Theflow0

[acesmokemall]

 

[chrisrlink]

look at it this way unlike nintendo who would put yyou under a perm NDA (reason why ScireM disclosed fusee-geelee to nvidia themselves and not nintendo on top of the security flaw affected more than the switch) Sony allows hackers to disclose after an embargo period of a few months after it is patched (at least) so don't fret on sony's half but seeing how the flow was treated in the past i would be skeptical of a release directly from him at least

 

[godreborn]

look at it this way unlike nintendo who would put yyou under a perm NDA (reason why ScireM disclosed fusee-geelee to nvidia themselves and not nintendo on top of the security flaw affected more than the switch) Sony allows hackers to disclose after an embargo period of a few months after it is patched (at least) so don't fret on sony's half but seeing how the flow was treated in the past i would be skeptical of a release directly from him at least

I agree. if I were him, I'd release nothing after the way I was treated. you can beat most people who had his skills would be wanting to cash in on it too rather than just releasing stuff to a public full of ungrateful people.

 

[chrisrlink]

I agree. if I were him, I'd release nothing after the way I was treated. you can beat most people who had his skills would be wanting to cash in on it too rather than just releasing stuff to a public full of ungrateful people.

still doesn't mean someone else has the kexploit or found it themselves and are willing to share but i always wondered if he did share it in the tight group of devs and that dev goes rouge and relases it a head of time does the flow get in trouble (especially if the other dev is under no such conditions?) classic example the rouge dev was in a disagreement or wanted revenge

 

[godreborn]

dunno, but I hope no exploit is released for the current firmware at the time, whatever that may be. it's unfair to legit users, including myself, there needs to be a reason not to exploit your console, otherwise it's meaningless either way.

 

[Tomato123]

still doesn't mean someone else has the kexploit or found it themselves and are willing to share but i always wondered if he did share it in the tight group of devs and that dev goes rouge and relases it a head of time does the flow get in trouble (especially if the other dev is under no such conditions?) classic example the rouge dev was in a disagreement or wanted revenge

Yes he would. I think you have to go under a non-disclosure agreement to actually submit things on Hackerone. The only way he could legally share what he submits to it would be through requesting disclosure on Hackerone. It doesn't matter if the exploit is not publicly shared by whoever he shares it with, he can't share it with anyone without breaking the NDA, which Sony would likely sue him for, unless some other terms are said within the NDA as to what happens if it is broken.

All you can do is wait and hope he wishes to help out the community one last time (And Sony allows it), but considering how he has been treated in the past I doubt he will.

 

[godreborn]

certain people in the ps3 scene are the ones who made me want to quit, including the person who pissed off the fl0w, but I'm not going to. I'm legit now though, so I don't know how helpful I'll be after the ps4.

 

[cvskid]

So this is what i've been hearing lately about people saying theflow0 is screwing over the community holding it back. Interesting.

 

[subcon959]

So this is what i've been hearing lately about people saying theflow0 is screwing over the community holding it back. Interesting.

I wonder how many people in the community would turn down 20 grand. He is gonna get hate either way so may as well make a living. Maybe the community should start treating devs better instead of being ungrateful haters.

 

[Deleted member 42501]

Can you hear it?

Thats the whine of the entitled. A species that multiples at an immense rate, are even louder than their numbers suggest and are for the most part entirely useless when it comes to anything of worth...

 

[G33ksquad]

It’s not just 20k, I think it’s recognition of his skills, has anyone else found this? I’d say not if Sony was willing to give such a big payout. Also I’d imagine for any white hat this is a fantastic resume building item. I don’t know the individual myself but when you need to fund your passion or provide for your family, this seems like an obvious choice. What is the scene I am curious, a few people working hard and others donating $5 demanding piracy now. Honestly as more and more games move to an online required connection, piracy will become pointless anyway.

 

[rantex92]

Honestly as more and more games move to an online required connection, piracy will become pointless anyway.

nope piracy is like drugs it will never go away + piracy is the only "true" way for gaming preservation

 

[M7L7NK7]

I wonder how many people in the community would turn down 20 grand. He is gonna get hate either way so may as well make a living. Maybe the community should start treating devs better instead of being ungrateful haters.

If someone says they'd turn down $20,000 for credibility they're either a liar or a dirty liar

 

[CanIHazWarez]

I'm okay with him rage-quitting. What I'm not okay with is working for the "enemy". Every exploit that he reports is one that gets patched and the opportunity is removed for someone else to discover it. It might be understandable if he was getting paid big money, but he's not.

If someone says they'd turn down $20,000 for credibility they're either a liar or a dirty liar

To someone of that skill level, 20 grand is nothing. And if it is something, then he's severely underpaid at his day job. Sony pays a multitude of engineers, each one of them making six figures, to find stuff like this. They didn't find it though, he did. And all they paid him was 20k? Even that is a lot compared to what he normally gets. That's an embarrassingly low amount.

 

[godreborn]

well, as they say "time is money." I think what a lot of people forget about is how much time it takes to find these exploits or to develope homebrew to make processes super easy. I can say I've donated dev-level time to the scenes, and on other sites, I was treated like shit, so I can empathize with the fl0w. I mean you don't even have time to enjoy the fruits of your labor so to speak, because you're so involved with helping everyone else. I'm friends with lightning mods, and he told me he rarely games anymore, all he's thinking about is the store, what can be added, how to make it easier. you get a lot for free.

 

[G33ksquad]

I'm okay with him rage-quitting. What I'm not okay with is working for the "enemy". Every exploit that he reports is one that gets patched and the opportunity is removed for someone else to discover it. It might be understandable if he was getting paid big money, but he's not.


To someone of that skill level, 20 grand is nothing. And if it is something, then he's severely underpaid at his day job. Sony pays a multitude of engineers, each one of them making six figures, to find stuff like this. They didn't find it though, he did. And all they paid him was 20k? Even that is a lot compared to what he normally gets. That's an embarrassingly low amount.

Is it though? I agree if this is all you do is bounty hunt, yea that could be low, I imagine many researchers have day jobs in policy and compliance, or are maybe pen testers. Maybe this is a hobby the thrill of finding it first. And 20k for a hobby is pretty cool, I imagine if this were to be released vs turned in you might be spending more than 20k after Sony comes after you, they might not be jailing the Bowser like Nintendo but I’d rather be on the good side.

 

[RivenMain]

I'm okay with him rage-quitting. What I'm not okay with is working for the "enemy". Every exploit that he reports is one that gets patched and the opportunity is removed for someone else to discover it. It might be understandable if he was getting paid big money, but he's not.

Only a sith deals in absolutes. Maybe he does it because he.. Loves the company? It's just a puzzle, he found an answer and the game resets. Piracy isn't his focus, making money isn't his focus, and giving spoiled brats games isn't his either. He's dealt with enough and never will be credited for every hacked game sale out in india or china etc. I can't think of a better f you than giving away his exploits to sony to piss people like you off hahaha

 

[schatzi24]

Yeah theflow0 did it again 10k for PS5 PS4
Hope the 4.03 JB for PS5 is near to disclose

 

[M7L7NK7]

To someone of that skill level, 20 grand is nothing. And if it is something, then he's severely underpaid at his day job. Sony pays a multitude of engineers, each one of them making six figures, to find stuff like this. They didn't find it though, he did. And all they paid him was 20k? Even that is a lot compared to what he normally gets. That's an embarrassingly low amount.

Even if I was making 6 figures I'd still be pretty stoked to get 20k... maybe you're rich or something but it's still a lot of money

 

[subcon959]

If someone says they'd turn down $20,000 for credibility they're either a liar or a dirty liar

The funny thing is, if you choose the 20K you get credibility in the real world where it actually matters.