Support NeoGAF

[Metalmurphy]

No one knows how deep/sofisticated the hack actually was (besides the hackers, and possibly Sony too). You can say that Sony fucked up with not encrpyting the personal information on the PSN servers, i agree to that, but the rest we dont really know that much about.

No one encrypts personal data except for the passwords/secret questions.

 

[LiK]

Sony's E3 press event sure is gonna be interesting. Wondering how they're going to present themselves.

Actually, I wanna see if the audience will boo them when they go on stage.

 

[Pai Pai Master]

Actually, I wanna see if the audience will boo them when they go on stage.

That would be stupid. But I'm wondering if they'd discuss it at all, or just try to focus on presenting content.

 

[see5harp]

Wow still no dice? How can people go another entire weekend?

 

[ajf009]

It's pretty pathetic, and I'm glad their being sued over it

 

[test_account]

No one encrypts personal data except for the passwords/secret questions.

What is the reason not to enrypt personal data? But was the password/secret questions encrypted on the PSN servers though?

 

[borghe]

Indeed... after 13 years, never had a single problem with stuff like that, and this is a coincidence? When the bank operator herself told me about Sony contacting them? Seriously?

Sony wouldn't contact the bank. they would actually have no way of contacting the bank (as a former merchant I know). They would contact their merchant provider who would then contact Visa, Mastercard, AmEx, etc. Those companies would then contact all issuing banks. Furthermore, Sony would never say a single thing about cloning as they wouldn't know. The most they would/could say (to Visa et al) is "here are a list of cards that were potentially compromised". If Visa/MC/AmEx/etc contacted your bank, it would make sense that they would have contacted ALL issuing banks, which other people are saying hasn't happened.

I am not calling you a liar or saying you didn't hear what you heard. I am trying to explain it to you as a former business who had to deal with fraud, chargebacks, and plenty of other credit card issues. The way your bank explained it to you is simply NOT how it works. That is all.

Regarding the fraud on your account, out of 77M accounts on PSN and the tens of thousands of fraudulent activities that occur every day, it is most certainly possible for it to just be coincidence. Yes, even after 13 years and even just a week after the information leak on PSN, it is still possible (and in this case very likely) for this to be one extremely unlikely and incredibly inconvenient coincidence, even after 13 years.

My brother had his credit card number stolen at a restaurant by the waiter. As stupid and random as that. The very day we went to said shady restaurant (with god awful service, go figure) a charge for $100+ showed up on his account. Now imagine something like this happening during such a random and crude event of CC theft. It would certainly make sense to wonder if the two were related, but without a pattern of events to judge it by, it would impossible to say with any certainty that it was indeed the cause.

I'm sorry you are getting upset with me. I am actually not trying to be rude. Just trying to explain why your bank shouldn't have told you that and that they were probably quite misinformed and spreading that misinformation onto you. You are not at fault or to be criticized in any of this. Just passing on what you heard.

What is the reason not to enrypt personal data? But was the password/secret questions encrypted on the PSN servers though?

because encryption/decryption is VERY expensive computing-wise. You basically encrypt only the absolutely most sensitive forms of data for storage, and rely on other forms of security to protect the less sensitive data. It's like has been said elsewhere in this thread. The theft of personal data sucks, but most of the actual data lost here isn't really anything that can't be found elsewhere on the net for most of us. With data that "common place", it would be unnecessarily expensive in terms of computing power to encrypt and decrypt it upon storage/use. However things like a credit card number and social security number are EXTREMELY sensitive and in fact only supposed to be seen/used unencrypted very rarely and very securely, so that should NEVER be stored anywhere without being encrypted.. Hope that makes sense.

 

[Metalmurphy]

What is the reason not to enrypt personal data? But was the password/secret questions encrypted on the PSN servers though?

Performance reasons I think. In almost everywhere personal data is saved in plain text in the db while passwords use 1 way hashes.

But was the password/secret questions encrypted on the PSN servers though?

This is what I wanted to know since this started and haven't been able to get an answer yet.

 

[LiK]

That would be stupid. But I'm wondering if they'd discuss it at all, or just try to focus on presenting content.

Either apologize on stage or they'll just present stuff like nothing happened. But if the service isn't 100% by then, I can expect some boos from the crowd.

 

[test_account]

Actually, I wanna see if the audience will boo them when they go on stage.

If people boo, then it would be sool cool if Jack Tretton (or whoever goes on stage first) would reply "are you saying boo or boo urns?" hehe

That would be stupid. But I'm wondering if they'd discuss it at all, or just try to focus on presenting content.

I think that maybe they will mention it and then talk about improved security etc.

 

[Zoibie]

That would be stupid. But I'm wondering if they'd discuss it at all, or just try to focus on presenting content.

If they do bring it up, anything other than a serious acknowledgement (as in, not jokes/Kevin Butler routine) would look ignorant. That is, unless Sony can somehow confirm before then that no personal data was actually stolen or sold.

 

[Hanmik]

Either apologize on stage or they'll just present stuff like nothing happened. But if re service isn't 100% by then, I can expect some boos from the crowd.

the bolded part will happen..

and if PSN isn´t 100% up by E3, then Sony will not attend the show.. they will be searching for a Viagra dealer to get PSN up.

 

[Neuromancer]

I'm wondering how major publishers are handling this.

A company like EA or Activision is losing weeks worth of potential DLC sales and possibly sales of games.

Good question. Wonder if Sony will do anything for them or if they're just screwed.

 

[pharmboy044]

Actually, I wanna see if the audience will boo them when they go on stage.

It might depend on what Sony offers for compensation.
I think they might actually not have too much of an issue from the fans. We're a forgiving bunch.

 

[test_account]

Performance reasons I think. In almost everywhere personal data is saved in plain text in the db while passwords use 1 way hashes.

Ok, i see. But isnt personal info mostly just stored data than isnt activly used? Or would this still affect the performance?

This is what I wanted to know since this started and haven't been able to get an answer yet.

Sony has recommended people to change their passwords, so i wonder if that is an indirectly confirmation that the password wasnt encrypted (or at least not good enough). But maybe they say it just as a safety precaution. But yeah, it would be nice to have some confirmation on this directly from Sony indeed.

the bolded part will happen..

and if PSN isn´t 100% up by E3, then Sony will not attend the show.. they will be searching for a Viagra dealer to get PSN up.

Lol, using liquid viagra in the watercooling on the servers in hope to get the service up and running faster

 

[alphaNoid]

This won't affect Sony's E3 conference at all....

Its nice to want things

There is going to be a lot of fallout from this rupture of personal data. Sony isn't going to live it down for years, it'll be black mark on the brand and everyone is always going to remember when PSN got hacked. If you think that in just a few short weeks the world will have forgotten about it, or be willing to brush it aside.. you're going to be surprised.

I'm sure Sony will go on stage and act like nothing happened, but it will be incredibly awkward for them to try and get people excited about anything when the memory of all of this is so fresh.

In the very least all of this has stolen whatever momentum Sony had going into E3, its going to be a tough road ahead for them.

 

[jax (old)]

Its nice to want things

There is going to be a lot of fallout from this rupture of personal data. Sony isn't going to live it down for years, it'll be black mark on the brand and everyone is always going to remember when PSN got hacked. If you think that in just a few short weeks the world will have forgotten about it, or be willing to brush it aside.. you're going to be surprised.

I'm sure Sony will go on stage and act like nothing happened, but it will be incredibly awkward for them to try and get people excited about anything when the memory of all of this is so fresh.

In the very least all of this has stolen whatever momentum Sony had going into E3, its going to be a tough road ahead for them.

until they show uncharted 3 and nathan is stealing data from a datacenter /injoke win

 

[Hanmik]

Its nice to want things

There is going to be a lot of fallout from this rupture of personal data. Sony isn't going to live it down for years, it'll be black mark on the brand and everyone is always going to remember when PSN got hacked. If you think that in just a few short weeks the world will have forgotten about it, or be willing to brush it aside.. you're going to be surprised.

I'm sure Sony will go on stage and act like nothing happened, but it will be incredibly awkward for them to try and get people excited about anything when the memory of all of this is so fresh.

In the very least all of this has stolen whatever momentum Sony had going into E3, its going to be a tough road ahead for them.

if you work some more exciting twists in here, you will have created a new Memo.. you sound like an expert.

 

[chubigans]

Its nice to want things

There is going to be a lot of fallout from this rupture of personal data. Sony isn't going to live it down for years, it'll be black mark on the brand and everyone is always going to remember when PSN got hacked. If you think that in just a few short weeks the world will have forgotten about it, or be willing to brush it aside.. you're going to be surprised.

I'm sure Sony will go on stage and act like nothing happened, but it will be incredibly awkward for them to try and get people excited about anything when the memory of all of this is so fresh.

In the very least all of this has stolen whatever momentum Sony had going into E3, its going to be a tough road ahead for them.

If E3 was next week, I'd agree with you. But honestly, you'll be pretty surprised how fast the public is willing to let this go, especially if the compensation package is good enough. People gotta have their online fix.

 

[see5harp]

Sony fans will cheer no matter what the situation. I am interested to see what type of promotion Sony can offer publishers. Maybe top billing in the next plus update with a discount for the PSN games.

 

[test_account]

I'm sure Sony will go on stage and act like nothing happened, but it will be incredibly awkward for them to try and get people excited about anything when the memory of all of this is so fresh.

I cant really see this happening, because i think that Sony has spoken about PSN in every E3 conference so far, and i'm sure that they will mention it this year as well. Not saying anything about the hack while talking about PSN would surprise me a lot. When they get to the PSN part in their conference, i think that the hack is the first thing that they will mention. But time will tell what happeneds.

 

[JB1981]

man i want to play some games online, gears 3 beta couldn't have come at a better time.

 

[LiK]

You can bet that there will be lil bits of chuckle or sadness when the devs and PR try to promote MP and other PSN features in their games at E3.

*hugs devs*

 

[Hanmik]

I cant really see this happening, because i think that they have spoken about PSN in every E3 conference so far, and i'm sure that they will mention it this year as well. Not saying anything about the hack while talking about PSN would surprise me a lot. When they get to the PSN part in their conference, i think that the hack is the first thing that they will mention. But time will tell what happeneds.

If they mention the hack (which is likely to happen), then it will be about how Sony has secured the future of PSN, instead of talking about what happened, they will talk about how secure PSN is now (by the time of June, that is in the future, that sounds strange)

 

[balladofwindfishes]

Sony fans will cheer no matter what the situation. I am interested to see what type of promotion Sony can offer publishers. Maybe top billing in the next plus update with a discount for the PSN games.

they're going to have to offer monetary compensation for publishers.

Unlike customers, publishers can't really rely on coupons or special deals to recoup lost sales for 2+ weeks. They're going to want real money on top of that compensation.

We're talking about the likes of EA and Activision here. If they have a good case (which they do), you know they're going to go for blood.

 

[careksims]

Ok, I'm sure it comes from here :

:lol

AHHAAAA! I laughed.

 

[Combichristoffersen]

Its nice to want things

There is going to be a lot of fallout from this rupture of personal data. Sony isn't going to live it down for years, it'll be black mark on the brand and everyone is always going to remember when PSN got hacked. If you think that in just a few short weeks the world will have forgotten about it, or be willing to brush it aside.. you're going to be surprised.

I'm sure Sony will go on stage and act like nothing happened, but it will be incredibly awkward for them to try and get people excited about anything when the memory of all of this is so fresh.

In the very least all of this has stolen whatever momentum Sony had going into E3, its going to be a tough road ahead for them.

The best thing they could do would be to acknowledge that it happened, and make some self-deprecating jokes about it.

 

[jetsetfluken]

So I guess a total downtime to expect is 2 weeks total (my guess is up Tuesday)...
I have a feeling this will be a reason lots of devs and even big publishers will avoid PSN for future DD releases and DLC, and have them only on XBL.
Just when Sony was picking up steam and we were seeing multi-plat DD releases for the most part, this happened.
Back to the days of devs neglecting PSN even for DD releases like Ikaruga, Rez HD, etc.

 

[yyr]

If Microsoft really wanted to capitalize on this, they'd be like

"Hi! 3 months of LIVE Gold FREE for all new first-time subscribers, effective from now until May 15th! And to all of our loyal customers who already have LIVE Gold... thank you for your business! We appreciate your trust. Your subscription has been extended 3 months, free of charge."

Replace the 3 with a 6 or 12 for MAXIMUM DAMAGE

 

[Mama Robotnik]

The best thing they could do would be to acknowledge that it happened, and make some self-deprecating jokes about it.

I'm not sure that would be in their best interests.

I mean, a few years ago when they did a nod to Kaz Hirai's "Ridge Racer" moment, that's fair enough, but if they're seen laughing about this the mainstream media could pounce on it, nomatter the context.

 

[LowParry]

So I guess a total downtime to expect is 2 weeks total (my guess is up Tuesday)...
I have a feeling this will be a reason lots of devs and even big publishers will avoid PSN for future DD releases and DLC, and have them only on XBL.
Just when Sony was picking up steam and we were seeing multi-plat DD releases for the most part, this happened.
Back to the days of devs neglecting PSN even for DD releases like Ikaruga, Rez HD, etc.

Devs would be stupid enough to think like that. That's a lot of money being thrown away.

 

[Zoe]

Sony has recommended people to change their passwords, so i wonder if that is an indirectly confirmation that the password wasnt encrypted (or at least not good enough). But maybe they say it just as a safety precaution. But yeah, it would be nice to have some confirmation on this directly from Sony indeed.

Probably used encryption that susceptible to brute force.

 

[params7]

Sony has admitted the login information was not encrypted. They said this was beind security, but CC info was only encrypted.

 

[TTP]

If Microsoft really wanted to capitalize on this, they'd be like

"Hi! 3 months of LIVE Gold FREE for all new first-time subscribers, effective from now until May 15th! And to all of our loyal customers who already have LIVE Gold... thank you for your business! Your subscription has been extended 3 months, free of charge."

Replace the 3 with a 6 or 12 for MAXIMUM DAMAGE

Oh you can bet E3 MS press conference will be full of references to the PSN outage. I'd be surprised if they don't mention that at least 5 times throughout the conference.

They will use that to enforce the notion that paying to play online is a good thing.

 

[Mercury Fred]

Wow, another weekend looking like it'll be down?

GG Sony.

 

[Metalmurphy]

Ok, i see. But isnt personal info mostly just stored data than isnt activly used? Or would this still affect the performance?

Would take more space I believe. Something as simple as a Nickname like test_account (and that would have to be decrypted alot, hence a performance hit) would be =#$%$#$&$#%34234"%"$%"#%&4523423"#%&#% encrypted... or something. I'm probably wrong on the details, but I do think it takes more space.

 

[Wolves Evolve]

I've really been impressed with Gamasutra's quality of reporting over the last two months, and this opinion piece by Colin Campbell is no exception:

http://www.gamasutra.com/view/news/34348/Opinion_PlayStation_Brand_Faces_Uncertain_Future.php

Maybe Sony thinks it can drown out all this noise with a big, deflective E3 showing, or an ad campaign on Fox later in the year, or some free DLC. If so, they're wrong.

Here's Sony's problem. In order for people to allow the brand into their lives, they have to identify with its values. Sony's values have always been attractive and alluring. Right now, Sony is hiding. That's not attractive. It does not allure. It frustrates and it annoys.

I asked Karen Post what's the worst things a brand like Sony could do right now. She said, "Fail to focus on finding answers. Fail to be transparent and honest. Behave like cry babies. Underestimate social media."

Sound familiar?

What's so frustrating to me as someone who has been a fairly loyal customer of Sony since day one of the Playstation brand - I have bought (and re-bought) a total of nine consoles - is that I always understood tacitly that what Playstation sells is a slightly teenaged concept of a lifestyle luxury brand. Like, I know that. We all know that. We buy and sell that dream and fuck it, I admit it, I love it. We consume the image of the brand and we enjoy it - bitch and moan about fanboys all you like, but that's how consumption works. I've also been a consumer of the other brands, and I've poured a not inconsiderable part of my income to this particular consumption fantasy.

And yet when I read this Gamasutra piece I felt my stomach open up just a little bit. I knew precisely what he was talking about. The whole debacle became about how shit Sony are as a company rather than Sony being the victim of an attack during the past week. Sorry, but "we just found out" is either the product of incompetence that defines the company or an arrogance that defines the company.

I don't think ultimately this will stop me being an owner of the next console or the NGP, but these things are matters of degrees. I was / am a Playstation Plus subscriber, and right now that's very hard to justify.

 

[LowParry]

Oh you can bet E3 MS press conference will be full of references to the PSN outage. I'd be surprised if they don't mention that at least 5 times throughout the conference.

I'm expecting surprise guest speakers that come on stage with the shoulder tap.

 

[Combichristoffersen]

I'm not sure that would be in their best interests.

I mean, a few years ago when they did a nod to Kaz Hirai's "Ridge Racer" moment, that's fair enough, but if they're seen laughing about this the mainstream media could pounce on it, nomatter the context.

To clarify, I didn't mean they'd necessarily joke about the leak of personal information/the hacking incident, but more that they'd be joking about Sony themselves and their shoddy security (didn't Reeves or Stringer or whoever it was joke about Sony's E3 plans leaking way before E3 during their E3 presser a few years ago?).

 

[Goro Majima]

While I believe in the power of ADD when it comes to things like this, the longer this goes on the more likely people are going to remember that Sony screwed up here.

If this drags out to say, a month? That's going to be pretty hard to overcome.

I'm just glad Netflix still works or else I'd be a lot more angry.

 

[jax (old)]

If Microsoft really wanted to capitalize on this, they'd be like

"Hi! 3 months of LIVE Gold FREE for all new first-time subscribers, effective from now until May 15th! And to all of our loyal customers who already have LIVE Gold... thank you for your business! We appreciate your trust. Your subscription has been extended 3 months, free of charge."

Replace the 3 with a 6 or 12 for MAXIMUM DAMAGE

Kind of stupid if you ask me... because wherelse Sony doesn't lose money off PSN being down, MS offer free months = losing money. Big time.

 

[Metalmurphy]

Sony has admitted the login information was not encrypted. They said this was beind security, but CC info was only encrypted.

They said personal data. That's not necessarily login information (aka password). But I do wish they'd be more specific.

 

[TTP]

I'm expecting surprise guest speakers that come on stage with the shoulder tap.

The PSN hacker perhaps!

 

[params7]

To clarify, I didn't mean they'd necessarily joke about the leak of personal information/the hacking incident, but more that they'd be joking about Sony themselves and their shoddy security (didn't Reeves or Stringer or whoever it was joke about Sony's E3 plans leaking way before E3 during their E3 presser a few years ago?).

I believe that was Jack Tretton.

 

[balladofwindfishes]

Sony doesn't lose money off PSN being down.

Hahahahaha

Just because something is free for consumers doesn't mean that when it goes down there's no money lost.

 

[Bumblebeetuna]

Damn, I thought for sure they'd have it up by this weekend. Publishers must be pissed. Guess the day isn't over yet and they probably have people working on the weekend.

 

[Metalmurphy]

Its nice to want things

There is going to be a lot of fallout from this rupture of personal data. Sony isn't going to live it down for years, it'll be black mark on the brand and everyone is always going to remember when PSN got hacked. If you think that in just a few short weeks the world will have forgotten about it, or be willing to brush it aside.. you're going to be surprised.

I'm sure Sony will go on stage and act like nothing happened, but it will be incredibly awkward for them to try and get people excited about anything when the memory of all of this is so fresh.

In the very least all of this has stolen whatever momentum Sony had going into E3, its going to be a tough road ahead for them.

The actual press conference won't be affected. They'll go on showing the games they already planned to show and they won't mention this at all.

 

[params7]

They said personal data. That's not necessarily login information (aka password). But I do wish they'd be more specific.

I think they are just putting it mildly. Otherwise they would have said user passwords and CC data is encrypted I think.

 

[LiK]

The actual press conference won't be affected. They'll go on showing the games they already planned to show and they won't mention this at all.

Just edit out the Qriocity segment .

 

[Loudninja]

Damn, I thought for sure they'd have it up by this weekend. Publishers must be pissed. Guess the day isn't over yet and they probably have people working on the weekend.

Why they already said that some services will be but in a week they said that twice now.