Jason Thor Hall / PirateSoftware / Maldavius Figtree / DarkSphere Creations / Maldavius / Thorwich / Witness X / @PotatoSec - Incompetent Furry Programmer, Blizzard Nepo Baby, Lies about almost every thing in his life, Industry Shill, Carried by his father, Hate boner against Ross Scott of Accursed Farms, False Flagger

  • 🐕 I am attempting to get the site runnning as fast as possible. If you are experiencing slow page load times, please report it.

Which will happen first?

  • Jason Hall finishes developing his game

    Votes: 33 0.8%
  • YandereDev finishes developing his game

    Votes: 415 9.7%
  • Grummz finishes developing his game

    Votes: 117 2.7%
  • Chris Roberts finishes developing his game

    Votes: 144 3.4%
  • Cold fusion

    Votes: 1,641 38.3%
  • The inevitable heat death of the universe

    Votes: 1,936 45.2%

  • Total voters
    4,286
I’m a retard so maybe this question is retarded but: is it possible he has like some kind of automated script to make YouTube reports? Paired up with some kind of Google alert that tells him when a new video about him has been uploaded?
Is it possible, technically yes, he would just need an automated system running on stanby 24/7 to execute a batch file to execute all the commands; I.E. even if he gets a Google alert, he'll need something that is always on to identify the alert, parse it, and initiate the process. Making a batch file isn't hard, if you know what you're doing and every step of the process that you want; the only problem is since no one here seems to be impressed with his videogame coding, I don't think he has the chops to handle automating everything. I also wouldn't be surprised if he's just using his light sleep mutant power and free time to do it himself; I'm also betting 100% that he has Google Alerts setup for himself and whatever handles he's used in the past.
 
Post of video responses that don't agree with Maldavius' take on Stop Killing games:
  1. "I Disagree with PirateSoftware (Stop Killing Games)" by shinyokaii
    Ghost Archive, Preservetube, local:
  2. "PirateSoftware's Strange Take on "Stop Killing Games"" by Fantasmous:
    Ghost Archive, Preservetube, local:
    download-mm.png

    download-mm-settings.png
    download-mm-close.png
  3. "Stop Killing Consumers" by Florielle Gaming:
    Ghost Archive, Preservetube, local:
 
One weird discrepancy in this clip is that he says he got the job offer by the government after he won his 3 DEF CON black badges which contradicts with the timelines he posted on his own LinkedIn:

View attachment 6370133
View attachment 6370136(L)
View attachment 6370148
According to the screenshot of Jason's LinkedIn provided by @Joe Headroom he started working at Eagle Research Group in Sep 2016. Jason also said in his Linkedin that he won his 3rd black badge in Jul 2017 while he was still working at Eagle Research Group. So this claim that the government gave him a job offer after he won his 3 black badges seems very exaggerated / embellished.
Archiving ignored. Local clip posted for further clarification in @Musashi's Son post.
VTubers reacting to Maldavius
Ghost Archive PreserveTube
Ghost Archive PreserveTube
Maldavius collaborating with VTubers.

Ghost Archive PreserveTube

The world is a circle.
All already have archive links except for the last clip. Adding local copies for completeness except for last livestream.

The perfect stream. You don't have to listen to Jason, with the added benefit of seeing a business of ferrets shit up his house.
Just a 24/7 livestream of his ferrets. No archival needed unless in the future some delicious clips come out of it.
 
The fact that Mald decided to boulder the videos mentioning his True Name is very weird indeed, considering "he talked about this on stream a bunch of times" (according to him):
View attachment 6389257
Aug 17 @ 7:44:01

What's interesting though, is that there are only 2 more mentions of "Maldavius Figtree" across the 207 streams he has on JewTube. Granted, this was found by grep'ing the auto-generated subtitles, and most (?) of the streams are cut off at 12 hours, but I don't think anyone's insane enough to find shit in there "by hand".

View attachment 6389259
Aug 28 @ 7:58:12

View attachment 6389266
Aug 30 @ 3:54:33

Nothing really interesting here, but Mald seething about "being an adult" and "touching grass" while playing his father's game for 12+ hours a day is pretty funny.
Whenever he talks about a topic that clearly bothers him, he'll often speak like he's reading from a script that he rehearsed. He might change the order of some lines around but its very blatant when he uses the same exact wording, showing that he's not speaking off the cuff and has actually prepared himself to respond automatically in a specific way. This really goes back to his social engineering days because he's probably use to gaslighting people into trusting him by just speaking confidently.
My pet theory is that he constantly brings up the IM A HACKER and I HACKED POWER PLANTS bullshit to scare people away from trying to mess with him because of the implication that he'll hack you or something.
He tried this a while back. Basically pulled the "I caught someone in chat trying to give me malware, I reported them to my super hacker friends! That's what people get for trying to mess with a SUPER HACKER"
Your browser is not able to display this video.
Preserve Tube | Ghost Archive
 
Last edited:
In his video where he explained his backstory as a meth addict. At 30 seconds he says he saw porn for the first time (at 4 years old!), and everyday until the present he has thought about porn.


I swear, the coomer phenotype is strong af with the computer/software engineers.
Preserve Tube | Ghost Archive
Speaking of Prime, it looks like he and Thor are going to be starting a podcast together with a start date around next week.
https://www.youtube.com/@hackandstache (A / A)

No clip and he privates vods for member access only, but here is a screengrab of YT chat at the end of today's livestream where Prime spammed the link.
https://www.youtube.com/watch?v=kVZjkZoFvs4
View attachment 6373674
The only reason he even brought this up was because he wasn't sure who to raid and someone suggested Thor.
>inb4 chromium
Archive ignored. The members-only video comment, along with the relevant YouTube channel, has already been archived as well.
So if you are interested here is the link to his channel. A much better resource than Mald ever could be.
https://www.youtube.com/@sora_sakurai_en/videos
Archive ignored. Masahiro Sakurai's YouTube channel, run by an actual game developer—not a fraud like Jason.
Ghost archive borked again on my end. Back in an hour or two
 
I have tried digging into Jason Hall's "cybersecurity" / "security research" past and I have been unable to find information that substantiates his skills as a security researcher. The only thing he appears to ever discuss is social engineering, which is hardly technical, or particularly difficult. He even himself describes it as the easiest form of hacking.

His primary credential to his 1337 hacking skills are his DEF CON badges, but if you review the writeup(s), they, again, appear to contain little-to-no technical information. Furthermore, it is apparent that for all these wins, it is not Jason Hall winning, but it is a team of 10-13 people. I doubt he even has a single badge in his possession.

Also his love for stenography is reminiscent of a retard who grew up watching a few too many Cicada 3301 documentaries.

A problem of course is that half of the URLs where the courses were hosted are now offline, For example, co9[.]io, the group he got most badges with, is offline, and their last tweet was 2022:
1725701145433.png


For his "third" badge in DEFCON 24, there were 13 team members:
1725701458399.png


The description on his (teams) website is "vulnerability disclosures and rambles on application security" yet nothing of the sort can be found on the page. Archive

Quick overview for those who want to read themselves:
DEFCON24 (2016, 13 members): Archive
DEFCON23 (2015, 12 members): Archive
DEFCON22 (2014, 2? members): Archive

Word on the street is that he has three black badges, but I can only find evidence that he *won* (was present for the winning of) two. If you review the listing of Black Badge winners, he only appears twice: https://github.com/DefconParrot/Black-Badge-Winners

It would seem that he only won 24 and 23, not the 22 badge, or any other badges.

He also has a completely dead GitHub account with the same profile picture as his PotatoSec Twitter Account (notice the lack of contributions even to private repositories):
https://github.com/Thorwich (Archive)

I've been able to find a post on the hashcat forums from a user named Thorwich back in 2015, which struggled to get the tool running on his bespoke GeForce GTX 980M.
Link: https://hashcat.net/forum/thread-4345-post-24776.html (Archive)

1725704320496.png


Hashcat is a tool for performing hash cracking // "password recovery". This does imply some sort of security research being attempted, but also hints that it may have been unsuccessful.

His domain where he used to store his ""crypto"" challenges, potatopla[.]net, is currently up for sale for around 500 $. If anyone has discovered any technical reporting from Mr. Software, please let me know, because I'd love to read it.

If you look at the source code to their website (gopiratesoftware[.]com, IP 45.79.71[.]37) you'll find this bitcoin wallet:
34zDcJftTVo2XFs6y1HwrhpLFDNncqukTa

Which according to Blockchain Explorer has 1.28396737 BTC, which is worth around $69,760.32.

Check this out this Transaction ID, where he received 47k$ in BTC from 31 different wallets: 2a74119c0e3741e97b50a43f9627ae7b2fbe86ef901c023e287c27496dbe0518

1725706057123.png
 
I'm completely lost as to how an "encryption algorithm" vulnerability could lead to breaking 2-factor (in a most likely type situation). Presumably at the time this 2-factor would have been their physical authenticator keychain or SMS-based, as far as I know. In this case the only encryption would be on the phone network, which you're certainly not touching, or on the HTTPS request to the website, which does not contain the 2-factor codes anyway initially.

How do you know this is the "most likely" exploit? It isn't even clear which exact exploit or time frame this would've been.

HOTP is based on shared secret+ step counter known to both server and generator be it dongle or something. TOTP is same thing on phones, but step counter is replaced by time(unix timestamp divided by 30 usually). So poor generation of the secret and then leaking of the code to attacker could allow them to capture possibly guess the next code. Encryption algorithm there is HMAC so SHA which is not broken...
 
PreserveTube | Ghost Archive
View attachment 6372766
He couldn't be more of a corposhill if he tried, lol. He is a true Blizzard Dev™.
Original link, local copy and archive links avaliable. No action needed.
Love his channel. Jason could certainly do with his advice about professionalism, especially since he's already taken people's money for his game :biggrin:
Included to show how a real game developer behaves compared to Jason.
Preserve Tube | Ghost Archive
Mald made a new video about EVE online where him and his furry cabal are BOOLIED relentlessly by the devs of the game.
Guys they're definitely victims. Definitely not trying to exploit game mechanics in an used part of the universe or anything.



Would love for some EVE autist to grace this thread and tell us why and how this is crazy wrong.
Preserve Tube
View attachment 6377953
Local Copy
You press insert Media instead of posting the url
Made a better copy along with adding Ghost archive link.
Preserve Tube | Ghost Archive

View attachment 6382768
Preserve Tube

Do not use placeholders because QA will report them as bugs even if you're early on in development. If you then say "we're using placeholders early on, please don't report that as a bug", QA will do a heckin' r/maliciouscompliance and not report the placeholders even when getting closer to release.

This video seems particularly catty behavior and off-smelling advice, even to the average viewer. Surely this one specific scenario with loading screens doesn't mean all placeholder assets are a bad idea.

It seems we also have some comments with similar thoughts:


If zaferoph here is correct and there's context immediately after which says "use a simple placeholder which can't be mistaken for production", it's be nice to include it in the actual short. It's only 47 seconds long, you've got some time to work with.
Original source + local copy + Preserve tube link avaliable. Ghost Archive link added for completeness
Pink checkerboard texture appears more on things that were scrapped, developer textures are used instead for prototyping:
Preserve Tube | Ghost Archive
Noticed that Mald in typical Mald fashion, HAD to reply

View attachment 6384602
Direct link to the comment: https://www.youtube.com/watch?v=hkWxTtH6SHg&lc=UgzpTvCFyqsgL9W9_0R4AaABAg

Tried to look for any negative comments but couldn't find them. Mald and his janny army are probably reading this right now.
Already archived video previously. Ignored.
Found a response video to Jason's shitty takes on SKG which hasn't been posted here before:
Ghost Archive, Preservetube, local:
View attachment 6384687
download-mm-close.png
Original link along with local source + archive links provided by @itogi. Ignored.
I'd be surprised if 99% of his delusional YT short fans fact-check his lies at all. The sad thing is that they all treat him like he's a veteran indie dev when he's barely even scratched the surface.

This came up in my suggestions earlier and it's truly horrific that people are treating him like a highly successful game developer who's opinion means everything.

Preserve Tube | Ghost Archive
 
  • Semper Fidelis
  • Like
Reactions: Pizdec and h2_jGX
I have been unable to find information that substantiates his skills
But he worked at Blizzard for 20 years! He's a veteran in the industry! He couldn't possibly be lying about how much of an epic 1337 haxor he is!
His primary credential to his 1337 hacking skills are his DEF CON badges, but if you review the writeup(s), they, again, appear to contain little-to-no technical information. Furthermore, it is apparent that for all these wins, it is not Jason Hall winning, but it is a team of 10-13 people. I doubt he even has a single badge in his possession.
Very good research here. All this stuff kinda follows from his "Epic Industry Veteran" persona where he just talks a big game but for some reason barely shows off his actual "abilities" in lieu of just talking about how smart he is and showing off "his" awards. Not surprising to see even with his cybersecurity credentials it's mostly just lies him being incompetent.
 
Surprised this hasn't been posted in here yet. It sounds like his actual voice slips out there towards the end. Not 100% sure though, but I figured this would be worth posting.
Ghost Archive | Preserve Tube
Archive links provided. Adding local copy for completeness.
Might not be a voice changer, just voice lessons. Elizabeth Holmes of Theranos was known to put on a very fake deep voice but when she got excited like that she would slip up on revert to her more normal high pitched tone. She had a lot of voice coaching and just like him she went from a high pitched voice in past interviews to a very deep voice in future interviews.

Preserve Tube | Ghost Archive
The fact that Mald decided to boulder the videos mentioning his True Name is very weird indeed, considering "he talked about this on stream a bunch of times" (according to him):
View attachment 6389257
Aug 17 @ 7:44:01

What's interesting though, is that there are only 2 more mentions of "Maldavius Figtree" across the 207 streams he has on JewTube. Granted, this was found by grep'ing the auto-generated subtitles, and most (?) of the streams are cut off at 12 hours, but I don't think anyone's insane enough to find shit in there "by hand".

View attachment 6389259
Aug 28 @ 7:58:12

View attachment 6389266
Aug 30 @ 3:54:33

Nothing really interesting here, but Mald seething about "being an adult" and "touching grass" while playing his father's game for 12+ hours a day is pretty funny.
OP already posted relevant clips from the livestream. Livestream Archive ignored.
Jason's new podcast with Twitch brogrammer ThePrimeagen, "Hack n' Stache", dropped today- at least the original pre-editing livestream footage. I decided to take a listen. Here's my quick notes and some small relevant clips:
I ripped the whole original stream with yt-dlp and clipped it up. The full two hours is too large to upload with even an optimized 240p coming a bit over 200mb. I'm not in a rush to work around it since there's not much meat on the bone here, especially outside of what's clipped. I took some big chunks of the main topics which I'll share here.
OP already posted relevant clips from the livestream. Livestream Archive ignored. Just in case will download it .
He's a complete degenerate and freak schizo. In one of his Youtube Shorts called "PVP Enabled Network" he talks about how he refuses to use any of his accounts outside his home because he doesn't trust whoever owns the cell tower. This doesn't really need to be said, but 3G data and above are not considered vulnerable. Also obviously your actual communication with your bank is HTTPS which means even if they had access to the traffic it wouldn't be useful.
Preserve Tube | Ghost Archive

Post of video responses that don't agree with Maldavius' take on Stop Killing games:
  1. "I Disagree with PirateSoftware (Stop Killing Games)" by shinyokaii
    Ghost Archive, Preservetube, local:
  2. "PirateSoftware's Strange Take on "Stop Killing Games"" by Fantasmous:
    Ghost Archive, Preservetube, local:
  3. "Stop Killing Consumers" by Florielle Gaming:
    Ghost Archive, Preservetube, local:
All original links + local copy + archive links provided by @itogi . Ignored.
Archives done. If the mods want to put previous posts in spoiler tags, they can do so.
:semperfidelis:
If any of the local copies are broken or a shitty encode, and/or if the links are broken, send me a DM.
I might have missed some posts as well. Send me a DM in that case to avoid shitting up the thread.
 
Last edited:
"PVP Enabled Network" he talks about how he refuses to use any of his accounts outside his home because he doesn't trust whoever owns the cell tower.
If he were such a super l33t hax0r he could create a WireGuard VPN to his home network. This would have the benefit of having all his accounts "at home" even while he's remote somewhere.
 
If he were such a super l33t hax0r he could create a WireGuard VPN to his home network. This would have the benefit of having all his accounts "at home" even while he's remote somewhere.
He already acts like the goblins in the cellphone tower are capable of reading encrypted traffic anyway so I'm not convinced a VPN would make him feel any better.
 
He already acts like the goblins in the cellphone tower are capable of reading encrypted traffic anyway so I'm not convinced a VPN would make him feel any better.
Is he concerned his milquetoast takes and hypocrisy make him a target from government intelligence agencies?

And if he were such a target his home internet ISP would also be at risk.
 
Is he concerned his milquetoast takes and hypocrisy make him a target from government intelligence agencies?

And if he were such a target his home internet ISP would also be at risk.
He is legitimately just a schizophrenic retard who does not know what he is talking about at all. He is not necessarily scared of a state actor, but a private citizen (the owner of the 5G tower)
 
  • Lunacy
Reactions: indomitable snowman
He even himself describes it as the easiest form of hacking.
He's not wrong, but that's because humans are capable of making mistakes far more than a computer is. A computer is gonna want to know what elementary school you went to, and depending on how strict it is, it may not accept your miscapitalization based on how you originally answered that question, nor does it agree that [SCHOOL NAME] is the same as [SCHOOL NAME ELEMENTARY], where a human would be more accepting of the former and not say you're wrong by not adding the "Elementary" part on the end, and the same goes for what city you were born in. That's just talking to people, now you start sending emails out saying their bank account is compromised or they need to click this link to accept a UPS package or whatever. People are the weakest link, everything else is hard skills to navigate a network, usually via command line.
 
Back