fumufumu (u/fumufumu)

fumufumu commented on Lego says it wants to start to bring video game development in-house videogameschronicle.com/n... · Posted by u/namanyayg

Danieru · 9 months ago

Warner Bros has been trying to sell off their studios. So I can see Lego succeeding if they buy TT. Otherwise I think Lego will realize what many others have: starting up a new studio is hard, and having money makes it harder.

You cannot will a studio into existence with money. Google tried this. Amazon tried this. Microsoft has tried it a bunch of times.

Games can be a good business, I know my studio is, but it is hard in was that traditional business methods cannot cope with.

So Lego, make sure you acquire TT. That is your only clear opportunity to use money to solve this problem. Otherwise find a bunch of Lego fan gamers and hire them to make experimental games for half a decade. Don't listen to that VP who is promising you can push XXXmillion into an org chart and get an effective studio as the result.

fumufumu · 9 months ago

I know Amazon tried. I haven't heard of Google trying. Sure they started Stadia but they had no internal game dev teams that I know of.

I have hard of MS's issues. The biggest issue is a game dev team is generally lead by a game-director. It's not a "design by committee, come to consensus" type of thing like software dev is at Amazon, Google, Microsoft. The way work happens is not the same. They might look superficially similar but as a simple example, at typical game dev team is 70% artists, 20% game designers, 10% software engineers (+/-) where as a typical team at Amazon, Google, MS is 95% software engineers.

fumufumu commented on The curious surge of productivity in U.S. restaurants bfi.uchicago.edu/working-... · Posted by u/ryan_j_naughton

colonial · 9 months ago

What I'd like to know are the demographics of the people using the delivery apps.

Everyone I know refuses to touch them due to the massive extra costs piled on top, but whenever I swing by somewhere in-person to get takeout, I have the same experience as you - there's always at least a few bags on the "Doordash shelf" or equivalent. Who's burning all this money?!

fumufumu · 9 months ago

I moved back to the USA, SF in June 2021. I stayed with a friend and parnter for 5 days. In those 5 days they ordered via doordash for ~8 meals (lunch and dinner).

fumufumu commented on Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos stepsecurity.io/blog/hard... · Posted by u/varunsharma07

mubou · 9 months ago

In recent years, it's started to feel like you can't trust third-party dependencies and extensions at all anymore. I no longer install npm packages that have more than a few transitive dependencies, and I've started to refrain from installing vscode or chrome extensions altogether.

Time and time again, they either get hijacked and malicious code added, or the dev themselves suddenly decides to betray everyone's trust and inject malicious code (see: Moq), or they sell out to some company that changes the license to one where you have to pay hundreds of dollars to keep using it (e.g. the recent FluentAssertions debacle), or one of those happens to any of the packages' hundreds of dependencies.

Just take a look at eslint's dependency tree: https://npmgraph.js.org/?q=eslint

Can you really say you trust all of these?

fumufumu · 9 months ago

Did you turn off updates on your phone as well? Because 99.999% of people have app auto-updates and every update could include an exploit.

I'm not saying you're wrong not to trust package managers and extensions but you're life is likely full of the same thing. The majority of apps are made from 3rd party libraries which are made of 3rd party libraries, etc.... At least on phones they update constantly, and every update is a chance to install more exploits.

The same is true for any devices that get updates like a Smart TV, router, printer, etc.... I mostly trust Apple, Microsoft, and Google to check their 3rd party dependencies, (mostly), but don't trust any other company - and yet I can't worry about it. Don't update and I don't get security vulnerabilities fixed. Do update and I take the chance that this latest update has a 3rd party exploit buried in a 3rd party library.