I had already written of Codemasters pretty much for the JGE fiasco and putting out two absolutely horrendous Operation Flashpoint games, now this heh. It's unfortunate and I hope no one is harmed in any way.
I do believe we have every right to be judgemental. As customers we expect a company to secure our information if they want us to providethem in order to use their products. I do care about Codemasters, but there is no excuse for this. The recent hacker attacks is reason enough to increase security measures.
You're right there. I agree. But I am willing to believe that companies have been looking at their security since the hack outbreak. You have to be willing to believe that Codemasters, Google, Sony, have all been using the appropriate security for their business. And I'm betting that until this happened, how much security they had up until now was probably not much of a concern for you. For me neither.
That's probably because over the internet, it's common knowledge that information should be stored in a secure way. As such, big companies dealing with hundreds of thousands of customers data would logically have more than enough money to have a suitable security system in place to prevent most of the attacks. For that reason, we don't pay much attention to companies security because we believe it to be a given in this day and age.
Seriously, who would've thought that SONY would store their customers data in a .txt file....really. SONY was defeated by one of the oldest and easiest trick in the hacker book, an SQL Injection. For such a primitive and well-known method to work, it's appaling. Hard to believe they've been using appropriate security. As for Google, well they've been dealing with Chinese hackers, likely connected to the chinese government since it comes from a military base set in China. It's a lot harder to defend against those kinds of hackers. What SONY had to deal with, is something almost anyone could've done after reading about Programming For Dummies.
I seriously doubt that you understand how it was done. As an example, If data is written in plain text, it means its not encrypted, not that it is written in a .txt file
As for SQL Injection, this doesnt just consist of one widely known method. It totally depends on the SQL version and what generation. Every new version has new vulnerabilities and its not always just a matter of unpatched serversoftware. Fixes usually lag behind the discovery of exploits. What matters is who discovers the vulnerabilities.
Im not trying to defend Sony here, but asking to keep this in perspective. Its not only Sony and Codemasters that have been hacked lately. But them being gaming companies made them focussed on on this website. Fox and a large American bank have been hacked lately too and customer information has been stolen there too. Its not just the 'evil' gaming companies who were hacked.
And there is also no reason to assume that the hackers that attack Google are automatically more skilled because there might be government backing.
I do believe we have every right to be judgemental. As customers we expect a company to secure our information if they want us to providethem in order to use their products. I do care about Codemasters, but there is no excuse for this. The recent hacker attacks is reason enough to increase security measures.
You're right there. I agree. But I am willing to believe that companies have been looking at their security since the hack outbreak. You have to be willing to believe that Codemasters, Google, Sony, have all been using the appropriate security for their business. And I'm betting that until this happened, how much security they had up until now was probably not much of a concern for you. For me neither.
That's probably because over the internet, it's common knowledge that information should be stored in a secure way. As such, big companies dealing with hundreds of thousands of customers data would logically have more than enough money to have a suitable security system in place to prevent most of the attacks. For that reason, we don't pay much attention to companies security because we believe it to be a given in this day and age.
Seriously, who would've thought that SONY would store their customers data in a .txt file....really. SONY was defeated by one of the oldest and easiest trick in the hacker book, an SQL Injection. For such a primitive and well-known method to work, it's appaling. Hard to believe they've been using appropriate security. As for Google, well they've been dealing with Chinese hackers, likely connected to the chinese government since it comes from a military base set in China. It's a lot harder to defend against those kinds of hackers. What SONY had to deal with, is something almost anyone could've done after reading about Programming For Dummies.
I seriously doubt that you understand how it was done. As an example, If data is written in plain text, it means its not encrypted, not that it is written in a .txt file
As for SQL Injection, this doesnt just consist of one widely known method. It totally depends on the SQL version and what generation. Every new version has new vulnerabilities and its not always just a matter of unpatched serversoftware. Fixes usually lag behind the discovery of exploits. What matters is who discovers the vulnerabilities.
Im not trying to defend Sony here, but asking to keep this in perspective. Its not only Sony and Codemasters that have been hacked lately. But them being gaming companies made them focussed on on this website. Fox and a large American bank have been hacked lately too and customer information has been stolen there too. Its not just the 'evil' gaming companies who were hacked.
And there is also no reason to assume that the hackers that attack Google are automatically more skilled because there might be government backing.
Nintendo was also hacked recently.
Apparently stating the truth in my sig is "trolling" Sig typo fixed thanks to an observant stragen001.
That's probably because over the internet, it's common knowledge that information should be stored in a secure way. As such, big companies dealing with hundreds of thousands of customers data would logically have more than enough money to have a suitable security system in place to prevent most of the attacks. For that reason, we don't pay much attention to companies security because we believe it to be a given in this day and age.
Seriously, who would've thought that SONY would store their customers data in a .txt file....really. SONY was defeated by one of the oldest and easiest trick in the hacker book, an SQL Injection. For such a primitive and well-known method to work, it's appaling. Hard to believe they've been using appropriate security. As for Google, well they've been dealing with Chinese hackers, likely connected to the chinese government since it comes from a military base set in China. It's a lot harder to defend against those kinds of hackers. What SONY had to deal with, is something almost anyone could've done after reading about Programming For Dummies.
I seriously doubt that you understand how it was done. As an example, If data is written in plain text, it means its not encrypted, not that it is written in a .txt file
As for SQL Injection, this doesnt just consist of one widely known method. It totally depends on the SQL version and what generation. Every new version has new vulnerabilities and its not always just a matter of unpatched serversoftware. Fixes usually lag behind the discovery of exploits. What matters is who discovers the vulnerabilities.
Im not trying to defend Sony here, but asking to keep this in perspective. Its not only Sony and Codemasters that have been hacked lately. But them being gaming companies made them focussed on on this website. Fox and a large American bank have been hacked lately too and customer information has been stolen there too. Its not just the 'evil' gaming companies who were hacked.
And there is also no reason to assume that the hackers that attack Google are automatically more skilled because there might be government backing.
The SQL Injection has been confirmed by the group of hacker itself (LulzSec) as being a basic method. On top of that, customers information were not encrypted (as you mentionned) but I've read a few sources claiming they were in .txt files, I'll need to look it up again. Given that SONY did not encrypt the information at all, it's really not a suprise that a basic SQL Injection would be more than enough to infiltrate them. Hell, SONY later discovered that another group was using their servers to host a phising website...
As for the group of hackers who got Google (twice at that), Google had some decent security set-up, especially after the first attack they've strengthened their security a lot more. These are all the reasons needed to believe that the chinese groups are far more knowledgeable hackers, especially when it's backed by chinese governement. (Both attacks on Google were traced by Google itself to to one of the military base in China, afterwhich they confronted the governement and threatened them to remove the censorship imposed by China unless they stop with the attacks on Gmail users).
And of course I know that SONY isn't the only one to get hacked, I've lost count already. FOX, PBS, HBG, Black&Berg, Infraguard (an FBI-associated company), SONY (various branches), Codemaster, Nintendo, Square Enix/Eidos Montreal, etc.
And of course I know that SONY isn't the only one to get hacked, I've lost count already. FOX, PBS, HBG, Black&Berg, Infraguard (an FBI-associated company), SONY (various branches), Codemaster, Nintendo, Square Enix/Eidos Montreal, etc.
Game companies being targeted is just a phase, but companies and governments are hacked on a daily basis, just they cover it up most of the time.
No one can be 100% safe as long as they use software that is publically available, people can always get their hands on it and find a way around it. The only way to really be safe is to not use anything that is in the public domain, so no Unix, Windows, Apache, SQL variants, etc.
There only one way to stop a computer from being hacked from another computer. dont hook it up to another network whatsoever. But wait, then we cant make online payments. and therein lies the problem.
You can lay on as much security as you can, but there only so much you can do, against a group/individual that determined to make it their/his/her life work to hack into a company. If your lucky, you can stop the attack, get details of it due to constant attack of who it is, (and even then, there enough counter software for this kind of thing out there) or find out your security is enough for that lot, only to find out there another lot starting on you while you are concentrated on the last lot still.
In the end, something either gives, or someone comes up with something. evolution i believe it called.
Well i had 2 differant accounts with SoE (both of those had been inactive for a couple of years or so), i also had an account with codemasters which had been inactive for almost 2yrs. Yes they still held my details after all this time. I cannot remember everything that has my details that i have been to in the past 11-13yrs. Some sites which have been asked the question on how good is their security in light of all these hacking's have simply deleted/locked or just ignored the question, so one would have to presume their security is not brilliant.
As already mentioned codemasters was not the first, and will not be the last either (though SoE have been done 4 times or so), so far the running tally is at least 4 games companies, 2 movie sights, google and citybank have been hit and those are probably the known ones, i bet many have kept quiet.
Comments
I had already written of Codemasters pretty much for the JGE fiasco and putting out two absolutely horrendous Operation Flashpoint games, now this heh. It's unfortunate and I hope no one is harmed in any way.
I seriously doubt that you understand how it was done. As an example, If data is written in plain text, it means its not encrypted, not that it is written in a .txt file
As for SQL Injection, this doesnt just consist of one widely known method. It totally depends on the SQL version and what generation. Every new version has new vulnerabilities and its not always just a matter of unpatched serversoftware. Fixes usually lag behind the discovery of exploits. What matters is who discovers the vulnerabilities.
Im not trying to defend Sony here, but asking to keep this in perspective. Its not only Sony and Codemasters that have been hacked lately. But them being gaming companies made them focussed on on this website. Fox and a large American bank have been hacked lately too and customer information has been stolen there too. Its not just the 'evil' gaming companies who were hacked.
And there is also no reason to assume that the hackers that attack Google are automatically more skilled because there might be government backing.
Nintendo was also hacked recently.
Apparently stating the truth in my sig is "trolling"
Sig typo fixed thanks to an observant stragen001.
The SQL Injection has been confirmed by the group of hacker itself (LulzSec) as being a basic method. On top of that, customers information were not encrypted (as you mentionned) but I've read a few sources claiming they were in .txt files, I'll need to look it up again. Given that SONY did not encrypt the information at all, it's really not a suprise that a basic SQL Injection would be more than enough to infiltrate them. Hell, SONY later discovered that another group was using their servers to host a phising website...
As for the group of hackers who got Google (twice at that), Google had some decent security set-up, especially after the first attack they've strengthened their security a lot more. These are all the reasons needed to believe that the chinese groups are far more knowledgeable hackers, especially when it's backed by chinese governement. (Both attacks on Google were traced by Google itself to to one of the military base in China, afterwhich they confronted the governement and threatened them to remove the censorship imposed by China unless they stop with the attacks on Gmail users).
And of course I know that SONY isn't the only one to get hacked, I've lost count already. FOX, PBS, HBG, Black&Berg, Infraguard (an FBI-associated company), SONY (various branches), Codemaster, Nintendo, Square Enix/Eidos Montreal, etc.
haha, did lotro make an good choice transfering to turbine yust on time or what?
https://ashesofcreation.com/r/Y4U3PQCASUPJ5SED
Game companies being targeted is just a phase, but companies and governments are hacked on a daily basis, just they cover it up most of the time.
No one can be 100% safe as long as they use software that is publically available, people can always get their hands on it and find a way around it. The only way to really be safe is to not use anything that is in the public domain, so no Unix, Windows, Apache, SQL variants, etc.
There only one way to stop a computer from being hacked from another computer. dont hook it up to another network whatsoever. But wait, then we cant make online payments. and therein lies the problem.
You can lay on as much security as you can, but there only so much you can do, against a group/individual that determined to make it their/his/her life work to hack into a company. If your lucky, you can stop the attack, get details of it due to constant attack of who it is, (and even then, there enough counter software for this kind of thing out there) or find out your security is enough for that lot, only to find out there another lot starting on you while you are concentrated on the last lot still.
In the end, something either gives, or someone comes up with something. evolution i believe it called.
They're in the gaming biz not ssecurity, lol. Besides other companies got hacked too not just code master. Blame the hackers.
Well i had 2 differant accounts with SoE (both of those had been inactive for a couple of years or so), i also had an account with codemasters which had been inactive for almost 2yrs. Yes they still held my details after all this time. I cannot remember everything that has my details that i have been to in the past 11-13yrs. Some sites which have been asked the question on how good is their security in light of all these hacking's have simply deleted/locked or just ignored the question, so one would have to presume their security is not brilliant.
As already mentioned codemasters was not the first, and will not be the last either (though SoE have been done 4 times or so), so far the running tally is at least 4 games companies, 2 movie sights, google and citybank have been hit and those are probably the known ones, i bet many have kept quiet.
If they get convited of charges like that they might never get out of prison.
Currently playing:
EVE online (Ruining low sec one hotdrop at a time)
Gravity Rush,
Dishonoured: The Knife of Dunwall.
(Waiting for) Metro: Last Light,
Company of Heroes II.