What drove the point home for me was seeing a Twitter account (it was years ago) that posts short 6 second segments of every new game released on steam.

It was posting almost hourly, and while there was a lot of trash, most of the games were of pretty “standart” smaller indie quallity. It’s ruthless.

And in addition with the GDC talk of someone who made literally millions by making a generator that generates super basic slot machine games on various themes (as in, generate a theme (cars, bird…), download a few pictures, place them on slot machine) and uploads them to Play Store (back then you had a limit on 20 games a day, and they did include some more rules about quality in reaction to this talk), and the game were getting thousands of downloads and when they checked how is their script doing after few months, they had like over a million in revenue IIRC. Sure, it’s about mobile games, but it is hearbreaking when you realize how do the consumers work in reality.

My favorite windows update was when I was at local Microsoft office on some kind of highschool coding competition hosted by Microsoft, and we had to start 10 minutes late because we were watching the meeting room computer force a restart with Windows update a minute after the introduction presentation started.

It isn’t clear what exactly is the event about - is it about teaching newcomers how to get into contributing to the FOSS projects, or about kickstarting your own FOSS projects? The vague info seems to mostly talk about “your project”, so it seems to be the latter?

I’m more interrested in the contributing side of things, but that doesn’t seem to be mentioned in the info. Anyone has more information in this regard? I really like the idea, but if I don’t have my own project in mind and don’t want to start anything and just contribute, would it be for me?

Hearing “not particularly prone to faults” in context of a nuclear powerplant isn’t exactly comforting :D

What are those official channels? Don’t think I’ve ever heard about it, doesn’t it have like absurd rules in regards to how can you get signutares?

Oh no, the technology that is literally just a glorified text prediction that gives you random guesses about what word comes next, based on what was in the text you trained it on, can not scale to have an independent reasoning?

Color me surprised, who would have thought?

I’ve been using https://freetubeapp.io/ client for a few months and am extremely happy with it. It allows me to subscribe to channels without requiring an account, it has a nice UI that doesn’t shove videos I don’t care about in my face, no ads, can download videos, and it’s in general a way better experience. Haven’t used web YT in ages.

We’ve just been told yesterday that to reduce our attack surface, only Edge will be allowed on our workstations. Reasoning is that it’s difficult to make sure everyone is properly updates their browser, and since Edge is handled by windows updates, it’s easier to monitor proper updates.

While I understand that reasoning, the tradeoff between pretty small risk reduction associated with unlikely attack surface from different browsers, and the massive drop in employee satisfaction, is simply not worth it.

With what has happened around the studio, I’d say it’s good that DE2 was canceled. It was to be made by a ruins of a studio that was stolen along with it’s IP from the original developers and artists, who didn’t manage to navigate the landmine of for-profit gamedev industry, and got basically scammed by investors, who robbed them of their IP and studio through various loopholes and bullshit of shares-based companies. (It’s a pretty nuanced story, and I’m not really sure how it ended up, so it’s better to watch the documentary about it if you’re interrested, rather than take my conclusion from it. I also haven’t followed recent developement, so if anyone knows how that turned out, let me know)

It’s quite a sad and infuriating story, especially since ZAUM was IIRC originally a pretty wholesome art collective of punks and anarchists from squats. It must have been devastating to enter the market with such ideals, only to be scammed of your art by the first investor you encounter, who you might’ve even considered a friend.

There’s quite a few ex-Disco Elysium studios popping out. My favorite so far is the Summer Eternal. It feels like they didn’t want to announce it this early, but because two other studios (Longude, and Dark Math Games) got announced few days ago, they did the same.

Summer Eternal feels the most radical out of the three studios, I really like their manifesto and how they are attempting to mix art-collective with market-based development. And they have some amazing writers.

Here are few bits and pieces of the manifesto from their website, I really recommend reading it. Also, the website linked above is just stunning.

…

As creators and game makers, we have too long been led away from the truth, away from the right to define ourselves as artists in service of the definitive art form of the future, one that has made us dream since we were children.

Instead, the disposability culture operating at the ruthless core of this industry wants us to think of ourselves as cogs in the machine: rudimentary craftsmen, disposable career workers, inert producers of made-to-order marketing-driven “content” — empty calories leaving the soul hungry.

The Profiteer knows that by keeping your dignity low, he will keep you crawling on the treadmill of passion until he lays you off for the sake of the red number in his book.

…

Machine-generated works will never satisfy or substitute the human desire for art, as our desire for art is in its core a desire for communication with another, with a talent who speaks to us across worlds and ages to remind us of our all-encompassing human universality. There is no one to connect to in a large language model. The phone line is open but there’s no one on the other side.

I can’t recommend Maldev Academy enough. It has been an amazing resource, to get into malware development. Keep in mind, however, that malware development is pretty difficult topic. You will have to eventually use WinAPI and syscalls, so learning about that even outside of malware development will help you a lot.

For example, try looking into how to execute a shellcode in memory - allocate memory as RWX, copy some data and then execute it. Try executing it in a different process, or in a different thread of another process. That’s the core of malware development you’ll probably eventually have to do anyway. Manually calling syscalls is also a skill that you’ll need, if you want to get into EDR avoidance.

Also, look into IoCs and what kind of different stuff can be used to detect the malware. Syscall hooks, signatures, AMSI, and syslog are all things that are being watched and analyze to detect malware, and knowing what exactly is your program logging and where is one of the most important and difficult skills you can get.

There probably are a lot resources for these two skills, and they are an important foundation for malware developemnt, so I’d suggest researching that. You’ll probably not get much from looking at other malware, because it tends to be really low-level, and obfuscated, exactly to avoid the IoCs I’ve mentioned above. Implementing the malware behavior after that is the easier part.

Another good resource to look into are C2s and communication, for example Mythic C2 has some interresting stuff.

And I really recommend joining the Bloodhound slack. Throughout my cybersecurity carreer as a Red Teamer, the community has helped me a lot and I’ve learned amazing stuff just by lurking.

I’d recommend Half Life: Alyx.

Or, you can probably make an absolute beast of Skyrim through mods.

Random take, am not trying to defend it, just thinking of reasons - maybe he doesn’t want people to fork it and risk that someone would market it better than him, and he would end up only as a footnote in sources list? So he wants to get known as The author, before making it open source?

If anyone visiting this thread has any non-C# but code-bullet like videos, I’m interrested in those too. Never thought about looking for more simillar content, but now that I think about it, I should.

It’s best to have a local copy of package repos with whitelisted libraries, or so I’ve heard. But containers are fine, too. Especially with VSCode .devcointainers, it’s super easy to setup and distribute with the repo, there’s really no reason not to do that.

The biggest issue here that a lot people don’t realize is Bing AI, it’s insanely easy to poison it’s results, since it summarizes search results. It’s only a matter of time before someone convinces it to start using or adding a typosquatted/malicious library to answers to a common programming question, and it will be a fun times ahead.

it’s also important to keep in mind that the cybersecurity field has adbanced tremendously, with cloidfare, EDRs, and in general it is now way harder to do anything anonymously without getting caught, quickly. This also males the field of hacking way more difficult to get in, which combined with reduced attention span of younger generations probably means there’s not that many bored teens willing to put the time in, and as an adult you have way much more to loose, so for hose who had the skills it would be a lot greater risk.

As someone who works in gamedev, I’m sure that some of the people there are passionate about it and it is gutwrenching to see your work fail so hard. I’m sad for every project that launches after years of work and fails to get any attention or sales, and I’m definitely sure there’s someone losing sleep due to that.

I never worked in super-large projects, but I did work for a AAA studio and even there, you got people invested into the project.

From how I’ve seen it, you wouldn’t work in gamedev unless you are passionate about it, because you can get drastically better pay for the same job in other, more business focused, industries. So, if all you cared about is money, you have better options.

How are they controlled? If it’s radio, shouldn’t it be pretty easy to jamm, assuming you have the means to?

If I’m not mistaken the main weakness of FPV drones is that you have to manually control it untill it’s directly at or above the enemy. Which most of other weapons don’t need, and you can fire them from slightly larger distance.

But, since we are talking russia here, it works amazingly well.

On an unrelated note, if any of you haven’t seen FPV drone racing, it’s one one of the most cyberpunk and coolest sports.

I think it’s quite the contrary, and AI will actually increase our job security. Because now, you have a lot of people learning to code using AI, and I’ve heard from my friends who was talking to other CTO’s at a conference that they have even discusses whether it’s even worth it to bother with hiring juniors now, because it turned out that a surprisingly large amount of them are in fact just a front-end for ChatGPT.

Can you eventually get a problem solved by talking to a LLM about it? Sure, but it will take you a lot longer, and you don’t learn much programming skills. It’s basically a lot worse version of copy-pasting code from StackOverflow, because there you can at least be certain that the code you are copying has been reviewed by at least someone, and the explanation isn’t in most cases hallucinated stuff that sounds correct. You also can’t keep asking Stack Overflow to edit your code for your use-case, and have to figure it out yourself.

But I’m really looking forward to major companies trying to replace programmers with AIs. Google implementing LLMs into search results was my favorite recent trainwreck, and reading articles with the CEO squrming that “We actually have to manually filter the results, because solving the LLM models halucinating turned out to be a really difficult issue”. No shit, it’s almost as if you want factually correct and precise outputs from a statistically-biased but still random generator.

Please, I want to se a company fire most of their programmers to replace with AI, and watch them burn. Hopefully, it will happen soon.

I spent three days trying to get a RaycastCommand (Unity’s jobified raycasts) working to get multiple hits per raycast. Should have been easy, according to the docs:

The result for a command at index N in the command buffer will be stored at index N * maxHits in the results buffer.

If maxHits is larger than the actual number of results for the command the result buffer will contain some invalid results which did not hit anything. The first invalid result is identified by the collider being null

maxHits The maximum number of Colliders the ray can hit

Well, no. I was getting super weird results and couldn’t get it to work properly. First thing I checked was if I’m getting two+ hits for any of the raycasts, because you simply can’t trust Unity. And I was getting multi hits, but seemingly at random.

The error? I was sorting the hits by distance using bubblesort, and made a simple error with index in it. Which resulted in me seemingly getting two hits per ray sometimes, but it was just a result for another ray moved there by faulty bubblesort. Because unity actually doesn’t support multiple hits per ray.

I couldn’t find the original thread about the issue (which was two years old by the time I was dealing with it), which had an amazing reply from Unity:

I have discussed it with an engineering team, and RaycastCommands don’t support multiple hits because it was difficult to implement. The documentation just doesn’t explains it really well

The fuck doesn’t explain it very well??? It literally describes a parameter that sets max hits per ray and tells you how to get the multi hits from results…

Fuck unity :D