Jump to content
[DE]Rebecca

Drop Rates, Datamines, and Digital Extremes (DDD).

Recommended Posts

3 minutes ago, sinisteran said:

Like I stated before you did not directly cause the exploits to happen. But can you say with 100 percent confidence and prove that your mines had no relation to umbra and primed streamline in its entirety. Not even a small mention or anything. 

Still, it isn't my fault that information I published was used in a malicious manner. Just like when you said:

"2. He did not do it personally. But if what he did was still within the chain of causation he is also (not solely) responsible. Also your example is not a good one. Lets take Tesla. Their code was mined leading to a 3rd party to hack it and kill people with it. It is not Tesla's legal liability. It is impossible to make something without fault, especially programs,

Just like it isn't Tesla's legal liability, it isn't my liability if people misuse the information I provide. I only provided the information for informational purposes, something I have said many times in the past.

"He heard that it happened after the fact is not a valid defence. HE DID NOT HACK UMBRA OF PRIMED STREAMLINED PERSONALLY- WE KNOW!

But his datamine prior to the incident allowed others to exploit the game, and hack it. So yes he is technically responsible."

My datamines did not allow anyone to exploit the game. They did not provide source code or  methods into manipulating Digital Extremes software or functionality in their game. So no, my datamines did not allow anyone to exploit the game and hack it. I am not responsible for this...

  • Like 1
  • Upvote 13

Share this post


Link to post
Share on other sites
Just now, yingji said:

Prove it.

I mean, you state it like it's a fact. So of course you can prove it immediately.

Go ahead.

We are watching.

In the original release in reddit prior to the dev workshop that Rebecca had stated it and submitted they have proof. But I doubt I can just ask for it. You could try and ask her to see if DE would release such confidential information to you.

  • Upvote 1

Share this post


Link to post
Share on other sites
Just now, sinisteran said:

In the original release in reddit prior to the dev workshop that Rebecca had stated it and submitted they have proof. But I doubt I can just ask for it. You could try and ask her to see if DE would release such confidential information to you.

If you want to prove something then don't ask me to do the work for you.

  • Like 1
  • Upvote 2

Share this post


Link to post
Share on other sites
8 minutes ago, yingji said:

I like some parts of your post, but talking about zero day vulnerabilities is a terrible, terrible, terrible example.

If you find and publicly expose a vulnerability you have a very high chance of going to prison.

That is why it makes more sense to sell a vulnerability via murky channels, which is why corporations and governments spend hundreds of millions of dollars every year buying vulnerabilities from 'criminals' also known as professional security researchers.

Just ask weev all about it. https://www.wired.com/2013/03/att-hacker-gets-3-years/

Google for yourself 'security researcher jail'. Please educate yourself. Jailing people who find vulnerabilities is widespread.

And when companies punish benign computer people the punished activities go underground and can/do then go deeply wrong for those companies.

I fear for DE in this regard.

This used to be the case years ago... before companies found the value of having issues exposed is much more cost-effective and for the exploiter to receive a form of payment than it is for the amount of damages it would cost to repair any malicious damage done by a user.

(Forgot to mention, zero-day vulnerabilities are never actually publicised until 30 days after informing the company about the exploit), hence pre-emptive warning.

  • Upvote 1

Share this post


Link to post
Share on other sites
10 minutes ago, (PS4)decogold said:

This still does not change the fact that the images are not under patent. Example of the "law" is in reference to the right to privacy, doesn't relate to your original point. (Unless your referring to a user's own copyright, which differs from a company)

This still does not change the fact that he is not responsible.If your perception on this were true then you can say goodbye to basically every single human commodity in existence - including the internet. It is the responsibility of the individual who exploited the code - now things would be different if void_glitch did exploit the code, he did not therefore he is not liable for what happens once he exposes the vulnerability. Your example is proving my point - it is not void_glitch's responsibility.

Proving my point yet again, it is the responsibility of the bearer, not the creator. It is the murderer's fault, not the creator's.

Actually no, you are comparing a complex labyrinth of an operating system which has many, many layers of features and different binary components to a game - entirely 2 different environments - not comparable.

But.. you are indirectly stating that it could cause damages either way, so therefore you have effectively neutralised your first argument. (Being he is solely liable, which isn't true for damages).

Actually art can be copyrighted. Are you saying that Oberon prime's design is not theirs?

Again. Causation. Understand it first.

My point was to disregard your car claim. Not directly correlated to this case.

Name 1 game or software with 0 bugs ever.

The 3rd part I could be clearer actually I agree. He could have caused both in damages and income to DE. Therefore my point still stands. if you want I will name the good he has done through data mining too.

Edited by sinisteran
  • Upvote 2

Share this post


Link to post
Share on other sites
1 minute ago, (PS4)decogold said:

This used to be the case years ago... before companies found the value of having issues exposed is much more cost-effective and for the exploiter to receive a form of payment than it is for the amount of damages it would cost to repair any malicious damage done by a user.

(Forgot to mention, zero-day vulnerabilities are never actually publicised until 30 days after informing the company about the exploit), hence pre-emptive warning.

A few current Bug Bounty programs don't tell a fraction of the whole story. If you want to believe in the world you describe then that's your choice

  • Upvote 1

Share this post


Link to post
Share on other sites
1 minute ago, yingji said:

A few current Bug Bounty programs don't tell a fraction of the whole story. If you want to believe in the world you describe then that's your choice

By typing bug report into google and limiting it to the last 24 hrs theres 176,000 entries. I will take half way. That doesn't seem like a few programs. 

Share this post


Link to post
Share on other sites
8 minutes ago, (PS4)decogold said:

This used to be the case years ago... before companies found the value of having issues exposed is much more cost-effective and for the exploiter to receive a form of payment than it is for the amount of damages it would cost to repair any malicious damage done by a user.

(Forgot to mention, zero-day vulnerabilities are never actually publicised until 30 days after informing the company about the exploit), hence pre-emptive warning.

Actually some cases fought in court right now are using precedent from the 1800's so 2003 isn't that far back in relation to law. and precedent don't get replaced very often 

Edited by sinisteran

Share this post


Link to post
Share on other sites
1 minute ago, sinisteran said:

Actually art can be copyrighted. Are you saying that Oberon prime's design is not theirs?

Again. Causation. Understand it first.

My point was to disregard your car claim. Not directly correlated to this case.

Name 1 game with 0 bugs ever.

No, i'm saying that the images which were leaked were not patented under WF's patent. Making assumptions on a case such as Oberon is just low.. like come on - modelling and textures differs far more than images.

Not going to respond to second point, you clealy fail to see the flaw here.

"Name 2 game every with 0 bugs ever" - again, drawing the "no game has 0 bugs" argument... oh, so because there was a bug which DE created it is somehow void_glitch's fault... when he did not create those issues.... oh wait it isn't.

Cherry-picking points doesn't help your overall consensus.

4 minutes ago, yingji said:

A few current Bug Bounty programs don't tell a fraction of the whole story. If you want to believe in the world you describe then that's your choice

Well yes because if they decided to imprison me for following a bug-bounty program i would happily sue them for breaking the law.

  • Upvote 3

Share this post


Link to post
Share on other sites
1 minute ago, sinisteran said:

Actually some cases fight in court are using precedent from the 1800's so 2003 isn't that far back in relation to law. and precedent don't get replaced very often 

Well yes but "bug bounty" programs in question in 2003 were near to non-existent as people did not understand how effective of an asset they were until years later.

  • Upvote 2

Share this post


Link to post
Share on other sites
11 minutes ago, yingji said:

If you want to prove something then don't ask me to do the work for you.

Uh you were the one telling me to do it. I have no intention to. Because if Rebecca and DE had lied they would be very stupid to do so.

Share this post


Link to post
Share on other sites
3 minutes ago, sinisteran said:

By typing bug report into google and limiting it to the last 24 hrs theres 176,000 entries. I will take half way. That doesn't seem like a few programs. 

I can see this is not your area and since I don't feel like providing a free education on exploit pricing then you'll have to go with what you know.

  • Upvote 2

Share this post


Link to post
Share on other sites

@(PS4)VoiD_Glitch

A cease and desist order only identifies content/activity infringing on the right holder's welfare and compels the offender to stop, it doesn't need to have a reason, let alone something like "because primed streamline was leaked we're going to stop you from posting drop tables, which has nothing to do with it".

If they're trying to infer you being liable for primed streamline / umbra leak, they'll need to 1. prove you did it or were involved in part of it, and 2. show how much money lost because of this and sue you for compensation.  Tall order.  Any suggestions along this line made by the legal team is mostly scare tactics.

Having said that, I'm not saying you should disregard and not follow the C&D.  I'm just saying it is a completely separately matter from them potentially suing your A** off for money due to the primed streamline / umbra leak.

The reality (to the lawyers) is that there is not money in your case, just play nice and it will go away.

 

 

Share this post


Link to post
Share on other sites
1 minute ago, yingji said:

I can see this is not your area and since I don't feel like providing a free education on exploit pricing then you'll have to go with what you know.

DE does not have an 0 day exploit program as that would involve letter players play a build before it was released. Can you say this is their fault? They aren't exactly that important I mean this is a stupid game about space ninjas, not software to run a bank.

Share this post


Link to post
Share on other sites
2 minutes ago, sinisteran said:

DE does not have an 0 day exploit program as that would involve letter players play a build before it was released. Can you say this is their fault? They aren't exactly that important I mean this is a stupid game about space ninjas, not software to run a bank.

You do know how much the video gaming sector is worth right?

  • Upvote 3

Share this post


Link to post
Share on other sites
8 minutes ago, yingji said:

You do know how much the video gaming sector is worth right?

Yes but DE is worthless in the grand scheme of things. This isn't Blizzard its a tiny canadian indie company that makes less than some restaurants. If you made an ftp indie game would you really spend millions and millions to ensure 0 day vulnerabilities and even then its not 100 percent bug and exploit free? Not to mention the potential consequences of dealing with those hackers and blackmailing you etc.

Edited by sinisteran
  • Upvote 1

Share this post


Link to post
Share on other sites
1 minute ago, sinisteran said:

tiny pathetic canadian indie company

Please don't bring Canada into this ... as a Canadian I do take offense.

We're obviously not as sophisticated as some other country conducting grand undertakings like booting millions of people off healthcare and tipping the blood money as tax cuts to the rich, but at least we're friendly :)

  • Upvote 4

Share this post


Link to post
Share on other sites
1 minute ago, sinisteran said:

Yes but DE is worthless in the grand scheme of things. This isn't Blizzard its a tiny pathetic canadian indie company that makes less than some restaurants. If you made an ftp indie game would you really spend millions and millions to ensure 0 day vulnerabilities and even then its not 100 percent bug and exploit free? Not to mention the potential consequences of dealing with those hackers and blackmailing you etc.

Are you saying DE is too small to put up a Bug Bounty scheme? They sure are quick to throw legal threats at a foreign child for simply datamining so what are the options then for anyone who finds an actually serious technical problem? Go public and face the same treatment as Void_glitch or worse? I think you see the problem.

  • Upvote 4

Share this post


Link to post
Share on other sites
6 minutes ago, yingji said:

Are you saying DE is too small to put up a Bug Bounty scheme? They sure are quick to throw legal threats at a foreign child for simply datamining so what are the options then for anyone who finds an actually serious technical problem? Go public and face the same treatment as Void_glitch or worse? I think you see the problem.

Actually yes. Void is face of data mining and he is technically breaching their copyright. Stopping him would lead to stopping others datamining. Thus reducing future exploits and hacks. Its is not only cheaper but way more efficient. Its a good move actually and they aren't doing anything shady. 

Shady would be just to IP ban him and remove all possible access he has in the game. Not waste time and create this whole debacle. A 17 yr old cant exactly convince their parents to move or get the ISP to change their IP.

Actually DE being so bold is more damaging to them than it is helpful. They could have even thrown in an NDA but they didn't. 

Edited by sinisteran
  • Upvote 1

Share this post


Link to post
Share on other sites
Just now, sinisteran said:

Actually yes. Void is face of data mining. Stopping him would lead to stopping others datamining. Thus reducing future exploits and hacks. Its is not only cheaper but way more efficient. Its a good move actually and they aren't doing anything shady. 

I'm sure if alternatively DE experiences an increase in hacks we will be the very last to hear about it.

  • Upvote 4

Share this post


Link to post
Share on other sites
1 minute ago, yingji said:

I'm sure if alternatively DE experiences an increase in hacks we will be the very last to hear about it.

Well we dont know that yet. But as a business and legal stand point this is the best move for them. I also think if they were so bad they'd force Void to sign an NDA so we wont even know any of this.We'd just think he disappeared.

Edited by sinisteran
  • Upvote 1

Share this post


Link to post
Share on other sites
2 minutes ago, sinisteran said:

Well we dont know that yet. But as a business and legal stand point this is the best move for them. I also think if they were so bad they'd force Void to sign an NDA so we wont even know any of this.We'd just think he disappeared.

CANADIAN GAME COMPANY 'DISAPPEARS' 17 YEAR OLD AMERICAN COMPUTER PRODIGY

Can it get any worse at this point.

  • Upvote 6

Share this post


Link to post
Share on other sites
2 minutes ago, yingji said:

CANADIAN GAME COMPANY 'DISAPPEARS' 17 YEAR OLD AMERICAN COMPUTER PRODIGY

Can it get any worse at this point.

Except no one can imperically blame them or find out without one side breaking nda and the incident wont be this large. Most of us would just think he went to college.

Edited by sinisteran
  • Upvote 1

Share this post


Link to post
Share on other sites
On 6/22/2017 at 4:24 PM, (PS4)VoiD_Glitch said:

You know, I would be willing to assist you, but you people seem to be against me in this... Additionally, I could provide a report I wrote about Warframe Random Number Generation a long time ago, if that would assist you in your explanation of your Warframe Random Number Generation mechanics.

There is an interesting pattern here, with senior Tenno also having noticed a "trend" with RNG and drops that really needs to be fixed, downgrading the positivity of the OP accordingly.  Indeed, the value of the chance tables themselves is belied by this issue.  Sorry, but that needed to be cryptic.

 

As for the more junior Tenno here, there is something you must keep squarely in mind as you shower DE with appropriate appreciation for finally publishing the mission decks.  The context of this announcement is dark and unfortunate.

 

Void Glitch has been the center of attention for DE's anti mining efforts for a very long time.  This is completely uncalled for.  For almost 3 years they quietly tolerated it and now that a completely different entity, with different goals and tools, compromizes a flaw to exploit the game and spoil content do the scary legal letters come out?  Unacceptable.  Disrespectful!  I don't want to see an apology, but I do expect DE to knock it off.  Community members that have bothered to be community members for this long under withering abuse are DE's assets even if they don't agree with them.  DE can make examples of them or accept their help.  The former should be understood as wrong in this case.

Before we had complex stats for weapons and frames in the codex, such things had to be experimentally determined and published by the wiki team then verified by data-miners.  Once this information became widespread, it made no sense to keep the numbers out of the game UI and now we all benefit from seeing the numbers.  I know there are members of the Sr Dev team who fundamentally disagree with me on that last point.

Weapons that have hidden mechanics and status would be complete enigmas without data-miners.

During the Void Key era, no one knew how to get an item unless they went out of game and looked it up.  Even now this is done to find where to get relics.

This information informs how a lot of us fundamentally play the game and for years, we have relied on hard working, out of game information sources to do it.

 

You shouldn't have to rely on a datamine to know how a game works.  Game communities at large accept that reality and develop 3rd party tools that collect or display information that make the game playable.  Simply look at Elite Dangerous for evidence.

 

In the past when DE has posted behind the scene statistics, there have been incidents where the information was wrong.  In other cases, the drop tables themselves were simply incorrect.  It was only after posts of data-miners that these errors were discovered and corrected.  I believe proofreading the drop tables was one of VG's original motivations for extracting them.  The fact Rebecka refers to this site as automated gives me hope that the situation will not recur.  I  don't believe DE will post nearly as much or as detailed, however.

 

DE will always hold something back.  I don't even know if it's deliberate as they have had serious issues with matching goals with actions.  They can't resist giving us the unknown just to see if we do something interesting with it.  The way this game has worked in the past, there always seems to be a need for someone to unpack the magic of the new thing so we don't need to make under-informed decisions about if something is good. I know they think making data driven choices is not fun, but it's more fun the guessing what the Toxocyst does. Riven dispositions are a perfect example.  Why do I need to go to a github repo to know exactly how badly the Euphona riven was nerfed on release? There is also still no UI for the Helminth Cyst, no in-game explanation for what it is, how long it lasts, or how it spreads.  I know the feature is underdeveloped and it was was interesting but why was a Reddit post the only hard information on it for a month?  The way DE plays with the community is part of what makes the game interesting from time to time but data-mining is part of that dynamic.  Without the revelations of healthy (non spoiler, non exploitation) technical information, that interesting thing turns to frustration.  Hype doesn't cause fiscal damage.

 

TL DR

 

I digress, as this post is not actually about the value of unveiling drop tables and mechanics.  It's about addressing why DE would bother with it now.  This thread exists only because the Void Glitch repo is gone.  The exploits perpetrated by others can still occur and he is being legally threatened?  The whole situation is miss-attributed and that must be addressed else were before anyone should see this as entirely good thing, worthy of unconditional praise.  

 

I'd be ecstatic to see this if the information didn't already exist.  

I feel like I can respect DE's right to protect the game while also condemning them regarding how.  The pleas for help make little sense now that the subject matter experts are alienated and have been willing and available for years.  Have I been mistaking insensitivity and carelessness for ineptitude when it was actually crass malice?!

Edited by Sahysa
Text Color
  • Upvote 8

Share this post


Link to post
Share on other sites
8 minutes ago, sinisteran said:

Actually yes. Void is face of data mining and he is technically breaching their copyright. Stopping him would lead to stopping others datamining. Thus reducing future exploits and hacks. Its is not only cheaper but way more efficient. Its a good move actually and they aren't doing anything shady. 

Shady would be just to IP ban him and remove all possible access he has in the game. Not waste time and create this whole debacle. A 17 yr old cant exactly convince their parents to move or get the ISP to change their IP.

Actually DE being so bold is more damaging to them than it is helpful. They could have even thrown in an NDA but they didn't. 

I do not believe that I am infringing on their copyright, but that is what the lawyers are paid to say.

Also, Digital Extremes did IP block me and remove all possible access I have in the game. It isn't like I play Warframe anymore anyway, but you only need the client to datamine. You don't need to be able to log-in.

Yeah, and they cannot force me to sign an NDA. It is my choice to do that. You need to know what you are talking about.

  • Upvote 16

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...