Sony Admits Private PSN Info Has Been Stolen - All Of It

[Nexus4]

No one is hackproof, the fact that even Banks can be hacked by people with enough time and effort show this. Personally, (half-serious here) I would like to see someone hack Xbox Live or Steam just to get everyone to shut up. Yes, Sony should've had a more secure system; but nothing is foolproof, there are always holes in the fence if you know where to look.

 

[Emergent]

Insightful commentary.

To Longsight: Thank you.

To everyone else: Listen to this guy.

P.S. Long, if you ever start a blog or something, msg me so I can follow it. Seriously. You should do that.

 

[ThisIsSnake]

/snip

1. Hacking a console and hacking a network are two entirely different things. Hacking from the console is exactly the same as hacking from a PC.
2. Sony is unable to fix the rootkey hack, it would require them to recall every PS3 in existence and replace them with a new updated rootkey
3. Every network everywhere is a target for hackers, for example Amazon was hacked barely a week ago
4. The PSN has been up for around 5 years so far and this is the first time they've been successfully hacked
5. No network anywhere is safe and defending against competent hackers is next to impossible.

 

[vviki]

Well, I'll just watch my bank records closely for a few months, change my card, and change my PSN password when I get online. I'll change my Netflix and e-mail passwords, too. Just to be safe. Since they were the same as my PSN password.

The rest of the info is pretty much public domain, anyway.

I still fail to see how being hacked is Sony's fault. They got hacked. And it's not like we know the details of the security systems that were in place, either. It couldn't have been an easy hack, though.

Now...if they've been withholding information and knew this was stolen last week...that's a dick move and Sony's at fault for not informing us ASAP.

Well, it is the other end of the knife of that infamous EULA agreement. You agree to use their product on their terms, hand them all your personal information. They agree to PROTECT said information and NOT REDISTRIBUTE it (like say, sell your email to some company so they can send you spam etc.)

So... yeah, getting hacked - totally their fault. Not that shallow, other people are at fault too, guys responsible for the code, for the security the chain is long, but Sony is the overhead of all this so it's mainly their responsibility.

 

[SNIPERFOX ft. Harry P.Ness]

Good going, Sony.

Your system is about as stable and secure as... something instable and insecure.

Their system is as secure as a giant 20 foot golden cock & balls chopped up in to pieces held together with dried tape spit, string, and elephant splooge.

 

[Emergent]

/snip

1. No one was sitting at their custom firmware hacking the PSN. They might have used the firmware to acquire right IP addresses to attack, though. From there, it's back to good old linux on a pc.

2. Recalls are something consumers expect companies to do when the product they sold are incredibly flawed to the point it is a safety risk. See the auto industry for comparisons (and yes, in the auto industry, it is possible for a particularly bad recall to bankrupt you. Capitalism's a *****.)

3. Yep. And?

4. That's patently untrue. This is the first time they've shut down the network after an attack. Or at least the first time they've admitted to doing so.

5. But defending against incompetent hackers who don't even have to bother with decryption software because you didn't bother to encrypt anything in the first place is considered routine.

 

[Aesir23]

Wow, I'm so glad I've never used a credit card with my PSN.

 

[Anti Nudist Cupcake]

Sony are incompetents.

For not being 100% hack-proof?

Yeah.

For being unable to protect private information entrusted upon them.

I'd like to see you do better.

 

[ChristovR]

Even if Anonymous claims to not be behind this, how can we really be assured that they are not in some way responsible for this, especially considering how days before they had made a declaration of war on Sony. Do they keep track of all their members' activities? If not, how can they be sure a rogue member did not cross that line? Or an independent taking advantage of the chaos their attacks would be dealing to Sony.

Because they choose to remain faceless and nameless, they have absolutely no accountability.

 

[V TheSystem V]

I still think it's the retards at Anon
and to think a fortnight ago they were all "We're on your side, really"

I know Anon said it wasn't them but who buys that?

I do!

And just so the post isn't too short... aren't kittens really nice.

I don't think it was Anonymous, but whoever managed it definitely has over 9000 people's personal details.

But all jokes aside, I'm not a PS3 user, but I really hope you all get your info back and nothing's taken from you

 

[Denariax]

Even if Anonymous claims to not be behind this, how can we really be assured that they are not in some way responsible for this, especially considering how days before they had made a declaration of war on Sony. Do they keep track of all their members' activities? If not, how can they be sure a rogue member did not cross that line? Or an independent taking advantage of the chaos their attacks would be dealing to Sony.

Because they choose to remain faceless and nameless, they have absolutely no accountability.

Except for the mere fact that Anon would not only accept it, they would laugh in the face of Sony. That's how they work. And if it WAS a rogue member, they would have been found and dealt with by the group they supposedly worked by quite fast.

From what I recall, all Anon did in the past was merely slow the system down by DDoS attacks; Something as basic as a bot generator. If DDoSing could hack the server and steal everyone's credit card in the world, which is what Sony is implying; Hell, if ANYONE could do that, then shit, I'd gladly hand it to them because they are probably a mythical creature.

The thing is Sony are money-hogging bastards; Microsoft is no different. I'm pretty sure they're just bullshitting everyone so they can get away with it. This happened in the past, I.E with numerous false accusations on some of the GeoHotz issues, as well as implementing a viewscreen through a Playstation Eye that they can watch from, and brick your console whenever they please forcing you to either hack it or buy another one.

The media is usually wrong. In this case it needs to stay the hell out.

 

[Longsight]

/snip

1. Hacking a console and hacking a network are two entirely different things. Hacking from the console is exactly the same as hacking from a PC.
2. Sony is unable to fix the rootkey hack, it would require them to recall every PS3 in existence and replace them with a new updated rootkey
3. Every network everywhere is a target for hackers, for example Amazon was hacked barely a week ago
4. The PSN has been up for around 5 years so far and this is the first time they've been successfully hacked
5. No network anywhere is safe and defending against competent hackers is next to impossible.

No network is totally safe, but there are plenty of fairly trivial things you can do to make it much harder to get in, and limit the damage that can be done once inside. Sony did none of them, despite fairly obvious warnings months ago that their entire cryptography model was broken to the point of uselessness.

And I agree, hacking the console and hacking the network are completely different. That's my point. The people who exposed the flaws in Sony's security model are not the people responsible for the lost data - only Sony (and whoever attacked them) are responsible for that.

You bring up Amazon as an example - while info on what happened to EC2 is still shaky, if it did go down as the result of a malicious attack, the only result was a temporary loss of service. I'm not aware of any reports of 75m Amazon user accounts suddenly appearing on the black market, because what happened to Amazon is exactly the sort of thing that happens to all sorts of companies on a near daily basis - it's relatively easy to knock systems out for a bit with a concerted effort, but genuinely near impossible to steal entire databases from global entities without anyone noticing for a week. What happened to Sony is almost unique, because it required a complete and utter breakdown in both network and data security to allow the attackers anywhere near the data that was compromised.

 

[Longsight]

Sony are incompetents.

For not being 100% hack-proof?

Yeah.

For being unable to protect private information entrusted upon them.

I'd like to see you do better.

I hash my password tables, therefore I do better.

I wish I was kidding, but I'm not. This is Building a User Database 101 we're talking here.

 

[lapan]

I'll certainly pay close attention to my credit card the next few weeks.

 

[UmbrellaAssassin]

Holy monkey testicles this is getting interesting.
Ehh I don't much care about this. Just change a couple of your passwords and cancele any payments they made on your credit card (in the small chance that it does happen).

 

[Denariax]

Even if they did have my card, I don't have nearly enough money to keep them interested.

72 cents awwww yeeeah.

 

[xWestie]

They decided not to mention this for a week?
If credit card info has indeed been compromised then a weeks long enough for the hacker to do pretty much anything he wants before anyone even has chance to change details ><

What a joke Sony..

 

[pepitko]

That is seriously bad, I would block my credit card right away, if I was a PSN user. Also I'm going to delete my credit card info from XBLA, just in case.

 

[Legendairy314]

Sony are incompetents.

For not being 100% hack-proof?

Yeah.

For being unable to protect private information entrusted upon them.

I'd like to see you do better.

I hash my password tables, therefore I do better.

I wish I was kidding, but I'm not. This is Building a User Database 101 we're talking here.

Considering those kinds of circumstances what do you think this will do too Sony in the long run? Obviously they wont shut down but will the public even want to play online after this?

 

[Jezzascmezza]

You know, just by chance, I happened to be reading this article while listening to the very emotional theme from the film "Schindler's List."
The two fit together quite nicely, actually.

In all seriousness though, this news does sound pretty grim.
I hope no one gets too affected by it all...