-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
PSN Hack Update: FAQs in OP, Read before posting
- Thread starter Killthee
- Start date
- Status
-PXG- said:
Publishers will use this to try and leverage better contracts, no doubt. But they will continue to do business with Sony, full stop. The RNG number debacle this year was probably a bigger concern to them, since it directly affects their IP. This doesn't; the real harm for publishers here is that the store has been down for so long.
And for them being 'fucking incompetent', they're not, not any more than any other corporation is (so, okay, they're pretty fucking incompetent). Is this a big deal? Yep. Will it blow over way before it should? Oh, definitely.
IchigoSharingan
Member
borghe said:
rebug revealed all the client side vulnerabilities of the psn system.
Because so much was put on client side (PS3), they were able to make headway in hacking. That is obvious by now, that it was massive flaw #1. Massive flaw #2 was incompetent server side security. Like I said, this is stuff that's been known to create problems since 2003. And it explains why they are overhauling the network. It will most likely be heavily server sided from now on, the way it should have been since day 1.
CFW should have only played a tiny role in this server side debacle. May this be the end of Sony's security through obscurity.
I don't understand the drama about the the CC.
In most cases, you can call your bank and simply put a lock in your credit card and call them back to unlock the credit line when you are about to use it.
in THIS particular situation, I'd lock the card and wait at least 2 weeks before using it again.
In most cases, you can call your bank and simply put a lock in your credit card and call them back to unlock the credit line when you are about to use it.
in THIS particular situation, I'd lock the card and wait at least 2 weeks before using it again.
TheJollyCorner
Member
I'M NOT GONNA TAKE THIS ANYMORE!!!!!!!!
...who am I kidding? JOURNEY was one of my most anticipated games of the year. I'm still getting it
.
I just hope us consumers get through this without too many casualties beyond simply not having online access for two + weeks. It happened. It's been a week. I just hope these were some of those... umm... 'noble' hackers (not condoning!) that just wanted to teach Sony a very big lesson and not fuck over all of us smaller folk.
Then again... if it's one of these basement dwelling 'fuck the system and everyone involved in it' douchbags that just "doing it for the lulz" we could be in some deep shit.
Damn...
...who am I kidding? JOURNEY was one of my most anticipated games of the year. I'm still getting it
just with a Sony Pre-Paid card!
I just hope us consumers get through this without too many casualties beyond simply not having online access for two + weeks. It happened. It's been a week. I just hope these were some of those... umm... 'noble' hackers (not condoning!) that just wanted to teach Sony a very big lesson and not fuck over all of us smaller folk.
Then again... if it's one of these basement dwelling 'fuck the system and everyone involved in it' douchbags that just "doing it for the lulz" we could be in some deep shit.
Damn...
IchigoSharingan said:
Exactly, they put all their eggs in one basket thinking the PS3 was bulletproof. It wasn't. Soon as they found out it wasn't they should of rebuilt the network then and there. Instead they went all anti-hacker crazy and chasing after these people. They're priorities were wrong, they're getting burned for it now.
Vestal
Junior Member
SRG01 said:
SSL should just be 1 small layer in a larger Picture of security. Not to mention that if they felt that SSL was compromised due to CFW then they could change how SSL was implemented on both server and client side.
You can't depend on SSL being your only defense.. Firewall, connection monitoring, and regular Security changes are the norm in the Corporate world to keep them guessing.
Four_Chamber
Member
http://www.bbc.co.uk/news/technology-13192359 (BBC)
http://www.npr.org/blogs/thetwo-way...-data-might-have-been-compromised?ft=1&f=1006 (NPR)
http://ingame.msnbc.msn.com/_news/2...-credit-cards-as-playstation-outage-continues (MSNBC)
http://www.nytimes.com/2011/04/27/technology/27playstation.html?src=me&ref=technology (NY Times)
http://news.cnet.com/8301-31021_3-20057577-260.html?part=rss&tag=feed&subj=CircuitBreaker (CNET)
http://www.cnbc.com/id/42769019 (CNBC)
Etc., etc.- this is the first piece of gaming news in a while that has captivated the mainstream media to this extent.
http://www.npr.org/blogs/thetwo-way...-data-might-have-been-compromised?ft=1&f=1006 (NPR)
http://ingame.msnbc.msn.com/_news/2...-credit-cards-as-playstation-outage-continues (MSNBC)
http://www.nytimes.com/2011/04/27/technology/27playstation.html?src=me&ref=technology (NY Times)
http://news.cnet.com/8301-31021_3-20057577-260.html?part=rss&tag=feed&subj=CircuitBreaker (CNET)
http://www.cnbc.com/id/42769019 (CNBC)
Etc., etc.- this is the first piece of gaming news in a while that has captivated the mainstream media to this extent.
herod said:
Because it has content you want?
I'm not sure I get the 'who would do business with Sony' thing... if they have stuff you want, why would you forgo that? There are safe ways to buy things on PSN, i.e. prepaid cards.
It is a big fucking deal, I am annoyed, I'm probably going to be changing my CC, I've been changing passwords on some accounts etc. But as long as Sony has content I want I will "do business with them". It won't change my consumption behaviour, to do that would just be to punish myself really. It'll change HOW I purchase that content - I just won't tie a CC to my Sony/PSN account in the future.
KennyLinder
Member
All of this because Sony took out Other-OS?
What a shit show this has turned out to be. There's enough info out in the wild about every user for scumbags to go on a social engineering binge. Thank Christ SSN's weren't part of the mix - then we'd be well and truly fucked.
Now can someone please refresh my memory about PSN and credit card info, as I've only bought two or three items on there over the course of the last few years. I seem to recall adding funds to a "wallet", and then using the wallet to buy the items I wanted. I dunno if that's different from having the CC number permanently on file, but I can't recall if that wallet fund transfer was done via the Playstation or via PC online. Or if that even makes a difference.
In short, are my CC details exposed either way?
Now can someone please refresh my memory about PSN and credit card info, as I've only bought two or three items on there over the course of the last few years. I seem to recall adding funds to a "wallet", and then using the wallet to buy the items I wanted. I dunno if that's different from having the CC number permanently on file, but I can't recall if that wallet fund transfer was done via the Playstation or via PC online. Or if that even makes a difference.
In short, are my CC details exposed either way?
test_account
XP-39C²
I wonder what good it would do to hold back the information if they knew for sure very early on. Seeing what happened, surely they knew they would have to mention this publically some time, so what good reason could it be to wait?Hawk269 said:
60_gig_PS3
Banned
why do they even store your credit card info in the first place?
i dont even know which CC I have on file and PSN is down. great F U Sony.
i dont even know which CC I have on file and PSN is down. great F U Sony.
People seem to be making the assumption that the passwords were stored in plain text (or easily decryptable form) based on the wording of the announcement. But while certainly Sony hasn't proven themselves to be masters of security, I find it a little difficult to believe that a breach hasn't occurred sooner (and likely from the inside) if they truly were plain text. It seems rather more likely that it was the PR side lacking enough technical prowess to differentiate between passwords and password hashes when drafting the announcement. That being in the hands of the intruders still wouldn't be good, obviously, but not nearly as catastrophic as if they really were plain text.
Dr. Zoidberg
Member
EternalGamer said:
You can? Where?
Mama Robotnik
Member
Jax said:
It seems that all of their decisions were based on the assumption that the client-side security was indestuctable. In this day and age, to build a system that houses so much personal data on such a flawed assumption, is at best lazy and at worst deranged.
They could have foreseen such a scenario by simply looking around and seeing how easily other personal data exploits have occured. They did not do this, and combined with their incompetent delay in informing their customers, rightly deserve to be vilified.
Guardian Bob
Member
People are quick to slam Sony, but they are doing something about it. Give them some credit.
pantyhelmet
Banned
this was genius, even though i have my credit card on there..not gonna change it..i was never the target ..the damage has been done, this was never to "steal credit card info" this was to try to bring down a company a particular community has a beef with, not a single person will come forward saying their info has been used.
This attack will show that Hackers are the most dangerous people to big business right now. and for that they will be treated with extreme predjudice from here on. It started with sony going after Geohat(sp..?), its only going to get worse for them from here..
This attack will show that Hackers are the most dangerous people to big business right now. and for that they will be treated with extreme predjudice from here on. It started with sony going after Geohat(sp..?), its only going to get worse for them from here..
brucewaynegretzky
Member
Four_Chamber said:
3DS? Kinect? (I'll agree with non-hardware related news)
TheBaldEmperor
Member
lifa-cobex said:
Surely Obama will be at fault.
- Status