I agree. if I were him, I'd release nothing after the way I was treated. you can beat most people who had his skills would be wanting to cash in on it too rather than just releasing stuff to a public full of ungrateful people.look at it this way unlike nintendo who would put yyou under a perm NDA (reason why ScireM disclosed fusee-geelee to nvidia themselves and not nintendo on top of the security flaw affected more than the switch) Sony allows hackers to disclose after an embargo period of a few months after it is patched (at least) so don't fret on sony's half but seeing how the flow was treated in the past i would be skeptical of a release directly from him at least
still doesn't mean someone else has the kexploit or found it themselves and are willing to share but i always wondered if he did share it in the tight group of devs and that dev goes rouge and relases it a head of time does the flow get in trouble (especially if the other dev is under no such conditions?) classic example the rouge dev was in a disagreement or wanted revengeI agree. if I were him, I'd release nothing after the way I was treated. you can beat most people who had his skills would be wanting to cash in on it too rather than just releasing stuff to a public full of ungrateful people.
Yes he would. I think you have to go under a non-disclosure agreement to actually submit things on Hackerone. The only way he could legally share what he submits to it would be through requesting disclosure on Hackerone. It doesn't matter if the exploit is not publicly shared by whoever he shares it with, he can't share it with anyone without breaking the NDA, which Sony would likely sue him for, unless some other terms are said within the NDA as to what happens if it is broken.still doesn't mean someone else has the kexploit or found it themselves and are willing to share but i always wondered if he did share it in the tight group of devs and that dev goes rouge and relases it a head of time does the flow get in trouble (especially if the other dev is under no such conditions?) classic example the rouge dev was in a disagreement or wanted revenge
I wonder how many people in the community would turn down 20 grand. He is gonna get hate either way so may as well make a living. Maybe the community should start treating devs better instead of being ungrateful haters.So this is what i've been hearing lately about people saying theflow0 is screwing over the community holding it back. Interesting.
nope piracy is like drugs it will never go away + piracy is the only "true" way for gaming preservationHonestly as more and more games move to an online required connection, piracy will become pointless anyway.
If someone says they'd turn down $20,000 for credibility they're either a liar or a dirty liarI wonder how many people in the community would turn down 20 grand. He is gonna get hate either way so may as well make a living. Maybe the community should start treating devs better instead of being ungrateful haters.
To someone of that skill level, 20 grand is nothing. And if it is something, then he's severely underpaid at his day job. Sony pays a multitude of engineers, each one of them making six figures, to find stuff like this. They didn't find it though, he did. And all they paid him was 20k? Even that is a lot compared to what he normally gets. That's an embarrassingly low amount.If someone says they'd turn down $20,000 for credibility they're either a liar or a dirty liar
Is it though? I agree if this is all you do is bounty hunt, yea that could be low, I imagine many researchers have day jobs in policy and compliance, or are maybe pen testers. Maybe this is a hobby the thrill of finding it first. And 20k for a hobby is pretty cool, I imagine if this were to be released vs turned in you might be spending more than 20k after Sony comes after you, they might not be jailing the Bowser like Nintendo but I’d rather be on the good side.I'm okay with him rage-quitting. What I'm not okay with is working for the "enemy". Every exploit that he reports is one that gets patched and the opportunity is removed for someone else to discover it. It might be understandable if he was getting paid big money, but he's not.
To someone of that skill level, 20 grand is nothing. And if it is something, then he's severely underpaid at his day job. Sony pays a multitude of engineers, each one of them making six figures, to find stuff like this. They didn't find it though, he did. And all they paid him was 20k? Even that is a lot compared to what he normally gets. That's an embarrassingly low amount.
Only a sith deals in absolutes. Maybe he does it because he.. Loves the company? It's just a puzzle, he found an answer and the game resets. Piracy isn't his focus, making money isn't his focus, and giving spoiled brats games isn't his either. He's dealt with enough and never will be credited for every hacked game sale out in india or china etc. I can't think of a better f you than giving away his exploits to sony to piss people like you off hahahaI'm okay with him rage-quitting. What I'm not okay with is working for the "enemy". Every exploit that he reports is one that gets patched and the opportunity is removed for someone else to discover it. It might be understandable if he was getting paid big money, but he's not.
Even if I was making 6 figures I'd still be pretty stoked to get 20k... maybe you're rich or something but it's still a lot of moneyTo someone of that skill level, 20 grand is nothing. And if it is something, then he's severely underpaid at his day job. Sony pays a multitude of engineers, each one of them making six figures, to find stuff like this. They didn't find it though, he did. And all they paid him was 20k? Even that is a lot compared to what he normally gets. That's an embarrassingly low amount.
The funny thing is, if you choose the 20K you get credibility in the real world where it actually matters.If someone says they'd turn down $20,000 for credibility they're either a liar or a dirty liar