U.S. Senator Blasts Sony for Keeping Breach Secret

[Harbinger_]

Now the question that I have about this senator's letter is does he truly mean everyone or only residents in the USA?

 

[Jodah]

I'm gunna call shenanigans here. Its certainly possible that he somehow has inside information but I very much doubt it. It sounds like a publicity stunt. I would be more apt to believe Random Sony Employee 4356712.1 than a politician that somehow has insider information. Furthermore, if he was so concerned about the public why did he not produce this information a week ago himself.

 

[Dango]

This kind of fast reaction makes me wonder if the good Senator is a PS gamer..?

My money is on "a Senator who already despises video games and wants to take down any and all form of it, even if it means siding with butt-hurt gamers to garner attention and possible votes".

Wow! That's quite the demand! I agree with the article, where was this furor when more serious matters occur? Also, I've never even heard of this Senator, let alone understand why THIS issue is so important to him.

Ah, finally. When I saw this hit CBS, I know the not so technologically minded senators would jump in. I do admire the protection of the people, and I do think that Sony should give us better explanations. But I'm still waiting of that Paul Harvey voice to come in and say "And now, for the Rest of the Story." This isn't finished for sure.
Also, only a Democrat would vouch for the gamers. Plus one my vote towards their party.

You guys should check out the man's <url=http://en.wikipedia.org/wiki/Richard_Blumenthal#Attorney_General_career>Wikipedia page. He makes a habit of standing up for the little people, and Sony isn't the first <url=http://en.wikipedia.org/wiki/Richard_Blumenthal#Microsoft_lawsuit>Software giant he's thrown down with.

Given how little anyone outside of Sony knows about this, I'd say it's a bit early to any throwing down, or blaming for that matter, yet. But if Sony did withhold information on the attack, then they deserve a bit of criticism.

 

[Sniper Team 4]

Where was vehemence like this after the banking crisis of 2008? I mean, this is just pennies compared to the trillions of dollars wasted to save banks like Bear Stearns, Bank of America and AIG. I know it's apples to oranges, but I kind of wish we could all take a deep breath and realize that the PSN kerfuffle is not the end of the world.

Good. I'm not the only one who's going, "Um...don't you have more IMPORTANT things to worry about?" Granted, for us gamers this is pretty bad, but Senators have other things that they should be throwing themselves at.

 

[puffenstuff]

Agreed on the banks of 2008. And if they did know and held back the info then I agree that they should be in trouble but this is a politician talking here. He knows as much about this as we do. But don't forget who's fault it is in the first place.

Anyone responsible for hacking it should have their lives ruined in court by the full extent of the law. Would be nice to see Geo among them but he got off easy.

This. As much as I blame Sony I blame hackers more, people may support them because they think it's completely justified if you don't like the company, but if you don't like it DON'T BUY IT! AND IF YOU ALREADY DID BUY IT SELL IT BEFORE IT BECOMES WORTH $15 AND GET SOMETHING ELSE! THEN DISCOURAGE OTHER PEOPLE FROM BUYING IT!

Why do people insist on spreading this ridiculous idea? The PS3 jailbreak was entirely on the client side. It should have done nothing to enable access to the PSN servers where this data is stored. If it did, PSN has some of the worst security design ever implemented. Geohot did not steal user info. He did not enable the theft of user info. If you have any questions about this I will be happy to answer them.

 

[RaikuFA]

Agreed on the banks of 2008. And if they did know and held back the info then I agree that they should be in trouble but this is a politician talking here. He knows as much about this as we do. But don't forget who's fault it is in the first place.

Anyone responsible for hacking it should have their lives ruined in court by the full extent of the law. Would be nice to see Geo among them but he got off easy.

This. As much as I blame Sony I blame hackers more, people may support them because they think it's completely justified if you don't like the company, but if you don't like it DON'T BUY IT! AND IF YOU ALREADY DID BUY IT SELL IT BEFORE IT BECOMES WORTH $15 AND GET SOMETHING ELSE! THEN DISCOURAGE OTHER PEOPLE FROM BUYING IT!

Why do people insist on spreading this ridiculous idea. The PS3 jailbreak was entirely on the client side. It should have done nothing to enable access to the PSN servers where this data is stored. If it did, PSN has some of the worst security design ever implemented. Geohot did not steal user info. He did not enable the theft of user info. If you have any questions about this I will be happy to answer them.

can sony really do nothing due to the T&C

 

[puffenstuff]

Why do people insist on spreading this ridiculous idea. The PS3 jailbreak was entirely on the client side. It should have done nothing to enable access to the PSN servers where this data is stored. If it did, PSN has some of the worst security design ever implemented. Geohot did not steal user info. He did not enable the theft of user info. If you have any questions about this I will be happy to answer them.

can sony really do nothing due to the T&C

Can they do nothing about what due terms & conditions?

 

[Druyn]

I was actually thinking of buying the next playstation console over the next xbox one. After all of this, however, Im not so certain that that would be a good idea.

As a guy who doesn't especially care about console wars (I own 360), why switch?

The bad thing has happened. It's doubtful it will happen again.

Microsoft is most likely next to the chopping board.

I would doubt it. Microsoft has always kept a much tighter leash on its networks and data, and after this attack, I would hope that Microsoft is tightening up its already-choking leash is anticipation. I don't think Xbox has to worry. ALthough if these people were good enough to bring down the entire PSN network for almost a week, who knows?

 

[RaikuFA]

Why do people insist on spreading this ridiculous idea. The PS3 jailbreak was entirely on the client side. It should have done nothing to enable access to the PSN servers where this data is stored. If it did, PSN has some of the worst security design ever implemented. Geohot did not steal user info. He did not enable the theft of user info. If you have any questions about this I will be happy to answer them.

can sony really do nothing due to the T&C

Can they do nothing about what due terms & conditions?

...you agree that you would not hold the company or its affiliates responsible for:

??(c) any unauthorized access to or use of our secure servers or any and all non-secured personal information (d) any interruption or the cessation of transmission ??

basically they can say the above and tell you that its not their fault

that type of crap

 

[Ian Caronia]

Disagree Greg. It's pretty shocking that Sony had this information for so long without notifying those who had been violated. It's information that they collected, stored online, apparently not very securely, and then lost. Time is crucial in attempting to tackle fraud, and the consequences for an individual can be devastating - not only in terms of lost money (which may be refundable), but in terms of the stress, hassle and worry of sorting it out.

Whilst there hasn't been any report of credit card problems yet, that's a serious amount of data lost - and it's pretty shocking that Sony aren't doing their utmost to help the innocent. It would be nice if Sony WERE forced to pay all of that - it would ensure they take customer care more seriously in future. Furthermore, some strong-arm moves might actually begin taking power away from large companies, and giving it back to the consumer.

Stating that this doesn't deserve rage like the recession did is mistaken. The recession deserved more rage and rhetoric - but this deserves a heck of a lot, and Sony deserves a good financial kicking for it.

THIS ENTIRELY.

To Greg Tito: Mate, it might not be a big deal to you "in the grand scheme of things", but that's probably because you don't have your financial information on the line, or if you do, you can cancel your credit cards or fix it up no problem. For those who can't, for those who are much worse off financially, this is just a blind-sided strike to the groin. I agree that it's not as big as the recession, but that's like saying a random civilian getting shot in the face for no reason is not as big the tsunami in Japan. One is a bigger issue, yes, but does that take away the gravity of the civilian's murder?
_ On some level what you're saying is true, but that does not mean the situation should be treated as lightly as your wording suggests. Primarily, let's not compare the two and let's focus on getting our points across on both the grander, and smaller scale issues.

 

[Skratt]

Where was vehemence like this after the banking crisis of 2008?

There are millions more wondering the same damn thing. Why the shit can't politicians get their priorities strait? Oh wait, there's a presidential election coming up in two years. Time to look good to some constituents!

....*grumble* worthless *grumble*....

 

[Kiltguy]

I'm wondering; What's happening to SONY in the market exchange? How is them share values?
This must be a big blow, if not the biggest, to their economy.

 

[puffenstuff]

Why do people insist on spreading this ridiculous idea. The PS3 jailbreak was entirely on the client side. It should have done nothing to enable access to the PSN servers where this data is stored. If it did, PSN has some of the worst security design ever implemented. Geohot did not steal user info. He did not enable the theft of user info. If you have any questions about this I will be happy to answer them.

can sony really do nothing due to the T&C

Can they do nothing about what due terms & conditions?

...you agree that you would not hold the company or its affiliates responsible for:

??(c) any unauthorized access to or use of our secure servers or any and all non-secured personal information (d) any interruption or the cessation of transmission ??

basically they can say the above and tell you that its not their fault

that type of crap

Ah. That enters into the legal realm. I meant questions about the technical end of things, but I'll take a stab at it.

I think that language might protect them in some jurisdictions. Some US states have laws that specifically require merchants to take financial responsibility but I don't think the federal government has any such law. There also seems to be a standard of negligence that needs to be met. So if a company took what a court decides are reasonable measures to protect the data they are off the hook, but if not then they may still be liable. This is just me doing a little googleing on the subject so take it with a grain of salt.

If you want to know what the law should say: Language like that should not protect them. A company should be 100% liable for data losses of its customers. It is the only way to ensure that proper precautions are taken. This also ties into the larger problem of click-through contracts. We really need to put some restrictions on what can be in a shrink-wrap or click-through contract. The are fundamentally different from a regular contract because the power balance between a company and customer is far different than the power balance between two companies or two individuals.

tl;dr: It's complicated and could go either way in the courts... I think.

 

[puffenstuff]

Agreed on the banks of 2008. And if they did know and held back the info then I agree that they should be in trouble but this is a politician talking here. He knows as much about this as we do. But don't forget who's fault it is in the first place.

Anyone responsible for hacking it should have their lives ruined in court by the full extent of the law. Would be nice to see Geo among them but he got off easy.

This. As much as I blame Sony I blame hackers more, people may support them because they think it's completely justified if you don't like the company, but if you don't like it DON'T BUY IT! AND IF YOU ALREADY DID BUY IT SELL IT BEFORE IT BECOMES WORTH $15 AND GET SOMETHING ELSE! THEN DISCOURAGE OTHER PEOPLE FROM BUYING IT!

Why do people insist on spreading this ridiculous idea? The PS3 jailbreak was entirely on the client side. It should have done nothing to enable access to the PSN servers where this data is stored. If it did, PSN has some of the worst security design ever implemented. Geohot did not steal user info. He did not enable the theft of user info. If you have any questions about this I will be happy to answer them.

I couldn't give less of a shit, while I agree that PSN's security is shit, he shouldn't have still had a PS3 by then in the first place if he has such a fucking problem with it (the not being able to mod it part), he should have gotten a fucking Xbox or Wii, or a better PC, and encouraged others to do the same, frankly that says more his bitching ever will.

If I don't like something, I'll just get rid of it and get something else, I certainly wouldn't have kept MW2 if I didn't like it.

And frankly, while I don't have a problem with him and Sony settling the lawsuit outside of court, I do have a very big problem with his "vacation" to South America DURING the lawsuit.

None of which has any bearing on the problem at hand. Which is my point. Geohot had nothing to do with PSN's problems.

 

[JDKJ]

Wow! That's quite the demand! I agree with the article, where was this furor when more serious matters occur? Also, I've never even heard of this Senator, let alone understand why THIS issue is so important to him.

He's the guy who got busted for fibbing about his Vietnam service.

He also sits on the subcommittee on Antitrust, Competition Policy and Consumer Rights and the subcommittee on Privacy, Technology and the Law. Kinda makes sense that he'd be jumping on the bandwagon.

 

[JDKJ]

Agreed on the banks of 2008. And if they did know and held back the info then I agree that they should be in trouble but this is a politician talking here. He knows as much about this as we do. But don't forget who's fault it is in the first place.

Anyone responsible for hacking it should have their lives ruined in court by the full extent of the law. Would be nice to see Geo among them but he got off easy.

This. As much as I blame Sony I blame hackers more, people may support them because they think it's completely justified if you don't like the company, but if you don't like it DON'T BUY IT! AND IF YOU ALREADY DID BUY IT SELL IT BEFORE IT BECOMES WORTH $15 AND GET SOMETHING ELSE! THEN DISCOURAGE OTHER PEOPLE FROM BUYING IT!

Why do people insist on spreading this ridiculous idea? The PS3 jailbreak was entirely on the client side. It should have done nothing to enable access to the PSN servers where this data is stored. If it did, PSN has some of the worst security design ever implemented. Geohot did not steal user info. He did not enable the theft of user info. If you have any questions about this I will be happy to answer them.

I couldn't give less of a shit, while I agree that PSN's security is shit, he shouldn't have still had a PS3 by then in the first place if he has such a fucking problem with it (the not being able to mod it part), he should have gotten a fucking Xbox or Wii, or a better PC, and encouraged others to do the same, frankly that says more his bitching ever will.

If I don't like something, I'll just get rid of it and get something else, I certainly wouldn't have kept MW2 if I didn't like it.

And frankly, while I don't have a problem with him and Sony settling the lawsuit outside of court, I do have a very big problem with his "vacation" to South America DURING the lawsuit.

None of which has any bearing on the problem at hand. Which is my point. Geohot had nothing to do with PSN's problems.

Can we confidently say that when we don't know the exact cause of Sony's problems? For all we know, EgoHot hacked them himself. I'm not saying he did, but no one can say he didn't. Not at this point and not given the know facts (which are zero facts).

 

[puffenstuff]

Agreed on the banks of 2008. And if they did know and held back the info then I agree that they should be in trouble but this is a politician talking here. He knows as much about this as we do. But don't forget who's fault it is in the first place.

Anyone responsible for hacking it should have their lives ruined in court by the full extent of the law. Would be nice to see Geo among them but he got off easy.

This. As much as I blame Sony I blame hackers more, people may support them because they think it's completely justified if you don't like the company, but if you don't like it DON'T BUY IT! AND IF YOU ALREADY DID BUY IT SELL IT BEFORE IT BECOMES WORTH $15 AND GET SOMETHING ELSE! THEN DISCOURAGE OTHER PEOPLE FROM BUYING IT!

Why do people insist on spreading this ridiculous idea? The PS3 jailbreak was entirely on the client side. It should have done nothing to enable access to the PSN servers where this data is stored. If it did, PSN has some of the worst security design ever implemented. Geohot did not steal user info. He did not enable the theft of user info. If you have any questions about this I will be happy to answer them.

I couldn't give less of a shit, while I agree that PSN's security is shit, he shouldn't have still had a PS3 by then in the first place if he has such a fucking problem with it (the not being able to mod it part), he should have gotten a fucking Xbox or Wii, or a better PC, and encouraged others to do the same, frankly that says more his bitching ever will.

If I don't like something, I'll just get rid of it and get something else, I certainly wouldn't have kept MW2 if I didn't like it.

And frankly, while I don't have a problem with him and Sony settling the lawsuit outside of court, I do have a very big problem with his "vacation" to South America DURING the lawsuit.

None of which has any bearing on the problem at hand. Which is my point. Geohot had nothing to do with PSN's problems.

Can we confidently say that when we don't know the exact cause of Sony's problems? For all we know, EgoHot hacked them himself. I'm not saying he did, but no one can say he didn't. Not at this point and not given the know facts (which are zero facts).

Yeah, I think that is accurate. With the small addition that, despite speculation that custom firmware played a part in the breach, it did not. And if it did, PSN has the most pants on head retarded security design possible.