If we go purely based on what Sony has told us, they knew of the vunerability but they left it open.
They might have a good reason why (IE, they were planning on patching it 2seconds before the hacking happened) but the fact remains, they knew about it but they did nothing about it (on their production systems) when the hacking occured.
One can spin this to the end of time but the facts* do not seem to be in Sony's favor.
*I am assuming what Sony has told us are facts
To catch thieves, and to study their actions, they must have data.
When this happened, you can be assured they were on the phones trying to get security specialists on this matter (this is Sony not some mom and pop that has to wait until the next day for help, if any). What we won't find out is what they were really doing during the breach and why, and for good reasons.
All I do know is game wise, EQ2 is going to get new hardware. Happy, happy.
They released a flow chart showing the attack and the webserver.
The attack came from the out dated software on the webserver.
Many folks in the security field had mentioned apache and samba being the issue.
Dude in front of congress states it was an out dated version of a webserver running apache and that they were aware of it months before hand.
But thats not enough to prove it... okie doke.
Who is 'they'? Please provide links or just identify your source at least.
Yeah, because 'dude' states something in front of the congress hearing which is just a political charade, it must be true and implies whatever fits your boat, right?
They as in the CEO's of said company (sony) in their press release.
And if you dont believe a Doc, with a PHD, testifying under oath, before congress... then thats cool man. Rock on with your bad self.
The proof has been presented, its pretty undeniable. If you dont wish to look at the facts that I have linked and presented, thats your call.
And you're playing Rift and trying to give a lesson about webserver security?
Sadest thing about all this is the players who suffer for some renegades. No, we don't talk about the renegades and their clear illegal activities, just the publisher.
It's no wonder why the world can't distinguish right or wrong anymore, they can't even seem to understand the real enemy here.
How does rifts vulnerability in their security last month have anything to do with me and security?
I wasn't aware that I was reponsible for that.... does that happen to come with a paycheck?
It's called: an observation.
Consumers are indeed responsible for their own security, too. It's called...responsibility.
Turns out I played after the issue was fixed, but even if I had played during the time, there was no way for me to know, just like there was no way for anyone playing on PSN or SOE to know prior.
Funny none of those are security certs... hmm Go figure.
Funny is that you insist on your fallacy...
I've at least provided facts, from sony and congress backing up my points.
You've said its all simply hearsay and just vague ramblings.
You then provide 3 certs... that have nothing to do with security as an apparent validation of your refusal to accept the facts as they have been presented. But I'm the one that is living in a dream world.
Hacking is a criminal act so therefore hackers are criminals. I hope when they are caught that they all recieve a lengthy prison sentence where they all become Big Bab Bubbas bottom bitch.
Sony said its video game network was hacked into at the same time it was defending itself against a major denial-of-service attack by Anonymous. A denial-of-service attack makes a server or system unavailable by overwhelming its network with Internet traffic.
The attack that stole the personal data of millions of Sony customers was launched separately, right when the company was distracted protecting itself against the denial-of-service campaign, Sony said.
Originally posted by UNATCOII Love my quote. A recap from MSNBC about this issue... http://www.msnbc.msn.com/id/42919262/ns/technology_and_science-games/ Sony said its video game network was hacked into at the same time it was defending itself against a major denial-of-service attack by Anonymous. A denial-of-service attack makes a server or system unavailable by overwhelming its network with Internet traffic. The attack that stole the personal data of millions of Sony customers was launched separately, right when the company was distracted protecting itself against the denial-of-service campaign, Sony said.
Yes, this is known for a while from the letter Sony send to the congress upon the decline of the invitation to the hearing.
Hacking is a criminal act so therefore hackers are criminals. I hope when they are caught that they all recieve a lengthy prison sentence where they all become Big Bab Bubbas bottom bitch.
In certain countries the act of 'hacking' is not criminal. Also, hacking is a tool and sometimes the tool is used for a country (ie, government sanctioned) or privately. Obviously if your government asks you to hack XYZ, you'll get immunity even if hacking was illegal.
Yeah, the Google Gmail vs China incident.
Gdemami - Informing people about your thoughts and impressions is not a review, it's a blog.
Hackers are planning a third "major" attack on Sony websites, according to a Cnet report. The allegation comes from an observer in a chat channel used by hackers, who saw discussion of a plan to launch an attack this weekend. The witness relayed the info to the tech news site.
The hackers allegedly already have access to some of Sony's servers, and plan to go public with the personal information they find in their attack. It is not clear from the report whether or not these hackers are part of the Anonymous group. Whoever they are, it is not likely that they're acting as part of the group, as Anonymous has stated it was not involved in the recent attacks on PlayStation Network and Sony Online Entertainment servers.
Or it is just tough talk from some script kiddies. I dont believe that criminal hackers (crackers) start boasting in such a public channel before acting. And what is there to hack if Sony hasnt got the services back online?
Sony videogame divisions might die if they manage to take PSN/SOE down again next week. That would be shame
Bad hackers! Bad!
Does anyone know WHY this is happening?
As in, did the invaders leave any notes to replace the down system?
Yes a note was left signed Anonomys We are Legion. The 3rd attack was actually the reason they were not able to come back up Friday. There was information put into an inactive server. People's information who were signed up for a sweepstakes in 2001. And supposedly this attack was that was threatened was that they had access to Sony servers and were going to release people's information on those servers online. I think this is all about keeping them offline or just simply threatening us more either way grrrrrrrrr at these hackers. They are really playing dirty pool and I think this may be the reason that Sony is not updating a lot atm is due to this crap of them threatening more attacks they don't want anyone to know ETA"s or anything like that.
2 weeks for SOE so far + 1 free month for all subs (welcome back program) = $22.5 loss per active account. How many accounts do they have across all P2P MMOs? 1mil? that's $22 500 000 loss and still counting. Kinda big deal for SOE
Originally posted by Akaronia The 3rd attack was actually the reason they were not able to come back up Friday. There was information put into an inactive server. People's information who were signed up for a sweepstakes in 2001.
Do you have any reliable sources that would imply that any actual 3rd attack took place and personal information posted was NOT from previous data theft?
Is it related to PSN and SOE networks in any away?
Originally posted by Dromedarr 2 weeks for SOE so far + 1 free month for all subs (welcome back program) = $22.5 loss per active account. How many accounts do they have? 1mil? that's $22 500 000 loss and still counting. Kinda big deal for SOE
Lots of those stolen accounts are duplicities and/or inactive as well as non-paying customers.
2 weeks for SOE so far + 1 free month for all subs (welcome back program) = $22.5 loss per active account. How many accounts do they have? 1mil? that's $22 500 000 loss and still counting. Kinda big deal for SOE
Lots of those stolen accounts are duplicities and/or inactive as well as non-paying customers.
ONE MILLION ACTIVE ACCOUNTS (and I think it's even more)
Is it just me, or is Sony the biggest gaming company to loose 22 million over a hacker attack, and no one caught in 24 hours?
But is it just me, or was sony not warned about such, and failed to use even 1 million of that to upgrade security and holes that could have prevented this, no everything isn't secure but seriously what are they doing with all that money when they rarely updated their games either like I played Planet Side, and wait months for new content, More players and nothing at all, and Ever Quest 2 is now a failure with all the instanced zones, outdated engine, and character models absolutely suck?
Here is what I think will occur in the near future.
SWG will Die due to SWTOR
EQ 2 will die out due to outdated engine & Models, and need replacement by EQ3 as a p2p game without items shop or station cash, sony needs to come up with new Intellectual Property and fast, and even if they do will players trust them anymore, and if so how many?
Sony Failed to release The Agency, It looked like it would have been a good hit, and can't tell me they didn't have the money to finish it.
Aion will go down due to their nature of milking cows with P2P + F2P items, and Tera will become the next popular title.
So yeah I am not a troll, but I am really serious about this why has sony let the customers of their service down so much for all these years, and now this.
Is it just me, or is Sony the biggest gaming company to loose 22 million over a hacker attack, and no one caught in 24 hours?
But is it just me, or was sony not warned about such, and failed to use even 1 million of that to upgrade security and holes that could have prevented this, no everything isn't secure but seriously what are they doing with all that money when they rarely updated their games either like I played Planet Side, and wait months for new content, More players and nothing at all, and Ever Quest 2 is now a failure with all the instanced zones, outdated engine, and character models absolutely suck?
Here is what I think will occur in the near future.
SWG will Die due to SWTOR
EQ 2 will die out due to outdated engine & Models, and need replacement by EQ3 as a p2p game without items shop or station cash, sony needs to come up with new Intellectual Property and fast, and even if they do will players trust them anymore, and if so how many?
Sony Failed to release The Agency, It looked like it would have been a good hit, and can't tell me they didn't have the money to finish it.
Aion will go down due to their nature of milking cows with P2P + F2P items, and Tera will become the next popular title.
So yeah I am not a troll, but I am really serious about this why has sony let the customers of their service down so much for all these years, and now this.
Aion is not SOE game
and yes, SONY's been in war with hackers and they forgot to put some protection on their servers against hacks. :l
you people who glorify these cyber terrorist need help. People also need to stop reading shit on the internet and believe what they're reading. NONE OF YOU KNOW what type of security Sony had did not have did not upgrade or upgraded you know nothing and its funny watch people say oh im sueing lol tough words for internet tough guys.
Unless there is a smoking gun like an Sony employee who says the security was flawed and Sony knew about it none of these lawsuits stand a chance. YOU CANNOT WIN A LAWSUIT without proving the company knew about the issue and ignored it or should of known about it. Good luck proving any of this.
Originally posted by Dromedarr Aion is not SOE game
Who cares about details such as verified information or reasoning? Any information that suits your case - bashing a game or game related company, is good.
The rumor about outdated and unpatched server is just a good example.
Who cares about details such as verified information or reasoning? Any information that suits your case - bashing a game or game related company, is good.
The rumor about outdated and unpatched server is just a good example.
LOL
The security expert looks legit to me. Why would he lie about such thing for no reason?
Comments
Because I didn't drop a line about my MCITP, CCNP and CITC?
Jumping onto conclusions even faster and ill logic won't make your points more true nor facts.
To catch thieves, and to study their actions, they must have data.
When this happened, you can be assured they were on the phones trying to get security specialists on this matter (this is Sony not some mom and pop that has to wait until the next day for help, if any). What we won't find out is what they were really doing during the breach and why, and for good reasons.
All I do know is game wise, EQ2 is going to get new hardware. Happy, happy.
.:| Kevyne@Shandris - Armory |:. - When WoW was #1 - .:| I AM A HOLY PALADIN - Guild Theme |:.
Totally agree, but you are assuming that
#1 I was playing the game during that time period
#2 That my information was compromised or possibly compromised
#3 That I had warning before played the game
Turns out I played after the issue was fixed, but even if I had played during the time, there was no way for me to know, just like there was no way for anyone playing on PSN or SOE to know prior.
Funny none of those are security certs... hmm Go figure.
Funny is that you insist on your fallacy...
I've at least provided facts, from sony and congress backing up my points.
You've said its all simply hearsay and just vague ramblings.
You then provide 3 certs... that have nothing to do with security as an apparent validation of your refusal to accept the facts as they have been presented. But I'm the one that is living in a dream world.
This is just sad and worrisome as it speaks to the weakness of the internet for security.
Hacking is a criminal act so therefore hackers are criminals. I hope when they are caught that they all recieve a lengthy prison sentence where they all become Big Bab Bubbas bottom bitch.
Love my quote.
A recap from MSNBC about this issue...
http://www.msnbc.msn.com/id/42919262/ns/technology_and_science-games/
Sony said its video game network was hacked into at the same time it was defending itself against a major denial-of-service attack by Anonymous. A denial-of-service attack makes a server or system unavailable by overwhelming its network with Internet traffic.
The attack that stole the personal data of millions of Sony customers was launched separately, right when the company was distracted protecting itself against the denial-of-service campaign, Sony said.
.:| Kevyne@Shandris - Armory |:. - When WoW was #1 - .:| I AM A HOLY PALADIN - Guild Theme |:.
Yes, this is known for a while from the letter Sony send to the congress upon the decline of the invitation to the hearing.
In certain countries the act of 'hacking' is not criminal. Also, hacking is a tool and sometimes the tool is used for a country (ie, government sanctioned) or privately. Obviously if your government asks you to hack XYZ, you'll get immunity even if hacking was illegal.
Yeah, the Google Gmail vs China incident.
Gdemami -
Informing people about your thoughts and impressions is not a review, it's a blog.
Or it is just tough talk from some script kiddies. I dont believe that criminal hackers (crackers) start boasting in such a public channel before acting. And what is there to hack if Sony hasnt got the services back online?
Sony videogame divisions might die if they manage to take PSN/SOE down again next week. That would be shame
Bad hackers! Bad!
I wonder since all this began that if they been working all around the clock to get things going again.......
Yes a note was left signed Anonomys We are Legion. The 3rd attack was actually the reason they were not able to come back up Friday. There was information put into an inactive server. People's information who were signed up for a sweepstakes in 2001. And supposedly this attack was that was threatened was that they had access to Sony servers and were going to release people's information on those servers online. I think this is all about keeping them offline or just simply threatening us more either way grrrrrrrrr at these hackers. They are really playing dirty pool and I think this may be the reason that Sony is not updating a lot atm is due to this crap of them threatening more attacks they don't want anyone to know ETA"s or anything like that.
2 weeks for SOE so far + 1 free month for all subs (welcome back program) = $22.5 loss per active account. How many accounts do they have across all P2P MMOs? 1mil? that's $22 500 000 loss and still counting. Kinda big deal for SOE
Do you have any reliable sources that would imply that any actual 3rd attack took place and personal information posted was NOT from previous data theft?
Is it related to PSN and SOE networks in any away?
Lots of those stolen accounts are duplicities and/or inactive as well as non-paying customers.
ONE MILLION ACTIVE ACCOUNTS (and I think it's even more)
I'm not talking about 26 mil accounts in database
I have posted accidentally before my post was finished, sorry
Yeah, I wanted to say the same. Even though data theft was massive, active customers number will be much lower but it is still huge loss for SOE.
Is it just me, or is Sony the biggest gaming company to loose 22 million over a hacker attack, and no one caught in 24 hours?
But is it just me, or was sony not warned about such, and failed to use even 1 million of that to upgrade security and holes that could have prevented this, no everything isn't secure but seriously what are they doing with all that money when they rarely updated their games either like I played Planet Side, and wait months for new content, More players and nothing at all, and Ever Quest 2 is now a failure with all the instanced zones, outdated engine, and character models absolutely suck?
Here is what I think will occur in the near future.
SWG will Die due to SWTOR
EQ 2 will die out due to outdated engine & Models, and need replacement by EQ3 as a p2p game without items shop or station cash, sony needs to come up with new Intellectual Property and fast, and even if they do will players trust them anymore, and if so how many?
Sony Failed to release The Agency, It looked like it would have been a good hit, and can't tell me they didn't have the money to finish it.
Aion will go down due to their nature of milking cows with P2P + F2P items, and Tera will become the next popular title.
So yeah I am not a troll, but I am really serious about this why has sony let the customers of their service down so much for all these years, and now this.
Aion is not SOE game
and yes, SONY's been in war with hackers and they forgot to put some protection on their servers against hacks. :l
you people who glorify these cyber terrorist need help. People also need to stop reading shit on the internet and believe what they're reading. NONE OF YOU KNOW what type of security Sony had did not have did not upgrade or upgraded you know nothing and its funny watch people say oh im sueing lol tough words for internet tough guys.
Unless there is a smoking gun like an Sony employee who says the security was flawed and Sony knew about it none of these lawsuits stand a chance. YOU CANNOT WIN A LAWSUIT without proving the company knew about the issue and ignored it or should of known about it. Good luck proving any of this.
Who cares about details such as verified information or reasoning? Any information that suits your case - bashing a game or game related company, is good.
The rumor about outdated and unpatched server is just a good example.
LOL
The security expert looks legit to me. Why would he lie about such thing for no reason?