Originally posted by twodayslate Uh yeah, I live in this country and it does work that way. See, your problem is you keep looking for logic in law, a system that is designed by a government. An entity which, by definition, is incapable of designing anything logical. Ask any American, this government makes no sense.
Considering your history of failing in constructing logical arguments same as you do now, you do not gain much credibility on being able to qualify what is logical or not and whether a law system makes no sense.
You know as well as I do that the Constitution hasn't mattered in this country for decades now.
That is just how internet security has evolved, it follows no rhyme or reason. Go ask any CISO, they'll tell you the exact same thing that I put in that post.
If this were true then the laws that states put in that threatened out first amendmant recently would not have gotten abolished when taken to the supreme court.
That infrequency sets a legal trend that basically states that with proper precautions in place, and some vigilance, this sort of thing won't happen.
If that was true, it would mean that there is 100% breach proof security system, which is highly unlikely.
This type of argument is invalid.
100% breach proof? No. 99% Yes.
Corporations spend TONS of money on security and most networks are extremely secure, well, at least the information that soe and psn lost is usually secure.
As the guy above said if this wasn't the case, these types of breaches would be happening by the hour.
If you are a big company like sony, microsoft, ebay, google etc your network is CONSTANTLY under attack in various forms. Usually just DDOS attacks, social engineering, etc.
Occasionally someone screws up and a vulnerability gets through the process and occasionally this vulnerability is noticed by an attacker. Even when this happens there are usually several programs, firewalls, hardware, and other techniques that keep any data from being lost or minimizing any data theft that may happen.
The issue with sony and their network is a hacker was able to breach their perimeter, escalate privledge, and then bypass 3 different firewalls to gain access to the central database. He was then able to download 27 million customer accounts. He was then able to exit the network and it took sony DAYS to notice.
That is the problem.
Most folks in this forum have no idea about security, procedures, policy, vulnerabilities or have any idea how vulnerable they are at any given time. Those of us who are in security realize this is the equivalent to getting into the white house, walking into the oval office while playing a tuba, removing all the furniture, one piece at a time, and then high fiving the secret service on your way out.
Either the administrators and security specialists that sony hired were completely incompetent or the managers of said personel compeltely ignored their recomendations. Regardless the level of access, amount of data stolen (Gigs and Gigs of data), and complete lack of any awareness till after the fact is just insane.
Uh yeah, I live in this country and it does work that way.
See, your problem is you keep looking for logic in law, a system that is designed by a government. An entity which, by definition, is incapable of designing anything logical. Ask any American, this government makes no sense.
Considering your history of failing in constructing logical arguments same as you do now, you do not gain much credibility on being able to qualify what is logical or not and whether a law system makes no sense.
Now you're just reaching. Seriously, did Sony buy you a PS3 for every room in your house, or are you just a really persistent troll?
I leave to watch tv for a bit and this turns into a constitutional debate?
I don't even know where to begin as I'm not a lawyer and seriously doubt you are. Congress does have the ability to regulate commerce which is in the constitution under the commerce clause.
I'd assume that would give them the right to make a law saying sony is liable / responsible if their data is stolen because its part of a commercial transaction. Which they appear to have made such a law.
That infrequency sets a legal trend that basically states that with proper precautions in place, and some vigilance, this sort of thing won't happen.
If that was true, it would mean that there is 100% breach proof security system, which is highly unlikely.
This type of argument is invalid.
100% breach proof? No. 99% Yes.
Corporations spend TONS of money on security and most networks are extremely secure, well, at least the information that soe and psn lost is usually secure.
As the guy above said if this wasn't the case, these types of breaches would be happening by the hour.
If you are a big company like sony, microsoft, ebay, google etc your network is CONSTANTLY under attack in various forms. Usually just DDOS attacks, social engineering, etc.
Occasionally someone screws up and a vulnerability gets through the process and occasionally this vulnerability is noticed by an attacker. Even when this happens there are usually several programs, firewalls, hardware, and other techniques that keep any data from being lost or minimizing any data theft that may happen.
The issue with sony and their network is a hacker was able to breach their perimeter, escalate privledge, and then bypass 3 different firewalls to gain access to the central database. He was then able to download 27 million customer accounts. He was then able to exit the network and it took sony DAYS to notice.
That is the problem.
Most folks in this forum have no idea about security, procedures, policy, vulnerabilities or have any idea how vulnerable they are at any given time. Those of us who are in security realize this is the equivalent to getting into the white house, walking into the oval office while playing a tuba, removing all the furniture, one piece at a time, and then high fiving the secret service on your way out.
Either the administrators and security specialists that sony hired were completely incompetent or the managers of said personel compeltely ignored their recomendations. Regardless the level of access, amount of data stolen (Gigs and Gigs of data), and complete lack of any awareness till after the fact is just insane.
These kind of breached have been happening you just have not known about it due to the fact that it was not on this large of a scale is all. Go to the BBB and look up Blizzard there is an entire link full of people who's accounts got hacked over the last part of last summer and into the fall on WoW last year due to adn entire site getting hacked. A site that was connected to WoW and they used that site to get people's information.
Last year there was an account an hour at least on WoW getting hacked due to something like this happening and no no one will admit the truth because they want to blame it on the gamers it is always their fault for not securing their computers and that was exactly what a GM told me on WoW last year was tell your friends to make sure their computers are secured well and accounts were getting hacked that were not even turned on let alone were the people on their games to explain this purely through keyloggers.
Difference was Blizzard didn't even care anough about people's security to take their game down until it was solved instead tehy left the game up and people got hacked for over 2 months straight everyday. And those who's accounts were inactive that were activated Blizzard did not even get a hold of the account owners to tell them that someone had somehow gotten theri information and had used it to turn on their account. And no I am not trying to get off track of this thread or just bring up WoW to bash it this is true I was there I saw it. I reported I don't know how many inactive accounts being turned on and I know they were hacked because these were my friends and you could not get the hackers to respond to you. So go to hunt them down and see what they are doing on this friends account and somehow they had hacked entire servers on WoW and were underneath hunters could not even track them down.
Someone was putting messages all over SW on the ground because they had complete access to the servers themselves.
Over 8 million Bank card and Credit card informations got out last year alone costing over $37,000,000 and it was through hacking entire systems that this happened. No not on this scale to be honest I think people were testing the waters with these other hackings to see if anyone would do anything nad because no one did they decided that they would not get caught if they did this.
No I am not saying one way oe the other about Sony's defenses all I am saying is that firewalls or not if these people who have been doing this are serious enough they would have gotten through one way or another even if they had to pay on a Sony employee to get out of them the information they needed to pull this off. Point being it is like this the only thing a lock keeps out is an honest person.
That infrequency sets a legal trend that basically states that with proper precautions in place, and some vigilance, this sort of thing won't happen.
If that was true, it would mean that there is 100% breach proof security system, which is highly unlikely.
This type of argument is invalid.
100% breach proof? No. 99% Yes.
Corporations spend TONS of money on security and most networks are extremely secure, well, at least the information that soe and psn lost is usually secure.
As the guy above said if this wasn't the case, these types of breaches would be happening by the hour.
If you are a big company like sony, microsoft, ebay, google etc your network is CONSTANTLY under attack in various forms. Usually just DDOS attacks, social engineering, etc.
Occasionally someone screws up and a vulnerability gets through the process and occasionally this vulnerability is noticed by an attacker. Even when this happens there are usually several programs, firewalls, hardware, and other techniques that keep any data from being lost or minimizing any data theft that may happen.
The issue with sony and their network is a hacker was able to breach their perimeter, escalate privledge, and then bypass 3 different firewalls to gain access to the central database. He was then able to download 27 million customer accounts. He was then able to exit the network and it took sony DAYS to notice.
That is the problem.
Most folks in this forum have no idea about security, procedures, policy, vulnerabilities or have any idea how vulnerable they are at any given time. Those of us who are in security realize this is the equivalent to getting into the white house, walking into the oval office while playing a tuba, removing all the furniture, one piece at a time, and then high fiving the secret service on your way out.
Either the administrators and security specialists that sony hired were completely incompetent or the managers of said personel compeltely ignored their recomendations. Regardless the level of access, amount of data stolen (Gigs and Gigs of data), and complete lack of any awareness till after the fact is just insane.
These kind of breached have been happening you just have not known about it due to the fact that it was not on this large of a scale is all. Go to the BBB and look up Blizzard there is an entire link full of people who's accounts got hacked over the last part of last summer and into the fall on WoW last year due to adn entire site getting hacked. A site that was connected to WoW and they used that site to get people's information.
Last year there was an account an hour at least on WoW getting hacked due to something like this happening and no no one will admit the truth because they want to blame it on the gamers it is always their fault for not securing their computers and that was exactly what a GM told me on WoW last year was tell your friends to make sure their computers are secured well and accounts were getting hacked that were not even turned on let alone were the people on their games to explain this purely through keyloggers.
Difference was Blizzard didn't even care anough about people's security to take their game down until it was solved instead tehy left the game up and people got hacked for over 2 months straight everyday. And those who's accounts were inactive that were activated Blizzard did not even get a hold of the account owners to tell them that someone had somehow gotten theri information and had used it to turn on their account. And no I am not trying to get off track of this thread or just bring up WoW to bash it this is true I was there I saw it. I reported I don't know how many inactive accounts being turned on and I know they were hacked because these were my friends and you could not get the hackers to respond to you. So go to hunt them down and see what they are doing on this friends account and somehow they had hacked entire servers on WoW and were underneath hunters could not even track them down.
Someone was putting messages all over SW on the ground because they had complete access to the servers themselves.
Blizzard also didn't lose full string credit card numbers, security questions and answers, and physical location data. They had the decency to keep that stuff in a seperate location. The only things that were affected (and continue to be affected) were account names and passwords, so the most that people lost was their in-game livelihood. As opposed to their IRL livelihood.
That infrequency sets a legal trend that basically states that with proper precautions in place, and some vigilance, this sort of thing won't happen.
If that was true, it would mean that there is 100% breach proof security system, which is highly unlikely.
This type of argument is invalid.
100% breach proof? No. 99% Yes.
Corporations spend TONS of money on security and most networks are extremely secure, well, at least the information that soe and psn lost is usually secure.
As the guy above said if this wasn't the case, these types of breaches would be happening by the hour.
If you are a big company like sony, microsoft, ebay, google etc your network is CONSTANTLY under attack in various forms. Usually just DDOS attacks, social engineering, etc.
Occasionally someone screws up and a vulnerability gets through the process and occasionally this vulnerability is noticed by an attacker. Even when this happens there are usually several programs, firewalls, hardware, and other techniques that keep any data from being lost or minimizing any data theft that may happen.
The issue with sony and their network is a hacker was able to breach their perimeter, escalate privledge, and then bypass 3 different firewalls to gain access to the central database. He was then able to download 27 million customer accounts. He was then able to exit the network and it took sony DAYS to notice.
That is the problem.
Most folks in this forum have no idea about security, procedures, policy, vulnerabilities or have any idea how vulnerable they are at any given time. Those of us who are in security realize this is the equivalent to getting into the white house, walking into the oval office while playing a tuba, removing all the furniture, one piece at a time, and then high fiving the secret service on your way out.
Either the administrators and security specialists that sony hired were completely incompetent or the managers of said personel compeltely ignored their recomendations. Regardless the level of access, amount of data stolen (Gigs and Gigs of data), and complete lack of any awareness till after the fact is just insane.
These kind of breached have been happening you just have not known about it due to the fact that it was not on this large of a scale is all. Go to the BBB and look up Blizzard there is an entire link full of people who's accounts got hacked over the last part of last summer and into the fall on WoW last year due to adn entire site getting hacked. A site that was connected to WoW and they used that site to get people's information.
Last year there was an account an hour at least on WoW getting hacked due to something like this happening and no no one will admit the truth because they want to blame it on the gamers it is always their fault for not securing their computers and that was exactly what a GM told me on WoW last year was tell your friends to make sure their computers are secured well and accounts were getting hacked that were not even turned on let alone were the people on their games to explain this purely through keyloggers.
Difference was Blizzard didn't even care anough about people's security to take their game down until it was solved instead tehy left the game up and people got hacked for over 2 months straight everyday. And those who's accounts were inactive that were activated Blizzard did not even get a hold of the account owners to tell them that someone had somehow gotten theri information and had used it to turn on their account. And no I am not trying to get off track of this thread or just bring up WoW to bash it this is true I was there I saw it. I reported I don't know how many inactive accounts being turned on and I know they were hacked because these were my friends and you could not get the hackers to respond to you. So go to hunt them down and see what they are doing on this friends account and somehow they had hacked entire servers on WoW and were underneath hunters could not even track them down.
Someone was putting messages all over SW on the ground because they had complete access to the servers themselves.
Few things to clarify.
Blizzard hasnt been hacked, other sites have been hacked and information gathered from there was used to access accounts. (Assuming of course your story is accurate)
This isnt blizzards fault.
Assuming you sign up to a fan site, and said fansite isnt secure, and they dont hash passwords and you use the same information for the fansite and the game account then yes you are boned.
But that isnt blizzards issue. You can see that right?
The fansite screwed up by being vulnerable in one way or another. The user screwed up by using the same user name and password. Blizzard then does their best to mitigate the damage that was caused by others, but again, this isnt their service and they have no control over that.
As for folks writing things in stormwind, I assume you mean the flying characters that spell out words and such. This isnt a hacking of the servers and "gaining complete control". It is a hack for sure, but its on your computer. Blizzard servers (and many other mmos) sometimes are written in a way that the client can tell the server where the players character is located. Usually involving a teleport. Its an anoyance, and quite frankly silly of blizzard to have givent he client that amount of control, but its not a security breach.
The situation you have described and the situation with sony are two completely different things. ANYONE can put up a website and most people who do are "hopefully" at least semi protected by their website hosts security, but what software you run, the databases you setup, and the way you run your website can definitely open others up to vulnerabilities. Thats why its ALWAYS smart to have multiple accounts with multiple passwords. While a pain in the ass, when your favorite fansite gets hacked everything else you own doesnt get taken down as well.
Originally posted by Pyrostasis The issue with sony and their network is a hacker was able to breach their perimeter, escalate privledge, and then bypass 3 different firewalls to gain access to the central database. He was then able to download 27 million customer accounts. He was then able to exit the network and it took sony DAYS to notice. That is the problem.
Do you work for Sony, are you part of the FBI or external investigation team or in any relation to intruders that you make yourself to look like you have such in-depth insight how the attack was executed and overall internal info about Sony staff and network security?
That infrequency sets a legal trend that basically states that with proper precautions in place, and some vigilance, this sort of thing won't happen.
If that was true, it would mean that there is 100% breach proof security system, which is highly unlikely.
This type of argument is invalid.
100% breach proof? No. 99% Yes.
Corporations spend TONS of money on security and most networks are extremely secure, well, at least the information that soe and psn lost is usually secure.
As the guy above said if this wasn't the case, these types of breaches would be happening by the hour.
If you are a big company like sony, microsoft, ebay, google etc your network is CONSTANTLY under attack in various forms. Usually just DDOS attacks, social engineering, etc.
Occasionally someone screws up and a vulnerability gets through the process and occasionally this vulnerability is noticed by an attacker. Even when this happens there are usually several programs, firewalls, hardware, and other techniques that keep any data from being lost or minimizing any data theft that may happen.
The issue with sony and their network is a hacker was able to breach their perimeter, escalate privledge, and then bypass 3 different firewalls to gain access to the central database. He was then able to download 27 million customer accounts. He was then able to exit the network and it took sony DAYS to notice.
That is the problem.
Most folks in this forum have no idea about security, procedures, policy, vulnerabilities or have any idea how vulnerable they are at any given time. Those of us who are in security realize this is the equivalent to getting into the white house, walking into the oval office while playing a tuba, removing all the furniture, one piece at a time, and then high fiving the secret service on your way out.
Either the administrators and security specialists that sony hired were completely incompetent or the managers of said personel compeltely ignored their recomendations. Regardless the level of access, amount of data stolen (Gigs and Gigs of data), and complete lack of any awareness till after the fact is just insane.
These kind of breached have been happening you just have not known about it due to the fact that it was not on this large of a scale is all. Go to the BBB and look up Blizzard there is an entire link full of people who's accounts got hacked over the last part of last summer and into the fall on WoW last year due to adn entire site getting hacked. A site that was connected to WoW and they used that site to get people's information.
Last year there was an account an hour at least on WoW getting hacked due to something like this happening and no no one will admit the truth because they want to blame it on the gamers it is always their fault for not securing their computers and that was exactly what a GM told me on WoW last year was tell your friends to make sure their computers are secured well and accounts were getting hacked that were not even turned on let alone were the people on their games to explain this purely through keyloggers.
Difference was Blizzard didn't even care anough about people's security to take their game down until it was solved instead tehy left the game up and people got hacked for over 2 months straight everyday. And those who's accounts were inactive that were activated Blizzard did not even get a hold of the account owners to tell them that someone had somehow gotten theri information and had used it to turn on their account. And no I am not trying to get off track of this thread or just bring up WoW to bash it this is true I was there I saw it. I reported I don't know how many inactive accounts being turned on and I know they were hacked because these were my friends and you could not get the hackers to respond to you. So go to hunt them down and see what they are doing on this friends account and somehow they had hacked entire servers on WoW and were underneath hunters could not even track them down.
Someone was putting messages all over SW on the ground because they had complete access to the servers themselves.
Blizzard also didn't lose full string credit card numbers, security questions and answers, and physical location data. They had the decency to keep that stuff in a seperate location. The only things that were affected (and continue to be affected) were account names and passwords, so the most that people lost was their in-game livelihood. As opposed to their IRL livelihood.
Blizzard didnt lose anything...a third party lost information.
The issue with sony and their network is a hacker was able to breach their perimeter, escalate privledge, and then bypass 3 different firewalls to gain access to the central database. He was then able to download 27 million customer accounts. He was then able to exit the network and it took sony DAYS to notice.
That is the problem.
Do you work for Sony, are you part of the FBI or external investigation team or in any relation to intruders that you make yourself to look like you have such in-depth insight how the attack was executed and overall internal info about Sony staff and network security?
I dont work for sony, but I am working on a masters in network security and ethical hacking certifications so I am aware of how network security works.
I have also read the public statement by sony and the execs of the company where they stated how the breach happened on the PSN network, the different layers, and the way it was "loosely" setup.
Blizzard didnt lose anything...a third party lost information.
My point was and if you read what I updated on my post was that it still happened period and yes people's card information got out because some of these people who's accounts got hacked the only way they knew was because the people who did it used their cards to activate those accounts.
And I hate to say it but yes some of it in my eyes was Blizzard's fault they kept allowing that site to do their addons even though they knew it had been hacked and people's information got out and told no one.
Originally posted by Pyrostasis I dont work for sony, but I am working on a masters in network security and ethical hacking certifications so I am aware of how network security works.
In other words, you have no clue and not to say backup to your assumptions.
You might be aware about network security system, but you are not aware about Sony network security systems which you namely and specifically criticize.
Theory you gain at school is one thing, reality is another.
Blizzard didnt lose anything...a third party lost information.
My point was and if you read what I updated on my post was that it still happened period and yes people's card information got out because some of these people who's accounts got hacked the only way they knew was because the people who did it used their cards to activate those accounts.
And I hate to say it but yes some of it in my eyes was Blizzard's fault they kept allowing that site to do their addons even though they knew it had been hacked and people's information got out and told no one.
But you understand this isnt a blizzard vulnerability.
You used a third party site, third party site had crap security, info on third party site was same as blizzards info.
Third party logs into blizzard account with correct info, other than the different ip address and possible location change, exactly how would blizzard know that this was a breach until the angry user contacted them?
I'm no fan of blizzard, but they do a hell of a lot more for account security than most companies do.
I dont work for sony, but I am working on a masters in network security and ethical hacking certifications so I am aware of how network security works.
In other words, you have no clue and not to say backup to your assumptions.
You might be aware about network security system, but you are not aware about Sony network security systems which you namely and specifically criticize.
Theory you gain at school is one thing, reality is another.
You did read the part where I said I am basing this assumption on the press conference that sony themselves and the execs gave? The same conference were they admited that their application server was out of date and had a KNOWN vulnerability that they were aware of and didnt correct?
Do I know the specific app? No.
But there are a few possibilities... and there is a reason you dont leave known vulnerabilities on your servers to be exploited...
Just because I'm not aware of all of the intimate details doesnt mean I dont have an idea of what happened. Hell they even released a nice step by step image for us!
you guys seriously need to look at the larger picture
is it partly sony's fault? yes
will sony be hurt by this? yes
but who do you think is going to lose out more? thats easy - the customers. noone will suffer more than them, all because of a stupid gripe where sony didnt want you playing illegally copied software on their systems. you have millions of people's info out in the open during an illegal process to acquire them, to cause more harm to the customers of sony than to sony themselves. These hackers are nothing more than terrorists and should be treated as such. What they did is illegal no matter how you try to justify it (which in itself is sickening that people are sticking up for the hackers)
you guys seriously need to look at the larger picture
is it partly sony's fault? yes
will sony be hurt by this? yes
but who do you think is going to lose out more? thats easy - the customers. noone will suffer more than them, all because of a stupid gripe where sony didnt want you playing illegally copied software on their systems. you have millions of people's info out in the open during an illegal process to acquire them, to cause more harm to the customers of sony than to sony themselves. These hackers are nothing more than terrorists and should be treated as such. What they did is illegal no matter how you try to justify it (which in itself is sickening that people are sticking up for the hackers)
Is anyone actually defending the hackers? I haven't seen that, if so point me in that direction.
With any luck, this will get Howard Stringer to finally step down and put someone who actually will do a good job in its place as CEO.
Kaz H. seems like a good choice, the japanese have always been better at running their own corporation. The fact that Howard S. made Sony look worse under his watch doesnt help the idea that non japanese can run a good corporation in Japan. Perosnally I think he is just an isolated case, but it still doesnt help the image. I generally like what Sony has done in the past, and they have been "known" for quality (past tense), however they have really gone down hill since then outside of the quality of the PS3 games.
I still regret purchasing a 2011 3D Sony hdtv thinking it came with quality associated with the brand name...boy was I mistaken. What a piece of junk!
you guys seriously need to look at the larger picture
is it partly sony's fault? yes
will sony be hurt by this? yes
but who do you think is going to lose out more? thats easy - the customers. noone will suffer more than them, all because of a stupid gripe where sony didnt want you playing illegally copied software on their systems. you have millions of people's info out in the open during an illegal process to acquire them, to cause more harm to the customers of sony than to sony themselves. These hackers are nothing more than terrorists and should be treated as such. What they did is illegal no matter how you try to justify it (which in itself is sickening that people are sticking up for the hackers)
Is anyone actually defending the hackers? I haven't seen that, if so point me in that direction.
I'm just pointing fingers at sony.
go back and read this thread and others on the subject...you would be surprised.
Originally posted by Pyrostasis You did read the part where I said I am basing this assumption on the press conference that sony themselves and the execs gave? The same conference were they admited that their application server was out of date and had a KNOWN vulnerability that they were aware of and didnt correct?
You did read the part where I said I am basing this assumption on the press conference that sony themselves and the execs gave? The same conference were they admited that their application server was out of date and had a KNOWN vulnerability that they were aware of and didnt correct?
"Also present at the press conference was Chief Information Officer Shinji Hasejima, who revealed that the attack actually exploited a “known vulnerability” in the web application server platform used in PSN. According to the Reg, Hasejima admitted that though it was generally known, Sony management were not aware of it. To that end, the company has created a new role of ‘chief information security officer’ in an effort to prevent history repeating itself. Hasejimi refused requests for more information on the server platform used, or the vulnerability exploited, for security reasons."
It was a known vulnerability. Management claims to not have been aware, but anyone responsible for the system would have been. Management probably doesnt even know what an application server is, its the network admin and security teams job to handle that.
It is interesting though that they are now hiring a "security" guy. I seriously doubt that they didnt have one prior, so either he's been terminated for incompetence, or they are creating a new position out of thin air for PR.
I dont work for sony, but I am working on a masters in network security and ethical hacking certifications so I am aware of how network security works.
In other words, you have no clue and not to say backup to your assumptions.
You might be aware about network security system, but you are not aware about Sony network security systems which you namely and specifically criticize.
Theory you gain at school is one thing, reality is another.
This guy is hilarious, absolutely refuses to accept the way of the world. It's like the only entity capable of coming up with an explanation that he wants to hear is Sony themselves, or someone on Sony's side.
Guess what? Corporations don't tell the truth, not even when ordered by the government. I'd even bet money that the written statement they gave was a pre-prepared document that had already existed for years as a template somewhere. Is this what it's like dealing with people who refuse to believe the moon landing occured?
Whether you are /aren't a supporter of sony is irrelevant . The people who have done this are in no way any different than Bin Laden and co .
To use a similar mode of thought to the attack on sony by the perpetrators : does this make the US government responsible for the death of thousands in the 911 attack on the 2 towers? Whatever reason or excuse the terrorists had for making the attack , it dosent make it right to attack innocent bystanders. If they had attacked the CIA hq or the white house , maybe they might have had a 'legitimate ' target for their gripes , but in the end its once again the average joe that takes the brunt. Did they steal from the CEO and board of sony /soe ? No . Like most chicken shits , they go for the obvious .
The potential that up to 100million users may have their lives disrupted by this attack on soe does make these terrorists (which is exactly what anonymous are) come into the same bracket as Bin Laden and co.
All this political 'outrage' and lawsuits against sony is simply self serving. Senator Blah Blah gets his face in the papers and a nice little bonus in the post from his friend the Lawyer and all is hunky dory . It dosen't help in the slightest the average Joe who just pays to play some games to relax when they have some spare time.
If these nubs who hacked sony are so talented , why dont they go out and make their own console or system , fully hackable etc and give the world what they strive to fight for? Thats their utopia isn't it? They do realise that Sony/ Microsoft/ Nintedo make their systems at a production loss ? They make their profit from the services and software post production.
If anonymous had any real gonads , they could put their collective knowledge into creating a niche market legitimately to supply and make hackable shit to serve fellow nubs and cease being 'anonymous' . But they never will , because they may have intellegence , but a total lack of wisdom , and definately spineless.
you guys seriously need to look at the larger picture
is it partly sony's fault? yes
will sony be hurt by this? yes
but who do you think is going to lose out more? thats easy - the customers. noone will suffer more than them, all because of a stupid gripe where sony didnt want you playing illegally copied software on their systems. you have millions of people's info out in the open during an illegal process to acquire them, to cause more harm to the customers of sony than to sony themselves. These hackers are nothing more than terrorists and should be treated as such. What they did is illegal no matter how you try to justify it (which in itself is sickening that people are sticking up for the hackers)
Is anyone actually defending the hackers? I haven't seen that, if so point me in that direction.
I'm just pointing fingers at sony.
Trust me TONS of people have been defending the hackers in this as to how Sony deserved what they got and everything else. I am sure these were not people who's information was actually stolen, however they sre sticking up for the hackers lol.
No one can deny that Sony may be partly at fault for this but at the same time the hackers should have not done this in the first place that is why hacking is ilegal under any circumstances unless it has to do with national security. But one thing that EVERYONE Has to also admit in this is that Sony has stepped up to the plate and is making sure tehy do not come back online until everything is secure and is going to help people get into identity theft program and give free stuff. Soney is doing more for people than I have seen a lot of companies do. As far as I am concerned Sony is doing what is expected of them and this is with them beong the victim as well as us and I saw that the only ones who are going to hurt out of this is us? The costumer? Wow how blind some are considering Sony is securing $1,000,000 for each person who's card information got taken as well as giving their PS3 players all kinds of freebies and I am sure they will do ALL kinds of stuff on EQ2 as they ALWAYS make up for unexpected downtime one way or another. On top of giving free month +1 day free fore everyday that things are down. So how can you say that the costum ers are the only ones this is costing. And that does not even count the 3 companies that Sony has hired to try to find the people who did this to us and make sure their system gets secured.
Wow to say only the costumers are going to suffer is pretty selfish I would say. Sony is losing money everday that the games are down as well. It behoves them to get these things back up ASAP and yet they are staying down until they are positive everything is ready and losing money while they are at it.
Comments
Considering your history of failing in constructing logical arguments same as you do now, you do not gain much credibility on being able to qualify what is logical or not and whether a law system makes no sense.
If this were true then the laws that states put in that threatened out first amendmant recently would not have gotten abolished when taken to the supreme court.
100% breach proof? No. 99% Yes.
Corporations spend TONS of money on security and most networks are extremely secure, well, at least the information that soe and psn lost is usually secure.
As the guy above said if this wasn't the case, these types of breaches would be happening by the hour.
If you are a big company like sony, microsoft, ebay, google etc your network is CONSTANTLY under attack in various forms. Usually just DDOS attacks, social engineering, etc.
Occasionally someone screws up and a vulnerability gets through the process and occasionally this vulnerability is noticed by an attacker. Even when this happens there are usually several programs, firewalls, hardware, and other techniques that keep any data from being lost or minimizing any data theft that may happen.
The issue with sony and their network is a hacker was able to breach their perimeter, escalate privledge, and then bypass 3 different firewalls to gain access to the central database. He was then able to download 27 million customer accounts. He was then able to exit the network and it took sony DAYS to notice.
That is the problem.
Most folks in this forum have no idea about security, procedures, policy, vulnerabilities or have any idea how vulnerable they are at any given time. Those of us who are in security realize this is the equivalent to getting into the white house, walking into the oval office while playing a tuba, removing all the furniture, one piece at a time, and then high fiving the secret service on your way out.
Either the administrators and security specialists that sony hired were completely incompetent or the managers of said personel compeltely ignored their recomendations. Regardless the level of access, amount of data stolen (Gigs and Gigs of data), and complete lack of any awareness till after the fact is just insane.
Now you're just reaching. Seriously, did Sony buy you a PS3 for every room in your house, or are you just a really persistent troll?
I leave to watch tv for a bit and this turns into a constitutional debate?
I don't even know where to begin as I'm not a lawyer and seriously doubt you are. Congress does have the ability to regulate commerce which is in the constitution under the commerce clause.
I'd assume that would give them the right to make a law saying sony is liable / responsible if their data is stolen because its part of a commercial transaction. Which they appear to have made such a law.
These kind of breached have been happening you just have not known about it due to the fact that it was not on this large of a scale is all. Go to the BBB and look up Blizzard there is an entire link full of people who's accounts got hacked over the last part of last summer and into the fall on WoW last year due to adn entire site getting hacked. A site that was connected to WoW and they used that site to get people's information.
Last year there was an account an hour at least on WoW getting hacked due to something like this happening and no no one will admit the truth because they want to blame it on the gamers it is always their fault for not securing their computers and that was exactly what a GM told me on WoW last year was tell your friends to make sure their computers are secured well and accounts were getting hacked that were not even turned on let alone were the people on their games to explain this purely through keyloggers.
Difference was Blizzard didn't even care anough about people's security to take their game down until it was solved instead tehy left the game up and people got hacked for over 2 months straight everyday. And those who's accounts were inactive that were activated Blizzard did not even get a hold of the account owners to tell them that someone had somehow gotten theri information and had used it to turn on their account. And no I am not trying to get off track of this thread or just bring up WoW to bash it this is true I was there I saw it. I reported I don't know how many inactive accounts being turned on and I know they were hacked because these were my friends and you could not get the hackers to respond to you. So go to hunt them down and see what they are doing on this friends account and somehow they had hacked entire servers on WoW and were underneath hunters could not even track them down.
Someone was putting messages all over SW on the ground because they had complete access to the servers themselves.
Over 8 million Bank card and Credit card informations got out last year alone costing over $37,000,000 and it was through hacking entire systems that this happened. No not on this scale to be honest I think people were testing the waters with these other hackings to see if anyone would do anything nad because no one did they decided that they would not get caught if they did this.
No I am not saying one way oe the other about Sony's defenses all I am saying is that firewalls or not if these people who have been doing this are serious enough they would have gotten through one way or another even if they had to pay on a Sony employee to get out of them the information they needed to pull this off. Point being it is like this the only thing a lock keeps out is an honest person.
Blizzard also didn't lose full string credit card numbers, security questions and answers, and physical location data. They had the decency to keep that stuff in a seperate location. The only things that were affected (and continue to be affected) were account names and passwords, so the most that people lost was their in-game livelihood. As opposed to their IRL livelihood.
Few things to clarify.
Blizzard hasnt been hacked, other sites have been hacked and information gathered from there was used to access accounts. (Assuming of course your story is accurate)
This isnt blizzards fault.
Assuming you sign up to a fan site, and said fansite isnt secure, and they dont hash passwords and you use the same information for the fansite and the game account then yes you are boned.
But that isnt blizzards issue. You can see that right?
The fansite screwed up by being vulnerable in one way or another. The user screwed up by using the same user name and password. Blizzard then does their best to mitigate the damage that was caused by others, but again, this isnt their service and they have no control over that.
As for folks writing things in stormwind, I assume you mean the flying characters that spell out words and such. This isnt a hacking of the servers and "gaining complete control". It is a hack for sure, but its on your computer. Blizzard servers (and many other mmos) sometimes are written in a way that the client can tell the server where the players character is located. Usually involving a teleport. Its an anoyance, and quite frankly silly of blizzard to have givent he client that amount of control, but its not a security breach.
The situation you have described and the situation with sony are two completely different things. ANYONE can put up a website and most people who do are "hopefully" at least semi protected by their website hosts security, but what software you run, the databases you setup, and the way you run your website can definitely open others up to vulnerabilities. Thats why its ALWAYS smart to have multiple accounts with multiple passwords. While a pain in the ass, when your favorite fansite gets hacked everything else you own doesnt get taken down as well.
Do you work for Sony, are you part of the FBI or external investigation team or in any relation to intruders that you make yourself to look like you have such in-depth insight how the attack was executed and overall internal info about Sony staff and network security?
Blizzard didnt lose anything...a third party lost information.
I dont work for sony, but I am working on a masters in network security and ethical hacking certifications so I am aware of how network security works.
I have also read the public statement by sony and the execs of the company where they stated how the breach happened on the PSN network, the different layers, and the way it was "loosely" setup.
My point was and if you read what I updated on my post was that it still happened period and yes people's card information got out because some of these people who's accounts got hacked the only way they knew was because the people who did it used their cards to activate those accounts.
And I hate to say it but yes some of it in my eyes was Blizzard's fault they kept allowing that site to do their addons even though they knew it had been hacked and people's information got out and told no one.
In other words, you have no clue and not to say backup to your assumptions.
You might be aware about network security system, but you are not aware about Sony network security systems which you namely and specifically criticize.
Theory you gain at school is one thing, reality is another.
But you understand this isnt a blizzard vulnerability.
You used a third party site, third party site had crap security, info on third party site was same as blizzards info.
Third party logs into blizzard account with correct info, other than the different ip address and possible location change, exactly how would blizzard know that this was a breach until the angry user contacted them?
I'm no fan of blizzard, but they do a hell of a lot more for account security than most companies do.
You did read the part where I said I am basing this assumption on the press conference that sony themselves and the execs gave? The same conference were they admited that their application server was out of date and had a KNOWN vulnerability that they were aware of and didnt correct?
Do I know the specific app? No.
But there are a few possibilities... and there is a reason you dont leave known vulnerabilities on your servers to be exploited...
Just because I'm not aware of all of the intimate details doesnt mean I dont have an idea of what happened. Hell they even released a nice step by step image for us!
you guys seriously need to look at the larger picture
is it partly sony's fault? yes
will sony be hurt by this? yes
but who do you think is going to lose out more? thats easy - the customers. noone will suffer more than them, all because of a stupid gripe where sony didnt want you playing illegally copied software on their systems. you have millions of people's info out in the open during an illegal process to acquire them, to cause more harm to the customers of sony than to sony themselves. These hackers are nothing more than terrorists and should be treated as such. What they did is illegal no matter how you try to justify it (which in itself is sickening that people are sticking up for the hackers)
Is anyone actually defending the hackers? I haven't seen that, if so point me in that direction.
I'm just pointing fingers at sony.
With any luck, this will get Howard Stringer to finally step down and put someone who actually will do a good job in its place as CEO.
Kaz H. seems like a good choice, the japanese have always been better at running their own corporation. The fact that Howard S. made Sony look worse under his watch doesnt help the idea that non japanese can run a good corporation in Japan. Perosnally I think he is just an isolated case, but it still doesnt help the image. I generally like what Sony has done in the past, and they have been "known" for quality (past tense), however they have really gone down hill since then outside of the quality of the PS3 games.
I still regret purchasing a 2011 3D Sony hdtv thinking it came with quality associated with the brand name...boy was I mistaken. What a piece of junk!
go back and read this thread and others on the subject...you would be surprised.
Quote and link please.
http://www.tomsguide.com/us/PSN-Hack-Exploit-Data-Theft-Credit-Cards,news-11050.html
"Also present at the press conference was Chief Information Officer Shinji Hasejima, who revealed that the attack actually exploited a “known vulnerability” in the web application server platform used in PSN. According to the Reg, Hasejima admitted that though it was generally known, Sony management were not aware of it. To that end, the company has created a new role of ‘chief information security officer’ in an effort to prevent history repeating itself. Hasejimi refused requests for more information on the server platform used, or the vulnerability exploited, for security reasons."
It was a known vulnerability. Management claims to not have been aware, but anyone responsible for the system would have been. Management probably doesnt even know what an application server is, its the network admin and security teams job to handle that.
It is interesting though that they are now hiring a "security" guy. I seriously doubt that they didnt have one prior, so either he's been terminated for incompetence, or they are creating a new position out of thin air for PR.
This guy is hilarious, absolutely refuses to accept the way of the world. It's like the only entity capable of coming up with an explanation that he wants to hear is Sony themselves, or someone on Sony's side.
Guess what? Corporations don't tell the truth, not even when ordered by the government. I'd even bet money that the written statement they gave was a pre-prepared document that had already existed for years as a template somewhere. Is this what it's like dealing with people who refuse to believe the moon landing occured?
Whether you are /aren't a supporter of sony is irrelevant . The people who have done this are in no way any different than Bin Laden and co .
To use a similar mode of thought to the attack on sony by the perpetrators : does this make the US government responsible for the death of thousands in the 911 attack on the 2 towers? Whatever reason or excuse the terrorists had for making the attack , it dosent make it right to attack innocent bystanders. If they had attacked the CIA hq or the white house , maybe they might have had a 'legitimate ' target for their gripes , but in the end its once again the average joe that takes the brunt. Did they steal from the CEO and board of sony /soe ? No . Like most chicken shits , they go for the obvious .
The potential that up to 100million users may have their lives disrupted by this attack on soe does make these terrorists (which is exactly what anonymous are) come into the same bracket as Bin Laden and co.
All this political 'outrage' and lawsuits against sony is simply self serving. Senator Blah Blah gets his face in the papers and a nice little bonus in the post from his friend the Lawyer and all is hunky dory . It dosen't help in the slightest the average Joe who just pays to play some games to relax when they have some spare time.
If these nubs who hacked sony are so talented , why dont they go out and make their own console or system , fully hackable etc and give the world what they strive to fight for? Thats their utopia isn't it? They do realise that Sony/ Microsoft/ Nintedo make their systems at a production loss ? They make their profit from the services and software post production.
If anonymous had any real gonads , they could put their collective knowledge into creating a niche market legitimately to supply and make hackable shit to serve fellow nubs and cease being 'anonymous' . But they never will , because they may have intellegence , but a total lack of wisdom , and definately spineless.
I'm not sure how much more proof you can show that sony knew about the vulnerability
Trust me TONS of people have been defending the hackers in this as to how Sony deserved what they got and everything else. I am sure these were not people who's information was actually stolen, however they sre sticking up for the hackers lol.
No one can deny that Sony may be partly at fault for this but at the same time the hackers should have not done this in the first place that is why hacking is ilegal under any circumstances unless it has to do with national security. But one thing that EVERYONE Has to also admit in this is that Sony has stepped up to the plate and is making sure tehy do not come back online until everything is secure and is going to help people get into identity theft program and give free stuff. Soney is doing more for people than I have seen a lot of companies do. As far as I am concerned Sony is doing what is expected of them and this is with them beong the victim as well as us and I saw that the only ones who are going to hurt out of this is us? The costumer? Wow how blind some are considering Sony is securing $1,000,000 for each person who's card information got taken as well as giving their PS3 players all kinds of freebies and I am sure they will do ALL kinds of stuff on EQ2 as they ALWAYS make up for unexpected downtime one way or another. On top of giving free month +1 day free fore everyday that things are down. So how can you say that the costum ers are the only ones this is costing. And that does not even count the 3 companies that Sony has hired to try to find the people who did this to us and make sure their system gets secured.
Wow to say only the costumers are going to suffer is pretty selfish I would say. Sony is losing money everday that the games are down as well. It behoves them to get these things back up ASAP and yet they are staying down until they are positive everything is ready and losing money while they are at it.