Support NeoGAF

[TheSeks]

That game ran beautifully...not sure what you're on about.

Before SOE: Perfect.
After SOE gameplay revamp: Shit.

I never played SWG, but I know the hate of SOE toward it.

In any case, I'll be changing my PSN id's password to make sure the account is still mine when the service is back up. As far as my personal information, I can't really change that and am pissed about it but I can't really do anything toward that other than be vigilant now. :/

I'll still use PSN for now, but shit like this does not inspire confidence in me.

 

[iamvin22]

The PSN logs of the hacker are now on the net. A US senator sent a letter to Tretton asking why weren't consumers emailed once the issue was found.

 

[-PXG-]

Its really interesting. Even with this level of ineptitude from Sony, some people will nonchalantly shrug it off as no big deal, and continue to do business with them. Sure, the sky isn't falling. It's not the end of the world. But to completely not give a shit is odd. Why willingly do business with a company that is this fucking incompetent?

 

[paskowitz]

Also to the people saying the Sony has done nothing to notify its customers, there has been a new post on the blog every day since April 20th.

 

[Mael]

This needs to be repeated. ANY secure transaction depends on both sides being secure. CFW caused this, plain and simple.

And people thought they had no reason to be pissed off at the modding scene :lol

 

[Commanche Raisin Toast]

If your only reason to post is to post some variation of "Everyone who doesn't agree with me is a total idiot" or "All of GAF is saying <x> and <x> is stupid", let me reiterate this paragraph from the stickied thread:

yeah i was looking for that post when i was typing up my large rant.

just trying to figure out a way of deconstructing a lot of sensationalism and laying things out logically (to me anyway) so that it might clear up some confusion. as i said later on, a lot of people will post something sensationalist and outright false, and other users that are worried/scared/freaked out could see that and take it as fact and only perpetuate the e-riot.

i think a lot of people could benefit from some of the misinformation being filtered out, so sorry if i was a little too firm and reactionary with my wording.

i'm still eager to know when exactly sony discovered personal information was compromised compared to when they announced it to us. we'll argue forever about who's fault what was regarding security, but i think the only time sensitive issue is how long it took them to announce the compromise after they found out.

 

[LiK]

The PSN logs of the hacker are now on the net. A US senator sent a letter to Tretton asking why weren't consumers emailed once the issue was found.

booyah

 

[baekshi]

http://www.youtube.com/watch?v=_xKV9BFEEXQ&feature=player_embeddedhttp://
This was on Destructoid, I don't even.

Been posted over 100 times....

 

[darkwing]

Alright, I've cancelled my debit account, and changed my email password (which is the same as my PSN password).

For the likes of Amazon, Paypal, eBay, I use completely different passwords.

There is no need for me to change OTHER passwords, right? All other websites in my LassPass vault are essentially... RANDOM. Like various forums and shops, where credit card details MUST be entered to purchase items.

only need to change it if it was similar to the PSN one

 

[test_account]

I can guarantee you that there were, are, and will be meetings, amongst publishers, as well as shareholders, discussing whether or not if Sony's network security, including their overall ability to do business, is at all sound.

Will there be games for NGP? Of course. But don't think for one second that publishers and investors aren't having second thoughts or have some level of apprehension when it comes to making deals with Sony in the future.

The publisher might discuss it, but just look at every other console, they have all been hacked which have lead to piracy. This is probably the biggest issue for publishers. Still, publishers publish a lot of games for these consoles regardless.

Its really interesting. Even with this level of ineptitude from Sony, some people will nonchalantly shrug it off as no big deal, and continue to do business with them. Sure, the sky isn't falling. It's not the end of the world. But to completely not give a shit is odd. Why willingly do business with a company that is this fucking incompetent?

I think we just assume that this was a very easy hack to do, but do we know about that? Everyone can get hacked, does that mean that they are all fucking incompetent? (if you're referring to being hacked).

 

[Morn]

Also to the people saying the Sony has done nothing to notify its customers, there has been a new post on the blog every day since April 20th.

WITH NO INFORMATION

 

[bob page]

Also to the people saying the Sony has done nothing to notify its customers, there has been a new post on the blog every day since April 20th.

lol, blog posts that provided absolutely no information as to what was actually happening.

Some people just need to take their blinders off.

 

[TOAO_Cyrus]

Yeah? So what if it is? They had it secure. I'm going to go out on a limb here and risk a ban, but this wouldn't be an issue if CFW people just stfu and stop being fucking self entitled to god damn everything. I've said this TIME AND TIME again.

We are in a stage of media convergence, hardware and software is pretty much all connected in some way with personal data.

All this "I want to make my hardware do what ever I want" shit puts TOO many people at risk. Why do we have walled gardens? So fucking idiots can't come inside the garden and shit and set fire to every plant in it. There are security measures for each device for a reason, and it's to PROTECT the people. Sony is Anti-consumer? Yes, because protecting everyone from identity theft is fucking anti-consumer.

You know, if FailOverflow never announced this shit, we wouldn't be here in this thread. I understand wanting to use your product the way you wish, but this isn't a world filled with only butterflies and fucking flowers. Get over yourselves. (not directed to sasuke).

/rage

This almost certainly has nothing to do with the PS3 firmware hack. Client side security does nothing to protect info stored on a server. If Sony was relying on it they are retards and have nothing but themselves to blame. You have to design your system making no assumptions about the devices connecting to it. If any part of PSN security assumed the connecting device was an unmodified PS3 then that is a built in security hole. I find it hard to believe Sony would be that incompetent so most likely the breach was achieved in some other fashion. PS3's security has nothing to do with protecting the end users and everything to do with protecting Sony's business interests, not that there is anything wrong with that.

 

[-viper-]

Alright, I've cancelled my debit account, and changed my email password (which is the same as my PSN password).

For the likes of Amazon, Paypal, eBay, I use completely different passwords.

There is no need for me to change OTHER passwords, right? All other websites in my LassPass vault are essentially... RANDOM. Like various forums and shops, where credit card details MUST be entered to purchase items.

 

[obonicus]

I definitely think you're right, but I'd say that most of the people who are getting the most mad right now probably weren't aware of how bad it was until now. And a lot of them probably want more stringent protections; bigger fines for companies who are subject to breaches, enormous fines for companies who are complicit by negligence in breaches, harsher sentences for black market CC buyers/fraudsters/sellers, etc--so their anger here is very consistent with the state of things in the world.

It's kind of amusing how low the fines are. In the quoted article, 35 million people affected, but the fines so far were 3.6 million euros. About 10c per person affected.

 

[Cheech]

Yeesh, get a wee bit embellished with the reactions here.

Have you ever had your CC # stolen? I have, and it sucks. Monoprice got hacked a year or so ago, and somebody bought a ticket on my card from British Air to fly to UAE (I'm American and have never been to the UK or UAE). Amex was really cool about the whole thing, but it's a pain in the ass. Not really dealing with the fraud itself, but to change that number on the plethora of websites/utilities I use it on.

Which, of course, is the same CC that Sony has for me. I half expect little dipshit merchants like Monoprice to get hacked once in awhile, but Sony? FFS.

I posted about it in the other thread, but I changed my avatar today to comment on Sony's software QA. Just disgusting.

 

[Seraphinianus]

http://www.youtube.com/watch?v=_xKV9BFEEXQ&feature=player_embeddedhttp://
This was on Destructoid, I don't even.

Well, at least one good thing came of this haha

 

[jax (old)]

Oh fuck @ the OP.

I'm kinda of in shock. oh wow.

 

[webrunner]

This needs to be repeated. ANY secure transaction depends on both sides being secure. CFW caused this, plain and simple.

Unless the security is "security through obscurity" which is not security, then someone having a hacked client should not affect other people's not hacked clients.

Basically, breaking into one PS3 shouldnt break into all of them.

So if CFW caused this, PS3 is more at fault then even previously thought.

Rule one(or even rule .5) of networked client/server computing: don't trust the client.

 

[lifa-cobex]

Sony at E3 2011

lol Kevin Butler doing this.

Wish Sony would release a bit more information on this (if there is any). Things like if it involved an internal security matter, what Sony are currently doing, if they have any idea on how much info was taken etc.

Fuck I hate changing my card details. Takes ages for my work to update them. grrr

 

[daffy]

The times I've had my wallet stolen or misplaced, I've "cancelled my credit cards". I've never actually closed an account or anything, I just cancel the existing cards in favour of being sent replacement ones. Maybe it's a regional expression or something. I understand the confusion.

I see. This is probably what the majority of posts in here mean, closing an account does seem drastic. Looks like I've learned something today

 

[Ferrio]

BRB buying Xbox.

 

[baekshi]

are our save files on cloud safe?

 

[herod]

I don't understand the "I'm done with you" statements here. If you don't trust Sony anymore, don't buy stuff from the PSN with your credit card.

Online play is still free.

DLC isn't so why tie yourself into an untrusted platform?

My PS3 just became a Blu-ray player.

 

[CadetMahoney]

Wonder if they are gonna use this as a "joke" on their E3 press conference.

I wouldn't put it past them.

 

[darkwing]

The PSN logs of the hacker are now on the net. A US senator sent a letter to Tretton asking why weren't consumers emailed once the issue was found.

PSN logs of the hacker?

 

[Ploid 3.0]

Working for me.

lol cool, this stuff got me all paranoid. Maybe it's just chrome acting up.

 

[RSTEIN]

lol, go to CNBC.com.

 

[robotzombie]

So, anyone wanna help refresh my memory as to where it would be important to change my passwords?

So far I got:
My online banking
gmail
hotmail
steam
amazon
gamestop
barnes & noble
playasia
gamefaqs
neogaf

Am I stupidly missing anything in general? I totally didn't think of online store accounts at first (amazon, GS), so I want to make sure I dont miss anything else

 

[Gattsu25]

The PSN logs of the hacker are now on the net. A US senator sent a letter to Tretton asking why weren't consumers emailed once the issue was found.

Is this verified?

 

[Leon S. Kennedy]

So how likely is it that Best Buy will let me return an opened copy of Portal 2 PS3?

I bought it in order to redeem the free Steam copy, but seriously fuck this.
I've waited a week. I want my money back.

No need to return it. The single player game is great. The 2 player local is a million times better than 2 player over the internet.

 

[Baha]

Alright, I've cancelled my debit account, and changed my email password (which is the same as my PSN password).

For the likes of Amazon, Paypal, eBay, I use completely different passwords.

There is no need for me to change OTHER passwords, right? All other websites in my LassPass vault are essentially... RANDOM. Like various forums and shops, where credit card details MUST be entered to purchase items.

Changing your email password should be enough if you see no suspicious login activity (you can check with gmail by clicking the details link at the bottom of the page next to last activity). Aside from any credit or debit fraud, if your email is still secure then your other accounts should be fine.

 

[Griffin]

Biggest data breach of all time?

Nope, but still pretty big.

http://wikibon.org/blog/the-11-largest-data-breaches-in-recent-history/

 

[Four_Chamber]

lol, go to CNBC.com.

Yowza, that's a... provocative headline.

This ain't pretty folks

 

[kvn]

Just came home to read the blog post. Wow. Just fucking wow. Sony what the hell is your problem with security?

 

[Dr. Malik]

BRB buying Xbox.

might as well build a PC instead.

 

[darkwing]

So, anyone wanna help refresh my memory as to where it would be important to change my passwords?

So far I got:
My online banking
gmail
hotmail
steam
amazon
gamestop
barnes & noble
playasia
gamefaqs
neogaf

Am I stupidly missing anything in general? I totally didn't think of online store accounts at first (amazon, GS), so I want to make sure I dont miss anything else

you have the same password with the PSN one for all sites?

 

[baekshi]

So, anyone wanna help refresh my memory as to where it would be important to change my passwords?

So far I got:
My online banking
gmail
hotmail
steam
amazon
gamestop
barnes & noble
playasia
gamefaqs
neogaf

Am I stupidly missing anything in general? I totally didn't think of online store accounts at first (amazon, GS), so I want to make sure I dont miss anything else

playstation.com

 

[Freedom = $1.05]

Just came home to read the blog post. Wow. Just fucking wow. Sony what the hell is your problem with security?

You know, it was all great until it wasn't.

 

[iamvin22]

From Senator Richard Blumenthal.


Dear Mr. Tretton:

I am writing regarding a recent data breach of Sony’s PlayStation Network service. I am troubled by the failure of Sony to immediately notify affected customers of the breach and to extend adequate financial data security protections.

It has been reported that on April 20, 2011, Sony’s PlayStation Network suffered an “external intrusion” and was subsequently disabled. News reports estimate that 50 million to 75 million consumers – many of them children – access the PlayStation Network for video and entertainment. I understand that the PlayStation Network allows users to store credit card information online to facilitate the purchasing of content such as games and movies through the PlayStation Network. A breach of such a widely used service immediately raises concerns of data privacy, identity theft, and other misuse of sensitive personal and financial data, such as names, email addresses, and credit and debit card information.

When a data breach occurs, it is essential that customers be immediately notified about whether and to what extent their personal and financial information has been compromised. Additionally, PlayStation Network users should be provided with financial data security services, including free access to credit reporting services, for two years, the costs of which should be borne by Sony. Affected individuals should also be provided with sufficient insurance to protect them from the possible financial consequences of identity theft.

I am concerned that PlayStation Network users’ personal and financial information may have been inappropriately accessed by a third party. Compounding this concern is the troubling lack of notification from Sony about the nature of the data breach. Although the breach occurred nearly a week ago, Sony has not notified customers of the intrusion, or provided information that is vital to allowing individuals to protect themselves from identity theft, such as informing users whether their personal or financial information may have been compromised. Nor has Sony specified how it intends to protect these consumers.

PlayStation Network users deserve more complete information on the data breach, as well as the assurance that their personal and financial information will be securely maintained. I appreciate your prompt response on this important issue.

Sincerely,

/s/

Richard Blumenthal
United States Senate


http://www.examiner.com/console-gaming-in-national/u-s-senator-demanding-answers-from-sony-on-psn-breach

 

[DMeisterJ]

Its really interesting. Even with this level of ineptitude from Sony, some people will nonchalantly shrug it off as no big deal, and continue to do business with them. Sure, the sky isn't falling. It's not the end of the world. But to completely not give a shit is odd. Why willingly do business with a company that is this fucking incompetent?

Until we know how the PSN was hacked, how can we say that Sony is incompetent? This could have been a time intensive (no pun intended) process for the hackers. We don't know if it was because of slipshod programming or not to call incompetence.

 

[Wario64]

Also to the people saying the Sony has done nothing to notify its customers, there has been a new post on the blog every day since April 20th.

Making a post saying there is no information about the situation doesn't really count. That's bullshit.

 

[graywolf323]

Its really interesting. Even with this level of ineptitude from Sony, some people will nonchalantly shrug it off as no big deal, and continue to do business with them. Sure, the sky isn't falling. It's not the end of the world. But to completely not give a shit is odd. Why willingly do business with a company that is this fucking incompetent?

why do you keep posting the essentially the same thing over and over again?

 

[Antagon]

I can't imagine that Sony is so incompetent that the hackers actually got your passwords. MD5 hashing with a random salt per user is the minimum of security that I'd expect.

 

[alr1ght]

The PSN logs of the hacker are now on the net. A US senator sent a letter to Tretton asking why weren't consumers emailed once the issue was found.

what? confirmed?

 

[Aquavelvaman]

So, anyone wanna help refresh my memory as to where it would be important to change my passwords?

So far I got:
My online banking
gmail
hotmail
steam
amazon
gamestop
barnes & noble
playasia
gamefaqs
neogaf

Am I stupidly missing anything in general? I totally didn't think of online store accounts at first (amazon, GS), so I want to make sure I dont miss anything else

Paypal password maybe

 

[Ferrio]

Until we know how the PSN was hacked, how can we say that Sony is incompetent? This could have been a time intensive (no pun intended) process for the hackers. We don't know if it was because of slipshod programming or not to call incompetence.

They're rebuilding PSN, doesn't sound like some small hole that went unnoticed.

 

[Griffin]

We are sending out e-mails directly to these users to their e-mail address registered on the PS Network accounts. Also, we have posted web notices, and additional necessary procedures have been followed by each region.

 

[MechaX]

Sony says no cases have been reported yet.

Few people on here saying some has, but nothing has been confirmed

With a 75 million person list, it's not like there's suddenly going to be fraudulent activity for every PSN user just because this news broke out, nor will it be suddenly.

Plus, Sony will never come right out and say "we are 100% certain they are using your numbers" unless the anecdotal evidence gets really out of control (we're talking like 5%-10% of the total PSN population at least). The main issue is that there's a high chance that they have it, official confirmation or not. "High chance" was enough to make medical services shell out money for Free Credit Protection for a year when hackers got ahold of their records. If it reaches to that point, that will be the worst thing hands down for this debacle in Sony's world.

 

[lifa-cobex]

Wonder how Fox news will report on this.....

Spoiler

Wish i didn't think of that