Sony Compromised, Again

Konsalik writes "The hacker group LulzSec on Thursday posted information it took from Sony Entertainment and Sony BMG on its site, called the LulzBoat. Lulz Security said it broke into servers that run SonyPictures.com. The information includes about a million usernames and passwords of customers in the US, the Netherlands and Belgium and is available for download and posted on the group's site."

I wonder if the hackers would stop..

[Barrinmw]

...if sony came out and apologized for being asshats and promising to never do it again.

Re:I wonder if the hackers would stop..

[MarkvW]

I certainly wouldn't hold Sony to a promise that was extorted from them.

Re:I wonder if the hackers would stop..

[Labcoat+Samurai]

If the point of the hack is just to embarass Sony, they don't need to post customer information on their website. That is potentially hurting real people who are not responsible for Sony's activities. And no, paying for a Sony product does not make you responsible for their activities, particularly when it's you, the customer, who generally gets screwed by such activities.

That's like exposing a wife beater by publishing the names and addresses of all his past wives.

Re:I wonder if the hackers would stop..

[arth1]

I think what the GP was suggesting would be if Sony, on their own, came out and apologized for being so negligent. Of course that will never happen.

It wouldn't be enough. At this point, I would want Howard Stringer fired (not allowed to resign, but actually fired) before I would consider buying Sony again.

And this from someone who at present has:
1 Sony HD TV
1 Sony high-end Receiver
1 Sony low-end Receiver/DVD combo
1 Sony BD player
1 Sony LocationFree
3 Sony Laptops
1 Sony PDA
1 Sony PSP
1 Sony CD Walkman
and lots of less expensive Sony stuff.
This revenue stream has now stopped, and yes, it will take Stringer's head on a platter before I would consider Sony again, or stop telling friends and family to avoid Sony like the plague. Else, they;re not taking this seriously, and then I will reciprocate that and not take Sony seriously.

Re:I wonder if the hackers would stop..

[MimeticLie]

Sony is a big company with a lot of activities, and not all of them are objectionable.

Given their poor hardware quality, rootkits, data breaches, exploding batteries, inventing fake movie critics, removing advertised features, obnoxious viral marketing, spying on environmental activists, being seen as one of the two worst companies in America, and whatever else I couldn't think of off the top of my head, I'd say "most" rather than "not all".

Re:I wonder if the hackers would stop..

[aeoo]

Forget about shoulds and look at reality. I'm talking about responsibility and how it works.

For example, I think that the water should be dry, and when I step into it, I am not responsible for getting wet on the account of my "should" thinking. Does it work like that in reality? No, it does not.

Ask yourself: can customer behavior patterns influence the direction of Sony as a corporation? For example, can a boycott influence Sony's attitude at the executive levels? I think the answer is that a real boycott does have such an ability. So to the extent customers have the ability to influence corporate behaviors, the customers become responsible for exercising that ability with due diligence.

At the same time, does Sony need to wait to get boycotted in order to improve their behavior? Of course not. What does this mean? It means Sony holds a primary proximate responsibility for their own behaviors. Sony executives have more influence over what Sony does than do all the Sony customers put together. At the same time, the amount of influence the Sony customers have is not zero.

So this is a correct and balanced way to understand responsibility. Responsibility is always commensurate with the power you have to influence something. The more power, the more responsibility you have. And our or your power can get as low as epsilon, but never absolute 0. So we always have some responsibility for everything, however tiny it may be.

So it's not "all like this" or "all like that." The reality is somewhere between what you're talking about and what your opponent is talking about. I would say Sony has about 70% responsibility to govern its own behaviors in a moral way and all the customers put together have about 30%, roughly. You can even see it as a 50/50 split, but you have to remember that the customer side of the 50 is shared out among all the customers, while the Sony side is concentrated in the hands of the very few powerful executives.

Re:I wonder if the hackers would stop..

[similar_name]

I just want to be sure I understand your point. Unless something personally affects you you don't care? Most people feel this way? That does explain a lot about the world.

Re:I wonder if the hackers would stop..

[man_the_king]

Ah so you guys (similar_name and TheCount22) take issue with him not caring about something that didn't affect him personally - yet you were okay and did not take issue with the hundreds of /. users who DID NOT CARE about the millions of PSN users and were jubilantly cheering the PSN hack - precisely because they were not affected. And wanted too much for Sony to fail, even if that was the expense of millions of people.

Hypocrisy - look it up.

Re:I wonder if the hackers would stop..

[causality]

Ah so you guys (similar_name and TheCount22) take issue with him not caring about something that didn't affect him personally - yet you were okay and did not take issue with the hundreds of /. users who DID NOT CARE about the millions of PSN users and were jubilantly cheering the PSN hack - precisely because they were not affected. And wanted too much for Sony to fail, even if that was the expense of millions of people.

Hypocrisy - look it up.

There's no hypocrisy there because it's not really injustice. More generally, not everything unfortunate is an instance of injustice. Not everything preventable is an instance of injustice.

Corporations are like the political status quo. It exists the way that it is until people are actually prepared to do things differently. Sony can conduct its business practices because customers continue to reward it with money. By making sure there are no financial repercussions attached to undesirable business practices, those customers are at least as responsible for the corporate culture at Sony as its management team. You could even argue that management is merely giving the customers what they want.

The only reason why Sony has millions of customers who worry about this hack is because they continued to patronize Sony so long as Sony's faults didn't personally make them suffer. Finally, Sony's faults make them suffer. Now some of them start to get the idea that it's not so easy to overlook when it happens to them personally. They may start to think that other complaints they have heard suddenly have merit. Cause, meet Effect.

It's too bad the mainstream level of awareness is so thick-headed; it is not sharp and agile and independent. It requires some kind of charismatic leader to honestly explain these things; the people who could pull that off make more money by doing the opposite. Masses of people take too long to figure out that what they're supporting is not acting in their interests. It's a shame they often insist on learning this the hard way after ignoring many warning signs.

Here's the part that even those with the very best of intentions may not understand: as crazy as it is, they are choosing this and it is not my place to tell them how they should choose or what lesson they should need to learn. They are getting what they are choosing and that's why there is no injustice. If that is to change, they would need less insulation between their decisions and the consequences they experience, including less misguided sympathy.

They are not victims because victims don't get to choose. What they're really missing is a sense of personal responsibility and with it, an understanding of cause and effect that doesn't come from pointing fingers or playing blame games.

Whether or not some Slashdotter's personal feelings include delight in the notion of Sony failing is a petty concern. It can distract you from a deeper appreciation of the issue.

Re:I wonder if the hackers would stop..

[ianare]

This is a very similar argument to the one Bin Laden used to (partly) justify the 9/11 attacks, and other attacks on civilians. It goes something like this : because America is a democracy, its citizens have a direct responsibility for the actions their government takes, and attacks on civilians are justified as retaliation for years of American imperialism and belligerence.

It's true that the US government has acted aggressively towards Muslim countries, and that its policies in many parts of the Muslim world are viewed as neo-colonist. It's also true that US citizens elect their government officials. It does not, however, justify terrorist attacks, and the people that have been killed or injured in these attacks are certainly victims, for the simple reason that the mass murder of civilians can NEVER be justified, for any reason. I think we can all agree on this ?

So Sony has acted in ways which are anti-consumer, and this for years without most of their customers knowing or caring. Now Sony gets hacked and millions of their customer's details are stolen and exposed, and this is somehow the customers' fault for having chosen Sony ? Sony's customers are simply victims caught in the crossfire of two opposing, and equally immoral groups.

People are just blind...

[Frosty+Piss]

Groan...

Certainly Sony has some major responsibility here...

But when will people stop trusting the Intertubes security implicitly and just blindly dumping all their personal info into various "secure" web sites and Internet connected systems?

People are just blind...

What are they trying to prove at this point?

[Derekloffin]

That the hacking community has 0 sense of morality at this point? That is more and more the impression I'm getting. This isn't going to help. If anything it is going to be more fuel to the camp that wants our governments to have insane legal powers to combat this stupidity.

Re:What are they trying to prove at this point?

[captaindomon]

But they aren't crimes against a faceless corporation in this instance. This is a crime against thousands of individual humans who just had their credentials stolen and published.

Re:What are they trying to prove at this point?

[kaffiene]

Case in point - I've been pro open source, anti IP laws, anti harsh pirating / copying fines for a very long time. I'm pretty liberal and I don't like big corporations. But this shit just pisses me off. They don't like Sony so they fuck over the services that millions of paying customers are using and expose all their personal details? What a pack of pricks. That ain't cool, that's fucked up and selfish.

Re:What are they trying to prove at this point?

[node+3]

Sony continues to be a target because Sony refuses to learn its lesson. And make no mistake, that lesson is about the consequences of abusing your customers, not about network security.

And what lesson is that? There are legitimate, legal, recourses is Sony did anything wrong. Shit, they didn't even do something that even 1/10th of 1% of their users even knew about, let alone had any expectation of ever using.

Seriously, walk up to anyone on the street, ask if them they have a PS3, then if so, ask them if they either:

A. Knew was "Other OS" was.
B. Ever used it, or had plans to.

If it was something Sony needed to "learn a lesson" over, it would have resulted in loss of market share. All this really is is a bunch of juvenile criminals who think they have the right to do whatever they want. I can only imagine how sad their lives must truly be to think this as some kind of moral crusade.

Re:What are they trying to prove at this point?

[arth1]

So..... If your car manufacturer (this is /. after all) removed the tow point on your car when you had it in for service, without giving you a choice, it would be fine with you? After all, only a tiny fraction of drivers would know about it, and even fewer use it...

See http://en.wikipedia.org/wiki/Argumentum_ad_populum for why your argument is bullshit.

Re:What are they trying to prove at this point?

[Charliemopps]

Lets just say that the hacking community has exactly the same sense of morality that Sony does.

Annoying..

[laxguy]

Personally I'm pretty tired of hearing this shit.. at this point is it really even worth the effort? SQL injections? Script-kiddies leeching off of unsecured websites.. this shit happens every day. Any else suspicious about the line "said that the group has more, but can’t copy all of the information it stole." Why can't they copy all the data? Probably because the "hack" wasn't as big as they want everyone to believe.

Do they have a choice?

[saikou]

In most cases people don't really have much choice.
You go to register to do something, and marketing department demands that registration form has a mandatory City, Address, Zip, blah blah, whatever their data appetite demands (and probably with data validation too, so doing New York, Blah Street, won't work).
Sure, some people will stop right there. But if "free" thing you gain access to by filling out registration form seems compelling enough, people will fill in the address.
And only a few of them will be clever enough to give some other (easily remembered, in case of site's trickery) address.
That data will live in archive forever, because marketing will never ever allow deleting anything.
Until it gets stolen (heck, probably afterwards too, but there will be a marketing blurb about being very secure, tested daily for hacker intrusions and stuff like that, wash, rinse, repeat)

Sony company culture of indifference won't change

[Lead+Butthead]

Sony company culture of indifference won't change over a few hacks. It may have made them look stupid (and that's got to hurt their ego) but ultimately the data being lost doesn't contain those of their officers, and frankly I don't think Sony gives a flying f_ck what happens to their customers (as demonstrated by rootkit) or their rights (demonstrated by repeatedly removing features from products and lied about it despite being caught lying.)

Re:Sony company culture of indifference won't chan

[quickgold192]

Yeah, this'll hurt them like Kazaa hurts the MPAA - it won't. In fact, it'll more likely lead to the govt giving more public companies "emergency" legal powers to smack down anyone they suspect of being against them. Especially since today CNN had a "are your passwords safe online? Are YOU safe online?" special earlier today.

Re:Sony company culture of indifference won't chan

[brainzach]

The hackers don't give a flying fuck about the customers either by releasing all their personal information on the Internet.

If they really cared about the customers, they would have released the information to a trusted 3rd party to verify instead of to the public. They decided not to do that because they knew releasing it to the public would cause a much greater financial loss to Sony at the expense of its customers. The Hackers have no moral high ground here.

Line of criminal thought

[JimboFBX]

It has been said that criminals try to rationalize their crimes often times by thinking that they are just playing by the rules of life, even if its not the rules of society. An example would be a car thief who finds a car unlocked in downtown New York. They might steal the vehicle and rationalize it as a sort of "finders keepers", where if they didn't steal it, someone else would come along and steal it instead. "If I don't, someone else will, so I might as well benefit". You might say that is a ridiculous assertion to make, but if you found a $50 laying in the parking lot, you would probably pick it up and keep it thinking that someone else would take it if you didn't, and any hope of the original owner finding their missing $50 is a lost cause.

So when someone does virtual breaking and entering because the virtual back door was virtually unlocked, you have to ask what line of thought is crossing their minds. When my neighbor's door is unlocked, should I enter it and steal their TV because I think someone else is bound to do it instead?

Comedic?

[YesIAmAScript]

Posting people's emails and passwords?

It's not comedic. These people are stealing user info and posting it and you say Sony looks like arrogant nincompoops?

Uh-huh.

Re:The hackers will be punished. Severely.

[Tolkien]

Sony has been begging to be smacked around by mob justice for a LONG time. Now it's finally happening. I say good.

Thank you, exactly

[unassimilatible]

This criminal organization LulzSec hurt the end user. Isn't that what the Slashdot crowd claims to be for? LulzSec exhibited utter lawlessness that, if perpetrated by Sony or Apple or Google or the Department of Homeland Security, it would have all the supposed Slashdot "Libertarians" howling. Read my sig for more details.

I can't believe how many people here are defending the action of LulzSec (not the hack, the posting of info, utterly and completely indefensible).