Anonymous Claims To Have Hacked Sony PSN Again

hypnosec writes "Anonymous has claimed a new attack on Sony's PlayStation Network, and this time around it seems they have information from nearly 10 million user accounts. As a proof of the hack they dumped more than 3000 credentials online in the form of a pastebin post. The notorious hacktivist group is claiming that the entire set of hacked credentials contains over 10 million PSN accounts and that the file is of around 50GB." Update: 08/16 13:12 GMT by S : Sony has denied this claim.

Why do people still use Sony

Why are people still using Sony? They have done so much evil and have clearly shown that they don't care about protecting their users/customers.
Do people really like to be abused that much?

Re:Why do people still use Sony

[Theophany]

http://www.vgcats.com/comics/images/110427.jpg

Re:Why do people still use Sony

Yeah, Blizzard ftw.

Re:Why do people still use Sony

[rvw]

Exactly what evil has Sony done pretty please?

They invented My First Pony!

Re:Why do people still use Sony

[Vanderhoth]

I don't think there's enough space to list everything here.

Off the top of my head we can start with rootkit CDs, locking users out of their PSN accounts and denying them products they've already paid for, removal of the Other OS and poor security.

Re:Why do people still use Sony

[andydread]

erm.. how about installing rootkits on people's computers disabling their CD drives in the name of "stopping piracy" then having the arrogance to claim that "people shouldn't worry about it, most of them commoners don't even know what a rootkit is so why all the fuss?" How about bankroling some of the most Draconian censorship laws for the Internet? PIPA, SOPA, ACTA, DMCA, PROTECT-IP all bankrolled and lobbied for by Sony and friends. Not to mention their relentless attempts to proprietize media formats. But wait... there's more! They sell you a device then remove features that you paid for after the fact then changed their EULA so that if you cannot sue them when they screw up. And this is just the tip of the iceberg. Sony used to be a good company when they only made hardware. The day Sony got into the content business is the day Sony went sour.

Re:Why do people still use Sony

[Anrego]

Depends on which people you are talking about.

The public at large doesn't give a shit about this kind of thing, which isn't really all that unreasonable. The slashdot crowd is very privacy/security conscious.. the general publis is not. Lest we forget when the network was hacked the first time around, the biggest, loudest complaint was not that CC info was leaked, along with personal details, but that the network was down and people couldn’t play the games they paid for.

Even the rootkit thing. Again, the biggest reaction from the general public, even with all the news coverage, was “well that was naughty of them..”.

Almost all companies are evil. Sony happens to be evil in a way that is perceived as particularly bad by the Slashdot community, but perceived as status quo by the general public.

And of course, even if everyone that even remembers the rootkit thing stopped using Sony for the rest of their life and recommended to all their friends that they do the same, wouldn't make a dent in the profit statements. Which means they don't care about us either!

Re:Why do people still use Sony

They invented My First Pony!

And now, a conversation between Anonymous and Sony; I'm just not sure who's who. (Oh, wait, now I'm sure. How could I have forgotten P for Pinketta :)

Re:Why do people still use Sony

[Stan92057]

I use Sony because i love gaming and Sony makes great machines and great games are made for Sony. I don't store any banking info for anywhere i have bought stuff on the internet because no one can be trusted. So even if they do get into my account there's nothing there to steal. No internet business can be trusted none

Re:Why do people still use Sony

I use Sony because when I play a game online I don't like being called a f****t n****r by ignorant dolt. Say what you will but every time I'm at my friend's playing on his xbox people are making racist and out of line comments, whenever I play at home on my PS3, I don't hear that most of the time.

Re:Why do people still use Sony

[Caerdwyn]

So to punish Sony for hurting their customers, Anonymous hurts Sony customers. But Anonymous is stealing credit card info for YOUR benefit!

Good going, guys. Way to take the moral high road and to convince the public to support you. What's next, scrambling blood types in breached medical records databases to teach insurance companies a lesson with dead patients, so you can portray yourselves as Robin Hoods with a pile of bodies?

Re:Why do people still use Sony

That's because people are stupid, people buy CDs they buy TVs and they buy game consoles, they don't usually care about what brand they're buying from!

Now if this were true

if everyone that even remembers the rootkit thing stopped using Sony for the rest of their life and recommended to all their friends that they do the same

It would create a noticeable impact on their profits actually. But then, people are too stupid to care. Try weaning them off 'America's Got [No] Talent!' then we're talk.

Re:Why do people still use Sony

[CodeHxr]

...But Anonymous is stealing credit card info for YOUR benefit!...

Where does TFA state that? Anonymous didn't mention anything about credit card info that I was able to see. Maybe its been modified in the time between when you read TFA and when I read TFA. Oh... wait...

Re:Why do people still use Sony

[Charliemopps]

The last hack... that resulted in us finding out they basically had no security at all.
The Rootkit DRM
Price fixing of CDs
Everything SOE (their subsidiary) has done since they bought Verrant has been pretty evil.

Re:Why do people still use Sony

[gman003]

The public at large doesn't give a shit about this kind of thing, which isn't really all that unreasonable. ... Lest we forget when the network was hacked the first time around, the biggest, loudest complaint was not that CC info was leaked, along with personal details, but that the network was down and people couldn’t play the games they paid for.

Indeed. I made the mistake of answering "because Sony is evil and deserves it" to a comment "Why?" on the Kotaku forums.

That started off a rather nasty flamewar, but most of the counter-arguments boiled down to:
1) Accusing me of being an XBox fanboy (which apparently invalidates your opinions). They also often said that hackers must also be Microsoft fanboys, as Microsoft never gets hacked and they're "just as evil" as Sony.
2) Accusing me of being a troll ("obvious troll is obvious" was said at least once without a trace of irony)
3) Saying that the only people being hurt are Sony's customers, not Sony themselves (somehow not realizing the implications - if customers keep getting attacked, they aren't likely to continue being customers)
4) Saying that nobody ever used Linux on the PS3 and that Sony was 100% justified in removing it

And in one memorable case, bringing up Hitler, trying to minimize Sony's "evilness" by comparing it to that.

So no, none of "the general public" consider anything Sony does to be evil. They could probably kill a few people and people would care more about whether they can play their Final Fantasy XIII-2 DLC or not.

Re:Why do people still use Sony

I, for one, am grateful for Gawker.

http://v.cdn.cad-comic.com/comics/cad-20110209-69cc4.jpg

Re:Why do people still use Sony

So to punish Sony for hurting their customers, Anonymous hurts Sony customers. But Anonymous is stealing credit card info for YOUR benefit!

Good going, guys. Way to take the moral high road and to convince the public to support you. What's next, scrambling blood types in breached medical records databases to teach insurance companies a lesson with dead patients, so you can portray yourselves as Robin Hoods with a pile of bodies?

Uh, YES. Duh. In fact, that sounds like a great idea. We'll get some of our operatives on it right away and...

Wait, hang on, someone's trying to tell me something.

Oh, that's right, almost forgot. Yes, so long as it doesn't affect ME. Other than that, fair is fair. Go inevitable over-regulated destruction of the internet!

Re:Why do people still use Sony

[Vanderhoth]

I'm sorry, where was I defending Anonymous?

1) I was stating several events where Sony had done something "Evil". Don't confuse disdain for Sony as approving of Anonymous actions.
2) I have a PS3, although I haven't used it since the Other OS fiasco, I'm affected by this.
3) No where has anyone said Anonymous has credit card info, there's a difference between Credentials and Credit Card info

Re:Why do people still use Sony

[Bill_the_Engineer]

Off the top of my head we can start with rootkit CDs, locking users out of their PSN accounts and denying them products they've already paid for, removal of the Other OS and poor security.

Is this evil? It looks like S&M between two consenting individuals, since people know about Sony's propensity for heavy handiness and yet they still pay them money for it and seem to find pleasure from it.

It's disturbing when you really think about it.

Re:Why do people still use Sony

And of course, even if everyone that even remembers the rootkit thing stopped using Sony for the rest of their life and recommended to all their friends that they do the same, wouldn't make a dent in the profit statements. Which means they don't care about us either!

If you'd take the time to look at Sony's financial statements, you'd see these mis-steps (and mediocre, overpriced products) ARE hurting them financially. Their profit is sucking wind, and their stock has lost 2/3 of its value in the past two years.

No way around it, losing your customers data and getting a privacy black eye hits your bottom line.

Re:Why do people still use Sony

[X0563511]

I... don't think you understand how these Anonymous guys work.

They are doing it for no benefit except themselves. Because they want to see Sony burn, in this case. Just because they might be attacking someone you don't like doesn't make them your ally.

Re:Why do people still use Sony

[repvik]

There was no hack. This is the same credentials list, posted in march: http://pastebin.com/hhU8Q9di

Re:Why do people still use Sony

[Type44Q]

Way to take the moral high road and to convince the public to support you

Support who, exactly?? (Someone must have missed the point of point of why someone else would act... anonymously?!) :p

Re:Why do people still use Sony

[ilikenwf]

...and SOE killed Star Wars Galaxies....don't get me started...although, for Pre-CU fans, there's SWGEmu, and for final publish fans (NGE), there's ProjectSWG...

Re:Why do people still use Sony

[Vanderhoth]

I guess it depends on your definition of evil. I wouldn't say the things they've done in the past were good. I've never bought music CDs so I wasn't graced with their rootkit treatment. I did buy a PS3 because 1) I owned the previous generations and had lots of games and 2) I'm a software developer and planned on using the advertised Other OS feature. Nearly five years after I bought the PS3 and had made good use of the Other OS feature they underhandedly removed it after saying they had no plans to do so.

I didn't enjoy that, so I would say it was an "evil" act, but I have learned my lesson and won't be buying anything made by Sony again.

OH!!! but as the fanbois say, they didn't force me to give up the Other OS feature. They gave me a choice, either I gave up my PSN account (and all the games I bought there), the ability to play blu-rays and new games or I could give up the Other OS, which I was using for semi-work/semi-personal usage. I chose to give up the PS3 altogether.

Re:Why do people still use Sony

As a whole they are doing poorly.

The entertainment division is actually on the upswing..

Re:Why do people still use Sony

[Anrego]

Last time I checked, the entire company was losing money, except the divisions where these privacy "black eyes" occured. The entertainment side of the business which was doing quite well, it was mainly the hardware side that is losing which isn't tied at all to the various evils we all talk about.

Re:Why do people still use Sony

[MikeBabcock]

The proper response to a hack is a lock-out. Do you know anything about computer security? Sony did the right thing. linkedin did not, nor did Amazon, or dozens of other hacked companies in the last few years. Locking down everything, fixing the holes and then bringing it back online is the right response.

They also gave away lots of value in free games and services as an apology afterward.

Re:Why do people still use Sony

[MikeBabcock]

You know that until recently, Sony Music (who makes those CDs) has almost nothing to do with SCE* which distributes the PS3, right?

Also, the Playstation allows ripping of music from CD and then transferring it to a USB device without hassle -- obviously not the same attitude as Sony Music, but keep the blinders on if you want.

Re:Why do people still use Sony

Between proprietary media and proprietary cables with proprietary connectors, I'd say yes. I love my PSOne and PSTwo. Fortunately, neither are connected to the Internet (of which the PSOne by virtue of lacking both a NIC and modem).

Re:Why do people still use Sony

Sounds like you were arguing with a true intellectual! Using ad hominems, saying that ripping off a few people is okay because most people weren't ripped off, and claiming that as long as you don't murder millions of people, nothing you do can possibly be considered evil! The arguments they used are genius!

So no, none of "the general public" consider anything Sony does to be evil.

Hopefully that person wasn't representative of the general public. But given all the fallacies they spewed forth and their lack of critical thinking skills, I'm tempted to say that they are...

Re:Why do people still use Sony

[lordofthechia]

You forgot The Lik Sang saga . Sony shut down the hardware importer Lik Sang because they were importing PSPs (when they were new) from Japan for sale in Europe. On what basis did Sony Sue them? They sued them by claiming that Lik Sang was selling devices that were "unsafe" in Europe. They also sued them from different countries in different languages. Lik Sang could no longer afford to defend itself and thus folded.

Re:Why do people still use Sony

[andydread]

Yeah? Will the Playstation allow you to rip DVDs and BlueRays? just wondering.

Re:Why do people still use Sony

[kelemvor4]

Why are people still using Sony? They have done so much evil and have clearly shown that they don't care about protecting their users/customers. Do people really like to be abused that much?

Perhaps because there's not a great alternative available? If you like console gaming, then there's Sony, Microsoft, and to a lesser extent, Nintendo. I certainly wouldn't consider Microsoft any less evil than Sony. Nintendo, maybe - but their consoles aren't really the same thing as the similar 360/ps3... I guess people could give up console gaming entirely, but to just gripe that Sony is evil is a bit narrow sighted. Personally, I prefer PC gaming.. however at the moment that still means either playing old games on a wine based setup or using MS.

Re:Why do people still use Sony

[Vanderhoth]

I wasn't talking about being locked out of PSN because of the security issue. I was talking about "Either you update your firmware and get ride of the Other OS feature, or no (new games, BluRay, or PSN) access for you".

I made good use of the Other OS before my wife and cousin accidentally updated my system after they rented a BluRay that forced a system update so they could watch it.

But effectively I was told if I didn't get ride of the other os I could not access my PSN account and the games I had bought on it. Either way it was a lose-lose for me.

Re:Why do people still use Sony

[captjc]

Welcome to the Internet.

1) Accusing me of being an XBox fanboy (which apparently invalidates your opinions). They also often said that hackers must also be Microsoft fanboys, as Microsoft never gets hacked and they're "just as evil" as Sony.
2) Accusing me of being a troll ("obvious troll is obvious" was said at least once without a trace of irony)

As much as I would like to think otherwise, in my experience 90% of people who comment on video game forums are fanboys that will vehemently defend their platform of choice or are fanboy trolls baiting said fanboys. Make a comment contrary to the opinion that Sony is a benevolent gaming god that only brings joy and smiles to the world and you will be labeled an Xbox fanboy and told to GTFO. Attack Nintendo and you're a Sony fanboy. Attack Microsoft and you are an Apple fanboy, etc.

Answering the question of "Why?" with "because Sony is evil and deserves it" it's not hard to understand why you were labeled a troll and a fanboy.

3) Saying that the only people being hurt are Sony's customers, not Sony themselves (somehow not realizing the implications - if customers keep getting attacked, they aren't likely to continue being customers)

Here is the thing, who do you think is being hurt more, some poor schmuck who wanted a few games and a blu-ray player having their information posted online or some large multinational multi-billion dollar conglomerate that could lose their entire video game division tomorrow and still be raking in billions from other avenues of sale.

4) Saying that nobody ever used Linux on the PS3 and that Sony was 100% justified in removing it

Yes it was a shitty thing to do, but if you really think that that was a major draw for the system then you are sadly mistaken. If you really bought a PS3 to run Linux on, there are many better and probably cheaper devices that can run Linux. Many of them come with Linux preinstalled and some of them can even connect to an HDTV as well. However, if it is that much of a concern there are other options available such as hacking the device or not upgrading the firmware. There are consequences to those routes, but it can be done.

And in one memorable case, bringing up Hitler, trying to minimize Sony's "evilness" by comparing it to that.

Again, Welcome to the Internet!

So no, none of "the general public" consider anything Sony does to be evil. They could probably kill a few people and people would care more about whether they can play their Final Fantasy XIII-2 DLC or not.

First, the Kotaku forums are not indicative of "the general public," they are indicative of the endless wars between fanboys and random gaming hobbyists who like wasting time on Kotaku. However, when one has invested hundreds if not thousands of dollars in games and hardware, especially nontransferable goods like DLC and downloaded games, not many people can justify throwing it all away because a company is evil. Maybe this will keep some people from buying the next console but if you think that people are just going to abandon their investments en mass on principle then you are not living in reality.

Re:Why do people still use Sony

[viperidaenz]

Yes. The easiest way to not be affected by Anonymous is to stop being a Sony customer.
I fail to see where Anonymous has hinted they would move from financial impact to murder.

Re:Why do people still use Sony

[gman003]

That was actually about 30 different people, not just one.

Re:Why do people still use Sony

[Kartu]

So while I see Sony is "evil" I don't see why it is even remotely as evel as claimed on /.
Binding game to an account making it impossible to re-sell? Plenty of cases.
Using Starforce "rootkit" as DRM? Many companies.
Forcing player to stay online when playing in single mode? Yep, several companies tried that.
Dumping LAN play altogether? Yep, Blizzard did that.

PIPA, SOPA, ACTA, DMCA, PROTECT-IP all bankrolled and lobbied for by Sony and friends.

I'd say "and friends" is a key here. Somehow you want to make one company responsible for it.
Sony PS3 allows you to rip your CD and put it on MP3 drive, mind you.

Not to mention their relentless attempts to proprietize media formats.

Why not mention it? Last time I've checked people had to pay royalties for:

• Every CD, DVD, Blue Ray disk
• Every player of the mentioned devices
• HDMI port

It is a profitable business that's why nearly ALL companies try to do have their share. What makes Sony outstanding in this regard?

I own a Sony Walkmen MP3 player. It doesn't force me to install anything. It doesn't try to do any DRM crap. It can be used as USB drive. Oh, it even can play all files in a folder. That's quite contrary to what some popular music player from another company does.
I own Sony Reader (actually a bunch of them). It supports EPUBs, an open standard. None of them locks me in into particular store. I can get e-books from public libraries with it. Unlike with very popular product by some other company. All of them are easily modded with custom firmware to add more features. It was easy for Sony stop CFW from running on it (as Amazon did with Kindle), but they aren't doing it.

PS
Oh, and while we're at it, this seems to be bogus news.
http://www.tomshardware.com/news/Anon-Hack-PSN-Sony-Deny,16916.html

Re:Why do people still use Sony

[MikeBabcock]

That would violate the DMCA in the US at least as they contain copy protection systems, but you already know that.

Is that time of year already?

Nice job as usual, Sony.

Screw you, anonymous!

[Soluzar]

Those assholes really need to think about who they are hurting with this crap. It is the users, like me. I've got a substantial amount of PS3 games, both from PSN and retail. I just want to use them in peace without veing harassed by cyber-terrorists!

Re:Screw you, anonymous!

That's the thing about poor security, Anonymous isn't the only one that was able to access the credentials. Perhaps you should be wondering why Sony isn't storing your hashed password in a salted format -- it appears to be a SHA1 hash represented in base64. Who else had access to your information that didn't advertise it to the world, and for how long? That's where your concern needs to be.

Re:Screw you, anonymous!

[Xest]

Sure, and I want to live my life without Sony lobbying governments to fuck up the internet, but thanks to people like you giving them money I can't.

Besides, it's not as if Sony has a great track record of keeping your data safe so why do you keep putting it in their hands in the first place? Honestly, if a company can't notice 50gb of sensitive data flying out of it's network it has to have a pretty high degree of incompetence.

Re:Screw you, anonymous!

Those assholes really need to think about who they are hurting with this crap. It is the users, like me. I've got a substantial amount of PS3 games, both from PSN and retail. I just want to use them in peace without veing harassed by cyber-terrorists!

You support Sony with your money, you can't expect that you can just finance whatever crap you like and think that it won't come back and hurt you. (Unless you are one of the 1%, then you can obviously expect that.)
Sony is evil and you trusted your money to them. They, however do not care enough about you to protect your data properly. You should be thankful that it was Anonymous that got to your personal information first. If any other hacker group would have been there first then you would have been screwed for real, assuming that no other group was there first and Sony just did't want to tell you.

I hope you make a better decision next time you consider buying a Sony product.

Re:Screw you, anonymous!

[AmiMoJo]

You should be thanking Anonymous for making you aware of how poorly Sony is protecting your personal data. After all, if those guys can get in then I'm sure people who do it for more than just lulz can too.

Re:Screw you, anonymous!

[CastrTroy]

I'm sure that if you send the data slow enough, that it wouldn't even show up as a blip on their radar. 50 GB is nothing compared to the amount of data that goes over their networks. Granted, it would be braindead simple to make a completely segregated user login system from the systems which actually handle the game servers, and to make that system very secure, by only have it doing 1 simple thing, but they probably didn't do that.

Re:Screw you, anonymous!

[deadbeefcafe]

Some men aren't looking for anything logical, like money. They can't be bought, bullied, reasoned or negotiated with. They don't feel pity, or remorse, or fear.
And they absolutely will not stop, ever, until you are dead.^W^W^W^W^W^W^W^W^W^W^W
Some men just want to watch the world burn.

Re:Screw you, anonymous!

[Soluzar]

It's not as though I can exactly take my data out of their hands without depriving myself of the things I already purchased, is it? I'm effectively stuck with Sony, and Anonymous aren't helping the situation for me. Sony aren't exactly my favourite company in the world, but I was already into them for a big chunk of change before any of this idiotic nonsense by anonymous ever started or had reason to.

Re:Screw you, anonymous!

[Soluzar]

I'm not in the least thankful to anonymous. I'm angry at them for being at least twice as troublesome as most of the evil they claim to fight. They are petulant children who need to stop annoying people, now please. Or failing that, they could at least stick to Scientologists.

Re:Screw you, anonymous!

[Xest]

I guess it depends what country you are in. In the UK I think the repeated displays of ineptitude by Sony in holding your data secure would be grounds enough to be able to cancel your account and demand a refund for any content you would hence no longer have access to. The small claims court here is quite effective at dealing with those sorts of cases and the time/cost for using it is pretty low (£20 IIRC which you can claim back if you win). Many other countries have a similar thing.

Re:Screw you, anonymous!

[Soluzar]

Not. Thanking. Anonymous. As far as I'm concerned, they are assholes and petulant children who need a good spanking. I wish they'd grow up and start doing something different.

Re:Screw you, anonymous!

[Soluzar]

Sounds like anonymous to me. Sociopaths.

Re:Screw you, anonymous!

[jellomizer]

With a company as Big as Sony I wouldn't be surprised if there is a guy who Works there is part of Anonymous. Oh I need to do maintenance on the server today. While he is doing maintenance plugs in a USB Disk... (Heck an iPod or a Cell Phone could hold the data) and copies the data down.

And how Dare people who do not have the same political priorities and views of you not alter their lives to match you views. "Freedom for speech just as long as you are saying what I want to hear!!!"

Re:Screw you, anonymous!

You are so clueless that you don't even understand what Anonymous have done _for_ you. They have exposed the fact that your data was being held with security that was so weak everyone could come get it and peddle it on the black markets. Perhaps you don't mind having your data sold around like a cheap whore, just so long as you are left ignorant of it.

To make it perfectly clear, Anonymous didn't do anything to make your data insecure. Sony did that. Anonymous just demonstrated for you that Sony is doing that. That was a service to you.

Re:Screw you, anonymous!

[__aaltlg1547]

record of keeping your data safe so why do you keep putting it in their hands in the first place? Honestly, if a company can't notice 50gb of sensitive data flying out of it's network it has to have a pretty high degree of incompetence.

50 GB is nothing to data traffic on a game server.

Re:Screw you, anonymous!

[Soluzar]

I understand perfectly well. Anonymous fucked me over because they thought it was funny. They posted my details online. There is absolutely zero proof anyone else has hacked into the PSN.

Re:Screw you, anonymous!

You enjoy spanking children, huh?

Re:Screw you, anonymous!

So, by your logic, it is ok for someone to come along and kick in my front door just to show me how weak my door is? And I am supposed to thank them for kicking in my door?

Re:Screw you, anonymous!

[Soluzar]

Did I say I'd be the one to spank them? I believe that I did not. I said they need a good spanking. I did not add (though perhaps should have) that it should be from their parent, guardian or other authority figure in their life. It also doesn't need to be an actual, physical spanking. Taking away their computers for a month ought to be more than sufficient of a metaphorical spanking, and quite appropriate since they haven't learned to use them like adults.

Re:Screw you, anonymous!

[mellyra]

record of keeping your data safe so why do you keep putting it in their hands in the first place? Honestly, if a company can't notice 50gb of sensitive data flying out of it's network it has to have a pretty high degree of incompetence.

50 GB is nothing to data traffic on a game server.

Shouldn't an IDS primarily care about the structure and contents of the packets and not so much about the raw volume of data transferred?

Re:Screw you, anonymous!

[Caerdwyn]

Thanking Anonymous for stealing my credit card info to demonstrate Sony's/Stratfor's/whatever's poor IT practices is akin to thanking an arsonist for burning down my house to demonstrate that it's flammable.

There's not a shred of morality or good intention in Anonymous. None. They're vandals and thieves who never got over resenting authority figures when they were 13. Having the ability to run Metasploit against a video game host doesn't change the basic mindset.

Re:Screw you, anonymous!

[Xest]

"And how Dare people who do not have the same political priorities and views of you not alter their lives to match you views. "Freedom for speech just as long as you are saying what I want to hear!!!""

That's a rather ass-backwards way of reading the discussion. I simply made the point that I suffer when he funds Sony, so why should I care when he suffers for funding Sony?

I didn't say I expect him to change, I'm just saying don't expect sympathy when not changing comes back to bite you. It's a two way street.

Extrapolating that into a comment about freedom of speech doesn't make any sense whatsoever.

Re:Screw you, anonymous!

This may not apply to this, but I was curious what the $H$9 represented as it's the same for all the listed passwords, and I found this:

"The digit, 7 or 9, determines the number of times MD5 is called - 2 powered by (7+2) or 2 powered by (9+2); in other words, 512 iterations for $H$7 hashes and 2048 for $H$9 hashes.
P.S. In the hash $H$912345678XrPnr88MEJbtB3N4JTgfg/ the 12345678 string is salt.
P.P.S. The MD5(phpBB3).dll module supports hashes with any digit - 7, 9, or any other."

And also mention of it's used by phpBB3

Re:Screw you, anonymous!

[CodeHxr]

There's also zero proof that no one else has hacked into the PSN. Lack of evidence for an argument doesn't mean that the opposing argument will be true.

It's easier for me to take this stance, though. I dropped Sony many years ago for other unrelated ass-hattery, so I don't need to worry about any of this. The sooner everyone else drops them, the sooner they can sleep a little easier knowing that Sony can't hurt them any more.

Re:Screw you, anonymous!

And to make matters much much worse, they go and leak the whole lot onto some website rather than just telling Sony which is how you help users rather than hurting them. That is the difference between black hat hackers and white hat hackers. Anonymous just don't understand what the gravity of their actions entail on the rest of us, they should just stop until they get a fucking clue.

Re:Screw you, anonymous!

[DroolTwist]

Wow. You have all this anger for Anonymous, but nothing for Sony? This is TWICE this has happened. Recently. Given Sony's track record, it will probably happen two or three more times before they even assign someone to form a committee to select members for a another committee to start hashing out plans (pun intended) to see if there might be a problem with account security.

I can totally picture this happening to you: You give a security guard a bag of money and ask him to watch it. He sets it beside the chair he is sitting in and takes a nap. While napping, someone steals your money. You wake the guard up when you come back for it, and find out it is no longer there. You then rant and rave about the 'petulant children stealing stuff', then thank him and pay him for keeping it 'safe'. After all, it isn't his fault, right? It's those pesky petulant children!

Re:Screw you, anonymous!

[DigiShaman]

I just want a Blu-ray player that will access Netflix and play a few local games. I really wish Sony could de-couple their PSN account from my ability to use the PS3 and watch Netflix. But you can't because the Netflix app and firmware update require an account.

Apple TV would be perfect except for the fact Apple would never in a million years include a Blu-ray player (direct competition to their iTunes format). Of course, I could rip Blu-ray disks in Apple TV format from my PC using AnyDVD HD, Another EAC3 to GUI, and mkvmerge GUI. But, that would be illegal... Don't do it.

Re:Screw you, anonymous!

[Ginger+Unicorn]

cyber-terrorists

I strongly doubt this event has induced terror in you, or was intended to. Stop using the word "terrorist" as a scare word. I suggest "paedophile", it has more of a universal revulsion factor when trying to demonise people.

If you're going to criticise someone for something, criticise them for what they've actually done.

Re:Screw you, anonymous!

[Soluzar]

That's actually a perfectly reasonable point. I'm not convinced that you suffer when I fund Sony, but in principle it's a perfectly reasonable point.

Re:Screw you, anonymous!

[Soluzar]

I don't pay Sony anything for the safety of my data. Not a single unit of negotiable currency. I pay them for products I've purchased. That aside, yes I do actually blame the people doing the stealing rather than those who were stolen from. Funny that.

Re:Screw you, anonymous!

If you have a computer with a blue-ray player running iTunes an Apple TV can read the disc over the network.

Though really that's a pain in the ass, and if you're going to use a streaming box like Apple TV you may as well ditch the one disc per movie paradigm.

Re:Screw you, anonymous!

Why isn't sony storing them in a more secure way? If the banker left the doors unlocked and the safe open, you may get mad at the bank rober that took it, but don't you think you should be blaming the banker that failed to protect it?

Re:Screw you, anonymous!

[Xest]

I agree that any impact I suffer is probably fairly small, but there is impact all the same.

As I say, Sony is one of the biggest forces in the RIAA lobbying to take away internet freedoms, lobbying to allow for site blocking, pushing court cases here in the UK to block sites like The Pirate Bay.

The cost to me isn't necessarily explicitly and directly financial, the cost may not even be tangible in some cases (I never used The Pirate Bay anyway), but there is a cost to my freedom to choose to visit now blocked sites for example. There is a cost to my freedom of choice as a consumer when Sony acts in a cartel like manner blocking certain musical acts being succesful. There is a cost to me as a taxpayer if my taxes are being used to help fund the creation of Sony's legislation, for the courts to cater to Sony's crusades and so on.

Re:Screw you, anonymous!

[hackula]

Remember to thank the robber next time he breaks in through your window for kindly showing you how you need better home security.

Re:Screw you, anonymous!

[savuporo]

You still dont get it. Anonymous didnt post your details online, Sony did. Or more precisely, you gave them to Sony and Sony is careless with them.

Re:Screw you, anonymous!

[noh8rz7]

You're an idiot.

Re:Screw you, anonymous!

At least they announced that they took it and were posting it letting you be the first to go in and change your account info. They could have just as easily had the highest bidder buy it from them, and never let anyone know. Also they did let Sony know that there was a major flaw in the system the last time they did this and look what Sony did. Nothing.

Re:Screw you, anonymous!

Yes and one of the products you purchased was the PSN. along with that service you should be expecting some sort of security to guard your personal information. if you don't think that they should be protecting it you have nothing to argue about.

So Get off my lawn!

Re:Screw you, anonymous!

"...who never got over resenting authority figures when they were 13"

As if that's something you should get over, ever

Re:Screw you, anonymous!

[noh8rz7]

Terrorism is the proper word here. Terrorism is the attemp at political change through violent means. Their goal w not to steal the credentials for themselves. They don't even want them. Their goal wS to send a message that other companies better watch out and behave, or else they'll end up like Sony. And yes, hacking in and stealing private information is violent. Cyber-violent. I assume you wont reply to this, which I take as concurrence.

Re:Screw you, anonymous!

So you would rather.
1) Live in complete ignorance of how the world really works?
2) Have your data stored in unsecured format?
3) Not have it announces when the servers are hacked, so that you can live in a false sense of security?

While I don't agree with anonymous methods, I have to admire their effort. Governments, and corporations need some kind of check that prevents them from loosing sight of their purpose. The usual capitalistic methods where people only pay for goods they want has been broken by the corporation / government interference feedback loop that lemmings, like yourself, seem to enjoy feeding.

Re:Screw you, anonymous!

[Soluzar]

I didn't pay a single penny for the PSN. It's a free service. I paid for games which are available to buy from the PSN. I would like to hope that Sony would take some measures to guard against hacking, but there's no such thing as perfect security. They are hardly the only major organization to be hacked lately. The first several times it happened I was more angry with (what I now see as...) the victims, but then I realized that anonymous won't stop until they get what they want... which is teh lulz of course.

Re:Screw you, anonymous!

I'm sorry, but a person with a substantial amount of PS3 games automatically has less of my respect than a random member of Anonymous (and that's not a lot of respect).

Sony are almost universally hated by pro internet/freedom people and for good reason. I won't say you are wrong for trading with them any more than I would say that a person buying child pornography is wrong for supporting the industry but it's a stretch to say you are deserving of any compassion.

Re:Screw you, anonymous!

This is Slashdot. Hacking, copying a database, and posting it online is copying, not stealing. If your card was used and funds taken from your account then and only then have you been the victim of theft.

Also, of course a portion of the money you pay for a game goes towards security, don't be so naive.

Finally, Anonymous and Sony are very much in disagreement on many points. I don't approve of either group myself but would be more forgiving of a member of Anonymous than a customer of Sony. If you choose to support that company you are going to get hurt and few will feel for your pain.

Re:Screw you, anonymous!

[Voyager529]

Thanking Anonymous for stealing my credit card info to demonstrate Sony's/Stratfor's/whatever's poor IT practices is akin to thanking an arsonist for burning down my house to demonstrate that it's flammable.

Poor analogy. The better analogy is that you are renting that house, and the landlord is obligated as a condition of your rental agreement to ensure that your house is properly flameproofed to prevent it from burning. An arsonist informs your landlord that your house is not properly flameproofed and can indeed burn.The landlord does nothing. The arsonist *then* burns your front door as a means of publicly demonstrating that none of the other houses your landlord owns are properly flameproofed, either.

This analogy still fails because there were no irreplaceable objects stored in a PSN account, no one was made homeless because of the attack, and credit card number replacements were very quickly taken care of by issuing bodies.

I'm not saying that Anonymous is completely in the right here. What I am saying is that I've never seen anything to indicate that anything short of what Anonymous did (and apparently, not even that) will get the message across to Sony.

Re:Screw you, anonymous!

[MikeBabcock]

Your statements are full of logical holes but most substantially, how about you make a guess as to what percentage that 50GB is of Sony's hourly bandwidth usage.

Go on, I'm waiting to hear how substantial you think it is.

Re:Screw you, anonymous!

[tlhIngan]

Those assholes really need to think about who they are hurting with this crap. It is the users, like me. I've got a substantial amount of PS3 games, both from PSN and retail. I just want to use them in peace without veing harassed by cyber-terrorists!

For every hack that Anonymous does, there's probably dozens of others that you don't hear about.

Same as vulnerable software - just because someone reports it to you doesn't mean you can ignore it - you can bet others have found it and may be exploiting it, just without the courtesy of telling you.

Of course, given what happened last year, I'm surprised you didn't resort to using PSN cards. Just buy them in a store and enter the redemption code on PSN. No credit card linked anywhere.

Though Sony, unlike Microsoft and Apple, doesn't seem to discount them (you can find Microsoft points cards and Xbox Live Gold subscriptoin on sale regularly (I've seen $5 off regular $20 cards, $20 off Xbox Live (regular price $60)), and iTunes cards seem to be 20% off somewhere or other. Why pay full price?

Re:Screw you, anonymous!

Don't care, what they did amounts to fraud if it were a bank. Go figure.

Re:Screw you, anonymous!

What I am saying is that I've never seen anything to indicate that anything short of what Anonymous did (and apparently, not even that) will get the message across to Sony.

But, assuming this is true (Sony's denied it and people analyzing things seem to agree with Sony), this would mean the message DIDN'T get across to Sony, AND Sony apparently didn't feel any pain from the first time it happened. They're still around, still raking in stupid amounts of money, and, if they DID get cracked again, they not only don't care, they don't NEED to care. So Anonymous can keep doing the same thing, Sony won't ever see any problems, and the only people who get hurt ARE the people who just want to play some goddamned video games already.

Re:Screw you, anonymous!

Honestly, better it be made public than not. While we're on poor home analogies: I'd rather use natural gas that's scented than one that's not, that way when there's a leak I at least know about it and something can be done. Anonymous is your scent.

Re:Screw you, anonymous!

[ThatsMyNick]

Nope, Anonymous only pointed out that your house has probably already been burnt, you just dont know it yet.

Re:Screw you, anonymous!

[mother_reincarnated]

never got over resenting authority figures when they were 13.

That was only like a year ago, cut them some slack!

Re:Screw you, anonymous!

[Voyager529]

Not that I disagree with your sentiment, but my point was that since the first round of Anonymous attacks didn't make a dent in how Sony operates, that actions less severe aren't going to hurry along any changes by Sony, either.

Re:Screw you, anonymous!

[scot4875]

I'm effectively stuck with Sony

And who's fault is that? It's not like Sony was still a paragon of virtue and responsibility when the PS3 came out.

You either already knew what you were getting into and didn't care, or you were ignorant if who you were dealing with. In either case, you've got nobody to blame but yourself.

--Jeremy

Re:Screw you, anonymous!

[scot4875]

Bad analogy.

It's more like you gave something important to someone for them to keep secure for you. They chose to secure it behind a screen door. Anonymous comes by and kicks in the screen door and then says, "hey everybody, all this important stuff isn't really secure."

--Jeremy

Re:Screw you, anonymous!

That makes you a fucking moron.

If Sony had even an ounce of clue, this would be a non-issue because passwords would be (nearly) impossible to recover. They are incompetent, and they are the sole reason this keeps happening. Yet you assign them no blame.

You are a fucking moron.

Re:Screw you, anonymous!

[DigiShaman]

I like owning the physical media. But the idea of streaming a BD disk from a hosted computer running iTunes, I could live with that so long as it's being compressed in real time. There's just no way I can stream the raw BD format bit-rate over a WiFi connection reliably in an apartment complex. The 2.4Ghz band is way too crowded as it is, and a leaky microwave from my neighbors has been known to kill all WiFi device connectivity to the internet while my ethernet PC works just fine. A Wi-Spy sweep confirmed it BTW.

Re:Screw you, anonymous!

[steelfood]

Your house? It's more like the house of some robber baron or sweat shop owner. Who just so happens to run the local gladiator stadium that gives you the occasional complementary beer. And they technically just set fire to the stadium only, not even the house.

Besides which, nobody told you to give Sony your information, especially with their track record. And then you've got the galls to come here and tell us you still give them money, even with all the crap they keep pulling.

If the hacked into your computer, then it's your house. But I'm afraid you're not important enough to warrant such attention, from anybody, really.

Re:Screw you, anonymous!

[mcgrew]

Those assholes really need to think about who they are hurting with this crap. It is the users, like me. I've got a substantial amount of PS3 games, both from PSN and retail. I just want to use them in peace without veing harassed by cyber-terrorists!

Considering that Sony rooted my computer with their XCP trojan and vandalized my system, and removed (stole!) OtherOS from people who had already paid for it, it's impossible to use ANY Sony product without being harassed by cyber-terrorists. Sony are cyber-terrorists, and if you're dumb enough to use a computer product from someone who would intentionally infect their paying customers with malware, you deserve what you get, fool.

Anonymous isn't the villian here, Sony is. As a former Sony victim, I applaud anonymous. And as much as I dislike MS, I suggest you recycle the PS3 for spare parts, sell your games, and buy an XBOX.

Re:Screw you, anonymous!

[andydread]

You migrate away just like you would any defunct system that you are locked into. The first step is to quit purchasing anything else for that platform.

Re:Screw you, anonymous!

[Ginger+Unicorn]

Terrorism is the attempt at political change through violent means.

Given that no violence has occured and sony are not a political entity, you've just defeated your own claims.

hacking in and stealing private information is violent. Cyber-violent.

You're redefining words to prop up a spurious argument, and concocting new ones out of whole cloth for the same reason. Cyber-violent?

I assume you wont reply to this, which I take as concurrence

Whether or not I care to reply isn't influenced by inane posturing like that. I am however becoming supicious that the sheer overt stupidity of what you're saying is an indication that you're merely a troll attempting to bait a response.

Re:Screw you, anonymous!

More like thanking someone who wakes you up from a sound sleep by tapping you on the shoulder in bed and saying "dude, you're a fucking idiot for leaving the door opened and your checkbook on your table." ...then possibly throwing your unused checkbook at your face, possibly after wiping their ass with it..

3U2 ANON.. STAY KLASSY!

Re:Screw you, anonymous!

[noh8rz7]

I,m sorry that your mind is stuck in such a literal place. Fact: Sony was not hacked for any tangible value, but to make a point. To send a message to all companies that they better conform to Anonymous standards or face an attack of their own. This is a political message. Violence: you cannot deny thT this was an attack on Sony. There's no blood on the floor, but it's still a forceful appropriation. So I stand by my statement that it is a terrorist act. I suppose you could add an additional clause for. The definition of terrorist. It would have to be perpetrated by a non-sovereign entity.

Re:Screw you, anonymous!

Exactly: Anonymous aggregated the already-shared information. Just like Spokeo, right?

Re:Screw you, anonymous!

I just want a Blu-ray player that will access Netflix and play a few local games. I really wish Sony could de-couple their PSN account from my ability to use the PS3 and watch Netflix.

Please. You know that they could . You wish they would do that, just like I do.

Re:Screw you, anonymous!

[Ginger+Unicorn]

You're rationalising hyperbole.

Re:Screw you, anonymous!

[__aaltlg1547]

What makes you think these assholes care whom they are hurting?

Re:Screw you, anonymous!

Every time I read stuff like this all I can think of is http://www.youtube.com/watch?v=kHmvkRoEowc#t=0m58s

Re:Screw you, anonymous!

[Inda]

50 quid if it's under 500 (or it was a couple of years ago). The trick is to 'sue' for 450 + 50 costs to keep it under the 500 limit. Of course you can sue for more, but the the fee goes up rapidly.

They tend to suggest arbitration before court these days. If it's an open and shut case, I would go with this.

But you're correct. It's an easy process and it can be done online these days.

Most of the time, big companies don't even reply and lose by default. Claiming your win is often harder but, of course, you can use the law to get that money too.

Re:Screw you, anonymous!

It's more like someone picking your front door lock to demonstrate that your landlord is using shitty locks. What's more important to think about is how many other people can pick the same lock? Worse, how many people have already picked the same lock and stolen money from your house without you knowing?

Re:Screw you, anonymous!

Any competent net admin can trace any data from one point to another on their network if they have the right tools setup. given the last breach one would hope that those tools were installed and triggers would have been setup. It took Sony a long time to confirm they had been breached the last time. I am not overly confident that their statement is accurate this time either. I think if this Anon member wants ot prove his point he needs to publish server details and DB names of what he breached. That sort of information once confirmed will be quite difficult for Sony to deny.

Do we need to draw attention to this on Slashdot?

[ctheme]

Even if this is true, and PSN was compromised, what's the point? This benefits no good cause, and Sony isn't even the one being exposed here -- its users are.

Anonymous is repeating the mistakes of Cablegate; releasing private information of parties who didn't ask to be involved. That's bullying, not hacktivism.

Again?

[autonomousautomator]

Its becoming like finding holes in a fishnet.

Re:Again?

[rvw]

Its becoming like finding holes in a fishnet.

A hole in a fishnet is a feature, and I'm not kidding. Without those holes, it would become useless. So better find a car analogy!

Whoops!

[phrackwulf]

Sonic is really going to have to hurry to get all those rings back! I hate this level!

Fail.

Proven false.

* the document of leaked data linked to in the Twitter account appears to be identical to one posted on the Internet back in March.
* Anonymous has deleted the Tweet claiming that it hacked the PSN.
* Direct statement from Sony: "We’ve confirmed that the recent claim that PlayStation Network was illegally hacked and that customer passwords and email addresses were accessed is completely false."

Re:Fail.

[bob+zee]

i'd sure like some links to your claims. i am not saying your are trying to mislead anyone, i would just like to have some further reading. i suppose it is off to google now to find it. thank you for the heads up!

Re:Fail.

[repvik]

I've seen the pastebin from march (Or was it february? I'm not entirely sure). I can't find it in my twitter feed atm though.
It's just a kid trying to scare people.

Re:Fail.

While I take any statement by the hackee with a couple of grain slios full of salt, I will point out the following:
Sony's reaction to last hack: Take everything offline if it was affected, or even if they think there's a possibilty it was affected. EVERYTHING. For months. Have complete security audits done. Give free access later to stuff, even stuff people have not played for years (Seriously, I spent two weeks just wandering around EQ1 wondering that 'my god I ever thought this looked good?'). Pay for anti fraud monitoring for customers, even those who had no payment credentials stored, such as myself. Putting out detailed info that not only should the password on Sony's sites changed, but you need to change passwords everywhere, because of the 'same password everywhere' effect. Yes this is a lot of CYA PR moving, but it's still a lot of work and in the short run anyway, it hurt them more on, for example, stock prices than saying 'ok we feexed you no worry, though you have to change your password here'.

Blizzard, PWI (Cryptic) reaction to hacks: Ez ok we feex but here you have to change password on the site. Game onz.

Re:Fail.

[repvik]

Linky: http://pastebin.com/HUjZPaF3

Re:Fail.

There's ever a legal hack?

I can't shed any tears for Sony

Anything that further erodes the public's confidence in Sony is a good thing.

Their antics with rootkits, feature disabling and poorly-secured websites are murdering the once mighty Sony brand.

Some day Sony will be the text-book example of why it is a bad idea to repeatedly shit on your customers, destroying a valuable brand in the process.

Re:I can't shed any tears for Sony

[hackula]

...MGS4. nuff said. They can sell my data off to the highest bidder so long as I can play MGS4.

This could be...not good

[JavaBear]

Fool me once, shame on you and all that. The first time they could be excused a little by having put too much faith in their internal systems. If this is true, there can be no excuses left.

Sweden?

[Vintermann]

Seems like all the email adresses are for Swedes. Wonder what they've got against Swedes.

Re:Sweden?

[OzPeter]

Seems like all the email adresses are for Swedes. Wonder what they've got against Swedes.

I dunno .. maybe because of that little thing between Julian, the UK, Sweden and Ecuador?

Re:Sweden?

Wonder what they've got against Swedes.

There is just so much to choose from.

The most likely is that Anonymous is a Norwegian-Danish coalition with the intent to get revenge for Swedens acquisition of Norway after the Napoleonic Wars.

Re:Sweden?

[repvik]

Because the list is from a different hack, not PSN. This scriptkiddie just copy-pasted a credentials list from march. Here: http://pastebin.com/hhU8Q9di

HA! HA!

Ha! Ha! Misfortune for you!

Sony's says this is fake

[deadbeefcafe]

http://www.videogamer.com/news/psn_hack_claims_are_false_says_sony.html

Last night someone claiming to be a member of Anonymous posted what was alleged to be information obtained from 50GB of compromised PSN data, but it turned out the data was the same as that released last year when PSN was hacked. "We've confirmed that the recent claim that PlayStation Network was illegally hacked and that customer passwords and email addresses were accessed is completely false," assured Sony in a statement.

Re:Sony's says this is fake

[Dave+Whiteside]

isn't that what they said last time?

Re:Sony's says this is fake

Yeah, exactly. This is being deny by a COMPANY (oooo, scary scary, a company!). Meanwhile, the hacking claims were made by a group of irresponsible fourteen-year-old attention whores whose sole defining trait is that they not be held responsible for their actions. Clearly, the latter is more believable in this case, because remember, ooOOOooOooo scary a company.

Re:Sony's says this is fake

That might only mean that the data hasn't changed since March. They could have still gotten inside.

Re:Sony's says this is fake

[repvik]

Except the march hack claims to be from a university: http://pastebin.com/hhU8Q9di

Re:Sony's says this is fake

[Osgeld]

sony also says it makes the best game machines as well

Re:Sony's says this is fake

[Osgeld]

it doesnt matter who did it or where its being posted from, your not going to reshuffle your database every time its accessed ... Im not saying its not a fake claim, I am just saying that the data may look identical cause it came from the same original source and is probably ordered in a logical fashion with no reason to waste the time and effort of changing its order cause in the end the computer doesnt care.

Sony denies it .. so far ...

[BaronAaron]

Hope it's true.

https://twitter.com/PlayStation/status/235824711601360898

Pavlovian Response

[frinsore]

The last time that this happened Sony gave me two free games. Now that it appears to have happened again my initial thoughts are regarding more free games. Somehow I don't think that this response is intentional on Sony's part.

Re:Pavlovian Response

[rvw]

The last time that this happened Sony gave me two free games. Now that it appears to have happened again my initial thoughts are regarding more free games. Somehow I don't think that this response is intentional on Sony's part.

It's the new marketing strategy. You are conditioned now. The hack is a hoax. You want games. Sony wins! HAHAHAHAHAHA!!!!!!

Re:Do we need to draw attention to this on Slashdo

That's the same argument that the TSA uses, when you advertise that maintenance and crew have unfettered access to the planes. If a terrorist wants to blow up a plane, they'll simply drive around back instead of standing in line to go through the TSA checkpoints. How dare anyone mention that? Who does it help? Only the terrorists win with that information getting out!

Here's the deal. It was a known problem before, and it was ignored. Then they got hacked. It was a known problem again (unsalted passwords, really guys?). Your reaction is to blame Anonymous for putting its users in jeopardy. You missed the boat. The users were already in jeopardy, and anyone with access to the database and cursory knowledge of rainbow tables was already exploiting users.

Ignorance of the problem is not the same as security.

Probably not true.. Sony has best security

[rgbrenner]

I can't imagine this is true.. Sony has always been on the cutting-edge of security tech. I mean this is the company that designed the text-based CAPTCHA:
http://pro.sony.com/bbsc/jsp/forms/generateCaptcha.jsp

Right click is disabled so it's impossible to crack.

Re:Probably not true.. Sony has best security

[thegarbz]

Wait what? Right click is disabled? Was that foiled my noscript running on my browser?

Re:Probably not true.. Sony has best security

[pnot]

Holy shit, that's incredible. They've invented a Captcha that's easier for a bot than for a human. I can only assume that they never figured out what CAPTCHAs were for, and assumed that their sole purpose was to annoy users.

Re:Probably not true.. Sony has best security

Why the fuck is that Informative?

Re:Probably not true.. Sony has best security

[hackula]

How does this exist?!?!

Re:Do we need to draw attention to this on Slashdo

[rvw]

Even if this is true, and PSN was compromised, what's the point? This benefits no good cause, and Sony isn't even the one being exposed here -- its users are.

Anonymous is repeating the mistakes of Cablegate; releasing private information of parties who didn't ask to be involved. That's bullying, not hacktivism.

It depends. If this is the only way to show that Sony doesn't give shit about security, then this is the way. They released 3000 credentials. If they release the 10 million, that's another case. But anyhow, Anonymous is not about going the diplomatic way.

Cyber-terrorists?

[neoshroom]

Is the intent of anonymous' actions really to inspire fear? Have we gotten to the point now where we accuse anything that inconveniences us as an act of terrorism?

Re:Cyber-terrorists?

[Soluzar]

Yes! They want to make account holders feel fear for the security of their credentials. What else could possibly be the purpose of this attack? Well, other than 'teh lulz' of course. Fuck anonymous. Fuck them hard.

Re:Cyber-terrorists?

[d3ac0n]

Oh quit your whining. It's not Anon's fault that you were stupid enough to sink money into Sony crap.

Mind you, I don't approve of the illegal methods Anon sometimes uses, but I agree with the principle. Sony is a notorious abuser of both the law and their own customers. The sooner they either close down or radically restructure (IE: shareholders fire the CEO, the entire board of directors, most of the upper management and ALL the lawyers for extreme douchbaggery) the better. While there are far worse issues facing us today, Sony is still a boil on the face of the entertainment and gaming industries.

Oh, and just in case it wasn't clear, you were and are a fool for buying any of their products and supporting them. You can still redeem yourself by cancelling your account and taking the financial hit as penance. Or you can wait for Anon to do it for you. Your choice.

Re:Cyber-terrorists?

[Soluzar]

Honestly? I'm not really dissatisfied with what I've bought from Sony. I'm a little dissatisfied with some of their business choices, but the games I've bought are fine thanks. I happen to actually like them. I didn't do anything wrong by buying them, no matter what you and those like you want to claim.

If I'm deprived of them by any illegal action of Anonymous, then I expect to get them back at some future time. If you actually believe in what you wrote in your final paragraph, you're by far a bigger fool than I.

Get off the high horse. I bought products and services. People do that. Anonymous are just being out-and-out criminals, hope all of them get arrested and sent to PITA prison.

Re:Cyber-terrorists?

[hackula]

Yeah, totally switch to their benevolent competitor. M$ will treat you right. Face it, Sony is basically the only M$ alternative in the gaming space (Xbox or PC, either way you are using M$). I happen to not really be a hater of M$ or Sony, so do what you want, but you really can't criticize gamers for using Sony when the alternative is at least as bad, if not worse.

Re:Cyber-terrorists?

What the fuck has how I spend my money got to do with a bunch of criminalist brainless dick heads like the tossers who hide behind the label of Anonymous? Nothing! They are nothing but a bunch of pathetic yobs out to cause trouble for the common hard working man. They need to grow some balls and get a life.

Also, what the fuck has it got to do with you what I spend my money on. Nothing you little prick.

Maybe you should quit your trolling Joey d3ac0n. You come across as a little girl throwing themselves on the floor trying to get their own way. People have the right to spend their hard earned money how THEY want, not how you want because you don't like it. Maybe it is because you don't have the money because you are a sad little child!

I will continue supporting Sony because they have done me no harm, unlike Apple and Microsoft. I also enjoy their products. If you don't like it then just fuck off and die you stupid little prick. If you don't like my attitude then tough, I am not changing for you!

Re:Cyber-terrorists?

[DaveV1.0]

Yes, you approve of their illegal methods. Otherwise, you wouldn't be defending them.

Sony BMG Rootkit

how many USERS were rooted and how was Sony BMG PUNISHED? At all?

I somehow think you are joking

[maroberts]

..quoth he pressing F12 and looking at the Firebug output

Re:I somehow think you are joking

[rgbrenner]

Wow.. you're a really talented hacker. But be careful about posting exploits like that or you might be prosecuted for unauthorized computer access.

Re:I somehow think you are joking

Real men use telnet to port 80.

Re:I somehow think you are joking

[Osgeld]

why fucking bother you can use select all and copy it to the clipboard for anything you want to read it without even looking at the source

Re:I somehow think you are joking

[maroberts]

Well if you want to cut and paste it into Notepad that's up to you. I pressed one key and had it available for analysis. I never said that there wasn't TMTOWDI

Re:I somehow think you are joking

[Osgeld]

your and any other programs can read the clipboard too, whats the reason behind analyzing it if you fail basic computer concepts

Re:Do we need to draw attention to this on Slashdo

[ctheme]

From the pastebin document:

I got no twitter,facebook, neither I go in IRC.. if someone takes credit for this pwnage, he's a faggot.
What's the target?...It's SONY, MOTHERFUCKER.
Contact me at anon@prvt.org for the full database, which is 50GB, fuck.
About 10 million fuckers at risk. Yes, if you play playstatio network, you're included

This is the language of someone who wants to be perceived as a threat to many people. It is not the language of democratic engagement.

Of course it's fake

[Pecisk]

Sorry to burst bubble, but this can be easily be forged with old data from previous hack. For me it's bigger posibility than Sony haven't taken previous attack seriously.

Re:Government & Stealth Malware

[ledow]

"Nobody Seems To Notice and Nobody Seems To Care."

About crackpot conspiracy theories posted on Slashdot in a hideously verbose article (and I'm one of the worst culprits for verbosity)? Damn right.

Now, please go away. If the government want in to my computer, they will get it. Chances are that I detect the attempt but even if I didn't, so what? What precisely do you think will happen that wouldn't have happened without intrusion into my personal computer?

P.S. tampering with boot sectors is a DUMB way to try to take over a computer. First, it won't work if the options for Boot Sector Protection are on. Secondly, it interferes with lots of perfectly innocent programs that people might be using (let's start at things like partition managers and go up to more interesting things like Truecrypt). Third, it's likely to balls up a minority of machines totally (Hell, I just encountered a set of machines whose BIOS checks a very specific sector on any NTFS partition for a Windows-like signature and hangs if you try to boot off anything else - so full-disk encryption is TOTALLY incompatible with that machine until the BIOS is fixed) and thus draw attention to itself.

Fourthly, those who care about people getting into their machines WILL notice. Those who don't, won't. Guess who the governments of the world would be most interested in?

Don't want the government to "find" you? Never let your machine out of your sight, never connect to the Internet, wrap it in a tinfoil hat (which seems oddly appropriate here). If they have physical access to your machine or its components at any point, it's game over. Seriously. Nothing has ever proven defeat of that.

Want to *use* your computer? Do so.

Hell, if they are going to put malware in something, they'll just stick it in an Intel chip. Who's going to see it among billions of transistors, hypervisors, microcode, etc.? Nobody. And it has complete access to anything without any hassle at all.

Please re-align your conspiracy theory and point it at brick walls. How can you be sure your house has brick walls? How do you know they didn't plant a microphone in it? How do you know there's not a thermal camera on the other side? Same thing, just as serious, just as crackpot.

Most of the time its silly

[DarkOx]

Most of the time I think of Anon's actions as pointless vandals, best discouraged.

When the f**k with Sony though I can't help but cheer them on.

Re:For the same reason people keep using Linux?

[Forty+Two+Tenfold]

So, what's dts.utah.gov running everyone?

LINUX

SuSE is not Linux. Linux is not an operating system. Windows is (are?).

Re:Do we need to draw attention to this on Slashdo

[Soluzar]

Oh shit, some clear and rational thinking? Wasn't expecting that.

Came into topic expecting usual Sony hatefest.

Leaving partially disappointed.

Re:Do we need to draw attention to this on Slashdo

[Soluzar]

It's the language of a child who wants attention. He screams, he shouts, he throws his toys at things. He doesn't know any better, but his parents at least should keep him away from computers until he's old enough to learn not to be a dick.

It Seems

[DaMattster]

It would seem that one of the official sports of the hacktivist community is to continually embarrass Sony. I think this is positively hilarious that Sony still cannot get it right.

Re:It Seems

[JavaBear]

Some people have pointed out that this hacker claim may be fraud. If true, how can you claim "Sony still cannot get it right" ?

Sony screwed up, and probably spent millions hardening their security, and will have to continue to do so. Time will tell if they have done enough. Bit if this is an invalid claim, and Sony weren't hacked, how did they get it wrong?

Re:It Seems

[repvik]

It is a fraud. http://pastebin.com/hhU8Q9di

So, the headline ought to be

[JavaBear]

"Someone claiming to be from Anonymous claims to have hacked PSN."

Re:So, the headline ought to be

[Sponge+Bath]

"Internet web site speculates about someone claiming to be from Anonymous claiming to have hacked PSN."
Editor: "Run it!"

Re:So, the headline ought to be

[deadbeefcafe]

I hear headlines are better with a question mark. How about: "Has Sony's PSN been hacked again?"

Re:For the same reason people keep using Linux?

So true. Linux is a kernel. An operating system? Oh, you must mean emacs. No, that's not it. Maybe you mean "Gnome" or "KDE"? No, that can't be it either. Perhaps it is Ubuntu, Slackware, Debian, SuSe, Fedora Core, CentOS, Knoppix, and a million more? In fact, maybe that's why everyone uses "Linux" to refer to the whole lot of them? And no, they don't use GNU/Linux RMS, sorry.

It's A HOAX

Guys, he stole the "passwords" from this post that was made back in march.

http://pastebin.com/hhU8Q9di

Think about it

If a attention-whoring kid can defeat the security measures that a global corporation installed, after they have been hacked before, well, that's one really smart kid. Or Sony still doesn't think your data should be secure.

I'm betting on that last one. Arrogant fuckers that they are.

Re:Think about it

[repvik]

The only thing this kid has defeated, is everyones critical thinking. Google the first hash on the list. View all the search results. See anything?

Wow... you are dumb

[SmallFurryCreature]

Finding holes in a fishing net is a saying, meaning it isn't any kind of challenge. Like finding freckles on a redhead.

Re:Wow... you are dumb

[Osgeld]

its not a challenge cause its a feature, are you saying sonys joke security is a feature that serves a perfectly logical reason?

Wow

[drewco]

Why can't Anonymous do something good or interesting for the world, like expose drug cartels or find Mitt Romney's taxes. All they ever do is steal people's identity and post it on the internet. Disagreeing with the way Sony does business is one thing, but why punish the PSN users for it?

Re:Wow

[JockTroll]

Because they're afraid. They know if they mess with the Big Boys, the Big Boys will hurt them. You don't mess with the Big Boys, just with the little guys who decided - as is their right to do - to buy one brand those little kids don't like.

Sony claims the 'hack' is fake...

[Dr.+Manhattan]

https://twitter.com/PlayStation/status/235824711601360898

Re:Sony claims the 'hack' is fake...

[repvik]

And it can be confirmed too. This is the same credentials list: http://pastebin.com/hhU8Q9di
Note the date on that pastebin...

Re:Do we need to draw attention to this on Slashdo

PSN wasn't compromised. Someone ripped off a credentials list pasted on pastebin in february, and presented it as a current hack. That was discovered a couple of days ago.

Re:How are Anonymous NOT terrorists?

[GuldKalle]

Because Anonynous are not the only ones able to access the data. If someone else used this security hole, they might not have said anything, or they could have released the whole database.

Re:Do we need to draw attention to this on Slashdo

Anonymous is not about going the diplomatic way.

That will be their downfall, more and more governments are tightening up their grip on the Internet over this sort of thing, Anonymous are either children who should be stripped of their computers, or more worryingly they are a false flag op.

Re:Do we need to draw attention to this on Slashdo

Even if this is true, and PSN was compromised, what's the point? This benefits no good cause, and Sony isn't even the one being exposed here -- its users are.

It hopefully forces them to improve their internal systems such that compromising them is very, very hard instead of easy. Then any futures systems they build will be designed from the ground up properly. The people working at PSN will also hopefully gain experience with secure systems, so when they move on to other companies, they can bring that experience with them and help improve things there.

While Anonymous is not benign, they are not truly malicious either. You want gadflies like them so that when the really bad people (nation states, financial data crackers) come along, our systems already have a bit of an immune system against "bad" actors.

Re: drop Sony

Amen. I bought my last Sony product too recently. I'm done.

Re:For the same reason people keep using Linux?

[Enderandrew]

The OS (and kernel) weren't to blame in most of those cases. Web servers on any OS can be insecure if they allow SQL injection or cross-site scripting attacks. Putting bad code on a web server doesn't mean the OS is inherently insecure.

Re:Do we need to draw attention to this on Slashdo

[repvik]

This list: http://pastebin.com/hhU8Q9di

AWSOME

No, It brings a lot of attention to Sony, and yes it needs to be brought up on Slashdot because the mainstream media will not do so, or at least not do so in a honest way.

And get over this "bullying" nonsense. It's hactivism by all definitions.

Bullying is when one kid pushes another kid down on the playground. it's part of growing up and the responsibility of each parent to teach their kids how to deal with it, so get over it.

Re:Do we need to draw attention to this on Slashdo

It sounds like the language of some Chinese kid who doesn't speak English very well whose Dad probably works in one of Sony's server farms. This does not sound like the language of a sophisticated hacker.

IT'S A HOAX. IT'S NOT REAL.

As usual slashdot is posting old information without any updates at all. THis was revealed to be a hoax yesterday and they are posting it today? And yesterday they were posting about bill gates reivention of the toilet when he talked about that years ago? Come on slashdot, if youre going to post something atleast be current about it.

Here is a link to it being a hoax.

  http://www.kotaku.com.au/2012/08/anonymous-claims-psn-hack-affecting-10-million-accounts-update-its-a-hoax/

Re:Do we need to draw attention to this on Slashdo

I agree, at first I was all about anonymous bringing down the man and all that, but this kind of stuff, while yes it hurts sony, has an immediate and direct impact on the PSN USERS, many of whom support what anonymous does, at least for now. But honestly im getting tired of them fucking with things that people enjoy. Want to hack something? Then hack something important.

Re:How are Anonymous NOT terrorists?

[DaveV1.0]

What, exactly, is Anonymous attempting to do by hacking Sony? What, exactly, started them hacking Sony and what was their end goal?

Sweden?

[king*six]

Why are all the accounts Swedish?

Re:Do we need to draw attention to this on Slashdo

It doesn't depend on anything. If you tell a random person off the street that a group called Anonymous just stole their credit card information they're not going to ask from where it was stolen. They're going to ask where this anonymous person lives so they can shoot them.

Sony gives as much of a shit about security as any other company that lives in the "entertainment" side of business. Which is to say, more than 0 but less than 1 shit.

Re:Do we need to draw attention to this on Slashdo

True, and if you really are a sophisticated hacker, you are smart enough to not go cracking into other people's systems.

Re:Do we need to draw attention to this on Slashdo

[chebucto]

Nonsense. They shouldn't release anyone's private credentials. Whether it's 3,000 or 10,000,000, the damage for any one individual is the same.

If they are able to crack PSN and there is work Sony should do to fix things, then they have other options.
- Tell Sony, see if they fix it
- Failing that, tell an independent person - a trusted reporter or other third party. Then that third party can confirm the leak and Sony will have to answer for their problems.

As someone with more than a few accounts online (including PSN - sue me, I want to buy DLC now and again), I really take exception to the idea of being a pawn in this game. My private data is my data - Sony has a duty to keep it private; and if a hacktivist steals it, they have a duty to keep it private, as well.

Re:How are Anonymous NOT terrorists?

Yes lets hope Sony gets whats coming to them, a mass exodus of customers who are fed up with a company that does not respect them.

your the arsehole

in supporting a company that dont give a shit about yoursecurity

not political?

so all that money they use in bribing politicians and supporting the mpaa and riaa is just a joke right sorry they were just kidding LOL.....

Re:not political?

[Ginger+Unicorn]

Anyone can relax the definition of any term until it's sufficiently loose to support their assertions.

Log in Credentials

[Master+Moose]

I think I should ask them for my password, I changed it after the last attack and now can't remember it.

If they want to win supporters.....

Go after the people who run the "Accounts Services" telemarketing companies!!!

I can supply a list of numbers....

NOW those people suck!!

Re:For the same reason people keep using Linux?

True, but on /. if there was a hack of a Windows machine, it's always Window's fault.

sony can't shipt PS3s that don't melt solder

when Sony refluxes my PS3 solder so I can use it again then I'll be interested.
after that apple can fix my Mac Mini DVD drive so it works again.

why is HW becoming such crap again?

Re:sony can't shipt PS3s that don't melt solder

you can put all the flux on it you want, its not going to do shit but make it sticky without resoldering it

Re:How are Anonymous NOT terrorists?

[Osgeld]

My guess is to shed light on these systems where a 14 year old can just walk in and make off with all your data ... what started them on sony? Maybe cause sony has been a very big asshole for the last decade, and well, the squeaky wheel gets the grease.

Incredible

I can't believe that the first response from a Sony representative was just to forget about it and go and buy more games. Denial and distraction, Sony must not think much of its users.

The reason sony was hacked.

Sony was hacked because they started getting information about people's paypal, youtube and twitter accounts. They got I.p logs and wanted to go around suing anyone that had viewed the howto guides for jailbreaking the ps3.

Re:Do we need to draw attention to this on Slashdo

My private data is my data

True. (It's private whilst it is private and no-one else, like Sony, has access to it)

Sony has a duty to keep it private

No they don't. Sony has a duty to make money; skimping on security reduces costs and doesn't harm them directly. Loss of user data is irrelevant, you've already paid them and they're so big that you don't have anywhere else to go (you might think you do, but Sony LCD screens and chips are in a lot of electronics).

and if a hacktivist steals it, they have a duty to keep it private

What law is that? I mean, a physical one. A "hacktivist" is fighting a political war against an opponent, civilians get shot in the crossfire, what else is new?

As someone with more than a few accounts online (including PSN - sue me, I want to buy DLC now and again), I really take exception to the idea of being a pawn in this game.

Too bad, you are a pawn. You knew the risk. If you didn't then I have even less sympathy. I avoid giving out personal details (I don't even have an account here) as much as possible and I am always wary of dodgy sites and willing to cancel cards at any time. If you think other people are going to keep you safe then you're a fool, take responsibility.

Re:Do we need to draw attention to this on Slashdo

[chebucto]

The corporation and the hacktivist both have a moral responsibility. The rule is the golden rule. Civil laws can and should be adjusted accordingly to codify this.

If you are willing to live in a world where you have all the responsibility and others have none, then you are the fool. I prefer civilization, where there is shared responsibility. Reality and ideals never match up perfectly, but that's no reason to throw your hands up in defeat.

Re:How are Anonymous NOT terrorists?

[DaveV1.0]

From what I see, they are trying to force Sony to make changes by attacking Sony.

terrorism noun \ter-r-i-zm\ : the systematic use of terror especially as a means of coercion

terror noun \ter-r, te-rr\ : 1)a state of intense fear. 2) violent or destructive acts (as bombing) committed by groups in order to intimidate a population or government into granting their demands

Aren't theses acts and attacks committed against Sony, in an attempt coerce Sony into behaving in a specific manner, designed to be destructive to Sony, it's reputation, and it's business?

Bummer...

[DiEx-15]

I rather enjoyed all the wails and crying of the Sony Fanbois.

It's not Sony's fault they had extremely poor security and let all their customers' information be available in unencrypted formats! How dare Anonymous besmirch the Jehovah known as Sony!

OMFG

g damn niggers hacking everything god damnit

Re:How are Anonymous NOT terrorists?

sony is neither a population or a government