Reading this article feels like seeing somebody you don't particularly like get pantsed, but feeling bad for them because the person pantsing them is an even bigger idiot. Like Monster is not in tech. In any regard. I'm sure that they contract for 100% of their development.
sigmoid10 · 3h ago
I wouldn't be surprised if their lack of any response is because they literally have noone to deal with this. They can't seem to fill (or hold) some pretty important IT roles:
Which in turn is maybe because they are unwilling to offer sufficient compensation. You get what you pay for but this time the tables have turned and it's a big corp getting shafted.
This is not a mom and pop shop struggling to keep the lights on. This is a huge corporation whose CEO has a net worth 4 orders of magnitude greater than the median American of his age. He could pay the whole IT department out of his pocket and barely notice.
I don't feel bad for them.
4ndrewl · 3h ago
You remember "software is going to eat the world?"
> am nonbinary leaning fem and use she/they/he pronouns.
So while they prefer feminine, they explicitly list masculine as okay to use.
greenchair · 58m ago
I don't even
anal_reactor · 22m ago
The entire cybersecurity is like that
AllegedAlec · 27m ago
So just fucking anything then... What the hell is the use of pronouns at that poitn
willwade · 2h ago
oops. my bad. I take it back :)
darkwater · 3h ago
Totally still on Monster even if they contract 101% of their IT.
No comments yet
squigz · 3h ago
It's like watching the school bully pants the weird kid who's just really passionate about his interests. It's not tough or cool, really it's just pathetic and sad.
LambdaComplex · 3h ago
"I violated the CFAA, likely committing several misdemeanors or felonies in the process, wrote up a detailed account of what I did (complete with screenshots), and then posted the account on the internet."
For the author's sake, I really hope they don't live in the USA.
kersplody · 50m ago
Or Europe. Or the UK. 10+ prison plus civil damages in all three jurisdictions should it be prosecuted for various "Unauthorized computer access" laws. Even just browsing protected endpoints is a criminal violation. Publishing any info is even a bigger crime.
FYI, if you are a hacker:
1. Stop immediately after discovery and don’t go further than the minimal step that proves the vulnerability exists.
2. Document, don’t exploit
3. Report responsibly
4. Do not publish until fixed. Do not publish documents/images without permission.
5. Intent doesn’t erase liability: even “just poking around” can be charged under CFAA (US) or CMA (UK).
martin-t · 54m ago
Or that they took sufficient care to remain anonymous.
lpapez · 31m ago
IMO the author of the article should lawyer up.
They should not have done any of this in the first place, let alone disclose it publicly in this manner.
I too did similar things when I was younger, riding high on that feeling of power, and learned the hard way that even attempting to hack something can be considered computer fraud in EU.
I was lucky to not suffer any consequences in the long run.
You can brag all you want about being an "ethical hacker", the law is probablycnot on your side - especially if you publish incriminating evidence in the form of an immature post like this.
evan_ · 3h ago
Products like this don't just appear in gas station coolers by themselves, they would have started by identifying a demographic first and then building a product specifically targeted to that audience. They decided to target younger-skewing men, and so they made an energy drink that's neon green and called it "Monster". If they had decided to target over-60 women they would have designed the product much differently.
This isn't just a reactive profile of who they think is buying the product, it's the blueprint for the product.
js4ever · 3h ago
It is highly irresponsible to disclose security vulnerabilities publicly, and in some jurisdictions it may even be illegal.
While I understand that the author attempted to contact Monster without receiving a response, publishing details of the vulnerabilities and how to exploit them only puts users at greater risk. This approach is reckless and harmful.
darth_avocado · 3h ago
It is common practice to give the company sufficient time and communicate, and then release the details once the vulnerability is patched. But it’s also common in practice to disclose the vulnerability after a set period of time if the company does not engage in any form of communication and refuses to patch the vulnerability. In this case they didn’t engage in any form of communication and then partially patched the problems. Nothing out of the ordinary here.
none_to_remain · 17m ago
I have seen this in practice for vulnerabilities that affect many users of some software. If some Hackermann finds that Microsoft Windows version X or Oracle Database server version Y has a security flaw then disclosure is virtuous so that people using those can take measures. That reasoning doesn't seem to apply here.
eclipticplane · 1h ago
What _isn't_ common practice is actually copying and posting company material on your blog. Just because a door is unlocked does not give you the right to take materials & post them.
dh2022 · 3h ago
My understanding is this is the standard SOP for security vulnerabilities:
1. Report the security vulnerabilities to the “victim”
2. Work with the “victim” the schedule for mitigation and publication
3. Publicize the vulnerabilities (the security researcher wants his findings to be publicly recognized)
If the victim does not acknowledge this issue it is impossible to execute step 2. So then the security researcher goes to step 3.
If the hacker has the emails sent at step 1 he will be fine.
jhanschoo · 1h ago
OP leaked internal business documents as part of their disclosure that had no business being in a disclosure. It looks like minor employee details have been leaked as well, which is very bad.
martin-t · 48m ago
These companies treat fines as the cost of doing business and every time they lose people's personal information, they get slapped on the wrist and laugh it off while the execs get bonuses for having someone write a tearful apology to appear like victims.
I am happy every time somebody makes enough noise to make them notice and fix it because being polite and legal clearly is not working.
IlikeKitties · 3h ago
Nah, fuck that noise. If the company reacts to a responsible disclosure notice that's nice but no one is under any obligation to help out mega corps to secure their shit. And the users aren't put at risk by the people finding the vulnerability but by the company not fixing it.
Fuck Responsible disclosure, companies should have to bid on 0 days like everyone else.
Ekaros · 53m ago
One probably should not release information from company they hacked.
On other side, if it is some piece of software immediate disclosure in public is only reasonable and prudent action. It allows every user to take necessary mitigation actions like taking their services and servers offline.
pizzalife · 3h ago
There is a market for capabilities, i.e zerodays in widely used software. It has value, sometimes in the millions.
No one will buy some shitty XSS on a public website.
js4ever · 2h ago
That argument misses the point.
Yes, the company has the primary responsibility to fix their vulnerabilities, but that doesn’t justify recklessly publishing exploits. Once an exploit is public, it’s not just 'the company' that suffers, it’s every customer, employee, and partner who relies on that system.
Saying 'fuck responsible disclosure' is basically saying 'let’s hurt innocent users until the company caves.' That’s not activism, that's collateral damage.
If someone genuinely cares about accountability, there are legal and ethical ways to pressure companies. Dumping 0-days into the wild only helps criminals, not users.
billy99k · 1h ago
I contacted the owner of the house I found unlocked and there was no response, so I proceeded to let myself in anyway.
These writeups are Jr. level hacks (I looked through them all). Aside from making the company look bad, you don't really learn much from it because they are so easy.
I'm tempted to just find the person that owns this blog and make sure they aren't hired int the security industry. We don't need people like this around.
trinix912 · 39m ago
> I'm tempted to just find the person that owns this blog and make sure they aren't hired int the security industry. We don't need people like this around.
Sorry, being the one to "make sure" someone doesn't get hired makes you the person whom I'd never hire in my eyes. Hopefully in all the potential employers' whom you go crying trying to sabotage this guy's career also.
Everyone was an eager junior once. If you weren't, it's your problem, not this guy's.
LexiMax · 19m ago
> Sorry, being the one to "make sure" someone doesn't get hired makes you the person whom I'd never hire in my eyes.
Yeah, there was some serious, "you'll never work in this town again," energy. Glad I wasn't the only one who picked up on it.
martin-t · 52m ago
Because you certainly are the right person to pass judgement and destroy someone's life based on reading a few blog posts.
SoftTalker · 4h ago
That's actually pretty representative of the people I see drinking Monster drinks.
mrangle · 3h ago
Since most people are lower income, and therefore a high-market share low unit price gas-station drink company like Monster will by definition have to have its largest customer base be from the largest ie: poorer demographic, the only slightly revelatory information is that the demographic is younger, male, and leans Hispanic.
This doesn't imply that people in higher income brackets don't drink it, even most of them (though probably untrue).
Also pertinent is that the data is specified for Monster Green, which is their full sugar product. Monster Zero is a pretty big product as well, and could have a slightly differing customer base.
opan · 1h ago
>Monster Green, which is their full sugar product
Just want to add that all Monster (AFAIK) contains sucralose even if it also has HFCS or other sugar. It's a small amount because it's so potent, so I usually start at the end of the ingredients label when checking if drinks have it. NOS also puts it in their regular drinks. I don't know when they made this change, but I stopped drinking Monster because of it. I used to like the Mean Bean Java Monster quite a bit.
My energy drink of choice these days is Blueberry Red Bull, in case anyone else is looking for an option that tastes better.
Also some brands like Rockstar put it in half their flavors, so you gotta check every can. Even though Killer Citrus is safe (as of 5+ years ago when I last looked anyway), Killer Grape isn't, despite both being of a similar subtype.
thereticent · 5m ago
I've never seen reliable data suggesting that sucralose is harmful. Could be wrong. If you wouldn't mind giving sources, that would be helpful. Or is it just a personal sensitivity? Don't mean to pry. I'm just curious about the issue.
eterm · 1h ago
Given their definition of "Younger" appears to include GenX, even that just means "Boomers don't drink it".
pletsch · 3h ago
This is a strange disclosure post.
They may not have had a security email but I’m sure there was some contact this could have been sent to before posting something like this.
Part of me wonders if OP even tried or was mostly just looking to dunk on a company.
darkwater · 3h ago
They did contact them and there was no response. The only one answering were ClickUp folks.
HtmlProgrammer · 3h ago
This feels a bit over the line from disclosure to sharing corporate documents… feels a lil bit crimey
daft_pink · 3h ago
I found this actually to be very cute. It’s awesome that their employees have gamified badges and that the photo of their core customer looks so awesome.
bko · 3h ago
I worked at places with "points" you can give to other coworkers, but no reward. I would love to have traded some of my points for monster merch. This can almost read like an advertisement for working at Monster
ryankrage77 · 27m ago
Lots of comments about the questionable choices of this person regarding disclosing all this information. To add to the pile, they got a friend fired from McDonalds, and don't seem particularly bothered about it... https://bobdahacker.com/blog/mcdonalds-security-vulnerabilit...
dustractor · 3h ago
Completely irrelevant to the article, but next time you come across one of those internet crazies who think the Monster logo is satanic, you can troll them by pointing out that it is really just an Ugaritic L -- 𐎍 -- and that one of the original names for the Hebrew god was EL so really Monster is a godly drink, not satanic.
treyd · 2h ago
I thought it was the other way around, that the individual mark is interpreted as a 6 so it's 666?
thereticent · 4m ago
Redundant! Every UPC barcode has a 6 on the beginning, middle, and end. If you've got the mark of the Beast you may as well get Beast Bux.
mocana · 3h ago
Their characterization of their customer base mostly rings true to me. My white teenage kids love the stuff.
Don't know about GenX though. A common definition of GenX is born between 1965 and 1980. Speaking for all GenX males of the world, the stuff tastes overly sweet to me and don't want to risk a higher A1C on carbonated sugar water. Bleh!
internet2000 · 3h ago
They have sugar free versions now.
rafram · 3h ago
The existence of bug bounties seems to have misled some people into thinking that you can just break into any system, and it’s OK as long as you email them afterwards. That isn’t the case. This post is documentation of a crime and the author would be wise to take it down.
raaron773 · 3h ago
I dont actually look like the people from the photos but yes I do imagine this is how I would look like on the rare occasion I decide to get Monster drink lol
fossuser · 3h ago
My guess of what the author of this blog post looks like is 15-19yrs old & male, probably aspie.
Also should probably be a little more careful with risking the CFAA, but they seem really young so I'm guessing that's the main explanation.
akk0 · 38m ago
Would you like me to give an unsolicited read on what you look like and which developmental disorders you might have also?
hamdingers · 3h ago
> 15-19yrs old
Also would explain their unfamiliarity with what looks to me like totally normal branded corporate training.
ctippett · 3h ago
No need for personal attacks.
pessimizer · 3h ago
I'd be interested in reading you explain what the attack you detected was.
ctippett · 2h ago
Is it that interesting that I found the comment unnecessarily judgemental and makes a shallow unsubstantiated assumption about the author's demographic/personality?
fossuser · 1h ago
Oh please - it’s an honest assessment not a personal attack and it’s likely accurate. That you think otherwise says more about you than it does about me.
I prefer honest truth to polite fiction.
It’s better to attempt to see the world as it is than delude yourself with bullshit.
gellybeans · 36m ago
Is this the same cope police use when they profile people? It's actually absurd. That's okay brother, you tell it like it is with your "honest truth"
squigz · 3h ago
The term "aspie" has some very obvious and common negative connotations, much like "retard"
If GP had said the author was probably retarded, would you be so confused then?
doublerabbit · 3h ago
> My guess of what the author of this blog post looks like is 15-19yrs old & male, probably aspie.
Generalizing. It's would be the same as me calling you out as being an 34 male Texas Neckbeard MAGA supporter for having the user name "pessimizer".
ffsm8 · 2h ago
Is that derogatory?
doublerabbit · 1h ago
As a figure of speech, which this was; not so. I was explaining the point of an personal attack.
As an actual insult, assuming and throwing it at someone is an attack. It could be derogatory if what said harshly generalizes a majority or group.
jackblemming · 3h ago
Categorizing being young or having Asperger’s as a personal attack is on you.
No comments yet
gnarlouse · 3h ago
The energy feels so high school
ValveFan6969 · 4m ago
The author acts like they just hacked an authoritarian government account...
it's just an energy drink, bro. It's not that deep.
declan_roberts · 3h ago
Funny, but these are the kinds of things they will gladly tell you on any earnings conference call (and more!)
catigula · 3h ago
>"Monster Green shoppers are likely younger (Gen-Z/Millennial/Gen-X) male, lower income & Caucasian (skews Hispanic)."
What does this sentence even mean?
r3trohack3r · 3h ago
Companies like Monster and Redbull are marketing companies that happen to sell energy drinks.
That is almost certainly not a meaningless demographic they pulled out of thin air. It might not be meaningful to you as a demographic. It might even be offensive to you as a demographic.
But, to the marketing company, that is a concrete “group of humans” that respond well to their product and advertising. It informs how they develop their ads, how they target them, which geographic markets they push hard in, what events they sponsor, etc.
When they define that demographic as the people they’re targeting, and allocate their capital towards targeting them, they see the highest returns they’ve been able to find so far.
anal_reactor · 16m ago
The world is so much more beautiful when you don't know how that works.
rossheaton · 3h ago
Which part don't you understand?
drc500free · 3h ago
The part where Gen-X is younger, maybe?
crazygringo · 31m ago
For all we know the document is from two decades ago.
jdiff · 11m ago
Two decades ago makes the GenZ reference confusing, as the very oldest of them by the most generous definition would be only 9 years old.
With a span across 50 years, that range from Gen X to Gen Z is just awkward to place as "young buyers of Monster" at any point in time.
jdiff · 3h ago
It's perplexing, to put it generously, but it doesn't throw the semantics of the entire sentence into question.
kevinmchugh · 3h ago
(Gen-Z/Millennial/Gen-X)
This covers like sixty years?
elcritch · 3h ago
Closer to 30 years I'd say. Probably a lot of working age men, especially construction.
jdiff · 8m ago
Generation X is pinned starting in the mid-60s. The Millenials follow, with Gen Z capping the range off in the early 2010s. It's about 50-60 years.
nemomarx · 3h ago
Which part? younger men with lower income who are likely to be Hispanic Caucasian (as opposed to non Caucasian Hispanic)
echelon · 3h ago
It means a marketer will know where to deploy capital.
Y_Y · 3h ago
It means some people still think there are meaningful racial categories, that people with light skin come from the Caucasus, that speaking Spanish is an "ethnicity" which is orthogonal to "race".
Also Gen X (aged between 44 and 60 at time of writing) are "young".
crimsoneer · 38m ago
Well, this was cringe and irresponsible.
Disclosing security vulnerabilities if they don't respond is fine. Sharing internal training material and photos for the lols and internet points is just being a dick.
bn-l · 3h ago
This is a customer avatar. It’s standard marketing theory. And likely know who their customers are.
soared · 3h ago
Avatar or persona is a literal fake person. “This Steve Doe. He works in construction and is 29 years old. He is in a lower income bracket and drinks a monster every weekday with lunch”.
The example in the post is a super generic target market.”gen z, lower income”
Jcampuzano2 · 3h ago
You can tell this guy has never worked or interacted with corporate marketing or advertising in any way because their astonishment at identifying their main market segment is standard practice literally everywhere. Lmao.
Focus on the security issues sure, but maybe think a bit more critically about how businesses function.
Go look around at who you see drinking monster and you're probably going to see they're not at all wrong.
kuroguro · 3h ago
Eh, I think part of it is just making a more clickbaity title.
xaoz · 3h ago
Looks quite a lot like an esports team!
blueflow · 3h ago
You will never guess what i did when i read the headline!
altairprime · 3h ago
For whatever it’s worth, they do have a job opening posted on LinkedIn for a sysadmin whose duties would include resolving that file access issue. Not my cup of tea as far as employers go (I don’t like energy drinks) but it seemed apropos to mention under the circumstances :)
chasemiller · 26m ago
"ETHICAL hacker"
...yeah... I don't think those words mean what you think they mean...
markasoftware · 3h ago
This isn't security research, it's unauthorized hacking. Monster has no vulnerability disclosure program. It's completely illegal to try and gain unauthorized access without a VDP, even if you attempt to responsibly disclose your findings after the fact. And frankly, you didn't /responsibly/ disclose your findings, because you are publishing this while some of the vulnerabilities are still present. I reckon you have a 5% chance of ending up in jail because of this post.
LauraMedia · 2h ago
Depending on jurisdiction, it can be argued that this is not unauthorized access, as the files and listings do not prevent access to anyone, effectively authorizing anyone who requests a file.
snitzr · 3h ago
Didn't Mike Wazowski and James P. "Sulley" Sullivan go to MU?
t0mas88 · 3h ago
I've seen a documentary on that, they got kicked out ;-)
Raed667 · 3h ago
I would have loved a breakdown of what group each variant of Monster is being marketed to !
adampk · 3h ago
I don't get why a normal corporate internal resource system its being framed as ridiculous. Does the writer not know about "personas"? Weird tone.
drc500free · 3h ago
What a bizarre reaction to a completely standard marketing segment. Who does the author THINK is Monster Energy Drink's core customer?
bko · 3h ago
This is from the post:
> "Monster Green shoppers are likely younger (Gen-Z/Millennial/Gen-X) male, lower income & Caucasian (skews Hispanic)."
Later in the post:
> The scariest part wasn't the training portal or the questionable customer profiling.
Questionable customer profiling is just basic research about their customers.
Seriously, I wish more companies were honest at least internally who their customers are. A lot of problems could be solved if places like Marvel realized who their core base is, accepted it, and made products for their audience.
ryoshu · 3h ago
Good marketers know who their core audiences are. Bad executives will ignore the research.
LexiMax · 1h ago
Watching Warner Brothers fail to learn this lesson for a decade before finally releasing a good Superman movie was frankly a little sureal.
elcritch · 3h ago
Basic understanding of a customer base could've avoided the BudLight fiasco too. Then again, I'm sure if you're an elite upper-middle-class executive from an Ivy League school the idea that you need to cater to lower class working men must be a bit rankling.
I could imagine similar subcurrents for Marvel executives wanting to appear sophisticated or avant garde but instead having to cater to "comic book nerds" must be challenging.
The post has similar undertones of elitism as well. After all most of us tech people skew towards similar habits as does probably most well paid white collar professions.
Animats · 3h ago
Marvel's movie business was, for decades, run by the toy business in New York.[1] The movies were optimized for selling the merch. The Hollywood end finally broke free of the New York based "Creative Committee" once film revenue became large enough. The core base for merch is young boys, and that shaped the films.
So now they sell less merch and their movies and TV shows gross a lot less. So who does this benefit?
esafak · 3h ago
Thanks for calling gen-x young.
michaelsmanley · 3h ago
That made me laugh when I read it, too.
sigmoid10 · 3h ago
Marvel knows pretty well who their audience is. The problem is Disney trying to tap into emerging markets, because the stereotypical audience is pretty much saturated. Like, there is zero need to market an Avengers movie to white male comic nerds.
bko · 2h ago
It was never saturated. The peak was probably Thanos. Everything since then has been pandering to a more female driven potential audience that was never there.
It's not just female super heroes, which always existed and were popular to some degree (Buffy, Lara Croft, Zena, etc). It was a particular form of shallow female empowerment where the female characters were perfect, or if there was any growth to be had, it was realizing that they were perfect all along and the world just needed to change.
Take for instance She Hulk series, within minutes of gaining her powers, she was able to outperform Hulk. There was no personal growth. Whereas male superheroes typically had to overcome obstacles. Spiderman had to learn with great power comes great responsibility. Batman has to constantly battle with his grief and moral code. Ironman fought substance abuse and his philandering selfish nature. What was the story arch of Captain Marvel? It's just not good story telling
Fade_Dance · 3h ago
He used his "advanced hacking knowledge" to trick himself into participating in corporate training exercises and tear-inducing boredom. This actually made me laugh.
clickety_clack · 3h ago
I’d love if he tricked himself into bulk buying monster and promoting it to all his friends to prove how wrong their target demographic was.
Spivak · 3h ago
The picture is a little silly but listing out the demographics of your customer base is like so normal. The marketing for Monster would be quite different if their market was over 65 women.
Although it would be a funny bit to run a monster commercial in the style of something like L'Oreal.
LexiMax · 3h ago
You don't have to imagine. For some reason beyond my ken, monster energy has achieved meme status in queer circles.
I was half-surprised one of the pictured people wasn't wearing pink headphones with attached cat ears.
adampk · 3h ago
So strange, does the author think companies never try to understand their customers?
doublerabbit · 3h ago
When do companies ever try to understand their customers? They know what works for who, and continue to rehash that for that specific age of the generation.
The article even states this. "Monster Green shoppers are likely younger (Gen-Z/Millennial/Gen-X) male, lower income & Caucasian (skews Hispanic)."
When you've moved from that generational age, your no longer their audience and they don't care if you buy or not; but it's not like they cared in the first place.
https://recruiting2.ultipro.com/MON1009MECY/JobBoard/682eaab...
This is not a mom and pop shop struggling to keep the lights on. This is a huge corporation whose CEO has a net worth 4 orders of magnitude greater than the median American of his age. He could pay the whole IT department out of his pocket and barely notice.
I don't feel bad for them.
_Everyone_ organisation is a tech organisation.
"I first learned of bobdahacker from *their* post three weeks ago also headlined on HN: https://news.ycombinator.com/item?id=44723773"
(I read their bio :))
> am nonbinary leaning fem and use she/they/he pronouns.
So while they prefer feminine, they explicitly list masculine as okay to use.
No comments yet
For the author's sake, I really hope they don't live in the USA.
FYI, if you are a hacker:
1. Stop immediately after discovery and don’t go further than the minimal step that proves the vulnerability exists.
2. Document, don’t exploit
3. Report responsibly
4. Do not publish until fixed. Do not publish documents/images without permission.
5. Intent doesn’t erase liability: even “just poking around” can be charged under CFAA (US) or CMA (UK).
They should not have done any of this in the first place, let alone disclose it publicly in this manner.
I too did similar things when I was younger, riding high on that feeling of power, and learned the hard way that even attempting to hack something can be considered computer fraud in EU.
I was lucky to not suffer any consequences in the long run.
You can brag all you want about being an "ethical hacker", the law is probablycnot on your side - especially if you publish incriminating evidence in the form of an immature post like this.
This isn't just a reactive profile of who they think is buying the product, it's the blueprint for the product.
While I understand that the author attempted to contact Monster without receiving a response, publishing details of the vulnerabilities and how to exploit them only puts users at greater risk. This approach is reckless and harmful.
If the victim does not acknowledge this issue it is impossible to execute step 2. So then the security researcher goes to step 3.
If the hacker has the emails sent at step 1 he will be fine.
I am happy every time somebody makes enough noise to make them notice and fix it because being polite and legal clearly is not working.
Fuck Responsible disclosure, companies should have to bid on 0 days like everyone else.
On other side, if it is some piece of software immediate disclosure in public is only reasonable and prudent action. It allows every user to take necessary mitigation actions like taking their services and servers offline.
No one will buy some shitty XSS on a public website.
Saying 'fuck responsible disclosure' is basically saying 'let’s hurt innocent users until the company caves.' That’s not activism, that's collateral damage.
If someone genuinely cares about accountability, there are legal and ethical ways to pressure companies. Dumping 0-days into the wild only helps criminals, not users.
These writeups are Jr. level hacks (I looked through them all). Aside from making the company look bad, you don't really learn much from it because they are so easy.
I'm tempted to just find the person that owns this blog and make sure they aren't hired int the security industry. We don't need people like this around.
Sorry, being the one to "make sure" someone doesn't get hired makes you the person whom I'd never hire in my eyes. Hopefully in all the potential employers' whom you go crying trying to sabotage this guy's career also.
Everyone was an eager junior once. If you weren't, it's your problem, not this guy's.
Yeah, there was some serious, "you'll never work in this town again," energy. Glad I wasn't the only one who picked up on it.
This doesn't imply that people in higher income brackets don't drink it, even most of them (though probably untrue).
Also pertinent is that the data is specified for Monster Green, which is their full sugar product. Monster Zero is a pretty big product as well, and could have a slightly differing customer base.
Just want to add that all Monster (AFAIK) contains sucralose even if it also has HFCS or other sugar. It's a small amount because it's so potent, so I usually start at the end of the ingredients label when checking if drinks have it. NOS also puts it in their regular drinks. I don't know when they made this change, but I stopped drinking Monster because of it. I used to like the Mean Bean Java Monster quite a bit.
My energy drink of choice these days is Blueberry Red Bull, in case anyone else is looking for an option that tastes better.
Also some brands like Rockstar put it in half their flavors, so you gotta check every can. Even though Killer Citrus is safe (as of 5+ years ago when I last looked anyway), Killer Grape isn't, despite both being of a similar subtype.
They may not have had a security email but I’m sure there was some contact this could have been sent to before posting something like this.
Part of me wonders if OP even tried or was mostly just looking to dunk on a company.
Don't know about GenX though. A common definition of GenX is born between 1965 and 1980. Speaking for all GenX males of the world, the stuff tastes overly sweet to me and don't want to risk a higher A1C on carbonated sugar water. Bleh!
Also should probably be a little more careful with risking the CFAA, but they seem really young so I'm guessing that's the main explanation.
Also would explain their unfamiliarity with what looks to me like totally normal branded corporate training.
I prefer honest truth to polite fiction.
It’s better to attempt to see the world as it is than delude yourself with bullshit.
If GP had said the author was probably retarded, would you be so confused then?
Generalizing. It's would be the same as me calling you out as being an 34 male Texas Neckbeard MAGA supporter for having the user name "pessimizer".
As an actual insult, assuming and throwing it at someone is an attack. It could be derogatory if what said harshly generalizes a majority or group.
No comments yet
it's just an energy drink, bro. It's not that deep.
What does this sentence even mean?
That is almost certainly not a meaningless demographic they pulled out of thin air. It might not be meaningful to you as a demographic. It might even be offensive to you as a demographic.
But, to the marketing company, that is a concrete “group of humans” that respond well to their product and advertising. It informs how they develop their ads, how they target them, which geographic markets they push hard in, what events they sponsor, etc.
When they define that demographic as the people they’re targeting, and allocate their capital towards targeting them, they see the highest returns they’ve been able to find so far.
With a span across 50 years, that range from Gen X to Gen Z is just awkward to place as "young buyers of Monster" at any point in time.
This covers like sixty years?
Also Gen X (aged between 44 and 60 at time of writing) are "young".
Disclosing security vulnerabilities if they don't respond is fine. Sharing internal training material and photos for the lols and internet points is just being a dick.
The example in the post is a super generic target market.”gen z, lower income”
Focus on the security issues sure, but maybe think a bit more critically about how businesses function.
Go look around at who you see drinking monster and you're probably going to see they're not at all wrong.
...yeah... I don't think those words mean what you think they mean...
> "Monster Green shoppers are likely younger (Gen-Z/Millennial/Gen-X) male, lower income & Caucasian (skews Hispanic)."
Later in the post:
> The scariest part wasn't the training portal or the questionable customer profiling.
Questionable customer profiling is just basic research about their customers.
Seriously, I wish more companies were honest at least internally who their customers are. A lot of problems could be solved if places like Marvel realized who their core base is, accepted it, and made products for their audience.
I could imagine similar subcurrents for Marvel executives wanting to appear sophisticated or avant garde but instead having to cater to "comic book nerds" must be challenging.
The post has similar undertones of elitism as well. After all most of us tech people skew towards similar habits as does probably most well paid white collar professions.
[1] https://www.goodreads.com/book/show/77264987-mcu
It's not just female super heroes, which always existed and were popular to some degree (Buffy, Lara Croft, Zena, etc). It was a particular form of shallow female empowerment where the female characters were perfect, or if there was any growth to be had, it was realizing that they were perfect all along and the world just needed to change.
Take for instance She Hulk series, within minutes of gaining her powers, she was able to outperform Hulk. There was no personal growth. Whereas male superheroes typically had to overcome obstacles. Spiderman had to learn with great power comes great responsibility. Batman has to constantly battle with his grief and moral code. Ironman fought substance abuse and his philandering selfish nature. What was the story arch of Captain Marvel? It's just not good story telling
Although it would be a funny bit to run a monster commercial in the style of something like L'Oreal.
I was half-surprised one of the pictured people wasn't wearing pink headphones with attached cat ears.
The article even states this. "Monster Green shoppers are likely younger (Gen-Z/Millennial/Gen-X) male, lower income & Caucasian (skews Hispanic)."
When you've moved from that generational age, your no longer their audience and they don't care if you buy or not; but it's not like they cared in the first place.
No comments yet