The Insomniac Hack Reveals The Ugly Truth Of Video Game Hype - Aftermath
(aftermath.site)
from stopthatgirl7@kbin.social to games@lemmy.world on 20 Dec 2023 03:22
https://kbin.social/m/games@lemmy.world/t/714263
from stopthatgirl7@kbin.social to games@lemmy.world on 20 Dec 2023 03:22
https://kbin.social/m/games@lemmy.world/t/714263
The games journalist debate over covering the hack is a look in the mirror
threaded - newest
To me the real story here is that the field of cybersecurity, and actually proprietary software in general is a giant fucking scam: we see hacks happening constantly to huge companies and government agencies that either advertise their products/services or market/promote themselves as very secure.
The only actual known and effective way to combat this in almost every scenario you have ever heard of is to use open source software that can be reviewed by anyone, and when a flaw is found, an alert can go out and then it gets fixed, and you can actually verify that it has been fixed; that combined with actually having employees follow basic cybersec guidelines.
Time and time again individuals and large organizations pay for proprietary software that claims it is secure, and often either have cybersecurity ‘experts’ on staff, or consult with a cybersec firm.
Time and time again people and organizations pay for software that is sold to them as providing security, and when it doesnt, the sellers of said software are never actually liable.
Why would anyone trust any kind of such software at all? Much less pat for it?
And the hacks just keep happening.
Accountability for this is no where. Not in any real, effective sense.
I’m too lazy to look into this specific one, but basically all “hacks” these days start with social engineering
Yes, which can be avoided with the basic cybersecurity standard of teaching your employees how to not fall for that.
Literally not much more complicated than ‘dont give anyone your work login and password, If you think something is suspicious, report it to security and never, ever, EVER connect any of your work hardware or accounts to your personal hardware or accounts’.
But to your main point yes, its a million times easier to hack a human brain than a computer, and no one seems to get this.
Am I the only person that has read or even heard of Kevin Mitnick?
Heh. It's a LOT more complicated than that. Especially post-covid, with everybody ready to support working from home.
Hey, good luck getting hundreds to thousands of people, ranging from engineers to a bunch of kids doing QA to technically illiterate administrative positions and office workers to keep rigid, government-level security standards when each and every one of them has some degree of remote access and mostly are just... you know, going about their lives and going to work every day. You sound like you'd love doing IT for a game studio.
And hey, guess what, all of their work hardware and accounts are probably connected to their personal hardware and accounts. Or are, in fact, the same hardware and accounts. Nobody has time or money to equip every single employee with a second phone and laptop overnight and all of them had to work remotely during the pandemic, just as much as everybody else. It's kind of chilling to know that the games industry is under this level of harassment and these leaks keep happening, because I guarantee any other non-tech industry that has shifted to remote work the past few years is doing much worse at this. Gaming was already weirdly secretive, even when compared to movies and TV or other similar cultural industries.
For the record, games are full of open source software (and closed source as well). Go check out the list of OSS on any game's credits. They still have to comply by disclosures required by most licenses, so it'll be in there somewhere.
Uh… I have managed and maintained cybersecurity policies for a non profit albeit not as head of IT but working in close cooperation with him as the team i was on was in charge of a huge system that nearly all employees and definitely all our clients used.
We successfully managed to not have any cybersecurity incidents while I was working there.
We gave everyone work phones and work laptops because that is how you do cybersecurity right.
And uh, no, if youre going by companies specifically being targeted and compromised by hackers, as opposed to hackers going for anything connected to a widely used software service, uh, gaming companies are actually doing far worse than other industries, likely due in large part to incompetent management.
Sure, yep, its chilling that employees at video game companies are at risk because their management is incompetent.
No clue what you mean by ‘gaming was always weirdly secretive when compared to movies and music.’ Music and movies are even easier to pirate than video games which have to be cracked… Not sure what youre talking about here.
And oh dear god here at the end youre going to ‘for the record’ inform me, a person who has written code for game mods for 20 years and professionally for various roles in the tech industry for a decade that games have open source and closed source code in them.
Thats not even relevant to how a whole company’s network gets breached and its employees get basically doxxed.
The… the video game company’s internal software for managing employee records, clock ins, clock outs, wage payment, emails, etc, is different from the software it uses in its product, the game.
It doesnt matter if a game has OpenGL and a bit of a liscensed proprietary physics engine.
Thats not connected to the company email server.
Why do you have such an arrogant attitude when you have no idea what you are talking about?
Honestly, my response to everything you said is on my first post. Including the "you'd love doing IT for a game studio" part.
You are an imbecile. Have fun I guess living in your Anime Tumblr dream world.
Partially. Too much of the software and defenses require the user to act in a specific way to complete the defenses. And humans are not rational beings. This gives attackers ways to circumvent the security measures. This in addition to cybersecurity too often being an afterthought.
Yes, which is why I said ‘and also get employees to follow basic cybersecurity practices.’
If the problem is either company culture or human nature is in the way of implementing cybersecurity properly, and I can assure you that this is true, having managed cybersecurity policies at a large non profit for over a year…
…then the field of cybersecurity should actually be figuring out how to successfully mitigate or solve this issue, they should be focusing on far more than just esoteric techno buzzwords in their marketing, and you know, actually be capable of delivering ‘security’, the thing they claim to sell.
If that means pivoting to things like the imoportance of training employees, developing a security conscious company culture, holding seminars to convince execs and middle management to not have cybersecurity as an afterthought as well as what it actually takes to actually be secure… then the field of cybersecurity should do that.
Ab-so-lutely! I was n’t aware I challenged your notion. I thought I was merely expanding on it. But we agree.
Sorry if i came off as too hostile, a bit off the anger may have carried over from explaining to graphics card marketing buzzword enthusiast ninjan, as politely as i could, that he has no idea what its actually like to work for a world class tech firm as a software engineer, over in another thread.
<img alt="" src="https://lemmy.world/pictrs/image/67efd60f-cb5f-4911-9684-0abc8a6f9ab9.webm">
I try to avoid reviews for games that haven’t been released or aren’t in an open beta. I am especially suspicious in regards to embargoes that lift less than 24 hours before the game goes on sale.
Publishing peoples’ private info is bad and nobody should be encouraging others to find that info.
On the other hand, info about the games should be published. If a games journalist is willing to tow to company PR lines and withhold valuable info (to players) about games, then they should be willing to cover this. If they aren’t, then they’re just a fan with special access.
I mean, with extremely rare exceptions, basically the entire field of ‘games journalism’ is just doing advertisement for the industry they are supposed to be critical of, even the opinions and culture commentary just serve to drive what is functionally a gossip generator that makes either hype or hate for whatever particular thing is worth talking about right now, and then its forgotten entirely within 72 hours. Net effect though, is more awareness thus more game purchases.
Fucking coffeezilla played a pivotal role in convicting SBF.
When has any games journalism outlet ever done a 60 minutes style actual investigative journalism about the industry? And actually exposed an issue the public was generally not aware of? When have they done anything like that instead of just reacting to someone already doing that for them on some social media site or youtube and then they just summarize it?
Fuck, I am probably being a bit hyperbolic but Christ it feels like almost all gaming journalism is basically classified ads and opinion pieces.
People Make Games has IMO been pretty good at this, but that’s a small independent team, not an outlet.
Dang, I appreciate a diamond in the rough, I’ll check them out, thank you!
Yep. When the industry can cut off the only way for games journalists to reliably make money (pre-release review copies) then they are totally controlled by the industry. A real journalism industry would see one company not given a copy or blacklisted and the refuse to cover their release entirely in solidarity. Otherwise none of them can be trusted.
Instead we get an article here, pontificating on the concept of whether or not its good to report on something that could harm people if its reported on.
It manages to do all the words and stuff to let you know that basically, they can see arguments both ways, but uh in the end its published so kinda just obviously went one way on all that.
The function is, I guess, just to indicate that the writer is conflicted and well informed? But its so obvious theyre just writing a bunch of words to hit a word count because uh its published anyway so the author obviously donesnt care that much for half of what they said.
Then it just ends with like a magical fantasy useless ‘I believe things will get better and we can all be better people’ ending with absolutely no set up or explanation why this might be likely.
Its honestly a baffling piece of writing.
All I can actually take away from it is a hack happened, hacking is bad, the author needed to hit a word count, and I probably should have just read the headline.
I mean here I am commenting on it so thats something, it worked! It got a click rofl!
And with that I need a cigarette.
There is no obligation for publishers to send early copies, although when you don't do it selectively you're sending a bad message that you have something to hide or an axe to grind, so it's pretty bad PR to handle things that way.
Plus nothing stops an outlet from still getting a copy and reviewing the game day one. With so much of today's content being live video the kind of thing you're describing is... pretty inefectual? I get that it's the stuff people remember from the old days when there were more gatekeepers and print media could be reliably delayed by months by doing that, but... yeah, that's pretty anecdotal these days. It's mostly messing with critics' free time, which isn't the best way to get them to be nice to your game, if that's what you're trying to do.
You risk losing the audience when the other outlets’ reviews are up days before the game release while yours will be published a week after the game release unless really cutting corners or reviewing a short game.
See, I hear this a lot, and it's a bit disappointing. Because hell yeah, there is great journalism being done. If you want "investigative journalism"... I mean, why? It's videogames, not politics, but yeah, there are people out there doing that stuff (Jason Schreier comes to mind, even if I don't particularly like the guy, but he's not alone). If you want genuine, in-depth documentaries and explorations of the process of game development then I like you more. Noclip and People Make Games come to mind, in terms of sheer production value and coming from the journalism side, but Youtube is full of in-depth looks at games from that perspective based more on documentation and less on talking to the actual devs.
So maybe the question I have is why aren't those better known? Why is the hype machine still what the audience cares about? Because all of those are publicly available, and some even very popular. Why isn't it the default and why do people not actually engage with it even when they claim they do want to engage with it? Particularly when Noclip started doing what they do, it was such a common trope to say that people wanted that exact thing and nobody was doing it, and then the very, very good 2Player Productions documentary on Double Fine's Broken Age happened and it seemed like it was possible to do, so Noclip started doing it... and they're fine, they're good, they're still going, but they certainly haven't exploded in popularity or anything.
Whatever, this is an old argument. At this point most gaming coverage is let's play videos and Twitch streamers. And you know what? That's fine. that's still better than the relentless hype machine. I just hope the good ones doing good work get to keep doing it as well.
So you say theres great investigative journalism being done and mention Jason Schrier. Agreed, he is the only person that I as well can even think of as an actual journalist in this field, hell, also James/Stephanie Sterling.
But you are… disappointed that I wish there was real journalism around gaming and the gaming industry?
You also say ‘Why would you even want investigative journalism relating to gaming?’
Well uh because to me that is real journalism, and real journalism is historically hugely important to keeping society balanced in a democracy. It acts as a counter to corporate and government propoganda, lies and malfeasance.
Then you ramble about basically how you can find some actual deep dives about how games were made on youtube, (noting that such content is not super popular) and gamers streaming themselves gaming on twitch, and conclude that ‘this is an old argument’ and basically ‘i can watch gaming content somewhere so its fine I guess’.
MudMan.
You are arguing with yourself, in your own comment.
The topic is journalism. We were talking about investigative journalism in this subthread. Journalism as it pertains to the field or industry of video games, how a lot of it is just garbage.
And you spent the vast majority of your reply here /not talking about investigative journalism, not talking about how gaming journalism is largely just advertisements for game companies/.
‘Content’ relating to video games is not the same thing as Journalism.
You opened with being disappointed that I would wish there was real investigative journalism about video gaming, which is a stance you never explained or justified with anything other than ‘other content about games exists.’
Is your stance that its fine actually that there barely is any actual real gaming journalism… because other content about games exists?
Am I misunderstanding you?
Huh. Normally, you'd think when somebody takes longer to rephrase a post than it'd take to read the original they're trying to straw man the hell out of it...
...but no, you mostly got it.
Define "investigative journalism" when it comes to television. Radio? Maybe movies.
At best it's generalist journalism looking into a major issue, like the Ronan Farrow work that resulted in the whole MeToo movement. Other times it's straight-up business journalism, like the mainstream coverage of mergers or tech regulations. There is no reason why gaming can't be treated the same way, and in fact it is, as we saw through the whole Activision/Microsoft merger.
The idea that gaming needs a specific brand of "investigative journalism" as a matter for the daily gaming trades, such as they are, is based on this weird, antagonistic perspective that gaming fandom has about game development and it is, very much, part of the same problem as the hype cycle.
Sometimes, "investigative" journalism comes down to gossip, too, which is less relevant and I do not love. Schreier's brand of "I have insider buddies and they tell me this stuff" coverage can stray into that. He walks the line, for sure. Some of it is genuinely interesting intrahistory, some of it doesn't clear that bar for me.
What I do care about, though, is good journalism, and there are definitely people doing that, including those in-depth, after-the-fact analysis and historical documentaries. If those don't qualify for what you want to see in games journalism, then we just disagree about what is needed.
This is how the sausage is made, unfortunately. Schreier has to work with the same kind of currency any investigative journalist does, and sometimes that means publishing a piece as part of an agreement. I’ve seen this happen for decades in sports journalism, and in turn, that facilitates a lot of what labor has needed to survive in that industry. Considering professional sports is one of the very last bastions of collective bargaining in my country, I find it easy to overlook there.
Schreier’s work has similarly been important for labor in making games, so yeah, while there’s garbage sometimes, I have zero problem with it.
Schreier has not published any of his gossipy pieces because he had a deal with anyone, at least that I know of. If what you mean is that he publishes the gossip because that's the red meat what keeps him employed at Bloomberg so he can write more thorough coverage of the really interesting stuff.... well, you have a worse opinion of Schreier than I do.
Honestly, you guys are doing little to get me on board with that sort of thing. From the way you talk about it I'm getting the distinct impression that this sort of "investigative journalism", which often boils down to "game development went poorly for reasons", is only feeding into the antagonistic relationship and not, as I'd hoped, creating more awareness of how the process goes so people can have more informed opinions.
.
.
It's either journalism, in which you talk about news that comes up. Or it's being a freelance PR for publishers saying what they want, when they want in order to keep in the embargo ecosystem.
But that choices has been decided long ago by the major """news""" sites like IGN aren't, never have and never will be actual journalistisc outlets, they are a sock puppet hype machine for publishers to make ads and generate meaningless 9.5/10 reviews.
The actual article here gets to a great, very accurate conclusion: that information about unfinished, upcoming games is really not that valuable for users and an entirely artificial hype machine that insists on only paying attention to games before they exist. This is true.
There is very little genuine value in exploring a game in development, that is mostly a commercial concern. Which is fine, this is an entertainment industry. All parties here (publishers, journalists and audiences) are willingly engaging in a bit of a commercial transaction.
But journalistically and in terms of art criticism, the moment that coverage matters is after a game exists, not before. Really, leaking publishing plans or greenlit projects shouldn't be a big deal because publishing plans and business deals should be insider stuff that end users don't give a crap about. The relevant Insomniac game now is at most Spider-Man 2, not Wolverine or any later games they may or may not have deals to make. Mostly because there's no guarantee those games will ever exist or in what form.
But also, screw leaking personal info of game developers.
Looking at an unfinished game is the equivalent of looking at an unfinished painting, your seeing the first brush strokes maybe some sketches but you have no realistic idea what the end result will be like.
Looking at leaks is a pontless waste of time, the fact they included personal information just makes the “hackers” scummy
Unfortunately it’s probably a strategy so the next company they steal from knows the consequences if they don’t pay up.
More than likely. Still blame lies with the company for having personal information so readily available
Don’t get me wrong, you’re right that this is bad but I’d think the blackmailing alone would make them scummy.
Blackmail I a company is one thing. Targetting the personal lives of employees is another level entirely.
I like his brand of naiveté.