Scattershot Spreading the word - PSN

BiG D

BiG D

Administrator
Staff member
So I'm watching this press conference that sony called (at a time that is inconvenient for pretty much everyone.) There doesn't appear to be all that many people there, and maybe it's just the translation, but DAMN are some of the folks are sticking it to them in the Q&A segment. There may be some interesting quotes tomorrow...
 
thatbloke

thatbloke

Junior Administrator
BiG D said:
So I'm watching this press conference that sony called (at a time that is inconvenient for pretty much everyone.) There doesn't appear to be all that many people there, and maybe it's just the translation, but DAMN are some of the folks are sticking it to them in the Q&A segment. There may be some interesting quotes tomorrow...
Click to expand...

engadget have liveblogged it:

http://www.engadget.com/2011/05/01/sonys-kaz-hirai-will-address-playstation-network-hack-at-1am-et/

I'm still reading through atm but the most hilarious quote so far is that the "hack" used a KNOWN vulnerability to get in...

also PSN passwords were not encrypted but rather hashed...
 
thatbloke

thatbloke

Junior Administrator
So at this present time, the PSN network is still down.

Sony have have created a post on their blog about this.

The best part? You can comment on the blog. To comment on the blog, you need to sign in with your PSN ID. To sign in with your PSN ID, PSN needs to be up and alive. The cookie for the login on the website lasts a week. PSN has been down longer than a week.

Bearing the above in mind, isn't it funny how there's 6 pages of all positive comments praising Sony for their work on this???
 
Gribley

Gribley

Member
i-8Wvvm6p-L.jpg
 
BiG D

BiG D

Administrator
Staff member
http://www.joystiq.com/2011/05/02/sony-hit-with-second-attack-loses-12-700-credit-card-nu/

So SOE (the sony mmo branch, more or less) has suffered the same loss of information. If you've played a sony mmo in the past, time to get changing your passwords...

Also possibly of note for some of you:
The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain.
Click to expand...
 
Silk

Silk

Well-Known Member
Haven't had the e-mail (yet) so don't know if it affects me.

As for the hack happening in the first place.. perhaps this is me being my usual crazy self but I'm pretty sure anything is hackable given the right skill, knowledge and tools. You can think of a million ways to prevent hacking and still be hacked.

No doubt in the future we'll be able to pay for hack insurance, so that it doesn't cost anything to recover our identity, lost finances, etc. ;D
 
Ronin Storm

Ronin Storm

Administrator
Staff member
silkth said:
No doubt in the future we'll be able to pay for hack insurance, so that it doesn't cost anything to recover our identity, lost finances, etc. ;D
Click to expand...

Some (many?) banks already offer this as a paid-for service; Barclays were trying to sell me this sort of thing late last year. I think it's called something like "identity fraud insurance" or similar.
 
thatbloke

thatbloke

Junior Administrator
I'll certainly agree that with the right tools and certainly the right person/people, particularly if they are "on the inside," that nothing is ever unhackable, however it seems here that Sony have been quite lax with their security here, and are quite possibly going to be getting into a lot of trouble because of it...
 
BiG D

BiG D

Administrator
Staff member
They sure can, especially if it's determined their security design was at fault.
 
Ronin Storm

Ronin Storm

Administrator
Staff member
If someone breaks into your locked and well secured house and steals your computer (and thus your data) then you'd be reasonably outraged but no one would think it was your fault.

If someone breaks into your locked house, but the locks are made of string and the doors made of paper, and the same computer is stolen then you'd be outraged but I doubt anyone would have sympathy for you. It could be reasonably said to be your fault. Sure, the thief should never have been there, but acting like he doesn't exist or hoping that he won't find your house are not defensible stances in the real world.

So, the question is "did Sony take reasonable precautions to protect their data against a hostile 'Net?". Their culpability lies in that.
 
BiG D

BiG D

Administrator
Staff member
I disagree. They have a responsibility to their customers to safeguard the personal info they've been given. Regardless of the circumstances surrounding its loss, it was still their responsibility to protect it.
 
Ronin Storm

Ronin Storm

Administrator
Staff member
I think this is a matter of scale and graded culpability.

In their case, they were explicitly responsible for the protection of millions of users' details and tens of thousands (?) of credit card details. Their need for security is much higher than the average guy. Thus, firewalls, encryption, secure facilities and so on are called for. If this data is then lost due to an attack by magical ninja, I don't think it's reasonable to say "hey, you should have factored that in".

That said, I don't think they were breached by magical ninja. I suspect it was more of a common-or-garden miscreant that could have been protected against.
 
Ki!ler-Mk1

Ki!ler-Mk1

Active Member
Ronin Storm said:
If someone breaks into your locked house, but the locks are made of string and the doors made of paper, and the same computer is stolen then you'd be outraged but I doubt anyone would have sympathy for you. It could be reasonably said to be your fault. Sure, the thief should never have been there, but acting like he doesn't exist or hoping that he won't find your house are not defensible stances in the real world.
Click to expand...

Locks and security only stop honest people (or people very poor at being dishonest).

If you put up a sign saying do not steal, and no other security, whose fault is it if the item behind the sign is stolen? The theif (feel free to disagree), for had they not taken it, it would still be there.

If you put up a sign saying danger minefield, and no other security, whose fault is it if someone (who saw the sign and can read) steps a mine? The victim (feel free to disagree). Well it cant be the victim, they read the sign.
_

Sure, sony should take resonable and responsible precautions, but ultimately, to stop an honest person, they would have made the data inaccessable by accident, but beyond that, to try to keep up with, in this case, hackers, really what is the point in trying. If you get hacked by someone who is not a accidental visitor, whos fault is it, theirs, all theirs.
 
BiG D

BiG D

Administrator
Staff member
You're missing a huge part of this... The stuff that was stolen didn't belong to sony. I guess based on your line of reasoning, it's the users fault for giving away their info to sony in the first place? (or perhaps for having an identity which could be stolen but not explicitly telling thieves not to take it?)

No one is saying that the thief isn't at fault. They stole stuff, after all. That doesn't mean that sony isn't at fault as well...
 
Ki!ler-Mk1

Ki!ler-Mk1

Active Member
The striked out part is not the way I think.

BiG D said:
You're missing a huge part of this... The stuff that was stolen didn't belong to sony. [strike] I guess based on your line of reasoning, it's the users fault for giving away their info to sony in the first place? (or perhaps for having an identity which could be stolen but not explicitly telling thieves not to take it?) [/strike]

No one is saying that the thief isn't at fault. They stole stuff, after all. That doesn't mean that sony isn't at fault as well...
Click to expand...

If it didnt belong to them then how can they be held accountable. On the other hand it was their responsibility not to loose it.
 
You must log in or register to reply here.
Top