Sony Compromised, Again

Konsalik writes "The hacker group LulzSec on Thursday posted information it took from Sony Entertainment and Sony BMG on its site, called the LulzBoat. Lulz Security said it broke into servers that run SonyPictures.com. The information includes about a million usernames and passwords of customers in the US, the Netherlands and Belgium and is available for download and posted on the group's site."

I wonder if the hackers would stop..

[Barrinmw]

...if sony came out and apologized for being asshats and promising to never do it again.

Re:I wonder if the hackers would stop..

[MarkvW]

I certainly wouldn't hold Sony to a promise that was extorted from them.

Re:I wonder if the hackers would stop..

[Labcoat+Samurai]

If the point of the hack is just to embarass Sony, they don't need to post customer information on their website. That is potentially hurting real people who are not responsible for Sony's activities. And no, paying for a Sony product does not make you responsible for their activities, particularly when it's you, the customer, who generally gets screwed by such activities.

That's like exposing a wife beater by publishing the names and addresses of all his past wives.

Re:I wonder if the hackers would stop..

[PopeRatzo]

I certainly wouldn't hold Sony to a promise that was extorted from them.

But it would still be a nice gesture on their part, dicks that they are.

It still would not change my unwillingness to ever purchase another Sony product, though. I cannot say that I am not experiencing some measure of schadenfreude at Sony's misfortune.

It is wrong of course, what Lulzboat is doing. Comedic, but wrong. Karmacly satisfying, but wrong. I would discourage them in the strongest terms from continuing to kick the shit out of one of the biggest transnational corporations in the world and making said transnational corporations look like a bunch of arrogant, incompetent nincompoops. So knock it off misters, or somebody's gonna cry. Don't make me get up.

Re:I wonder if the hackers would stop..

[aeoo]

Forget about shoulds and look at reality. I'm talking about responsibility and how it works.

For example, I think that the water should be dry, and when I step into it, I am not responsible for getting wet on the account of my "should" thinking. Does it work like that in reality? No, it does not.

Ask yourself: can customer behavior patterns influence the direction of Sony as a corporation? For example, can a boycott influence Sony's attitude at the executive levels? I think the answer is that a real boycott does have such an ability. So to the extent customers have the ability to influence corporate behaviors, the customers become responsible for exercising that ability with due diligence.

At the same time, does Sony need to wait to get boycotted in order to improve their behavior? Of course not. What does this mean? It means Sony holds a primary proximate responsibility for their own behaviors. Sony executives have more influence over what Sony does than do all the Sony customers put together. At the same time, the amount of influence the Sony customers have is not zero.

So this is a correct and balanced way to understand responsibility. Responsibility is always commensurate with the power you have to influence something. The more power, the more responsibility you have. And our or your power can get as low as epsilon, but never absolute 0. So we always have some responsibility for everything, however tiny it may be.

So it's not "all like this" or "all like that." The reality is somewhere between what you're talking about and what your opponent is talking about. I would say Sony has about 70% responsibility to govern its own behaviors in a moral way and all the customers put together have about 30%, roughly. You can even see it as a 50/50 split, but you have to remember that the customer side of the 50 is shared out among all the customers, while the Sony side is concentrated in the hands of the very few powerful executives.

Re:I wonder if the hackers would stop..

[similar_name]

I just want to be sure I understand your point. Unless something personally affects you you don't care? Most people feel this way? That does explain a lot about the world.

Re:I wonder if the hackers would stop..

[TheCount22]

You seem like a guy who would ignore the existence of concentration camps simply because it doesn't affect you. You are part of the problem.

Re:I wonder if the hackers would stop..

[man_the_king]

Ah so you guys (similar_name and TheCount22) take issue with him not caring about something that didn't affect him personally - yet you were okay and did not take issue with the hundreds of /. users who DID NOT CARE about the millions of PSN users and were jubilantly cheering the PSN hack - precisely because they were not affected. And wanted too much for Sony to fail, even if that was the expense of millions of people.

Hypocrisy - look it up.

Re:I wonder if the hackers would stop..

[causality]

Ah so you guys (similar_name and TheCount22) take issue with him not caring about something that didn't affect him personally - yet you were okay and did not take issue with the hundreds of /. users who DID NOT CARE about the millions of PSN users and were jubilantly cheering the PSN hack - precisely because they were not affected. And wanted too much for Sony to fail, even if that was the expense of millions of people.

Hypocrisy - look it up.

There's no hypocrisy there because it's not really injustice. More generally, not everything unfortunate is an instance of injustice. Not everything preventable is an instance of injustice.

Corporations are like the political status quo. It exists the way that it is until people are actually prepared to do things differently. Sony can conduct its business practices because customers continue to reward it with money. By making sure there are no financial repercussions attached to undesirable business practices, those customers are at least as responsible for the corporate culture at Sony as its management team. You could even argue that management is merely giving the customers what they want.

The only reason why Sony has millions of customers who worry about this hack is because they continued to patronize Sony so long as Sony's faults didn't personally make them suffer. Finally, Sony's faults make them suffer. Now some of them start to get the idea that it's not so easy to overlook when it happens to them personally. They may start to think that other complaints they have heard suddenly have merit. Cause, meet Effect.

It's too bad the mainstream level of awareness is so thick-headed; it is not sharp and agile and independent. It requires some kind of charismatic leader to honestly explain these things; the people who could pull that off make more money by doing the opposite. Masses of people take too long to figure out that what they're supporting is not acting in their interests. It's a shame they often insist on learning this the hard way after ignoring many warning signs.

Here's the part that even those with the very best of intentions may not understand: as crazy as it is, they are choosing this and it is not my place to tell them how they should choose or what lesson they should need to learn. They are getting what they are choosing and that's why there is no injustice. If that is to change, they would need less insulation between their decisions and the consequences they experience, including less misguided sympathy.

They are not victims because victims don't get to choose. What they're really missing is a sense of personal responsibility and with it, an understanding of cause and effect that doesn't come from pointing fingers or playing blame games.

Whether or not some Slashdotter's personal feelings include delight in the notion of Sony failing is a petty concern. It can distract you from a deeper appreciation of the issue.

Re:I wonder if the hackers would stop..

[Evtim]

No, it explains a lot about the present culture of the world, especially USA and the the rest of the western world. Someone posted it already in another discussion, but.. [http://www.youtube.com/watch?v=4Z9WVZddH9w] Zeitgeist: Moving Forward.

Re:I wonder if the hackers would stop..

[ianare]

This is a very similar argument to the one Bin Laden used to (partly) justify the 9/11 attacks, and other attacks on civilians. It goes something like this : because America is a democracy, its citizens have a direct responsibility for the actions their government takes, and attacks on civilians are justified as retaliation for years of American imperialism and belligerence.

It's true that the US government has acted aggressively towards Muslim countries, and that its policies in many parts of the Muslim world are viewed as neo-colonist. It's also true that US citizens elect their government officials. It does not, however, justify terrorist attacks, and the people that have been killed or injured in these attacks are certainly victims, for the simple reason that the mass murder of civilians can NEVER be justified, for any reason. I think we can all agree on this ?

So Sony has acted in ways which are anti-consumer, and this for years without most of their customers knowing or caring. Now Sony gets hacked and millions of their customer's details are stolen and exposed, and this is somehow the customers' fault for having chosen Sony ? Sony's customers are simply victims caught in the crossfire of two opposing, and equally immoral groups.

Re:I wonder if the hackers would stop..

[mogness]

I think you're stretching a little bit, comparing someone boycotting Sony products with someone ignoring the existence of concentration camps. I'd love to see you explain how those two things are even remotely alike.

People are just blind...

[Frosty+Piss]

Groan...

Certainly Sony has some major responsibility here...

But when will people stop trusting the Intertubes security implicitly and just blindly dumping all their personal info into various "secure" web sites and Internet connected systems?

People are just blind...

Re:People are just blind...

[Jarik_Tentsu]

With an attitude like that, I assume you don't buy much stuff online.

At this stage, we should be able to trust internet security for major corporations to protect our data. What happens if PayPal gets hacked? "When will people stop trusting the intertubes security implicitly"?

I think its a rather reasonable expectations to expect a company like Sony to protect its user information.

What are they trying to prove at this point?

[Derekloffin]

That the hacking community has 0 sense of morality at this point? That is more and more the impression I'm getting. This isn't going to help. If anything it is going to be more fuel to the camp that wants our governments to have insane legal powers to combat this stupidity.

Re:What are they trying to prove at this point?

[captaindomon]

But they aren't crimes against a faceless corporation in this instance. This is a crime against thousands of individual humans who just had their credentials stolen and published.

Re:What are they trying to prove at this point?

Sony continues to be a target because Sony refuses to learn its lesson. And make no mistake, that lesson is about the consequences of abusing your customers, not about network security.

Re:What are they trying to prove at this point?

[kaffiene]

When they expose the personal details of millions of innocent customers? Jesus, use your fucking brain

Re:What are they trying to prove at this point?

[arth1]

So..... If your car manufacturer (this is /. after all) removed the tow point on your car when you had it in for service, without giving you a choice, it would be fine with you? After all, only a tiny fraction of drivers would know about it, and even fewer use it...

See http://en.wikipedia.org/wiki/Argumentum_ad_populum for why your argument is bullshit.

Re:What are they trying to prove at this point?

[Maudib]

This industry is actively trying to undermine democracy, destroy individual property rights and trampel everyday civil liberties.

The people who give money to Sony and other RIAA/MPAA groups are part of the problem. They shouldn't be targeted, but any harms they derive from being customers of Sony are their own damn fault.

Look, if the mafia sets up shop in your neighborhood but you choose to work with them, don't complain if you get hurt when the rest of the community fights back.

Re:What are they trying to prove at this point?

[geminidomino]

Not to either condemn nor endorse LulzSec's actions, but WRT:

There are legitimate, legal, recourses is Sony did anything wrong.

"Illegal" and "Wrong" are completely orthogonal concepts.

Re:What are they trying to prove at this point?

[Charliemopps]

Lets just say that the hacking community has exactly the same sense of morality that Sony does.

Re:What are they trying to prove at this point?

[cyphercell]

Nope. A logical fallacy is a logical fallacy. Any user who purchased a PS3 with the expectation that "other os" would be available has cause for grievance. Now, I don't really think that's the only reason this is happening. I was pissed this time around until it occurred to me that, damn, there are suddenly repercussions for leveraging your development folks past sane tolerances. No longer is it just okay to abandon security because it isn't a bullet point on a brochure. Way more important than running yellow dog from my living room television. IMHO

Annoying..

[laxguy]

Personally I'm pretty tired of hearing this shit.. at this point is it really even worth the effort? SQL injections? Script-kiddies leeching off of unsecured websites.. this shit happens every day. Any else suspicious about the line "said that the group has more, but can’t copy all of the information it stole." Why can't they copy all the data? Probably because the "hack" wasn't as big as they want everyone to believe.

Do they have a choice?

[saikou]

In most cases people don't really have much choice.
You go to register to do something, and marketing department demands that registration form has a mandatory City, Address, Zip, blah blah, whatever their data appetite demands (and probably with data validation too, so doing New York, Blah Street, won't work).
Sure, some people will stop right there. But if "free" thing you gain access to by filling out registration form seems compelling enough, people will fill in the address.
And only a few of them will be clever enough to give some other (easily remembered, in case of site's trickery) address.
That data will live in archive forever, because marketing will never ever allow deleting anything.
Until it gets stolen (heck, probably afterwards too, but there will be a marketing blurb about being very secure, tested daily for hacker intrusions and stuff like that, wash, rinse, repeat)

Sony company culture of indifference won't change

[Lead+Butthead]

Sony company culture of indifference won't change over a few hacks. It may have made them look stupid (and that's got to hurt their ego) but ultimately the data being lost doesn't contain those of their officers, and frankly I don't think Sony gives a flying f_ck what happens to their customers (as demonstrated by rootkit) or their rights (demonstrated by repeatedly removing features from products and lied about it despite being caught lying.)

Re:The money quote

[nedlohs]

How is that a money quote?

Or do you mean showing the stupidity of the person asking the question?

Re:Sony company culture of indifference won't chan

[quickgold192]

Yeah, this'll hurt them like Kazaa hurts the MPAA - it won't. In fact, it'll more likely lead to the govt giving more public companies "emergency" legal powers to smack down anyone they suspect of being against them. Especially since today CNN had a "are your passwords safe online? Are YOU safe online?" special earlier today.

Re:Sony company culture of indifference won't chan

[hexagonc]

I don't know. . . repeatedly losing this much customer data or really any customer data is a serious public relations blunder. Sony Computer Entertainment already lost this console generation. I don't know if it can handle too much more egg on its face. At some point this is going to start making a serious dent in the bottom line.

Sounds like a Honey Pot for computer viruses

[XxtraLarGe]

I wanted to go to the site to see if my name was on the list, but then I realized they're the types that would probably have the latest version of MacDefender just waiting for me.

Re:Sony company culture of indifference won't chan

[brainzach]

The hackers don't give a flying fuck about the customers either by releasing all their personal information on the Internet.

If they really cared about the customers, they would have released the information to a trusted 3rd party to verify instead of to the public. They decided not to do that because they knew releasing it to the public would cause a much greater financial loss to Sony at the expense of its customers. The Hackers have no moral high ground here.

Line of criminal thought

[JimboFBX]

It has been said that criminals try to rationalize their crimes often times by thinking that they are just playing by the rules of life, even if its not the rules of society. An example would be a car thief who finds a car unlocked in downtown New York. They might steal the vehicle and rationalize it as a sort of "finders keepers", where if they didn't steal it, someone else would come along and steal it instead. "If I don't, someone else will, so I might as well benefit". You might say that is a ridiculous assertion to make, but if you found a $50 laying in the parking lot, you would probably pick it up and keep it thinking that someone else would take it if you didn't, and any hope of the original owner finding their missing $50 is a lost cause.

So when someone does virtual breaking and entering because the virtual back door was virtually unlocked, you have to ask what line of thought is crossing their minds. When my neighbor's door is unlocked, should I enter it and steal their TV because I think someone else is bound to do it instead?

Re:Line of criminal thought

[TheCount22]

It has been said that criminals try to rationalize their crimes often times by thinking that they are just playing by the rules of life, even if its not the rules of society. An example would be a car thief who finds a car unlocked in downtown New York. They might steal the vehicle and rationalize it as a sort of "finders keepers", where if they didn't steal it, someone else would come along and steal it instead. "If I don't, someone else will, so I might as well benefit". You might say that is a ridiculous assertion to make, but if you found a $50 laying in the parking lot, you would probably pick it up and keep it thinking that someone else would take it if you didn't, and any hope of the original owner finding their missing $50 is a lost cause.

So when someone does virtual breaking and entering because the virtual back door was virtually unlocked, you have to ask what line of thought is crossing their minds. When my neighbor's door is unlocked, should I enter it and steal their TV because I think someone else is bound to do it instead?

While I don't condemn what these guys are doing. I have to admit it does make me smile every time Sony gets hacked. A bit like seeing a bully failing a math exam.

Re:The hackers will be punished. Severely.

[Tolkien]

Sony has been begging to be smacked around by mob justice for a LONG time. Now it's finally happening. I say good.

Thank you, exactly

[unassimilatible]

This criminal organization LulzSec hurt the end user. Isn't that what the Slashdot crowd claims to be for? LulzSec exhibited utter lawlessness that, if perpetrated by Sony or Apple or Google or the Department of Homeland Security, it would have all the supposed Slashdot "Libertarians" howling. Read my sig for more details.

I can't believe how many people here are defending the action of LulzSec (not the hack, the posting of info, utterly and completely indefensible).