The PSN Fiasco

It’s now the US government’s turn to question Sony about its online security, which follows the UK government’s scrutiny into the company’s affairs.

In a letter addressed to PlayStation executive deputy Kaz Hirai, the Subcommittee on Commerce, Manufacturing, and Trade has prepared a list of questions related to the intrusion; the list can be downloaded from the New York Times here. The letter asks several questions that Sony has not disclosed to the public, such as:

  • How many PSN users had a credit card on file
  • Why Sony cannot determine if credit card was stolen.
  • What are Sony’s plans towards increasing its security in the future.

The Subcommittee’s press release states:

“Given the amount and nature of personal information known to have been taken, the potential harm that could be caused if credit card information was also taken would be quite significant. The Subcommittee on Manufacturing, and Trade has a longstanding interest in consumer privacy, identity theft, and industry efforts to address threats posed by unauthorized access to consumers’ personal information resulting from a data breach.”

The Subcommittee is requiring a reply by no later than May 6, as part of a privacy driven effort “to protect consumer information.”

Meanwhile, Kaz Hirai will be holding a press conference tomorrow from Sony Japan, to address the PlayStation Network hacking crisis.

The conference will be held at 2PM Japan time, which means a lovely 12 midnight time for those in New York and 5AM the next day for those in London.

It is expected that Hirai will announce a new PlayStation Network security system, and when PSN will be live for users to enjoy. He also may announce what sort of compensation Sony will offer.

As for PSN itself, the service is still down, but Sony has already stated that the service would return sometime around May 3. For the last two weeks, PlayStation Network has been down, and worse, personal data was exposed, including millions of debit card data. In fact, some underground sites have begun sellingwhat they claim are 2.2M credit card info, though the claims could be fraudulent or worse, propagating computer worms or viruses.

Regardless, Sony has let users know in a recent FAQ that they’ll compensate their users somehow for the trouble.

The PlayStation EU Blog promises:

“We are currently evaluating ways to show appreciation for your extraordinary patience as we work to get these services back online.”

It’ll be interesting to see what kind Sony comes up with. As a baseline, Microsoft and Electronic Arts have offered free games for outages.

iPhone and PlayStation 3 jailbreaker George “Geohot” Hotz has weighed in on the current PlayStation Network outage stemming from PSN identity theft from unknown hackers in his blog.

He immediately denied having anything to do with the scam, with the reasoning that he’s not stupid, though he doesn’t refrain from taking a potshot at Sony executives:

“To anyone who thinks I was involved in any way with this, I’m not crazy, and would prefer to not have the FBI knocking on my door. “Running homebrew and exploring security on your devices is cool, hacking into someone elses server and stealing databases of user info is not cool. You make the hacking community look bad, even if it is aimed at douches like Sony.”

He continued:

“Also, let’s not fault the Sony engineers for this, the same way I do not fault the engineers who designed the BMG rootkit. The fault lies with the executives who declared a war on hackers, laughed at the idea of people penetrating the fortress that once was Sony, whined incessantly about piracy, and kept hiring more lawyers when they really needed to hire good security experts. Alienating the hacker community is not a good idea.”

Hotz concluded with some words to those behind the scam, again slamming Sony in the process:

“To the perpetrator, two things. You are clearly talented and will have plenty of money(or a jail sentence and bankruptcy) coming to you in the future. Don’t be a dick and sell people’s information. And I’d love to see a write up on how it all went down…lord knows we’ll never get that from Sony, noobs probably had the password set to ’4? or something. I mean, at least it was randomly generated.”

His full blog entry can be found here.

0 thoughts on “The PSN Fiasco”

  1. Happened for quite a while, Oliver. The main thing people were upset about was the fact that Sony delayed to announce it’s customers about the issue. Basically, Sony knew for (almost a week? please correct me if I’m wrong) that the network got compromised, but didn’t announce it’s customers.
    Not cool.

    I like Geohot’s take on the issue.

    My take to the three questions:
    – more than 70% of the customers
    – they don’t know how much of their network was compromised, more likely because the hackers cleaned up a good deal of their tracks
    – hard to say. For each lock you put in place, you also need a safe place to put the key in.

  2. Happened for quite a while, Oliver. The main thing people were upset about was the fact that Sony delayed to announce it’s customers about the issue. Basically, Sony knew for (almost a week? please correct me if I’m wrong) that the network got compromised, but didn’t announce it’s customers.
    Not cool.

    I like Geohot’s take on the issue.

    My take to the three questions:
    – more than 70% of the customers
    – they don’t know how much of their network was compromised, more likely because the hackers cleaned up a good deal of their tracks
    – hard to say. For each lock you put in place, you also need a safe place to put the key in.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Analyst Draws Connection To Netflix Growth and 360 GoldAnalyst Draws Connection To Netflix Growth and 360 Gold

netflixThe famous Michael Pachter, industry analyst has been drawing some strong connections between Xbox 360 gamers and the Netflix subscriber base since 360 launched their Netflix addition. Our family has seen the same thing, we signed up for Netflix a few days after it arrived on the Xbox 360 firmware launch.

Oddly enough, we’ve not used the Netflix addition to the Xbox 360 much after subscribing for Netflix. We’ve utilized the DVD shipment feature and we’re using the Tivo version of Netflix for the living room. Although we’ve found the Xbox 360 Netflix version is much more user friendly and fast.

“Pachter estimates that roughly one million Xbox Live Gold members are also Netflix subscribers, and that 200,000 or so of them signed up for Netflix after the debut of the New Xbox Experience in late November, 2008.” (joystiq)

Prachter believes 35% of all new Xbox 360 purchasers will sign up for an Xbox Live Gold account. He expects “as many as 1 million [XBL Gold members] join as Netflix members in the next year.” We’re fairly certain the Netflix and Microsoft Xbox 360 partnership was a well thought out plan to expand their domination in the industry.

Of course, as we’ve seen, Netflix didn’t just stop at Xbox 360, their Tivo solution is another great way to leverage your downloadable video content. Now, we just have to hope we don’t blow through the 250GB cap Comcast supposedly contains.

Episode 236: Now With PandasEpisode 236: Now With Pandas

This week, Paul is not around, as Jonah Falcon and Jordan Lund discuss the latest news, which includes pandas. Lots and lots of pandas. That, and a Gaming History profile on David Crane.

The news this week includes:

  • World of Warcraft: Mists of Pandaria announced
  • Sony: April PSN outage has resulted in improved service
  • Deep Silver: “There is a clear technology gap
  • Starcraft II DOTA mod will remain free but monetized
  • “Literally, there’s three of us” on console Diablo III
  • Minecraft dev wins interim injunction over Scrolls name

With that is Reader Mail and the Queston of the Week: What was your favorite Atari 2600 game?

Fanboy Turf Wars and Metacritic’s The TurfFanboy Turf Wars and Metacritic’s The Turf

Gamers are passionate about gaming, love their games, follow the industry all while living and breathing all things game. This is the green pastures upon which fanboys are born. As we’ve seen at gamingpodcast.net, where we were hit hard by fanboy rage a few days ago the blood boils with hate and rage.

Although our site only received 30+ comments, other sites whom picked up the article have 100+ comments on the article about Blu-ray and my opinions of it. PS3 fanboys ran wild telling me how my name has been “dragged through the mud” followed (and preceded) by many curse words and name calling, many of which I simply refused to post because of the vulgar content.

They have moved on to larger more popular platforms to voice their opinion, by dinging Gears of War 2 prior to the games release on metacritic.com dolling out a 3.5 user submitted review (which has since gone up upon the release). Why did they target GoW2? Because the 360 fanboys nailed LittleBigPlanet with crappy reviews, says smashpad.com.

The response was to hit Resistance 2 for another bad user review score all while forcing metacritic to change their user review process to only allow users to post reviews after a game has hit store shelves. Metacritic isn’t to blame here, although it is sensible to only allow reviews prior to a games release, the fanboys have found a way to hold their turf wars.

Who’s next? Amazon.com allows reviews as well and, as we saw from Spore, it can get pretty dirty there too. Now that Metacritic is altering their review process will gamers wait until they’re allowed to spam with bad reviews to do so, or will they hunt for new social networking proving grounds to give games a bad name?

Perhaps they’ll compete for google keywords to rank #1 for a fraud review of a title to beat out other sites or they’ll find another popular user-generated review site to scar the name of a to-be released title.

There is a gang war on the Net and it involves fanboys finding social media outlets to spread their hate and deception on the opposing consoles. For us, we’ll stick with gaming and leave the rage to someone else.