Hacking/Cracking, Sony and you

[Imperioratorex Caprae]

So Sony got nailed by hackers recently, and thus PSN users got nailed too. For all the marbles it seems. Now the biggest issue I have seen so far is people instantly nailing Sony for not preparing for firmware hacker code to give them access to the network like this.
Can one prepare for every eventuality? I seriously doubt the man-hours exist in this world. There are no totally secure systems (even Government run systems). The only secure computer is the one NOT plugged into the network (any real hacker could tell you that).
I believe however Sony has done the right thing by pulling the plug until the hole is fixed but perhaps its too late as apparently all the infoz has leaked out.
IT sucks yes. But would you blame a bank or the bank robbers for a robbery? Just because there are holes in the system doesn't mean its OK to exploit them. The right thing to do would have been to call up Sony and let them know about the exploit right away, but avarice and greed are more prevalent than doing the right thing. Thus we have this situation.
Now, take this time and this advice, because this is how I've always done things on the internet: If you can't buy one-time use gift cards (ala MS Points, Game-Time Cards, Amazon Gift Cards) then don't buy from them. Don't EVER give out your credit card information online unless you want to take the chance that someone somewhere will get ahold of it and use it for nefarious purposes.

 

[Valagetti]

Yeah I'm not too pissed at SONY, unlike other people. I only care about my credit number, thats all. Though it is their responsibility to keep our info safe, because we pay them. Its all about the money.

 

[Wuffykins]

Yeah I'm not too pissed at SONY, unlike other people. I only care about my credit number, thats all. Though it is their responsibility to keep our info safe, because we pay them. Its all about the money.

If that's the case I wouldn't worry too much, as I'm pretty sure that one thing billing systems aren't allowed to log/keep in the system is the 3 number code on the back of your card, as usually that's just used as a one time validation (I'm assuming you're running under a suscription plan, where the first auth is there to validate a preauthorized payment arrangement). Without that number it's not possible to make a purchase of any kind as that's there to prove the card is physically in your possession at time of purchase.

That and a quick call to the card issuer to get a new card number is handy. It takes 5 minutes or so and doesn't affect your account more than that.

Personally I'm just curious on how a debug console is able to access a billing system in the first place (talking about Sony, not hackers), as for the most part Privacy Laws and other Personal Information acts are pretty nitpicky as to how that info should be stored, and who should be able to access it (not many should to be honest). I think that this is definitely going to be putting Sony under a lot of collective microscopes if that info has in fact been compromised, as for what I've been reading I'm seeing Sony saying it more out of a precautionary might and people are jumping to conclusions from there.

 

[aegix drakan_v1legacy]

I just think that if someone can take down PSN and get ALL the personal info if its users in one shot...There was a massive critical flaw in their programming.

If Steam, paypal, XBL and all the other services can get attacked and lose only SOME private data, then explain to me how Sony, a massive corporation, with their supposedly "hack proof" PS3, can get ALL the data stolen.

That and they should have let everyone know the SECOND they suspected that the data was compromised. Waiting a week makes them look like they either don't care, or are afraid of backlash, or are total idiots.

I'm not blaming them more than the hackers that did it. I just expected more of them. They have lost credibility and respect from me. And they had precious little to begin with.