Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Sony Suffers Yet More Security Breaches

Unknown Lamer posted more than 3 years ago | from the flogging-a-dead-sony dept.

Security 288

Oldcynic writes "As Sony struggles to restore the Playstation Network we receive news today of another breach, this time at Sony Ericsson in Canada. 'Sony Corp. spokesman Atsuo Omagari said Wednesday that names, email and encrypted passwords may have been stolen from the Sony Ericsson Canada website, but no credit card information was taken.' Another group managed to penetrate Sony Entertainment Japan yesterday as well. I almost feel bad for them.

Sorry! There are no comments related to the filter you selected.

Was it really worth it, Sony? (5, Insightful)

elrous0 (869638) | more than 3 years ago | (#36238814)

I've always said that Sony is the most control-freak tech company in the world (making even Nintendo and Apple look sedate by comparison), a company that would happily shoot itself in the foot rather than lose even an *inch* of control of it's media, it's IT, or its technology.

From the rootkit fiasco, their obsessive lockdown of blu-ray (which of course, was cracked), and (many) assorted other lawsuits--Sony has established itself as the kind of company who would happily put a spycamera in everyone's home to make sure that no one is watching a pirated copy of Spiderman 3 (though why anyone would want to watch even a free version of that or just about any other Sony movie is beyond me).

But now they've removed a little-used and fairly innocuous Linux feature from the PS3, and then busted a guy who jailbroke the machine in response. Not only did they send in thugs to kick his door down and take all his shit (then strongarm him into admitting guilt to something that, before the DMCA, wouldn't even be considered a crime), but they even went as far as to try to force ISP's to hand over the identities of everyone who even DISCUSSED the hack on his website or blog.

Well, was it worth it, Sony?

Re:Was it really worth it, Sony? (1)

Anonymous Coward | more than 3 years ago | (#36238860)

If someone could resurrect the innovative Sony of the mid-to-late '70s, I might start liking them again.

Re:Was it really worth it, Sony? (2)

bluechipps (1933036) | more than 3 years ago | (#36238984)

If someone could resurrect the innovative Sony of the mid-to-late '70s, I might start liking them again.

Good luck with that, calling any corporation "innovative" is blasphemous these days.

Re:Was it really worth it, Sony? (1)

Bing Tsher E (943915) | more than 3 years ago | (#36239010)

Sony has always just been the 'reliable brandname' on equipment from a company big and powerful enough to roll in the innovations that other entities have pioneered in. Sony hasn't been innovative since the very early days. Except in the same way that other big borglike entities like Microsoft and Apple can be considered innovative.

Re:Was it really worth it, Sony? (5, Informative)

cpu6502 (1960974) | more than 3 years ago | (#36239598)

>>>>>If someone could resurrect the innovative Sony of the mid-to-late '70s
>>
>>Sony has always just been the 'reliable brandname' on equipment from a company big and powerful enough to roll in the innovations that other entities have pioneered in.

I believe you're mistaken.
Sony is the company that invented videocassettes (Umatic and Betamax). Sony is the company that invented Betacam. The 3.5 inch floppy. The Compact Disc. Rewritable magneto-optical discs. THAT'S the company the grandparent poster was talking about when he said "innovative".

Re:Was it really worth it, Sony? (0)

Anonymous Coward | more than 3 years ago | (#36239422)

Hate to say this, but Apple is the new Sony. Steve jobs will as much as admit it. He loved Sony like we all did back in the day of Trinitrons and Walkmans. They made GORGEOUS hardware.

Re:Was it really worth it, Sony? (1)

Anonymous Coward | more than 3 years ago | (#36238876)

... and then busted a guy who jailbroke the machine in response. Not only did they send in thugs to kick his door down and take all his shit (then strongarm him into admitting guilt to something that, before the DMCA, wouldn't even be considered a crime), but they even went as far as to try to force ISP's to hand over the identities of everyone who even DISCUSSED the hack on his website or blog.

Kinda makes you wonder if all these security breaches are retaliation from the general hacker masses, doesn't it?

Re:Was it really worth it, Sony? (4, Insightful)

rotide (1015173) | more than 3 years ago | (#36238942)

I wouldn't call it retaliation, per se. I'd more be inclined to describe it as a company that everyone who likes to "penetration test" sees as a fun target now. They pissed certain people off and made a certain amount of headlines and eventually they hit "critical mass" with the "hacker community". Sony keeps fixing things and the "testers" are having a good time showing the world that they are still vulnerable.

Sony is being forced to play a game where the other side has the better toolset.

Re:Was it really worth it, Sony? (-1)

Anonymous Coward | more than 3 years ago | (#36239022)

Sony is being forced to play a game where the other side has the better toolset.

And I hope that other gets used as a sock puppet in prison one day.

Re:Was it really worth it, Sony? (1)

zaxus (105404) | more than 3 years ago | (#36239458)

...sock puppet in prison...

I don't think they can use Slashdot from prison, no matter how many accounts they have...

Re:Was it really worth it, Sony? (1)

the_hellspawn (908071) | more than 3 years ago | (#36239464)

You are a Sony rep ain't you?... Post yourself foool before I break ya!

Re:Was it really worth it, Sony? (1)

vlm (69642) | more than 3 years ago | (#36239500)

Sony is being forced to play a game where the other side has the better toolset.

Kinda like a Sony memory stick vs industry standard SD card?

Re:Was it really worth it, Sony? (0)

Anonymous Coward | more than 3 years ago | (#36239550)

The idea may be to bring the dark side of Sony to the popular consciousness: that they don't care about customers' private data. That Sony is not, actually, reliable from customers' point of view.

While the breaches won't cost Sony directly very much, let's hope the lost sales will make them notice that playing it loose with customers' data does, indeed, harm the bottom line.

Re:Was it really worth it, Sony? (4, Funny)

somaTh (1154199) | more than 3 years ago | (#36238894)

Sony has established itself as the kind of company who would happily put a spycamera in everyone's home

So THAT's what the PlayStation Eye is for!

Re:Was it really worth it, Sony? (1, Insightful)

Anonymous Coward | more than 3 years ago | (#36238916)

Because Sony execs are assholes, customers who just want to play a video game should have their credit card data stolen.

Really?

Re:Was it really worth it, Sony? (3, Interesting)

TheGratefulNet (143330) | more than 3 years ago | (#36238994)

but you have to realize: in a war, 'precise bombing' is not always possible.

if the hackers that are pissed off are just attacking sony any way they can, its not hard to imagine that others who 'touch' sony will also get hurt. ie, their users and customers.

I long ago stopped buying and supporting sony things. my way to fight back is to just stop buying. but kids today who think that sony is 'evil' in the most literal sense of the word might go to any lengths to seek revenge.

there IS a lesson here. the teenager who gets pissed off at the world and wants to seek revenge is not something you can directly fix. the way to fix the problem is stop pissing off your customers in the first place.

sony, culturally, probably won't understand a word of this. I expect the 'war' to continue for quite a while.

gee, just like the 'grownups' kind of wars. just like it.

Re:Was it really worth it, Sony? (1)

InsaneProcessor (869563) | more than 3 years ago | (#36239252)

I am so glad I had taken the same view of "voting with my feet" and not buying any sony products or services. Now, I am not collateral damage!

Re:Was it really worth it, Sony? (1)

unimacs (597299) | more than 3 years ago | (#36239304)

War? Sounds like some people have a very distorted sense of what's important.

Re:Was it really worth it, Sony? (1)

Omnifarious (11933) | more than 3 years ago | (#36239486)

Really, control over the stuff you have in your own house isn't an important issue?

Re:Was it really worth it, Sony? (1)

somersault (912633) | more than 3 years ago | (#36238966)

now they've removed a little-used and fairly innocuous Linux feature from the PS3, and then busted a guy who jailbroke the machine in response

They actually removed that feature as a response to GeoHot announcing he was going to crack the PS3. But the end result is the same.

Re:Was it really worth it, Sony? (1)

Duradin (1261418) | more than 3 years ago | (#36239386)

"The Doctor: People assume that time is a strict progression of cause to effect, but actually, from a non-linear non-subjective viewpoint, it's more like a big bowl of wibbly wobbly timey wimey... stuff. "

Understand that and you'll understand the Church of St. George and save yourself a bunch of karma.

Re:Was it really worth it, Sony? (3, Insightful)

h4rr4r (612664) | more than 3 years ago | (#36239690)

So instead of fixing their security issue they decided to steal value from consumers. What a wonderful company.

Re:Was it really worth it, Sony? (2)

malacandrian (2145016) | more than 3 years ago | (#36238970)

...admitting guilt to something that, before the DMCA, wouldn't even be considered a crime...

There are indeed many things in life that were not illegal until they were.

Re:Was it really worth it, Sony? (3, Informative)

_Sprocket_ (42527) | more than 3 years ago | (#36239038)

...admitting guilt to something that, before the DMCA, wouldn't even be considered a crime...

There are indeed many things in life that were not illegal until they were.

That is actually a fundamental concept in law - whether one has inherent rights and law adds restrictions or whether one's rights are expressly granted by law.

Re:Was it really worth it, Sony? (1)

Anonymous Coward | more than 3 years ago | (#36239094)

I would love to believe that Sony was hacked because of their bad actions. However, I believe that Sony was just an easy target (and, once it was known that their security stinks, other hackers took the low hanging fruits of all the other incompetent Sony sites).

Re:Was it really worth it, Sony? (1)

softWare3ngineer (2007302) | more than 3 years ago | (#36239186)

I've always said that Sony is the most control-freak tech company in the world (making even Nintendo and Apple look sedate by comparison)

I think that could be part of their problem. if the company is a control freak towards their employee's time, then their employees aren't very likely to be spending a lot of time working on stuff that isn't directly brining in revenue(like security, maintenance, or improving business processes). the management probably just expects it, without any impact on time of development or extra maintenance.

Re:Was it really worth it, Sony? (5, Insightful)

DurendalMac (736637) | more than 3 years ago | (#36239246)

Yeah, but it's just getting excessive now. When Moe pokes Curly in the eyes, it's funny. When Moe beats Curly to death with a lug wrench and then dismembers him with a chainsaw, then...well, actually, it's still funny.

Carry on.

Re:Was it really worth it, Sony? (1)

dcollins (135727) | more than 3 years ago | (#36239400)

Yeah, it was a good bit when that happened in Sensational She-Hulk #5.

Re:Was it really worth it, Sony? (1)

Anonymous Coward | more than 3 years ago | (#36239622)

Sony owns everyones ps3. And everyone else owns sonys servers.

I don't care where you're from.... That's funny right there.

Again? (2)

Catnaps (2044938) | more than 3 years ago | (#36238818)

Somewhere out there, there's a hacker with a world map and a bunch of pins. Also, an intense dislike of Sony.

Re:Again? (0)

Anonymous Coward | more than 3 years ago | (#36238956)

Hackers, plural. And lots of 'em.

Re:Again? (3, Insightful)

somersault (912633) | more than 3 years ago | (#36238988)

More likely a lot of separate individuals/groups who want to join in on the Sony bashing trend.

Re:Again? (1)

Ironhandx (1762146) | more than 3 years ago | (#36238992)

Somewhere out there, there's an army of hackers with a world map and a bunch of pins. Also, an intense dislike of Sony.

FTFY.

Sony pissed off exactly the wrong people. Many many many times over. They've had this coming for awhile.

Disclaimer: I am in no way affiliated with any said army. I am simply surmising based on the massive and intense hatred of sony amongst groups of people among whom I have several acquaintances. All for similar reasons, each with his/her own particular straw that broke the camels back. Recent events are really just fanning the flames of a fire sony had already started.

Re:Again? (2)

socsoc (1116769) | more than 3 years ago | (#36239140)

Good thing you posted a disclaimer.

Disclaimer: I in no way agree with parent and fully support Sony with my money and first born child.

Re:Again? (3, Insightful)

Allicorn (175921) | more than 3 years ago | (#36239274)

Why extract the database of users' information if your goal is only to give a slap in the face to the evil corporation?

It's almost as if the goal of this criminal activity wasn't heroic anti-corporatist hactivism at all...

Re:Again? (1)

Ironhandx (1762146) | more than 3 years ago | (#36239416)

Of course it isn't. That is one of the reasons that Sony in particular is being targeted however.

From what I can gather of the situation people that may not want to be involved in criminal activity are pissed off enough to help those that have no such qualms in some easily-denied way.

Basically, Sony has pissed off enough people that it has painted a large target on its back saying "Come get me". This has an effect of making Sony the largest path of least resistance for anyone with questionable morals.

Re:Again? (0)

Anonymous Coward | more than 3 years ago | (#36239496)

Why extract the database of users' information if your goal is only to give a slap in the face to the evil corporation?

There are legal repercussions for any company that can't maintain the legally required confidentiality of their customers' data. Pretty much worst case scenario would see Sony forbidden from acting as a data controller, which would effectively cripple them in Europe. I can't imagine that every happening though.

That'll do far more damage than outages or "superhaxorz was here" messages on Sony servers.

Karma (3, Insightful)

what2123 (1116571) | more than 3 years ago | (#36238824)

It's not sad to see this happening considering their reputation for the past 10 years. You cannot continually screw your revenue sources and expect to remain on top of the pyramid. Eventually it will all fallout from underneath you, one way or another.

Re:Karma (-1)

muffen (321442) | more than 3 years ago | (#36238950)

Whats wrong with exploding laptop batteries, installing rootkits, forcing the removal of advertized functionality, suing kids in basements for the horrible crime of sending sony games from Hong Kong to Europe and the US, and then topping it off by loosing the credit card details for all people who are paying for this five-star treatment?

Re:Karma (0)

Anonymous Coward | more than 3 years ago | (#36239076)

I hate to say it, being an American myself, but what do you expect from a Japanese company run by an American who was president of CBS?

Re:Karma (1)

betterunixthanunix (980855) | more than 3 years ago | (#36239670)

Unfortunately, their customers are getting hurt in the process, which is what makes this sad. If it were just a matter of Sony getting beat down everywhere they turned, I would have no problem.

There will be no peace. (5, Insightful)

Anonymous Coward | more than 3 years ago | (#36238836)

Period.

Burn the bible (-1)

Anonymous Coward | more than 3 years ago | (#36238852)

Burn the bible [goo.gl]

Security? (5, Interesting)

muffen (321442) | more than 3 years ago | (#36238864)

After it was discovered that Sony was installing rootkits on people's machines, Mr Thomas Hesse, president of Sony BMG's global digital business said, "Most people I think don't even know what a rootkit is, so why should they care about it?"

They are just taking the same approach to Security, since they don't know what it is, why care about it?

does this expression require children be involved? (1)

sgt scrub (869860) | more than 3 years ago | (#36238882)

the fucking you get for the fucking you get.

Re:does this expression require children be involv (5, Funny)

outsider007 (115534) | more than 3 years ago | (#36239064)

Agree. Sony has screwed more kids than the catholic church.

Re:does this expression require children be involv (1)

theskipper (461997) | more than 3 years ago | (#36239128)

There's something oddly recursive about that statement.

Please subscribe me to your newsletter.

Re:does this expression require children be involv (1)

Securityemo (1407943) | more than 3 years ago | (#36239572)

The stop condition is "when a fucker that fucks someone that ain't fucked over anyone, in a particularly upsetting manner, in recent memory, gets fucked, the fucker fucking this fucker doesn't deserve to be fucked."

It's simple. A child could understand it.

Plain text passwords.... (3, Insightful)

antifoidulus (807088) | more than 3 years ago | (#36238904)

From TFA:

"E-mail, password, and names of thousands of users were exposed via text file"

Why...why...WHY do people still insist on plain text passwords? Have these people ever heard of a hash? There is 0 reason ever to store a plaintext password, end of story. Anyone who designs a system that stores passwords in plain text should be fired on the spot.

Re:Plain text passwords.... (1)

antifoidulus (807088) | more than 3 years ago | (#36238930)

Well, it looks like at least some of the passwords were hashed(also, please stop saying "encrypted" passwords, there is a world of difference between encryption and hashing!), but it's not clear that all the passwords were hashed.....

Re:Plain text passwords.... (0)

Anonymous Coward | more than 3 years ago | (#36238968)

Anyone who designs a system that stores passwords in plain text should be fired on the spot.

What? No torturing?

Fine... We'll just fire them out of a cannon into the Sun.

Re:Plain text passwords.... (1)

xaxa (988988) | more than 3 years ago | (#36239044)

Anyone who designs a system that stores passwords in plain text should be fired on the spot.

Off-topic: my bank asks for the Lth, Mth and Nth characters of my password, which is better than asking for the whole lot. Is it possible to have a system like that without storing the password encrypted (rather than hashed)?

Re:Plain text passwords.... (2)

Relayman (1068986) | more than 3 years ago | (#36239224)

No. Any good encryption scheme encrypts your password as a complete character string. The password systems I work with use a one-way encryption method; if you have the encrypted value, you can't decrypt it to get the password. Having just three characters of your password should not be able to determine its validity unless they are decrypting your password (vulnerability) or storing it as plain text (vulnerability). This is an unacceptable method.

Re:Plain text passwords.... (1)

vlm (69642) | more than 3 years ago | (#36239564)

Having just three characters of your password should not be able to determine its validity unless they are decrypting your password (vulnerability) or storing it as plain text (vulnerability).

There's a third possibility, Sony seems to operate at just the right level of clue to store each individual character in a separate column, although each individual character hashed of course for security reasons. (if you're reading this, and don't get the joke, please don't program anything using a password, unless you work at Sony, OK?)

Re:Plain text passwords.... (1)

amorsen (7485) | more than 3 years ago | (#36239578)

You cannot encrypt a password both in transfer and on disk (unless you use a separately encrypted channel with separate authentication, but then why do you need a password?). For a lot of things it is more important that you can use the password to establish a secure channel than it is to store the password as a hash.

E.g. with the simple "ask for three specific characters from the password" method you gain almost-one-time-passwords, so a keylogger on a public terminal cannot empty your bank account afterwards. This property is probably worth the risk that someone breaks into the password storage.

Re:Plain text passwords.... (1)

monkeyhybrid (1677192) | more than 3 years ago | (#36239518)

Hash the individual characters as well as the password in it's entirety? Stupid easy to bruteforce if your salt is known though...

Re:Plain text passwords.... (1)

lucian1900 (1698922) | more than 3 years ago | (#36239648)

No. And what they're doing is stupid. You should have a password which you type in AND a memorable info, which you get asked letters of.

Re:Incomplete quotation (0)

Anonymous Coward | more than 3 years ago | (#36239368)

Let me give you the real quote here: "E-mail, password, and names of thousands of users were exposed via text file on Pastebin.".

Sony bashing time again ?

Re:Incomplete quotation (1)

Haedrian (1676506) | more than 3 years ago | (#36239594)

If the passwords were properly hashed (with a good salt) and were strong enough such that a dictionary attack couldn't break them, you wouldn't have 'thousands' of leaks.

Re:Plain text passwords.... (2, Informative)

Anonymous Coward | more than 3 years ago | (#36239456)

Also from TFA, it says the passwords were "encrypted". What wasn't in TFA is the phrase "plain text" - that part YOU added. Way to get worked up over something that you formulated.

In the immortal words of Radiohead... (1)

Anonymous Coward | more than 3 years ago | (#36238906)

This is what you get
when you mess with us.

-- Karma Police

Pull the damn cables already! (3, Insightful)

AAWood (918613) | more than 3 years ago | (#36238918)

Seriously, how long until Sony head office just tells every department to yank their network cables until a full security audit is done? This is just embarrassing at this point.

Re:Pull the damn cables already! (3, Insightful)

lennier1 (264730) | more than 3 years ago | (#36238976)

I get the impression they're not even trying anymore.

Re:Pull the damn cables already! (0)

Anonymous Coward | more than 3 years ago | (#36239292)

They weren't really trying in the first place...

Re:Pull the damn cables already! (0)

Anonymous Coward | more than 3 years ago | (#36239270)

But then, how would they ever tell them, that the audit is done?
Smoke signals?
I'd bet they'd manage to get hacked via those too! ;)

Re:Pull the damn cables already! (0)

Anonymous Coward | more than 3 years ago | (#36239418)

If you check around the world, every company has the same level of security, crappy. They should be embarrassed because they're obviously being specifically targeted and don't seem to be doing anything.

Pinkertons (5, Interesting)

Gotung (571984) | more than 3 years ago | (#36238944)

I wonder if this rise in internet vigilante-ism is going to birth a corporate funded internet version of the Pinkertons. I.E. a group of black hat hackers paid by big corporations to hunt down and ruin groups like Anonymous through less than legal means.

Re:Pinkertons (0)

Anonymous Coward | more than 3 years ago | (#36239092)

That's already in place.
Multiples even. FBI, DHS to name a few. They slap the cash on the table, the government assigns field agents to investigate. All they have to claim is IP or copyright violations.

Re:Pinkertons (1)

chemosh6969 (632048) | more than 3 years ago | (#36239176)

I think it's more of everyone seeing how unsecure Sony is, so they're all trying to get into all the other unsecure systems.

Re:Pinkertons (0)

Anonymous Coward | more than 3 years ago | (#36239178)

At first I thought you were going to say, "black hat hackers paid by big corporations to hunt down other corporations."

That would awesome btw :).

Re:Pinkertons (1)

Thruen (753567) | more than 3 years ago | (#36239210)

I figured that's what was happening when federal agents became the tools used to investigate and help prosecute people for copyright infringement.

Re:Pinkertons (1)

wesgray (1827286) | more than 3 years ago | (#36239332)

It is already here: Remember HB Gary working for the U.S. Chamber of Commerce and Bank of America?

Re:Pinkertons (1)

RazorSharp (1418697) | more than 3 years ago | (#36239526)

Or ruin other companies.

It's funny, the first time I read Neuromancer years ago everything in it seemed so far fetched. Sorry Mr. Gibson, it appears you were right on a number of things. Black hats may become a solution for everyone -- vigilantes, interest groups, corporations, criminals, ect. Why rob a bank with guns when you can combine hacking and social engineering to make money appear from nowhere and appear legitimate? If a politician's opponent is raising massive funds with a website, it can be taken down with a DDoS and attributed to 'anonymous' internet users. A competing corporation plans to debut a product online at a certain date? Too easy.

Sony makes things easy on these black hats. They seem to think Sony epitomizes corporate evil (between playing on their XBoxes and dicking around on Windows. . .). What's going to happen when the targets become more controversial and polarize this black hat community? And then another polarizing issue and then another. You can't expect everyone who parades under the banner of Anonymous to be on the same page ideologically. What they're really doing is setting a precedent: if you're willing to skirt the law, black hat solutions are viable for taking down opponents who rely on digital networking.

If one good thing can come of it, I would say it's this: people may start taking anonymity on the internet seriously. The Facebook model of 'privacy shouldn't exist' will be put to the test.

Almost feel bad for them (4, Insightful)

19thNervousBreakdown (768619) | more than 3 years ago | (#36238974)

Feel bad for them? The fuck? "They" are a corporation, whose only reason for existence is to make money. Sure, there might be individuals working there with morals, but the company itself has none at all--regardless of what US law says, it's not a person.

This corporation has spied on, sued, made vulnerable to other attacks, and bullied its customers, potential customers, competitors, and little bald children with cancer who were lying in a bed that Sony had to put its muddy boot up on to tie its laces. And, probably because it thought it could get away with overworking or undertraining its net admins, it cut corners when it came to security. The security of its customers' credit card info. Who, after all the bullshit Sony pulled, still paid for their shit, and put their credit at risk, unlike those who "stole" from Sony, who won't have what they bought taken away at the first whim, who aren't badgered every time they want to watch a movie on a different device, who don't have to sit through unskippable guilt-trips and FBI warnings, and don't have to pay again when the disc gets scratched.

Almost feel bad for them? Ha! I'm not even close to feeling bad for them. There is no possible amount of "suffering" that could make me feel bad for them. Call me when Sony wakes up one morning with a pain in its left arm and is forced to face its own mortality.

Re:Almost feel bad for them (1)

Culture20 (968837) | more than 3 years ago | (#36239276)

And, probably because it thought it could get away with overworking or undertraining its net admins, it cut corners when it came to security.

Listen up, HR. Don't skimp on IT salary or benefits. When your IT group thinks it needs more manpower, it needs more manpower. An understaffed/undertrained IT staff is like hiring Barney Fife for your bank guard; a lot of bluster and bravado, but only one bullet kept in his shirt pocket.

RUN Away! (1)

commodore64_love (1445365) | more than 3 years ago | (#36238986)

Clearly Sony is not a company you can trust with your credit card information. Hell you can't even trust a Sony Music CD (it will install crap on your computer without telling you).

I think Sony was decent when they were the newbie-on-the-block with the PS1, and also the PS2, but sometime around 2004 they turned into a clone of Microsoft. (Meanwhile MS actually improved.) Goodbye sony because PS2 will be the last of your equipment that I ever buy. You shot yourself in the foot, and are headed towards becoming the next Commodore or Atari (fell from #1 to bankruptcy).

King of DRM (0)

Anonymous Coward | more than 3 years ago | (#36239000)

Sony is more or less the king of DRM. Why not apply some of it to their own servers?

DRM = Digital Rights management

They should keep the Right to screw with their servers to themselves

Will it matter in the long run? (0)

Anonymous Coward | more than 3 years ago | (#36239002)

Every time there are attacks against those who impede freedom, it's always used as ammo for the corporation to do more or retro-justify their actions. I can't imagine Sony going back on to allowing the "Other OS" option, although not their first act of douchery, it seemed to have ignited this wildfire.

My karma ran over your dogma* (0)

Anonymous Coward | more than 3 years ago | (#36239018)

*Aibo

Has anything been accomplished? (2)

meridiangod (940552) | more than 3 years ago | (#36239024)

I get it, they've done a ton of unpopular things, but what has all of this hacking done? Do they really think it's made them think twice about potentially unpopular business decisions? Are a ton of other hacker just jumping on a bandwagon because they can? Do you think that losing all that money will inspire them to do good by their consumers? I can only speculate as to the true intentions of the hackers out there, but it kinda bothers me when I get the impression that people are doing this to "get back at them for something they did that I don't like or agree with." If that's really the case, I wish they would just get over it already and move on. I am personally getting sick of reading about Sony.

Re:Has anything been accomplished? (0)

mehrotra.akash (1539473) | more than 3 years ago | (#36239088)

Now, when someone goes to buy a Sony product, they will think

This is the same company that installed a virus (rootkit, but since most malicious programs are referred to as viruses, so virus) when I put in a Music CD
This is the company that leaked my friends credit card details
This is the company whose websites have been hacked so many times
This is the company whose game console did not allow them to play multiplayer for a month
This is the company that removed a feature from their Game console after it was released (Again, people may not know what the feature was, but they will still know that something was removed)

Might as well buy the cheaper and almost as good Samsung/LG product. Who knows, next they will copy all the images from my camera to their servers.

(did I forget something?)

Re:Has anything been accomplished? (0)

Anonymous Coward | more than 3 years ago | (#36239468)

You give people WAYYY too much credit. Citibank tried to steal my parents' house by buying their mortgage with 5 months left on it and then not sending bills (they claimed they didn't have the address?!?). So where does my Dad keep some of the proceeds of the sale? At the local Citibank branch, of course.

At most, you can hope some people will start saying Sony=bad as they drool.

Re:Has anything been accomplished? (1)

meridiangod (940552) | more than 3 years ago | (#36239506)

Yeah, I understand that they've tarnished the Sony brand by exposing customer's information, but you're making it sound like they were handing out that information to anyone who asked. They didn't ask to have someone take customer information or have their online network taken down. And, I'm sorry, taking away a popular feature they no longer wanted to support isn't an invitation either. I wasn't a fan of removing OtherOS but I don't think the appropriate course of action was to steal customer information in order to defame their company.

I don't think most consumers care why they were hacked, just that their service was interrupted. Sure Sony's security sucked, but I think the general public will just hold the hackers responsible for the brunt of the problems down the road once this whole thing passes. In the end, Sony will move on and likely continue to do unpopular things which is why I don't really see anything meaningful being accomplished.

Re:Has anything been accomplished? (1)

Haedrian (1676506) | more than 3 years ago | (#36239532)

Rather wishful thinking, It'll go like this I think

"I want to buy a game console, this look cool and has games I want. *PURCHASE*"

Re:Has anything been accomplished? (0)

Anonymous Coward | more than 3 years ago | (#36239638)

Really that is the true impact of this, regardless of what happens at Sony Corp, they now have a tarnished brand. As anyone knows the most valuable asset to a consumer based company is their brand.

PSN (0)

Anonymous Coward | more than 3 years ago | (#36239050)

Pretty Shitty Network

they spent all that money on bluray security (1)

Dan667 (564390) | more than 3 years ago | (#36239054)

Good to see their failure to correctly prioritize who is important (the actual Customer) is beginning to cause them problems.

Most likely that... (0)

Anonymous Coward | more than 3 years ago | (#36239104)

...some group(s) has been sitting on these security holes for a long ass time now and is only just now taking them out. One after the other, blow after blow, so the world sees them failing constantly.

Re:Most likely that... (1)

rbarreira (836272) | more than 3 years ago | (#36239208)

No, it's quite a lot more likely that Sony has a bunch of easy vulnerabilities that no one cared to probe for before.

Now it's a pile on where Sony's crappy security gets exposed every day...

What's with the math? (1)

shumacher (199043) | more than 3 years ago | (#36239318)

Okay, the Ponemon Institute claims the average data breach cost per record in 2010 was $214. Sony exposed 77,000,000 records in the PSN breach. Ponemon has a corporate shill From TFA:

Sony is expecting costs related to its online security woes of 14 billion yen ($173 million), covering customer support, freebie packages, legal costs, lower sales and measures to beef up security.

calc.exe tells me: 173000000/77000000=2.2467532467532467532467532467532 So, how is it that this is costing Sony a little over 1% of Ponemon's estimate?

Re:What's with the math? (0)

Anonymous Coward | more than 3 years ago | (#36239470)

economy of scale ?

Re:What's with the math? (0)

Anonymous Coward | more than 3 years ago | (#36239512)

Exactly what I was wondering - $173 million isn't nearly enough for Sony to even care about. Going with the $214/record number would put Sony at $16.5 billion in costs. Maybe that number would help Sony understand that they need to shift their focus from consumer device security to internal security. I can't imagine that any of their anti-piracy schemes or other supposed security mechanisms on consumer devices has actually generated $16.5 billion in profit (or any profit, honestly) for them...

Typo in above. (1)

shumacher (199043) | more than 3 years ago | (#36239558)

Sorry, meant to say:

Ponemon has a corporate shill feel to their research, IMHO, but I can't imagine they're that far off. From TFA:

I guess I should have used the preview button.

I almost feel bad for them. (0)

Anonymous Coward | more than 3 years ago | (#36239370)

I DO feel bad for myself and all PSN users. SONY should have -- and most importantly, could have -- done better.

Re:I almost feel bad for them. (1)

ddd0004 (1984672) | more than 3 years ago | (#36239624)

Good thing you said almost because that's like feeling bad for the guy mugging you when he trips and falls when running away. You are right. PSN users are the ones who are really losing out on this deal. Any number of people could have access to your data now.

Wow... just wow... (1)

Hamsterdan (815291) | more than 3 years ago | (#36239406)

It's almost eery...

They're either...

1- Very incompetent on the security side
2- Very unlucky
3- Pissed off the wrong people

I think 1 and 3 pretty much covers it...

IMO, I think someone is after blood, and it won't be pretty...

It's probably Apple (0)

landofcleve (1959610) | more than 3 years ago | (#36239436)

They're going to try and release another game system again, but they need a little less competition. ;-D

Not a Sony fan but... (1)

GigG (887839) | more than 3 years ago | (#36239540)

Let's face it. If it is connected to the internet it can be hacked by outsiders. If it isn't it can be hacked by insiders. It is no different than banks. We hand them our money. It doesn't matter in the least to me if my bank is robbed my money is protected. Obviously we need some similar protection with our data.

Feel Bad? (0)

Anonymous Coward | more than 3 years ago | (#36239544)

I think the apt expression in this case is -

You reap as you sow.

New Slogan: (1)

proxy318 (944196) | more than 3 years ago | (#36239574)

Sony: Where security is our last priority.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?