Haha, glad you enjoyed it. My top-level comment is… not doing well.
kibiz0r
joined 1 year ago
There is a digital console for sale, but I have no idea how that would work if you can't make a PSN account. I imagine officially they don't sell digital.
That makes sense. Users are probably signing up and accepting T&C’s for other regions. Thanks for investigating!
But even if we assume they shouldn't sell digital it doesn't explain not changing the listing for all games. The supposed "oh shit" moment was week / two weeks ago. Business critical issues get fixed immediately which means all games should've changed by now.
Yeah, I’ve got no benefit-of-the-doubt explanation for why it’s so piecemeal and staggered. It definitely reeks of some bigwig throwing down a technical mandate and letting everyone else deal with the consequences.
I wanna be clear, that I’m not saying Sony is on the right track here. Staying region-locked is not a good strategy long-term, for them or their player base — even if they set aside the PSN mandate permanently.
I’m just saying there are some perfectly legitimate organizational reasons why they might need to region-lock in the short term, because I’ve seen those reasons in my own experience.
FWIW, nobody involved in that decision particularly liked it either, but it was either region-lock or drastically change the international structure of the org over the course of a couple months, all just to potentially please a handful of consumers who might ultimately disproportionately experience bugs, adding to support costs, dev burden, and negative ratings.
Btw, thanks for the good conversation! It’s so rare to have a pleasant interaction on the socials, especially when it starts out as diametrically-opposed positions.
You can’t just hire one person to manage that many countries. Even if they spoke all of the languages, and the incoming customer support workload was low enough, they would still be operating in countries with different laws and probably requiring their own corporate entities with their own accounting and legal experts, and any third-party software that you use to do all of this also has to be licensed for that country.
Big companies are just a mess, and they’re not gonna spend the time, money, and risk building out a thing in a new region for probably a few hundred K per year.
Sorry, I meant digitally.
I realize the personal experience I shared was a mismatch between the physical and digital depts, but that was just to explain that these mistakes can go on for a long time before they get fixed.
The mismatch I could see happening at Sony would be that their PC dept was listing titles in regions that their Playstation digital dept doesn’t.
I would not be surprised to hear that this was a disconnect inside the org.
One place I worked had both physical and digital products. We initially listed the digital stuff anywhere and everywhere. It stayed that way for years and years. It was only because of an incidental meeting about localization that folks from legal and customer support went “Wait, you what? You can’t do that. Can we stop that, like today?”
They assumed we were just gonna do the same markets that the physical products do. We assumed there was no reason to limit it.
I guess a good question is: Does Sony sell Horizon for PS5 in any of the countries they don’t sell it for PC?
lmao, you asked.
I'm not a security expert, but my tech career has involved a lot of automated testing in weird scenarios, including iframe-based Facebook games and browser-based mobile apps. Automated tests face a lot of the same challenges that a malicious third-party would, so I know a little bit about how to get past them -- or rather, how to deliberately create vulnerabilities (in the dev build of your system) so that your tests can get past them.
Edit: I am curious why someone downvoted me on that one though. I can understand how my comment about the ban being dumb but TikTok also shipping a keylogger could anger people on one side or the other. But just explaining how in-app browsers revive a security problem that's been long-solved in standalone browsers?
Absolutely. But the penalty does modify the cost-benefit analysis. If a hacker demands $5m or else they will release stolen data, you might be more inclined to YOLO the 5 mil on the 1% chance they're an honest hacker if the penalty for the breach is $50bn.
No. This is analogous to cross-frame scripting.
So imagine you go to tiktok.com and you click on a link to bestbuy.com/cool-product-i-want-to-buy. But instead of taking you directly to bestbuy.com/cool-product-i-want-to-buy, it keeps you on tiktok.com and just opens an iframe with a keylogger injected into it.
So then when you enter credit card info into the bestbuy.com UI, the tiktok.com JS can see what you typed.
(This scenario is largely impossible these days, due to modern browser security.)
The difference is that if you witnessed this kind of XFS in your desktop browser, you might notice it because the location bar still says tiktok.com, because you never actually left the site. But in a mobile in-app browser, you don't need an iframe. You can inject JS directly into the browser itself, making it invisible to the user. As far as you can tell, you're on regular ol' bestbuy.com, not a modified version of it.
The ban is a dumb policy, but you’re daft if you think the security implications are at all similar.
TikTok was caught injecting a keylogger into their in-app browser and their response was “Well yeah, but we promise we’re not using it.”
Instantly makes ~~ransomware~~ [edit 2: my brain was being dumb, I didn't mean literally ransomware, I meant hackers blackmailing companies with the threat of releasing/selling stolen data] far more profitable.
Edit: And heavily discourages self-reporting. There’s a Schneier quote I like: “You can't defend. You can't prevent. The only thing you can do is detect and respond.”
I like the concept of an RTS.
Deciding how to invest my resources, where to expand, when to attack, defend, or retreat, scouting and countering my opponent’s plans…
…but when it comes to the physical act of doing this stuff, it feels so horribly awkward that it’s like I’m fighting the UI more than my opponent.
Clicking and dragging selection boxes as if my troops are always in a rectangle formation? Right-clicking to attack but accidentally moving instead… And ugh, the endless series of tedious build queues.
The actual mechanics feel more like data entry — the kind with real bad RSI — than military leadership.