GeoHot Sounds Off on Sony's PSN Debacle

[Drakos.Amatras]

I'm actually wondering here, did they use hacked PS3's to steal the info (might have missed that post.)? If not, I'm not sure why Geohot's input is relevant.

Well think of it this way.

The PSN has had no major problems for years. This code comes out for modding and hacking the PS3 and this happens.

The guy is at least partially responsible if not the entire reason why this could've happened through Sony's security.

See my previous post for your quotation for your horrible logic and reasoning.

O.k... so we've had no natural disasters for a while, this guy gets elected, same day, bang hurricane.

Honestly, logic like that can be dangerous, get it checked.

Only to see your analogy or whatever is half-assed and doesn't make sense at all. Try better next time, I will be watching.

...How? [http://en.wikipedia.org/wiki/Argumentum_ad_lapidem] The reasoning is sound and fair, as he explains here:

GeoHotz didn't go anywhere near the PSN, if rumor is to be believed, he never connected online and signed the updated EULA. He didn't touch the PSN. The two things are unrelated coincidences. Perhaps it was karma for the way Sony treated the community, but Hotz jailbreaking the thing had nothing to do with the PSN getting hacked.

---

I was largely unaware of the situation until recently. I heard the PS3 was successfully hacked after some period, I heard a hacker was nabbed by Sony, and that's about it. But blaming a hacker for a large-scale identity theft he didn't take part in doesn't sound fair. And didn't he hack the console, and got nabbed for that afterwards? I don't suppose a person in that situation would even think of continuing on to PSN, whether he wants to or not.

Also, has any reliable source confirmed if the source code he released could be used to hack the PSN at all? I'd imagine it's pretty vital to know when it's related to an event this big. At least that might give a (relatively) clearer picture of the situation, as opposed to jumping the finger-pointing bandwagon [http://fallacyfiles.org/bandwagn.html]. (Personally, though, I'm only mad at the thieves who actually went through with the theft.)

 

[Gutkrusha]

I'm hoping he gets hit by a bus.

What? This guy has absolutely no reason to speak on this, and is only doing so because he knows Sony cant do anything about it. I seriously hope he gets hit by a bus and the 360 gets broken into too, just so that we can see the fallout from 360 users.

Many 360s themselves have been hacked and broken into, but Microsoft protects xbox live a lot harder and better than Sony does with PSN. When someone actually pays for something, (Xbox live) They're entitled to refunds and the like. Microsoft doesn't like losing money, so they spend a lot of time keeping XBL fairly secure.

 

[WonderWillard]

Mostly off topic, but that guy looks like the crazy guy from an episode of Chuck... His name is lazlo? I think. He pretends to be a brilliant but innocent guy like chuck, but turns out to be a pyscho that almost blows up a boardwalk in LA? Anyone know what I'm talking about?

 

[bpm195]

Like it or not, GeoHot has proven himself to be as much an expert on the PS3 as anybody else, and if his assertions are correct Sony committed a major party foul. One of the things about information security is that everything is a potential threat and you have to protect yourself. If Sony decided not to treat clients as a potential threat then they didn't do enough to mitigate their damages. This isn't to say that they deserved it, but they were negligent in their approach to security.

Think of it like this, if you give a person all of your personal information there's an unpreventable chance of them being robbed, however you'd expect them to at least keep the door locked and not let strangers walk around unsupervised.

 

[Lt. Vinciti]

The fact he crawled out of the woodwork to say "Not It" says something about him.....guilty I bet...

 

[zaphod121]

If you flip you PS3 upside down and read the bottom it states that no one is allowed to mess with the software on the system unless they have permission. That fag needs to go and learn how to read. And I DON'T GIVE NO FUCK ABOUT MY GRAMMAR OR SPELLING SO FUCK OFF!!!!!!

and the law says that you have every right to mess with the software inside, publishing that info on the other hand is a bit more murky, but clearly by the tone of your post your a reasonable person who understands that right? I always love to see 1)People just resort to name calling because they have no argument 2)Place blame on "celebs" who are related to the situation but have no actual involvement in whats happening now. OH btw caps lock is cruise control for cool, use em' more, people will take you more seriously.

When the PS3 first came out they advertised that you could put different OS's on it. It even talked about it in the instructions. Multiple government agencies bought PS3's over the years just so they could change the OS to run their specific programs. This all changed with the Jailbreak update.

 

[GonzoGamer]

Also, this geohotz guy is a little *****. Yes, Sony totally intentionally gave away all of your person information. Who does he think he is?

***** or not, I think he hit the nail right on the head.
Sony has been notoriously lazy in supporting the ps3 in every way and it finally caught up to them. They didn't directly send people our info but they apparently did little to protect it too.
Of course we will probably never know how little.
His point is that the bonus money paid off to the higher up execs and board members should've been spent on security.

This is reminded me of that statement in I think the 5th Harry Potter book.

"He's (snape) a git" One of the Weasleys I think Ron
"That's not fair, he's on our side this time!"Hermione
"That doesn't mean he's not a git." Ron or whoever.

Sounds like Geohotz is right about Sony being arrogant, lazy and stupid. It doesn't make him any less of a ***** however.

I actually read that yesterday (I'm re-reading the series before the last movie... y'know to be more angry about all the stuff they'll cut out of it) and yes, that's a good assessment.
He is a git but he is at least on the side of the consumer.
The problem is that we don't have a Dumbledore in this situation... although he was pretty useless in that book.

 

[MadCapMunchkin]

Their password was "1, 2, 3, 4, 5".

Which, funnily enough, is the same password for my luggage.

Ha! I see what you did there!

OT: Please go away, GeoHot. Your fifteen minutes ended a few weeks ago...

 

[Kenjitsuka]

""[Lord] knows we'll never get that from Sony, noobs probably had the password set to '4' or something.""

Well people are ripping on GeoHot, but he does have a point.
I do believe they have way too much confidence in their iron grip on the client.
And indeed, the first rule of websecurity IS never to trust the client.

Because, you know, that's just stupid...

 

[similar.squirrel]

I think Extra Credits voiced the opinion that one should not mess with the kind of people who install Linux on their consoles. Sony dropped the ball on this; you do not act like your stereotypical EvilCorp during a time when perceived threats to individual freedom are being hacked left and right. It's either stupid, arrogant or both. They had it coming; the employees who will bear the brunt of this, however, did not. This will not affect the CEOs as far as money is concerned, but a lot of people will probably get laid off =/.

 

[Dexiro]

It's like the gun store owner who sold the gun to a serial killer with no background check is laughing at the police for not stopping a crime with that gun.

Hotz hacked the PS3 not PSN.

PSN was hacked through a mod that put retail PS3's into Dev mode, which probably wouldn't have been possible without Hotz's hack.

 

[Xanar]

While I don't particularly care for Geohot, I agree with everything he said. Sony could have prevented this.

 

[Casual Shinji]

So now this guy knows exactly what happend eventhough nothing has been confirmed yet? I'm sorry, but I don't trust the words coming from the mouth of this squinting dickhead any more than I do from big bad Sony.

Did I mention the guy's a squinting dickhead, because I didn't want to forget that part...The squinting dickhead part, I mean.

 

[Echo136]

Does anyone actually care what this guy says? He's not exactly a paragon of the videogaming community.

 

[Shirokurou]

There are no impenetrable fortresses or data havens, so I think it was like fated.

Let's hope that the next rebuild of PSN will be better.

 

[Razhem]

and the law says that you have every right to mess with the software inside, publishing that info on the other hand is a bit more murky, but clearly by the tone of your post your a reasonable person who understands that right? I always love to see 1)People just resort to name calling because they have no argument 2)Place blame on "celebs" who are related to the situation but have no actual involvement in whats happening now. OH btw caps lock is cruise control for cool, use em' more, people will take you more seriously.

Actually, the law says you can fuck with the hardware all you want, it's the software what is licensed (as in was never your property). This is mostly to keep tabs on reverse engineering since if you are allowed to "own the software" then nothing stops you from replicating it for "back up" purposes and you can see where this is going.

It's another thing that it is almost impossible to enforce outside of banning people from online play and the reason why it was unheard of before the internet age. Hell, had Geohot not been putting his name everywhere when he leaked his findings to the net, chances are Sony might not have even been able to sue simply out of lack of info.

 

[BrotherRool]

I'm a bit old-fashioned about this, but I like to place most of the blame on the people who hacked into the system and stole a ton of people's data. 's just me though

 

[RoyalWelsh]

Oh god that face, that smug, arrogant little face! Ugh.

OT: While he ain't directly responsible for all this, he did kinda start it all. But still, having said that, maybe Sony could've prevented this better.

 

[mjc0961]

I have to agree with him completely about this being, at least in part, from Sony being arrogant. Anyone remember back in March-April 2010? I do. For those of you who forgot:

http://www.escapistmagazine.com/news/view/99499-Sony-Removes-Other-OS-Option-for-PS3

Sony is billing this update as a way to increase security. "In addition, disabling the 'Other OS' feature will help ensure that PS3 owners will continue to have access to the broad range of gaming and entertainment content from SCE and its content partners on a more secure system," SCEA corporate communications director Patrick Seybold said.

So, let's see what's happened as a benefit of this increased security. The PS3 itself got cracked open like a peanut. Made it really easy for cheaters to ruin online games. And now we have this incident of course, where PSN has been down for a little over a week, some dickheads have our addresses and passwords and maybe even our CC info if we left it with Sony (and no I don't trust them when they say "Oh wait, they didn't get it, it's encrypted." Encryptions can be broken and why didn't they just say they were encrypted in the first place if it was true?). Now I don't know about you guys, but I don't feel like I've continued to have access to "the broad range of gaming and entertainment content from SCE and its content partners on a more secure system" since Install Other OS has been removed.

I think Sony just thought they were untouchable because the PS3 remained secure for so long, but what those ninnies didn't consider is that they remained secure BECAUSE of Install Other OS. Nobody made any cracks for homebrew because they didn't need to, and thus there were no cracks for shittier people to use for nasty things like piracy and cheating. And as expected, take that playground away, and people go back to the standard "crack the system" approach to getting homebrew on a platform. And as expected, shittier people use those cracks for nastier things the original cracker didn't intend. I hope Sony learned how very wrong they were and that next they need to not skimp on security and to not take away fun toys because they're sick of maintaining them.

Oh, and I'm sure there are people who are going to say "GeoHot is a stupid hacker, why should we listen to him?" All I can say is, I think I'll believe the word of a guy who's actually proven himself to be an extremely competent hacker when it comes to a discussion on hacking than a few pissed of people who know nothing about hacking and are calling all hackers "idiots."

EDIT: Almost forgot. See that part where he said EA instead of Activision? Lends a bit more credibility to his claim that he didn't play games on his Playstations. What serious gamer would confuse EA and Activision?

Sony doesn't need to accept anything. It's their console, their rules. If they put in the TOS that they still technically own it and you sign it then it's theirs, unfortunately.

This just in: terms of use and end user license agreements are not legally binding contracts. They can't write in something illegal and have it become legal; illegal things are still illegal. So no, Sony doesn't own the PS3 console after they sell it to you regardless of what their ToUs and EULAs say.