they operate on the team of developers.
So the Pope is the greatest social engineer in the world? He convinced millions of people he's second to God.
Big con man like a Eric
Most hacking has almost nothing to do with code, so yeah....
I took a hacking class in college. It basically amounted to researching and testing vulnerabilities against locations to see if they have shit IT/security. The final exam / project was to compromise an old printer in the classroom and use wep crack to get someone else's password from unsecure WiFi. We talked about social engineering but there was no exercise to do for that one.
Real hacking is pretty boring. The concept of breaching a system and taking control is cool, but getting there is pretty dull.
I guess it would be hard to test that vs aware subjects. And if you let students pull social engineering on random people, there's a very good opportunity to cheat by just making a deal with that person.
Itās also incredibly unethical to not disclose that someone is a subject to an experiment for part of a college course.
A lot of companies conduct fake phishing campaigns for security awareness, often through a 3rd party, the university could find some companies to partner with.
A company doing security audits on their employees is not the same. The employees sign user agreements when they get hired and get computer accounts.
I think he's saying that it could just very well state in the user agreement that local college students might do fake phishing attacks on them as part of their coursework.
Though that's part of your contract that you sign when starting a job.
Thereās a big difference between the phishing test where an employee goes through a form of surprise/impromptu training, and subjecting an unknowing subject to some form of social engineering, which in some way results in discovering personal information about the target.
Thatās also very wrong. Experts fall victim to scams at a similar rate as the uneducated. Social engineering is just fancy talk for manipulation.
My professor made us all send him an email that somehow attempted to phish him. It didnāt have to be successful, it was pretty much just a āmake an attempt and get full creditā exercise. But it was fun to think through, and Iāve never failed any of my companyās mock-phishing emails, so thereās that.
That's not cheating. That's just getting an accomplice's help in to target the professor. Would be simpler to make up this accomplice, but an actual meat bag could be helpful if your professor calls you on it.
I work in penetration testing and adversary simulation and did research in college on binary exploitation/reverse engineering. I gotta say, there are a LOT of layers to hacking. Offensive security is a huge field and can either feel very corporate and boring depending on what you're testing/hacking/researching, and who you're doing it for.
Say you for a cybersecurity firm, most firms offer different services depending on what you want tested, and will staff it accordingly. Examples being APT (application pen testing, web), CSR (cloud security review, mostly configurations, permissive-ness), CPT (cloud pen test, actually looking around the environment and attempting to priv esc around their cloud env), PSR (product security reviews, embedded device hacking/hardware hacking, IoT), IPT (internal penetration test, assume breach/they have a foothold, go crazy and see what you can do) and many many more. Each one requires a different skill set (more or less). Depending on the person, some may seem more appealing than others, and I personally know I prefer PSRs, IPTs, APTs, and CPTs than doing CSRs and EPTs. We've also had an uptick in LLM testing, and how you can leverage it with the increasingly agentic applications and services people are putting out there. Recently I was able to leverage a prompt injection through an LLM that was running an agentic browser (think playwright, puppeteer) to retrieve its Metadata credentials and submit them on the form that it was interacting with, which we could then leverage to access more resources in the AWS environment to gain further access and eventually get admin from the entire organization structure, from an LLM that was overly agentic and with insufficient guard rail. LLM hacking is very new, and very interesting (at least imo)
Those are some things you might be doing/hacking at a firm, and then being a consulting firm you have a wider variety of clients that come in and show you their cool infrastructure, how their products and platforms work, and tell us to go crazy and hack them. You have the opportunity to do staff augmentation at a bunch of different tech giants, to really small promising start ups, and you get to see their technologies/services up close as if you were internal. That to me, is part of the reason I love the field. I get to tinker and hack these products, online or physically that I otherwise would've never had an opportunity to use and test out, much less try get paid to play with it! (And eventually do your job with the tedious test cases, paperwork and reporting).
But thats at a firm, if you are part of a internal security team, something like App Sec or whatever internal name they might use, that work is potentially going to look at lot different, and vary massively depending on the company. If you're directly integrated into the SDLC, the scope of your tests will vary widely, and you might not get to test the wider compenents of the system or application as part of the scope if you work with a very large company that uses microservices, maybe a new feature, maybe infrastructure changes, changed handling of sensitive data, etc. You see that pretty often with cloud providers. But that same company might have a red team where anything the company owns is considered in scope, where they might work alone or in teams for adversary simulation, testing alerting and alarms.
Or you might be doing research at a university or binary exploitation on an assessment, really digging into the software and reverse engineering it, and identifying 0 days, releasing CVEs, etc
And then you could be self employed and do bug bounties on programs that support them and get pay outs if you identify issues and report them
Each and every one of those variations, while all being "hacking" are going to have extremely different day to days with different conditions. And I think thats what makes this industry so awesome. There is so much variety that if you get bored with one thing, you can shift focus a bit and feel like you're doing something entirely new and novel, and expand your knowledge of how to be a modern wizard and understand how more and more things interconnect and operate
But it absolutely can be super fucking boring, depending on what you're doing, how intensive the reporting process is, what your coworkers are like, and the general work environment and culture of your individual company.
As someone that also works in cyber security, it was funny to see APT and it not be "Advanced Persistent Threat" haha.
People don't realize how much of "hacking" is like... watching TV while your scans are running, or doing boring whois lookups, or fiddling with table rows in an email because it's ultimately easier to just trick a guy than it is to find an actual RCE.
Very true, I got to season 4 of vikings during my last test hahaha
Great for people with ADHD because you get to bounce around between tasks a lot while things are running. My issue is that I forget what I was doing so ive learned to document what im working on pretty intensely at a given moment or if im context switching
Yea calling Donna in accounting while pretending to be the CEO is a lot easier than breaking into a server room to install a root kit.
The problem is it tends to be a numbers game. Major security vulnerability gets posted, odds are someone hasn't updated for it yet. The technical side of hacking becomes finding that system by trial and error and hoping there's a way in. If you need to target a specific company social engineering is really your only hope.
I learned in school - always target banks and hospitals because they don't like to invest in upgrades
I'm not sure if that advice is less relevant outside of 2014 NJ
Tbh I have no idea how someone can actually breach something. I'm assuming you need months of work. Sometimes I struggle to access devices I'm aware of, with a ton of VPNs, MFAs, jumphosts, proxies, etc ...
All the data nowadays shows that the majority of "hacks" are simply social engineering...
That's probably the case. The professor said it used to be something like...
Park near the business you want to attack
aim a directional antennae at the business
wait to catch a login packet
run cracking tools against the captured data?
I can't remember, but something like that.
Network hacking can be pretty methodical but always comes out to a satisfying end in a real pentest, like the end goal and the start are the same but theres a lotta fun to be had on the journey! Especially when its a real companies network... not having access to bigger systems makes network hacking feel EXTRA boring when you're a student, but I promise hacking is not boring!!
Especially when you start dipping into other domains, social engineering is high stress acting, physical security engagements are SO fun (lemme just get paid to plan a B&E rq), and application / llm hacking forces a ton of creativity in applying the technical knowledge you have. Don't even get me started on hardware hacking, its a tinkerers DREAM.
Ill admit the reporting IS boring and thats unfortunately the part they're really paying for lol... but even with that, theres no way I could read "hacking is boring" and let it be D:
He used his hacking experience to bolster his reputation as a developer. Getting hits on phishing emails doesn't make you a software engineer, it makes you a conman (funny, given the circumstances).
The other thing he's done very well is game the system to get more exposure. Which I can't blame him for, that's the social media game at the end of the day. But also. Engineering non-technical workarounds for systems to get maximum value out for minimum value in? Same skillset he actually picked up from blizzard. No coding in sight.
yeah, him stealing the spotlight of a whole internet movement is such an obvious fame grab, that even a Kardashian could smell this clout-chaser from a mile away.
I was able to get a demo of Metasploit right after WannaCry dropped to make sure my company's hotfix GPO worked as intended and fully disabled SMB1. Also got permission to try the exploit on some other networks as a positive control.
Even easier than in the movies, point it at an IP, pop a system level shell; was like what WatchDogs thinks hacking is. Or put another way, hacking is point and shoot if you have the same grade of toys the NSA does. Never seen anything like it since. The hard part is finding the flaw and polishing an exploit enough to make using it look that easy.
Story time. I got paired with a senior dev to fix a bug. He'd been at the company for almost 20 years. Rather than getting access from ops to see the info in a database, he used a backdoor he installed when he built the api. It only works while you're inside our firewall, but it was awesome to see someone in their element doing something so expertly.
āHe installed a backdoorā āDoing something so expertlyā
Mmm I donāt think so. An expert would know thereās no such thing as a safe backdoor
i mean, my qa engineers know how to code.
not like product technical leads, but they at least know a bit about whats going on.
Many QAs know a bit of code, but Iād imagine they donāt know much more than syntax. The syntax is the first step of learning how to write good code
I've seen both, and currently working as one, even though I do DevOps and observability and performance testing at the same time... And I've seen code that's about as good as pirate software's, hell I've been that bad at one time, but I've also seen the exact opposite
Most Iāve worked with havenāt. Or it was their first job out of a boot camp so they had some code training but not extensive experience.
If you reviewed their code it would most likely give the impression of someone who has very little experience (if judging by the standard of a 20 year exp dev). writing code as qa is different, writing code is always a tool, but for qa that is much more pronounced. says very little about domain expertise etc tho
I'd wager most "actual hacking" is social engineering.
Depends on what you're trying to hack I think lol. Some types are just way easier to socially engineer, like getting access to normal employees level of access, but I think the deeper stuff that likely only has admin access might be "hacker" stuff, or just trying to find some way to get malware installed that can do damage before it's noticed, which it probably will be quickly for most important systems.
There is always nuance, this is real life of course.
I just wanted to point out the flaw in the other poster's comment that implies social engineering isn't "actual hacking".
Yea that's true, it definitely is a huge portion of all the hacking that occurs.
Yeah, like robbing is not lock picking.
But it should be!
I mean, once you get robbing, pick the lock too
Breaking a window to get inside is not burglary. Real burglars use lock picks and grappling hooks.
i just checked amazon out of curiosity and it is surprisingly easy to buy a grappling hook lol
Wouldn't a QA guy notice his insane project structure though?Ā
āQAā part got me. Well done sir.
most hacking is done that way its just easier to use a 5 dollar wrench and beat the passwords out or to impersonate people to underpaid indians over the phone like the cia or fbi or something was hacked by leaving a usb in the parking lot and someone plugged it in to find out who to return it to
This just actually proves it that with big words without any kind of context, anyone can sound super smart.
Savage. I like it.
You forgot to mention he worked for 7 years at blizzard.
Me with 10 years experience who still programs like a noob
if you look at his code you'll feel superior.
Is this that alleged WoW programmer that constantly jabbers at me in shorts like people are asking him compelling questions about and then he gives some nebulous answers and tries to imply like he was there In The Beginning when FPS and 3D shooters were first written?
Yeah, that guy has always seemed like he was clueless to me.
Thor is not and never was a WoW programmer. Where do people get this stuff from?
Mobygames has all his credits.
Because he makes it sound like he was.
I watched a lot of his shorts and when you see someone coding, talking about working at a game company, you'd assume they're talking about having worked in coding at the game company.
Huh....yeah, that's him - had to look him up. He was just a disembodied person on YT and in my head.
āFirst second generation blizzard employeeā
So he was conceived in Stormwind or something? Cosplay is real I guess.
He actually means his dad was one of the original blizzard employees.
I donāt think he brags about having code experience, any time I have seen a short of his pops up he talks about pen testing and cybersecurity. Which a lot of those guys have very little programming experience, a lot of python for scripting tools for investigation usuallyĀ
He said "people call me the bob ross of programming"
Don't forget he cheats in every puzzle game he plays so he looks smarter
Also dont forget all the hc wow stuff that kind of kickstarted it all
His DRM is protected by a boolean you can change in seconds in guidra
š¦
--ā--
A duck
I feel attacked
Thanks. This has saved me searching.
The guy looking through the code also had no idea what he was talking about tbf. Pirate has plenty of awful code, but the guy looking through it complained about code snippets that was actually perfectly fine
None of that would matter if he wasn't arrogant about and could admit he was wrong.
Like with the ironman WoW fiasco. The damning part isn't when he choked and left his WoW teammates to die. No, it was claiming to be infallible and double downing that he couldn't be wrong. The constant banning chat over the slightest transgressions against him. Completely ignoring how others could feel about it.
We wouldn't be talking about any of this if he had any amount of humility in him. Or if he even just shut up and laid low at any point.
He spoke against stop killing games?!
Who was he?
Idk, early critiques seemed nitpicky to me and then since then there are a lot of people pasting his face in front of bad shit it looks like they found somewhere else and are using it as a meme template.
No idea what the game rule stance he has that pissed people off so much is. But the guy was a qa / security person, not a dev primarily as I recall. And building a game as a solo developer and hasnāt really held himself up as any thing other than those two things from what Iāve seen.
Really seems like a concerted effort to try and punish him for an opinion some donāt seem to like.
I assuming this is a hot take but why tf does everyone care about his code quality? Heās coding to make a game, heās not coding to make code. And from what I can tell the game is on steam and seemingly works.
Code is a means to an end and the product is what matters. Dunking on code quality just seems like bullying at this point. Like picking on someoneās appearance because youāve got no real argument to work with.
It's mainly because he acts like he's a know it all.
Oh and the game is on Steam but the third chapter out of five has been incomplete for years at this point.
I donāt think anyone really gives a shit about his code quality. More so the fact he built his entire personality around being this insane genius that can never be wrong. Instead of learn he just doubles down on everything heās wrong about.
As for his game I wouldnāt say āitās workingā both in terms of performance and dev timeline.
The development of his game grinds to a halt It's been 8 years and still not done. One look at his code, and u can guess why. It's the kind of code quality that makes working on that code base soul crushing.
I can't imagine him adding story_flag[314] and has to shift every index bigger than 314, and any references to indexes bigger than 314 down by 1.
Or if he just add new story flags to the end of the array and have to keep track of which flags corresponding to which chapter/location/event being Uber far apart...
Well 1: Because he presents himself as an authority on the topic, so itās funny watching what he produces be lesser than what an intern could produce, and 2: because even code for the purposes of making a game needs to be well structured for the purposes of being able to iterate quickly. If this werenāt true his game would be finished instead of being in limbo for 8 years
no one . is a lolcow.
My guess is he is hated because he used his supposed "experience" to defend anticonsumer practises of multi billion game coporations, and go against a popular petition to legislatem againts those practises in the EU
He wishes he was coding a game.
He's a fraud and makes real developers look bad.
His hand is a ripoff of another game, made with a very basic game engine, in development for over 10 years and with no updates since forever.
He's a fraud at best, an industry plant at worst.
Performance doesn't matter in games i guess.
He sold presales of a game 8 years ago and there's been barely any progress since then despite him claiming he does "monthly dev blogs"
so that's something people hate on too
I've never watched any of his videos but all bad code I've seen in screenshots looks very tongue-in-cheek...is none of it a joke? Or was some of his real game code genuinely bad and then he capitalized on the infamy by trolling with intentionally bad code in his streams?
most of the screenshots you've seen are almost definitely not actually his code.
The big ass arrays, O(nĀ²) CPU lighting shaders, and 300-line var initializations are real though.
For example, instead of using a parallelized GPU solution for lighting falloff (using masking, layers, and blend modes), he decided to iterate over every pixel of every sprite (for every light source), having the light darken (multiple times in another loop depending on falloff distance.
There are a lot of parodies on the sub, but the real code is just as abhorrent.
Dw, his game runs on a smart fridge. /s (it can be streamed to a smart fridge)
It became a new meme format basically, his face in front of any bad code.
most probably is code learned through basic gamemaker examples or something similar.
It may just work but it shows he doesn't know basic coding practices, basic data structures, basic programming paradigms or basic architectural patterns. A mess.
It's become a meme format. Most posts here don't actually contain his code.
To be fair, I've often found myself writing out some code for a little thing, fiddling with it and getting it working, and then thinking "This code is extremely specific, will never be used anywhere else, and will never need to change. I could just copy/paste these 5 lines a few times into each condition, change the variable name, and be done... never think about it again..."
Then I think no, that would be horrible to look at, and I do it the "correct" way. Move this code out to a separate function, define the inputs, write in the function calls into the conditions... And then I'm like, this is the same shit, it just takes up 10 less lines, and I will stay collapsed forever in my IDE never to be seen again after this moment anyway.
We can meme all we want, but being able to leave well enough alone and not fuck with the stupid code that works is a pretty useful skill to have haha.
Which is especially sad because many of his videos have been an inspiration for you if you want to be an indie dev