Sony Became Hacker Target for Protecting its IPs, Says CEO

[McMullen]

"Cyber terrorism is now a global force," Stringer said."If hackers can hack Citibank, the FBI and the CIA ... then it's a negative situation that governments may have to resolve."

Terrorism? Who got killed in this "attack"?

More like Cyber vandalism, or Cyber shenanigans. Yes, that is the proper term for this: Cyber shenanigans.

Terrorism, as its name should suggest, is not about killing or injuring people. It's about making the public lose faith in those whose job it is to protect them, by attacking them publicly and spectacularly in ways that completely destroy their sense of safety. This is done in order to get the public to pressure their government or in this case corporations to stop doing whatever it is that pisses the attackers off. Sometimes it works, sometimes it doesn't.

Killing or injuring people, long known to be an effective method of hurting them, is thus a common method in terrorism, but it is not the focus. Posting personal info is a good way to inflict fear on the public as well, and therefore doing so with the goal of influencing corporate policy is cyberterrorism.

It doesn't matter what the name suggests, Terrorism MEANS violence in a calculated way for political/social intimidation.

This all started with just the PS3 getting hacked because Linux install was removed. There was absolutely no intimidation or coercion at all, Geohotz simply said "I paid for my PS3, I'll hack my own damn property if I want to and I'll show how others to do it too to get Linux back".

Remember the PS3 was unhacked for YEARS after introduction, because anyone with any interest in PS3's hardware just installed linux to satisfy their hacking curiosity of fiddlign with the hardware. Remove that and they took what by English Common Law was rightfully theirs: dominion over their own property. Sure they could merely not have installed the update, but then they couldn't play any new games.

Sony's problem was they depended on every single PS3 in the world remaining 100% locked down for good network security. Which is ridiculous. They fail to recognise that the PS3 was hacked only after Linux was removed that then opened up the possibility of piracy.

First off, you just sitting here calling these little shits who stole personal data and put everyone who is a member of PSN at greater risk for identity theft and who cause the network to go down for nearly a month which cost multiple companies who knows how much money "pranksters" is the real trivializing of events here. And quite frankly, I find it to be condescending and offensive. The lives of millions of customers and the jobs of millions of people who worked at these companies are not play things for "pranksters" to "fuck around" with.

Second, terrorism is just using fear to try and get people to do what you want. And it worked to some degree. [http://www.escapistmagazine.com/news/view/111282-Hacktivists-Force-Pause-in-Australian-Net-Censorship] At least one company is now afraid to do the business it wanted to do because of the thread of getting hacked. Not only is it terrorism, it is successful terrorism.

Yep. I'm calling these little shits 'pranksters'.

Maybe you hold pranksters in higher regard than I do. It's mainly targeted at Lulzsec who are blatantly in the pranking game, they're just doing this for fun and to get people riled up. We still have no idea who broke into PSN in this initial big intrusion that meant Sony felt the need to shut down the network for a month, but they seem like old fashioned opportunistic credit-card thieves.

But that doesn't mean anyone involved is a terrorist!

Hacker-activists or "Hacktivist" is a far better description of Anonymous, like those Greenpeace guys who trespass on to oil rigs and shame companies with an embarrassing sign. Technically they are criminals using conspiracy and deception to trespass onto private property and disrupt business operations but they aren't terrorist!

They COULD be terrorists, The Weathermen movement in the 1970's was close to that fortunately for the public the stoners were too incompetent to build a bomb without killing themselves but until they actually take that step towards violence then they are not terrorists.

Are you merely arguing that the term cyberterrorism itself is BS? Meh. Debatable. Some of LulzSec's and certainly Anonymous' acts fit the definition of terrorism in every way but causing actual violence, so yes, they do not fit the traditional definition of the term.

Personally, I think that the turbulent state of the internet at the moment, and the laughably inadequate ways in which antiquated legal and business models are being applied to it by people who do not understand the changes at work here, tell us that we are in the middle of one of those paradigm shifts that forces the meaning of words and concepts, among many other things, to change by the end of it.

Because of that, and the fact that a lot of people are feeling substantially more paranoid now than they were two months ago, with drastically reduced confidence in the safety of their data, and pointing angry fingers at the people guarding it, with politicians in many countries jumping on the bandwagon, I feel that what happened these last couple months is indistinguishable from true terrorism minus the actual physical violence associated with such, and that is only because physical violence over an internet connection is impractical.

So, I think that the term is completely appropriate for what is going on.

I apologize for the writing style. I've been doing little else besides reading Quicksilver for the last 36 hours, and I've had to bend my mind around 18th century-ish speech in order to understand it. I haven't entirely come back yet.

 

[Jinx_Dragon]

The sad part is that this years hacking marathon has given, more or less, all the fuel needed to the people who advocate for strongly policing the Internet.

Which will lead to more attacks, from more exotic locations, it's not that hard to set up several VPNs in other countries and bounce between them freely. Majority of hacking attacks comes form China, Russia and Brasil anyway, not much US nor EU can do about it.

And as for Sony, sorry, till you learn how to keep user data secure you don't get my sympathy. Even tho you can't avoid being hacked you can at least do a lot to mitigate the effects. Majority of data theft is result of companies not willing to provide bare minimum. Plaintext passwords, databases accessible through web connections, simple md5 hashing, lack of security training for employees that later click on Free_Celebrity_Sex_Party.exe attachments ... Fix that first, then look for "baddies".

Seconded...

Many are not even focusing on the fact there was no additional protection for this information past the first barrier. This was done because it was less expensive to Sony! It really came down to the fact they did not consider your private information to be worth protecting and had slapped the first barrier in place only so it wouldn't be so obvious to a casual glance at their security.

Plane text passwords indeed.... Nothing else can scream 'fuck protecting your sensitive information' louder then leaving passwords in such an easy-to-read format.

As much as I hate to do it, I will side with lulz (assuming they did it) if forced to. Sony wasn't the best of targets due to the fact it disrupted the life of innocent gamers, which are our people, but at the very least it has exposed how flimsy their security was and how little they cared to protect your details.

 

[Treblaine]

Are you merely arguing that the term cyberterrorism itself is BS? Meh. Debatable. Some of LulzSec's and certainly Anonymous' acts fit the definition of terrorism in every way but causing actual violence, so yes, they do not fit the traditional definition of the term.

Personally, I think that the turbulent state of the internet at the moment, and the laughably inadequate ways in which antiquated legal and business models are being applied to it by people who do not understand the changes at work here, tell us that we are in the middle of one of those paradigm shifts that forces the meaning of words and concepts, among many other things, to change by the end of it.

Because of that, and the fact that a lot of people are feeling substantially more paranoid now than they were two months ago, with drastically reduced confidence in the safety of their data, and pointing angry fingers at the people guarding it, with politicians in many countries jumping on the bandwagon, I feel that what happened these last couple months is indistinguishable from true terrorism minus the actual physical violence associated with such, and that is only because physical violence over an internet connection is impractical.

So, I think that the term is completely appropriate for what is going on.

I apologize for the writing style. I've been doing little else besides reading Quicksilver for the last 36 hours, and I've had to bend my mind around 18th century-ish speech in order to understand it. I haven't entirely come back yet.

No. I'm arguing that violence or the threat thereof is an absolute prerequisite of terrorism.

What violence has there been in this case? None. You do know what 'violence' means? Right? It means "Behavior involving physical force intended to hurt, damage, or kill someone or something". Identity theft is not included in that definition. There is no intention or insinuation of physical force.

Cyber-terrorism can be real when it is used to facilitate an actual attack, or deliver a threat, or obtain information for a physical attack.

If Lulzsec posted a picture on the hacked websites saying "hey political opponents, we got your data, we know where you live and we're coming to kill you" THAT would be terrorism of the cyber variety. Terrorist groups have done that and rightly been labelled cyber-terrorism.

But Lulzsec didn't do that, instead they said "HA HA! Ur security sucks, I'm going to post all this info everywhere just to get everyone riled up"

 

[insanelich]

So you're saying the people who opened the gates aren't as bad as the people who swarmed through and looted the place?

No. What would give you that idea?

 

[DoctorPhil]

Yes, you were trying to protect your assets, video games, and in doing so created a side-effect, namely prohibiting customers from doing with their console what they want (wich is not related to piracy), wich is straight up Digital Restrictions Management. And that is why you got hacked.

 

[Dastardly]

Sony Became Hacker Target for Protecting its IPs, Says CEO

Permalink

Sony made a mistake with OtherOS, no mistake. They should have seen ahead to the fact that this would be abused for purposes of piracy, and either decided to be "in or out" before they marketed the device with that feature.

That said, it was hardly the defining feature. I'd go so far as to say the number of people who bought the PS3 solely or even largely because of this feature, or the number of people who would not have bought the PS3 if it didn't have this feature, is minuscule.

That's not to say they don't have a point. It's just to say that all of this trouble, which stretches to a lot of PS3 users, is simply because a vocal minority felt wronged and decided to exert control far disproportionate to their actual voice on the matter. Which hits on one of the major problems I have with "hacktivism."

In real life, you've got to have a lot of support for an idea to mount enough of a protest to make any waves. In this way, to a degree, we can judge a movement's following by the size of those waves. Not so with these digital protests. In effect, a handful of people can impose their feelings of what is "fair" or "unfair" on thousands of people. Also unlike real life, there is no way people can counter this by calling the authorities and having the vandals removed or brought to justice.

Sony is partially right when it says they were attacked for protecting their IPs. Pirates, and the hackers that support them, are really the most public face of this vocal minority. They're also the ones that lead the charge on the "no DRM whatsoever" front. It amounts to "Let us take your stuff, or we're going to steal it anyway." How would you want a situation like that resolved, if it was your stuff?

 

[McMullen]

Are you merely arguing that the term cyberterrorism itself is BS? Meh. Debatable. Some of LulzSec's and certainly Anonymous' acts fit the definition of terrorism in every way but causing actual violence, so yes, they do not fit the traditional definition of the term.

Personally, I think that the turbulent state of the internet at the moment, and the laughably inadequate ways in which antiquated legal and business models are being applied to it by people who do not understand the changes at work here, tell us that we are in the middle of one of those paradigm shifts that forces the meaning of words and concepts, among many other things, to change by the end of it.

Because of that, and the fact that a lot of people are feeling substantially more paranoid now than they were two months ago, with drastically reduced confidence in the safety of their data, and pointing angry fingers at the people guarding it, with politicians in many countries jumping on the bandwagon, I feel that what happened these last couple months is indistinguishable from true terrorism minus the actual physical violence associated with such, and that is only because physical violence over an internet connection is impractical.

So, I think that the term is completely appropriate for what is going on.

I apologize for the writing style. I've been doing little else besides reading Quicksilver for the last 36 hours, and I've had to bend my mind around 18th century-ish speech in order to understand it. I haven't entirely come back yet.

You do know what 'violence' means? Right?

If you hadn't missed or ignored certain parts of my previous post, you would not need to get as worked up as you seem to be, which is a very curious thing to get worked up over. I have more interesting things to do than argue over this, I hope your life becomes interesting enough to you someday that you can say the same.

 

[Callate]

Saying Sony was "just trying to protect its IP" is a little like saying someone who singles out people of different races in their neighborhood for vandalism and intimidation is "just trying to protect its property values."

Or to put it another way, yeah, that might be your goal, guys, but if you don't understand why some people are pissed with the way you've been going about it- you have a serious problem.

 

[Treblaine]

Are you merely arguing that the term cyberterrorism itself is BS? Meh. Debatable. Some of LulzSec's and certainly Anonymous' acts fit the definition of terrorism in every way but causing actual violence, so yes, they do not fit the traditional definition of the term.

Personally, I think that the turbulent state of the internet at the moment, and the laughably inadequate ways in which antiquated legal and business models are being applied to it by people who do not understand the changes at work here, tell us that we are in the middle of one of those paradigm shifts that forces the meaning of words and concepts, among many other things, to change by the end of it.

Because of that, and the fact that a lot of people are feeling substantially more paranoid now than they were two months ago, with drastically reduced confidence in the safety of their data, and pointing angry fingers at the people guarding it, with politicians in many countries jumping on the bandwagon, I feel that what happened these last couple months is indistinguishable from true terrorism minus the actual physical violence associated with such, and that is only because physical violence over an internet connection is impractical.

So, I think that the term is completely appropriate for what is going on.

I apologize for the writing style. I've been doing little else besides reading Quicksilver for the last 36 hours, and I've had to bend my mind around 18th century-ish speech in order to understand it. I haven't entirely come back yet.

You do know what 'violence' means? Right?

If you hadn't missed or ignored certain parts of my previous post, you would not need to get as worked up as you seem to be, which is a very curious thing to get worked up over. I have more interesting things to do than argue over this, I hope your life becomes interesting enough to you someday that you can say the same.

Sorry 3 people previous to you claimed that there had been acts of violence, you continued to argue these hackers are "terrorists" I read this post:

"acts fit the definition of terrorism in every way but causing actual violence, so yes, they do not fit the traditional definition of the term."

As:

"acts fit the definition of terrorism in every way by causing actual violence, so yes, they do not fit the traditional definition of the term."

Come on, it was 2am in the morning, I had only slept 4 hours in the past 24 hours, a little mistake and my point still stands that without violence this cannot possibly be called terrorism without deceiving people that these groups are violent.

You know the term you are searching for to describe "Just like terrorism but without violence" it is called "Activism". Non-violent activism has hard won many of the rights we take for granted today.

And the law is anything it is OVER compensating. The law at the moment is able to put people in prison for LIFE for a single hack by treating each connection as a separate crime of wire-tapping and stringing the 10 years sentences consecutively for a 100 year term before they can be paroled! With Murder you can be paroled after 25 years. So a 4x worse sentence for a single hack that may not necessarily have been to defraud money nor hurt anyone.

Redefining the term "terrorist" to describe hacks that would be pranks or theft if computers were not involved is ABSOLUTELY NOT conductive to justice. The law is more than capable to punish these intruders, the sentences are however ridiculous, thought they are a useful tool as hackers are usually not hardened criminals they will do ANYTHING to avoid a life in jail so when caught they sing like birds revealing every secret, every accomplice..

And if they DID NOT INTEND to influence people with their intrusion, that they just wanted to steal credit card details. Then they are old fashioned thieves and should be treated the same way as someone who steals a car. NOT get labelled "terrorists".

 

[DEAD34345]

Yep. I've been on their side since the beginning. Many people keep saying that sony was saying "We allow you to use our tech. What you do with it is up to us." but the blatant truth is George Hotz posted copy written material. He essentially broke the law.

Breaking the law does not necessarily mean doing something morally wrong. In this case, I believe that George Hotz was doing the right thing by posting copy written material. It was Sony's actions that were wrong, whether they were illegal or not. Not to mention that I thought removing paid for and advertised features was illegal, and if it isn't then it should be.

 

[Epona]

This all started with Sony's actions. They want to play the victim but smart people won't hear any of that. It was wrong of them to remove OtherOS from PS3's that were no longer owned by them. They were foolish to mess with the kind of people who put Linux on a game console but I guess they know that now.

 

[Treblaine]

Yep. I've been on their side since the beginning. Many people keep saying that sony was saying "We allow you to use our tech. What you do with it is up to us." but the blatant truth is George Hotz posted copy written material. He essentially broke the law.

The "Happy Birthday" song is copywrite protected material

 

[Low Key]

Protecting it's IP? Okay Sony...

The PS3 didn't get hacked until the OtherOS feature was taken away (which unfortunately led to piracy), and PSN didn't get royally fucked until they tried to wrongfully sue some random dude for restoring that feature (under the guise of piracy).

I mean, for fucks sake, you don't go and take a feature away from probably the most technical group of people using your device. The retardness of that move astounds me to this day.