Sony Admits Private PSN Info Has Been Stolen - All Of It

[Emergent]

Nevertheless, good show. I stand corrected.

I'll take it.

Where we probably see differently on this sort of thing is that if the issue of publicity is relevant (more coverage = more hackers attempting = more coverage = more hackers, etc etc... that's your argument in a nutshell, right?) I think that Sony taking George to court brought more negative (in the sense of exposing weakness) publicity down on their heads than Hotz himself ever possibly could without their "help".

 

[Awexsome]

Good ol' hackers. Fighting for your consumer rights against the evil corporation that takes away your rights...

Oh wait they have been douchebags the whole time in this case. Nevermind. Fuck you Geohotz for probably causing all this by releasing that code. If not then you certainly encouraged it.

lol... blaming geohotz

when will you wake up out of your fanboyism and try to hold sony accountable

lol... blaming Sony...

when will you wake up out of your blind hatred and try to hold his actions accountable?

 

[Vilcus]

Don't have a Ps3, but I do have a PsP-Go, so that means I have a PsN account. Luckily it has no credit card attached to it, and all of the information on it has been outdated for more than a year now. It's not even attached to my current e-mail address, so I'm good. Still, that's insane. I feel bad for anybody who has a current and up-to-date account with a credit card attached to it.

I'll probably go change my account's stuff after Sony brings PsN back online, maybe... might take me a while to remember.

 

[LadyRhian]

I feel sorry for anyone and everyone who lost information that was in the PSN Network. It makes me glad I only have my computer and not a console, and I tend to buy games in a brick and mortar store. However, that being said...

I think Sony does share the blame with the hackers. Most E-tailers don't lose everything to a given attack. The fact that Sony did makes me wonder what shitty internal security was to blame for that particular fuckup. Anyone who claims Sony isn't telling everyone the truth to get people on their side through fear hasn't read very many of the posts on this board: Sony is taking such a beating precisely because they did lose everything. I do forsee some class action lawsuits and Sony losing tons of market share. People feel like they got told to bend over and spread 'em because of Sony's incompetence.

I just... Ai, ai, ai... this is seriously screwed up. And now Sony is gonna have to bend over and spread 'em, too. Because Fans and Haters alike are going to blame them, and in some part, rightly so.

 

[MattAn24]

Aaaaaand this is why I own an Xbox, am ok with paying a monthly fee, and have not, and will not, ever buy a Sony system.
"We accidentally all your security information"
Oops?

Actually, you made me think of something brilliant. Not that I'm changing my view on anything, but an old internets friend (we're no longer on speaking terms due to insults and arguing about nothing, etc) lost it at Microsoft and bitched about his 6th-7th Xbox 360 RRoD-ing and ultimately decided to abandon 360 and switch to PS3.. This decision was made late 2010. I'm.. Kind of interested to know what his reaction is by making the switch.

I shouldn't be laughing about it though, Sony/stupid fucking hackers may have affected my PSN account, even though I only own a PSP and use that store rarely. But I still own a 360 primarily and even considered switching too (or purchasing a PS3).. I'm now deciding against that. Not because of Sony (seeing as I'd use the console the way it was designed, not fuck around with it), but the near majority of hackers and hacker supporters that the PS3 has.

Microsoft throws the banhammer at cheaters/hackers in their service.. The sooner Sony starts banning hackers, the better.

 

[Grey_Gore]

Apparently (and going by a Kotaku post that's been up for about an hour now), they didn't even know that personal info was missing until they brought, and I quote: 'an outside security firm' on the case (source). Sheesh Sony, not even knowing what goes on in your own servers?

Edit: Apologies to BX3 who posted the news story first I swear this thread's moving faster than I can read.

OT: Maybe they should consider a rename on their Qriosity thing, call it InseQrity or DebaQle or something.

 

[gyroscopeboy]

So glad i have an xbox right now...

 

[BX3]

http://kotaku.com/#!5796027/sony-didnt-know-severity-of-ps3-breach-until-monday

Not sure how many people will read/believe it, but I feel it should be posted.

See, while I can understand that, I would imagine that the first thing to think of when dealing with a security breach would be user info being compromised. So, more of a 50-50 thing going here.

Yeah, agreed, I guess. Plus, so far, the most reasonable hindsight statement I've seen here is that the first thing they should've done was just pull the plug. It's still hindsight; we can't really say it's 100% what we would've done; but if any security was breached, the best thing to do would been to dead it. Whatever.

Still, it's kinda getting on my nerves that people seem to think they were just sitting on their hands hoping it'd go away. With something this big, that was clearly not the case. But hey, furiously cursing and accusing is a hell of alot more fun and stress relieving.

And now, back to my seat and my popcorn.

 

[Emergent]

Good going, Sony.

Your system is about as stable and secure as... something instable and insecure.

How about as stable and secure as a PS3 users bank account?

/thread.




[and because we're not allowed to be pithy - see the forum rules - this addendum has been added]

 

[Brain_Cleanser]

...

Well, shit.

*watches bank account like a hawk*

Not only do I not have my cards synced to PSN but I also get texts about the status of my checking and savings account. Oh yeah, nothing to sweat here.

Either way, the whole part of this I'm pissed about is that Sony took a /week/ to tell us about it. I've been talking to a couple friends of mine about this, it's a PR nightmare for Sony if this gets out to the general public (has it?) and I already read some comment son the official blog that amounted to people wanting to trade in their PS3s for 360s.
I'm looking forward to seeing how Sony handles this. Oh yes.

 

[JordanMillward_1]

Good going, Sony.

Your system is about as stable and secure as... something instable and insecure.

And this is why I pay for Xbox Live, so shit like this doesn't happen.

 

[Zacharious-khan]

holy wow, i guess it just shows sony shouldn't tangle with the kind of people who install linux on their playstations.

 

[Sentox6]

All I meant is he started a trend. Nobody really got into the system before he did. I'm not saying that hotz hacking the console directly allowed for hacking of the network; rather, it set an example for future hackers. I understand the difference between the ps3 and the psn. As I said, hackers started "tapping wells elsewhere." In case you didn't realize, that was a metaphor for trying to hack other sony products and services.

You might want to pause your mind and READ. MORE. CAREFULLY. I never said, meant, or believed that hacking the console would allow for the hacking of the network. All I said is it set off a chain of events. No need to act like a prick.

Admittedly, that was my first interpretation of your post, but it just seemed... well, incredibly petulant to blame this on Geohot simply for somehow inspiring a chain of events. The fault lies firstly with the hackers who broke into PSN, and secondly with Sony for apparently not adequately securing their network. No one else.

Also, if i read the "speculations" article correctly, this may have been caused by abusing a custom firmware partially intended to restore functionality to hacked consoles. Consoles hacked via Hotz's method.

I also assume you didn't read the other article which gave a more technical theory as to why something like this might have happened. http://www.escapistmagazine.com/news/view/109545-Speculation-About-PSN-Outage-Turns-to-Custom-Firmware

I did read that article, which is clearly invalid in light of how events have turned out. The REBUG firmware enables some debug-unit level functionality. The REBUG creators themselves admitted that the flaws exposed would be easily patched without taking PSN down. This should in no way enable access to the PSN user database, unless you think any old game developer should be able to view anyone's private details. If it somehow did, then Sony is beyond incompetent. Far, far more likely is that this is simply a much bigger issue.

 

[Kadoodle]

Really. Who did then? And how come nobody heard about it? Did they actually allow for homebrew and hacking to the extent that hotz did? Enlighten me.

Nobody? You seem to think very highly of yourself. Several people, including myself have been hinting, suggesting, and outright telling you and others that your accounts of history are wrong, as well as your speculative correlations.

By the way, uh.......... what triggered most of the console hacking was Sony doing something extremely stupid, which was removing features from the system for absolutely no reason. If you actually paid attention when it was first going down, the hacker groups said "we didn't realize PS3 security was so bad because we never tried to get around it before". They said it was extremely easy and fast to hack, compared to other consoles.

Also, that other article you linked to is not relevant. It even says so.

I'm not a pretentious git. I sound like one, but I'm not.

Second, you are right about me being wrong about the hacking history.

Third, which hacker groups are you refereeing to, and which hacks?

Fourth, it is still worth noting that Hotz drew attention to the ps3 (and the network thereof). That has been my point from the start. Even if the ps3 had been hacked before, it wasn't publicized as much as the hotz issue. You were right, the hacking was there to start with. But I'd bet my buck that Hotz made things worse, and because of the lawsuit, the story got rubbed everywhere. I don't wan't to confuse causation with correlation, but I think there is a reason the PSN was compromised when it was. Perhaps you are right in saying that I can't assume that hotz is the only cause, but I will refine my argument no further than this: Hotz's actions play some role in this. I mean, do you seriously think this would have happened when and how it did if the the whole situation with Hotz had never happened?

 

[Balimaar]

Good ol' hackers. Fighting for your consumer rights against the evil corporation that takes away your rights...

Oh wait they have been douchebags the whole time in this case. Nevermind. Fuck you Geohotz for probably causing all this by releasing that code. If not then you certainly encouraged it.

You mind explaining how a hack to run homebrew code on your PS3 enabled the entire security of the PSN to be compromised? Sony's horrendous security is at fault here, not hackers playing homebrew code.

The PSN was obviously prepared for stuff like this to happen before hence no massive issues like this yet.

It wasn't prepared to deal with hackers potentially having the end all be all code that jailbreaks the PS3.

BUT Sony KNEW Geo released the code that jailbreaks the PS3. They should have known what that code could be used to do and swiftly beefed up the security on their most important piece of PS3 infrastructure.

 

[Kadoodle]

Nevertheless, good show. I stand corrected.

I'll take it.

Where we probably see differently on this sort of thing is that if the issue of publicity is relevant (more coverage = more hackers attempting = more coverage = more hackers, etc etc... that's your argument in a nutshell, right?) I think that Sony taking George to court brought more negative (in the sense of exposing weakness) publicity down on their heads than Hotz himself ever possibly could without their "help".

Thank you

So what you're saying is that the court case brought more problems than Hotz did before the case, right?

If that's what you mean, then I somewhat agree. I'd think it was a combination of the two events. (The hack+the case)

 

[Kadoodle]

All I meant is he started a trend. Nobody really got into the system before he did. I'm not saying that hotz hacking the console directly allowed for hacking of the network; rather, it set an example for future hackers. I understand the difference between the ps3 and the psn. As I said, hackers started "tapping wells elsewhere." In case you didn't realize, that was a metaphor for trying to hack other sony products and services.

You might want to pause your mind and READ. MORE. CAREFULLY. I never said, meant, or believed that hacking the console would allow for the hacking of the network. All I said is it set off a chain of events. No need to act like a prick.

Admittedly, that was my first interpretation of your post, but it just seemed... well, incredibly petulant to blame this on Geohot simply for somehow inspiring a chain of events. The fault lies firstly with the hackers who broke into PSN, and secondly with Sony for apparently not adequately securing their network. No one else.

Also, if i read the "speculations" article correctly, this may have been caused by abusing a custom firmware partially intended to restore functionality to hacked consoles. Consoles hacked via Hotz's method.

I also assume you didn't read the other article which gave a more technical theory as to why something like this might have happened. http://www.escapistmagazine.com/news/view/109545-Speculation-About-PSN-Outage-Turns-to-Custom-Firmware

I did read that article, which is clearly invalid in light of how events have turned out. The REBUG firmware enables some debug-unit level functionality. The REBUG creators themselves admitted that the flaws exposed would be easily patched without taking PSN down. This should in no way enable access to the PSN user database, unless you think any old game developer should be able to view anyone's private details. If it somehow did, then Sony is beyond incompetent. Far, far more likely is that this is simply a much bigger issue.

Fair enough.

 

[MrSnugglesworth]

In b4 it was Geohotz


OT:

No Seriously. It could be Geohotz

 

[Harry Mason]

It's a good thing I don't use card numbers or my real name or address on XBox Live, PSN, or anywhere on the internet in general. My conspiracy theories have all just been confirmed, and I can smugly sip my White Russian tonight, safe in the knowledge that my paranoia has payed off.

My only real concern is that all my other PS3 brothers and sisters might be in trouble. I hope this doesn't have the effect of making all the XBox fanboys and girls jump up and scream "AHA! PROOF THAT THE PS3 SUCKS!"

Gits.

Sadly, it's happening everywhere. My xbox playing buddies have been teasing me about it for days now.

One thing those people need to keep in mind is that Sony is a primarily a company that makes TVs and stereo systems. The reason XBox will never get hacked it that it's parent company is fucking MICROSOFT. Hell, the computers Sony used to make the PSN were probably made by Microsoft.

Yes, it seems that Sony needed better security, but blaming them for this is like blaming a person for having their house robbed because they didn't bar the doors tightly enough. There is no way Sony wanted this, and the fault will ALWAYS lie with the hackers.