Sony Still Unsure About Credit Card Leak on PSN

[JDKJ]

This is the only thing that'd concerned me about this whole thing. I've already been hit with identity theft once this year, I don't need it again.

(Side Note: Are some people really using this to revive a dead fanboy war?)

yes, a million times yes.


360 players are using the excuse "Microsoft would never of let this happen" and P$3 players are claiming, still, after five days of being told otherwise, that Anon is the reason the PSN is down, and wont beleive for a second that $ony, for the third time now, had admitted to turning off the system to investigate the intrusion.


All the while, the people that pay no attention to flame-wars continue with their lives.

Thank the gaming gods for PC games, right?


OT: Normally I would laugh at PSN being down, but losing customers creditcard details and more personal information being lost a huge possibility? Bad move Sony, these things should of been held separately in different servers instead on the same ones the PSN uses to run.

I mean, I though the first rule of running a corporation is protecting your customers personal information.

Huh? Isn't the credit card information used to conduct transactions on the PlayStation network? How can that information be kept separate and apart from the place where it is needed? That's like leaving all your money and debit and credit cards at home so they won't be lost or stolen. It sounds like a good idea . . . until you wanna buy something away from home.

actually, having a retrieving program to access said information on an entirely different server would be easy to implement, at worst the flaw would be increased wait times before your information would be retrieved.

In essence, it is exactly like a debit card or check in a pure form:

you input your information to the PSN, it gets a subject number of, say, 01301291, which is put on file in another server separate of one that is accessible by the public server cluster [the one that went down]. Now, lets say you want to buy Angry Birds on the PSN, well, all the retriever program would need to do is look up your unique subject number for that payment choice and once it confirms it, your purchase is ready for download.


All of that can be achieved with a separate server, we are not in the 1990's anymore, this is 2011, it is possible.

If the two servers are linked together as you describe, if I hack into one server, what's to stop me from hacking my way from there over to the other server? I would think I could easily do so if they're linked together. Just follow the link. After all, this 2011.

 

[Jumplion]

I think it take way to much time for just a basic intrusion. Like you said, before the intrusion, they were doing updates due to Geohotz's actions but they didn't shutdown server for it. Also, if it was just an intrusion, they should be able to deal with it in a timely manner, we are speaking of an actual company with enough asset to hired a group of informatics expert to patch their security. Answer me this: Why stop it now for One person (if it is one) and why does it take more then five days? You see, thing like that happened before and never on this scale (at least, that I'm aware off).

I dunno, maybe reworking an entire security mainframe or whatever takes time? I'd imagine that they hadn't finished it, and the shutdown from the potential intrusion was just a way to be more secure about it.

Whatever, I don't really play online too much on PSN, but I do talk with my friends over it if I can and do play the occasional multiplayer game. I've heard it'll be back up by either this Tuesday or by the weekend, so we'll have to wait and see.

 

[Akalistos]

I think it take way to much time for just a basic intrusion. Like you said, before the intrusion, they were doing updates due to Geohotz's actions but they didn't shutdown server for it. Also, if it was just an intrusion, they should be able to deal with it in a timely manner, we are speaking of an actual company with enough asset to hired a group of informatics expert to patch their security. Answer me this: Why stop it now for One person (if it is one) and why does it take more then five days? You see, thing like that happened before and never on this scale (at least, that I'm aware off).

I dunno, maybe reworking an entire security mainframe or whatever takes time? I'd imagine that they hadn't finished it, and the shutdown from the potential intrusion was just a way to be more secure about it.

It does take time, I agree. But you can't denied that it's fishy to shut everything of for a week after One alleged man broke in. It's extremely fishy with how little info we got on that matter.

Whatever, I don't really play online too much on PSN, but I do talk with my friends over it if I can and do play the occasional multiplayer game. I've heard it'll be back up by either this Tuesday or by the weekend, so we'll have to wait and see.

Good for you. I don't spend time online either but you got to think about those who do.

 

[Jumplion]

It does take time, I agree. But you can't denied that it's fishy to shut everything of for a week after One alleged man broke in. It's extremely fishy with how little info we got on that matter.

They're either withholding information, or they don't know what precisely is going on either. Either way, not a good thing.

 

[twm1709]

Having the service down for so long and then coming out in the open and claming they have no idea about ANYTHING, It's embarrasing... they're behaving like some rookie company with no IT or PR experience at all.

 

[magnuslion]

So....In the attack from Anonymous they stole the information from random people all over the world.....yeah they really are trying to help their cause of....not being douches i really have no idea why they do anything.

Anonymous itself has claimed they were not responsible for this attack, and yes they could be lying, but they have a history of taking pride in their actions and claiming responsibility for attacks they're behind, so it is likely they are not responsible.

If Anon is responsible, this is one hell of an attack. Seriously, considering their history of minor annoyance level attacks, this is to Anon what 9/11 was to Al-Qaeda (if you'll excuse the reference)

The "Anon" video put up on youtube was a fake. a trolling move.

 

[Radelaide]

As much as I'm not a fan on the PS3 or Sony, you can't place all the blame on them. Yes, you can blame them for the obvious, "Er, we're not sure how many of your identities could be stolen." That's a genuine fuckup, but they're doing the best they can to restore the services most of the PSN users I've seen feel so very entitled too. If you feel so wronged, go help rebuild. If not, STFU and twiddle your thumbs.

 

[jovack22]

Sony attacks teenager well known to the hacking community with full force, and then this happens.

Coincidence?

You want to know what's better than attacking hackers? Hiring them to work on security issues with your software.

 

[meepop]

So....In the attack from Anonymous they stole the information from random people all over the world.....yeah they really are trying to help their cause of....not being douches i really have no idea why they do anything.

It wasn't "Anonymous" people! Where on earth did you get this idea? It's just speculation, they have no damn reason to attack and do something like this, nor would the average person have the skills to do so. This is something much different.

Also, thanks Escapist for not bringing the Anon thing into another article, I was getting tired of the constant "It could be Anonymous because blahblah".

I will be looking forward to the PSN coming back online

inb4 Console war fanbo- Oh wait, nevermind...

Based on mine and others speculation, Anon itself may not have done this, but a "splinter group" (A branch of the main Anon) of Anon who wanted GeoHotz to win or hated Sony could've done this...

OT: Sony, as I said before, the longer you keep up this bullshit the harder it is for me to defend you against the Xbox fanboys! And know credit card info? Fuck's sake, Sony come on!

 

[jovack22]

Just stay with Nintendo.

My biggest mistake was getting an XBOX360 instead of Wii back in 2006 or '07 I forgot.

Any hardcore game you need plays best with PC (I don't know why RDR still hasn't released yet.. come on rockstar...)

 

[Trogdor1138]

So....In the attack from Anonymous they stole the information from random people all over the world.....yeah they really are trying to help their cause of....not being douches i really have no idea why they do anything.

It wasn't "Anonymous" people! Where on earth did you get this idea? It's just speculation, they have no damn reason to attack and do something like this, nor would the average person have the skills to do so. This is something much different.

Also, thanks Escapist for not bringing the Anon thing into another article, I was getting tired of the constant "It could be Anonymous because blahblah".

I will be looking forward to the PSN coming back online

inb4 Console war fanbo- Oh wait, nevermind...

Based on mine and others speculation, Anon itself may not have done this, but a "splinter group" (A branch of the main Anon) of Anon who wanted GeoHotz to win or hated Sony could've done this...

OT: Sony, as I said before, the longer you keep up this bullshit the harder it is for me to defend you against the Xbox fanboys! And know credit card info? Fuck's sake, Sony come on!

"Anonymous" IS made up of Splinter groups. There is no main "anon" and there never was, they don't have an organized thing going, that's the whole point of them, hence my quotation marks around them, it gets very hard to define exactly what I mean unfortunately. But this whole "Anon" thing is just so people can put a face on something to blame shit on, like game journalists do. As soon as something happens it's immediatly "Anon" who is at fault, like there aren't countless other hackers around the world with their own motives.

This is simply just hackers looking to pirate some shit and trouble being caused as the result of it.

 

[SinisterGehe]

Snipetishnip

Why shouldn't I refrain from discussing morals on Internet? Is there some rule I have missed that states "You shall not point out immoral behavior!"?

What I think you have missed in your post about Sony's mistake is; that Sony is a company a being. That being is constructed of people, average Joes - like you and me. You think theya re happy about this.

I think people are misusing this event to spark up a fight. It saddens me. What if XBL would get attacked and details would be stolen and the scales would be tipped other way around? Would you be laughing at Microsoft (I'll just do a random buckshot and quess you play XBOX?

Let think of a situation in which you would be employed by a huge corporation to look after similar servers and you would get in to a pickle because of it. Wouldn't it be nice that people would laugh at you when you are in really bad situation, both personally and corporation wise - jobs on the line, lots of money in the line.

Or you laughing only because you couldn't imagine or you'd never be in a situation like this? People say that I am unable to be emphatic. But at least I understand that there are lots of people who have their careers on the line, numerous customers and most of all the publicity.

I won't laugh at them, I feel sorry for them. And I am quite neutral on this since I do not play neither of the overpriced products. I fell sorry for the individuals who are having sleepless nights because of this disaster, you think they are enjoying the situation. Just kicking around and drink coffee while servers are going down?

Tell me could you have foreseen something like this? I don't mean guessing like "There's a change that someone will hack our servers in some point". I mean like that you could have known the way and means of the attack. Could you have prepared for something like this? There is a change that you will die of drinking tab water, are you prepared for that?

 

[Nexus4]

hackers have reached the point where nothing is safe if they put their efforts into this, I am sure that they could do the same thing to the Xbox or Steam if they so wanted; I mean we all know that online banking carries the same risks as well. I do not blame Sony for this, I just wish that they would stop attracting hacker attention so their customers do not suffer. p.s. This is why I always use prepaid.

 

[SinisterGehe]

Snipetishnip

Why shouldn't I refrain from discussing morals on Internet? Is there some rule I have missed that states "You shall not point out immoral behavior!"?

What I think you have missed in your post about Sony's mistake is; that Sony is a company a being. That being is constructed of people, average Joes - like you and me. You think theya re happy about this.

I think people are misusing this event to spark up a fight. It saddens me. What if XBL would get attacked and details would be stolen and the scales would be tipped other way around? Would you be laughing at Microsoft (I'll just do a random buckshot and quess you play XBOX?

Let think of a situation in which you would be employed by a huge corporation to look after similar servers and you would get in to a pickle because of it. Wouldn't it be nice that people would laugh at you when you are in really bad situation, both personally and corporation wise - jobs on the line, lots of money in the line.

Or you laughing only because you couldn't imagine or you'd never be in a situation like this? People say that I am unable to be emphatic. But at least I understand that there are lots of people who have their careers on the line, numerous customers and most of all the publicity.

I won't laugh at them, I feel sorry for them. And I am quite neutral on this since I do not play neither of the overpriced products. I fell sorry for the individuals who are having sleepless nights because of this disaster, you think they are enjoying the situation. Just kicking around and drink coffee while servers are going down?

Tell me could you have foreseen something like this? I don't mean guessing like "There's a change that someone will hack our servers in some point". I mean like that you could have known the way and means of the attack. Could you have prepared for something like this? There is a change that you will die of drinking tab water, are you prepared for that?

Well, quite frankly, judging by the fact that stuff like this doesnt happen too often its obvious that Sony has done an absolutely miserable job of protecting there customers.

Sony is a company with great responsibility. The responsibility to stop credit card information entrusted to them from getting into any other hands than there own. Saying "herp derp Sony iz made up of ppl lke u n me" is just bullshit. You could say that about anything. Its a strawman argument. In the end you can bawwww all you want, a bunch of people havent done there well paid job properly and they need to be kicked in the ass for it.

And honestly, I think if I was working at Sony and was in trouble for this, one thing I would NOT be worrying about is some random gamer who calls himself Smash laughing about it. And he would probably care even less about you. The comment on the internet can be interpreted as this, by the way - I just cant quite grasp people like you. Is it your first day on an internet forum? Did you scroll through this thread, browsing the forums, a place of complete happiness and harmony, when suddenly, SHOCK! HORROR! Someone is less empathetic than you! Under the millions of people that visit the internet on a daily basis, someone actually thinks and feels differently to you! By the nine! You must give him a piece of your mind right now, that will teach him!

For the record. If I died of drinking tap water, someone somewhere has fucked up BAD. And that guy is payed to not fuck up BAD. Which is exactly the same thing. If Sony gets buried under DDOS attacks, there isnt much they can do. But what they can do is make sure there security measures are accurate so that no one gets there customers information. If you think they were completely helpless - the fact that they arent even sure what happened even now speaks measures.

So anyway, that was in defence of a statement I never made. If you could manage to turn on your brain for a few seconds, I would like you to read my first post, and tell me were exactly I said "LOLZ I HOPE TEH WORKERZ AT TEH SONY GET KILLED" because I can only remember posting something like "I dont know whether I should laugh or cry".

I am not sure in which part did I say something to you that would have justified you to do personal insults towards me and my way of thinking.

But if I need to be snappy here, If we look post count, I have been here longer.
Also, you are saying that the people who work at SONY are more or less of a human. If you are talking about SONY as a being, make sure of refer them in such way. True SONY is a being, but it is constructed of people.

If there is some loophole that they missed, it is human to do a mistake. A wall is as strong as its weakest point. If they would have such a security system that is inpenetreable in the knows hacking measures, but there are always new ways and new technology to go with. Or do you have the exact 'blueprints' of SONY's security systems, how do you know it was bad? It could have been the best in the world, until someone finds the loophole. Something is indestructible until someone finds way to destroy it.

When did I say anything of them dying, or said you should/would die? It was merely a point to say that "It is possible to something to happen, and we should prepare for it" if pointless statement since anything can happen and you can't be prepared to everything. What if it was a manual hacking, done by someone who SONY trusted security wise. It could been Magic*, Divine ,Intervention* or something to do with the planets positions*. (Prove wrong) You saying that they should be prepared for every possible mean and way of someone hacking in to their system, it is impossible.

And no offense, we are on Internet. It doesn't mean you need to give up your manners. (If you have them to begin with, if you don't; Please go back to 4Chan)

 

[Delusibeta]

So....In the attack from Anonymous they stole the information from random people all over the world.....yeah they really are trying to help their cause of....not being douches i really have no idea why they do anything.

It wasn't "Anonymous" people! Where on earth did you get this idea? It's just speculation, they have no damn reason to attack and do something like this, nor would the average person have the skills to do so. This is something much different.

Also, thanks Escapist for not bringing the Anon thing into another article, I was getting tired of the constant "It could be Anonymous because blahblah".

I will be looking forward to the PSN coming back online

inb4 Console war fanbo- Oh wait, nevermind...

I don't think it was Anon either, but you can't possibly argue that they have no reason to do this, they did just announce they were going after Sony after all.

But still Motive does not equal proof, I don't think Anon did this.

Anonimous isn't a defender of Internet right. Not everything they did was to further some righteous cause.

That said, They have stated that it wasn't them or if it was, it was a overzealous splintered group. If it's them, they'll get bad rep with a large group of people (and not just ps3 owners) and if they didn't... well. If the hat fit.

I'd imagine 99.99999999999999999999999999999999999999999999999999999999% of Anonymous couldn't manage this. I expect it was a lone hacker with [HEADING=1]a virus payload.[/HEADING]

To completely down a whole system like that for multiple days when you know that the company got staff dedicated to maintain it... And you think it's the action of a lone man? You are delusional, lying or a troll. I sure by now that this is the work of a group of hackers regardless if they are affiliated with Anonimous. Unless they are picking their nose at Sony, I can guaranty that the damage couldn't been done by a lone hacker and a "he" wouldn't be able to keep it offline for that long. Each new day will validate more and more my hypothesis and disprove yours. Still, I hope Sony put legal actions on all the aforementioned hackers. Some of them are playing for a service that cannot be delivered thank to them. I would deem fair that the damage being repaid to both Sony and the consumers.

May I suggest reading the post again? I'm saying that a particularly nasty virus took down the PSN servers, by rendering the database servers in need of a reformat, forcing Sony to reconstruct said databases. Who would be most likely to leave said virus? A lone hacker, and a good hacker at that (which rules out 99.99999999999999999999999999999999etc% of Anon, since they couldn't hack out of a paper bag, unless it involves typing an IP address into LOIC. And, quite frankly, anyone can do that).

 

[benvorbeck]

Obviously this happens with the best of companies like Sony.

Hackers are wankers(or only score from desperate hookers)

Viva Sony

 

[caffman]

If credit card details have been taken you possibly wouldn't notice! Lets say that Sonys figures are off and there are 35 million users that have a credit card attached. The hacker would take £1 from each account, which WOULD NOT FLAG. Do the maths.