Slashdot Mirror
Playstation To Restore Services This Week
iSimon19 writes with word that after last week's unscheduled service disruption and security breach, "On their blog last night, Playstation representatives announced they were restoring services throughout the week. This also included giving all users a month of Playstation Plus free, as well as select downloads for free with their 'Complimentary Offering and "Welcome Back" Appreciation Program.'"
Better would be some kind of detailed explanation of how the hell this could have happened in the first place, and what they have done to make sure it won't happen again...
Will be paid for by a random credit card number.
That costs them nothing. I want ID theft protection. They hinted at it, but were very vague.
Does anyone else have a hard time believing the majority of the comments on the blog post are real? They're all along the lines of, "Hallelujah, Sony is wonderful for getting the service back up!!!!!!!" Or are people so desperate to go back to playing CoD multiplayer that they're willing to take any sandpaper-wrapped anal raping that Sony will give them?
Has Sony actually confirmed that this has anything to do with hacked consoles at all, I've only heard that as a rumor that was convenient for Sony.
If I have been able to see further than others, it is because I bought a pair of binoculars.
I'm not going to go back to the PSN until Sony gives me a year of credit monitoring and the ability to sue them (not that I would, but thank you SCOTUS).
How the hell is this insightful? Unless of course you did the hack.
Until they catch whoever did it, it's really sloppy and premature to assume it was for OtherOS. It was probably for the money.
Non impediti ratione cogitationus.
If the dead horse stops wanting to be beaten then the dead horse should stop being relevant.
According to engadget the password data wa hashed.
Non impediti ratione cogitationus.
You can download some games for free, but you must remain a PSN+ member to keep playing those games. So in reality they're offering you a free month of a service they expect you to keep paying for. Would be much more impressed with a year of free PSN+
From the Blog Post: "The company is also creating the position of Chief Information Security Officer"
Translation: During this difficult time, we have discovered that we have no security on our network and no one to blame for this. We will now have someone to blame and publicly humiliate when (not if) this happens again.
Hand the plebs a few trinkets and beads and hope they forget quickly how we compromised their privacy and opened the huge can of worms for them.
Gee, Sony, a bit more innovation! Especially since this can is heaps bigger than the last one!
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
But... it didn't really happen to sony. It happened to their customers....
Can you be Even More Awesome?!
When is the US consumer ever going to learn that the credit card is one of the worst inventions ever! Of course it's Sony's fault but you are using a broken system. Make direct online banking the standard, not some insanely insecure card or some horrible third-party service like paypal. Here in The Netherlands we Have iDeal We need to get to such a system on a global scale. The tech is there and it's more secure, so what the hell are they waiting for.
The only card I used with PSN was one that is now expired and from a closed account.
This incident, however, ensures I use PSN points cards for any future PSN purchases.
Up, Up, Down, Down, Left, Right, Left, Right, B, A, START
So...um...to get the "free" Playstation Plus and "Complimentary Offering", would I have to give them my credit card number?
Heh I called it (as one of many) in a post in the other thread a few days back. Now we're just waiting for Sony's total immunity from the lawsuit.
Geohot unlocks the hardware code? "Destroy his credibility!".
Sony leaves open millions of credit cards? "Have a free month of service!"
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
I dont own a PS3, but my psp is unable to log into the PSN facilities too, which sort of annoyes me (or in case of the PGP-GO owners, completely blocks them from buying new games at all)
I wonder if us PSP owners will also recieve some compensation for the loss of service, and worse, the leaking of our private information
People, what a bunch of bastards
The PSN+ month free offer is worst than a them offering customers a gift card. It comes as absolutely no loss to Sony offering this because it's just a way to ensure and wrap more people into their revenue stream. I liken the move to something more of a casino comp in that they'll lure you in with a shitty buffet so you can piss away more of your money on some false hope.
I'll pass on their token gesture, scripted apology, and boneheaded-ness of connecting with the customer.
You think anything over the last 2 weeks is remotely convenient for Sony? The company's reputation is fucked at the moment.
It stopped being relevant ages ago when Gnome and KDE desktops needed more than the RAM available for OtherOS. I doubt you want to call running Linux on 256MB RAM with framebuffer graphics an enjoyable experience.
I only please one person per day. Today is not your day. Tomorrow isn't looking good either. - Scott Adams
that would mean another court would have to be established - perhaps one actually comprised of the people, one that works for the people.
Such a court exists in theory; it's called the ballot box. Three-fourths of state legislatures can call conventions and propose and ratify an amendment to the U.S. Constitution. However, due to MPAA-owned news networks' influence on public perception of candidates in debates, especially at the primary level, elections are just as corrupt as every other branch of government.
Sony fucked their reputation long ago, this just removed the last area of credibility they had...
I'll meet you at the intersection of "Should be" and "Reality"
The OP is modded flamebait, but he's actually posting a VERY relevant point. Sony is a shady company with a repeated history of bad decisions and anti-customer practices. There is a very easy way to avoid these types of things: Stop paying Sony to spit on you!
Actually, it started with me when my Sony home theater system broke. I sent it to them, they kept it for over SIX weeks, and when they sent it back, it was STILL broken the same damn way it was when I sent it to them to start with, but with a nasty scratch down the left side. So I sent it back again, and after several more weeks, it finally arrived, this time actually fixed. Or so I thought. A few months later, just after the one-year warranty period expired, it broke yet again. I called Sony, and they refused to fix it again without me paying for repairs, even though they had the thing in their possession over two of the twelve months of the warranty period. Instead, I took the damn thing to a recycling center.
A few months after that, my PS2 broke. It was well out of warranty, around five years old. I don't know what the useful life of a PS2 is supposed to be, but I'd hope it's more than five years. Under normal circumstances, I'd normally chalk it up to crappy luck and not be too mad about it, but since I'd just been through my home theater system ordeal, yeah, it really pissed me off. (That's mad, not drunk, for you Brits.)
Then the root kit fiasco hit shortly after that. Then my computer's Sony DVD burner stopped working. By this time, I had sworn off all Sony products. I think I remember an article hitting Slashdot around that time frame about Sony USB drives being infected as shipped from the factory. Then there was the Blu-ray shenanigans. Then there was the Other OS thing. Then the GeoHot lawsuit.
So yeah, the PSN thing didn't affect me at all. I'm convinced that it happened because of Sony's lax security practices, and it couldn't have happened to a scummier company. Personally, I think that any Slashdot reader who was affected by this is a damn fool and practically deserved it. I've told all of my friends and family about Sony, and most of them avoid the company, too.
My suggestion to everyone here is to stop accepting being butt raped by this company. Don't just post here about how sad/amused/mad/whatever you are, help spread the word. Post these headlines on your social network. If you're reading Slashdot, your geek cred is probably pretty high in your family and circle of friends, TELL people to avoid Sony. Only by putting them out of business once and for all, or impacting them enough to make them make significant changes, will they ever shape up or ship out.
Actually it is a fairly reasonable (though at this point unsubstantiated) assumption. The PS3 went without hack, crack, or compromise until they removed Other OS then within a short period of time has been completely compromised and that would have potentially opened a door on to the network.
I'll meet you at the intersection of "Should be" and "Reality"
Passwords were NOT encrypted.
From the article you linked: "That same reporter asked if passwords were encrypted. I believe (translation not being perfect) that Hirai said they were not."
This is clearly fear mongering. The writer admits that they are not sure what Hirai said. Plus saying that they were not encrypted would actually be accurate if the passwords were stored correctly. Encryption implies the ability to decrypt. Password should be stored as a one way Hash, not encrypted. There is quit likely just some misunderstanding of the reporters part.
The credit card data WAS accessed.
From the article you linked: "Nikkei just asked if all 10 million credit cards got out. Hirai said "we can't rule out the possibility" that credit card info was compromised" Again, there was no statement that the Credit Card data was accessed. It has been stated that there was no proof that it was accessed. Now that might just mean that they have poor logging on the access of that data, but that in itself is in no way a statement saying that credit card data was accessed.
Sony is now an infamous international criminal. They are guilty of several million counts of computer intrusion (any one of which would likely get a person locked up for several years) and they committed mass theft/fraud (depending on how you want to look at it). If any natural citizen did all of that, he'd be put UNDER the jail. Since the "justice" system has proven to be a complete failure in this matter, it's entirely expected that vigilante justice will fill the vacuum.
There are two great dangers to vigilante justice. One is that it may act without adequately establishing guilt. That's not in play here, Sony doesn't even deny the root kits and they seem almost proud of stealing otherOS away from people who paid for it. The other is that it can hand down a punishment much larger than the crime. Sony's crimes are fairly large and they haven't suffered very much, so that doesn't seem to be in play either.
However, in this case, it looks more like credit card fraudsters paid someone to grab those 70-something million records and the rest is just collateral damage. In that case, it's all those 70 million people I feel for, not Sony.
None, which is my point. As a gesture of good-will it isn't much. Would you accept a free month of netflix if they had gotten all their customers CC info stolen? Probably not, since it's next to worthless.
Here is the info about the USB incident I mentioned above. It wasn't a virus, it was another root kit-like software being distributed with MicroVault fingerprint scanner software.
What do you have against Netflix? Your comment and sig are both quite critical, seemingly apropos of nothing. We're not talking about the merit of services which you have to keep paying in order to use (you could have also mentioned Rhaposdy or World of Warcraft or a number of other things), we're talking about whether a short credit for one of those services is good compensation for an outage and breach like this.
GP's criticism is valid, I think. Hell, since you brought up Netflix, don't they give 1 month free trials? And Microsoft gives 1 month trials of Xbox Live with game purchases. 1 month of PSN+ is worth fuck all.
Your opinion is irrelevant. It wasnt Sony's call to remove it and was in fact a violation of law. unfortunately the US consumer protections suck and so they'll get away with it. I didnt really care all that much about the whole thing until Sony went after the First Amendment (squelching Geohot and others for reverse engineering for compatibility) . Now the gloves are off.
Good-bye
Plus saying that they were not encrypted would actually be accurate if the passwords were stored correctly. Encryption implies the ability to decrypt. Password should be stored as a one way Hash, not encrypted. There is quit likely just some misunderstanding of the reporters part.
Do you *seriously* expect any random reporter to understand the difference between encryption and hashing? :)
If you guys want to watch the full video of the press conference including the Q&A period you can do so by clicking on the link @ http://gaming.operationreality.org/2011/05/01/playstation-network-and-qriocity-coming-online/
Depends on your interpretation of the first amendment.
If you take a literal interpretation, the DMCA itself runs counter to the first amendment. (The other question is, does the first amendment override the copyright clause?)
What do you have against Netflix?
Nothing. It's just that Netflix is not for everyone, just like medications are not for everyone. Some Netflix fans on Slashdot post comments to articles about having canceled cable TV in favor of Netflix and imply that everyone else should do the same. They appear to be under the impression that no live programming is worth watching.
Personally, I don't believe Sony has to compensate anyone. PSN is free, you pay for the console (which still works without PSN), you pay for the games (which still work [for the most part] without PSN). You are not required to connect your credit card to your PSN account. So far there has been no proof that any credit cards have been compromised, and it costs you nothing to replace them if you're truly that worried about it. If you're smart you don't use the same password for any of your online accounts, so the fact that they have your password should mean nothing to you. Once PSN goes back online everyone will forget about this and go back to playing their various video games. If you're really that upset about this, then leave. Sony already got your money for the console and games you bought. ps. I am not a Sony fanboy, I am not an Xbox fanboy, I play 90% of my games on PC and the other 10% split between xbox and ps3. I'm just tired of hearing these empty threats and over reactions.
What I hated about PSN from the start is that they demand we enter a credit card number just to be able to use the service. I really see no need for any site outside of financial institutions to need to store credit card information - in my opinion this practice should be made illegal. My bank has recently started offering the facility (through Visa) of generating one time card numbers with fixed limit caps - and you can choose your own expiry date. If Sony are still insisting on card numbers - they will be getting one of these generated ones from me.
Sounds like you should vote with your wallet, and buy a Wii :)
thats like saying you shoulda have voted for the other guy when elections where last year.
I already vote with my wallet. I have bought no Sony products at all in years.
Still not enough to make me upgrade my PS3 from 3.15
There's always gui-distros like ArchBang that are on the light side, and even lighter if you configure them right. 256MB of ram is usable, might not be exactly compelling, but none of what you've said is a good defense for the removal of OtherOS. That being said, I don't own a PS3, don't particularly care about them, and certainly don't want one.
Feel free to mod me down, just know that unlike some Anonymous Cowards I'm not afraid to express my views as myself.
"Fool me once, shame on you. Fool me twice, shame on me." Where "fool me" = "get me to trust you when you don't take security seriously".
The First Amendment must, by legal convention, trump the copyright clause. Why? Because it came after. If there is anything in conflict, the newest law wins.
However, you can also assume that if there exists an interpretation that allows the copyright clause to stand in full force coexisting with the First Amendment, that will be taken. But if there were any spine in the Supreme Court, they'd have declared most of current copyright law illegal, both pre and post DMCA. It isn't "limited time" anymore (I mean Common Law would dictate that 99 years is infinity, based on English practices, and we are at or past that now, even if you don't count the moving bar making it forever, even if only 30 years at a time), and if the purpose of the law isn't to "To promote the Progress of Science and useful Arts" then the law is unconstitutional. And from what I can see about the laws, none of the ones passed since 1928 meet that condition.
Learn to love Alaska
Can you smell what the Rock is cookin'?
Because it's the post-hoc-ergo-prompter-hoc fallacy.
It's not reasonable because none of the specifics about this case would support that notion. Blackhats don't give a shit one way or the other.
Non impediti ratione cogitationus.
Please assume the party escort submission position
Please assume the party escort submission position
Drop pants, grab ankles, and give a hearty cheer for PSN security practices
Fo real! I cancelled my psn account over a month ago when they changed the terms of service. Wrote them and told them I declined the change and they happily cancelled my account. Deleted my profile on the ps3 like they asked and lost all of the content I bought. I was happy cause I thought it would be the end of this BS. And I STILL get a mail the other day saying my info was stolen.
I'd happily settle for 8 month of some credit monitoring service (had this happen to me when one if my employers lost a laptop with my info, they got a years woth of monitoring for me and it worked out well).
Anyone kmow where I can get into a class action?
This sig is false.
Do you *seriously* expect any random reporter to understand the difference between encryption and hashing? :)
No I would not expect a random reported to understand that, hence why the reported said "I believe (translation not being perfect) that Hirai said they were not." He clearly didn't understand what Hirai said, which could have very well been, "the passwords were stored with a one way Hash" and the reported never heard the japanese word for "encrypted."
Do you *seriously* expect any random reporter to understand the difference between encryption and hashing? :)
It seems he got it right, they *weren't* encrypted, however they *were* hashed.
3:01 JST: Sony decided to correct an earlier statement, saying that PSN passwords were not encrypted but rather hashed.
I don't think you quite understand the effort/reward balance here. Sony's console wasn't even a target until Other OS was removed, there was no real effort to crack it and it has since become obvious that it's protection had several very significant issues and would likely have been broken before if anyone cared. When a blackhat is trying to decide what to target a console that requires almost bottom up work is very low on the list especially since there is relatively limited pool of possible reward.
When that work was made almost trivial, especially with the developer hack that was released, then it becomes one of the low hanging fruit that the blackhats will try to pick. The fact that it seems like Sony didn't/doesn't know HOW they got in just makes it that much worse.
I'll meet you at the intersection of "Should be" and "Reality"
I told him, Considering you got to play about 10 different games on his PS3 compared to the hundreds on his old PS2 (Which never actually failed) - The PS3 has been a lemon as far as he's experienced. And an expensive lemon at that.
And im sure you'll find just as much anecdotal evidence to the contrary too.
The intrusion refers to the trojan rootkits they sent out to millions a few years ago and never paid a criminal penalty for.
I am well aware of the dangers of vigilante justice and would FAR prefer that the actual justice system would take actual appropriate action against Sony for their infamous crimes. To approximate the penalty an actual human being would have gotten, they should give up all profits and all right to any trade secret for 5-10 years AND they should be overseen by government officials in all business matters for that time period. Given that, even if this hack was meant to be justice rather than credit card fraud, it wouldn't even approach what they SHOULD get.
Vigilante justice is far from perfect, but it IS, at east in somes cases, a form of justice. In a sense, our entire government and justice system is just the formalization of common law which is a formalization of vigilante law.
As I said, I have sympathy for the 70 millionm, but not the slightest bit for Sony.
Wow, no reading comprehension whatsoever! I said my sympathies are with the 77million and NOT with Sony. I also said I believe the hack was more about credit card fraud than about justice of any kind.
I ALSO said that vigilante justice against Sony wouldn't be surprising and that it might be justifiable but that I would prefer for the justice system to actually do it's job.
I also pointed out that the justice system is simply a formalization of vigilante justice. It's advantage lies in due process and measured response.
So, besides a tendency to jump to conclusions and a lack of reading skills, do you have any other issues that I should be aware of?
Old one was pulled. Here's a new one: http://www.youtube.com/watch?v=_SDCV00ErEs ... :)
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
Actually, none of the evidence shows that this was a console based hack.
Unfortunately not a lot of information came out, but the bit of information that Sony has released has nearly confirmed that this wasn't a console based hack.
Non impediti ratione cogitationus.
I think you'd rather want Sony not to mess up in the first place. Be glad they're trying to apologize to everyone by giving you this extra.
I am not devoid of humor.
I can already taste the cake!
SJW: Someone who has run out of real oppression, and has to fake it.
Especially now that they're saying the PSN attack was actually the second attack so I'm pretty much ready to concede the point.
I'll meet you at the intersection of "Should be" and "Reality"
Is that like the Aperture Science Bring Your Daughter to Work Day? 'Cause we all know how that turned out.