More

arzel · on Jan 12, 2023

Only paid out a $500 bounty..? Wow.

TheChaplain · on Jan 12, 2023

Well it's Gumroad, not Oracle or Google.

jackosdev · on Jan 12, 2023

Still, how much they pay their developers a year? Would be over $150k I imagine, drop him $10k which he deserves and a sincere apology and we never would have seen this article, this would definitely cause a larger loss for them.

smallnix · on Jan 12, 2023

Isn't gumroad still a one man show? They publish their business numbers on Twitter afaik

mittermayr · on Jan 12, 2023

Yes, here they are: https://twitter.com/shl/status/1481349152621559811?lang=en

In 2021, @Gumroad achieved: • $185.5m in creator earnings, up 30% • $10.9m in revenue, up 18%

Surely, with $10.9m revenue, a little more than $500 would've been okay to hand out for this.

aliqot · on Jan 12, 2023

10k and a hoodie or something would suffice

Emanation · on Jan 12, 2023

Is it? They have a developer who streams constantly on twitch. Seems like they have multiple people working there.

garbagetime · on Jan 12, 2023

Here's an article by Gumroad's founder that covers how many employees Gumroad has: https://sahillavingia.com/work

25 people work at Gumroad, but none full time.

azeirah · on Jan 12, 2023

Regular engineers are paid 100k, senior engineer 150k

It's on their site

jobs_throwaway · on Jan 12, 2023

bruh...

arzel · on Dec 12, 2022

highly recommend new readers check out ‘The Beginning After The End’ or ‘Solo Leveling’

arzel · on May 27, 2022

What were* the passwords hashed with?

yardstick · on May 27, 2022

From https://github.blog/2022-05-26-npm-security-update-oauth-tok...

“The password hashes in this archived data were generated using PBKDF2 or salted SHA1 algorithms previously used by the npm registry. These weak hashing algorithms have not been used to store npm user passwords since the npm registry began using bcrypt in 2017. ”

arzel · on Jan 12, 2022

What are your contact details? We are hiring.

arzel · on April 17, 2021

Extremely smooth on Mac M1. Very cool.

arzel · on Jan 5, 2021

Deserves to be on the front page. This is crazy fire.

arzel · on Oct 16, 2020

They moved it to the console under a gear icon.

ffpip · on Oct 17, 2020

Thanks. It's under dev tools > console > the phone logo > responsive

arzel · on Aug 29, 2020

agreed on 5 figures. evidence? there’s even clearnet websites where you can buy vulns. most known would be: https://0day.today

viraptor · on Aug 29, 2020

What you see on that website is the cost, not the earnings though. If a private exploit costs $1.2k, you can get 5 digits by selling it 9 times. That isn't a huge number of sales, but I don't know if this exploit would sell that many times. Anyway, by disclosing on H1 you're "selling" at most once.

arzel · on July 26, 2020

Check out Procyon's[1] java decompiler. Another great tool would be CFR[2]. Never know when these might come in handy.

edit* mind if i ask what game it is? :)

[1] https://bitbucket.org/mstrobel/procyon/wiki/Java%20Decompile...

[2] http://www.benf.org/other/cfr/

arzel · on July 24, 2020

I was making something similar today to integrate into a dashboard, looks like I don’t need to anymore. This is very nice and well executed, thanks a million.