To the above poster, HUH? Of course I don't know about SOE server design, but most servers have data on separate storage than the code and from what we have seen, the hackers have only accessed the data. Hence if it had been encrypted, it would have been protected. Even if they had access to the code area, how would they know what the encrypter module was called, plus they would also need the key for it.
Sounds like you are talking about something you have no understanding of.
To the above poster, HUH? Of course I don't know about SOE server design, but most servers have data on separate storage than the code and from what we have seen, the hackers have only accessed the data. Hence if it had been encrypted, it would have been protected. Even if they had access to the code area, how would they know what the encrypter module was called, plus they would also need the key for it.
Sounds like you are talking about something you have no understanding of.
The date may have been encripted and the key known by the hacker. This may all be caused by one of the 240 or so people Sony recently fired from their gaming division. So this may well be an inside job.
Well, this has cost me 10 dollars a month for identity theft protection...got it after my credit card was frozen this morning due to suspicious activity...it expires next year, but I guess I used it for Vanguard. My bank called up and said there was a suspicious charge of one dollar.
Once SOE sites are up, I'm going to cancel my Vanguard and DC Universe subscriptions. Sorry to Sony and SOE, but I've now have to pay 10 dollars just to keep my identity safe...lame. I don't care at all about the credit card being taken, that is easy to fix...but all the other information is more important, hence why I don't even use Facebook (that sells your info to other companies anyway and have ties with the FBI, but that is another discussion)
My two friends in the Netherlands have been forced to freeze their credit card in case anything happens (as it seems Europe was hit worse by these hacks), and like me, will be canceling their subs to SOE (one has all station pass that he will remove). I have a friend from college that still plans to give SOE a chance, though...he said he'll see what happens in the next few weeks if he'll keep supporting them. He really enjoys VG, so do I...especially there is no other game like it that is open world and PVE focused (he doesn't like PvP at all).
If this happened to Blizzard, I wouldn't support them either. SOE got the unluck of the draw, really. Like I said, the credit card being stolen doesn't bother me at all...so so easy to fix. And if someone used it, I could easily get my money back. It is all the other information I do NOT want spread around. But looks like it will be now.
Check out my nature/animal/relaxing music channel on Youtube!
I read "as well as certain information from an outdated database from 2007" and it cross my mind, as a bit of humor: it'd be interesting if the pre-NGE source code were discovered in an "outdated database." :P
Otherwise, its a pretty crappy situation for current and past customers.
that would be legend for the Emu (not the psn customers)
The Deathstar destroyed planets...Lucas Arts destroyed Galaxies
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Played: SWG | EVE | WOW | VG | LOTRO | WAR | FML | STO | APB | AOC | MORTAL | WOT | BP | SW:TOR
If this happened to Blizzard, I wouldn't support them either. SOE got the unluck of the draw, really. Like I said, the credit card being stolen doesn't bother me at all...so so easy to fix. And if someone used it, I could easily get my money back. It is all the other information I do NOT want spread around. But looks like it will be now.
If you didn't care about your cc being stolen, then what's the big beef? You are afraid that your other info is out there? What other info?
It took me 5 minutes to find out that you live in Poway, California. You are 22 years old, birth day is August 26, 1988. Your name is Cody Harlow, and you own an Youtube channel TheExplorium. These are all public information, took less than 5 minutes for me to google & forum jump to find more information about you than the hackers ever got from SOE. I now even know what you look like through your videos, which makes for great identity theft tool because I can use it for fake ID's.
Anyways, I can understand people freaking out and being upset at SOE for their servers getting hacked. But most people don't realize how much info about them is already out there, right out in the public, and many of them are volunteer info that you yourself put out there for everybody to see. If you want to protect yourselves, you best start with changing your own habits online. Just trying to help, and by the way, I'll edit your info out if you ask me to.
If this happened to Blizzard, I wouldn't support them either. SOE got the unluck of the draw, really. Like I said, the credit card being stolen doesn't bother me at all...so so easy to fix. And if someone used it, I could easily get my money back. It is all the other information I do NOT want spread around. But looks like it will be now.
If you didn't care about your cc being stolen, then what's the big beef? You are afraid that your other info is out there? What other info?
It took me 5 minutes to find out that you live in Poway, California. You are 22 years old, birth day is August 26, 1988. Your name is Cody Harlow, and you own an Youtube channel TheExplorium. These are all public information, took less than 5 minutes for me to google & forum jump to find more information about you than the hackers ever got from SOE. I now even know what you look like through your videos, which makes for great identity theft tool because I can use it for fake ID's.
Anyways, I can understand people freaking out and being upset at SOE for their servers getting hacked. But most people don't realize how much info about them is already out there, right out in the public, and many of them are volunteer info that you yourself put out there for everybody to see. If you want to protect yourselves, you best start with changing your own habits online. Just trying to help, and by the way, I'll edit your info out if you ask me to.
Gotta love google.. I know people that use to use it as a way to guess that infamous "Password Question".. "Whats you're favorite sports team?" well myspace or facebook would have that.. "Whats you're mothers maiden name?" Again probably could be found on myspace/facebook.. No ones safe from this kind of thing.
Currently Playing: Rift + Starcraft II + Gears Of War 3 Beta
I canceled my subscriptions to sony a long time ago. I'm glad I did. This just shows SOE's uncanny ability to suck. I still play on PSN, but they don't have my credit card
Gotta love google.. I know people that use to use it as a way to guess that infamous "Password Question".. "Whats you're favorite sports team?" well myspace or facebook would have that.. "Whats you're mothers maiden name?" Again probably could be found on myspace/facebook.. No ones safe from this kind of thing.
Yup, it's why you should never, ever, use real answers to these secret questions. It's way too easy to find out these things, such as place of birth, maiden names, fav sports team, fav color, etc.. May sound paranoid but if people want to make a big stink about their info getting leaked, they best protect themselves better.
In regards to the lawsuits and SOE, I would think it would be hard to get them convicted of such terms as described by some. This is not something a Judge or jury would award based on the evidence that they can backup with against such accusations. There is no way they will win this class action against SOE, firstly SOE was not breaking any laws and not withholding how our information is stored, all this was or is in the fine print when you make a purchase from them, however; this doesn't mean it wont hurt them.
It wouldn't surprise me if these attacks where made up by John Smedley just so he could act like all this hurt them so bad he needed to restructure and remove some games and more firings to make room for his projects. Yeah I know a far fetch thing to say but hey it's afterall John Smedley.
Don't look forward to these lawsuits winning for the people. There really isn't anything I can see that was done unlawfully towards the customer. Based on all that I could see and read, little to nothing they can do in a court of law.
Gotta love google.. I know people that use to use it as a way to guess that infamous "Password Question".. "Whats you're favorite sports team?" well myspace or facebook would have that.. "Whats you're mothers maiden name?" Again probably could be found on myspace/facebook.. No ones safe from this kind of thing.
Yup, it's why you should never, ever, use real answers to these secret questions. It's way too easy to find out these things, such as place of birth, maiden names, fav sports team, fav color, etc.. May sound paranoid but if people want to make a big stink about their info getting leaked, they best protect themselves better.
Yeah and for example you could use to log onto WOW at the login screen and take any forum user name because those where the login names and then just guess passwords or try collect info on the person in the forums by inviting to your own website and see if the password they use to register matches said account. This was how most WOW players got hacked, easy passwords guess by people, they already had their login names. Always make a strong password never use easy secret question answers.
To the above poster, HUH? Of course I don't know about SOE server design, but most servers have data on separate storage than the code and from what we have seen, the hackers have only accessed the data. Hence if it had been encrypted, it would have been protected. Even if they had access to the code area, how would they know what the encrypter module was called, plus they would also need the key for it.
Sounds like you are talking about something you have no understanding of.
The date may have been encripted and the key known by the hacker. This may all be caused by one of the 240 or so people Sony recently fired from their gaming division. So this may well be an inside job.
When done right, only very very few people know about the encryption keys and have access to them.
When one of those people get laid off, a smart company would immediately exchange those encryption keys for new ones to protect themselves from exactly that sort of thing.
I am not saying Sony nor SOE are a smart company.... as obviously they are not. That much has become more than clear with so far available information about the recent events.
As our personal data was not encrypted at all, but stored in "Plain Text", plus SOE had even an old 2007 database up and running that even contained people's credit/debit card info and bank account data!
But mehh... this has been said enough times now. Getting tired of repeating it, because people don't bother to read.
I feel sorry for the SOE customers that will have to deal with this...of course, this isnt the first time I have felt very very sorry for SOE customers...
The company shut down its online-gaming service Sunday night after a hacker infiltrated the network just weeks after the first breach. Sony said it expected online services to be fully restored by the end of May.
The company noticed unauthorized activity on its network on April 19, and discovered that data had been transferred off the network the next day. It waited until April 22 to notify the FBI.
Sony chose to disclose the latest details of the attacks in a letter to the U.S. House Energy and Commerce subcommittee on commerce, manufacturing and trade rather than testify in a hearing on cyber attacks that was held on Wednesday.
Lawmakers expressed disappointment that Sony and Epsilon declined to appear at the hearing and pledged a bill that would require companies to do a better job of safeguarding their customers' data and to quickly disclose to customers when their data was lost.
Subcommittee Chairwoman Mary Bono Mack noted with dismay that Sony first disclosed the breach on a blog.
"Sony put the burden on consumers to search for information, instead of accepting the burden of notifying them," she said. "If I have anything to do with it, that kind of half-hearted, half-baked response is not going to fly in the future."
(Additional reporting by Liana B. Baker and Joan Gralla in New York; Editing by Maureen Bavdek, Gerald E. McCormick and Steve Orlofsky)
With every new info surfacing it seems to be worse. *sigh* I mean, I had good times with SWG and Eq2 many years... but this. It really should not happen. I am not quick to distrust, and try to give the benefit of doubt, but this just is beyond some small incident. It seems now Sony really mismanaged their security system.
I hate those criminals, stealing such data from other people, it's just bad. What kind of evil people do such things!
EDIT: Even tho I understand we all are pissed about this, some experts about security seem to confirm my initial view, that data theft does not show any particular lack from Sony's side. See this interview on Kotaku:
Gotta love google.. I know people that use to use it as a way to guess that infamous "Password Question".. "Whats you're favorite sports team?" well myspace or facebook would have that.. "Whats you're mothers maiden name?" Again probably could be found on myspace/facebook.. No ones safe from this kind of thing.
Yup, it's why you should never, ever, use real answers to these secret questions. It's way too easy to find out these things, such as place of birth, maiden names, fav sports team, fav color, etc.. May sound paranoid but if people want to make a big stink about their info getting leaked, they best protect themselves better.
Yeah and for example you could use to log onto WOW at the login screen and take any forum user name because those where the login names and then just guess passwords or try collect info on the person in the forums by inviting to your own website and see if the password they use to register matches said account. This was how most WOW players got hacked, easy passwords guess by people, they already had their login names. Always make a strong password never use easy secret question answers.
Password for each site helps with this...and change your password monthly. I've only ever had one account stolen, but that's Blizzards fault. B.net account was the stupidest thing ever done in the history of gaming. Everyone and thier mother can get your e-mail address.
If what the latest is true, the people responsible are Anonymous.
If we were reading the same article based on Sony's letter to Congres, then Anonymous was running a DDoS while the hack occured and not so much that Anonymous was responsible for the hack. Of course I could be off-base on that so if anyone has the link/better info, feel free to correct me.
Of course, the second one could be questioned, I thought Anonymous had a history of letting everyone know when they had done something (and usually why they did it) so seems plausible they didn't perform the actual hack.
-mklinic
"Do something right, no one remembers. Do something wrong, no one forgets" -from No One Remembers by In Strict Confidence
To the above poster, HUH? Of course I don't know about SOE server design, but most servers have data on separate storage than the code and from what we have seen, the hackers have only accessed the data. Hence if it had been encrypted, it would have been protected. Even if they had access to the code area, how would they know what the encrypter module was called, plus they would also need the key for it.
Sounds like you are talking about something you have no understanding of.
So you are telling me that someone that has the ability to get pasted network security could not hack encrypted data and I am the one talking about stuff I do not understand?
If someone has the knowledge to hack into a billion dollar company and steal the data off of a database, then it is very safe to assume they can break an encryption or be able to find the encryption key.
This is no Sony's fault, at least until we know for a fact they did not have up to date security systems in place.
No encrypted data on an interal database is not that uncommon.
To the above poster, HUH? Of course I don't know about SOE server design, but most servers have data on separate storage than the code and from what we have seen, the hackers have only accessed the data. Hence if it had been encrypted, it would have been protected. Even if they had access to the code area, how would they know what the encrypter module was called, plus they would also need the key for it.
Sounds like you are talking about something you have no understanding of.
So you are telling me that someone that has the ability to get pasted network security could not hack encrypted data and I am the one talking about stuff I do not understand?
If someone has the knowledge to hack into a billion dollar company and steal the data off of a database, then it is very safe to assume they can break an encryption or be able to find the encryption key.
This is no Sony's fault, at least until we know for a fact they did not have up to date security systems in place.
No encrypted data on an interal database is not that uncommon.
No you do not understand. And you have no clue about data encryption.
First. As more and more information has been revealed. The hackers actually had a pretty easy task getting passed Network Security, because it was outdated with known vulnaribilities and not patched and updated.
You know, what gets me, is, that 90% of the Gaming sites use the same type of account login and database storage system as SOE, and, Sony as a whole, This, altogether is just the tip of the iceberg, and, we the general public are on the Titanic, meters away from hitting that iceberg.
But, guess what, who are the gaming companies going to protect, certainly not us, they'll protect themselves, citing that they have done their best to make sure that this will never, can't, couldn't ever happen again. And, at the same time, blaming the public, for allowing the Hacks and thefts to happen in the first place.
As Sony would say, We Didn't Do Anything Wrong, Someone else did It. We Aren't Responsible.
To the above poster, HUH? Of course I don't know about SOE server design, but most servers have data on separate storage than the code and from what we have seen, the hackers have only accessed the data. Hence if it had been encrypted, it would have been protected. Even if they had access to the code area, how would they know what the encrypter module was called, plus they would also need the key for it.
Sounds like you are talking about something you have no understanding of.
So you are telling me that someone that has the ability to get pasted network security could not hack encrypted data and I am the one talking about stuff I do not understand?
If someone has the knowledge to hack into a billion dollar company and steal the data off of a database, then it is very safe to assume they can break an encryption or be able to find the encryption key.
This is no Sony's fault, at least until we know for a fact they did not have up to date security systems in place.
No encrypted data on an interal database is not that uncommon.
According to testimony given at the congressional hearing, Sonys apache servers were outdated, unpatched and vulnerable to a known exploit. On top of that Sony was warned about it. Apache server powers something like half of the entire internet sites or some crazy amount. From billion dollar companies to home hobbyists. It isn't exactly mission impossible to hack into a known vulnerability like this.
I'm no encryption expert, but last I recall something properly encrypted would be near impossible to brute force crack. So all the hackers would really have is a lot of useless zeros and ones.
Comments
To the above poster, HUH? Of course I don't know about SOE server design, but most servers have data on separate storage than the code and from what we have seen, the hackers have only accessed the data. Hence if it had been encrypted, it would have been protected. Even if they had access to the code area, how would they know what the encrypter module was called, plus they would also need the key for it.
Sounds like you are talking about something you have no understanding of.
The date may have been encripted and the key known by the hacker. This may all be caused by one of the 240 or so people Sony recently fired from their gaming division. So this may well be an inside job.
Well, this has cost me 10 dollars a month for identity theft protection...got it after my credit card was frozen this morning due to suspicious activity...it expires next year, but I guess I used it for Vanguard. My bank called up and said there was a suspicious charge of one dollar.
Once SOE sites are up, I'm going to cancel my Vanguard and DC Universe subscriptions. Sorry to Sony and SOE, but I've now have to pay 10 dollars just to keep my identity safe...lame. I don't care at all about the credit card being taken, that is easy to fix...but all the other information is more important, hence why I don't even use Facebook (that sells your info to other companies anyway and have ties with the FBI, but that is another discussion)
My two friends in the Netherlands have been forced to freeze their credit card in case anything happens (as it seems Europe was hit worse by these hacks), and like me, will be canceling their subs to SOE (one has all station pass that he will remove). I have a friend from college that still plans to give SOE a chance, though...he said he'll see what happens in the next few weeks if he'll keep supporting them. He really enjoys VG, so do I...especially there is no other game like it that is open world and PVE focused (he doesn't like PvP at all).
If this happened to Blizzard, I wouldn't support them either. SOE got the unluck of the draw, really. Like I said, the credit card being stolen doesn't bother me at all...so so easy to fix. And if someone used it, I could easily get my money back. It is all the other information I do NOT want spread around. But looks like it will be now.
Check out my nature/animal/relaxing music channel on Youtube!
My game channel on Youtube!
http://www.youtube.com/vendayn
that would be legend
for the Emu (not the psn customers)
The Deathstar destroyed planets...Lucas Arts destroyed Galaxies
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Played:
SWG | EVE | WOW | VG | LOTRO | WAR | FML | STO | APB | AOC | MORTAL | WOT | BP | SW:TOR
If you didn't care about your cc being stolen, then what's the big beef? You are afraid that your other info is out there? What other info?
It took me 5 minutes to find out that you live in Poway, California. You are 22 years old, birth day is August 26, 1988. Your name is Cody Harlow, and you own an Youtube channel TheExplorium. These are all public information, took less than 5 minutes for me to google & forum jump to find more information about you than the hackers ever got from SOE. I now even know what you look like through your videos, which makes for great identity theft tool because I can use it for fake ID's.
Anyways, I can understand people freaking out and being upset at SOE for their servers getting hacked. But most people don't realize how much info about them is already out there, right out in the public, and many of them are volunteer info that you yourself put out there for everybody to see. If you want to protect yourselves, you best start with changing your own habits online. Just trying to help, and by the way, I'll edit your info out if you ask me to.
EQ1-AC1-DAOC-FFXI-L2-EQ2-WoW-DDO-GW-LoTR-VG-WAR-GW2-ESO
Gotta love google.. I know people that use to use it as a way to guess that infamous "Password Question".. "Whats you're favorite sports team?" well myspace or facebook would have that.. "Whats you're mothers maiden name?" Again probably could be found on myspace/facebook.. No ones safe from this kind of thing.
Currently Playing:
Rift + Starcraft II + Gears Of War 3 Beta
I canceled my subscriptions to sony a long time ago. I'm glad I did. This just shows SOE's uncanny ability to suck. I still play on PSN, but they don't have my credit card
Yup, it's why you should never, ever, use real answers to these secret questions. It's way too easy to find out these things, such as place of birth, maiden names, fav sports team, fav color, etc.. May sound paranoid but if people want to make a big stink about their info getting leaked, they best protect themselves better.
EQ1-AC1-DAOC-FFXI-L2-EQ2-WoW-DDO-GW-LoTR-VG-WAR-GW2-ESO
In regards to the lawsuits and SOE, I would think it would be hard to get them convicted of such terms as described by some. This is not something a Judge or jury would award based on the evidence that they can backup with against such accusations. There is no way they will win this class action against SOE, firstly SOE was not breaking any laws and not withholding how our information is stored, all this was or is in the fine print when you make a purchase from them, however; this doesn't mean it wont hurt them.
It wouldn't surprise me if these attacks where made up by John Smedley just so he could act like all this hurt them so bad he needed to restructure and remove some games and more firings to make room for his projects. Yeah I know a far fetch thing to say but hey it's afterall John Smedley.
Don't look forward to these lawsuits winning for the people. There really isn't anything I can see that was done unlawfully towards the customer. Based on all that I could see and read, little to nothing they can do in a court of law.
Yeah and for example you could use to log onto WOW at the login screen and take any forum user name because those where the login names and then just guess passwords or try collect info on the person in the forums by inviting to your own website and see if the password they use to register matches said account. This was how most WOW players got hacked, easy passwords guess by people, they already had their login names. Always make a strong password never use easy secret question answers.
When done right, only very very few people know about the encryption keys and have access to them.
When one of those people get laid off, a smart company would immediately exchange those encryption keys for new ones to protect themselves from exactly that sort of thing.
I am not saying Sony nor SOE are a smart company.... as obviously they are not. That much has become more than clear with so far available information about the recent events.
As our personal data was not encrypted at all, but stored in "Plain Text", plus SOE had even an old 2007 database up and running that even contained people's credit/debit card info and bank account data!
But mehh... this has been said enough times now. Getting tired of repeating it, because people don't bother to read.
With SOE stock probably on the decline, now is the time to buy!
I have faith they will pick up again...or will final fantasy 14 the true "final fantasy"? hehe...
I am entitled to my opinions, misspellings, and grammatical errors.
I feel sorry for the SOE customers that will have to deal with this...of course, this isnt the first time I have felt very very sorry for SOE customers...
Nice read (well maybe not for us that are affected): http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2011/05/03/BUI41JB95L.DTL
This article pretty much sums up the state of affairs.
Also AGAIN, a nice little line about how the hackers used a "Known Security Vulnaribility" to gain access to Sony PSN and SOE's network!
Nice huh.
uh.....you do know Final Fantasy 14 has NOTHING to do with SOE...right?
Apparently stating the truth in my sig is "trolling"
Sig typo fixed thanks to an observant stragen001.
The company shut down its online-gaming service Sunday night after a hacker infiltrated the network just weeks after the first breach. Sony said it expected online services to be fully restored by the end of May.
Read more: http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2011/05/03/BUI41JB95L.DTL#ixzz1LQVd8x66
'HALF-BAKED' RESPONSE
The company noticed unauthorized activity on its network on April 19, and discovered that data had been transferred off the network the next day. It waited until April 22 to notify the FBI.
Sony chose to disclose the latest details of the attacks in a letter to the U.S. House Energy and Commerce subcommittee on commerce, manufacturing and trade rather than testify in a hearing on cyber attacks that was held on Wednesday.
Lawmakers expressed disappointment that Sony and Epsilon declined to appear at the hearing and pledged a bill that would require companies to do a better job of safeguarding their customers' data and to quickly disclose to customers when their data was lost.
Subcommittee Chairwoman Mary Bono Mack noted with dismay that Sony first disclosed the breach on a blog.
"Sony put the burden on consumers to search for information, instead of accepting the burden of notifying them," she said. "If I have anything to do with it, that kind of half-hearted, half-baked response is not going to fly in the future."
(Additional reporting by Liana B. Baker and Joan Gralla in New York; Editing by Maureen Bavdek, Gerald E. McCormick and Steve Orlofsky)
With every new info surfacing it seems to be worse. *sigh* I mean, I had good times with SWG and Eq2 many years... but this. It really should not happen. I am not quick to distrust, and try to give the benefit of doubt, but this just is beyond some small incident. It seems now Sony really mismanaged their security system.
I hate those criminals, stealing such data from other people, it's just bad. What kind of evil people do such things!
EDIT: Even tho I understand we all are pissed about this, some experts about security seem to confirm my initial view, that data theft does not show any particular lack from Sony's side. See this interview on Kotaku:
http://kotaku.com/#!5797602/dont-blame-sony-you-cant-trust-any-networks
Quote:
"What does that even mean?" he asked. "Is there such a thing as a secure house?"
No networks, Schneier added, are really secure and people have to come to grips with that.
The fact that Sony, and not Microsoft or Nintendo, was the company breached by hackers has nothing to do with their level of security, he said.
It's what I tried to tell you guys altogether before.
People don't ask questions to get answers - they ask questions to show how smart they are. - Dogbert
If what the latest is true, the people responsible are Anonymous.
What a complete bunch of back stabbing bastards. Supposedly most are gamers, what kind of community steals from its own? Lowest of the low.
Stealing people's identity, filling them with 'fear'. It's called terrorism, and I hope they prosecute the bastards on such scale.
Anonymous just jumped the shark. Can't believe I ever thought this collective was once righteous.
Gamers need to fight back, time to find these fools.
Password for each site helps with this...and change your password monthly. I've only ever had one account stolen, but that's Blizzards fault. B.net account was the stupidest thing ever done in the history of gaming. Everyone and thier mother can get your e-mail address.
If we were reading the same article based on Sony's letter to Congres, then Anonymous was running a DDoS while the hack occured and not so much that Anonymous was responsible for the hack. Of course I could be off-base on that so if anyone has the link/better info, feel free to correct me.
Also, another article on the general topic: http://consumerist.com/2011/05/security-expert-sony-knew-its-software-was-obsolete-months-before-psn-breach.html
And one claiming Anonymous is saying they didn't do it: http://news.cnet.com/8301-13506_3-20060033-17.html?part=rss&subj=news&tag=2547-1_3-0-20
Of course, the second one could be questioned, I thought Anonymous had a history of letting everyone know when they had done something (and usually why they did it) so seems plausible they didn't perform the actual hack.
-mklinic
"Do something right, no one remembers.
Do something wrong, no one forgets"
-from No One Remembers by In Strict Confidence
So you are telling me that someone that has the ability to get pasted network security could not hack encrypted data and I am the one talking about stuff I do not understand?
If someone has the knowledge to hack into a billion dollar company and steal the data off of a database, then it is very safe to assume they can break an encryption or be able to find the encryption key.
This is no Sony's fault, at least until we know for a fact they did not have up to date security systems in place.
No encrypted data on an interal database is not that uncommon.
Sooner or Later
No you do not understand. And you have no clue about data encryption.
First. As more and more information has been revealed. The hackers actually had a pretty easy task getting passed Network Security, because it was outdated with known vulnaribilities and not patched and updated.
Talking about making it easy for hackers!
You know, what gets me, is, that 90% of the Gaming sites use the same type of account login and database storage system as SOE, and, Sony as a whole, This, altogether is just the tip of the iceberg, and, we the general public are on the Titanic, meters away from hitting that iceberg.
But, guess what, who are the gaming companies going to protect, certainly not us, they'll protect themselves, citing that they have done their best to make sure that this will never, can't, couldn't ever happen again. And, at the same time, blaming the public, for allowing the Hacks and thefts to happen in the first place.
As Sony would say, We Didn't Do Anything Wrong, Someone else did It. We Aren't Responsible.
According to testimony given at the congressional hearing, Sonys apache servers were outdated, unpatched and vulnerable to a known exploit. On top of that Sony was warned about it. Apache server powers something like half of the entire internet sites or some crazy amount. From billion dollar companies to home hobbyists. It isn't exactly mission impossible to hack into a known vulnerability like this.
I'm no encryption expert, but last I recall something properly encrypted would be near impossible to brute force crack. So all the hackers would really have is a lot of useless zeros and ones.