My wife and I can't wrap our brains around the fact that payment info was leaked alongside source code.
Any theories how this happened?
Former pentester btw. I saw a lot of interesting things during my time, but I can't recall seeing a payment database next to a source code repo.
Did their s3 bucket get popped or something?
Even if their github enterprise got popped, that doesn't explain that streamer payouts down to the dollar were leaked. "Oh yeah, I commit all my stripe data into github. It's for compliance /s"
There are several ways why this could have happened.
1) The payment-data were just artifacts left on some file-server or from a process, which was accessible from dev-space.
2) No real systems were accessed and everything, it's all from a bad backup-server or poorly managed worker-pool.
3) Multiple Persons got hacked.
4) Exit-Scam of one or more Workers who just had broad enough access for some reason.
5) Twitch's security is just that bad.
Some notable thing is, the payment-data are quite limited, there are no real private data it seems, and the git-history seems also be missing. It's not sure whether this is on purpose and whether more data will follow. But this overall hints so far that this at least was not a full deep hack.
Also a pentester. My guess is they just had really broad access to Twitch's systems, not that card data and source code were together. Given the amount and range of data, wide-ranging access to their infrastructure is the only thing that makes sense to me here.
Theorypothesis: the pre-Amazon acquisition company had very informal access controls, and Amazon is known for limiting how much change it imposes on acquisitions, so didn't know about this or didn't change to a more corporatey way of controlling access.
I guess if you have access to a build server that you might spy out some access credentials to other venues. Not impossible at least or perhaps some sort of service account was compromised that had access to both. Doesn't mean there was an immediate proximity of these system, although that might also be possible.
Yeah, it looks like there are a lot of hard-coded credentials, and one of those is to a twitch_reports database, which might be where these financial reports came from.
You need to open that link incognito. (If clicking through from HN)
The site you linked to detects if the referrer url is HN and instead displays only an image saying "HACKER NEWS - A DDoS MADE OF FINANCE-OBSESSED MAN-CHILDREN AND BROGRAMMERS" instead of the content you are trying to link too.
When new sounds for System 7 were created, the sounds were reviewed by Apple's Legal Department who objected that the new sound alert "chime" had a name that was "too musical", under the recent settlement [with Beatles' record label Apple Records]. Jim Reekes, the creator of the new sound alerts for System 7, had grown frustrated with the legal scrutiny and first quipped it should be named "Let It Beep", a pun on "Let It Be". When someone remarked that that would not pass the Legal Department's approval, he remarked, "so sue me". After a brief reflection, he resubmitted the sound's name as sosumi (a homophone of "so sue me"). Careful to submit it in written form rather than spoken form to avoid pronunciation, he told the Legal Department that the name was Japanese and had nothing to do with music.
I worked for Nokia for a brief moment in time and the Nokia E71 (or another in that line) was internally codenamed "BeeBee" (like: blackberry) which was comical to me given that the phone looked a lot like a contemporary era blackberry.
The E71 was a god tier device. Owned one for a good bit as a teen and it was the perfect phone for that time IMO. You could even WhatsApp on it until relatively recently.
IIRC the whole common HW platform of late model E-series Symbian phones from Nokia was code named BB. Both E61 and E91 call themselves (IIRC) "BB v5.0" in USB descriptors.
- Less generous regional pricing (like on consoles) in exchange for slightly lower overall pricing
- 5% cashback into wallets, like Nintendo eShop
Epic only does some of these things, which is why its struggling. Its lack of social features is a major reason for low engagement on the platform, probably driven by Tencent and Chinese censorship restrictions (in the same way that the Steam forums are unavailable in China).
Anyone who played new world private alpha new this, the first alpha (closed) had an amazon games Epic Games like client, they choose to remove it for new world public beta and release but I knew they had been working on it because of it
This is somewhat hilarious. Just 5 days ago I was complaining about Twitch’s new "Only verified users" setting which requires me to give them my phone number. One of the reasons I said I’ll not do that was "hacks, leaks". And now this. Sure, I’ll give you my phone number to add TOTP (Why even?) after I’ve just been shown how secure that data is.
I don't really get this. My phone number is apparently already known by every scammer and spammer on earth, which is why I never answer calls from people I don't know, so what am I losing?
Meanwhile, Twitch has had a significant bot spamming problem.
The fact that they can use this number to correlate against contact lists collected from other people.
Now I don't think Twitch itself is doing this, but they may provide this information to marketing platforms such as Facebook which will use this data for ad targeting (and they definitely have a lot of people's contacts and can infer social graphs very well as a result).
> I don't really get this. My phone number is apparently already known by every scammer and spammer on earth, which is why I never answer calls from people I don't know, so what am I losing?
The only scammers who know my number are my phone-provider and my mom. Other scammers either never call me, or just don't know the number. Protecting your number is possible.
> Meanwhile, Twitch has had a significant bot spamming problem.
Which can be solved without this. The bot-problem is more about people not using the existing tools well and twitch sucking in their handling. Adding another features they won't use will not make anything better. Especially as the phone-number only rises the bar for bots.
I’m also subscribed to a few channels. I’m pretty sure that is a far stronger signal that I’m not a bot than getting my phone number. And unlike most people, I only had 2 or 3 spam calls, and maybe 10 spam SMS on the number I’ve had for almost 20 years.
This is a readily solvable problem i.e. the only phone number I use/give online is a VOIP# that just redirects to voicemail immediately (and blocks the call if it's on my SPAMMER list of persistent annoyances).
For friends/family they have my cell# and it only lets calls through if they're in my contacts.
Even though it should not be, this approach is a luxury that can only be afforded by those who do not need to take live calls from previously-unknown numbers. Job hunters, medical patients, etc.
From what I can see their 2FA is not inhouse. They're using twilio's Authy (first time I've heard of it, honestly) so maybe the phone numbers are not in the leak.
I’m assuming they may have had access to private API keys so unfortunately Authy may not be immune. That is unless Authy hides those details from their customers.
From another site a user commented that it might have proprietary modifications to ffmpeg which is LGPL/GPL (I think?). Would a leak be considered to be distribution, could others legally take these modifications and merge them into the upstream project?
I imagine other free software might have modifications too.
The IP issues with the leak are interesting. There's got to be some Stack Overflow copy/pastes, perhaps some variable name changed license violating code, and I wonder if patent trolls or even rightful patent owners can now sue based on how backend code works in a way where they had no way to sue if they didn't know how it worked from interacting with a frontend.
But seriously, if it takes trolling through the code to determine that Twitch's math violated their special way of doing math that no one else should get to use, it's just more evidence that software patents aren't helping protect or encourage innovation (else the violation would have been apparent from using the service). It would instead clearly be a "hah, gotcha, turns out we patented the linked-list-inside-a-hashmap construction you've got going on here, pay up! Only we can put the Legos together in that way!"
I believe so, and this is why the AGPL was created:
> The GNU General Public License permits making a modified version and letting the public access it on a server without ever releasing its source code to the public.
> The GNU Affero General Public License is designed specifically to ensure that, in such cases, the modified source code becomes available to the community.
Let me add something to be clear. As I understand it, free software was always happy to let you or your company modify and use software for your own use. The philosophy was always about respecting the users of the software, so the licenses don't kick in until someone else uses it. The problem addressed by AGPL is that someone can use your software over a network connection without running it themselves: a loophole in GPL.
Yes, it is valid. Consider for example: If you are an embedded hardware company. You modify GCC to support a new target / platform. Then, you can compile C code and create binaries for your embedded hardware.
As long as GCC is not distributed, this is a perfectly valid use case for GPL'd software.
Less abstract: Facebook famously has massive internal patches for MySQL, which is GPL'd. And of course, Google has massive internal patches for Linux kernel, which is also GPL'd.
The GPL can't actually force them to license their downstream changes, just revoke their ability to use the upstream project if they don't, and sue for infringement for damages.
Just goes to show you how small the top is in streaming. Based on this data, and assuming twitch payouts are about a quarter the average streamer's income, about 300-400 twitch streamers get paid more than the total comp of senior staff engineers where I work. Let's be generous and say that these people have no staff to pay (false assumption, e.g. Pestily has stated that he pays hundreds of thousands on salaries for editors, moderators, social media people, etc.). There are far more people than that at my one company making this kind of money, not to mention all the other big tech companies and startups.
That's just a long way of saying that if you wanna get rich, learn how to write code and talk to people. Way easier than becoming one of the top 3-400 streamers in the world.
Getting paid 7 figures for writing code? That is an anomaly and is not in line with reality. Just doing a cursory Google search for Senior Software Engineer salaries puts the average at ~122k [0], nowhere close to the amount one of those Twitch streamers makes. I wouldn't call it rich either, maybe middle class or upper-middle class at best.
I can't help but love the fact that PaymoneyWubby (a fat ginger nerd who makes interesting content, at least on youtube) makes more than pokimaine and Amouranth whose primary feature seems to be young, attractive, and female. Perhaps there's a tiny bit of justice in the world.
That may be true about amoruanth but Pokimane is genuinely just as content-driven and "gamer" as any of the top (like xqc for instance). There's more to her streams than her looking pretty - the same probably can't be said about amouranth.
> Some Twitter users have started making their way through the 125GB of information that has leaked, with one claiming that the torrent also includes encrypted passwords, and recommending that users change their passwords to be safe.
Twitch just asked me to change password for the first time, so it sounds credible.
Its possible, if theres a full database dump that direct messages could also be leaked, which could be incredibly damaging. I'd guess that these would be in another storage medium however.
One wonders. Why are encrypted passwords stored in an external code repository?
I'll be curious as well once this makes it's way to haveibeenpwned. Requested for it to be deleted and forgotten few years back, wont be the first time an account of mine has been "deleted" to then miraculously be hacked or caught up in a leak
That's only a very narrow link though, isn't it? Just lets you claim Prime benefits, doesn't give access to Amazon purchasing or payment details or anything?
If it's any comfort, for some reason twitch uses Xsolla as it's payment processor. That is, you cannot pay for premium twitch with your amazon account.
Looks like passwords were hashed with bcrypt using a cost factor of 10. I wouldn't be too worried for people with good passwords set up even if hashes got leaked. People with common passwords should probably change their passwords just in case though.
Couldn't help but contrast this to another item on the front page.. the irony of video game streamers making many times more than the lifetime earnings of Nobel Prize winners :)
Sports and Entertainment has always been a way to leap frog hard work.
I am not saying at all it is not deserved. I am quite ok with them earning millions. But it does make a lot of us pull this comparison, both in achievements for humanity and in effort spent in their endeavors.
I personally never played or wish to play the fame lottery, I prefer the hard work path.
I am guessing the most popular streamers have gotten where they are by hard work.
Yes some is luck, attractiveness, etc. But that's true in all careers.
Just because they're playing games doesn't mean they aren't working. Athletes get insane amounts of money to play games. They exert themselves more physically, but I expect being a top steamer day in and out isn't a cake walk either.
I think Kobe Bryant working on his free-throws from 4 AM to 8 PM every day for decades is much harder work than some dude making dogecoin over a weekend or minting an AI-generated NFT.
Wealth is not linear, it's not promised as the result of "hard work". Hard work helps, but it isn't the determining factor of whether or not you'll get a payout.
You must work hard in a domain that has public visibility and actually produces something of value to people. And yes, Basketball (and watching it) is extremely valuable to a lot of people.
Many comments saying sports and streaming is hard work. Well, no doubt it is. Many pulling 12h or 16h work days. I agree.
Nevertheless, anyone that manage to have 5+ millions USD in property and savings before they are 30 got to a level of wealth in 10 years that 90% of people will not achieve in a lifetime.
Totally fine. My issue is with the streamers who promote socialism to their fans and say that wealth should be distributed, meanwhile pocketing a huge paycheck. I guess there's a market for stupidity. It's both funny and sad.
(TTS donations, 3rd party revenue like OnlyFans, Patreon, Amazon Gifts and sponsorship deals... are not included)
Total gross payout in the leak (2019/8 to 2021/10) was 4.2 billion dollars across 344k users. (based on data points above alone but could be wrong since it's annons on 4chan.)
PS: Make sure to change your Twitch (and possibly Prime) password. Twitch is already prompting users to do so based on Reddit posts.
I don't think it's funny, I think it's sad because most of it comes from the emotional exploitation of parasocial relationships.
Something we used to scoff at in places like Asia, now even casual relationships are utterly commoditized and we taught a whole generation of young humans how that's the most normal thing in the world.
Isn't that the basis of the economy with the increasing wealth gap and so on? It's not really materially different to paying Disney millionaires to go watch the latest Marvel movie.
To be fair, the number of millionaires is overall pretty low in numbers. Just some few dozen worldwide. Most top-streamers "only" earn as much as upper middle-class or less. Compared to other sketchy businesses, this seems relative ok. Be aware that those numbers are before taxes and are not including expenses, which can be quite high in the top league.
Yeah, it's so absurd it's hilarious. Seeing people make millions of USD for playing games and mentioning others in a live stream made me seriously rethink the value of my own work.
It somewhere between "paying to not see ads" (mechanical) to "being a fan and wanting to contribute to them" (parasocial). I don't think most people care if they're a fan of a millionaire - see sports and entertainment celebrities. Looking at things reflexively through a wealth-inequality perspective is done only by a minority of people.
I was watching a streamer the other day and she was doing some stunt because another streamer promised her an iphone 13 pro. But now I realize she could buy hundreds of them! Argh. Here i am waiting two months so i could afford to put a down payment on one.
In streaming case, for whatever reason you want to make a donation to somebody, not doing it because they are richer than you seems very strange to me.
> I wonder if this'll lead to software engineers in big companies having more restricted access to code?
I don't think that Twitch has closed source code because they want to keep code private. It's probably more a matter of don't want to show commit message in case there are some bad words inside it. And don't want to show the world in case their source code look bad.
Twitch without its code source can't work yeah, but imagine if all the commits of Twitch were public I doubt it would change anything for them.
That would be nice if their was a mental change about source code and that it is fine to show it even if it looks shit.
Dozens? The 4chan post said "almost 6,000 internal Git repositories". We don't use git at work (TFS, yay), and we definitely aren't on their scale, but that seems high to me. Do they have a repo for every class? Is this normal?
It s already the case and actually a big fight we re having (company of 70k employees spread everywhere) because we cant reverse engineer our upstream and downstream systems and it leads to huge bottlenecks trying to understand them when issues arise, as we need other teams etc.
Will depend on company back when I worked for British Telecom, some team leaders with wide access to code & data on some projects had to go through Developed Vetting (TS clearance).
Back in the mid 90's there was a issue in Scotland when a well known journalist got a job in a call center and looked up the private telephone numbers for the Queen.
Am I the only one a bit disappointed by the gross earnings for the top 5 earners given how much the media has ben hyping the money made by e-gamers. For some reason I would have thought they would make more money over 2 years. Top earner was grossing $ 9.6M ($4.8M/yr), 10th was $2.9M($1.4M/yr), at 81 you drop below $1M (500k/yr) on twitch pre-tax revenue. After 81 you drop below the %1M over two years threshold.
Actually the more I think about it - that does seem like a lot if you add in their other rev from youtube channels and other compensation. I understand why all the pro players started working on their twitch stream content more than winning competitions. More stable business and viewer base.
A lot of those streamers are pretty open about how twitch revenue is a small portion of their earnings.
Ninja was famously paid $1MM for an 8 hour ad of playing Apex at launch.
I've had private conversation with large streaming friends that have all said independently that the amount they get paid from a short Raid Shadow Legends ad is huge. One said it's enough to buy a nice car, and if they hit their target downloads (w/ link) the number jumps up to enough to buy multiple nice cars.
There is a lot of big money for streamers, not just big streamers.
Also good to note that most streamers have a side donation system that more then likely isn’t included in these numbers. Donations seem to be generally run through a non twitch third party site. And is probably a substantial increase if not a doubling of their income.
Before commenting on how much revenue this seems to be for the streamer, remember that most streamers hire and maintain staff. Preach Gaming, for example, has 6 full time staff. Angry Joe is somewhere around 8. Critical Roll’s website lists 24 employees, plus more who are likely not credited.
If you squint a bit, that's not that far off of niche pro athlete money (especially given that the bottom end doesn't have the same discrete threshold that pro sports do). Per [0] the best-paid NHL players are making ~$10M/year, and I would expect the NHL to be more efficiently monetized than internet streamers (we know that making money as "talent" on the internet is a tough proposition).
> PS: Make sure to change your Twitch (and possibly Prime) password. Twitch is already prompting users to do so based on Reddit posts.
This is not worth worrying about. If Twitch is making you reset your password, that means you don’t need to hurry because they’ve already locked your account. If your password hash leaked, the important thing isn’t Twitch, it’s every other place you used the same password.
Depends on your local legislations, but be careful that by default on torrents you are also sharing those files to others so you are also distributing stolen material, so it may have an impact on your potential "crime".
I saw the payout pastebin, but i'm very curious what the amazon vs stream cut is for sub revenue in particular. This is the key thing steamers negotiate with twitch over, and is covered by the nda.
rumor was recently negotiations have been very cut and dry for newer big/up and coming streamers basically being told to take some algorithmically assigned cut or give up partner status.
Readit News
My wife and I can't wrap our brains around the fact that payment info was leaked alongside source code.
Any theories how this happened?
Former pentester btw. I saw a lot of interesting things during my time, but I can't recall seeing a payment database next to a source code repo.
Did their s3 bucket get popped or something?
Even if their github enterprise got popped, that doesn't explain that streamer payouts down to the dollar were leaked. "Oh yeah, I commit all my stripe data into github. It's for compliance /s"
EDIT: If you want to see how much everyone's making: https://www.reddit.com/r/LivestreamFail/comments/q2gooi/twit...
1) The payment-data were just artifacts left on some file-server or from a process, which was accessible from dev-space.
2) No real systems were accessed and everything, it's all from a bad backup-server or poorly managed worker-pool.
3) Multiple Persons got hacked.
4) Exit-Scam of one or more Workers who just had broad enough access for some reason.
5) Twitch's security is just that bad.
Some notable thing is, the payment-data are quite limited, there are no real private data it seems, and the git-history seems also be missing. It's not sure whether this is on purpose and whether more data will follow. But this overall hints so far that this at least was not a full deep hack.
The article says otherwise: "The entirety of Twitch’s source code with commit history “going back to its early beginnings”"
There are devops tools, soc tools, and a ton of random things here, I guess we'll have to sit and wait to see if more follows.
I suspect you just haven’t looked at what the BI team has been up to. This seems like exactly the kind of stuff BI folks always leave on git.
Deleted Comment
Deleted Comment
A third reason would be finding a security flaw in the source code and exploiting it.
Nobody is putting production databases in to commit history. At the size of twitch, there's also no way any application dev has access to production.
> credentials like a password for a database is (even more common).
??? What cowboy outfit is putting things which grant access to production customer data in to git?
They say hacked
EDIT Found it again: https://sizeof.cat/post/twitch-leaks/#secrets-exposed
The site you linked to detects if the referrer url is HN and instead displays only an image saying "HACKER NEWS - A DDoS MADE OF FINANCE-OBSESSED MAN-CHILDREN AND BROGRAMMERS" instead of the content you are trying to link too.
OK Then...
Deleted Comment
Dead Comment
The choosing of the name Vapor is probably no accident when the main competitor is Steam.
Just like when IBM launched the "Eclipse foundation" which was arguably based on one of Sun's most prized possessions; Java.
When new sounds for System 7 were created, the sounds were reviewed by Apple's Legal Department who objected that the new sound alert "chime" had a name that was "too musical", under the recent settlement [with Beatles' record label Apple Records]. Jim Reekes, the creator of the new sound alerts for System 7, had grown frustrated with the legal scrutiny and first quipped it should be named "Let It Beep", a pun on "Let It Be". When someone remarked that that would not pass the Legal Department's approval, he remarked, "so sue me". After a brief reflection, he resubmitted the sound's name as sosumi (a homophone of "so sue me"). Careful to submit it in written form rather than spoken form to avoid pronunciation, he told the Legal Department that the name was Japanese and had nothing to do with music.
https://en.wikipedia.org/wiki/Sosumi
https://en.wikipedia.org/wiki/Nokia_E71
https://en.wikipedia.org/wiki/BlackBerry_Curve
It would be pretty awesome if they stuck with "Vapor" though. It'd be some WWE-style drama, and great for marketing.
- 10-15% commission
- Exclusives
- Curation/quality control
- Integrated anti-piracy
- Forums/modding/game guides
- User profiles/achievements/gamification
- Less generous regional pricing (like on consoles) in exchange for slightly lower overall pricing
- 5% cashback into wallets, like Nintendo eShop
Epic only does some of these things, which is why its struggling. Its lack of social features is a major reason for low engagement on the platform, probably driven by Tencent and Chinese censorship restrictions (in the same way that the Steam forums are unavailable in China).
>vaporware
I see no issue here
Meanwhile, Twitch has had a significant bot spamming problem.
The fact that they can use this number to correlate against contact lists collected from other people.
Now I don't think Twitch itself is doing this, but they may provide this information to marketing platforms such as Facebook which will use this data for ad targeting (and they definitely have a lot of people's contacts and can infer social graphs very well as a result).
The only scammers who know my number are my phone-provider and my mom. Other scammers either never call me, or just don't know the number. Protecting your number is possible.
> Meanwhile, Twitch has had a significant bot spamming problem.
Which can be solved without this. The bot-problem is more about people not using the existing tools well and twitch sucking in their handling. Adding another features they won't use will not make anything better. Especially as the phone-number only rises the bar for bots.
They really need that verification option just to avoid getting run off the platform.
For friends/family they have my cell# and it only lets calls through if they're in my contacts.
I imagine other free software might have modifications too.
What's the difference?
But seriously, if it takes trolling through the code to determine that Twitch's math violated their special way of doing math that no one else should get to use, it's just more evidence that software patents aren't helping protect or encourage innovation (else the violation would have been apparent from using the service). It would instead clearly be a "hah, gotcha, turns out we patented the linked-list-inside-a-hashmap construction you've got going on here, pay up! Only we can put the Legos together in that way!"
Dead Comment
> The GNU General Public License permits making a modified version and letting the public access it on a server without ever releasing its source code to the public.
> The GNU Affero General Public License is designed specifically to ensure that, in such cases, the modified source code becomes available to the community.
https://www.gnu.org/licenses/agpl-3.0.en.html
As long as GCC is not distributed, this is a perfectly valid use case for GPL'd software.
Less abstract: Facebook famously has massive internal patches for MySQL, which is GPL'd. And of course, Google has massive internal patches for Linux kernel, which is also GPL'd.
That's just a long way of saying that if you wanna get rich, learn how to write code and talk to people. Way easier than becoming one of the top 3-400 streamers in the world.
[0] https://www.indeed.com/career/senior-software-engineer/salar...
Deleted Comment
justice? hardly.
Twitch just asked me to change password for the first time, so it sounds credible.
One wonders. Why are encrypted passwords stored in an external code repository?
Deleted Comment
I am not saying at all it is not deserved. I am quite ok with them earning millions. But it does make a lot of us pull this comparison, both in achievements for humanity and in effort spent in their endeavors.
I personally never played or wish to play the fame lottery, I prefer the hard work path.
Yes some is luck, attractiveness, etc. But that's true in all careers.
Just because they're playing games doesn't mean they aren't working. Athletes get insane amounts of money to play games. They exert themselves more physically, but I expect being a top steamer day in and out isn't a cake walk either.
Wealth is not linear, it's not promised as the result of "hard work". Hard work helps, but it isn't the determining factor of whether or not you'll get a payout.
You must work hard in a domain that has public visibility and actually produces something of value to people. And yes, Basketball (and watching it) is extremely valuable to a lot of people.
Nevertheless, anyone that manage to have 5+ millions USD in property and savings before they are 30 got to a level of wealth in 10 years that 90% of people will not achieve in a lifetime.
science != commerce
something truly novel is hard to evaluate in money
https://i.kym-cdn.com/photos/images/original/001/259/257/342...
Someone can want socialism while still participating in a capitalist society. Being a martyr is rarely worth it imo.
On top of that, even if we lived in a socialist society, the top would still be rich, they would just be taxed more.
Top 10k Streamers by Revenue: https://pastebin.com/LjmaPNam
Contains the following data points:
'ad_share_gross', 'sub_share_gross', 'bits_share_gross', 'bits_developer_share_gross', 'bits_extension_share_gross', 'prime_sub_share_gross', 'bit_share_ad_gross', 'fuel_rev_gross', 'bb_rev_gross'
(TTS donations, 3rd party revenue like OnlyFans, Patreon, Amazon Gifts and sponsorship deals... are not included)
Total gross payout in the leak (2019/8 to 2021/10) was 4.2 billion dollars across 344k users. (based on data points above alone but could be wrong since it's annons on 4chan.)
PS: Make sure to change your Twitch (and possibly Prime) password. Twitch is already prompting users to do so based on Reddit posts.
Something we used to scoff at in places like Asia, now even casual relationships are utterly commoditized and we taught a whole generation of young humans how that's the most normal thing in the world.
In streaming case, for whatever reason you want to make a donation to somebody, not doing it because they are richer than you seems very strange to me.
Dead Comment
Looks like someone dumped everything on their github enterprise.
I wonder if this'll lead to software engineers in big companies having more restricted access to code?
I don't think that Twitch has closed source code because they want to keep code private. It's probably more a matter of don't want to show commit message in case there are some bad words inside it. And don't want to show the world in case their source code look bad.
Twitch without its code source can't work yeah, but imagine if all the commits of Twitch were public I doubt it would change anything for them.
That would be nice if their was a mental change about source code and that it is fine to show it even if it looks shit.
Back in the mid 90's there was a issue in Scotland when a well known journalist got a job in a call center and looked up the private telephone numbers for the Queen.
Actually the more I think about it - that does seem like a lot if you add in their other rev from youtube channels and other compensation. I understand why all the pro players started working on their twitch stream content more than winning competitions. More stable business and viewer base.
Ninja was famously paid $1MM for an 8 hour ad of playing Apex at launch.
I've had private conversation with large streaming friends that have all said independently that the amount they get paid from a short Raid Shadow Legends ad is huge. One said it's enough to buy a nice car, and if they hit their target downloads (w/ link) the number jumps up to enough to buy multiple nice cars.
There is a lot of big money for streamers, not just big streamers.
It's even more interesting that for 50k gross, you have to beat this guy "DEMOLITION_D" at the #4432 place.
Paying all that talent adds up.
[0] https://www.spotrac.com/nhl/rankings/
This is not worth worrying about. If Twitch is making you reset your password, that means you don’t need to hurry because they’ve already locked your account. If your password hash leaked, the important thing isn’t Twitch, it’s every other place you used the same password.
edit: I saw it mentioned in that /g/ thread that these numbers are without the donations.
magnet:?xt=urn:btih:N5BLZ6XECNEHHARHJOVQAS4W7TWRXCSI&dn=twitch-leaks-part-one&tr=udp%3A%2F%2Fopen.stealth.si%3A80%2Fannounce
Deleted Comment
rumor was recently negotiations have been very cut and dry for newer big/up and coming streamers basically being told to take some algorithmically assigned cut or give up partner status.
Deleted Comment