[HN Gopher] Twitch source code and customer data has reportedly ...
___________________________________________________________________
Twitch source code and customer data has reportedly been leaked
Author : cvak
Score : 974 points
Date : 2021-10-06 08:34 UTC (14 hours ago)
(HTM) web link (www.videogameschronicle.com)
(TXT) w3m dump (www.videogameschronicle.com)
| stevefan1999 wrote:
| Here's a link to the data: bWFnbmV0Oj94dD11cm46YnRpaDpONUJMWjZYRU
| NORUhIQVJISk9WUUFTNFc3VFdSWENTSSZkbj10d2l0Y2gtbGVha3MtcGFydC1vbmU
| mdHI9dWRwJTNBJTJGJTJGb3Blbi5zdGVhbHRoLnNpJTNBODAlMkZhbm5vdW5jZQ==
| sillysaurusx wrote:
| Here's a base64 decoded version:
| magnet:?xt=urn:btih:N5BLZ6XECNEHHARHJOVQAS4W7TWRXCSI&dn=twitch-
| leaks-part-one&tr=udp%3A%2F%2Fopen.stealth.si%3A80%2Fannounce
| k1rcher wrote:
| Got it in my seedbox as of 15-20min ago:
|
| Downloaded: 7.84GB Uploaded: 64.64GB
|
| sheesh, one popular magnet!
| ganoushoreilly wrote:
| That sounds like it's just the database. The full leak is
| 125.89gb
| schleck8 wrote:
| the power of foss
| stevefan1999 wrote:
| jesus, do you want to taste the banhammer?
| sergiotapia wrote:
| Thanks!
| wizzairflyer wrote:
| I'm very curious to have a peek but isn't downloading stolen
| material a crime? And wouldn't this be compounded by the fact
| that with torrent systems you are also helping redistributing
| it further?
| AnIdiotOnTheNet wrote:
| Possibly, but more importantly it is also just plain immoral.
| It's disturbing how readily this community wishes to access,
| analyze, copy, and redistribute this stolen information. This
| same community that bemoans corporate exploitation of data
| now getting its rocks off creeping on stolen data.
| _hilro wrote:
| > It's disturbing how readily this community wishes to
| access, analyze, copy, and redistribute this stolen
| information
|
| I know right. Panama papers too. /s
| acoard wrote:
| At most, it would be copyright infringement if Twitch (or
| Amazon) claimed copyright ownership of the code, which I
| assume they do.
|
| There's no such "trade secrets" laws or anything like that
| you're violating. Perhaps the hacker has broken laws of
| unlawful access (i.e. hacking), but you certainly aren't just
| by downloading it. It's as bad as downloading a song or
| streaming a movie on a sketchy website. In practice, I've
| never heard of anyone getting sued for downloading code in a
| large leak.
|
| When the Windows source code got leaked, so many people
| looked at it, including FAANG engineers. As long as you don't
| bring any of that stuff to work you're fine. That includes
| the knowledge[0]
|
| [0] https://en.wikipedia.org/wiki/Clean_room_design
| AlexCoventry wrote:
| I'm curious about which law downloading this would break.
| rvnx wrote:
| The fact that you are uploader (e.g. distributing the
| content) while downloading a torrent seems to me to be the
| biggest risk.
| xeromal wrote:
| If you have a seedbox, you're probably safe.
| iamevn wrote:
| Here's another link https://sizeof.cat/post/twitch-leaks/
|
| Looks real to me based on the archive I managed to download so
| far
| d3nj4l wrote:
| Amouranth making almost as much as shroud is insane and the
| fact that it's that high even after twitch's recent moves is
| telling.
| lemoncookiechip wrote:
| The revenue only contains a few data points (below), things
| like TTS donations, 3rd party revenues like OnlyFans,
| Patreon, Amazon Gifts and sponsorship deals are not included.
| Amouranth makes insane amounts from her OF alone (an estimate
| of 1 million $ per month based on an interview with
| investmenttalk). Odds are that she makes far more than him,
| same with a lot of other female streamers who know how to
| monetize themselves. Obviously the same (Patreon,
| sponsorships...) applies to male streamers but to a lesser
| extent.
|
| 'ad_share_gross', 'sub_share_gross', 'bits_share_gross',
| 'bits_developer_share_gross', 'bits_extension_share_gross',
| 'prime_sub_share_gross', 'bit_share_ad_gross',
| 'fuel_rev_gross', 'bb_rev_gross'
| d3nj4l wrote:
| Oh yeah of course, twitch is probably a minority of her
| earnings. But what I think is more interesting is that
| Twitch's moves to make it easy for advertisers to opt out
| of streamers like her doesn't seem to have hurt her
| earnings all that much if she's still that high. Ofc it
| could be that ad revenue went down but sub revenue was way
| higher, which, again, is telling. Also could be that ad
| buyers didn't blink and continued paying for the hot tubs
| category. I think it points to a more plausible future for
| softcore streaming - there might be a market for stuff
| that's less explicit than camgirls, especially if that
| makes it easier for kids to access it. (I don't condone
| this, just think it's interesting.)
| slightwinder wrote:
| Prices for ads is very poor on twitch. The claim was that
| amouranth made "just" some ten thousand income with ads,
| which considering how many viewers she has is not that
| high. The majority of direct income on twitch comes from
| donations and subs. The bigger income comes indirectly
| from placements and cooperations outside of twitch, which
| of course are not part of the leak.
|
| Twitch is not YouTube. For some reason they had for a
| long time big problems to get their ad-business running,
| especially outside the USA. It seems because of this the
| payment is low for streamers.
| frou_dh wrote:
| What's the legality of downloading something like this? If
| someone is on the torrent they're effectively distributing it
| as well as downloading.
| joot82 wrote:
| it depends which legislation you reside in, I believe most
| allow you downloading stuff like that as long as you don't
| reshare (uploading and sharing is the part where Amazon could
| go legally after you)
| hnick wrote:
| I think it would at least be the same as sharing other
| copyrighted content, whether or not the "hacking" part comes
| into it.
| GravitasFailure wrote:
| In the US, you're fine. The laws that exist barring
| possession of information largely revolve around copyright,
| CSAM, or classified information (only relevant if you have a
| clearance), and none of those really apply here.
| hnick wrote:
| Source code is copyrighted surely? You can't share ebooks
| just because the "source" is open and visible, copyright
| applies to all creative works.
| waynesonfire wrote:
| There is fair use exceptions? I'm no expert here but
| Google says,
|
| Since copyright law favors encouraging scholarship,
| research, education, and commentary, a judge is more
| likely to make a determination of fair use if the
| defendant's use is noncommercial, educational,
| scientific, or historical.
| hnick wrote:
| Probably fine for a journalist to argue, but I'd guess a
| tech guy saying it's "research" won't have much luck.
| DigitalSea wrote:
| If you're going to download it, I would probably use a VPN or
| something before you do. Technically, this would be copyright
| infringement. I don't know if Amazon would go after people
| downloading this, but you just don't know.
| [deleted]
| OliC wrote:
| You might want to delete that link. They've replaced it with
| something a little NSFW.
| [deleted]
| elaus wrote:
| They block links that have HN as referer and redirect them to
| a NSFW image. But if you copy that URL and paste it in the
| browser it will work.
| abdullahkhalids wrote:
| Hmmm. I thought I had something in Firefox (setting or
| addon) that didn't send referrers for external sites when
| you click-opened a link in a new tab. But it doesn't seem
| like it anymore.
| AegirLeet wrote:
| There are a number of settings for this:
| https://wiki.mozilla.org/Security/Referrer
| abdullahkhalids wrote:
| Thanks. Do you know if some of these break major websites
| if I move away from the default settings?
| AegirLeet wrote:
| I've had a small number of sites break when not sending
| any referer. Can't remember any concrete examples off the
| top of my head though.
| tenryuu wrote:
| I was wondering why I didn't see anything, but I keep
| forgetting I drop all my referrer headers
| saagarjha wrote:
| Ah yes, the jwz policy
| d3nj4l wrote:
| It's the exact same image, too. Feels like a ripoff, at
| least make your own dirty image!
| yawaworht1978 wrote:
| Don't open this link if you are in the middle of having a meal.
|
| Paste it to a separate tab, then it works.
| Dma54rhs wrote:
| jwz doesn't like HN, you just need different referrer address
| aaron695 wrote:
| Cheers, I guess we'll find out about Dr Disrespect's full story
| now. Hopefully nothing to private for him.
| _u wrote:
| One of the leaked directories is called event-
| engineering/covfefe. Haven't had the time to torrent the file. I
| wonder what's inside.
| madeofpalk wrote:
| # Covfefe RTMP relay utility
|
| This is also a project to enable me to learn go so is probably
| over-engineered
| jsiepkes wrote:
| > An unreleased Steam competitor, codenamed Vapor, from Amazon
| Game Studios
|
| The choosing of the name Vapor is probably no accident when the
| main competitor is Steam.
|
| Just like when IBM launched the "Eclipse foundation" which was
| arguably based on one of Sun's most prized possessions; Java.
| Asraelite wrote:
| Kind of a funny choice when "vaporware" is a thing.
| ginko wrote:
| Kinda works as a tongue-in-cheek internal code name.
| bogwog wrote:
| Extra funny with the context of Amazon Game Studios.
| dijit wrote:
| I worked for Nokia for a brief moment in time and the Nokia E71
| (or another in that line) was internally codenamed "BeeBee"
| (like: blackberry) which was comical to me given that the phone
| looked a lot like a contemporary era blackberry.
|
| https://en.wikipedia.org/wiki/Nokia_E71
|
| https://en.wikipedia.org/wiki/BlackBerry_Curve
| d3nj4l wrote:
| The E71 was a god tier device. Owned one for a good bit as a
| teen and it was the perfect phone for that time IMO. You
| could even WhatsApp on it until relatively recently.
| stevecat wrote:
| Yep! E71, E72, and E6 were some of my most loved phones. My
| love of that form factor meant that my first foray into
| Android was the HTC ChaCha - that was a mistake.
| kawsper wrote:
| I had a Qtek 8300 running Windows Mobile 5.0, it really
| felt like a computing device before smart phones
| appeared.
|
| It was slow and buggy, but it felt like a handheld
| computer.
|
| Qtek rebranded to HTC and I bought a HTC Touch running
| Windows Mobile 6.0, I am not sure when or what I switched
| to afterwards, maybe an Android.
| dfox wrote:
| IIRC the whole common HW platform of late model E-series
| Symbian phones from Nokia was code named BB. Both E61 and E91
| call themselves (IIRC) "BB v5.0" in USB descriptors.
| bogwog wrote:
| That sounds like an internal product name. At launch they'll
| probably pick something significantly less clever and more
| generic.
|
| It would be pretty awesome if they stuck with "Vapor" though.
| It'd be some WWE-style drama, and great for marketing.
| scrollaway wrote:
| We could call games released on there Vaporware :)
| xdrosenheim wrote:
| And sales would come in Vaporwaves.
| checkyoursudo wrote:
| Oh ho ho! Vapor is what I call my shell function that launches
| Steam. Guess I am on to something.
| chrisjc wrote:
| Eclipse... Sun... how did I go all these years without noticing
| this!
| Arathorn wrote:
| IBM weren't the only people to play that game. The codename
| for the SGI Indigo was also Eclipse, for similar reasons,
| iirc.
| monkeybutton wrote:
| And where do explorers like to go? On safaris.
| adolph wrote:
| Another lovely naming story:
|
| _When new sounds for System 7 were created, the sounds were
| reviewed by Apple 's Legal Department who objected that the new
| sound alert "chime" had a name that was "too musical", under
| the recent settlement [with Beatles' record label Apple
| Records]. Jim Reekes, the creator of the new sound alerts for
| System 7, had grown frustrated with the legal scrutiny and
| first quipped it should be named "Let It Beep", a pun on "Let
| It Be". When someone remarked that that would not pass the
| Legal Department's approval, he remarked, "so sue me". After a
| brief reflection, he resubmitted the sound's name as sosumi (a
| homophone of "so sue me"). Careful to submit it in written form
| rather than spoken form to avoid pronunciation, he told the
| Legal Department that the name was Japanese and had nothing to
| do with music._
|
| https://en.wikipedia.org/wiki/Sosumi
| junon wrote:
| It won't work, I don't understand why they're bothering. You
| can't compete with steam, unless you're trying to hit a niche
| market.
| bluedino wrote:
| Amazon would have no problem releasing a 'Fire' console and
| they have their own distribution and store...
| junon wrote:
| And then they would have to convince publishers to target
| yet _another_ console. That's a hard ask.
| meibo wrote:
| Amazon has even more money to throw at studios than Epic, so
| they can just force themselves into it.
| ryathal wrote:
| It's more than just throwing money at it. EA tried and
| failed to separate from Steam. Epic might succeed, but it's
| not going to be because of money, but because Fortnite let
| them capture young gamers before they got into Steam.
| Wherever a user gets a critical mass of a library built up
| first is going to be the winner.
| eric-hu wrote:
| Do you remember a time when people were predicting this
| deep pocketed company Microsoft would bomb with their
| Xbox? It's not a sure thing that Amazon could dislodge
| Steam, but there's precedent.
| tyrfing wrote:
| > Wherever a user gets a critical mass of a library built
| up first is going to be the winner.
|
| This is where they've been throwing money at the problem:
| giving away a ridiculous amount of games for free.
|
| https://www.theverge.com/2021/4/12/22380895/epic-games-
| store...
| WorldMaker wrote:
| Useful to note that Prime Gaming has been doing the exact
| same strategy (for longer), backfilling users' catalogs
| by throwing a lot of money in games giveaways. Once the
| games have been added to your Amazon/Twitch today you can
| download an EXE installer from a hard to find Amazon page
| or use a really bland "Twitch Launcher" app that clearly
| is the first stage towards "Vapor" or whatever the final
| brand would be. For a lot of Amazon Prime users that pay
| attention to the Prime Gaming page month to month and
| click the bright shiny green "Claim" buttons whenever
| they show up, Amazon can just go "look at all the games
| you already 'own'" when they start actually marketing it
| as its own store.
| Arrath wrote:
| It is quite nice, I think I paid for 1 game of the 14 in
| my epic library.
| trey-jones wrote:
| I wonder how much I paid over the last 15 years for the
| 198 games in my Steam library. Not that much, I suspect
| between all the Humble Bundles and steam sales of yore.
| Nevertheless I was _pissed_ when I had to get Origin in
| order to even play Mass Effect 3, and I never even
| considered the epic store, so I think the theory of
| library investment is sound. Steam has a good head start
| on a lot of us.
| Arrath wrote:
| It absolutely does. The singular reason I signed up for
| Epic was Borderlands 3, everything else is in my Steam
| library.
| junon wrote:
| The problem isn't the product. I was going to compete with
| Steam at one point and we had objectively better systems
| and a better client.
|
| The problem was the critical mass issue - no users, no
| publishers, neither want to join without the other.
|
| Amazon will definitely get publishers but will users join?
| That's not a given.
| pc86 wrote:
| You just answered your own question.
|
| > no users, no publishers, neither want to join without
| the other
|
| > Amazon will definitely get publishers but will users
| join?
|
| Well, the publishers will be there. If users have a
| reason to go there over Steam, they will. Amazon will
| lock in a few exclusives, people will start to come over.
| Who knows, maybe there will be some way to verifiably
| move your Steam library over to an Amazon account?
|
| I don't think the bar to compete with Steam is as high as
| you're suggesting, but even if it is, if anybody was
| going to start listing companies that could conceivably
| do it, Amazon would probably be on the list.
| ratww wrote:
| _> Who knows, maybe there will be some way to verifiably
| move your Steam library over to an Amazon account?_
|
| The library is the #1 reason people stay in Steam. Lots
| of people just buy games in other places and just add it
| there.
|
| Amazon could, for example, offer different royalties
| (say, 10% instead of 30%) for publishers willing to have
| their old games "moveable" to Amazon's hypothetical new
| platform and I bet a lot of studios would take the deal.
| This is not unheard of: it's how Apple does iTunes Match.
| junon wrote:
| > Who knows, maybe there will be some way to verifiably
| move your Steam library over to an Amazon account?
|
| Given that steam has pretty strict terms with publishers
| over this, I highly, _highly_ doubt they would do this
| unless they wanted to dump a huge ocean of money into
| free license comps for developers to make money from and
| for users to get free games.
|
| Competing with Steam isn't only just a money/size thing,
| though of course that helps.
| lbhdc wrote:
| I would imagine they would attempt to secure exclusive
| rights to a popular title and only distribute it from
| their new platform. I believe that is what epic did when
| they launched their store.
| AnIdiotOnTheNet wrote:
| Yeah, and a lot of people _loathe_ them for it. I 'm one
| of them.
| trey-jones wrote:
| And my axe.
| junon wrote:
| Yes and it backfired spectacularly.
| baud147258 wrote:
| Epic did that, plus giving away loads of free games, like
| a new free game every two weeks.
| gizdan wrote:
| Amazon already has customers. If their other products are
| to go by, they'll just give you an account if you have an
| Amazon account. Probably combined with free games if you
| have a prime account and you can imagine that it won't
| take much to compete, at least not for a company like
| Amazon.
| isk517 wrote:
| That was my thought. They already give away free games
| over Prime, if they leverage that they have already given
| a large number of people stake in their new market place.
| Plus they own Twitch, I don't believe there is a
| publisher who isn't interested in the idea of people
| being able to impulse buy whatever there favorite
| streamer is playing without even leaving the stream. The
| strategy is pretty easy actually, give streamers a cut of
| each sale and encourage them to put up notifications when
| it happens like they do subs and cheers.
| junon wrote:
| The free games on prime accounts is probably exactly what
| will happen, and will probably be what _needs_ to happen
| for it to be any amount of successful.
|
| Look at Epic which offers free games but sees pretty slow
| growth outside of their flagships. Further, look at
| Amazon's lumberyard engine, which gathers dust for the
| most part.
|
| I'm not convinced that their 'weight' will automatically
| guarantee wide adoption.
| rawbot wrote:
| By better systems, I hope you are also including, to name
| a few: Remote Play, Remote Play Together, Game Streaming,
| Screenshot capture, Controller API that also works in
| Desktop, a project to help Linux compatibility with zero
| effort from the game devs.
|
| I think people just consider Steam as a store, but it has
| become much more than that.
| junon wrote:
| Never got as far as Remote Play or Game Streaming but
| would have been trivial for us to do so given the backend
| infrastructure we had already written.
|
| Game overlays and capture were working fine, and the
| controller API was designed to support any number of
| controllers (Steam's support is great but their
| interfaces are subpar, in our opinion). We were also able
| to pull from a well known database of controller
| configurations and device IDs, which really made this a
| non-issue.
|
| Linux compatibility was fine as far as the client went
| (all of our code was cross-platform and not webkit frames
| or the like). The client even ran on Android and iOS.
|
| If you're referring to Steam's Proton, we really didn't
| want to touch that area for a while. But we had much
| better systems for searching for new titles, including
| those that worked well on the system and also matched all
| of the criteria (tags and whatnot).
|
| Our social system was also designed to support "cross-
| talk" between different marketplaces (Steam, GoG Universe
| and Epic) but we never got as far as building out any
| client functionality - just the initial blackbox proof of
| concepts.
|
| The store aspect was indeed just a smaller part of it,
| though it was complicated in its own right.
|
| The project was a great idea and we were executing well
| on it. Lots of cool new tech was developed for it. But
| nobody we talked to wanted it - including publishers,
| users, investors, or even friends. It didn't matter how
| compatible we made it, the fact that we didn't push you
| to re-buy games, etc.
|
| We wanted to make an non-shitty experience for gaming and
| the market simply said "no".
| o_m wrote:
| So does Microsoft, but Xbox has been in decline since after
| Xbox 360
| cableshaft wrote:
| I think Microsoft is just less concerned about hardware
| now, so it looks like they're doing worse when they're
| not really.
|
| Like I haven't touched my Xbox One in years, but I'm
| still giving them $10/month for Xbox Game Pass for my PC.
|
| "In its latest financial results, Microsoft announced
| that the gaming division revenue was up 50% year-on-year,
| boasting huge $3.53 billion earnings over the past 12
| months. The vast majority of that income stems from Xbox
| hardware (largely the launch of the Xbox Series X/S),
| which is up 232%."
|
| https://www.vg247.com/xbox-revenue-hardware-game-pass-
| boost-...
|
| Okay, I guess hardware is still big for them. Huh.
| paxys wrote:
| Eclipse makes sense, but vapor is just..another word for steam?
| incahoots wrote:
| >vapor
|
| >vaporware
|
| I see no issue here
| darklycan51 wrote:
| Anyone who played new world private alpha new this, the first
| alpha (closed) had an amazon games Epic Games like client, they
| choose to remove it for new world public beta and release but I
| knew they had been working on it because of it
| Semaphor wrote:
| This is somewhat hilarious. Just 5 days ago I was complaining
| about Twitch's new "Only verified users" setting which requires
| me to give them my phone number. One of the reasons I said I'll
| not do that was "hacks, leaks". And now this. Sure, I'll give you
| my phone number to add TOTP (Why even?) after I've just been
| shown how secure that data is.
| fooey wrote:
| Twitch has a huge problem with waves of hate bots spamming and
| overwhelming smaller streamers, and it's been getting worse.
|
| They really need that verification option just to avoid getting
| run off the platform.
| jrootabega wrote:
| For every conscientious person like you, there are 100 kids,
| who don't even have fully formed brains, desperate to
| participate in this system.
| AnIdiotOnTheNet wrote:
| I don't really get this. My phone number is apparently already
| known by every scammer and spammer on earth, which is why I
| never answer calls from people I don't know, so what am I
| losing?
|
| Meanwhile, Twitch has had a significant bot spamming problem.
| slightwinder wrote:
| > I don't really get this. My phone number is apparently
| already known by every scammer and spammer on earth, which is
| why I never answer calls from people I don't know, so what am
| I losing?
|
| The only scammers who know my number are my phone-provider
| and my mom. Other scammers either never call me, or just
| don't know the number. Protecting your number is possible.
|
| > Meanwhile, Twitch has had a significant bot spamming
| problem.
|
| Which can be solved without this. The bot-problem is more
| about people not using the existing tools well and twitch
| sucking in their handling. Adding another features they won't
| use will not make anything better. Especially as the phone-
| number only rises the bar for bots.
| AnIdiotOnTheNet wrote:
| The twitch tools for dealing with spam suck ass. You
| basically get a blacklist of words and follower/subscriber
| only chat modes.
| weberer wrote:
| Which came first? You giving your phone number away online,
| or the scam calls?
| zamadatix wrote:
| Scam calls just end up ringing every working number these
| days and if you pick up even once you're already on the
| list of "real people". Targeted scamming of even just
| 100,000 potential victims is just wasted effort when with
| the same setup you could do untarget scamming of
| 100,000,000 potential victims.
| Semaphor wrote:
| I'm also subscribed to a few channels. I'm pretty sure that
| is a far stronger signal that I'm not a bot than getting my
| phone number. And unlike most people, I only had 2 or 3 spam
| calls, and maybe 10 spam SMS on the number I've had for
| almost 20 years.
| AnIdiotOnTheNet wrote:
| Ok so you don't want them to have your phone number but
| you're ok with them having your payment details?
| Semaphor wrote:
| Pretty much my PayPal account, only.
|
| And even otherwise, any fuckups there, my bank is liable.
| My phone number? Outside of changing my 20-year-old
| number, there'd be nithing I could do.
|
| > And even otherwise, any fuckups there, my bank is
| liable. My phone number? Outside of changing my 20-year-
| old number, there'd be nothing I could do.
| iuri1 wrote:
| Probably not everyone has disposable phone numbers or even
| know how to manage them, or even choose not to do it out of a
| personal decision
| Nextgrid wrote:
| > so what am I losing?
|
| The fact that they can use this number to correlate against
| contact lists collected from other people.
|
| Now I don't think Twitch itself is doing this, but they may
| provide this information to marketing platforms such as
| Facebook which will use this data for ad targeting (and they
| definitely have a lot of people's contacts and can infer
| social graphs very well as a result).
| mariusor wrote:
| From what I can see their 2FA is not inhouse. They're using
| twilio's Authy (first time I've heard of it, honestly) so maybe
| the phone numbers are not in the leak.
| reilly3000 wrote:
| I'm assuming they may have had access to private API keys so
| unfortunately Authy may not be immune. That is unless Authy
| hides those details from their customers.
| trey-jones wrote:
| Authy does hide those details from their customers.
| canada_dry wrote:
| This is a readily solvable problem i.e. the only phone number I
| use/give online is a VOIP# that just redirects to voicemail
| immediately (and blocks the call if it's on my SPAMMER list of
| persistent annoyances).
|
| For friends/family they have my cell# and it only lets calls
| through if they're in my contacts.
| dhimes wrote:
| How much does your VOIP cost?
| canada_dry wrote:
| I use voip.ms and is pay-as-you-go so it's nominal e.g.
| $1-2/mnth. It allows setting up all sorts of call handling
| rules (time-of-day, CID lists, call trees).
| jrootabega wrote:
| Even though it should not be, this approach is a luxury that
| can only be afforded by those who do not need to take live
| calls from previously-unknown numbers. Job hunters, medical
| patients, etc.
| Semaphor wrote:
| It's readily solvable not to require a phone number to add a
| TOTP app.
| sirclueless wrote:
| The point isn't to authenticate control of an account, it's
| to tie the account to some kind of expensive-to-replicate
| real-world cost, ideally one that most potential customers
| are already paying for.
|
| Phone numbers are nice because the marginal cost to a
| customer is low (they probably already have one) while the
| marginal cost to a bad actor is high (it's expensive to
| acquire many of them or to change one once it's been
| identified as malicious).
| Semaphor wrote:
| My current phone contract: 3.99EUR/month
|
| My current twitch subscriptions: 11.97EUR/month
|
| I can't really see how they need my phone number to make
| it too expensive to be a bot.
|
| And if that is the thing, then that'd makes them even
| more shady, claiming it's for account security when it's
| for their bit protection.
| rvr_ wrote:
| This kind of leak looks like an insider's job. What measures
| should and org take to avoid this? How does big tech deal with
| secrecy?
| [deleted]
| [deleted]
| johprats wrote:
| It seems that you should start changing your credentials just in
| case. A lot of credentials will be sold at a high price.
| Copenjin wrote:
| Dang, shouldn't we remove the links/magnets?
| cvak wrote:
| seems like it's already posted here, sorry:
| https://news.ycombinator.com/item?id=28770135
| google234123 wrote:
| That site is NSFW. This is a better post. Here is the 4chan
| thread if people are interested
| https://boards.4channel.org/g/thread/83691438
| hyproxia wrote:
| The posts should have linked to the 4chan thread directly
| imo.
| nojito wrote:
| Those threads disappear
| shultays wrote:
| There are archieves
| _hilro wrote:
| Top earner is a role playing group. How interesting.
|
| > A band of professional voice actors improvises, role-plays and
| rolls their way through a `Dungeon and Dragons' campaign.
| the_duke wrote:
| Critical Role is a relatively big deal.
|
| They did a Kickstarter to turn the first season of the live DnD
| campaign into an animated show, which finished at over 10
| million.
|
| The rights have been bought by Amazon and it will release on
| Prime.
| worrycue wrote:
| > Critical Role did a Kickstarter to turn the first season of
| the live DnD campaign into an animated show, which finished
| at over 10 million.
|
| Sounds like how Record of Lodoss War got started - RPG
| session gets recorded and it went from there.
|
| https://en.wikipedia.org/wiki/Record_of_Lodoss_War
| JonathanFly wrote:
| >Top earner is a role playing group. How interesting.
|
| A group of professional voice actors who put on a real show
| every week, with extremely high production quality. A real
| standout on the list and well deserving of the #1 spot.
|
| A personal favorite moment:
| https://www.youtube.com/watch?v=Cnl5r3hp1_k
|
| I've always loved the spells in D&D that talk to plants. "You
| imbue plants within 30 feet of you with limited sentience and
| animation, giving them the ability to communicate with you and
| follow your simple commands."
|
| Every casting of the spell is a Flowers For Algernon tragedy,
| as the plants around you realize they will only be sentient for
| 10 minutes and then fade back into nothingness.
| yupitr wrote:
| Can anyone share magnet?
| zalequin wrote:
| magnet:?xt=urn:btih:N5BLZ6XECNEHHARHJOVQAS4W7TWRXCSI&dn=twitch-
| leaks-part-one&tr=udp%3A%2F%2Fopen.stealth.si%3A80%2Fannounce
| irae wrote:
| Most comments listing which streamers earn more, commenting on
| this being only part of their revenue, etc.
|
| Would be way more interest to me to know the distribution of
| people giving away their money. I personally spend about $20 a
| month on Twitch, I wonder in each part of the bell curve I am,
| and if it is a bell curve at all.
| stunt wrote:
| https://www.twitchearnings.com/
| NaturalPhallacy wrote:
| I can't help but love the fact that PaymoneyWubby (a fat ginger
| nerd who makes interesting content, at least on youtube) makes
| more than pokimaine and Amouranth whose primary feature seems
| to be young, attractive, and female. Perhaps there's a tiny bit
| of justice in the world.
| mkishi wrote:
| Donations probably dwarf subscription earnings, I'm not sure
| it's that black and white.
| rasz wrote:
| Splitting earnings by gender reveals females arent doing that
| hot on twitch.
| zeouter wrote:
| ... that does sound quite misogynistic. Like the sole
| comparisons you raise (and insult) are women.
| [deleted]
| [deleted]
| [deleted]
| thinkingemote wrote:
| From another site a user commented that it might have proprietary
| modifications to ffmpeg which is LGPL/GPL (I think?). Would a
| leak be considered to be distribution, could others legally take
| these modifications and merge them into the upstream project?
|
| I imagine other free software might have modifications too.
| MrStonedOne wrote:
| The GPL can't actually force them to license their downstream
| changes, just revoke their ability to use the upstream project
| if they don't, and sue for infringement for damages.
| sydthrowaway wrote:
| Can you use GPL code internally (ie run your backend) if you
| never publish it?
| bo1024 wrote:
| I believe so, and this is why the AGPL was created:
|
| > The GNU General Public License permits making a modified
| version and letting the public access it on a server without
| ever releasing its source code to the public.
|
| > The GNU Affero General Public License is designed
| specifically to ensure that, in such cases, the modified
| source code becomes available to the community.
|
| https://www.gnu.org/licenses/agpl-3.0.en.html
| sydthrowaway wrote:
| So in theory, FAANG could make billions of a random
| person's GPL'd code and they'd never know.
| kobalsky wrote:
| amazon and google both created managed version of popular
| open source software like grafana and airflow and they
| are priced at a premium.
| mrintegrity wrote:
| grafana is agplv3 but grafana the company has a deal with
| amazon to grant them a special licence
| david_allison wrote:
| This is a common occurrence.
|
| Modifications don't need to be shared back to the
| community if the software is used internally or behind a
| webserver.
| thatfunkymunki wrote:
| Spoiler alert: vast majority of FAANG systems run on
| Linux, making billions for them.
| mkr-hn wrote:
| Don't they also provide a lot of developer time through
| patches?
| notsureaboutpg wrote:
| They sure do, but having worked at such a place, the
| companies are using way more free labor in open source
| software than they are giving back.
|
| In a way, everyone is doing that as well. I certainly use
| more free software than I contribute free software / dev
| time to free software
| shiado wrote:
| The IP issues with the leak are interesting. There's got to be
| some Stack Overflow copy/pastes, perhaps some variable name
| changed license violating code, and I wonder if patent trolls
| or even rightful patent owners can now sue based on how backend
| code works in a way where they had no way to sue if they didn't
| know how it worked from interacting with a frontend.
| akersten wrote:
| > patent trolls or even rightful patent owners
|
| What's the difference?
|
| But seriously, if it takes _trolling_ through the code to
| determine that Twitch 's math violated their special way of
| doing math that no one else should get to use, it's just more
| evidence that software patents aren't helping protect or
| encourage innovation (else the violation would have been
| apparent from using the service). It would instead clearly be
| a "hah, gotcha, turns out we patented the linked-list-inside-
| a-hashmap construction you've got going on here, pay up! Only
| we can put the Legos together in that way!"
| notsureaboutpg wrote:
| No, you won't be able to sue if you claim that, based on the
| leaked source code, your IP was infringed because leaked
| (e.g. stolen) source code won't be admissible in court as
| evidence
| lights0123 wrote:
| No. https://www.gnu.org/licenses/gpl-faq.en.html#StolenCopy
| bla15e wrote:
| But the source was not stolen, merely copied
| zamadatix wrote:
| Hence the anchor being "#StolenCopy".
| NineStarPoint wrote:
| An important distinction indeed. Intellectual Property
| theft will get you in much bigger trouble with the Feds
| than just stealing something does.
| mijoharas wrote:
| Interesting! I'd never thought about those kind of cases. (I
| also like how nice and clear that FAQ is).
| sydthrowaway wrote:
| Couldn't help but contrast this to another item on the front
| page.. the irony of video game streamers making many times more
| than the lifetime earnings of Nobel Prize winners :)
| j4qfrost wrote:
| Totally fine. My issue is with the streamers who promote
| socialism to their fans and say that wealth should be
| distributed, meanwhile pocketing a huge paycheck. I guess
| there's a market for stupidity. It's both funny and sad.
| adolph wrote:
| value != earnings
|
| science != commerce
|
| something truly novel is hard to evaluate in money
| irae wrote:
| Sports and Entertainment has always been a way to leap frog
| hard work.
|
| I am not saying at all it is not deserved. I am quite ok with
| them earning millions. But it does make a lot of us pull this
| comparison, both in achievements for humanity and in effort
| spent in their endeavors.
|
| I personally never played or wish to play the fame lottery, I
| prefer the hard work path.
| snejad123 wrote:
| I think Kobe Bryant working on his free-throws from 4 AM to 8
| PM every day for decades is much harder work than some dude
| making dogecoin over a weekend or minting an AI-generated
| NFT.
|
| Wealth is not linear, it's not promised as the result of
| "hard work". Hard work helps, but it isn't the determining
| factor of whether or not you'll get a payout.
|
| You must work hard in a domain that has public visibility and
| actually produces something of value to people. And yes,
| Basketball (and watching it) is extremely valuable to a lot
| of people.
| SamPatt wrote:
| I am guessing the most popular streamers have gotten where
| they are by hard work.
|
| Yes some is luck, attractiveness, etc. But that's true in all
| careers.
|
| Just because they're playing games doesn't mean they aren't
| working. Athletes get insane amounts of money to play games.
| They exert themselves more physically, but I expect being a
| top steamer day in and out isn't a cake walk either.
| mdoms wrote:
| Ah yes, professional sports people, always finding a way to
| not do hard work.
| sf_sugar_daddy wrote:
| If you knew anyone who plays a sport at the professional
| level you would not be saying this
| darkcha0s wrote:
| There are plenty of professions where the people work just
| as hard as professional sports people. The wealth
| accumulated has nothing to do with working hard or not
| working hard, but rather with the public visibility of the
| outcome of the work (and ability to make money with that).
| savanaly wrote:
| What does any of that have to do with the claim that
| professional sports people routinely don't do hard work?
| JohnWhigham wrote:
| So do many actors. Streamers are just entertainers.
| heroku wrote:
| what is the irony?
| Sirikon wrote:
| The magnet:
|
| magnet:?xt=urn:btih:N5BLZ6XECNEHHARHJOVQAS4W7TWRXCSI
| yawaworht1978 wrote:
| Was the viewers data also leaked? You know, the twitch users who
| simply watch the streams?
| jollybean wrote:
| HN is vastly concerned about privacy and screaming about FB
| transgression on these issues etc., but the top post here is
| about disseminating private information of 10's of thousands of
| people.
| tailspin2019 wrote:
| You're not wrong.
| zalequin wrote:
| Hn is no different from 4chan. Prove me wrong.
| 1121redblackgo wrote:
| Never used to be like this. At all.
| zalequin wrote:
| English much. But not to many.
| 1121redblackgo wrote:
| I agree. This would not have been accepted in years past.
| [deleted]
| Barrin92 wrote:
| at least that table above doesn't reveal much you couldn't have
| estimated from their official twitch page to begin with and I
| don't really consider earnings that private (neither do most of
| the top streamers by the way who tend to display their sub
| count on their streams).
|
| People on HN probably would very much oppose leaking private
| DMs but transparency on celebrity earnings is not exactly that
| big of a deal. I'd actually like earnings transparency in
| general, like it already exists in Sweden.
|
| Given that children's rights on the internet seem to be a hot
| topic, this might give some of them an idea who they're giving
| their hard earned money to.
| jollybean wrote:
| 'Earnings' is absolutely private information.
|
| So is source code.
| cableshaft wrote:
| You can't put the toothpaste back in the tube. It's out there
| now, might as well examine what you can learn from it and
| discuss it.
|
| FB is a business making conscious and deliberate decisions and
| can be called out on it in part because things like this can
| happen. I mean they just made such a massive goof that they
| completely took down their own site, other massive sites they
| owned, and locked their own employees out of their buildings
| just two days ago for almost a full day. They can certainly
| screw up and be victim to a leak like this as well.
| AnIdiotOnTheNet wrote:
| This is the same logic that a lot of people used during The
| Fappening. If we think it is immoral to steal this data then
| we should not condone people copying it and analyzing it as
| that's just benefiting from someone else doing the dirty work
| for us.
| tailspin2019 wrote:
| Hey you're not really living up to your username there with
| that morally sound logic.
| tailspin2019 wrote:
| > might as well examine what you can learn from it and
| discuss it.
|
| Thats the sort of high minded thing that WE might do here,
| but I worry about how this data is going to be weaponised
| against a whole bunch of people just trying to make a living
| from things they're passionate about.
|
| I'm not a streamer (yet?) but I kind of see Twitch as this
| haven for a bunch of people who, until the advent of
| streaming, didn't really have an outlet, or an easy way to
| find like minded people, let alone (in some cases) make a
| living. I used to write off Twitch as a crazy fad that didn't
| make any sense to me. Then I spent a bit of time on there and
| realised what an awesome bunch of people (mainly) inhabit
| that place.
|
| I feel very sorry for anyone caught up in this who goes onto
| experience some of the inevitable downsides. I can just see
| morons in the chat on various streams constantly bringing up
| how much the streamer earns (or doesn't earn) etc.
| cableshaft wrote:
| Oh no, I definitely feel bad for the people who had their
| data leaked and worry what some malicious people will do
| about it, but posting about it on HN isn't going to change
| that.
|
| I've done a tiny bit of streaming myself at some point, and
| keep meaning to do a bit more. I'll never have any
| significant following, but it's a cool website. It sucks
| that's it's gotten out there, but it's too late, it's out.
|
| Might as well satisfy my morbid curiosity of how much some
| streamers are making on that site, which is about all I'm
| doing with this data.
| jollybean wrote:
| Information is subject to Supply and Demand like everything
| else.
|
| We don't publish the names of victim of certain crimes, and
| they are not widely known even if they are leaked, thus
| significantly limiting the damage. Information about how to
| make 'violent things' with easily acquired materials, certain
| recruiting videos for 'very bad groups' aka ISIS etc. - all
| of this is out there on some level but because it's actively
| not propagated, the likelihood of it having an impact is
| reduced.
|
| We shouldn't be publishing individual's income, or the
| private source code of normal, legit private groups.
| aosaigh wrote:
| How many other sites of this size have had breaches of this
| magnitude (financial, source code, database etc.)? This seems
| enormous.
| a_f wrote:
| The EA one comes to mind, which was recent. They had access to
| the source of a number of games, including unreleased ones as
| well as the Frostbite engine if I recall correctly.
| https://www.bbc.co.uk/news/technology-57431987
| jason_zig wrote:
| I'm curious what reaction people have to the info so I made a
| poll:
| https://share.zigpoll.com/2kParn8gL6RvpveWu/2qZxbgjD3pu2ATqz...
|
| Personally I'm thinking this is decent PR for twitch since the
| market is still small and the payouts can be relatively high even
| in the middle tier.
| em3rgent0rdr wrote:
| Amazon could embrace the sourcecode leak and make Twitch
| opensource.
| [deleted]
| rvz wrote:
| > Twitch is aware of the breach, the source said, and it's
| believed that the data was obtained as recently as Monday.
|
| Does that mean that Twitch has very poor security systems that
| the entire infrastructure and data of Twitch was breached and it
| all fell into the hands of this so-called hacker?
|
| Compared to the Epik breach weeks ago, this one is a lot worse.
|
| I don't know what the point around this breach is for but surely
| the so-called hackers that have done this have now made matters
| worse for all Twitch streamers now. That was Part 1.
|
| Waiting for what is in Part 2.
| herbst wrote:
| > Waiting for what is in Part 2.
|
| Twitch likely stores a lot of payment information too, i don't
| see why they would be better secured than anything else in this
| dump. Could get interesting
| Nextgrid wrote:
| Payment information would be tokenized and can only be used
| with their own merchant account. I'd be very surprised if
| they stored raw card data.
| Deukhoofd wrote:
| From what I understand there was a way to access their internal
| enterprise github instance, which gave them access to all the
| source code, and a bunch of internal documents and database
| dumps.
| bawolff wrote:
| Git is one thing, but random db dumps is pretty surprising to
| me.
| arthur_sav wrote:
| So pretty much everything...
| bredren wrote:
| Any comment on the claimed basis for the leak?
|
| Had any particular game, caster or community member made waves
| above and beyond recently?
| lemoncookiechip wrote:
| Link to the leak: https://boards.4channel.org/g/thread/83691438
|
| Top 10k Streamers by Revenue: https://pastebin.com/LjmaPNam
|
| Contains the following data points:
|
| 'ad_share_gross', 'sub_share_gross', 'bits_share_gross',
| 'bits_developer_share_gross', 'bits_extension_share_gross',
| 'prime_sub_share_gross', 'bit_share_ad_gross', 'fuel_rev_gross',
| 'bb_rev_gross'
|
| (TTS donations, 3rd party revenue like OnlyFans, Patreon, Amazon
| Gifts and sponsorship deals... are not included)
|
| Total gross payout in the leak (2019/8 to 2021/10) was 4.2
| billion dollars across 344k users. (based on data points above
| alone but could be wrong since it's annons on 4chan.)
|
| PS: Make sure to change your Twitch (and possibly Prime)
| password. Twitch is already prompting users to do so based on
| Reddit posts.
| astrange wrote:
| > PS: Make sure to change your Twitch (and possibly Prime)
| password. Twitch is already prompting users to do so based on
| Reddit posts.
|
| This is not worth worrying about. If Twitch is making you reset
| your password, that means you don't need to hurry because
| they've already locked your account. If your password hash
| leaked, the important thing isn't Twitch, it's every other
| place you used the same password.
| vsareto wrote:
| Just spend 2 minutes and change your password instead of
| spending 2 minutes thinking about whether you should.
| jeremyjh wrote:
| Then you would not be solving the problem because you need
| to change everywhere else you used that same password.
| andrewzah wrote:
| Use a password manager.
| adolph wrote:
| Just don't worry about it and go through the password
| reset anytime you log in.
| andrewzah wrote:
| That doesn't make any sense. Password management isn't
| really that complicated:
|
| Use a password manager, and reset your password if the
| service has been compromised.
| atatatat wrote:
| What do you do when the PW manager is compromised?
| andrewzah wrote:
| Cry? Realistically speaking, this isn't going to happen
| without physical access to your computer or malware,
| though. So don't leave your computer unattended and don't
| download sketchy things.
|
| Expecting people to simply memorize a unique, strong
| password for every single website that they use is
| unrealistic. Of course, no solution is perfect, but that
| doesn't mean we shouldn't improve the current situation
| of people reusing passwords with maybe slight
| modifications per website.
| corobo wrote:
| If that is the problem you have a different problem.
| Don't reuse passwords.
| techrat wrote:
| Reusing passwords is one of the single dumbest things you
| can do online these days. Do not recycle passwords. Ever.
|
| Why? Any breach that involves usernames/passwords are
| account name and password combos that get tried on EVERY
| POSSIBLE SITE after.
|
| It only takes one pair of username with a reused password
| for this to work.
| astrange wrote:
| There are downsides to asking people to change their
| password for everything! (even though this is a big
| "everything")
|
| I remember some services send you a message telling you to
| change your password anytime a new device logs in or even
| fails to login to your account. That causes most people to
| pick weaker passwords, since they're not all using manager
| apps.
| andy_ppp wrote:
| Shouldn't the hash be salted and useless elsewhere?
| tinus_hn wrote:
| In theory, it should. In practice? Who knows.
| par wrote:
| In practice it'll be plaintext stored on someones hard
| drive.
| netflixandkill wrote:
| Outside of the same authentication domain with bad auth
| token practices (windows) the hash almost always is useless
| elsewhere. Salting increases the complexity and thus size
| of hash tables or hash comparison (rainbow tables), but if
| your manage to break or brute force the entries, salted or
| not, the secret often is reused by many users.
| csark11 wrote:
| It can still be cracked
| andy_ppp wrote:
| This is the SHA 256 of a phrase... go for it!
|
| 7BB7DB877943832837046863EF45C252D3A08C92A273F7B665210A6E1
| 2701095
| vsareto wrote:
| If this is a phrase to unlock a bitcoin account with 1000
| bitcoins in it, then you can easily convince people to
| try and brute force it.
|
| Do you have Amouranth's or xQcOW's salted hash from this
| leak? Might be worth trying to brute force it.
|
| You try on those kinds of accounts because they might
| have re-used it or the password might be patterned or not
| completely random, which gives you a _chance_ that the
| credential might give you access elsewhere.
| prophesi wrote:
| A phrase almost certainly has a lot more entropy than the
| layman's reused password from other leaks.
| DrJaws wrote:
| good luck hacking my password horse correct battery
| staple
| zalequin wrote:
| Provided that its hashed with salt / diff methods, sure -
| but how can you be sure?
| lordlic wrote:
| That's not what salting does, and different hashing
| methods are irrelevant. The danger of having your hash
| leaked is that it can be cracked and the plaintext
| password recovered. The hash itself is entirely useless
| for logging into other services.
| zalequin wrote:
| t. infoseclet
| aero-glide2 wrote:
| Archive link :
| https://archive.is/rGpxh#selection-1335.9-1335.34
| ZetaZero wrote:
| 81 streamers with 1m+ in revenues.
| anonymouse008 wrote:
| Are there any consequences for downloading these files? I'd
| like to learn best practices from a successful company -- but
| not at existential risk.
| Ueland wrote:
| Depends on the law in your country.
| madeofpalk wrote:
| Just because it at a "successful" company doesnt mean its a
| best practice.
| ta988 wrote:
| Depends on your local legislations, but be careful that by
| default on torrents you are also sharing those files to
| others so you are also distributing stolen material, so it
| may have an impact on your potential "crime".
| MrStonedOne wrote:
| I saw the payout pastebin, but i'm _very_ curious what the
| amazon vs stream cut is for sub revenue in particular. This is
| the key thing steamers negotiate with twitch over, and is
| covered by the nda.
|
| rumor was recently negotiations have been very cut and dry for
| newer big/up and coming streamers basically being told to take
| some algorithmically assigned cut or give up partner status.
| [deleted]
| Gravyness wrote:
| Post was just deleted and the archiver removed the links:
| https://warosu.org/g/thread/83691438, anyone have mirrors?
| aero-glide2 wrote:
| Mirror : https://archive.is/rGpxh#selection-1335.9-1335.34
| CapricornNoble wrote:
| What is HN's policy on sharing magnet links?
|
| magnet:?xt=urn:btih:N5BLZ6XECNEHHARHJOVQAS4W7TWRXCSI&dn=twitc
| h-leaks-part-
| one&tr=udp%3A%2F%2Fopen.stealth.si%3A80%2Fannounce
| [deleted]
| boringg wrote:
| Am I the only one a bit disappointed by the gross earnings for
| the top 5 earners given how much the media has ben hyping the
| money made by e-gamers. For some reason I would have thought
| they would make more money over 2 years. Top earner was
| grossing $ 9.6M ($4.8M/yr), 10th was $2.9M($1.4M/yr), at 81 you
| drop below $1M (500k/yr) on twitch pre-tax revenue. After 81
| you drop below the %1M over two years threshold.
|
| Actually the more I think about it - that does seem like a lot
| if you add in their other rev from youtube channels and other
| compensation. I understand why all the pro players started
| working on their twitch stream content more than winning
| competitions. More stable business and viewer base.
| moneywoes wrote:
| No donations included I believe
| tiborsaas wrote:
| Are you kidding? 4.8M / year is stellar revenue. Much much
| more than most people make in a lifetime.
|
| It's even more interesting that for 50k gross, you have to
| beat this guy "DEMOLITION_D" at the #4432 place.
| falcolas wrote:
| Number 1 is Critical Roll. Their website lists 24 employees
| (many of whom are professional actors), and I'm sure
| there's more behind the scenes. Salaries add up quickly.
| theshrike79 wrote:
| I'm pretty sure that Critical Role isn't the main income
| for most people.
|
| Also: 4.8M/24 people is still 200k per head. Even if you
| assume that various costs take 50% of the revenue,
| they're all still making 6 figures for a thing that's
| pretty much a side hustle for most of them.
| nightski wrote:
| Critical role is making a _ton_ more than just Twitch
| revenue.
|
| Also it started out being a side gig but most of them
| have switched to it as their primary gig. They are
| starting campaign 3 this fall.
| walshemj wrote:
| 4.8M gross - there is there is all the over head involved
| in running the business after overheads it will be less.
| rasz wrote:
| You think an assistant is being paid same as busy TV
| actors? :)
|
| The most amazing Critical Role fact might be its creation
| was indirectly financed by Youtube/Google :o. Felicia Day
| knew all of those guys and about their private DnD game,
| she invited them to film few episodes for her YT channel
| "Geek & Sundry". Channel started with $1Mil advance from
| YouTube Original Channel Initiative, one of the rare if
| brief successes.
| falcolas wrote:
| Let's say payroll is half their total costs. Payroll
| taxes plus income taxes works out to somewhere around
| 40-60% of the remaining amount. Health insurance is
| probably in the 10% range per year, leaving them with a
| $50k salary. Costs are not, of course, quite that high.
|
| As a point of comparison, a talented voice actor can
| gross around $125k per year, working from home as a
| freelancer. I don't feel that the Critical Roll actors
| are being overcompensated at all.
| jandrese wrote:
| That works out to $200k/year for each employee, which
| after you account for benefits is a solid middle class
| income, assuming they don't live in downtown San
| Francisco or something.
|
| It's basically a regular job at that point.
| rasz wrote:
| They all live in LA actually :)
| bluefirebrand wrote:
| I hate to break it to you, but 200k/yr is in the top 4%
| of earners in America. That's not "middle class" by any
| stretch of the imagination.
| rvnx wrote:
| It is, according to HN alternate reality
| walshemj wrote:
| Actually 200k gross is "middle class" what do you think a
| lawyer or doctor makes in CA.
| jandrese wrote:
| After taxes, insurance, retirement, etc... you're taking
| home maybe $100k of that. That's "modest home in a nicer
| suburb" level money.
| Kranar wrote:
| It's among the top 4% of income, that's an objective
| metric. Being in the top 4% of people in one of the
| wealthiest countries in the world is objectively not
| middle class.
| colinmhayes wrote:
| In the bay and LA sure. Everywhere else in the country
| you're living large. Even NYC 200k is doing pretty well.
| jandrese wrote:
| I don't think you've been keeping up with home prices and
| insurance costs around the country. $100k take home isn't
| all that anymore. You're not food stamp poor, but it's
| easy to be house poor at that income level, especially if
| you're shooting for a better school district. Health
| insurance costs eat up so much of that it is not funny,
| even if you are healthy. If you or someone in your family
| comes down with an expensive medical condition you'll be
| in real trouble.
| colinmhayes wrote:
| True, these people are all self employed, so insurance
| costs would be pretty large. If you're making 200k I'd
| still say you've probably got at least 100 left over
| after taxes and insurance. That affords you a 600k house
| using the 30% of income rule if you can get the down
| payment together.
| boringg wrote:
| That is literally the top earner in the community made up
| by a team of people.
|
| The media/VC etc community has been hyping e-gaming as the
| new sports domain. That said the top salary for a sports
| player is $168M / year for one player (Lionel Messi) and
| number 99 is $35M/year (source: https://en.wikipedia.org/wi
| ki/List_of_largest_sports_contrac...)
|
| It really shows how much of a step change there is between
| the sports & e-sports and I would be curious how much of
| this Twitch is keeping to themselves instead of paying out.
|
| Not to mention how much uptime e-gamers have to put in.
| [deleted]
| somethingor wrote:
| Note that streaming is a completely different revenue
| source than esports earnings. Top esports earners might
| not even stream at all.
| boringg wrote:
| Good point - I should differentiate more clearly.
| Trisell wrote:
| Also good to note that most streamers have a side donation
| system that more then likely isn't included in these numbers.
| Donations seem to be generally run through a non twitch third
| party site. And is probably a substantial increase if not a
| doubling of their income.
| treesknees wrote:
| Many of these folks are paid to stay exclusively on Twitch
| and to not hop around to other platforms, and I don't
| believe that's reflected here either.
| mattwest wrote:
| Brand deals usually match or exceed their income from Twitch
| as well.
| InitialLastName wrote:
| If you squint a bit, that's not that far off of niche pro
| athlete money (especially given that the bottom end doesn't
| have the same discrete threshold that pro sports do). Per [0]
| the best-paid NHL players are making ~$10M/year, and I would
| expect the NHL to be more efficiently monetized than internet
| streamers (we know that making money as "talent" on the
| internet is a tough proposition).
|
| [0] https://www.spotrac.com/nhl/rankings/
| jonwachob91 wrote:
| A lot of those streamers are pretty open about how twitch
| revenue is a small portion of their earnings.
|
| Ninja was famously paid $1MM for an 8 hour ad of playing Apex
| at launch.
|
| I've had private conversation with large streaming friends
| that have all said independently that the amount they get
| paid from a short Raid Shadow Legends ad is huge. One said
| it's enough to buy a nice car, and if they hit their target
| downloads (w/ link) the number jumps up to enough to buy
| multiple nice cars.
|
| There is a lot of big money for streamers, not just big
| streamers.
| reportingsjr wrote:
| I saw a thread on twitter as part of this leak that showed
| chat of a streamer turning down around $1.6 million a month
| to advertise a gambling website, because another one was
| paying more.
|
| I'm not surprised by any of this. If you ever did any
| digging in to how much advertising pays, ran numbers on
| twitch subs, etc, these numbers match that quite closely.
| falcolas wrote:
| Before commenting on how much revenue this seems to be for
| the streamer, remember that most streamers hire and maintain
| staff. Preach Gaming, for example, has 6 full time staff.
| Angry Joe is somewhere around 8. Critical Roll's website
| lists 24 employees, plus more who are likely not credited.
|
| Paying all that talent adds up.
| ryanmarsh wrote:
| In the vernacular, I ain't clickin that shit
| boringg wrote:
| You aren't clicking a pastebin CSV file?
| jonwachob91 wrote:
| pastebin link is dead now.
| dannyw wrote:
| The leak contains much more than this FYI, there's a hundred
| gigabytes of code and resources from dozens of repositories.
|
| Looks like someone dumped everything on their github
| enterprise.
|
| I wonder if this'll lead to software engineers in big companies
| having more restricted access to code?
| hnick wrote:
| Dozens? The 4chan post said "almost 6,000 internal Git
| repositories". We don't use git at work (TFS, yay), and we
| definitely aren't on their scale, but that seems high to me.
| Do they have a repo for every class? Is this normal?
| Shalomboy wrote:
| TFS converting to Git/Azure DevOps here. Be the change you
| want to see in the world! There's a chance that some of the
| people in your org that don't use TFS could use the
| organizational tools built into
| GitHub/GitLab/BitBucket/DevOps. If you get enough teams on
| board with that platform that also happens to use Git, then
| you can make that push to IT!
| cedilla wrote:
| If they use the common github approach of one fork per
| contributor, 6,000 repos accumulate quickly.
| PUSH_AX wrote:
| I've never worked in this way (when I've been part of the
| org), is it that common? What are the benefits of making
| everyone fork repos vs branching off the original repo?
| vultour wrote:
| You don't have 500000 garbage leftover branches on the
| main repo.
| robjan wrote:
| I don't think that's a common workflow within companies.
| In every org I have worked at, forking is explicitly
| disabled
| MAGZine wrote:
| I worked at a large gaming company and that was
| definitely the collaboration model.
|
| Before per-branch controls, the only way to disable write
| access (while maintaining read access, pull-request
| privs, etc) to a repository's blessed branches was forks.
| _joel wrote:
| It's common in general open source projects where you
| might want to send a patch for something that you don't
| have commit priveleges too, but I've never seen that used
| in enterprises as they have central auth / groups with
| the users required to work on the code.
| BeefWellington wrote:
| Note it doesn't say unique git repositories. It could just
| mean each employee's fork is included in that count, which
| would inflate the number like that.
| okl wrote:
| Could include dependencies and forks of other public repos.
| polote wrote:
| > I wonder if this'll lead to software engineers in big
| companies having more restricted access to code?
|
| I don't think that Twitch has closed source code because they
| want to keep code private. It's probably more a matter of
| don't want to show commit message in case there are some bad
| words inside it. And don't want to show the world in case
| their source code look bad.
|
| Twitch without its code source can't work yeah, but imagine
| if all the commits of Twitch were public I doubt it would
| change anything for them.
|
| That would be nice if their was a mental change about source
| code and that it is fine to show it even if it looks shit.
| treesknees wrote:
| You don't think the largest streaming platform on the
| planet wants to keep their intellectual property a secret?
| This isn't about being embarrassed over some comments, it's
| about completely revealing the algorithms that move streams
| to the promoted views, limitations of their filtering
| systems, the time it takes for someone to count as a
| 'viewer'... there are many pieces that are no longer secret
| and can now be manipulated by people trying to promote
| content or game the recommendation system or bypass
| filtering.
|
| There is also the issue of security. I'm sure people will
| be combing through the source code to find anything they
| can exploit, even if it's a simple XSS attack. It could
| either be sold/used for malicious actions or submitted to
| the bug bounty program for the reward money.
| spelunker wrote:
| Of course they want to keep their source code private, like
| most software companies do. They consider it their "secret
| sauce", their prized IP.
| rgallagher27 wrote:
| Doubt they care too much about bad words in commit
| messages, what they should worry about is if they've ever
| checked in passwords/secrets/private keys and not re-
| written the git history
| AnotherGoodName wrote:
| More things to keep an eye out for;
|
| Snippets of open source code.
|
| Commit messages that imply anti-competitive behaviour
| ("Committing a change to the API to lockout competitor
| XYZ").
|
| Commit messages that imply code theft ("Using a method
| that we used at my previous company").
|
| etc.
|
| Sometimes things that look sketchy might be innocent but
| will still cause nightmares for twitch since they'll now
| have to play defensively as people call into question
| anything that ever went into the repo.
| secondaryacct wrote:
| It s already the case and actually a big fight we re having
| (company of 70k employees spread everywhere) because we cant
| reverse engineer our upstream and downstream systems and it
| leads to huge bottlenecks trying to understand them when
| issues arise, as we need other teams etc.
| stunt wrote:
| Many of those companies still have a few (not always
| skilled) IT people with access to everything! And they
| sometimes make it easy for themselves by putting themselves
| in 2FA exception groups etc.
| walshemj wrote:
| Will depend on company back when I worked for British
| Telecom, some team leaders with wide access to code & data on
| some projects had to go through Developed Vetting (TS
| clearance).
|
| Back in the mid 90's there was a issue in Scotland when a
| well known journalist got a job in a call center and looked
| up the private telephone numbers for the Queen.
| swarnie wrote:
| Wagies donating to millionaires is probably the funniest thing
| i can imagine.
| ttctciyf wrote:
| Personally, I do it once a month, to avoid donating to a
| billionaire. YMMV.
| pradn wrote:
| It somewhere between "paying to not see ads" (mechanical) to
| "being a fan and wanting to contribute to them" (parasocial).
| I don't think most people care if they're a fan of a
| millionaire - see sports and entertainment celebrities.
| Looking at things reflexively through a wealth-inequality
| perspective is done only by a minority of people.
| msie wrote:
| I was watching a streamer the other day and she was doing
| some stunt because another streamer promised her an iphone 13
| pro. But now I realize she could buy hundreds of them! Argh.
| Here i am waiting two months so i could afford to put a down
| payment on one.
| Lamad123 wrote:
| Billonnaires couldn't exist without such donations!
| tisthetruth wrote:
| Wealth concentration on the twitch model is worse than paying
| a company. A company does trickle down some of the profits to
| it's employees. Vs one person on twitch.
|
| Then you have the wisdom pov. This money is going to somebody
| who is most likely less wise, mainly due to age and lack of
| education and experiences. The quality of the content that is
| being rewarded and wether its a good influence for society or
| for the minds of the young consumers is also highly
| questionable.
|
| Just pop open the YouTube home page and then think about what
| someones mind will be made up of if they consume that
| linkbait garbage for a considerable amount of time. Then add
| the echo chamber effect of the internet.
|
| It's not a pretty sight. Yet here we are.
|
| As a simple heuristic. Look at the view count of the noble
| minds video vs SSSniperWolf.
| youerbt wrote:
| I don't get what's so funny about it.
|
| In streaming case, for whatever reason you want to make a
| donation to somebody, not doing it because they are richer
| than you seems very strange to me.
| TwoNineA wrote:
| I "donated" 75$ to see my favorite band two years ago.
| swarnie wrote:
| You "purchased" a "service".
|
| Without the payment the service wouldn't be accessible
| zouhair wrote:
| What service?
| TwoNineA wrote:
| It was a public concert, freely accessible to anyone.
| swarnie wrote:
| You must know that's a very atypical business model....
| atatatat wrote:
| Will it be?
| kremlin wrote:
| why did you put "donated" in quotes?
| bvm wrote:
| without the subs the streamers wouldn't stream
| matheusmoreira wrote:
| Yeah, it's so absurd it's hilarious. Seeing people make
| millions of USD for playing games and mentioning others in a
| live stream made me seriously rethink the value of my own
| work.
| dilyevsky wrote:
| Now look at them yo-yos, that's the way you do it!
| kinghajj wrote:
| You play Among Us on the Twitch.TV!
| matheusmoreira wrote:
| Money for nothing and chicks for free.
| warent wrote:
| this is a tired old complaint and anybody could say the
| same about pretty much any job that pays more than their
| own.
|
| Telling blue collar workers you work in tech usually gets a
| nearly identical reaction to what you just gave. etc etc.
| matheusmoreira wrote:
| Yeah, and what's wrong with that reaction? I'm supposed
| to just accept this stuff?
|
| The blue collar workers are right too. They should be
| getting paid _a lot_ more. Certainly not less than
| streamers. It 's not fair and I refuse to accept it.
|
| Come to think of it, advertisers seem to be a major cause
| of these distortions. They distort the value of
| activities that happen to have an audience. Yet another
| reason to block ads: help restore balance to society by
| ensuring people are properly rewarded for the actual
| value of their work instead of how many eyeballs they can
| summon.
| nlitened wrote:
| Why wouldn't you start a business, and pay blue collar
| workers what they deserve?
| matheusmoreira wrote:
| Because that's not the field of work I chose for myself.
| I do see construction workers on a daily basis though. I
| also know the owner of a construction company, he's part
| of my extended family. The wealth disparity between the
| workers and my family member is obscene. There's no way
| I'll ever believe they couldn't be paid better wages.
| slightwinder wrote:
| To be fair, the number of millionaires is overall pretty low
| in numbers. Just some few dozen worldwide. Most top-streamers
| "only" earn as much as upper middle-class or less. Compared
| to other sketchy businesses, this seems relative ok. Be aware
| that those numbers are before taxes and are not including
| expenses, which can be quite high in the top league.
| FartyMcFarter wrote:
| I have donated to some chess streamers who make fun +
| educational content I enjoy. I'm fine if that makes them
| millionaires or richer than me.
| zouhair wrote:
| Isn't this what we do when we go see a movie or a sports
| event?
| meheleventyone wrote:
| Isn't that the basis of the economy with the increasing
| wealth gap and so on? It's not really materially different to
| paying Disney millionaires to go watch the latest Marvel
| movie.
| swarnie wrote:
| Maybe if viewed in a cynical way yes.
|
| At least when i donate to blue origin i get something
| tangible delivered to my door.
|
| Where is the value exchange in being one of 10k people
| building a faux-relationship with a hot tub streamer?
| ohgodplsno wrote:
| > At least when i donate to blue origin i get something
| tangible delivered to my door.
|
| Undelivered promises and lawsuits against NASA to slow
| down space exploration for all of us ?
| input_sh wrote:
| Same as with paying to see a Disney movie: entertainment.
| It's just a bit more interactive, since streamers are a
| bit more likely to interact with you after you give them
| money.
| MMS21 wrote:
| >since streamers are a bit more likely to interact with
| you after you give them money
|
| ohwee! the streamer _might_ read out your username along
| with a scripted line after a 5 dollar
| subscription!1Eleven
| input_sh wrote:
| Is there a point you're failing at making? In my mind
| it's no different than, say, voting for contestants on
| talent shows, or paying a camgirl, or pay-per-view WWE
| events. Same thing targeting a different demographic.
| Geee wrote:
| It's a service. Service is a product that is consumed
| when it's produced.
| A4ET8a8uTh0 wrote:
| I think the word you are looking for is entertainment.
| You may not appreciate the value of said entertainment,
| but then I don't really see a merit of donkey shows,
| Kanye or just about any other entertainment figure. That
| is the value.
|
| And by its very nature, it is ephemeral.
| InvOfSmallC wrote:
| I mean, in all honesty it's entertainment. To me Marvel
| is better but someone prefer hot tubs.
| meheleventyone wrote:
| I mean it's not cynical (at least not anymore than your
| initial comment), it's what we're doing and why I used
| another entertainment option as a point of comparison.
|
| Of all the things on Twitch the value of Hot Tub streams
| seem very upfront and I think it's pretty telling that
| there are vanishingly few successful streamers doing it
| and that for all the hot air people spew about its a very
| niche part of the site.
| kdmytro wrote:
| Money transfer does not necessarily mean mutually
| beneficial transfer of value. Another example of this is
| theft.
| bluecatswim wrote:
| >It's not really materially different to paying Disney
| millionaires to go watch the latest Marvel movie.
|
| I feel like it's substantially different, you are paying
| Disney the money to watch the movie, you don't really care
| about the actors or other people who worked on it.
|
| On the other hand, twitch users pay for the sake of paying
| money, it's closer to something like strip clubs.
| tsimionescu wrote:
| I feel it's a much healthier model, you're paying the
| creator directly to create the piece you want to see, and
| to show it, for free, to others.
| runnerup wrote:
| I mean....sure, I guess, if you're only talking about the
| top 10 or maybe top 200 streamers.
|
| My favorite twitch streamer, 'x5_pig' (996th highest
| earner on twitch) only grossed $186,000 over 24 months,
| and lives in a fairly HCOL area in Australia. I'm happy
| to give him $5 or so to help make sure that he continues
| to stream an EOL game, Starcraft2.
|
| Sure, he has other revenue streams as well but I can only
| imagine the risk he takes by sticking with a game that's
| been EOL'd. When Blizzard shuts down the servers I
| imagine he'll have no career left at all and will likely
| have to start over in a totally different career. I'd be
| surprised if he could start streaming some other strategy
| game and maintain enough earnings.
|
| I pay him $5/month to help swing his risk-reward balance
| in favor of continuing to produce the content that I most
| enjoy vegetating to after my 12 hour day of
| coding/troubleshooting/collaborating.
|
| Sure, he has other revenue streams (YouTube, announcing
| for major tournaments, etc). But I imagine for him it may
| be important to earn enough over the 10 year life of
| Starcraft2 to mostly-retire in case he ends up without a
| "real" career.
|
| In fact, sometimes I wonder whether income tax brackets
| could potentially include consideration for short-lived
| high earning careers. Seems it might be slightly broken
| to tax someone who has a stable $1MM/year income for 30+
| years (e.g. car dealership owner) the same % as someone
| who makes $1MM this year, but next year might be earning
| $40,000 working at that car dealership (athletes,
| streamers, windfalls, etc). Seems like it might make
| sense to allow people to "defer" earnings to future
| years, as long as income tax is eventually paid in full.
| This could allow people who unexpectedly earn $1MM for
| just one year to spread out those earnings over 10 years
| and pay a more appropriate % as taxes. Not sure what else
| this could break though, or how much of a problem it
| really solves vs. other things legislators could be
| spending time on.
| plywoodtrees wrote:
| Some countries have this for selected occupations that
| are commonly bursty. It could be good if it was generally
| available:
|
| https://www.ato.gov.au/business/primary-producers/in-
| detail/...
| everdrive wrote:
| >you don't really care about the actors or other people
| who worked on it.
|
| Plenty of people do, of course. Celebrity worship is
| quite common.
| sbarre wrote:
| That's a pretty harsh moral/value judgment on how someone
| chooses to spend their entertainment money.
|
| What about comedy clubs? If I buy a ticket to see Dave
| Chappelle, who is clearly wealthy, am I sucker too?
|
| What about paying cover at my local bar because a local
| band is playing that night?
|
| What about buying tickets to a baseball game, to see a
| bunch of millionaires play a game for a few hours?
|
| You are making it seem like users get nothing for their
| money, when there is plenty of established precedent for
| giving money in exchange for attending a performance.
|
| Sure the performance has changed, but the actual
| difference here is that these Twitch millionaires (and
| the rest who are far from millionaires) are literally
| charging "pay what you can" instead of setting a minimum
| ticket price for their show. Plenty of people (the
| majority in fact) get the show for free.
| theshrike79 wrote:
| > What about comedy clubs? If I buy a ticket to see Dave
| Chappelle, who is clearly wealthy, am I sucker too?
|
| If you would pay money for Dave to shout "Hey sbarre,
| thanks for the donation" from the stage, then you'd be
| doing what Twitch fans are doing.
| bluecatswim wrote:
| Sorry, I didn't mean that in a derogatory way. I just
| meant twitch users pay for the sake of giving money to
| their favorite streamers rather than paying for a
| product. Strip clubs are the first example that came to
| my mind, bands or comics also stand. My point was that
| OP's argument about comparing twitch to movies doesn't
| make sense because paying for a movie is no different
| than paying for groceries.
| CydeWeys wrote:
| Like with strip clubs, when you give money to a Twitch
| streamer, you're getting something in return. Twitch
| subscribers get lots of exclusive access to stuff.
| codetrotter wrote:
| > because paying for a movie is no different than paying
| for groceries
|
| Groceries are necessary for survival, and limited in
| quantity.
|
| Movies and streams are similar to each other because they
| are both video content. And as long as the creator of the
| stream or the company behind a movie get paid enough to
| make the content they could've received no more money and
| still gotten by fine.
|
| Streams are a little bit different from movies though
| because much of the audience is actively engaging in
| conversation with the creator or making requests to them
| etc. In that sense a stream has an aspect of limited
| supply to it that a movie does not. At some point the
| audience of a stream will be too big for the creator to
| be able to meaningfully interact with all of them, and at
| a point after that maybe even too big to be able to
| meaningfully interact with _any_ of them.
|
| And so if you have a lot of people that want to interact
| with you it makes sense to prefer interacting with the
| ones paying you money, and to encourage them to do so.
| And beyond that, it also makes sense to offer "exclusive"
| content to people that pay. So OnlyFans makes sense too.
|
| What really has me upset though is thinking of the people
| that are on the audience, among whom some people have
| little money but also get so little attention IRL that
| they are paying someone who already has a lot just to
| interact with them and maybe even being deluded into
| thinking that they have some form of "real" relationship
| with them. That is very sad and something I don't think
| has been studied enough and is not being talked about
| enough.
| valeness wrote:
| I sub to twitch streamers I watch because dollar per hour
| it's the cheapest form of entertainment besides
| torrenting for me.
|
| There was a stint during the GTA V RP craze I had it on
| in the background and watched it for approximately 6-8
| hours every day. I subbed to one streamer for like 5
| bucks.
|
| This averages out to like 2 cents/day for 240 hours of
| entertainment. Cheaper than netflix, cheaper than cable,
| cheaper than hulu... You catch my drift. I don't know how
| this is different than me paying $80 to spend a night out
| at the movies with my wife, other than it being insanely
| cheaper?
| lancesells wrote:
| Groceries are so far outside of paying for any form of
| entertainment. What does it matter if you pay for a movie
| or tip a streamer? It's all content meant to be consumed
| and replaced with more content.
|
| There are three things you need to survive: food,
| shelter, and love/community.
|
| Entertainment can sometimes provide the last one
| (love/community) but for the most part it's fulfilling a
| need for distraction and/or curiosity.
| sbarre wrote:
| > I just meant twitch users pay for the sake of giving
| money to their favorite streamers rather than paying for
| a product.
|
| I still think this is a narrow view.
|
| So you don't consider a performance to be a product?
|
| How is going to the movies different from going to a
| baseball game or a concert or a comedy club?
|
| If those are like movies, and movies are like groceries,
| are we not back to the same point that people are
| exchanging money for some kind of benefit, whether it's a
| tangible thing they take home or an experience they
| enjoy?
| NineStarPoint wrote:
| I think strip clubs are a fair comparison. All of the
| things you listed, you pay money for access to the
| experience. The money changes hands before you get in the
| door. For both strip clubs and twitch, getting in the
| door is free. In both cases what you pay money for is the
| attention of the streamer/stripper in the moment you are
| giving the money (or just because you feel like giving
| money to them for the performance you are seeing.)
|
| A less emotionally evocative example might be giving
| money to a street musician who accepts requests for
| donations. Either way, the street musician is there
| performing and you can enjoy the music whether you pay or
| not. But the money gets you a bonus, and you're free to
| give money regardless of desire to request a song.
| sbarre wrote:
| I'm not sure I agree that "paying money to get attention"
| is the majority of the monetary interactions on Twitch.
|
| Or at least, maybe that's a welcome side effect but not
| the main motivation for a lot of people.
|
| I am guessing here, I have no data to back this up, but I
| feel like a lot of people sub out of gratitude and as a
| show of support, and less to draw attention or get some
| kind of shout-out..
|
| I do watch a decent amount of streams on Twitch across a
| few categories, but I've never subscribed or donated to
| any of them, so it's possible I'm wrong here.
|
| Also I did make the distinction between paid performances
| and "pay what you can".. That was indeed my point, that
| Twitch differentiates itself by being an essentially "pay
| what you can" service where the majority don't pay
| anything, but lots of people still manage to make money
| giving their work away for free.
| Jxl180 wrote:
| If the Dave Chappelle show were free but you chose to
| donate your money to Dave Chappelle anyway, yes, you're a
| sucker.
| sbarre wrote:
| Sure, I guess you could see it that way.
|
| Some people, on the other hand, like to reward others if
| they enjoy the product/service/performance they provide.
|
| That's the nature of "pay what you can". If money is
| tight, then don't pay, and don't feel bad about it. But
| if you have disposable income, and you value the
| experience, then give what you can as a form of
| gratitude.
|
| It doesn't need to be said that if everyone took the
| "it's free so I don't have to pay anything" route, then
| there would be no show to see.
| valeness wrote:
| Twitch streams aren't free though. If nobody paid then
| they wouldn't exist. It's just a voluntaryist model.
| Those that pay, do, those that can't or don't want to,
| don't. So I'm not a sucker for choosing to fund a form of
| entertainment I find valuable.
|
| I treat museums the same way. When I was young and poor
| my parents didn't pay to get in since it was optional.
| But now that I'm older and I make good money, I donate
| extremely well when I go to museums. I know that it's
| voluntary and I choose to participate in funding it
| because I enjoy the experience.
| blitzar wrote:
| They pay to have the person paid a couple of mil to say
| their name on stream 'thanks bluecat for the sub'
| rapind wrote:
| I would assume big streamers are running a business too.
| At the very least they are paying an accountant and
| probably lawyer (for incorporation, taxes). I'm sure some
| are also paying designers, editors, marketers,
| advertisers, agents, managers, etc.
|
| On youtube you have streamers merging under the same
| umbrella to create branded channels.
|
| IMO the differences compared to Disney is the scale of
| the production and the interactive medium (which is
| constrained by scale). Once you reach a certain scale I
| don't think you can expect much direct interaction due to
| the volume of chat. So really it's just scale.
| the_duke wrote:
| The difference is that Twitch viewers are already consuming
| the content for free.
|
| Subscribing or donations are completely optional. (
| subscriptions get rid of the adds, but I doubt that's a
| main driver)
| meheleventyone wrote:
| I dunno if you know this but you don't have to pay for
| the Marvel movies either.
| eurasiantiger wrote:
| B..b..but that's... that's _piracy!_
| wizzwizz4 wrote:
| Or just watch it on television. (You can even tape it
| when it's on television... sshhhhhhh.)
| SketchySeaBeast wrote:
| Are you using VHS for said taping? I suddenly wonder if
| this is one of those anachronistic phrases, or if people
| no longer use it and you're revealing your age.
| eurasiantiger wrote:
| Imagine the people with adhesive tape in hand.
| wizzwizz4 wrote:
| At least it's less anachronistic than "record".
| nso wrote:
| Someone has to.
| ohmahjong wrote:
| You don't have to get bootleg twitch streams to watch
| them for free
| meheleventyone wrote:
| Yes the monetization models are slightly different. You
| can still watch both for free though.
| freeflight wrote:
| I don't think it's funny, I think it's sad because most of it
| comes from the emotional exploitation of parasocial
| relationships.
|
| Something we used to scoff at in places like Asia, now even
| casual relationships are utterly commoditized and we taught a
| whole generation of young humans how that's the most normal
| thing in the world.
| mftb wrote:
| Agreed. I recently started exploring Twitch and in the
| first hour of just sitting there watching it, I was
| surprised how aggressively, exploitative it was. The fact
| that it's young people there exploiting makes it even more
| gross.
| msie wrote:
| Thank you! The hypocrisy is huge.
| erk__ wrote:
| The revenue in that pastebin have been double counted. The
| corrected data is here: https://pastebin.com/LjmaPNam
| pixxel wrote:
| Whoa. Is gross per year or since account creation?! Either
| way these numbers are insane.
| erk__ wrote:
| These are numbers since August 2019 as far as I am aware
| _u wrote:
| June 2019 is also included. July 2019 is missing.
| pixxel wrote:
| Crazy numbers.
| uyt wrote:
| Insanely high or insanely low? I actually felt kind of
| weird that I make more as a software engineer than some of
| these legit celebrities (not the very top ones of course,
| but still more than many of the ones I follow or have heard
| of)
| Shacklz wrote:
| I hope I didn't misread the numbers but to my
| understanding it's just what they get from twitch
| directly (ads/subscriptions share), most streamers
| probably make significant amounts in donations on top of
| that, and probably have secondary revenue streams via
| YouTube (stream highlights etc.)
| jschenk wrote:
| Not to mention sponsors, sponsored streams, etc.
| BlargMcLarg wrote:
| Keep in mind this is just what they make which Twitch
| knows about. Plenty of sponsorships, tournaments and
| other income streams exist for a majority of these
| people.
|
| On top of that, besides their eceleb status, most of
| these people aren't _that_ professional. Plenty of them
| are a combination of variety or casual, often to a degree
| the person isn 't even _that_ good in games in general.
|
| Their production quality also isn't anywhere near amazing
| (note it can be both organic and high quality), and other
| parties (e.g. Hololive) have shown how easily the space
| can be disrupted. For those curious, notice how many top
| streamers still lack actual high quality audio (mostly
| from their own lack of voice training rather than
| equipment), proper schedules and sticking to those
| schedules, high quality video when applicable (e.g. bad
| light), allow themselves to get devolved in politics,
| allow their streams to go majorly off-track in general,
| etc. It's not like these guys don't have the means to
| drastically improve it.
|
| And the obvious: we don't have anywhere as much of a
| shortage of people willing to play games in an extremely
| dedicated manner as doing software development.
| meheleventyone wrote:
| The other thing for comparison to traditional jobs is the
| hours worked. Most streamers I follow work insane hours.
| Then the other bits and pieces they have to pay for
| themselves. For example taxes employers would otherwise
| cover and things like health insurance in the US.
|
| On production quality, I think it's a mistake to think it
| matters too much. Live streaming is a different thing to
| television. In very much the same way Roblox is different
| to AAA games.
|
| There's also a level outside of the more chaotic
| personalities who make a lot of money in spite of
| themselves where there is a lot of professionalism going
| in to making things seem pretty casual because these
| people know their audience.
| BlargMcLarg wrote:
| The hours worked is all over the place really. Some of
| the top streamers don't work anywhere close to 40 hours
| or past it. Others grind 10 hours a day for almost every
| day of the year (often burning out a few years later). A
| lot of the top streamers do a combination of taking
| sporadic breaks, streaming only 3-4 hours a session, etc.
|
| The other problem with looking at hours worked is it's
| hard to quantify sporadic interactions on multimedia and
| the likes. Arguably the biggest drain, most of these
| people are always "online" and have a hard time
| unplugging themselves. This is further exasperated by the
| momentum loss most streamers perceive when not streaming
| for a long while.
|
| >On production quality, I think it's a mistake to think
| it matters too much
|
| But we don't really know that yet. It's extremely hard to
| quantify all these variables and what truly matters. What
| we do know is many people in these circles have fallen to
| the side since they were unable to keep up with the
| modicum of effort newcomers put in despite their lack of
| resources and despite the first-mover advantage these
| old-timers had. At the same time, we see other parties
| break through with new concepts while putting in a ton of
| effort to market and PR themselves, and it worked, as
| seen with the Hololive example. The top earner is
| (apparently) also much more professional than the
| majority of the top 10/100/N.
|
| >Live streaming is a different thing to television
|
| If anything, this is the biggest problem. If beginners
| are expected/advised to put in much more effort and
| resources to (increase their odds of) breaking through
| compared to before, why is it acceptable for someone
| earning a Silicon Valley-equivalent salary while living
| in a much lower CoL area to stream in a dank basement or
| attic with poor audio quality? This isn't a criticism as
| much as a question. Maybe it doesn't matter. But it's
| also the question which makes people wonder "should they
| be earning as much as they do?"
| falcolas wrote:
| Eh, not always. Critical Roll, #1 on the chart with $4.8M,
| has 24 credited employees, and who knows how much else
| backing them up.
|
| It's an entertainment corporation that just happens to run
| on Twitch.
| theshrike79 wrote:
| This is just one revenue stream, Twitch subs.
|
| No Twitch donations, Patreon, merch sales etc.
| JohnWhigham wrote:
| It doesn't include bounty payouts and advertising
| payouts?
| meheleventyone wrote:
| Not really!
|
| If you arbitrarily take $50k as a living wage then it's
| basically the top 2000 streamers who can make a living on
| Twitch. Random googling tells me there were approximately 8
| million active streamers in September. Again arbitrarily
| assuming that 7 million of those are 'casual' and doing it
| for fun that means the percentage of streamers making a
| living wage is 0.002%.
|
| Back of the napkin math but kinda depressing.
|
| Edit: Someone on Twitter told me that Affiliate status is
| pegged around the top 3% of streamers. So taking that as my
| new baseline for "trying to make it" since you can actually
| get paid out, it raises the percentage to a whopping
| 0.008%!
| kristofferR wrote:
| Worthy read:
|
| https://www.theverge.com/2018/7/16/17569520/twitch-
| streamers...
| meheleventyone wrote:
| Right I take that sort of thing into account by snipping
| off the vast majority of people active streaming.
| Basically guessing that only the top million people
| streaming are actually aiming to make a living wage.
| Miner49er wrote:
| The thing with Twitch streaming is that you can do it
| from almost anywhere. So, $50k is maybe a bit high for a
| living wage.
|
| Plus, Twitch is probably just one source of income for
| many content creators. For many it's not their primary
| source, but just a side source. YouTube, Patreon,
| OnlyFans, outside sponsors, or even esports may be where
| they make most of their money.
| meheleventyone wrote:
| > The thing with Twitch streaming is that you can do it
| from almost anywhere. So, $50k is maybe a bit high for a
| living wage.
|
| The thing is the power law curve is so strong that if we
| take the top ten thousand which sets a living wage at
| approximately $11.5k which is definitely not a living
| wage in a lot of places people stream from then that only
| improves things to the top 0.04% (of those trying to make
| it).
|
| > Plus, Twitch is probably just one source of income for
| many content creators. For many it's not their primary
| source, but just a side source. YouTube, Patreon,
| OnlyFans, outside sponsors, or even esports may be where
| they make most of their money.
|
| If you read the original comment the gross amount
| supposedly includes 3rd party revenue.
| Miner49er wrote:
| There's no way it includes all 3rd party revenue. Many
| big YouTubers have a Twitch, and occasionally stream on
| it, and they maybe make very little on their Twitch but
| would be near the top of this list from YouTube revenue.
| Dream, for example.
| Loughla wrote:
| This is a, maybe, long way to get to this, but keep with
| me. I have always been fascinated by understanding what
| is edible, useful, or "traditionally medicinal" in the
| natural world around me.
|
| I have spent decades of my life learning about how to
| use, propagate, and cultivate most plants, animals,
| fungi, and minerals (not the propagate part here) in an
| area +/- 100 miles from where I live. I've taught a
| couple of State University extension classes, and
| regularly sell at a farmers market the things I
| gather/grow, just for shits and giggles.
|
| People have asked me for years why I don't do this for a
| living. Why don't I do that instead of working a job that
| I am neutral to, but that pays the bills.
|
| Because all of that sounds exhausting. Needing to
| maintain a presence on so many platforms, interact with
| so many people, and constantly be thinking about my next
| _thing_ for all of the various platforms is just
| exhausting.
|
| I don't know how people can do it without burning out.
| ta988 wrote:
| Don't they have helpers like gamers do?
| Loughla wrote:
| So then there's even more pressure to perform, at a
| higher level even, to pay for the lives of myself at
| least one other human entirely. I still don't get it.
| lemoncookiechip wrote:
| Fixed, thank you.
| throwawaylolx wrote:
| Is that all revenue, including subscribers, donations, ads,
| etc.? The numbers are not that large considering it's data
| for almost 2 years and a half.
|
| edit: I saw it mentioned in that /g/ thread that these
| numbers are without the donations.
| trinovantes wrote:
| It seems the payouts follow the power law. Around 100
| millionaires, around 2k people at $100k, and the 10kth person
| at $25k
| [deleted]
| y4mi wrote:
| your pastebin was deleted. too bad
| boringg wrote:
| This is going to BLOW up the twitch gaming community with all the
| infighting now that everyone knows how much everyone else makes.
| Wow.
| Buttons840 wrote:
| Number of subs is often known, and the relative size of
| channels is known. Unless someone's going to be surprised that
| someone with double the viewers makes double the money, I doubt
| there will be any surprises.
| 0x500x79 wrote:
| There are a few outliers in this data. Some streamers with
| smaller viewer bases are making more because of exclusivity
| deals, so I imagine there will be a little bit of drama.
| lrae wrote:
| Examples? And what makes you think that one-off payments
| for exclusivity are in that data? Because they're not.
| laken wrote:
| Different contracts between Twitch partners have
| different levels of ad density, as well as differing
| amounts of cuts of subs/bits taken by Twitch. It's pretty
| negligible though, and could have been kinda estimated
| previously. For example, Hasanabi is claimed to have one
| of the lowest ad density requirements on twitch (1 60
| second ad per 1 hour of broadcast, plus 3 minute ad at
| end of broadcast) which does line up with him making less
| than multiple streamers with less subs than him (and with
| probable higher ad densities required by contract).
| lrae wrote:
| Yeah, this has nothing per se to do with exclusivity
| though. (As in, XX months exclusivity to Twitch. For
| those who don't know, every common partnered streamer
| already is exclusively bound to Twitch for livestreaming
| content. If he wants to stream somewhere else, he loses
| his partnership. (And yes, there are exceptions, old
| contracts, ...))
|
| And "premium contracts" to keep talent were offered
| pretty much since day 1, just looked quite different back
| then. (Mainly just differentiated in sub share. For the
| last 2-3 years they also include better ad payouts (and a
| minimum of ad time), boni for minimum amount of hours
| streamed, etc.))
|
| And... every streamer who only cares a bit about his
| business already knows, at least for the most part, what
| kind of contract other streamers are on.
|
| So don't think there will be any (real) drama - but I
| also didn't see or hear of any extreme unexpected
| outliers.
| saurik wrote:
| I was under the impression that Twitch streamers were able to
| be directly tipped by viewers (as opposed to being paid by
| the view or something by some centralized payment
| distribution point) and so while there would of course be a
| correlation on viewers to income, the variance is going to be
| high... some people are going to be much better at monetizing
| their user base than others, and I would at least expect the
| streamer's charm, business model, and audience targeting to
| swamp a mere 2x difference in viewers.
| boringg wrote:
| I think a lot of the general public / viewer base is not
| aware of how much money streamers are really making. And I
| would guess other streamers have a sense but not total
| amounts. We will see...
| xboxnolifes wrote:
| Highly doubtful. Anyone who was already making money from
| twitch knows how the payment system works and can guess how
| much someone else makes based on views/subs. Anyone not on the
| inside already had access to website that gave close enough
| estimates.
| canada_dry wrote:
| > Vapor - an unreleased competitor to Steam
|
| Until Steam has a couple major screw ups, potential competitors
| better have tons of capital to keep throwing at their platform-
| in-waiting! _Amazon does have the $$$, but they also have hungry
| shareholders that won 't wait like they used to_. Gamers by-in-
| large quite like the platform Gabe has built.
| vkk8 wrote:
| I guess they could tie it to Amazon Prime (like they did with
| Prime video) and just let Prime cutomers download any game on
| the platform without paying extra.
| WorldMaker wrote:
| Prime Gaming has been giving "free games" to people for
| years. They already have a huge "back catalog" for some users
| in the weird bare bones "Twitch Launcher". Expanding that
| into a full store wouldn't be the hardest play for them; if
| anything the surprise is that they've been so slow to do
| that.
| beckman466 wrote:
| Palantir next?
| gverrilla wrote:
| I don't understand it: these companies have enormous funding, an
| army of employees, and they can't provide the service reliably
| (both regarding consistency and safety). What all these coders do
| all day? I'm asking as an uninformed party of course. But it
| looks to me like these are companies that build bridges, and
| their bridges are collapsing all the time.
| lopis wrote:
| What do you mean? You think all coders are security engineers?
| All code has dependencies, often dozens of them. You might just
| need a single vulnerability in a trusted third party library to
| allow this to happen. These are humans creating these products.
| I would say that SPECIALLY because of the size of these
| products, vulnerabilities are inevitable.
| ryandrake wrote:
| > What do you mean? You think all coders are security
| engineers?
|
| Now, imagine using that argument when a bridge falls down.
| "What do you mean? You think all the bridge builders were
| safety engineers? Bridge components rely on different
| dependencies, often dozens at the same time. You just need
| one point of failure and boom, it collapses. These are humans
| creating these bridges. I would say that SPECIALLY because of
| the size of these bridges, collapses are inevitable."
| andrewzah wrote:
| Comparing bridges to a streaming service is nonsensical,
| frankly.
|
| People die when bridges collapse. People get mildly
| inconvenienced if twitch is slow or down.
|
| Accordingly bridge construction takes security & safety
| much more seriously throughout the project. And it's orders
| of magnitude more expensive to build and check bridges for
| safety issues, etc.
| eddieroger wrote:
| Uninformed point of view - I'd be curious the split of that
| army of employees, since the money isn't in keeping the lights
| on, it's in sales and feature development. Stability is rarely
| the forethought unless it's there from day one. It probably
| takes a lot of money and human hours to keep the streamers
| engaged, and far less to watch Grafana dashboards.
| mFixman wrote:
| A company cannot out-engineer bad management nor out-manage bad
| leadership.
|
| A lot of people who worked in giant tech companies can tell you
| stories of talent being wasted on tight deadlines for
| unnecessary projects.
| dekerta wrote:
| Your analogy would be more accurate if the bridges were
| constantly being blown up by terrorists. Designing perfectly
| secure online systems is very hard (if not impossible).
| Software is very complex, and people are trying to break in
| constantly. It only takes one person to get lucky or find a
| vulnerability
| fellellor wrote:
| Because so much of programming is written at a high level, most
| coders don't know what the hell they are doing. Maybe the level
| of abstraction achieved makes it impossible to know.
|
| Edit: One of the reasons is that because there are a very few
| people (probably) who do the low level stuff, there aren't
| enough eyes on the code and a lot of vulnerabilities left in
| production.
|
| Software companies are maybe incentivised to hire a lot of
| programmers who can start delivering on day 1. This wouldn't be
| possible without the convenience afforded by high level
| languages.
| terramex wrote:
| _> Some Twitter users have started making their way through the
| 125GB of information that has leaked, with one claiming that the
| torrent also includes encrypted passwords, and recommending that
| users change their passwords to be safe._
|
| Twitch just asked me to change password for the first time, so it
| sounds credible.
| thinkingemote wrote:
| Its possible, if theres a full database dump that direct
| messages could also be leaked, which could be incredibly
| damaging. I'd guess that these would be in another storage
| medium however.
|
| One wonders. Why are encrypted passwords stored in an external
| code repository?
| Le_Dook wrote:
| I'll be curious as well once this makes it's way to
| haveibeenpwned. Requested for it to be deleted and forgotten
| few years back, wont be the first time an account of mine has
| been "deleted" to then miraculously be hacked or caught up in
| a leak
| swarnie wrote:
| Kind of worrying considering my twitch is linked to my Amazon
| account, and all my banking credentials are linked to Amazon.
| Workaccount2 wrote:
| If it's any comfort, for some reason twitch uses Xsolla as
| it's payment processor. That is, you cannot pay for premium
| twitch with your amazon account.
| jrootabega wrote:
| Agreed. Hopefully you will be correcting that.
| rawling wrote:
| That's only a very narrow link though, isn't it? Just lets
| you claim Prime benefits, doesn't give access to Amazon
| purchasing or payment details or anything?
| lethalbas wrote:
| does any1 have the link to the leaked password hashes? askin for
| a friend
| 1121redblackgo wrote:
| Are you seriously asking for pw hashes.
| [deleted]
| rawling wrote:
| According to the /g/ link at the top of the thread, they're not
| in this "part 1" torrent.
| ToddWBurgess wrote:
| You really have to feel bad for the IT staff at Twitch who I
| expect are going to have a bad day today.
| hkai wrote:
| Is this the first major porn site to be hacked?
| y4mi wrote:
| Twitch is not porn. It's maybe a gateway to onlyfans, but you
| cannot have sexual content on twitch.
|
| Even YouTube allows more nudity then twitch.
|
| So yes, there are girls wearing bikinis and underwear on
| camera, but that's as far as it goes.
| bogwog wrote:
| It's called "softcore porn".
|
| > Even YouTube allows more nudity then twitch.
|
| Nudity alone is not pornographic.
| hnick wrote:
| I saw them doing microphone licking lately. Apparently that's
| popular.
| vadfa wrote:
| That depends on your definition of sexual. If you have
| someone in underwear with the sole purpose of arousing people
| of the opposite sex, that is pretty sexual to me.
| slightwinder wrote:
| Porn and sexual are not the same. There is a line, and so
| far Twitch stays on the safe side of it.
| bettysdiagnose wrote:
| The claim the commenter you replied to was referring to
| was:
|
| > you cannot have sexual content on twitch
|
| Which is obviously completely, completely false.
| pixxel wrote:
| They are not the same. Defined age-restricted pornography
| is arguably better than highly sexualised content aimed
| at children and their pocket money.
| onedr0p wrote:
| It's sarcasm my dude. Twitch is notorious for giving female
| streamers a pass when it comes to nudity or inappropriate
| behavior, all the while banning male members for accidentally
| clicking on a NSFW link and it being shown on steam for
| seconds.
| Semaphor wrote:
| A channel I mod got a 1-day suspension because you could
| see the crack of a drunk guy mooning them (despite
| instantly stopping the stream and deleting the VOD before
| starting again). A few weeks before, two girls flashed
| them. That obviously did not warrant a ban.
| vscodered wrote:
| >there are girls wearing bikinis and underwear on camera
|
| Is it really hot in their rooms or are they sex workers?
| nickysielicki wrote:
| The microphone ear licking channels are definitely more
| sexual than many "NSFW" subreddits.
|
| What actually defines porn? It's hard to say, but you know it
| when you see it. Spend 5 minutes watching any of the ear
| lickers on the front page of twitch and make your mind up for
| yourself. I find it hard to come to the conclusion that it's
| not porn.
| fc373745 wrote:
| >the leak was intended to "foster more disruption and competition
| in the online video streaming space" because "their community is
| a disgusting toxic cesspool".
|
| the irony in that it was leaked to 4chan
| zalequin wrote:
| The irony is that this post itself is ironically toxic. Kekw.
| h_anna_h wrote:
| Not really, I would go as far as to argue that it is less toxic
| than reddit, twitter, and even HN.
| wizzwizz4 wrote:
| Parts of it, yes. But the famous parts are _horrible_ ; I
| don't remember the last time HN ran an international
| cyberbullying campaign.
| QuinnyPig wrote:
| I thought it was called "YC Demo Day."
| wizzwizz4 wrote:
| There's a difference between vicious mockery of a company
| and its founders on a single website, and having randos
| holding knives knocking on people's windows.
| h_anna_h wrote:
| > and having randos holding knives knocking on people's
| windows
|
| Are you referring to some specific event?
| wizzwizz4 wrote:
| An amalgamation of multiple events. (I was lying when I
| implied I remembered the last time 4chan did this kind of
| thing; it happens so often.)
|
| The one I was thinking of, I misremembered: it was
| actually an (alleged) stabbing. https://www.theregister.c
| om/2021/07/07/tenacity_maintainer_q...
| alphabetting wrote:
| maybe on streamers with less than 50 viewers. every twitch
| stream i've seen the chat is easily 100x more toxic than any
| HN thread. ridiculous comparison
| h_anna_h wrote:
| Huh? I am not talking about twitch. If anything this just
| shows that you disagree with
| https://news.ycombinator.com/item?id=28771025 which is the
| post that I am replying to.
| wokwokwok wrote:
| Mmm... well, if you're received what you consider to be toxic
| interactions on twitter, reddit and even here, but not on
| 4chan, have you considered that the common factor is perhaps
| not that all of these platforms are toxic...
|
| ...but that your views are considered problematic by quite a
| lot of people?
|
| Perhaps that could be some cause for self reflection before
| you universally declare the entire platform here hostile and
| toxic.
| h_anna_h wrote:
| People on 4chan will call you slurs and insults but it is
| never personal, part of it is due to the anonymous nature.
| People here will be personally vicious and hostile.
|
| > ...but that your views are considered problematic by
| quite a lot of people?
|
| You do not know what my views are. It's as if you are
| trying to prove me right honestly. (btw, I am not posting
| on reddit nor on twitter, nor 4chan for that matter)
|
| Plus the same could be said for the toxic interactions that
| you had on there.
|
| > Perhaps that could be some cause for self reflection
| before you universally declare the entire platform here
| hostile and toxic.
|
| Again, same thing for you. "Perhaps that could be some
| cause for self reflection before you universally declare
| the entire platform there hostile and toxic."
| matheusmoreira wrote:
| > your views are considered problematic by quite a lot of
| people
|
| What I consider problematic is the fact these people will
| organize massive efforts on Twitter to ruin other people's
| lives because they posted wrongthink. They make the 4chan
| raids I've seen look amateurish.
| qersist3nce wrote:
| Indeed. There is some downright grotesque "malice" in
| Twitter cancel-culture efforts. It's really strange they
| are not self-aware and call 4chan (~last bastion of free
| speech) _toxic_.
|
| Yeah, 4chan is toxic and savage, but at least they are
| honest and _humane_ in a candid kind of way.
|
| The cyber-bullying's of 4chan is trash though...
| matheusmoreira wrote:
| Yeah. 4chan is supposed to represent people's unfiltered
| thoughts, what people really think when freed from social
| consequences. This produces a wider spectrum than what
| most people are used to seeing, both good and bad.
|
| While 4chan posters occasionally get organized and manage
| to operate outside their borders, these incredibly
| malicious activities just aren't something I associate
| with them. They're the specialty of groups like kiwi
| farms who are responsible for the suicide of at least one
| video game console emulator developer. I was shocked when
| people told me about byuu's suicide here on HN.
| throwrqX wrote:
| This is patently ridiculous. The biggest boards on 4chan,
| particularly /pol/ have widespread support for the genocide
| of Jews, black people, Muslims and women. Well maybe not all
| women, a more common view is instead that they should be
| enslaved to men. This kind of correction should give an idea
| of what kind of ideas are popular there.
| h_anna_h wrote:
| 4chan is not only /pol/. The culture between boards is
| vastly different. Although I do not disagree, /pol/
| specifically _is_ toxic.
|
| And it's not as if reddit does not have its own share of
| similar forums.
| throwrqX wrote:
| Of course 4chan is not just /pol/ but it is the biggest
| board, and together with /b/ contribute to plenty of
| hateful content as I mentioned. The culture between
| boards is different but /pol/ refugees in particular have
| been spreading to other boards for several years now and
| it's very annoying because even if a small group of them
| decide to visit a board regularly then they can ruin the
| culture because of relative sizes between the boards.
| Reddit and Twitter have their own problems, particularly
| with echo chambers but the biggest subreddit on reddit
| isn't spewing anywhere near the same kind of shit as the
| biggest board on 4chan does.
| nodejs_rulez_1 wrote:
| It would be good to have a streaming service where simps could
| be called out as such.
| Loughla wrote:
| Real question - why does it matter to you? If that's how
| people want to spend their time and money, and it makes them
| feel good, even if they look foolish, what does it matter to
| you?
|
| I'm really bad at woodworking, but I do it a lot, and I've
| spent a crap load of money on it. Does that matter at all to
| anyone else in the world?
| andrewzah wrote:
| Our societies do regulate how people can spend their time
| and money in certain regards. I don't think that's
| necessarily wrong. Smoking is banned, some countries have
| labeling for unhealthy products, and so on. Things can end
| up affecting other people in the long run, so I don't think
| it's unreasonable to contemplate addressing stuff like
| this.
|
| I think the main issues overall are encouraging parasocial
| relationships, and also the problem of selling sex to kids.
| I'm no prude but I think it raises some ethical questions
| when you have gaming content and sexual content in the same
| spot. If I had kids, that would matter to me.
| nodejs_rulez_1 wrote:
| Woodworking will leave you with skills, experience and a
| wider physical social circle at best or re-sellable tools
| and a story to tell at worst.
|
| Simping is more like an alcohol consumption - damaging and
| the first step is acknowledging a problem exists, often
| through an intervention.
| throwawayswede wrote:
| I have a theory that the more people use words like "toxic" or
| "cesspool" the more likely they are the ones causing and
| creating it.
| d3nj4l wrote:
| It's almost certainly tongue in cheek.
| squarefoot wrote:
| https://en.wikipedia.org/wiki/Psychological_projection
| incahoots wrote:
| They're using it "ironically" which at this point is coming
| off as genuine
| incahoots wrote:
| Based. Lot of streamers gonna feel some blowback on this. Not
| that it should matter but supposedly there's a bunch that lie to
| their chat about the income they generate.
| 1121redblackgo wrote:
| Are we sure that we are comfortable sharing the actual leak on
| this website? If we are, fine, but that is a choice we are
| making.
| fexelein wrote:
| Why not?
| 1121redblackgo wrote:
| It's illegally obtained information, sensitive information,
| about thousands of individuals and their personal businesses.
| I don't think its appropriate, and I would hate to be on that
| list right now.
| corobo wrote:
| Isn't this the exact argument search engines have been
| fighting for years in relation to piracy? The data hasn't
| been provided, a link to the data has been provided
| 1121redblackgo wrote:
| Sure. Morally what do you think is the right thing to do?
| willmorrison wrote:
| That's up to the person posting it and there shouldn't be
| a rule deciding either way for them.
| theknocker wrote:
| Cover up the leak and pretend it never happened,
| obviously. Let's make it hard for twitch users to even
| find out what was leaked about them. That will help.
| corobo wrote:
| Morally I wont be using any of the data. The data however
| is out whether you roadblock access to it or not.
|
| The chances of you stopping someone who's nefarious
| enough to use the data but so non-technical that they
| can't find a magnet link is so low it wasn't worth me
| typing this sentence about it
| sillysaurusx wrote:
| Hi ya'll, I have a question.
|
| My wife and I can't wrap our brains around the fact that _payment
| info_ was leaked alongside _source code_.
|
| Any theories how this happened?
|
| Former pentester btw. I saw a lot of interesting things during my
| time, but I can't recall seeing a payment database next to a
| source code repo.
|
| Did their s3 bucket get popped or something?
|
| Even if their github enterprise got popped, that doesn't explain
| that streamer payouts down to the dollar were leaked. "Oh yeah, I
| commit all my stripe data into github. It's for compliance /s"
|
| EDIT: If you want to see how much everyone's making:
| https://www.reddit.com/r/LivestreamFail/comments/q2gooi/twit...
| beckler wrote:
| My guess is it was an disgruntled employee who took a copy of
| all this data.
| mkr-hn wrote:
| Theorypothesis: the pre-Amazon acquisition company had very
| informal access controls, and Amazon is known for limiting
| how much change it imposes on acquisitions, so didn't know
| about this or didn't change to a more corporatey way of
| controlling access.
| dgemm wrote:
| IIRC twitch was always very resistant to Amazon processes
| like COEs, so I wouldn't be surprised if they pushed back
| on stricter access controls too.
| ryanlol wrote:
| > but I can't recall seeing a payment database next to a source
| code repo.
|
| I suspect you just haven't looked at what the BI team has been
| up to. This seems like exactly the kind of stuff BI folks
| always leave on git.
| ssklash wrote:
| Also a pentester. My guess is they just had really broad access
| to Twitch's systems, not that card data and source code were
| together. Given the amount and range of data, wide-ranging
| access to their infrastructure is the only thing that makes
| sense to me here.
| garyfirestorm wrote:
| Are you guys (other commenter) are professional pentesters?
| How do you become one? Do you freelance or work full time
| 8-5?
| ganoushoreilly wrote:
| There are a ton of companies hiring pentesters. Most
| testers fall into the profession after having worked in
| other network or IT related professions. A few are free
| lance, most work for a company or in my case start their
| own and expand out services. It's not really any different
| than any other tech job at the end of the day, it just
| seems glamorous. Don't become a pentester if you're not
| ready to write extensive reports.. it's probably 75% of the
| job.
|
| With that, there are tons of specific disciplines you can
| focus on for pentesting. I'd figure out what excites you
| and then go for it. Web app is diff than physical
| exploitation of security systems etc. but some of them
| cross over.
|
| Another option. Work for the government, join a red team or
| apply. They'll train you and you'll leave with a new
| perspective and possibly knowledge you can't get elsewhere.
| anonymouse008 wrote:
| [potentially off topic]
|
| > if you're not ready to write extensive reports.. it's
| probably 75% of the job
|
| Do you happen to have a system for building these out? As
| a techie, I imagine you've tried something like text-
| expander or similar... but I see a lot of people
| unsatisfied that they end up building their own tools.
| ganoushoreilly wrote:
| Yes, We have a few tools that fill in based on scan data,
| with typical points of data, but a lot of what we're
| doing requires it's presented in a few different
| perspectives. Generally we provide a couple reports, the
| Highly Technical (with notes, logs of actions, etc. This
| can be hundreds of pages, but it's meant to be a
| reference for the engineering teams fixing what we found.
| We also sometimes provide full screen captures of the
| "ops". Second we provide a paired down version of that
| report with issues and recommendations, usually for the
| person that's hired us. It includes what we recommend for
| them to be successful. Finally we provide an Executive
| report that is designed to be presented by the second
| report recipient. Usually we've addressed the high level
| issues, helped with internal requests if possible (IE
| IT/Security wanted a budget for new firewall, we help
| boost that with our report as part of future planning
| etc.) and ultimately this report is designed to give
| whomever hired us the ability to be the rockstar (we're
| just the tool).
|
| So all in, there are different tools needed for each
| report. Fortunately the way we capture the data and notes
| through out the "op" makes it much easier for the team to
| put together each part.
|
| There's ways we could automate more, we've even messed
| with AI writing some of the suggestions and actions based
| on input. So far though, we still need the humans in the
| loop.
|
| Honestly the first few reports are hardest, after that
| you find a process and it becomes much easier.
| mzfr wrote:
| Depends actually, if you just want to do pentesting then
| probably do some certifications like OSCP, CompTIA, etc.
| Once you get those its quite easy to land a interview for
| pentesting.
|
| Initially job may not pay good but you can build your
| network and then probably start doing contract works. Most
| of the pentesters I know make more from freelance/contract
| work then their jobs. Because mostly those
| contract/freelance work pays on hourly bases. The initial
| hour rates usually are somewhere between 40-50 USD but they
| can go to 120-150 with just after few jobs.
|
| P.S - I might have made it sound a very simple or easy
| profession but its not :)
| ganoushoreilly wrote:
| I would add that the more experience and time you have on
| the job those contract rates go up exponentially. I would
| also recommend if you're free lancing that you still do
| it under an LLC and purchase a liability policy. Too many
| risks.
|
| For example. In 2012 average consulting hourly rate I
| charged $350. Stayed booked. 2016 $550. Stayed booked. In
| 2018 I had a couple really large clients that paid
| $1500+hr
|
| There's gold in the hills, the trick is to figure out how
| to sell the pans, water, plots of land, and
| transportation to them. If you can work in complementary
| services or referrals for all the above, you just made
| yourself even more valuable.
| ganoushoreilly wrote:
| Curiously the torrent is labeled part 1 so my guess is there
| was a wide breach and this was just some of the data they
| wanted to put together.
|
| There are devops tools, soc tools, and a ton of random things
| here, I guess we'll have to sit and wait to see if more
| follows.
| slightwinder wrote:
| There are several ways why this could have happened.
|
| 1) The payment-data were just artifacts left on some file-
| server or from a process, which was accessible from dev-space.
|
| 2) No real systems were accessed and everything, it's all from
| a bad backup-server or poorly managed worker-pool.
|
| 3) Multiple Persons got hacked.
|
| 4) Exit-Scam of one or more Workers who just had broad enough
| access for some reason.
|
| 5) Twitch's security is just that bad.
|
| Some notable thing is, the payment-data are quite limited,
| there are no real private data it seems, and the git-history
| seems also be missing. It's not sure whether this is on purpose
| and whether more data will follow. But this overall hints so
| far that this at least was not a full deep hack.
| oauea wrote:
| some of the leaked code has embedded credentials in it
| bobmaxup wrote:
| Yeah, it looks like there are a lot of hard-coded
| credentials, and one of those is to a twitch_reports
| database, which might be where these financial reports came
| from.
| [deleted]
| MarkSweep wrote:
| Maybe they backed-up both to the same place and their backups
| got hacked?
| [deleted]
| iuri1 wrote:
| Either database dumps are in commit history (very common) or
| credentials like a password for a database is (even more
| common).
|
| A third reason would be finding a security flaw in the source
| code and exploiting it.
| Seanambers wrote:
| Amouranth made $92,949 licking a microphone - LOL. What a
| world.
| semi-extrinsic wrote:
| https://xkcd.com/305/
| tgsovlerkhgsel wrote:
| Rule 35, quoted either as "if there is no porn of it, it
| will be made" or "if there is no porn of it, you are
| required to make it".
| colinmhayes wrote:
| In a month. Plus donations. Plus youtube. Plus only fans.
| Plus I'm sure she sells merch.
| raxxorrax wrote:
| I guess if you have access to a build server that you might spy
| out some access credentials to other venues. Not impossible at
| least or perhaps some sort of service account was compromised
| that had access to both. Doesn't mean there was an immediate
| proximity of these system, although that might also be
| possible.
| notsureaboutpg wrote:
| The source code details how to access the payment data,
| probably, for dashboards, etc.
| [deleted]
| Seattle3503 wrote:
| This seems like it getting downmodded. It has over 850 points
| right now and isn't on the front page.
| pid-1 wrote:
| Managed git services suck at providing security that scales
| beyond a few devs. Most orgs that use GitHub are exposed to the
| risk of having their source code leaked by current or past
| employees.
|
| I'm hoping this leak will have serious financial consequences and
| bring awareness to that.
| madeofpalk wrote:
| How do you stop that? To write the code you need to have access
| to it.
|
| Really it just comes down to trust, and not having anything
| actually sensitive in the code, no?
| tiepoul wrote:
| I'm curious about the contents of the zip files. I do feel that
| something is interesting about its contents.
___________________________________________________________________
(page generated 2021-10-06 23:00 UTC)