lol a 3rd attack ..shows you how smart they are. Its like ..a duh lets rob that bank again for the 3rd time..
And if your really that good you do this to Sony? Out of all the things to hack this is the best they could come up with. Trust me some of them play PS3's.. lol so all they did was hurt themselfs in this..
now watch how fast some get caught.... was it really that easy the 2nd time? Or set up.. go for it.. 3rd time.. lol what a joke
lol a 3rd attack ..shows you how smart they are. Its like ..a duh lets rob that bank again for the 3rd time..
And if your really that good you do this to Sony? Out of all the things to hack this is the best they could come up with. Trust me some of them play PS3's.. lol so all they did was hurt themselfs in this..
now watch how fast some get caught.... was it really that easy the 2nd time? Or set up.. go for it.. 3rd time.. lol what a joke
You know what they say, they just can't help but return to the scene of the crime.
For every minute you are angry , you lose 60 seconds of happiness."-Emerson
Well to be a hacker you have to know your software, networking, and scripting quite well XD, I don't do software, but I know people who have been involved with illegal stuff, aka hacking, Cheating, Exploting online games, and I will say that any company can easily be hacked, it isn't a matter of how, but a matter of when, and if they company has pissed off the wrong people to want to do such like sony has done, not that any of it is legal.
Most of the Compromised accounts I see compromised are from WOW add'ons which come from sites like Curse Gaming, and other various sites with KeyLoggers, which send information typed into WOW and user name, or email to gold sellers, so this is how they get your email, even if your account hasn't been compromised.
Now a DataBase hack can be hard, I assume you would have to be an security expert, or know your way around, but I would say that one of the easiest ways is to have someone working for you on the inside, aka Inside JOB.
In my opinion I would think that Blizzard would have up to date security, and any game company that doesn't have good security will more than likely update their security after seeing what went down with sony.
I honestly myself do not see a big attack going to Blizzard, as of yet, unless of course they really piss some people off.
The only reason that sony was targeted is because of what they did to its customers, and telling people what they can't, and can do with a product they buy, I find this totally stupid of sony to bring a lawsuit against a person for modify their own hardware, and then trying to compromise everyones privacy by getting court orders to get a long list of IP addresses of anyone who watched their videos quite insane, and this is exactly why someone take down sony, and as far as I see it sony, has only one choice, and if they refuse to listen to the group responsible for this even if sony does come back online, I doubt I will be using a single product of theirs for years to come until sony gets some brains, and honestly even if they do come back online with good security, there will possibly be more hacker attacks, possibly attacks against customers, or its employee's who work for sony, or people related to them, and the only advice I can give about that is to report any RL Threats to local police/FBI, but I myself do not stand with sony for what they have done, and am totally against what sony has caused to its customers, and may take part of any online protests, or actions as long as it involves Free Speech, and no involvement with any illegal activities as whoever hacked sony has done.
Honestly Sony for example thought that because they have Millions/Billions in Cash, and a really big company that they could sell people PS3's, and then tell people what they can, and can't do with their own hardware, without the individual even signing an agreement on purchase, then they think that they can violate the privacy of many users by requesting IP addresses from every person on the internet by court order on the people that watched a video about modifying their PS3, well here is the funny thing.
Sony Might have Millions, or Billions of Dollars in Cash, and thought no one will ever hack us, but the funny thing is that the cost for these hackers to take sony offline for over one week was $0 not including hardware, and this just proves that even big companies like sony are just as vulnurable as anyone else, espicially when they do not upgrade their security, and roll the dice.
Forcing companies to a standard like that would make them want to reveal information about hacks quickly.. and actually hire competent people who can monitor their systems and try to keep to up to date.
AND
Originally posted by Renoaku
-SNIP-
and this just proves that even big companies like sony are just as vulnurable as anyone else, espicially when they do not upgrade their security, and roll the dice.
In actual fact the compromised systems were up to date, all you guys are doing is regurgetating a rumour that is completely untrue which even so called media outlets started bleating like the sheep that they are as though it was gospel and in the process making PSN users like me even angrier at Sony when it turns out they dont deserve all our wrath.
You can read the whole thing over on bitmob but a particularly angry PSN user checked into this and well here is a quote:
"As it turns out, it is fairly simple to use Google's webcache to show what version of Apache the PSN servers were using back in March. According to a page request archived by Google on March 23, 2011, at that time Sony was running version 2.2.17 of the software. You can see from Apache's website that 2.2.17 is the latest stable version of the webserver available even today. This is a direct repudiation of the claims being made that Sony's webservers were out of date by as much as five years."
So I say again lets all see if we can't stop propagating the same bullshit rumour that has been proven to be false.....
I am as angry about the outage as any PS3 owner but the ammount of "so called experts" on websites & forums accross the internet right now dribbling verbal diahorea is out of control and all the rumours are doing more harm than good.
lol a 3rd attack ..shows you how smart they are. Its like ..a duh lets rob that bank again for the 3rd time..
And if your really that good you do this to Sony? Out of all the things to hack this is the best they could come up with. Trust me some of them play PS3's.. lol so all they did was hurt themselfs in this..
now watch how fast some get caught.... was it really that easy the 2nd time? Or set up.. go for it.. 3rd time.. lol what a joke
Except that all signs point to that they arent in it for personal gain, they want to embarass sony. All information out there points to rogue members of Anonymous, who are mad at Sony for their treatment of the guy who hacked the PS3.
Given the small window of time before the breach woul have been realized, if they wanted to profit those stolen ccs would have been used already had they meant to be used.
There is a chance it wasn't people from anonymous but at this point that would have to be highly unlikely. Regardless if it was Anon, and ex employee, or some third party the intent was to cost Sony money and reputation. They werent robbing a bank, they were commiting an act of terrorism. More like bombing the bank.
So I say again lets all see if we can't stop propagating the same bullshit rumour that has been proven to be false.....
I am as angry about the outage as any PS3 owner but the ammount of "so called experts" on websites & forums accross the internet right now dribbling verbal diahorea is out of control and all the rumours are doing more harm than good.
If they drop the hearsay they're giving up a substantial portion of their ammunition. Most of the posters I see using this ammunition, are pretty well known as SOE haters around here, go figure huh?
I have a very hard time believing they're going to bother reading the facts that come from the case, they don't care about that. They care about hurting SOE anyway they can (as if SOE/Sony need help with that).
They believe that info because they want to believe it, they think sony is at fault because they want them to be at fault, it's as simple as that.
For every minute you are angry , you lose 60 seconds of happiness."-Emerson
Forcing companies to a standard like that would make them want to reveal information about hacks quickly.. and actually hire competent people who can monitor their systems and try to keep to up to date.
AND
Originally posted by Renoaku
-SNIP-
and this just proves that even big companies like sony are just as vulnurable as anyone else, espicially when they do not upgrade their security, and roll the dice.
In actual fact the compromised systems were up to date, all you guys are doing is regurgetating a rumour that is completely untrue which even so called media outlets started bleating like the sheep that they are as though it was gospel and in the process making PSN users like me even angrier at Sony when it turns out they dont deserve all our wrath.
You can read the whole thing over on bitmob but a particularly angry PSN user checked into this and well here is a quote:
"As it turns out, it is fairly simple to use Google's webcache to show what version of Apache the PSN servers were using back in March. According to a page request archived by Google on March 23, 2011, at that time Sony was running version 2.2.17 of the software. You can see from Apache's website that 2.2.17 is the latest stable version of the webserver available even today. This is a direct repudiation of the claims being made that Sony's webservers were out of date by as much as five years."
So I say again lets all see if we can't stop propagating the same bullshit rumour that has been proven to be false.....
I am as angry about the outage as any PS3 owner but the ammount of "so called experts" on websites & forums accross the internet right now dribbling verbal diahorea is out of control and all the rumours are doing more harm than good.
No where did i say the system was out of date...
I said Forcing companies to a standard like that would make them want to reveal information about hacks quickly.. and actually hire competent people who can monitor their systems and try to keep to up to date.
That just means the business executives won't be tempted to run 130 servers on a skeleton crew.. and actually hire a competent person to monitor their systems and keep an eye on "known vulnerabilities"
Instead of hiring the most economical IT manager and just enough people to click install on a new software update.
I really am interested in how often they did penetration testing on their servers.
Right but Sony was not aware of it, the vulnerability was speculation among the security sectors and Sony was not convinced of it's vulnerability, so they were not aware of it till they got hacked. I know it sounds moronic but it's like having a unsinkable submarine built, your sub was built as unsinkable then you dive 2000 feet and see a small leak and avoid paying any attention to it because you know you have a unsinkable submarine but in fact 10 more feet down the sub blows up because you refused to believe you didn't have the best for the job.
I still don't blame Sony from this, cause what Shiro has said and what was confirmed by the AP and other Asian news sources on Sony. The vulnerability was so small only a handful of people known about it and Sony was not aware of it till it was to late. At least that is what I have read so far.
I posted that, because people (Gdemami) keep saying that it was not a known vulnerability that was exploited.
That exploit wasn't some small unknown secret hole in apache servers. All reports so far point to Sony running apache servers that were exposed to the internet without proper A) patching and firewalls.
For all the talk about doing as much as possible, installing a security patch is step zero. It makes any other claims hard to believe when that isn't even done.
Here is someone talking about the vulnerabilities back in February. He talks about probing the network and discovering many unpatched servers, lack of proper insulation from outside attack (firewall/vpn), etc. LINK
Honestly if Sony was keeping their security up to date and not half-assing it, then they wouldn't need to have taken their service offline for so long and need to rebuild it from the ground up. That alone indicates that things were a complete mess.
Sony did have it's servers and security up to date. They also had 3 firewalls on the personal information database which got hacked for several days without tripping any detection, these hackers were damn good to be able to stay in and for that long before a major Corporation noticed.
They have taken the services offline now for as long as they have because they said that there was hidden code planted inside that they found in one spot, going over everything and whatever else is going to take coders, programmers, security, FBI, or whoever else a long while to sort through it all to make sure nothing is there when they fire back up.
Also pretty sure since these hackers got through 3 firewalls and all that that Sony security is betting there could be hidden someplace they wouldn't expect, leading to even further downtime like I said to go through it all. Then they have to apply new securities, new firewalls, new server farm potentially with newer hardware and then TEST it all to make sure it's working.
Since we have no further details then what is listed then we have no idea if it's more complicated, they could of deleted shit we never know.
Forcing companies to a standard like that would make them want to reveal information about hacks quickly.. and actually hire competent people who can monitor their systems and try to keep to up to date.
AND
Originally posted by Renoaku
-SNIP-
and this just proves that even big companies like sony are just as vulnurable as anyone else, espicially when they do not upgrade their security, and roll the dice.
In actual fact the compromised systems were up to date, all you guys are doing is regurgetating a rumour that is completely untrue which even so called media outlets started bleating like the sheep that they are as though it was gospel and in the process making PSN users like me even angrier at Sony when it turns out they dont deserve all our wrath.
You can read the whole thing over on bitmob but a particularly angry PSN user checked into this and well here is a quote:
"As it turns out, it is fairly simple to use Google's webcache to show what version of Apache the PSN servers were using back in March. According to a page request archived by Google on March 23, 2011, at that time Sony was running version 2.2.17 of the software. You can see from Apache's website that 2.2.17 is the latest stable version of the webserver available even today. This is a direct repudiation of the claims being made that Sony's webservers were out of date by as much as five years."
So I say again lets all see if we can't stop propagating the same bullshit rumour that has been proven to be false.....
I am as angry about the outage as any PS3 owner but the ammount of "so called experts" on websites & forums accross the internet right now dribbling verbal diahorea is out of control and all the rumours are doing more harm than good.
No where did i say the system was out of date...
I said Forcing companies to a standard like that would make them want to reveal information about hacks quickly.. and actually hire competent people who can monitor their systems and try to keep to up to date.
That just means the business executives won't be tempted to run 130 servers on a skeleton crew.. and actually hire a competent person to monitor their systems and keep an eye on "known vulnerabilities"
Instead of hiring the most economical IT manager and just enough people to click install on a new software update.
I really am interested in how often they did penetration testing on their servers.
^
Most people go through life pretending to be a boss. I go through life pretending I'm not.
With all this going on, and all the propaganda, how will the LAW ever catch them exactly the cover anon needs.
They will be found. No doubt about it. Especially if the hackers are from the U.S. No matter what precautions you take, with the right funding and a multi billion dollar corporations motive, anyone can be found.
Most people go through life pretending to be a boss. I go through life pretending I'm not.
Sony has a good habit of turning everything they touch into trash. Since EQ. If you turn the clock back 10 years an attack like this would be followed by a job offer. This is how many in the security industry have gained employment, including redhats. This is the same company that is sueing a kid for being intelligent. Karma is a great thing.
Well I agree because I still have the Old Ever Quest 1 games, and collection, as well as Champions of Norath, and various old games that sony released which were really great, but sony has done nothing but decline, and in my honest opinion they should just give the customers what they want, and hire new people who can work on a new Ever Quest 3 with HD Graphics, and other great games.
For example I have yet to see any great fighting MMO's, or The Agency, it could have been a great game, but sony cancel it, and opens station cash out of greed reguardless of what customers thought.
Face the facts, Ever Quest 2, SWG are both Done for, sure some people may still play it, but not compared to before, and this is exactly why sony should make new games, and release them because I feel that way back when I play EQ1 it was great, but EQ2 was a big let down to me, and sony adding those other races with wings and such really ruined EQ2 for me.
Sony has a good habit of turning everything they touch into trash. Since EQ. If you turn the clock back 10 years an attack like this would be followed by a job offer. This is how many in the security industry have gained employment, including redhats. This is the same company that is sueing a kid for being intelligent. Karma is a great thing.
There are responsible ways to hurt a company, boycotting comes to mind. Protesting at their sites is another, stealing peoples personal information wouldn't make such a list I'm afraid.
This hurt Sony finacially sure, but also had an adverse effect on millions of people. There's no Karma being dealt in that, none what so ever. It's nothing but selfish and self righteous to make such a claim. These hackers aren't Robin Hood, they're not stealing from the rich in Sherwood and handing it out to the poor. They're selfish pigs who have no understanding of what it means to be noble, such a thought is utter BS.
kids these days Jeesh....
For every minute you are angry , you lose 60 seconds of happiness."-Emerson
Well I agree because I still have the Old Ever Quest 1 games, and collection, as well as Champions of Norath, and various old games that sony released which were really great, but sony has done nothing but decline, and in my honest opinion they should just give the customers what they want, and hire new people who can work on a new Ever Quest 3 with HD Graphics, and other great games.
For example I have yet to see any great fighting MMO's, or The Agency, it could have been a great game, but sony cancel it, and opens station cash out of greed reguardless of what customers thought.
Face the facts, Ever Quest 2, SWG are both Done for, sure some people may still play it, but not compared to before, and this is exactly why sony should make new games, and release them because I feel that way back when I play EQ1 it was great, but EQ2 was a big let down to me, and sony adding those other races with wings and such really ruined EQ2 for me.
They have been working on the new EQ for awhile now, it will be 100% EQ according to the developers with updated 3d graphics that are more in-line with EQ2, one said it would be better then EQ2 graphics. They are planning on adding lots new stuff to it to while keeping it original, a dev also said we want to be able to keep it so any gear you get can be traded and reused. Keeping with tradition of EQ when you use to use that fungi tunic on all your new alts lol.
Right but Sony was not aware of it, the vulnerability was speculation among the security sectors and Sony was not convinced of it's vulnerability, so they were not aware of it till they got hacked. I know it sounds moronic but it's like having a unsinkable submarine built, your sub was built as unsinkable then you dive 2000 feet and see a small leak and avoid paying any attention to it because you know you have a unsinkable submarine but in fact 10 more feet down the sub blows up because you refused to believe you didn't have the best for the job.
I still don't blame Sony from this, cause what Shiro has said and what was confirmed by the AP and other Asian news sources on Sony. The vulnerability was so small only a handful of people known about it and Sony was not aware of it till it was to late. At least that is what I have read so far.
I posted that, because people (Gdemami) keep saying that it was not a known vulnerability that was exploited.
That exploit wasn't some small unknown secret hole in apache servers. All reports so far point to Sony running apache servers that were exposed to the internet without proper A) patching and firewalls.
For all the talk about doing as much as possible, installing a security patch is step zero. It makes any other claims hard to believe when that isn't even done.
Here is someone talking about the vulnerabilities back in February. He talks about probing the network and discovering many unpatched servers, lack of proper insulation from outside attack (firewall/vpn), etc. LINK
Honestly if Sony was keeping their security up to date and not half-assing it, then they wouldn't need to have taken their service offline for so long and need to rebuild it from the ground up. That alone indicates that things were a complete mess.
Sony did have it's servers and security up to date. They also had 3 firewalls on the personal information database which got hacked for several days without tripping any detection, these hackers were damn good to be able to stay in and for that long before a major Corporation noticed.
They have taken the services offline now for as long as they have because they said that there was hidden code planted inside that they found in one spot, going over everything and whatever else is going to take coders, programmers, security, FBI, or whoever else a long while to sort through it all to make sure nothing is there when they fire back up.
Also pretty sure since these hackers got through 3 firewalls and all that that Sony security is betting there could be hidden someplace they wouldn't expect, leading to even further downtime like I said to go through it all. Then they have to apply new securities, new firewalls, new server farm potentially with newer hardware and then TEST it all to make sure it's working.
Since we have no further details then what is listed then we have no idea if it's more complicated, they could of deleted shit we never know.
Most likely if the attack was that far reaching machines will be nuked of non esential data and rebuilt with fresh OS/Drivers/software and then eventually essential data once it has been scrutinised.
More than anything I think this whole incident is a wakeup call to corporations and to customers to start thinking a lot harder about their data security. The number of people with multiple CC's who didnt know which card they had registered on PSN is just staggering. I mean seriously.... if you have 3 credit cards and are security minded but forced to use a CC online where there is no other choice just use the same card everywhere and be done with it..... it leaves you so much less exposed to harm from shit like this. That and how people continually stupidly use the same passwords in multiple internet locations....
Maybe I am asking too much, I do work in Enterprise IT and 90% of users I encounter are as dumb as a sack full of hammers.
Right but Sony was not aware of it, the vulnerability was speculation among the security sectors and Sony was not convinced of it's vulnerability, so they were not aware of it till they got hacked. I know it sounds moronic but it's like having a unsinkable submarine built, your sub was built as unsinkable then you dive 2000 feet and see a small leak and avoid paying any attention to it because you know you have a unsinkable submarine but in fact 10 more feet down the sub blows up because you refused to believe you didn't have the best for the job.
I still don't blame Sony from this, cause what Shiro has said and what was confirmed by the AP and other Asian news sources on Sony. The vulnerability was so small only a handful of people known about it and Sony was not aware of it till it was to late. At least that is what I have read so far.
I posted that, because people (Gdemami) keep saying that it was not a known vulnerability that was exploited.
That exploit wasn't some small unknown secret hole in apache servers. All reports so far point to Sony running apache servers that were exposed to the internet without proper A) patching and firewalls.
For all the talk about doing as much as possible, installing a security patch is step zero. It makes any other claims hard to believe when that isn't even done.
Here is someone talking about the vulnerabilities back in February. He talks about probing the network and discovering many unpatched servers, lack of proper insulation from outside attack (firewall/vpn), etc. LINK
Honestly if Sony was keeping their security up to date and not half-assing it, then they wouldn't need to have taken their service offline for so long and need to rebuild it from the ground up. That alone indicates that things were a complete mess.
Sony did have it's servers and security up to date. They also had 3 firewalls on the personal information database which got hacked for several days without tripping any detection, these hackers were damn good to be able to stay in and for that long before a major Corporation noticed.
They have taken the services offline now for as long as they have because they said that there was hidden code planted inside that they found in one spot, going over everything and whatever else is going to take coders, programmers, security, FBI, or whoever else a long while to sort through it all to make sure nothing is there when they fire back up.
Also pretty sure since these hackers got through 3 firewalls and all that that Sony security is betting there could be hidden someplace they wouldn't expect, leading to even further downtime like I said to go through it all. Then they have to apply new securities, new firewalls, new server farm potentially with newer hardware and then TEST it all to make sure it's working.
Since we have no further details then what is listed then we have no idea if it's more complicated, they could of deleted shit we never know.
Most likely if the attack was that far reaching machines will be nuked of non esential data and rebuilt with fresh OS/Drivers/software and then eventually essential data once it has been scrutinised.
More than anything I think this whole incident is a wakeup call to corporations and to customers to start thinking a lot harder about their data security. The number of people with multiple CC's who didnt know which card they had registered on PSN is just staggering. I mean seriously.... if you have 3 credit cards and are security minded but forced to use a CC online where there is no other choice just use the same card everywhere and be done with it..... it leaves you so much less exposed to harm from shit like this. That and how people continually stupidly use the same passwords in multiple internet locations....
Maybe I am asking too much, I do work in Enterprise IT and 90% of users I encounter are as dumb as a sack full of hammers.
Yes all true and the hard part is convincing people how to do the responsible things to keep themselves even more secure.
people who can monitor their systems and try to keep to up to date.
Maybe its the way it is written but the sentence above implies that they do not monitor their systems and that the systems are out of date.
maybe its poor wording but I was meaning that they should hire people who are capable of monitoring "known vulnerabilities" and keeping up to date on these "known vulnerabilities"
I guess i'd just hope they would be more proactive than reactive when it comes to security.
It would be nice if a large company with millions of peoples sensitive information actively challenged their own network security rather than depending on their software to do the job for them.
Originally posted by jado818 maybe its poor wording but I was meaning that they should hire people who are capable of monitoring "known vulnerabilities" and keeping up to date on these "known vulnerabilities"
As it was discussed already, "known vulnerability" does not mean it can be easily fixed, if even at all, nor that there were no security measures regarding the vulnerability put in place.
Hiring someone to monitor their system? Like...seriously? Do you think that someone is going to sit at the computer watching the 'traffic'?
I have a question. If these people could hack Sony, wouldnt it be a piece of cake to hack Blizzard?
lololol you think Blizzard itself does not get hacked everyday? Only difference is is these hackers instead if stealing personal information hack into the game itself. How do you think that gold sellers sell gold in WoW? By hacking into the WoW servers...
Also if you really want to know more about Blizzard go to The Better Business Bureau they have a pretty interesting thread of reads there about Blizzard Entertainment.
Not to get off topic here but everyone still acts like Sony is the first company to be hacked and it is not by a longshot. Difference is Sony will last an attack more than likely a game like WoW or the company itself may not considering Activision Blizzard makes a whopping 4 billion per year and Sony makes 72 Billion.
maybe its poor wording but I was meaning that they should hire people who are capable of monitoring "known vulnerabilities" and keeping up to date on these "known vulnerabilities"
As it was discussed already, "known vulnerability" does not mean it can be easily fixed, if even at all, nor that there were no security measures regarding the vulnerability put in place.
Hiring someone to monitor their system? Like...seriously? Do you think that someone is going to sit at the computer watching the 'traffic'?
If they were paid to watch network traffic.. why not?
People stare at stupid dials all day in power plants or water plants
Why couldn't a dude stare at a computer screen and monitor network traffic.
Comments
Don't buy into this crap. You can't hack into an offline server, no matter how hard you try.
lol a 3rd attack ..shows you how smart they are. Its like ..a duh lets rob that bank again for the 3rd time..
And if your really that good you do this to Sony? Out of all the things to hack this is the best they could come up with. Trust me some of them play PS3's.. lol so all they did was hurt themselfs in this..
now watch how fast some get caught.... was it really that easy the 2nd time? Or set up.. go for it.. 3rd time.. lol what a joke
You know what they say, they just can't help but return to the scene of the crime.
For every minute you are angry , you lose 60 seconds of happiness."-Emerson
Well to be a hacker you have to know your software, networking, and scripting quite well XD, I don't do software, but I know people who have been involved with illegal stuff, aka hacking, Cheating, Exploting online games, and I will say that any company can easily be hacked, it isn't a matter of how, but a matter of when, and if they company has pissed off the wrong people to want to do such like sony has done, not that any of it is legal.
Most of the Compromised accounts I see compromised are from WOW add'ons which come from sites like Curse Gaming, and other various sites with KeyLoggers, which send information typed into WOW and user name, or email to gold sellers, so this is how they get your email, even if your account hasn't been compromised.
Now a DataBase hack can be hard, I assume you would have to be an security expert, or know your way around, but I would say that one of the easiest ways is to have someone working for you on the inside, aka Inside JOB.
In my opinion I would think that Blizzard would have up to date security, and any game company that doesn't have good security will more than likely update their security after seeing what went down with sony.
I honestly myself do not see a big attack going to Blizzard, as of yet, unless of course they really piss some people off.
The only reason that sony was targeted is because of what they did to its customers, and telling people what they can't, and can do with a product they buy, I find this totally stupid of sony to bring a lawsuit against a person for modify their own hardware, and then trying to compromise everyones privacy by getting court orders to get a long list of IP addresses of anyone who watched their videos quite insane, and this is exactly why someone take down sony, and as far as I see it sony, has only one choice, and if they refuse to listen to the group responsible for this even if sony does come back online, I doubt I will be using a single product of theirs for years to come until sony gets some brains, and honestly even if they do come back online with good security, there will possibly be more hacker attacks, possibly attacks against customers, or its employee's who work for sony, or people related to them, and the only advice I can give about that is to report any RL Threats to local police/FBI, but I myself do not stand with sony for what they have done, and am totally against what sony has caused to its customers, and may take part of any online protests, or actions as long as it involves Free Speech, and no involvement with any illegal activities as whoever hacked sony has done.
Honestly Sony for example thought that because they have Millions/Billions in Cash, and a really big company that they could sell people PS3's, and then tell people what they can, and can't do with their own hardware, without the individual even signing an agreement on purchase, then they think that they can violate the privacy of many users by requesting IP addresses from every person on the internet by court order on the people that watched a video about modifying their PS3, well here is the funny thing.
Sony Might have Millions, or Billions of Dollars in Cash, and thought no one will ever hack us, but the funny thing is that the cost for these hackers to take sony offline for over one week was $0 not including hardware, and this just proves that even big companies like sony are just as vulnurable as anyone else, espicially when they do not upgrade their security, and roll the dice.
http://www.youtube.com/watch?v=p0ugvAhxi9w
AND
In actual fact the compromised systems were up to date, all you guys are doing is regurgetating a rumour that is completely untrue which even so called media outlets started bleating like the sheep that they are as though it was gospel and in the process making PSN users like me even angrier at Sony when it turns out they dont deserve all our wrath.
You can read the whole thing over on bitmob but a particularly angry PSN user checked into this and well here is a quote:
"As it turns out, it is fairly simple to use Google's webcache to show what version of Apache the PSN servers were using back in March. According to a page request archived by Google on March 23, 2011, at that time Sony was running version 2.2.17 of the software. You can see from Apache's website that 2.2.17 is the latest stable version of the webserver available even today. This is a direct repudiation of the claims being made that Sony's webservers were out of date by as much as five years."
So I say again lets all see if we can't stop propagating the same bullshit rumour that has been proven to be false.....
I am as angry about the outage as any PS3 owner but the ammount of "so called experts" on websites & forums accross the internet right now dribbling verbal diahorea is out of control and all the rumours are doing more harm than good.
Except that all signs point to that they arent in it for personal gain, they want to embarass sony. All information out there points to rogue members of Anonymous, who are mad at Sony for their treatment of the guy who hacked the PS3.
Given the small window of time before the breach woul have been realized, if they wanted to profit those stolen ccs would have been used already had they meant to be used.
There is a chance it wasn't people from anonymous but at this point that would have to be highly unlikely. Regardless if it was Anon, and ex employee, or some third party the intent was to cost Sony money and reputation. They werent robbing a bank, they were commiting an act of terrorism. More like bombing the bank.
If they drop the hearsay they're giving up a substantial portion of their ammunition. Most of the posters I see using this ammunition, are pretty well known as SOE haters around here, go figure huh?
I have a very hard time believing they're going to bother reading the facts that come from the case, they don't care about that. They care about hurting SOE anyway they can (as if SOE/Sony need help with that).
They believe that info because they want to believe it, they think sony is at fault because they want them to be at fault, it's as simple as that.
For every minute you are angry , you lose 60 seconds of happiness."-Emerson
No where did i say the system was out of date...
I said Forcing companies to a standard like that would make them want to reveal information about hacks quickly.. and actually hire competent people who can monitor their systems and try to keep to up to date.
That just means the business executives won't be tempted to run 130 servers on a skeleton crew.. and actually hire a competent person to monitor their systems and keep an eye on "known vulnerabilities"
Instead of hiring the most economical IT manager and just enough people to click install on a new software update.
I really am interested in how often they did penetration testing on their servers.
Sony did have it's servers and security up to date. They also had 3 firewalls on the personal information database which got hacked for several days without tripping any detection, these hackers were damn good to be able to stay in and for that long before a major Corporation noticed.
They have taken the services offline now for as long as they have because they said that there was hidden code planted inside that they found in one spot, going over everything and whatever else is going to take coders, programmers, security, FBI, or whoever else a long while to sort through it all to make sure nothing is there when they fire back up.
Also pretty sure since these hackers got through 3 firewalls and all that that Sony security is betting there could be hidden someplace they wouldn't expect, leading to even further downtime like I said to go through it all. Then they have to apply new securities, new firewalls, new server farm potentially with newer hardware and then TEST it all to make sure it's working.
Since we have no further details then what is listed then we have no idea if it's more complicated, they could of deleted shit we never know.
^
Most people go through life pretending to be a boss. I go through life pretending I'm not.
@ Sony http://www.youtube.com/watch?v=drJWxMLrpE0
http://www.youtube.com/watch?v=B3_JoLVCFoc&feature=related For Laughs.
@ Anon http://www.youtube.com/watch?v=l6gXhPFHRDo&feature=related
How stupid some people are no joke
http://www.youtube.com/watch?v=2efhrCxI4J0&feature=related
http://www.theatlantic.com/technology/archive/2011/03/meet-the-16-year-old-girl-who-hacked-hbgary/72568/ HB Gary.
With all this going on, and all the propaganda, how will the LAW ever catch them exactly the cover anon needs.
They will be found. No doubt about it. Especially if the hackers are from the U.S. No matter what precautions you take, with the right funding and a multi billion dollar corporations motive, anyone can be found.
Most people go through life pretending to be a boss. I go through life pretending I'm not.
Sony has a good habit of turning everything they touch into trash. Since EQ. If you turn the clock back 10 years an attack like this would be followed by a job offer. This is how many in the security industry have gained employment, including redhats. This is the same company that is sueing a kid for being intelligent. Karma is a great thing.
Well I agree because I still have the Old Ever Quest 1 games, and collection, as well as Champions of Norath, and various old games that sony released which were really great, but sony has done nothing but decline, and in my honest opinion they should just give the customers what they want, and hire new people who can work on a new Ever Quest 3 with HD Graphics, and other great games.
For example I have yet to see any great fighting MMO's, or The Agency, it could have been a great game, but sony cancel it, and opens station cash out of greed reguardless of what customers thought.
Face the facts, Ever Quest 2, SWG are both Done for, sure some people may still play it, but not compared to before, and this is exactly why sony should make new games, and release them because I feel that way back when I play EQ1 it was great, but EQ2 was a big let down to me, and sony adding those other races with wings and such really ruined EQ2 for me.
Maybe its the way it is written but the sentence above implies that they do not monitor their systems and that the systems are out of date.
There are responsible ways to hurt a company, boycotting comes to mind. Protesting at their sites is another, stealing peoples personal information wouldn't make such a list I'm afraid.
This hurt Sony finacially sure, but also had an adverse effect on millions of people. There's no Karma being dealt in that, none what so ever. It's nothing but selfish and self righteous to make such a claim. These hackers aren't Robin Hood, they're not stealing from the rich in Sherwood and handing it out to the poor. They're selfish pigs who have no understanding of what it means to be noble, such a thought is utter BS.
kids these days Jeesh....
For every minute you are angry , you lose 60 seconds of happiness."-Emerson
They have been working on the new EQ for awhile now, it will be 100% EQ according to the developers with updated 3d graphics that are more in-line with EQ2, one said it would be better then EQ2 graphics. They are planning on adding lots new stuff to it to while keeping it original, a dev also said we want to be able to keep it so any gear you get can be traded and reused. Keeping with tradition of EQ when you use to use that fungi tunic on all your new alts lol.
It's called EQ Next
Most likely if the attack was that far reaching machines will be nuked of non esential data and rebuilt with fresh OS/Drivers/software and then eventually essential data once it has been scrutinised.
More than anything I think this whole incident is a wakeup call to corporations and to customers to start thinking a lot harder about their data security. The number of people with multiple CC's who didnt know which card they had registered on PSN is just staggering. I mean seriously.... if you have 3 credit cards and are security minded but forced to use a CC online where there is no other choice just use the same card everywhere and be done with it..... it leaves you so much less exposed to harm from shit like this. That and how people continually stupidly use the same passwords in multiple internet locations....
Maybe I am asking too much, I do work in Enterprise IT and 90% of users I encounter are as dumb as a sack full of hammers.
Quote or stop putting words into other peoples mouth.
Yes all true and the hard part is convincing people how to do the responsible things to keep themselves even more secure.
maybe its poor wording but I was meaning that they should hire people who are capable of monitoring "known vulnerabilities" and keeping up to date on these "known vulnerabilities"
I guess i'd just hope they would be more proactive than reactive when it comes to security.
It would be nice if a large company with millions of peoples sensitive information actively challenged their own network security rather than depending on their software to do the job for them.
As it was discussed already, "known vulnerability" does not mean it can be easily fixed, if even at all, nor that there were no security measures regarding the vulnerability put in place.
Hiring someone to monitor their system? Like...seriously? Do you think that someone is going to sit at the computer watching the 'traffic'?
lololol you think Blizzard itself does not get hacked everyday? Only difference is is these hackers instead if stealing personal information hack into the game itself. How do you think that gold sellers sell gold in WoW? By hacking into the WoW servers...
Also if you really want to know more about Blizzard go to The Better Business Bureau they have a pretty interesting thread of reads there about Blizzard Entertainment.
http://www.la.bbb.org/Business-Report/Blizzard-Entertainment-13050668
Not to get off topic here but everyone still acts like Sony is the first company to be hacked and it is not by a longshot. Difference is Sony will last an attack more than likely a game like WoW or the company itself may not considering Activision Blizzard makes a whopping 4 billion per year and Sony makes 72 Billion.
If they were paid to watch network traffic.. why not?
People stare at stupid dials all day in power plants or water plants
Why couldn't a dude stare at a computer screen and monitor network traffic.