Please consider registering
guest

Log In Register

CAPTCHA Image


Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

Getting onto Netflix with PSN being down
05.11.2011
1:46 pm
Member
Forum Posts: 8
Member Since:
05.11.2011
Offline

First off Sony's reaction time to the data breach is slower than than a frozen turkey.

I understand self interest of a multi billion dollar company.

They full know they have by lack of action and slow to react, they are on the hook for likely billions of dollars in losses from lawsuits.  confused

To the matter of the post, sorry for the fume, as you can guess I am pissed off.

Go to the netflix symbol like normal, it will give you the network sign in after a few seconds, hit okay and then it will come back with login in again, when you see the O to go back do it, keep doing it and after 3 to 5 tries you will be on Netflix...cool

05.11.2011
4:00 pm
Bear,DE
Guru
Forum Posts: 361
Member Since:
10.04.2006
Offline

I'd like to clear up some possible incorrect assumptions if you don't mind.

1. Sony announced the intrusion the day after they took services down. The stolen data was announced the day after Sony got confirmation of it from the 3rd party security experts. This has been addressed in Sony's letter to Congress. In fact they STILL do not know 100% of what was taken. The senator that originally stated he was upset with Sony has changed his position and now commends them for a job well done after he got all of the facts.

2. Its VERY unlikely any lawsuit will affect Sony over this. There have been two filed but they will likely be dropped since there is no proof that Sony used subpar security. It is not illegal to get hacked. They are however on the line for billions of dollars of losses just getting this corrected.

Its still ok to be pissed. Just be pissed for the right reasons and not a fallacy.

Thanks for the Netflix suggestion, we actually posted an article on this last week. It doesn't work for all versions though, but def works for me.

05.11.2011
6:14 pm
Admin
Forum Posts: 536
Member Since:
06.22.2009
Offline

technically, all versions, it should work, but if Netflix tries to ask you for your Netflix information to log in, THEN you run into the problem apparently. Other than that, it works. I always go into Netlfix and cross my fingers hoping I don't get that prompt to come up.

 

I've also heard that if you still have the disc-based version, that will work, too, but I no longer have those, so I can't confirm.

JimmyMagnum Trophy Card
05.13.2011
2:11 pm
Member
Forum Posts: 8
Member Since:
05.11.2011
Offline
Eddie said:
I'd like to clear up some possible incorrect assumptions if you don't mind.
1. Sony announced the intrusion the day after they took services down. The stolen data was announced the day after Sony got confirmation of it from the 3rd party security experts. This has been addressed in Sony's letter to Congress. In fact they STILL do not know 100% of what was taken. The senator that originally stated he was upset with Sony has changed his position and now commends them for a job well done after he got all of the facts.
2. Its VERY unlikely any lawsuit will affect Sony over this. There have been two filed but they will likely be dropped since there is no proof that Sony used subpar security. It is not illegal to get hacked. They are however on the line for billions of dollars of losses just getting this corrected.
Its still ok to be pissed. Just be pissed for the right reasons and not a fallacy.
Thanks for the Netflix suggestion, we actually posted an article on this last week. It doesn't work for all versions though, but def works for me.

 

In fact Sony admitted that the version of Apache was not the latest version and in fact had not been patched bringing it up to par. Secondly most of the users of PSN have not been notified to date by Sony, they have found out by third party and ruhmor mills.

 No it is not illegal to get hacked, it is illegal to fail to notify the possible effected users in a timely manner.

It is also illegal to not user proper security measures to protect and encrypt such info as to make it useless to hackers.

As for the lawsuits, it is very likely that they will not be dropped, in fact they are needed to ensure proper compensation to those that have suffered physical financial loss, that have been and will be encoured. This is needed since the info stolen is in the process of being sold, and publicly posted to those whom would use them for monitary gain, or to maliciously damage individuals identity such as credit ratings. 

The only thing Sony has publicly done is appologize and to make an offer of ID Protection which to date, has yet to happen, each day bringing the danger of loss closer and closer.

As to the first public inquiry Sony failed to attend, stating they were too busy investigating.

If the proper network monitoring had been in place the breach would have been seen in action and stopped.

I am a network engineer and have been employed by the DOD and fortune 500 companies. I have first hand knowledge of detecting and stopping entrusions, it would take an idiot to not see multiple Gigabytes of data being moved off the netwok. 

05.13.2011
2:40 pm
Admin
Forum Posts: 536
Member Since:
06.22.2009
Offline

well, someone is basing their information on incorrect sources :P. It has already been proven, for instance, that their servers were up to date. That was proven like a week and a half ago. Sony never said anything about them being out of date. That was based on rumor and speculation by people not even involved with Sony.

 

As for the rest of your reply, that, too, was all based off of rumors.

 

1. Sony sent everyone emails pertaining to the outage and the possible problems it could cause. If you used a fake email for sign-up, that's your problem

2. Could Sony have responded earlier? Yeah, by like a day at the most, but Sony didn't know what, exactly, could have been compromised. It even took three third party security firms about 6 days or so to find that out as well. As for security measures, they did have credit card info encrypted, and the passwords weren't in plaintext, like many speculators claimed. The only information that was in plaintext was name and address, etc, most of which you can get from various other sources more easily.

3. No one has suffered any financial loss as of yet, and it's still a possibility they won't. None of the banks or financial institutions have reported any kind of fraudulent activity due to the compromisation of data (which, by the way, does not mean the same thing as stolen). Plus, with the ID Theft protection services, Sony does, legally, have to provide for anyone who was affected anyway, but as of right now, no one has been affected in a way that their IDs and/or credit card numbers have been used in a fraudulent manner, so if nothing happens to them, then the lawsuits will eventually be dropped.

4. Despite the service not being available to us as of yet, I'm pretty sure Sony will make sure that the service will retro back to around the 17th. If not, Sony would, then, have to cover for data/ID theft, if it were to happen, in which it hasn't yet.

5. Sony didn't show up in person because of the investigation, but they did respond to Congress' inquiry in the form of like a 6 page letter, which detailed their investigation and their plans for compensation. They didn't just say "We're too busy" and blatantly ignored the request.

6. Obviously, Sony shut down the servers because of weird activity server side that suggested something fishy was going on. Granted, it probably wasn't the best security, but the fact of the matter is, they did respond. Beyond that, they had no idea what, exactly, could have happened, hence why they hired in a few security firms to help with the investigation. The fact still remains, though, that there is no evidence any information was stolen at all, but that it was only compromised.

JimmyMagnum Trophy Card
05.13.2011
6:13 pm
Bear,DE
Guru
Forum Posts: 361
Member Since:
10.04.2006
Offline

Smeegles said:

Eddie said:
I'd like to clear up some possible incorrect assumptions if you don't mind.
1. Sony announced the intrusion the day after they took services down. The stolen data was announced the day after Sony got confirmation of it from the 3rd party security experts. This has been addressed in Sony's letter to Congress. In fact they STILL do not know 100% of what was taken. The senator that originally stated he was upset with Sony has changed his position and now commends them for a job well done after he got all of the facts.
2. Its VERY unlikely any lawsuit will affect Sony over this. There have been two filed but they will likely be dropped since there is no proof that Sony used subpar security. It is not illegal to get hacked. They are however on the line for billions of dollars of losses just getting this corrected.
Its still ok to be pissed. Just be pissed for the right reasons and not a fallacy.
Thanks for the Netflix suggestion, we actually posted an article on this last week. It doesn't work for all versions though, but def works for me.

 

In fact Sony admitted that the version of Apache was not the latest version and in fact had not been patched bringing it up to par. Secondly most of the users of PSN have not been notified to date by Sony, they have found out by third party and ruhmor mills.

 No it is not illegal to get hacked, it is illegal to fail to notify the possible effected users in a timely manner.

It is also illegal to not user proper security measures to protect and encrypt such info as to make it useless to hackers.

As for the lawsuits, it is very likely that they will not be dropped, in fact they are needed to ensure proper compensation to those that have suffered physical financial loss, that have been and will be encoured. This is needed since the info stolen is in the process of being sold, and publicly posted to those whom would use them for monitary gain, or to maliciously damage individuals identity such as credit ratings. 

The only thing Sony has publicly done is appologize and to make an offer of ID Protection which to date, has yet to happen, each day bringing the danger of loss closer and closer.

As to the first public inquiry Sony failed to attend, stating they were too busy investigating.

If the proper network monitoring had been in place the breach would have been seen in action and stopped.

I am a network engineer and have been employed by the DOD and fortune 500 companies. I have first hand knowledge of detecting and stopping entrusions, it would take an idiot to not see multiple Gigabytes of data being moved off the netwok. 

As Jay pointed out. The version of Apache server is not known. All we know is that Sony states they were up to date as expressed in their letter to Congress. Since the FBI and ICO is in the server, it wouldn't do Sony any good to lie about it.

Actually it is not illegal to take your time notifying customers of a "possible breach". In North America, you do not have to notify anyone until you are positive data was stolen AND you only have to notify the people who were affected. It does not have to be publically announced.

It is illegal to have unencrypted credit card data, however Sony's CC table was encrypted by SSL as any other business is. Your password data was even hashed.

As of now, no credit company's are reporting any financial loss to this entire debacle. right now there is no evidence of any malicious use of personal data.

It is however improbable to identify gigabytes of data being moved from a server when you're in the process of warding off DDOS attacks when the data was in fact stolen.

As far as the public hearing Sony didn't attend...the same people there that were being strong handed with Sony are now commending them for a job well done.

05.14.2011
11:18 am
Member
Forum Posts: 8
Member Since:
05.11.2011
Offline

Well my CC info was just used in England you ignorant jerks who try to defend Sony how you gonna feel when your CC is used and your credit smashed JERK....

05.14.2011
11:26 am
Admin
Forum Posts: 536
Member Since:
06.22.2009
Offline

pics or it didn't happen

JimmyMagnum Trophy Card
05.14.2011
11:32 am
Bear,DE
Guru
Forum Posts: 361
Member Since:
10.04.2006
Offline

Smeegles said:

Well my CC info was just used in England you ignorant jerks who try to defend Sony how you gonna feel when your CC is used and your credit smashed JERK….

The credit card company's have stated that the info has not been used whatsoever. No reports of it.

Besides, I very much doubt they can decrypt SSL…

besides...there is no defending going on here. Simply relaying facts.

05.14.2011
12:02 pm
Member
Forum Posts: 8
Member Since:
05.11.2011
Offline

SSL is a transport layer, Secure Socket Layer, not encryption on the server, one used by the server to prevent 3rd party interception of the data.

If Sony had used the appropriate measures this would not have happened period End of Story. 

The info on Apache and on encryption was leaked by a Sony employee and he was verified as an employee of Sony by the news company.

Monitoring a network is done by humans.

The main part is Ethics which is NON-EXISTANT here.

The source had no reason to lie. Sony on the other hand has every reason to lie.

Their apology done on Television was not even done in person, neither was representation during the investigation by congress. They were too busy investigating and too ashamed the have screwed up.

When this type of issue has happened by other major companies in the US they notified ALL their clients as soon as the breach was found out.

When you get notified of the
CC theft it won't come from Sony it will come as mine did this morning by a call from a fraud department of your CC company hope when it happens you will wake up and smell the roses.

AGAIN I HAVE YET TO BE TOLD ANY THING BY SONY EXCEPT AFTER I CONTACTED SONY VIA EMAIL, THEY REPLIED WITH THIS:  WE WILL BE DOING A MASS EMAIL IN WAVES WITH A AN INCEDENT NUMBER AND CODE TO USE WITH THE ID PROTECTION FIRM IN A FEW DAYS.

This was over a week ago a few days have come and gone nothing.

 

 

05.14.2011
5:05 pm
Bear,DE
Guru
Forum Posts: 361
Member Since:
10.04.2006
Offline
11

Smeegles said:

The info on Apache and on encryption was leaked by a Sony employee and he was verified as an employee of Sony by the news company.

;

Please link this info. Sony has made no statement. No info on the version of Apache is known other then google cache dating back before the hack which shows it to be 2.2.15 I believe which is the newest version to date.

05.15.2011
12:18 pm
Member
Forum Posts: 8
Member Since:
05.11.2011
Offline
12

Either you cannot read or just want to argue to be a Sony slut.

A current SONY empoyee who was verified as being an employee of Sony, leaked the information on the version of Apache, and the updates, and the security encryption of Usernames and CC info.

In the televised appology Sony stated they failed to take the appropriate measures to protect its user.

I have yet to get any report of my CC info being stolen by Sony, My credit card was used on 5/14/2011 in England twice for almost 400 dollars, and I have not used my CC on other web sites that leaves Sony.

Sony by storing CC info is required by law as to take the appropriate measures to protect this info, they did not END OF F'ING story....

When your account most likely your parents will be in the same boat as me.

Wake the hell up and smell the coffee!!!!!

05.15.2011
2:59 pm
Bear,DE
Guru
Forum Posts: 361
Member Since:
10.04.2006
Offline
13

Perhaps you and I watched a different video. Yes Sony did apoligize, however they retained that all of their servers were in fact up to date. They also stated that they were not aware of any issues with the current firmware.

Personal attacks wont' be tolerated boss. You can either have a friendly debate, or don't post. I'm a grown ass man fyi.

I suggest that if you are having credit card issues, then you send that info to the appropriate people and not spam it all over other boards. Coincidently nobody else is reporting similar issues minus a few "forum" members on various sites with no proof that it has anything to do with the Sony hack. I'll take the credit card company's word over a random forum member any day.

As far as your card goes...it was encrypted, the date was not kept on file and neither was the CVV or CSC so its unlikely to do with Sony's hack.

There were 900 credit cards on old SOE servers that were not encrypted however.

Now I suggest you play nice in here, or look for your answers elsewhere. We have been nothing but polite as not agreeing with you does not indicate we are jerks.

05.15.2011
4:16 pm
Member
Forum Posts: 8
Member Since:
05.11.2011
Offline
14

I unlike you, simply want people to be informed.

I started this topic due to an Internet search that did not yield help, I found the method of work around by myself. It was posted for the sole reason of assisting and informing others.

This BANTER was of your creation not mine. You took this off topic not me.

I am not looking for anything, as for you I never said you were not a "Grown Ass Man" I simply say by your own actions, you are in fact an ASS.

If you work for Sony it shows, if not, open your mind and get all the facts not just those that are in benefit of Sony, but those whom only care about the truth.  

I quote facts from reliable sources, not rumors nor, from an open attempt by Sony to protect themselves with good reason. 

If in fact you take the time to READ sources other than from Sony, or those linked to by Sony and Sony supporters, you would in fact see more than what they want you to see.

In Sony's television response, not in Person but by written release they did in fact apologize for lack of security. This was a carefully attorney orchestrated move to some how maintain face.

You only want to believe what you want, and do not care about any thing more, this is proven by your public stance. If  you had compassion for others you would in fact want to aid and assist others, not banter from a sole position of narrow minded defense, as if someone were attacking you.

You respond like a jerk, so you get referred to as a jerk, nothing more, nothing less.

You ignore those hurt and those that will be hurt, and facts about encryption, server and network security.

If someone asks me for my credentials including YOU, I will gladly provide them, including Microsoft, Cisco, Novell. I am Certified Network in all three.

 I understand my responsibility on a network, as such by your comments you appear to be void of this.

 Just because they say it is someone else's fault, does not make it true. 

As a person in charge of creating and maintaining a network,  and you fail to maintain and monitor your network, then like the problems with Sony it will be on the network engineers and administrators,  when hackers  takes advantage of those failures, both THEY and the hackers hold a legal liability.

While Black Hat hackers are criminals,  I do not and never will condone any of that sort of action. The security of a network and the servers on it, are the responsibility of those who create it and those whom are charged with maintaining and monitoring it. Failure to do so when personal information especially Credit Card info is at risk, is whether you wish to believe it or not, against the law and in the US, PUNISHABLE. It is in the Courts that the level of guilt and punishment will be determined, this is why the lawsuits will not be dropped.  

As far as info responsibility of a company to make Credit Card info secure the FTC, would be a good place to start reading.

Slash Dot would be a good place for the untrained as far as network security goes, and while there you will see why Apache is one of the better choices.

 

05.15.2011
4:41 pm
Admin
Forum Posts: 536
Member Since:
06.22.2009
Offline
15

Topic closed. What's done is done. No use arguing about it. Unless you have a time machine, then you can go back and fix it.

JimmyMagnum Trophy Card
Forum Timezone: America/New_York

Most Users Ever Online: 349

Currently Online:
8 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

oly: 608

wolfkin: 382

Eddie: 361

Member Stats:

Guest Posters: 197

Members: 15888

Moderators: 0

Admins: 5

Forum Stats:

Groups: 5

Forums: 23

Topics: 997

Posts: 8863

Newest Members: