Sony Offers "Sincerest Apologies" for PSN Attack

[RedEyesBlackGamer]

The real question here is why the sensationalist "Hackers Sell PSN Info" story is up in the important articles section of the main page, while this one is left to stew in the News Feed further down the page. Wouldn't it be better to let everyone know that Sony made an official apology and offer of free stuff instead of giving us the (hopefully) false impression that our credit is completely screwed? It may just be my bias, but couldn't they at least change that title to something like:

"There's a slim chance that someone may have tried to sell your credit information on a underground hacker forum, even though there is no actual confirmation of such a transaction taking place other than one thread on the most unoriginally named underground hacker forum in the world."

You may have to slim it down a bit to fit the apparent character limit for the headline, though.

Welcome to the Escapist. Journalistic integrity is optional.

 

[blind_dead_mcjones]

"sincerest apologies".... That's it?

Do you understand the Asian concept of "losing face?" It isn't much like the Western concept of an apology -- one that's usually insincere and don't mean much of anything.

I foresee culturally insensitive responses to this.

How about a culturally relative one?

I live in a culture where apologies mean fuck all when coming from a capitalist interest, so why would I accept one coming from a different culture where it means even less to me regardless of the importance it has them.

because beggars can't be choosers, and the fact you can't accept an apology in the interim on the basis that 'apologies don't mean fuck all when comming from a capitalist interest' just makes you look churlish.

 

[Tron Paul]

Until demonstrated otherwise, I'm going to give the benefit of the doubt and assume that Sony wasn't criminally negligent with their security - after all, it's not in their interests *at all* to skimp on that area as the current influx of disfavour/lawsuits/etc shows.

Passwords were stored as plaintext. If that's not criminally negligent, I don't know what is. Learn to hash, even phpbb does it.

 

[JDKJ]

Permalink

Great PR move, honestly. And a hard one for a lot of hard-working folks to make. The technicians know it's not their fault, and they know this is making them look bad... but the company at large knows they can't convince the irrational public of this, because the hackers don't have any faces to hate (yet).

So they throw themselves under the bus, and offer an unqualified apology accepting the "blame," just to get things back on track. Swallowing the pride and getting down to business. Kudos to Sony. I don't own any Sony consoles or products, but this gives me some real respect for them.

I just wish they didn't have to do this. It'd be nice if they could just say, "Look. We got hacked. It's the hackers' fault. We're going to try to fix it going forward, but quit blaming us. Seriously, it's like blaming a guy whose house got robbed because he happened to be borrowing your lawnmower at the time."

This. I wish they could hold the hackers up for people to more justifiably direct their bile at. Hating on Sony has become a rather ugly fashion lately amongst the gaming community. I'm no happier than anyone else that my data might have been stolen, but you change your credit card and move on with your life, wiser and perhaps slightly warier of online purchasing.

Until demonstrated otherwise, I'm going to give the benefit of the doubt and assume that Sony wasn't criminally negligent with their security - after all, it's not in their interests *at all* to skimp on that area as the current influx of disfavour/lawsuits/etc shows.

I wish people would remember that 'Sony' isn't just a company who could improve their customer service (what company couldn't?) or takes away OtherOS from PS3s or whatever anyway. Even if they were negligent, that's only one part of a huge company, and the people who want Sony to go under seem to be forgetting that a crapton of people who work in everything from marketing to manufacture could lose their jobs. I would hate to see a good company (or a portion of it that I happen to enjoy using)go under for one mistake that they would be damn sure to rectify. They'll have to suffer while people learn to trust them again anyway.

Call me too forgiving, but it's not like Sony is famous for having chronic security problems. I would just like it if those who were *actually* at fault; the hackers and, if negligence occured, the people who were responsible for the security, could be punished appropriately, instead of 'Sony' at large.

"Until demonstrated otherwise, I'm going to give the benefit of the doubt and assume that Sony wasn't criminally negligent with their security - after all, it's not in their interests *at all* to skimp on that area as the current influx of disfavour/lawsuits/etc shows."

Did you know when making the statement above that you were restating the "business judgment rule" (a presumption under American law that the decision-makers of a corporation always act in the best interest of their shareholders and, therefore and with few rare exceptions, their decisions are immune from judicial second-guessing)? If you didn't, that you'd intuit the business judgment rule is impressive. The average lay person wouldn't.

 

[BabyRaptor]

I'd just like to take this opportunity that this Sony shouldn't have to apologise for this, they are a victim too, all of this is the soul fault of arrogant coders such as failoverflow and George Hotz, these are the people responsible for allowing the hackers to steal all of your data. From the beginning of this debacle it has been clear that there are far too many people in possession of an overblown sense of entitlement. Once the FBI or other force has identified these hackers the coders who found the PS3 public key should be treated as accessories to the crime. I'm tired of everyone bitching about free speech and free access because this is the result of such arrogance. Anonymous in this case can go f**k itself.

Why should the PS3 key be treated as an accessory to them hacking Sony's servers? There's no correlation between the two whatsoever, except maybe someone wanting to get revenge for Geohot getting taken to court.

Hate on people all you want, but show some common sense.

 

[JDKJ]

Until demonstrated otherwise, I'm going to give the benefit of the doubt and assume that Sony wasn't criminally negligent with their security - after all, it's not in their interests *at all* to skimp on that area as the current influx of disfavour/lawsuits/etc shows.

Passwords were stored as plaintext. If that's not criminally negligent, I don't know what is. Learn to hash, even phpbb does it.

Criminal negligence usually requires a disregard of a risk to human life and safety (e.g., leaving a loaded handgun within reach of a young child). If conduct can't result in someone losing their life or limb, then it isn't usually criminal negligence. It may still be civil negligence, but criminal negligence is a stretch.

 

[JDKJ]

I'd just like to take this opportunity that this Sony shouldn't have to apologise for this, they are a victim too, all of this is the soul fault of arrogant coders such as failoverflow and George Hotz, these are the people responsible for allowing the hackers to steal all of your data. From the beginning of this debacle it has been clear that there are far too many people in possession of an overblown sense of entitlement. Once the FBI or other force has identified these hackers the coders who found the PS3 public key should be treated as accessories to the crime. I'm tired of everyone bitching about free speech and free access because this is the result of such arrogance. Anonymous in this case can go f**k itself.

Why should the PS3 key be treated as an accessory to them hacking Sony's servers? There's no correlation between the two whatsoever, except maybe someone wanting to get revenge for Geohot getting taken to court.

Hate on people all you want, but show some common sense.

I asked this question before and didn't get an answer but maybe I'll get one from you:

How can we rule out the possibility that a PS3 console modded to run custom firmware wasn't used in the intrusion? And I'm not trying to say that if it was, there is any "accessory" charge afoot for Hotz et al. (that seems like a stretch to me). I'm just wondering what basis there is to rule out the possibility of a PS3 being used (the poster who was saying it couldn't have been used was relying on that flow chart-like diagram Sony distributed at its press conference yesterday and, after reviewing it myself, I couldn't see where it supported the conclusion -- but I'm not one of God's most tech-savvy creatures). Can you explain to me why I should conclude that a modded PS3 was not involved?

 

[bad rider]

in b4 "Anonymous did it!" without reading the article.




Now, what will you do if/when credit cards that were "stolen" start being used?

Dispute the charges, get the card replaced, and put a fraud alert on your accounts.

I would also get your credit reports checked. It's free as a US citizen at annualcreditreport.com once a year.

Are you employed by Sony or are you just copying and pasting their press releases?

Bro, that is what YOU need to be doing. Be a little more proactive about your personal finances. Sony isn't going to talk to your bank for you, even if this whole mess is their fault.

Bro? I thought you had gone out drinking tonight and when did you... oh wait your not him..

Anywhooooooo... If Sony talked to my bank for me I would be rather confused as I don't own a Sony product. I was merely stating the similarity between what someone had posted and what the official statement coming from Sony was.

However as we already decided to travel down the road, it would be a shame to not enjoy the views while we are here sooo. If I did own a PS3 and just had my details taken, do you know how big a fuck I'd give right now? None, if I've been hit I've been hit by now. Everyone know whats happend and no-one will be stupid enough to use those cards anymore, not with the FBI etc involved. Using a credit card from the "Sony stockpile" will be like firing off a flaregun while shouting out of microphone. "Over here guys. Please come and throw me in jail! There's something soooo appealing about having an ass like a clowns pocket."

Nevertheless, I would expect people to have taken out the basic precautions to say the least, safe than sorry yada yada yada.

If you don't tell your bank your card is stolen, they won't be able to catch whomever is responsible BRO. Your bank doesn't go through everyone's financial information to see who bought something through Sony and who didn't.

Bro, if your credit or debit card is used for an uncharacteristically large sum of money your bank will block the amount. Or, if your card is used on a purchase out of the country or even on a strange website your bank will block the amount.

So, you know, chill bro its all good. No need to be stressin, maybe we should chillax and hit a few waves yo!

 

[faefrost]

I'd just like to take this opportunity that this Sony shouldn't have to apologise for this, they are a victim too, all of this is the soul fault of arrogant coders such as failoverflow and George Hotz, these are the people responsible for allowing the hackers to steal all of your data. From the beginning of this debacle it has been clear that there are far too many people in possession of an overblown sense of entitlement. Once the FBI or other force has identified these hackers the coders who found the PS3 public key should be treated as accessories to the crime. I'm tired of everyone bitching about free speech and free access because this is the result of such arrogance. Anonymous in this case can go f**k itself.

Why should the PS3 key be treated as an accessory to them hacking Sony's servers? There's no correlation between the two whatsoever, except maybe someone wanting to get revenge for Geohot getting taken to court.

Hate on people all you want, but show some common sense.

Because according to the nice little chart back on the first page of this thread, SONY implies that the hack occured by a third party installing a comunication tool on the Application Server tier of their infrastructure. Which then had the ability to comunicate with the database server.

The main security protection/ validation for that application server level is at least in part the PS3 key. It's what the server uses to validate that the game talking to it is a legit game. So the thought that the root keys factored into this (assuming it was an outside third party job coming in from the internet) is a fairly valid hypothesis at this point. I am sure there is more to it than this, and the root key is not the "keys to the kingdom" that let the hackers in. But I don't think any of us would be surprised to find that it is part of the tools used to pull this off.

 

[JDKJ]

I'd just like to take this opportunity that this Sony shouldn't have to apologise for this, they are a victim too, all of this is the soul fault of arrogant coders such as failoverflow and George Hotz, these are the people responsible for allowing the hackers to steal all of your data. From the beginning of this debacle it has been clear that there are far too many people in possession of an overblown sense of entitlement. Once the FBI or other force has identified these hackers the coders who found the PS3 public key should be treated as accessories to the crime. I'm tired of everyone bitching about free speech and free access because this is the result of such arrogance. Anonymous in this case can go f**k itself.

Why should the PS3 key be treated as an accessory to them hacking Sony's servers? There's no correlation between the two whatsoever, except maybe someone wanting to get revenge for Geohot getting taken to court.

Hate on people all you want, but show some common sense.

Because according to the nice little chart back on the first page of this thread, SONY implies that the hack occured by a third party installing a comunication tool on the Application Server tier of their infrastructure. Which then had the ability to comunicate with the database server.

The main security protection/ validation for that application server level is at least in part the PS3 key. It's what the server uses to validate that the game talking to it is a legit game. So the thought that the root keys factored into this (assuming it was an outside third party job coming in from the internet) is a fairly valid hypothesis at this point. I am sure there is more to it than this, and the root key is not the "keys to the kingdom" that let the hackers in. But I don't think any of us would be surprised to find that it is part of the tools used to pull this off.

I had kinda figured that one cannot rule out the possibility of a modified PS3 being involved when I saw that no one was rushing to answer my questions.

It's all George Hotz' fault!! He's the one to blame!!

 

[FamoFunk]

Cool Sony. Now, get me back online.

[sub][sub]Give me my free shit, too.[/sub][/sub]

 

[Low Key]

in b4 "Anonymous did it!" without reading the article.




Now, what will you do if/when credit cards that were "stolen" start being used?

Dispute the charges, get the card replaced, and put a fraud alert on your accounts.

I would also get your credit reports checked. It's free as a US citizen at annualcreditreport.com once a year.

Are you employed by Sony or are you just copying and pasting their press releases?

Bro, that is what YOU need to be doing. Be a little more proactive about your personal finances. Sony isn't going to talk to your bank for you, even if this whole mess is their fault.

Bro? I thought you had gone out drinking tonight and when did you... oh wait your not him..

Anywhooooooo... If Sony talked to my bank for me I would be rather confused as I don't own a Sony product. I was merely stating the similarity between what someone had posted and what the official statement coming from Sony was.

However as we already decided to travel down the road, it would be a shame to not enjoy the views while we are here sooo. If I did own a PS3 and just had my details taken, do you know how big a fuck I'd give right now? None, if I've been hit I've been hit by now. Everyone know whats happend and no-one will be stupid enough to use those cards anymore, not with the FBI etc involved. Using a credit card from the "Sony stockpile" will be like firing off a flaregun while shouting out of microphone. "Over here guys. Please come and throw me in jail! There's something soooo appealing about having an ass like a clowns pocket."

Nevertheless, I would expect people to have taken out the basic precautions to say the least, safe than sorry yada yada yada.

If you don't tell your bank your card is stolen, they won't be able to catch whomever is responsible BRO. Your bank doesn't go through everyone's financial information to see who bought something through Sony and who didn't.

Bro, if your credit or debit card is used for an uncharacteristically large sum of money your bank will block the amount. Or, if your card is used on a purchase out of the country or even on a strange website your bank will block the amount.

So, you know, chill bro its all good. No need to be stressin, maybe we should chillax and hit a few waves yo!

I think you have your American stereotypes confused bro.

Besides, I just spent an uncharacteristic amount of money recently. My bank didn't do anything. I wasn't even using a credit card, but a debit card, which is even more susceptible. They don't care. You trust banks WAY too much.

 

[JDKJ]

in b4 "Anonymous did it!" without reading the article.




Now, what will you do if/when credit cards that were "stolen" start being used?

Dispute the charges, get the card replaced, and put a fraud alert on your accounts.

I would also get your credit reports checked. It's free as a US citizen at annualcreditreport.com once a year.

Are you employed by Sony or are you just copying and pasting their press releases?

Bro, that is what YOU need to be doing. Be a little more proactive about your personal finances. Sony isn't going to talk to your bank for you, even if this whole mess is their fault.

Bro? I thought you had gone out drinking tonight and when did you... oh wait your not him..

Anywhooooooo... If Sony talked to my bank for me I would be rather confused as I don't own a Sony product. I was merely stating the similarity between what someone had posted and what the official statement coming from Sony was.

However as we already decided to travel down the road, it would be a shame to not enjoy the views while we are here sooo. If I did own a PS3 and just had my details taken, do you know how big a fuck I'd give right now? None, if I've been hit I've been hit by now. Everyone know whats happend and no-one will be stupid enough to use those cards anymore, not with the FBI etc involved. Using a credit card from the "Sony stockpile" will be like firing off a flaregun while shouting out of microphone. "Over here guys. Please come and throw me in jail! There's something soooo appealing about having an ass like a clowns pocket."

Nevertheless, I would expect people to have taken out the basic precautions to say the least, safe than sorry yada yada yada.

If you don't tell your bank your card is stolen, they won't be able to catch whomever is responsible BRO. Your bank doesn't go through everyone's financial information to see who bought something through Sony and who didn't.

Bro, if your credit or debit card is used for an uncharacteristically large sum of money your bank will block the amount. Or, if your card is used on a purchase out of the country or even on a strange website your bank will block the amount.

So, you know, chill bro its all good. No need to be stressin, maybe we should chillax and hit a few waves yo!

I think you have your American stereotypes confused bro.

Besides, I just spent an uncharacteristic amount of money recently. My bank didn't do anything. I wasn't even using a credit card, but a debit card, which is even more susceptible. They don't care. You trust banks WAY too much.

Debits cards differ from credit cards and banks tend to pay much closer attention to credit cards than they do debit cards because for credit cards, the risk is entirely the banks usually. For debit cards, it depends on whether your actual card was stolen or whether just your card information was stolen, when you became aware of the loss, when, if ever, you report it, etc., etc., etc.

If you're interested in the whole skinny:

Credit Card Loss or Fraudulent Charges. Your maximum liability under federal law for unauthorized use of your credit card is $50. If you report the loss before your credit cards are used, the Fair Credit Billing Act says the card issuer cannot hold you responsible for any unauthorized charges. If a thief uses your cards before you report them missing, the most you will owe for unauthorized charges is $50 per card. Also, if the loss involves your credit card number, but not the card itself, you have no liability for unauthorized use.

After the loss, review your billing statements carefully. If they show any unauthorized charges, it's best to send a letter to the card issuer describing each questionable charge. Again, tell the card issuer the date your card was lost or stolen, or when you first noticed unauthorized charges, and when you first reported the problem to them. Be sure to send the letter to the address provided for billing errors. Do not send it with a payment or to the address where you send your payments unless you are directed to do so.

ATM or Debit Card Loss or Fraudulent Transfers. Your liability under federal law for unauthorized use of your ATM or debit card depends on how quickly you report the loss. If you report an ATM or debit card missing before it's used without your permission, the Electronic Funds Transfer Act says the card issuer cannot hold you responsible for any unauthorized transfers. If unauthorized use occurs before you report it, your liability under federal law depends on how quickly you report the loss.

For example, if you report the loss within two business days after you realize your card is missing, you will not be responsible for more than $50 for unauthorized use. However, if you don't report the loss within two business days after you discover the loss, you could lose up to $500 because of an unauthorized transfer. You also risk unlimited loss if you fail to report an unauthorized transfer within 60 days after your bank statement containing unauthorized use is mailed to you. That means you could lose all the money in your bank account and the unused portion of your line of credit established for overdrafts. However, for unauthorized transfers involving only your debit card number (not the loss of the card), you are liable only for transfers that occur after 60 days following the mailing of your bank statement containing the unauthorized use and before you report the loss.

If unauthorized transfers show up on your bank statement, report them to the card issuer as quickly as possible. Once you've reported the loss of your ATM or debit card, you cannot be held liable for additional unauthorized transfers that occur after that time.

 

[bad rider]

in b4 "Anonymous did it!" without reading the article.




Now, what will you do if/when credit cards that were "stolen" start being used?

Dispute the charges, get the card replaced, and put a fraud alert on your accounts.

I would also get your credit reports checked. It's free as a US citizen at annualcreditreport.com once a year.

Are you employed by Sony or are you just copying and pasting their press releases?

Bro, that is what YOU need to be doing. Be a little more proactive about your personal finances. Sony isn't going to talk to your bank for you, even if this whole mess is their fault.

Bro? I thought you had gone out drinking tonight and when did you... oh wait your not him..

Anywhooooooo... If Sony talked to my bank for me I would be rather confused as I don't own a Sony product. I was merely stating the similarity between what someone had posted and what the official statement coming from Sony was.

However as we already decided to travel down the road, it would be a shame to not enjoy the views while we are here sooo. If I did own a PS3 and just had my details taken, do you know how big a fuck I'd give right now? None, if I've been hit I've been hit by now. Everyone know whats happend and no-one will be stupid enough to use those cards anymore, not with the FBI etc involved. Using a credit card from the "Sony stockpile" will be like firing off a flaregun while shouting out of microphone. "Over here guys. Please come and throw me in jail! There's something soooo appealing about having an ass like a clowns pocket."

Nevertheless, I would expect people to have taken out the basic precautions to say the least, safe than sorry yada yada yada.

If you don't tell your bank your card is stolen, they won't be able to catch whomever is responsible BRO. Your bank doesn't go through everyone's financial information to see who bought something through Sony and who didn't.

Bro, if your credit or debit card is used for an uncharacteristically large sum of money your bank will block the amount. Or, if your card is used on a purchase out of the country or even on a strange website your bank will block the amount.

So, you know, chill bro its all good. No need to be stressin, maybe we should chillax and hit a few waves yo!

I think you have your American stereotypes confused bro.

Besides, I just spent an uncharacteristic amount of money recently. My bank didn't do anything. I wasn't even using a credit card, but a debit card, which is even more susceptible. They don't care. You trust banks WAY too much.

Look bro, if you was chillaxin like I am bra, maybe you wouldn't be worryin bout dem stereo whatsamajigs and be hitting some waves bra. Chill.

Sides other day I be trippin some money down on some of them websites and then bank was all you, you declined, which was like totally bogus. So anyways I was all like why you hating, and they was all "oh man, we sorry" then everything was totally excellent. I mean, it's like banks want to keep my money or something bro. Maybe they was all bogus about it because they like my money, maybe I like totally don't trust them cuz they is all like greedy or nothing. Dude I need to go chill by the beech or these banks gonna keep on player hating, dawg. But you know bra, as you have like, one totally awesome purchase that I like, totally have to take your word for you know, I guess I'll take myself home, you feel this?

 

[geizr]

Sony Offers "Sincerest Apologies" for PSN Attack

Hirai concluded the press conference by stating: "These kind of attacks... may not be limited only to Sony." Sony is cooperating with law enforcement agencies such as the U.S. Department of Homeland Security and the FBI [http://www.escapistmagazine.com/news/view/109683-Homeland-Security-and-FBI-On-Hunt-for-PSN-Hackers] for the "safety of a networked society." Right on.

Sometimes I think hackers just don't think about the response their actions elicit. Some will try to justify their actions by claiming they are making things safer by demonstrating where the vulnerabilities are, but what they are really doing is causing things to become more tyrannically locked down than ever before as people have extreme reactions to stuff like this. It may be safer, but it's not a happy kind of safer. You don't just keep breaking into a man's home, claiming to be showing him where the holes are, without expecting, sooner or later, to find he's gotten a shotgun to blow a hole in your face the next time you try to break in; no questions asked, no answers given.

 

[justnotcricket]

Permalink

Great PR move, honestly. And a hard one for a lot of hard-working folks to make. The technicians know it's not their fault, and they know this is making them look bad... but the company at large knows they can't convince the irrational public of this, because the hackers don't have any faces to hate (yet).

So they throw themselves under the bus, and offer an unqualified apology accepting the "blame," just to get things back on track. Swallowing the pride and getting down to business. Kudos to Sony. I don't own any Sony consoles or products, but this gives me some real respect for them.

I just wish they didn't have to do this. It'd be nice if they could just say, "Look. We got hacked. It's the hackers' fault. We're going to try to fix it going forward, but quit blaming us. Seriously, it's like blaming a guy whose house got robbed because he happened to be borrowing your lawnmower at the time."

This. I wish they could hold the hackers up for people to more justifiably direct their bile at. Hating on Sony has become a rather ugly fashion lately amongst the gaming community. I'm no happier than anyone else that my data might have been stolen, but you change your credit card and move on with your life, wiser and perhaps slightly warier of online purchasing.

Until demonstrated otherwise, I'm going to give the benefit of the doubt and assume that Sony wasn't criminally negligent with their security - after all, it's not in their interests *at all* to skimp on that area as the current influx of disfavour/lawsuits/etc shows.

I wish people would remember that 'Sony' isn't just a company who could improve their customer service (what company couldn't?) or takes away OtherOS from PS3s or whatever anyway. Even if they were negligent, that's only one part of a huge company, and the people who want Sony to go under seem to be forgetting that a crapton of people who work in everything from marketing to manufacture could lose their jobs. I would hate to see a good company (or a portion of it that I happen to enjoy using)go under for one mistake that they would be damn sure to rectify. They'll have to suffer while people learn to trust them again anyway.

Call me too forgiving, but it's not like Sony is famous for having chronic security problems. I would just like it if those who were *actually* at fault; the hackers and, if negligence occured, the people who were responsible for the security, could be punished appropriately, instead of 'Sony' at large.

"Until demonstrated otherwise, I'm going to give the benefit of the doubt and assume that Sony wasn't criminally negligent with their security - after all, it's not in their interests *at all* to skimp on that area as the current influx of disfavour/lawsuits/etc shows."

Did you know when making the statement above that you were restating the "business judgment rule" (a presumption under American law that the decision-makers of a corporation always act in the best interest of their shareholders and, therefore and with few rare exceptions, their decisions are immune from judicial second-guessing)? If you didn't, that you'd intuit the business judgment rule is impressive. The average lay person wouldn't.

It seemed like common sense? I mean, if nothing else, you'd think a company would have a sense of self preservation, even if they weren't doing it out of a sense of honour and duty toward their customers =P I mean, from what I can tell, if you piss off your shareholders, you're in hot water...

 

[JDKJ]

Permalink

Great PR move, honestly. And a hard one for a lot of hard-working folks to make. The technicians know it's not their fault, and they know this is making them look bad... but the company at large knows they can't convince the irrational public of this, because the hackers don't have any faces to hate (yet).

So they throw themselves under the bus, and offer an unqualified apology accepting the "blame," just to get things back on track. Swallowing the pride and getting down to business. Kudos to Sony. I don't own any Sony consoles or products, but this gives me some real respect for them.

I just wish they didn't have to do this. It'd be nice if they could just say, "Look. We got hacked. It's the hackers' fault. We're going to try to fix it going forward, but quit blaming us. Seriously, it's like blaming a guy whose house got robbed because he happened to be borrowing your lawnmower at the time."

This. I wish they could hold the hackers up for people to more justifiably direct their bile at. Hating on Sony has become a rather ugly fashion lately amongst the gaming community. I'm no happier than anyone else that my data might have been stolen, but you change your credit card and move on with your life, wiser and perhaps slightly warier of online purchasing.

Until demonstrated otherwise, I'm going to give the benefit of the doubt and assume that Sony wasn't criminally negligent with their security - after all, it's not in their interests *at all* to skimp on that area as the current influx of disfavour/lawsuits/etc shows.

I wish people would remember that 'Sony' isn't just a company who could improve their customer service (what company couldn't?) or takes away OtherOS from PS3s or whatever anyway. Even if they were negligent, that's only one part of a huge company, and the people who want Sony to go under seem to be forgetting that a crapton of people who work in everything from marketing to manufacture could lose their jobs. I would hate to see a good company (or a portion of it that I happen to enjoy using)go under for one mistake that they would be damn sure to rectify. They'll have to suffer while people learn to trust them again anyway.

Call me too forgiving, but it's not like Sony is famous for having chronic security problems. I would just like it if those who were *actually* at fault; the hackers and, if negligence occured, the people who were responsible for the security, could be punished appropriately, instead of 'Sony' at large.

"Until demonstrated otherwise, I'm going to give the benefit of the doubt and assume that Sony wasn't criminally negligent with their security - after all, it's not in their interests *at all* to skimp on that area as the current influx of disfavour/lawsuits/etc shows."

Did you know when making the statement above that you were restating the "business judgment rule" (a presumption under American law that the decision-makers of a corporation always act in the best interest of their shareholders and, therefore and with few rare exceptions, their decisions are immune from judicial second-guessing)? If you didn't, that you'd intuit the business judgment rule is impressive. The average lay person wouldn't.

It seemed like common sense? I mean, if nothing else, you'd think a company would have a sense of self preservation, even if they weren't doing it out of a sense of honour and duty toward their customers =P I mean, from what I can tell, if you piss off your shareholders, you're in hot water...

You may wanna consider the law as a profession. You may be naturally predisposed for the field.

 

[Caiti Voltaire]

Criminal negligence usually requires a disregard of a risk to human life and safety (e.g., leaving a loaded handgun within reach of a young child). If conduct can't result in someone losing their life or limb, then it isn't usually criminal negligence. It may still be civil negligence, but criminal negligence is a stretch.

Au contraire, if through an organisation's negligence a loss of more than $5000 occurs, then it is by definition criminal. That's where the line gets drawn. It's considered accessory to fraud.

 

[JDKJ]

Criminal negligence usually requires a disregard of a risk to human life and safety (e.g., leaving a loaded handgun within reach of a young child). If conduct can't result in someone losing their life or limb, then it isn't usually criminal negligence. It may still be civil negligence, but criminal negligence is a stretch.

Au contraire, if through an organisation's negligence a loss of more than $5000 occurs, then it is by definition criminal. That's where the line gets drawn. It's considered accessory to fraud.

Maybe that's how in works in Canada, eh. But it ain't how it works in California where PSN subscribers are contractually required to file suit against Sony, if they have one to file. In California, criminal negligence has nothing to do with any magical dollar amount, not $5 or $5,000,000. Rather, as the California Court of Appeals has stated:

"Criminal negligence" refers to negligent conduct which is aggravated, reckless or flagrant and which is such a departure from the conduct of an ordinarily prudent, careful person under the same circumstances as to be contrary to a proper regard for [human life], [danger to human life] or to constitute indifference to the consequences of that conduct. The facts must be such that the consequences of the negligent conduct could reasonable have been foreseen and it must appear that the [death], [danger to human life] was not the result of inattention, mistaken judgment or misadventure but the natural and probable result of aggravated, reckless or flagrantly negligent conduct.]" People v. Odom (1991) 226 Cal.App.3d 1028 (cited at http://www.shouselaw.com/criminal-negligence.html ).

 

[punipunipyo]

um... a few DLC-passes would be nice...