Gophermods PS3 YLOD Repair

Please consider registering
guest

Log In Register

CAPTCHA Image


Register | Lost password?
Advanced Search:

— Forum Scope —



— Match —



— Forum Options —




Wildcard usage:
*  matches any number of characters    %  matches exactly one character

Minimum search word length is 3 characters - maximum search word length is 84 characters

Getting onto Netflix with PSN being down
05.13.2011
2:40 pm
Admin
Forum Posts: 536
Member Since:
06.22.2009
Offline

well, someone is basing their information on incorrect sources :P. It has already been proven, for instance, that their servers were up to date. That was proven like a week and a half ago. Sony never said anything about them being out of date. That was based on rumor and speculation by people not even involved with Sony.

 

As for the rest of your reply, that, too, was all based off of rumors.

 

1. Sony sent everyone emails pertaining to the outage and the possible problems it could cause. If you used a fake email for sign-up, that's your problem

2. Could Sony have responded earlier? Yeah, by like a day at the most, but Sony didn't know what, exactly, could have been compromised. It even took three third party security firms about 6 days or so to find that out as well. As for security measures, they did have credit card info encrypted, and the passwords weren't in plaintext, like many speculators claimed. The only information that was in plaintext was name and address, etc, most of which you can get from various other sources more easily.

3. No one has suffered any financial loss as of yet, and it's still a possibility they won't. None of the banks or financial institutions have reported any kind of fraudulent activity due to the compromisation of data (which, by the way, does not mean the same thing as stolen). Plus, with the ID Theft protection services, Sony does, legally, have to provide for anyone who was affected anyway, but as of right now, no one has been affected in a way that their IDs and/or credit card numbers have been used in a fraudulent manner, so if nothing happens to them, then the lawsuits will eventually be dropped.

4. Despite the service not being available to us as of yet, I'm pretty sure Sony will make sure that the service will retro back to around the 17th. If not, Sony would, then, have to cover for data/ID theft, if it were to happen, in which it hasn't yet.

5. Sony didn't show up in person because of the investigation, but they did respond to Congress' inquiry in the form of like a 6 page letter, which detailed their investigation and their plans for compensation. They didn't just say "We're too busy" and blatantly ignored the request.

6. Obviously, Sony shut down the servers because of weird activity server side that suggested something fishy was going on. Granted, it probably wasn't the best security, but the fact of the matter is, they did respond. Beyond that, they had no idea what, exactly, could have happened, hence why they hired in a few security firms to help with the investigation. The fact still remains, though, that there is no evidence any information was stolen at all, but that it was only compromised.

JimmyMagnum Trophy Card
05.13.2011
6:13 pm
Bear,DE
Guru
Forum Posts: 361
Member Since:
10.04.2006
Offline

Smeegles said:

Eddie said:
I'd like to clear up some possible incorrect assumptions if you don't mind.
1. Sony announced the intrusion the day after they took services down. The stolen data was announced the day after Sony got confirmation of it from the 3rd party security experts. This has been addressed in Sony's letter to Congress. In fact they STILL do not know 100% of what was taken. The senator that originally stated he was upset with Sony has changed his position and now commends them for a job well done after he got all of the facts.
2. Its VERY unlikely any lawsuit will affect Sony over this. There have been two filed but they will likely be dropped since there is no proof that Sony used subpar security. It is not illegal to get hacked. They are however on the line for billions of dollars of losses just getting this corrected.
Its still ok to be pissed. Just be pissed for the right reasons and not a fallacy.
Thanks for the Netflix suggestion, we actually posted an article on this last week. It doesn't work for all versions though, but def works for me.

 

In fact Sony admitted that the version of Apache was not the latest version and in fact had not been patched bringing it up to par. Secondly most of the users of PSN have not been notified to date by Sony, they have found out by third party and ruhmor mills.

 No it is not illegal to get hacked, it is illegal to fail to notify the possible effected users in a timely manner.

It is also illegal to not user proper security measures to protect and encrypt such info as to make it useless to hackers.

As for the lawsuits, it is very likely that they will not be dropped, in fact they are needed to ensure proper compensation to those that have suffered physical financial loss, that have been and will be encoured. This is needed since the info stolen is in the process of being sold, and publicly posted to those whom would use them for monitary gain, or to maliciously damage individuals identity such as credit ratings. 

The only thing Sony has publicly done is appologize and to make an offer of ID Protection which to date, has yet to happen, each day bringing the danger of loss closer and closer.

As to the first public inquiry Sony failed to attend, stating they were too busy investigating.

If the proper network monitoring had been in place the breach would have been seen in action and stopped.

I am a network engineer and have been employed by the DOD and fortune 500 companies. I have first hand knowledge of detecting and stopping entrusions, it would take an idiot to not see multiple Gigabytes of data being moved off the netwok. 

As Jay pointed out. The version of Apache server is not known. All we know is that Sony states they were up to date as expressed in their letter to Congress. Since the FBI and ICO is in the server, it wouldn't do Sony any good to lie about it.

Actually it is not illegal to take your time notifying customers of a "possible breach". In North America, you do not have to notify anyone until you are positive data was stolen AND you only have to notify the people who were affected. It does not have to be publically announced.

It is illegal to have unencrypted credit card data, however Sony's CC table was encrypted by SSL as any other business is. Your password data was even hashed.

As of now, no credit company's are reporting any financial loss to this entire debacle. right now there is no evidence of any malicious use of personal data.

It is however improbable to identify gigabytes of data being moved from a server when you're in the process of warding off DDOS attacks when the data was in fact stolen.

As far as the public hearing Sony didn't attend…the same people there that were being strong handed with Sony are now commending them for a job well done.

05.14.2011
11:18 am
Member
Forum Posts: 8
Member Since:
05.11.2011
Offline

Well my CC info was just used in England you ignorant jerks who try to defend Sony how you gonna feel when your CC is used and your credit smashed JERK….

05.14.2011
11:26 am
Admin
Forum Posts: 536
Member Since:
06.22.2009
Offline

pics or it didn't happen

JimmyMagnum Trophy Card
Forum Timezone: America/New_York

Most Users Ever Online: 349

Currently Online:
5 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

EdEN: 816

oly: 608

wolfkin: 382

Member Stats:

Guest Posters: 195

Members: 15877

Moderators: 0

Admins: 3

Forum Stats:

Groups: 5

Forums: 23

Topics: 998

Posts: 8859

Newest Members: Madhatter

Administrators: Tosh (979), Jay (536), Tosh (56)