Sony Compromised, Again

Konsalik writes "The hacker group LulzSec on Thursday posted information it took from Sony Entertainment and Sony BMG on its site, called the LulzBoat. Lulz Security said it broke into servers that run SonyPictures.com. The information includes about a million usernames and passwords of customers in the US, the Netherlands and Belgium and is available for download and posted on the group's site."

I wonder if the hackers would stop..

[Barrinmw]

...if sony came out and apologized for being asshats and promising to never do it again.

Re:I wonder if the hackers would stop..

[MarkvW]

I certainly wouldn't hold Sony to a promise that was extorted from them.

Re:I wonder if the hackers would stop..

[Labcoat+Samurai]

If the point of the hack is just to embarass Sony, they don't need to post customer information on their website. That is potentially hurting real people who are not responsible for Sony's activities. And no, paying for a Sony product does not make you responsible for their activities, particularly when it's you, the customer, who generally gets screwed by such activities.

That's like exposing a wife beater by publishing the names and addresses of all his past wives.

Re:I wonder if the hackers would stop..

[ATMAvatar]

Strictly speaking in a free market sense, paying for Sony products does make you partially responsible. Why, you ask? Because the invisible hand that supposedly corrects poor behavior in corporations is supposed to be the swath of customers who will willfully boycott products in response. Continuing to purchase the corporation's products serves only to reinforce any behavior the it may be involved in.

Re:I wonder if the hackers would stop..

[PopeRatzo]

I certainly wouldn't hold Sony to a promise that was extorted from them.

But it would still be a nice gesture on their part, dicks that they are.

It still would not change my unwillingness to ever purchase another Sony product, though. I cannot say that I am not experiencing some measure of schadenfreude at Sony's misfortune.

It is wrong of course, what Lulzboat is doing. Comedic, but wrong. Karmacly satisfying, but wrong. I would discourage them in the strongest terms from continuing to kick the shit out of one of the biggest transnational corporations in the world and making said transnational corporations look like a bunch of arrogant, incompetent nincompoops. So knock it off misters, or somebody's gonna cry. Don't make me get up.

Re:I wonder if the hackers would stop..

[arth1]

I think what the GP was suggesting would be if Sony, on their own, came out and apologized for being so negligent. Of course that will never happen.

It wouldn't be enough. At this point, I would want Howard Stringer fired (not allowed to resign, but actually fired) before I would consider buying Sony again.

And this from someone who at present has:
1 Sony HD TV
1 Sony high-end Receiver
1 Sony low-end Receiver/DVD combo
1 Sony BD player
1 Sony LocationFree
3 Sony Laptops
1 Sony PDA
1 Sony PSP
1 Sony CD Walkman
and lots of less expensive Sony stuff.
This revenue stream has now stopped, and yes, it will take Stringer's head on a platter before I would consider Sony again, or stop telling friends and family to avoid Sony like the plague. Else, they;re not taking this seriously, and then I will reciprocate that and not take Sony seriously.

Re:I wonder if the hackers would stop..

[MimeticLie]

Sony is a big company with a lot of activities, and not all of them are objectionable.

Given their poor hardware quality, rootkits, data breaches, exploding batteries, inventing fake movie critics, removing advertised features, obnoxious viral marketing, spying on environmental activists, being seen as one of the two worst companies in America, and whatever else I couldn't think of off the top of my head, I'd say "most" rather than "not all".

Re:I wonder if the hackers would stop..

[pipatron]

So hm. This argumentation also means that if you mess with a company you're not actually messing with the company but with its stockholders and all its employees. After all, it's going to hurt them, and they didn't ask for it, but are just innocent bystanders. Any corporation would be free to continue their asshattery because as soon as a group of people retaliate, there are other people getting hurt.

Re:I wonder if the hackers would stop..

[aeoo]

Forget about shoulds and look at reality. I'm talking about responsibility and how it works.

For example, I think that the water should be dry, and when I step into it, I am not responsible for getting wet on the account of my "should" thinking. Does it work like that in reality? No, it does not.

Ask yourself: can customer behavior patterns influence the direction of Sony as a corporation? For example, can a boycott influence Sony's attitude at the executive levels? I think the answer is that a real boycott does have such an ability. So to the extent customers have the ability to influence corporate behaviors, the customers become responsible for exercising that ability with due diligence.

At the same time, does Sony need to wait to get boycotted in order to improve their behavior? Of course not. What does this mean? It means Sony holds a primary proximate responsibility for their own behaviors. Sony executives have more influence over what Sony does than do all the Sony customers put together. At the same time, the amount of influence the Sony customers have is not zero.

So this is a correct and balanced way to understand responsibility. Responsibility is always commensurate with the power you have to influence something. The more power, the more responsibility you have. And our or your power can get as low as epsilon, but never absolute 0. So we always have some responsibility for everything, however tiny it may be.

So it's not "all like this" or "all like that." The reality is somewhere between what you're talking about and what your opponent is talking about. I would say Sony has about 70% responsibility to govern its own behaviors in a moral way and all the customers put together have about 30%, roughly. You can even see it as a 50/50 split, but you have to remember that the customer side of the 50 is shared out among all the customers, while the Sony side is concentrated in the hands of the very few powerful executives.

Re:I wonder if the hackers would stop..

[similar_name]

I just want to be sure I understand your point. Unless something personally affects you you don't care? Most people feel this way? That does explain a lot about the world.

Re:I wonder if the hackers would stop..

[TheCount22]

You seem like a guy who would ignore the existence of concentration camps simply because it doesn't affect you. You are part of the problem.

Re:I wonder if the hackers would stop..

[man_the_king]

Ah so you guys (similar_name and TheCount22) take issue with him not caring about something that didn't affect him personally - yet you were okay and did not take issue with the hundreds of /. users who DID NOT CARE about the millions of PSN users and were jubilantly cheering the PSN hack - precisely because they were not affected. And wanted too much for Sony to fail, even if that was the expense of millions of people.

Hypocrisy - look it up.

Re:I wonder if the hackers would stop..

[causality]

Ah so you guys (similar_name and TheCount22) take issue with him not caring about something that didn't affect him personally - yet you were okay and did not take issue with the hundreds of /. users who DID NOT CARE about the millions of PSN users and were jubilantly cheering the PSN hack - precisely because they were not affected. And wanted too much for Sony to fail, even if that was the expense of millions of people.

Hypocrisy - look it up.

There's no hypocrisy there because it's not really injustice. More generally, not everything unfortunate is an instance of injustice. Not everything preventable is an instance of injustice.

Corporations are like the political status quo. It exists the way that it is until people are actually prepared to do things differently. Sony can conduct its business practices because customers continue to reward it with money. By making sure there are no financial repercussions attached to undesirable business practices, those customers are at least as responsible for the corporate culture at Sony as its management team. You could even argue that management is merely giving the customers what they want.

The only reason why Sony has millions of customers who worry about this hack is because they continued to patronize Sony so long as Sony's faults didn't personally make them suffer. Finally, Sony's faults make them suffer. Now some of them start to get the idea that it's not so easy to overlook when it happens to them personally. They may start to think that other complaints they have heard suddenly have merit. Cause, meet Effect.

It's too bad the mainstream level of awareness is so thick-headed; it is not sharp and agile and independent. It requires some kind of charismatic leader to honestly explain these things; the people who could pull that off make more money by doing the opposite. Masses of people take too long to figure out that what they're supporting is not acting in their interests. It's a shame they often insist on learning this the hard way after ignoring many warning signs.

Here's the part that even those with the very best of intentions may not understand: as crazy as it is, they are choosing this and it is not my place to tell them how they should choose or what lesson they should need to learn. They are getting what they are choosing and that's why there is no injustice. If that is to change, they would need less insulation between their decisions and the consequences they experience, including less misguided sympathy.

They are not victims because victims don't get to choose. What they're really missing is a sense of personal responsibility and with it, an understanding of cause and effect that doesn't come from pointing fingers or playing blame games.

Whether or not some Slashdotter's personal feelings include delight in the notion of Sony failing is a petty concern. It can distract you from a deeper appreciation of the issue.

Re:I wonder if the hackers would stop..

[Evtim]

No, it explains a lot about the present culture of the world, especially USA and the the rest of the western world. Someone posted it already in another discussion, but.. [http://www.youtube.com/watch?v=4Z9WVZddH9w] Zeitgeist: Moving Forward.

Re:I wonder if the hackers would stop..

[interkin3tic]

1 Sony CD Walkman and lots of less expensive Sony stuff.

Wait... what's less expensive than a Sony CD Walkman? A broken Sony CD walkman? A Sony minidisc player? A year's subscription to PSN?

Re:I wonder if the hackers would stop..

[walternate]

So hm. This argumentation also means that if you mess with a company you're not actually messing with the company but with its stockholders and all its employees. After all, it's going to hurt them, and they didn't ask for it, but are just innocent bystanders. Any corporation would be free to continue their asshattery because as soon as a group of people retaliate, there are other people getting hurt.

The thing about vigilante justice though is that not everybody agrees with your view on who deserves it. Some could claim Apple deserved it, and decide to out personal and credit card info of every Apple user. Some could claim abortion clinics deserved it.. etc. Can get really messy, and I suspect people supporting it in instances they agree with, could be very morally outraged about people doing such things if it hits closer to home.

Re:I wonder if the hackers would stop..

[ianare]

This is a very similar argument to the one Bin Laden used to (partly) justify the 9/11 attacks, and other attacks on civilians. It goes something like this : because America is a democracy, its citizens have a direct responsibility for the actions their government takes, and attacks on civilians are justified as retaliation for years of American imperialism and belligerence.

It's true that the US government has acted aggressively towards Muslim countries, and that its policies in many parts of the Muslim world are viewed as neo-colonist. It's also true that US citizens elect their government officials. It does not, however, justify terrorist attacks, and the people that have been killed or injured in these attacks are certainly victims, for the simple reason that the mass murder of civilians can NEVER be justified, for any reason. I think we can all agree on this ?

So Sony has acted in ways which are anti-consumer, and this for years without most of their customers knowing or caring. Now Sony gets hacked and millions of their customer's details are stolen and exposed, and this is somehow the customers' fault for having chosen Sony ? Sony's customers are simply victims caught in the crossfire of two opposing, and equally immoral groups.

Re:I wonder if the hackers would stop..

[mogness]

I think you're stretching a little bit, comparing someone boycotting Sony products with someone ignoring the existence of concentration camps. I'd love to see you explain how those two things are even remotely alike.

Re:I wonder if the hackers would stop..

[mogness]

Sorry but I think you guys are just really out of control with this Sony stuff. How do you take a statement like "I don't care that Sony is a shitty retailer, it doesn't affect me" and blow it out to "I don't care about anything going on in the world." I care a lot about things that are going on in the world, but what has Sony really done that warrants this kind of behavior? Are they dumping toxic chemicals? Causing global warming? Killing babies?
Oh, they may have accidentally released your e-mail address and a hashed password.

Re:I wonder if the hackers would stop..

[Vanderhoth]

I hate to support Bin Laden here, but he wasn't stupid. I like the fact that you're able to associate the parent with a hated terroist so you can make his point less relevant. I still agree that if you're responsible for supporting an irresponsible entity then your just as responsible for the actions of that entity as it is. The attacks on 9/11 were tragic and we all wish it never happens, but it seems to me the terrorist somewhat reached their objective. As it is now you can't fly with out being harassed; so much for freedoms.

Full disclosure, I do own a PS3. I was, and am currently, affected by the Other OS removal and the loss of personal data. I am responsible for it because I was also affected by the CD rootkit fiasco, but I didn't learn my lesson and I thought Sony was trying to turn over a new leaf. However, I have learned my lesson and I'm done with Sony.

Re:I wonder if the hackers would stop..

[cpu6502]

>>>In all honestly, Sony hasn't done anything to me personally that warrants a boycott

"First they came for the [CD Buyers with rootkits] but I didn't care, because it wasn't affecting me.
"Then they came for the [Linux PS3 Owners] but I didn't care, because it wasn't affecting me.
"Next they came for the [PSN customers by losing their credit information in public] but I didn't care, because it wasn't affecting me....."

Then they came for me by turning-off my PS3 because I played a downloaded CD-R on it.
- And nobody cared about me either, because it's a self-centered narcisstic world.

Re:I wonder if the hackers would stop..

[cpu6502]

>>>what has Sony really done that warrants this kind of behavior? Are they dumping toxic chemicals? Causing global warming? Killing babies?

Nothing that extreme, but they are still violating individual rights:
- Selling PS3s with "other OS" capability, and then turning it off. AKA bait-and-switch aka false advertising. Also illegal in Europe (where customers can demand refunds)
- Installing software from Music CD that killed customer's computers (made them unbootable)
- Bricked PS3s that were modded to play emulators (like SNES or Atari-Stella)
- Sued people for Millions of dollars, because they downloaded 5 songs.
- Prosecuted a man who posted how to open-up your PS3 and mod it to play HD DVDs (and other stuff)
- Used extradition to remove a customer from Europe to US, so they could sentence the customer to 20 years for hacking his console.

NOW do you understand why /.'rs hate Sony?
And why we boycott them?
Educate yourself about these corporations, and the evils they commit, rather than just blindly buying everything.

Re:I wonder if the hackers would stop..

[drinkypoo]

It does not, however, justify terrorist attacks, and the people that have been killed or injured in these attacks are certainly victims, for the simple reason that the mass murder of civilians can NEVER be justified, for any reason. I think we can all agree on this ?

Who is "we"? I can agree that I wouldn't do it. Do I think it's unjustified? Our lifestyle kills people. It is based on murder. Even when it isn't, it's based on manslaughter. This is all utterly hypocritical while I sit here at my big fat dual-monitor desktop in my warm, well-lit home, but I think it's pretty clear that we in the western world are killers by abstraction. We permit it to continue, and indeed, when it starts to slip we scream bloody murder and clamor for more. And we get more... murder.

So Sony has acted in ways which are anti-consumer, and this for years without most of their customers knowing or caring. Now Sony gets hacked and millions of their customer's details are stolen and exposed, and this is somehow the customers' fault for having chosen Sony ?

You know, when you start bringing words like "fault" into the conversation it's a pathetically transparent attempt to manipulate mind states... just like when I say murder. So that's OK, but what you really want to ask is whether this is a direct result of the customer having chosen Sony. And of course, the answer is up for debate, but I say yes. Yes, the customer is at fault for giving money to assholes like Sony. Yes, yes, a thousand times yes. They are helping fund awful, horrible behavior. It's like when someone knuckles under to a BSA audit. For heaven's sake, spend that money on a migration. It might hurt now, but the alternative is having a leering mobster leaning on you for protection money on a scheduled basis.

Sony's customers are simply victims caught in the crossfire of two opposing, and equally immoral groups.

Sony's customers are the foundation upon which the corporation rests. Without them it has no power. Don't make excuses for them; they chose to do business with an unethical entity. Nobody ever had no alternative to Sony, it's not like paying your taxes. Nobody is going to imprison you for failing to buy a Playstation 3.

People are just blind...

[Frosty+Piss]

Groan...

Certainly Sony has some major responsibility here...

But when will people stop trusting the Intertubes security implicitly and just blindly dumping all their personal info into various "secure" web sites and Internet connected systems?

People are just blind...

Re:People are just blind...

[Jarik_Tentsu]

With an attitude like that, I assume you don't buy much stuff online.

At this stage, we should be able to trust internet security for major corporations to protect our data. What happens if PayPal gets hacked? "When will people stop trusting the intertubes security implicitly"?

I think its a rather reasonable expectations to expect a company like Sony to protect its user information.

Re:People are just blind...

[Anrego]

But when will people stop trusting the Intertubes security implicitly and just blindly dumping all their personal info into various "secure" web sites and Internet connected systems?

The problem is, in this day you have little choice. Yes you can pick and choose the sites you think are likely to be secure (despite everything, before the PSN incident I would have guessed Sony's servers would be secure...) but just about anything can get hacked (RSA got hacked... wouldn't have guessed that one either).

I don't think people implicitly trust anything .. it's just that the only other choice is to restrict ourselves to services which don't require personal info .. a category which is getting smaller and smaller.

The two things that really need to happen are:

- This info needs to somehow become irrelevant. I'd love a day where I could post all this info to the world and it mean absolutely nothing. Relying on a set of secrets that you have to share with virtually everyone you do business with is kinda stupid.
- People who managed need to be held responsible.. and I mean _really_ be held responsible. People should be going to jail over the PSN thing, as it stands we'll be lucky if they get a fine.

Re:People are just blind...

[Jarik_Tentsu]

That's the problem. It should be a reasonable expectations to expect any large company like that to have adequate security measured protecting customer data. The fact that they haven't should be a big issue with them specifically. I dunno how you can say people are blind for trusting them - or any other major company - in the first place though.

Re:People are just blind...

[node+3]

Groan...

Certainly Sony has some major responsibility here...

But when will people stop trusting the Intertubes security implicitly and just blindly dumping all their personal info into various "secure" web sites and Internet connected systems?

People are just blind...

Blind? That implies they could have looked into Sony's security and made an informed and rational decision as to the quality of their security.

It's not that people are stupid or blind or anything else. There's this thing called "trust". It's at the very heart of society. It's wholly unfeasible to expect people to be able to verify for themselves the quality and security of everything they do in the world. You can't check the farm where you get your lettuce, you can't test every electronic component for hazards, you can't check the purity of your medication, and you can't check the security of the web sites you interact with.

That's why we have public and private organizations like the FDA, FCC, UL, USDA, etc. Of course some of these have become something of a sham, but the idea is sound. If these things have become inept, it's not because it is their nature to become so, but because people like you who put too much responsibility on those least able to bear that responsibility coupled with a blind eye to corruption.

What do you expect of people? That they verify the unverifiable? Or simply eschew participation in our culture? If so, you are right about one thing, at least SOME people really are blind...

Re:People are just blind...

[steelfood]

I don't think past behavior was blindness in any way, but rather the reasonable expectations of paying customers. I think it is reasonable to assume that large companies will put at least a small amount of effort into securing their users' data, and that any breech wouldn't result in the immediate compromise of that data.

On the other hand, I do hope this will serve to change those who made the assumption in such a way that they will start to think about the consequences of their choices. People weren't forced to submit their information to Sony; they did so as a requisite to engaging in a business transaction with Sony. After this, they hopefully will take a second look at companies that offer services tied to some sort of registration, possibly question its necessity, and maybe as a result, question their own need for the company's product. In the end, I can't find fault in those who signed up for such services in the past, but I do hope they won't so casually do so again in the future after this.

What probably is going to actually happen is that a few people will never buy Sony again though they wouldn't think about the information in their iTunes account or their Xbox Live account, while the rest will simply forget about this whole affair once it's over, and go back to their usual habits again while holding onto their usual assumptions.

What are they trying to prove at this point?

[Derekloffin]

That the hacking community has 0 sense of morality at this point? That is more and more the impression I'm getting. This isn't going to help. If anything it is going to be more fuel to the camp that wants our governments to have insane legal powers to combat this stupidity.

Re:What are they trying to prove at this point?

[captaindomon]

But they aren't crimes against a faceless corporation in this instance. This is a crime against thousands of individual humans who just had their credentials stolen and published.

Re:What are they trying to prove at this point?

Sony continues to be a target because Sony refuses to learn its lesson. And make no mistake, that lesson is about the consequences of abusing your customers, not about network security.

Re:What are they trying to prove at this point?

[AK+Marc]

Sony is amoral (and amoral with a profit motive is indistinguishable from evil). Sony committed fraud and violated their own TOS. However, everyone knows that the worst that would happen if they lose in court is that anyone that gave them money would be graced with temporary access to some free content, which is a waste of time and money.

So, some have taken it upon themselves to extract some justice, as none will be seen in the legal channels. Yes, it's vigilante justice and should be denounced.

Interesting that you think the removal of an advertised feature (clear criminal FTC violation, even if the TOS allowed them to remove any and all functionality at a later date) that's going completely unpunished shouldn't warrant more government controls, but a few people lashing back at the multinational criminal organization will lead to justifications of taking away our freedoms. If that's really the case (and I'm not doubting you, just supposing), then our system is already so broken that such things would be the least of our worries.

Re:What are they trying to prove at this point?

[kaffiene]

Case in point - I've been pro open source, anti IP laws, anti harsh pirating / copying fines for a very long time. I'm pretty liberal and I don't like big corporations. But this shit just pisses me off. They don't like Sony so they fuck over the services that millions of paying customers are using and expose all their personal details? What a pack of pricks. That ain't cool, that's fucked up and selfish.

Re:What are they trying to prove at this point?

[kaffiene]

When they expose the personal details of millions of innocent customers? Jesus, use your fucking brain

Re:What are they trying to prove at this point?

[node+3]

Sony continues to be a target because Sony refuses to learn its lesson. And make no mistake, that lesson is about the consequences of abusing your customers, not about network security.

And what lesson is that? There are legitimate, legal, recourses is Sony did anything wrong. Shit, they didn't even do something that even 1/10th of 1% of their users even knew about, let alone had any expectation of ever using.

Seriously, walk up to anyone on the street, ask if them they have a PS3, then if so, ask them if they either:

A. Knew was "Other OS" was.
B. Ever used it, or had plans to.

If it was something Sony needed to "learn a lesson" over, it would have resulted in loss of market share. All this really is is a bunch of juvenile criminals who think they have the right to do whatever they want. I can only imagine how sad their lives must truly be to think this as some kind of moral crusade.

Re:What are they trying to prove at this point?

[vga_init]

It depends on why they are doing it thought. I'm glad that this stuff is coming out now, and the hackers being possibly benign, rather than these things being silently exploited by more nefarious groups/individuals. It makes me feel better that Sony lose face and tighten its security than risk anything further.

Re:What are they trying to prove at this point?

[arth1]

So..... If your car manufacturer (this is /. after all) removed the tow point on your car when you had it in for service, without giving you a choice, it would be fine with you? After all, only a tiny fraction of drivers would know about it, and even fewer use it...

See http://en.wikipedia.org/wiki/Argumentum_ad_populum for why your argument is bullshit.

Re:What are they trying to prove at this point?

[Maudib]

This industry is actively trying to undermine democracy, destroy individual property rights and trampel everyday civil liberties.

The people who give money to Sony and other RIAA/MPAA groups are part of the problem. They shouldn't be targeted, but any harms they derive from being customers of Sony are their own damn fault.

Look, if the mafia sets up shop in your neighborhood but you choose to work with them, don't complain if you get hurt when the rest of the community fights back.

Re:What are they trying to prove at this point?

[geminidomino]

Not to either condemn nor endorse LulzSec's actions, but WRT:

There are legitimate, legal, recourses is Sony did anything wrong.

"Illegal" and "Wrong" are completely orthogonal concepts.

Re:What are they trying to prove at this point?

[Charliemopps]

Lets just say that the hacking community has exactly the same sense of morality that Sony does.

Re:What are they trying to prove at this point?

[TheCount22]

Sure but what if the bank started taking stuff out of you safety deposit box because some fine print on a 100 pages agreement said they could (other os). Would you be okay with that? How about if they installed spy cameras in your house how would you feel then (rootkit)? And finally to top it off the bank gets robbed. I suppose that would be acceptable. Should we just ignore the bank and focus only the robbers? What if the robbers where bank customers that wanted their stuff back?

Re:What are they trying to prove at this point?

[cyphercell]

Nope. A logical fallacy is a logical fallacy. Any user who purchased a PS3 with the expectation that "other os" would be available has cause for grievance. Now, I don't really think that's the only reason this is happening. I was pissed this time around until it occurred to me that, damn, there are suddenly repercussions for leveraging your development folks past sane tolerances. No longer is it just okay to abandon security because it isn't a bullet point on a brochure. Way more important than running yellow dog from my living room television. IMHO

Re:What are they trying to prove at this point?

[Osgeld]

I don't know whom your replying to, if you would please read I am putting Sony at fault for not locking down or seeming to care at all, as would I my bank

Re:What are they trying to prove at this point?

[Ciggy]

But it's a red herring anyway. If there was a reason to remove it, sure. But there's no reason to. On the other hand, there was a very good reason for Sony to remove Other OS. Specifically, it was being used to hack the PS3.

[emphasis added]

The tow bars I've seen end in quite a small area which means it will provide quite large pressure (and hence destructive force) when the vehicle is used to reverse into, say, a plate glass window - based on your argument I would now expect every tow bar to be removed on the next service of all cars as they could be used for hacking [in the sense of a machete] into shops and banks, and so have an excellent reason to remove them.

Re:What are they trying to prove at this point?

[drinkypoo]

But they aren't crimes against a faceless corporation in this instance. This is a crime against thousands of individual humans who just had their credentials stolen and published.

You mean kind of like when you commit a crime against a faceless corporation, thousands of individual humans who work for it have their job threatened? Those people might have a harder time finding a new employer than the customers of Sony would have a hard time finding another vendor for a Blu-Ray player. I have less sympathy for the customers than I do for the employees, and I only have so much for them. But I do have SOME, because I live in a capitalist society too, and I need money to buy stuff myself. Sony sells nothing essential for life, so the customers are funding suffering for nothing but their own pleasure.

Re:What are they trying to prove at this point?

[Agent0013]

If it is truly a violation of the law, I'm all for punishing them.

Just imagine what criminal charges would have been brought up on some individual person if they put rootkits onto as many computers as Sony did. They certainly got away with breaking the law there! If the justice system is so broken that it can no longer hold large corporations accountable for their actions, then the only recourse left is vigilante justice. I think we have more like this to look forward to in the future. The goverment is beholden to the corporation, so there is no one to look out for the people but the hackers. Just look what the US prosecutors did for Cisco recently.

Annoying..

[laxguy]

Personally I'm pretty tired of hearing this shit.. at this point is it really even worth the effort? SQL injections? Script-kiddies leeching off of unsecured websites.. this shit happens every day. Any else suspicious about the line "said that the group has more, but can’t copy all of the information it stole." Why can't they copy all the data? Probably because the "hack" wasn't as big as they want everyone to believe.

Re:Annoying..

[future+assassin]

I don't mind, its better than whats on tv AND its real life drama. I'm watching a 7 hour dvd set on WW2 and its amazing how people went out and died for freedom and kill tyranny and at the end their great/great grand children now have to live with corporate tyranny taking over the world.

Do they have a choice?

[saikou]

In most cases people don't really have much choice.
You go to register to do something, and marketing department demands that registration form has a mandatory City, Address, Zip, blah blah, whatever their data appetite demands (and probably with data validation too, so doing New York, Blah Street, won't work).
Sure, some people will stop right there. But if "free" thing you gain access to by filling out registration form seems compelling enough, people will fill in the address.
And only a few of them will be clever enough to give some other (easily remembered, in case of site's trickery) address.
That data will live in archive forever, because marketing will never ever allow deleting anything.
Until it gets stolen (heck, probably afterwards too, but there will be a marketing blurb about being very secure, tested daily for hacker intrusions and stuff like that, wash, rinse, repeat)

Sony company culture of indifference won't change

[Lead+Butthead]

Sony company culture of indifference won't change over a few hacks. It may have made them look stupid (and that's got to hurt their ego) but ultimately the data being lost doesn't contain those of their officers, and frankly I don't think Sony gives a flying f_ck what happens to their customers (as demonstrated by rootkit) or their rights (demonstrated by repeatedly removing features from products and lied about it despite being caught lying.)

Re:Death by a thousand cuts

[Mashiki]

Well if Sony is a beached whale, does that mean some genius is going to break out the dynamite and blow it up in a few days? I think that the rain of putrid guts, entrails and rotting flesh falling all over the globe will be fun had by all.

Re:The money quote

[nedlohs]

How is that a money quote?

Or do you mean showing the stupidity of the person asking the question?

Re:Sony company culture of indifference won't chan

[erroneus]

You know, either way I'm okay with the results. I haven't been a Sony customer for years. I won't buy anything with a Sony label on it. If it takes some "hard lessons" for everyone else to stop being a Sony customer, then that's what will have to happen. I had to learn it hard too -- expensively. Laptops, Clie' and more. I'm just done with them and their amazingly well-timed breaking after the warranty expires.

Sony isn't going to voluntarily rehabilitate itself. They will have to lose customers before they take any notice. I think one unfortunate reality is that none of this may be enough. The number of people who will buy from Sony will probably always out-number those who won't by 100 to 1. We live in a world filled with consumer zombies.

Re:Sony company culture of indifference won't chan

[quickgold192]

Yeah, this'll hurt them like Kazaa hurts the MPAA - it won't. In fact, it'll more likely lead to the govt giving more public companies "emergency" legal powers to smack down anyone they suspect of being against them. Especially since today CNN had a "are your passwords safe online? Are YOU safe online?" special earlier today.

Re:Sony company culture of indifference won't chan

[hexagonc]

I don't know. . . repeatedly losing this much customer data or really any customer data is a serious public relations blunder. Sony Computer Entertainment already lost this console generation. I don't know if it can handle too much more egg on its face. At some point this is going to start making a serious dent in the bottom line.

Sounds like a Honey Pot for computer viruses

[XxtraLarGe]

I wanted to go to the site to see if my name was on the list, but then I realized they're the types that would probably have the latest version of MacDefender just waiting for me.

Re:Sony company culture of indifference won't chan

[brainzach]

The hackers don't give a flying fuck about the customers either by releasing all their personal information on the Internet.

If they really cared about the customers, they would have released the information to a trusted 3rd party to verify instead of to the public. They decided not to do that because they knew releasing it to the public would cause a much greater financial loss to Sony at the expense of its customers. The Hackers have no moral high ground here.

Re:you know

[Alex+Belits]

lulz is a corruption of L-O-L, LOLOLOL!

Here I said it, with my 3-digit Slashdot ID. What now?

Re:you know

[Unkyjar]

Now...we dance!

Line of criminal thought

[JimboFBX]

It has been said that criminals try to rationalize their crimes often times by thinking that they are just playing by the rules of life, even if its not the rules of society. An example would be a car thief who finds a car unlocked in downtown New York. They might steal the vehicle and rationalize it as a sort of "finders keepers", where if they didn't steal it, someone else would come along and steal it instead. "If I don't, someone else will, so I might as well benefit". You might say that is a ridiculous assertion to make, but if you found a $50 laying in the parking lot, you would probably pick it up and keep it thinking that someone else would take it if you didn't, and any hope of the original owner finding their missing $50 is a lost cause.

So when someone does virtual breaking and entering because the virtual back door was virtually unlocked, you have to ask what line of thought is crossing their minds. When my neighbor's door is unlocked, should I enter it and steal their TV because I think someone else is bound to do it instead?

Re:Line of criminal thought

[TheCount22]

It has been said that criminals try to rationalize their crimes often times by thinking that they are just playing by the rules of life, even if its not the rules of society. An example would be a car thief who finds a car unlocked in downtown New York. They might steal the vehicle and rationalize it as a sort of "finders keepers", where if they didn't steal it, someone else would come along and steal it instead. "If I don't, someone else will, so I might as well benefit". You might say that is a ridiculous assertion to make, but if you found a $50 laying in the parking lot, you would probably pick it up and keep it thinking that someone else would take it if you didn't, and any hope of the original owner finding their missing $50 is a lost cause.

So when someone does virtual breaking and entering because the virtual back door was virtually unlocked, you have to ask what line of thought is crossing their minds. When my neighbor's door is unlocked, should I enter it and steal their TV because I think someone else is bound to do it instead?

While I don't condemn what these guys are doing. I have to admit it does make me smile every time Sony gets hacked. A bit like seeing a bully failing a math exam.

Re:Line of criminal thought

[ecorona]

A court of law does not decide whether something is ethical or not. It only decides whether something is legal or not. Corporations have a huge influence on what becomes "legal" and as such, get away with things a lot of people consider unethical (e.g. removing a linux install option from the PS3 after it was bought and paid for or making it illegal to open and modify a piece of electronic equipment after it is purchased). Assuming the neighbors is just a regular neighbor and never fuked you over the same way SONY has, then it is an improper comparison to make.

Re:Sony company culture of indifference won't chan

In many ways, the MPAA has lost. We have to keep in mind what they were really trying to hold on to, the same old way of doing things. They have lost that battle, have been forced to change and are slowly doing so. It isn't that Kazaa or Napster or any one thing caused it, nor that it was some kind of unified (or righteous) movement. It was a bunch of factors mixed together. Their rigidity and shortsightedness being the largest culprit.

Basically, the MPAA has been forced into a change they should have been making anyway.

I see the same thing going on here, actually. There are multiple things going on, on different levels, simultaneously. The main thing going on here is this: "lulz", Removing a promised functionality from a device. Telling Sony to stop doing business the way it has. People are fed up.
Remember the timeline of what has transpired here.
1.) Sony removes OtherOS option from PS3. A gaff. A small number of people bought the PS3 for this feature alone. They were forced into either a) upgrading firmware and losing said ability in order to keep using the console for games, etc. or b) buying ANOTHER ps3. Basically, they fucked over some people (not new for Sony).
2.) Communities of customers begin seeking a way to return this functionality (one that was a selling point for many and one that shouldn't have been removed in the first place.) No big deal, no one really cared.
3.) GeoHot gives people back the ability to do this. Again, not many people cared. Except Sony.
4.) Sony opts for the unpopular and morally wrong thing to do - sue (bully) GeoHot. A major gaff. This outrages people even further AND does nothing to fix the problem of this workaround. People who didn't previously care, now care a lot.
5.) Now that their customers have been pissed on multiple times, some of them decide to piss off Sony.
6.) They decide to perform a DDoS and to bit of a nuisance to Sony. ("lulz" ensue)
7.) Once they do this, someone decided to perform a SQL injection. (fuck it!)
8.) From this, according to them, they got access to EVERYTHING. Also, according to them, they are shocked and appalled. According to them, they decide to expose this negligence on the part of Sony in order to warn its customers. ("lolholyshitwtfbbq - guize, look!")
This also
A) embarrasses Sony ("lulz")
B) gains the attention of mass media ("lulz")
C) gets various figures up in arms about some (non-existent) "dangerous hacktivist group" ("lulz")

As for the customers whose data has been compromised or released, it is an unfortunate side-effect; collateral damage, if you will.

In the process, a couple of valuable and enlightening things have been learned by many parties:
1) Sony has shitty security. - This is news to many people who had assumed that Sony would be pretty safe to deal with, being such a large company. Surprising, a bit unsettling, but somewhat forgivable being that corporations often look to cut costs. For those with some knowledge it is disturbing in and of itself since they aren't PCI compliant. This may be illegal (criminal) in some states. (AFAIK there is no federal law regarding PCI compliance).
2) Sony keeps customer data in the clear. - (I am glad I'm not a customer. - They REALLY must not care about their customers). Not only is this not PCI compliant it is JUST STUPID. It also has me convinced (along with everything else, including their history of rootkits, etc..) to NEVER be a customer of Sony.
3) Sony is a bully who either hates its customers, or doesn't want them anymore.

As for the release of the customer I see it as a positive, not a negative. Those who have had their data compromised can now know this for certain, see it in black and white even, and take appropriate action to protect themselves from possible wrongdoing. Besides, who knows whether or not this data had already been compromised? Apparently, it was trivial to do so and thus it would not surprise me if it had already been compromised before all of this. No one would have known this had

Re:SONY SUCKS

[TheCount22]

Big List of Sony's Crimes
===================
- Totally sucking balls

No comment.

- Being an oppressive, money sucking super-organism

To be fair a business is there to make money.

- Crash Bandicoot

What?

- Installing rootkits and spyware on your computers, as a sadistic form of DRM

I have to agree that seems insanely unethical, disrespectful and criminal.

- Violating the GPL

Also illegal and insanely disrespectful to the people giving their work for free.

- Violating your mom

If my mom was writing GPL code or had Sony rootkits installed on her PC I would agree.

- http://en.wikipedia.org/wiki/List_of_Sony_Music_Entertainment_artists (With the exception of R.Kelly, clearly awesome dude)

No comment.

- Disc Read Error

Not relevant.

- Having a superior console

"Had" I think is the word you are looking for. Still having a BD player and Linux support did make it superior in my view at the time.

- Including OtherOS in the first place

Yes I agree with you 100%! They shouldn't remove features after a unit has been sold.

- Etc...

Comedic?

[YesIAmAScript]

Posting people's emails and passwords?

It's not comedic. These people are stealing user info and posting it and you say Sony looks like arrogant nincompoops?

Uh-huh.

regardless, it's a major breach, again

[dutchwhizzman]

No matter who you're calling the asshats here, it's a major breach. Sony may have been bad. They may or may not deserve the wrath of a group of "hackers" for whatever reason. The "hackers" may act irresponsibly. The fact is and remains that for some reason the security of multiple large Sony websites is not up to standard. If anything, Sony should be treated as an "insecure area" of the Internet until they have proven they have had a redesign and implementation of their entire Internet presence. As long as they are treating these hacks as incidents, they will get hacked again and again.

Re:The hackers will be punished. Severely.

[Tolkien]

Sony has been begging to be smacked around by mob justice for a LONG time. Now it's finally happening. I say good.

Thank you, exactly

[unassimilatible]

This criminal organization LulzSec hurt the end user. Isn't that what the Slashdot crowd claims to be for? LulzSec exhibited utter lawlessness that, if perpetrated by Sony or Apple or Google or the Department of Homeland Security, it would have all the supposed Slashdot "Libertarians" howling. Read my sig for more details.

I can't believe how many people here are defending the action of LulzSec (not the hack, the posting of info, utterly and completely indefensible).

This is very "dog bites man".

[91degrees]

Sony hacked again is getting so old it's becoming non-news. Perhaps Slashdot should only report when Sony isn't hacked.

Re:Sony company culture of indifference won't chan

[ommerson]

This is currently getting coverage on the front page of the BBC News website - both the domestic and international front pages - ( http://www.bbc.co.uk/news/ and http://www.bbc.co.uk/news/world/ respectively). Coverage doesn't get much more mainstream than this.

Re:Sony company culture of indifference won't chan

[Risen888]

Are you kidding? The MPAA has lost. The RIAA has lost. They're gonna kick a little more on the way down, but that ship has sailed.