PSN Phasing Back Into Existence With Enhanced Security

[Milo Malo]

from Sony's press release:



Working closely with several outside security firms,

They can work as close as the want with the "best" security firm like the one that was gonna take down the hackers in the wikileaks issue but i dont think that is gonna help, the answer is to treat better the costumers, dont go making claims and sues to the paying costumers.

Work with the new tallent A.K.A. the hackers A.K.A. George hots, if there is people out there that can do a Ddos attack to PayPal, MasterCard, and Swiss bank PostFinance im sure they can take out a videogame company infrastructure

 

[Smooth Operator]

So they finally did what should always have been in place... great job Sony, you rock!

 

[Trogdor1138]

Sounds like everything should be going uphill from here then. I'm glad.

At least this whole thing has been a wake up call to companies who lack security they should've had implemented in the first place.

EDIT: Also when my copy of Mortal Kombat arrives it will be good to know that I'll be able to jump online soon.

 

[swytchblayd]

I'm still iffy about whether to return or not, but I probably will. Just going to avoid buying anything with my card from now on and just get pre-paid for anything that's worth the trip to the store :s

As for the damage done, I'd say that Sony should have done this "enhanced security" BEFORE they went and got hacked. I don't expect a few bonuses tossed in to win everyone with half a brain back; a better way would be to get on their hands and knees and start begging for people not to leave them behind >.> Far as I'm concerned, it was THEIR fuck-up for not doing things right, and that's that, no matter who's fault it was.

Doesn't mean that I no longer want to see the cocksucker who now knows where I live (probably some guy in Peruvia or some obscure place like that) brought down. I most certainly do, but Sony can't just say "we're sorry, here's a cookie" and that just makes everything better by itself >.<

 

[wulfy42]

Yeah, I'm sorry but not good enough by a long shot.

I called up the other day to cancel my cards that I could have used (since you could not actually log in and see what card you used, I had to cancel them all). That sadly included my debit card from my bank as well because I might have used that.

I wasn't that upset about the whole thing as I figured I'd get a new card in a few days and just use my wife's card till then.


Nope, they canceled ALL of our cards. I went out yesterday to go shopping for the weekend. I didn't even think about my wife's card not working because I didn't cancel it....so I went shopping and no dice on her card. I still didn't think it was a big deal, I'd just run over to the bank and get the temporary card they were talking about...no biggie right?

Nope, it was friday. I have had direct deposit for my checks for so long I forgot what fridays were like at a bank. I waited in line about 20 minutes and finally just gave up (wasn't even a 3rd of the way through the line). We ended up having reheated soup (Still good, but not exactly what I wanted for dinner last night!).

Today I went back to the bank and waited about 25 minutes all together to be seen. Got my temporary card (which only lets you spend 100$ a day) and some actual cash out of my bank. I also transfered all my excess cash into a secure savings account to be extra careful. I was finally able to go shopping and at least I have enough cash now to last till I get my regular card back at this point.

The entire experience has sucked though. Add to that the bank constantly trying to get me to sign up for "identity theft protection" for only 1$ (for the first 30 days and then $15.99 every month after that", the extreme annoyance of dealing with their dumb automated systems in the first place and well......I'm not giving Sony any of my credit card information ever again. I guess it was partially my fault for not keeping track of what card I used with them, but honestly I never thought such a large company would be compromised. I used to have a seperate credit card I only used for online purchases etc....but after so many years I ditched it. Perhaps I'll go back to doing that again just to be extra safe in the future.

No matter what a "free" month of PSN + (what does that ever really give you anyway...never even looked into it) is certainly not going to make up for all the frustration I've had over this.

 

[wulfy42]

Sorry for the double post but as an aside, I never got any emails or information from Sony itself about the identity theft. Many people (even bank employees) have no idea about the theft. I havn't bought anything off PSN for years so if I hadn't visited the Escapist (which luckily I do every day) I would have been totally in the dark. I don't think that is acceptable at all....sony should have emailed everyone who had potential security issues and included the information that may have been compromised (would have been nice if they included the last 4 numbers of the credit card used as well to prevent us from having to cancel them ALL).

Oh well....color me frustrated and not amused.

 

[Kakashi on crack]

As I commented before, and shall mention again, this is a huge marketing strategy, and even if it is an act of kindness, they thought out the benefits of this little arangement.

As I mentioned in the smaller topic:

Sony gives free PSN+ to everyone for a month, exposing them to the benefits

People begin to like it more

free PSN+ ends

If even 10% of said people decide to subscribe to get PSN+, then sony just made a profit.

Sony uses profits to pay for current lawsuit against them.

People should realize this, at least a portion of people...

 

[Scars Unseen]

Enhanced levels of data protection and encryption

So... what? Are we storing the plain text user data as anagrams? That would be a bit of an improvement.

Everything i have read says that the information was encrypted. Don't know why it wouldn't be. There is no proof to verify that it wasn't encrypted either.

Sure, there's no proof, unless you want to count Sony's own words.

From http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/

The personal data table, which is a separate data set, was not encrypted

 

[Mxrz]

Good old faux internet outrage.

I'll be happy with online play back, they can take as long as they want with the rest.

 

[Andronicus]

I'm a forgiving sort of guy. I'll let them off this one time. Fool me once, fool me twice, sort of thing. If this happens again, then bon voyage Sony. I doubt you'd survive another hit like this, if you manage to recover from it.

Besides, with so much scrutiny on Sony following this debacle, I'd be surprised if it wasn't one of the most secure networks in the industry once it comes back online anyway.

Prepare for a LOT of security updates in the future, peoples.

 

[Awexsome]

Alright now that's that's solved lets delve into how it happened. I'd love to see a mass crusade against the hackers and their affiliates that aided them.

This is a good chance to get the FBI behind possibly taking down websites and arresting actual people behind the attacks to get some consequences finally brought down on the hacking community. There are some good ones out there but now's a good time to find anywhere that could've been endorsing or involved and get rid of them.

 

[Pearwood]

I don't see why so many people think it was sonys fault. If you make an unbreakable shield someone will make a sword that can break it. It will go on forever. They probably already had security and all that but someone got through it and that made them beef it up. And anyone with half a brain would know that the company involved isn't nearly as in the wrong as the people who stole the information int he first place.

Sadly it seems most gamers don't have half a brain especially when they're complaining but yeah you're absolutely right. Well we get free stuff and for all we know our personal data is fine, yay.

 

[NicoDK]

if there is people out there that can do a Ddos attack to PayPal, MasterCard, and Swiss bank PostFinance im sure they can take out a videogame company infrastructure

It's not exacly hard to find the low orbit ion cannon program and type in a URL/IP adress to DDoS.

but on topic, glad to hear psn is comming back on soon.

 

[Scars Unseen]

Enhanced levels of data protection and encryption

So... what? Are we storing the plain text user data as anagrams? That would be a bit of an improvement.

Everything i have read says that the information was encrypted. Don't know why it wouldn't be. There is no proof to verify that it wasn't encrypted either.

Sure, there's no proof, unless you want to count Sony's own words.

From http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/

The personal data table, which is a separate data set, was not encrypted

I am a big enough man to admit i was wrong. I just got so used to reading people say No data was encrypted so often i skipped over the word User. I'm sorry.

And i had already read that and was about to quote it saying "look says it is encrypted for the stuff that matters" but i are slow right now i guess lol.

It's cool. I make mistakes too. That's a recent development though. I was never wrong in my life until I got married.

 

[Low Key]

I like how they say "enhanced" this and that but doesn't detail what enhancements were made. Do they think we're all computer newbies or something?

Freebies are good though. That should compensate people for the down time. I wonder how they'll reimburse customers for the breach of their personal data, which is by far a much greater concern than not being able to play video games online.

They can work as close as the want with the "best" security firm like the one that was gonna take down the hackers in the wikileaks issue but i dont think that is gonna help, the answer is to treat better the costumers, dont go making claims and sues to the paying costumers.

Work with the new tallent A.K.A. the hackers A.K.A. George hots, if there is people out there that can do a Ddos attack to PayPal, MasterCard, and Swiss bank PostFinance im sure they can take out a videogame company infrastructure

The Wikileaks thing wasn't hacking. Anon pretended to be the owner and got the server password from some employee.

DDoSing is about the easiest thing a potential hacker can do. It literally takes no skill at all and no data gets compromised. Now, if they got into any of their systems, then I would be impressed. Think about it. With all of the info these credit card companies have, they get attacked daily.

 

[Easton Dark]

I like how they say "enhanced" this and that but doesn't detail what enhancements were made. Do they think we're all computer newbies or something?

Why would you detail changes to a security system that was broken into already?