# @EastCoast Didn't Reported On This One, So Here You Go: [ARS TECHNICA] Twitch Source Code, Creator Earnings Exposed in 125GB Leak



## mouacyk

Best title! Anyway, this is likely to cause more streamers to want to cheat, having seen how much money is possible. It could be completely uncorrelated... 
(*The Rise in Isolation Gaming…and Cheating*) 330d66dc-b29c-408c-bc8a-dba30684c9c4.pdf (jdsupra.com)


----------



## UltraMega

Anyone can post news here... Not just eastcoast. 

Of all the news about the twitch hack, what they pay streamers is the least interesting.


----------



## mouacyk

UltraMega said:


> Anyone can post news here... Not just eastcoast.
> 
> Of all the news about the twitch hack, what they pay streamers is the least interesting.


Yeah. It's the last reason for average Joe to subscribe to a $5 cheat to get some pogs to boost his viewership.


----------



## 1devomer

mouacyk said:


> Best title! Anyway, this is likely to cause more streamers to want to cheat, having seen how much money is possible. It could be completely uncorrelated...
> (*The Rise in Isolation Gaming…and Cheating*) 330d66dc-b29c-408c-bc8a-dba30684c9c4.pdf (jdsupra.com)


I do have a Twitch account for testing purposes, but i do not like how the social media platform is build on.
I can say for sure, it doesn't positively push forward, a healthy gaming blooming environment.



UltraMega said:


> Anyone can post news here... Not just eastcoast.
> 
> Of all the news about the twitch hack, what they pay streamers is the least interesting.


Not sure why and how, things failscaled so fast at Twitch.
But i wouldn't believe neither Twitch, neither the hackers.
_So the average Joe would want to change its Twitch password, being sure the latter is not used anywhere else._

I didn't found much of deep analysis, of the code that was there.
Aside the fact, it seems to be coming from a Git repo backup, that the hackers pulled out from a server.
I also found some ex-employee commenting that, there was no personal or sensitive information, still hardcoded into the services.
And i didn't checked myself neither, i couldn't give an opinion about, just giving a glance at it.


----------



## UltraMega

1devomer said:


> I do have a Twitch account for testing purposes, but i do not like how the social media platform is build on.
> I can say for sure, it doesn't positively push forward, a heathy gaming blooming environment.
> 
> 
> 
> Not sure why and how, things failscaled so fast at Twitch.
> But i wouldn't believe neither Twitch, neither the hackers.
> _So the average Joe would want to change its Twitch password, being sure the latter is not used anywhere else._


Why did you quote me? Nothing you said seemed like a response to what I said.


----------



## 1devomer

So, little follow up on this one.

People have started to dig into the different Web services, that composes the Twitch streaming platform.
And begin finding all sort of stuff, from Admin passwords still hardcoded into the services, the Twitch IA training and content selection algorithms, alongside some users/streamers data.

It has also been reported, that the welcoming page background banner of all the games, was replaced with the Bezos pogface picture.
Dunno, but someone is having fun somewhere.

So yeah, i never had anything linked to my twitch account, i reset the password, and will reset again the streaming key.
Still, i would want to remove everything linked to Twitch, for some time, until everything settle down.
Alongside not reusing the old Twitch password anywhere else.

I received the streaming key reset email notification, the 6 October.
So there are good chances, that Twitch was aware of the leak beforehand, but decided to reset things, when the data gone public.
The site could potentially be the victim of any kind of exploit, depending on how fast people can dug into the leaked code.


----------



## speed_demon

Interesting. But there is no way I'm ever downloading a torrent of leaked data - Even if it was sandboxed in a VM and done over VPN.


----------



## 1devomer

speed_demon said:


> Interesting. But there is no way I'm ever downloading a torrent of leaked data - Even if it was sandboxed in a VM and done over VPN.


When you work in the cybersecurity field, there are good practices, developed to deal with potential threats.
So aside you do anything stupid, if you take the right precautions, you will likely not be bothered when researching and analysing the code.
You would be more likely susceptible to be hacked elsewhere, rather than looking at leaked data, since everyone would be impacted, diminishing the effect of the leak itself.

As far as it goes, it is pretty scary and pretty serious for Twitch, i also noticed that it sent a big shock wave to Influencers and Streamers.
Since none of the big Influencers on YouTube, at the moment, are reporting about this pretty big issue.
Which is in line with the industry emergency panic memos, running wild out there, i suppose.
Most Influencers and Streamers are taking the bullet, protecting Twitch, instead of really informing their user base of the potential issue.
Which make me believe, that it is even more serious than what it appears, especially from a legal standpoint.

Companies can't be impacted by the laws, for misleading practices, since everything is locked and hidden behind the company assets privacy.
But when leaks like this come out and expose bad practices, the regulators entities are now entitled to demand explanations.
So i hope Twitch had removed some parts of the code, people are finding out, because it's a big, big liability for Twitch, at the moment.

Users should just be cautious, when interacting with Twitch services, until we really know, the extent of the damages.


----------



## rationality

I have to be neat on the web now, cause I heard from a lot of my friends about security attacks. So many fishing sites are made to steal your data, especially if you are a famous person. I recently came across this article "Trusted Execution Environment" about the environment that can be secured with the help of such companies as trustonic. A very interesting topic that I'm gonna study further.


----------



## 1devomer

rationality said:


> I have to be neat on the web now. So many fishing sites are made to steal your data. Especially if you are a famous person


Possibly true, in a sense that, streamers, influencers complained about the commercial side of the data leak.
Truth is, they are right, you don't want your sponsors, working partners, competitors to know your position and how much you earn.
But aside that, it seems that everything has been toned down, as it never happened, so taking precautions is more than advised.


----------



## BenjaminWayn

there is nothing to be surprised at...


----------

