Slashdot Mirror
The Sony Pictures Hack Was Even Worse Than Everyone Thought
An anonymous reader writes with today's installment of Sony hack news. "It's time to take a moment of silence for Sony Pictures, because more startling revelations about leaked information just came out and employees are starting to panic. BuzzFeed raked through some 40 gigabytes of data and found everything from medical records to unreleased scripts. This is probably the worst corporate hack in history. Meanwhile, Fusion's Kevin Roose is reporting on what exactly happened at Sony Pictures when the hack went down. The hack was evidently so extensive that even the company gym had to shut down. And once the hackers started releasing the data, people started 'freaking out,' one employee said. That saddest part about all of this is that the very worst is probably still to come. Hackers say they stole 100 terabytes of data in total. If only 40 gigabytes contained all of this damning information, just imagine what 100 terabytes contains."
How long before we see Sony's flagship console jailbroken like the PS3?
For that matter... we'll probably see the PS3's keys brought up to the current version, as well.
I think what happened most likely was, NK officials went to China, hired "internet baddies", and paid them to fuck Sony Pictures in the ass with their biggest internet broomstick.
No technical expertise or infrastructure needed.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Seriously, how did they manage to steal "100TB" worth of data, without physically going there and copy a bunch of disks? You'd think SOMEONE would notice if there was an intruder downloading everything. 100TB can't exactly be downloaded in a few minutes there, it would take days, if not weeks. Even at 1Gbps, that's about 10TB a day, all day long, top speed. Surely, I'm not the only one who think Sony was highly negligent toward network security, again, here...
This is Sony Pictures. The raw video for movies that they are shooting are stored online for editing equipment. One or two movies could easily take up 100TB of disk.
I mean it seems likely they got everything. Even the model numbers of the kitchen sinks.
I would expect they also got some fairly damning privileged information--emails exchanged with lawyers on everything from sexual harassment to copyright infringement suits. It's a BIG firm.
Plus Patents. Sony files THOUSANDS of patents a year. If that patent information (or research that could be patented) is published to the wild before SONY patents it, you have a LOT of new prior art and a fortune in IP at risk... SONY would have to patent everything within a year in the US; I am not sure that you even have that grace period everywhere else.
(a) NOVELTY; PRIOR ART.—A person shall be entitled to a patent unless— (1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention ...
(b) EXCEPTIONS.— (1) DISCLOSURES MADE 1 YEAR OR LESS BEFORE THE EFFECTIVE FILING DATE OF THE CLAIMED INVENTION.—A disclosure made 1 year or less before the effective filing date of a claimed invention shall not be prior art to the claimed invention under subsection (a)(1) if—
(A) the disclosure was made by the inventor or joint inventor or by another who obtained the subject matter disclosed directly or indirectly from the inventor or a joint inventor; or
(B) the subject matter disclosed had, before such disclosure, been publicly disclosed by the inventor or a joint inventor or another who obtained the subject matter disclosed directly or indirectly from the inventor or a joint inventor.
Was this hack the result of poor security, or will every single company in the world now see what has happened, over-react, and unleash draconian security measures that far exceed the point of diminishing returns?
No matter what you think of Sony, this will not be good for the productivity of the corporate working world.
"Who are you?" "No one of consequence." "I must know." "Get used to disappointment."
"The big question is, how did they not notice that much data going out regardless of time frame."
. Sony's big as fuck. From the PSN to their streaming services to their daily/nightly/hourly backups, that data transfer is *HUGE*. My old H2OFarm job saw us pushing 20TB raw data DAILY, and half of that was high-def video from my remote feeds.
Please. Quit living and thinking in the 90s. we're two decades ahead. Catch up with Moore's Law.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
That's bad, but I remember when
they released a root kit disguised as a music Compact Disc.
There's a lot of talk going around right now, mainly from Sony itself, that North Korea is likely behind it. Seriously though - would expect a bunch of people who don't know what Internet is, who likely don't live and breathe IT, security - basically everything capitalism stands for, let alone having a pipe fast enough to rip 100TB of data... Now I understand they could be trained and based elsewhere, but might as well say the Martians did it...
You obviously don't understand North Korea. Despite their terrible economy, widespread hunger, and stunning lack of technology in the hands of citizens, they still have an active standing army of over one million people, and count many, many more as available reserves. "Defense" spending is big there, so if they decide to hack, they can hack, and they will put government resources behind with little trouble because they have no fear of internal or national backlash. I doubt North Korea publishes accurate statistics, but it is a safe bet that they spend a much higher proportion of their GDP on defense (which includes hacking, propaganda, and internal oppression) than most countries. Militarily they are relatively weak on a per man basis due to most units being woefully equipped (and fed), but when they get the notion to do something (think nukes), they do it.
This may not have been North Korea, and I have no idea really, but one can't assume it wasn't them because simply because they are poor and uber-wacky.
This is a hacked account, for which the owner can not be held responsible.
No fuck that. Fuck the higher ups and every step of the ladder that supports them. They are all responsible.
That's the kind of thinking that causes people to turn into terrorists with all of the associated be-headings of completely innocent people and other moronic actions. It's fucking stupid. Stop it.
You don't have perfect knowledge and you never will, so quit acting like you do.
Look where all this talking got us, baby.
As you yourself said, "their connections, the power they have to move the industry" carry a lot of weight. A lot of people inside and outside Sony could have their reputations ruined by these leaks. The film industry is full of gossip and jealousy, and people often say things in private that can be incendiary if they get loose. If someone with big clout is offended, a lot of current and future deals could go out the window. Grudges are real, and can last a lifetime.
And even non-bigwigs can be wrecked. Suppose someone takes time off, or has other issues from stress and uses prescription medication as a result. This could easily end up in personal records. This gets out, and that person could find themselves unemployable anywhere. Not even able to get a minimum wage job in retail or fast food, much less the entertainment industry. Remember, there are a lot of show hires and workers are transient, so there are a lot of ex-employees with records at Sony.
Sony could be on the hook for a huge class actions suit, particularly if you consider ex-employees. No matter how long ago it was, if you name shows up online as a result of this breach you have a valid reason to sue.
And Sony is not a well regarded company in Hollywood. They are known for squeezing the life out of people and then giving them the boot. They routinely have layoffs while they are advertising for new hires. (Everyone in Hollywood does this, but Sony is a prime example.)
They keep a few people around but nobody lasts because it's cheaper, and transient workers are no threat to bad upper (or middle) management. Bad practice can be hidden if there is no one around to complain or remind anyone of previous mistakes. (Just ask anyone who has been cycled through Disney about this.)
Given the combination of ill will and a lot of ex-workers, don't be surprised when the civil actions start. Sony doesn't have a leg to stand on, particularly on personal records. They had no partitioned networks/systems, no encryption, and didn't detect the breach until they were screwed. It's going to be just like drug lawsuits: there will be multiple late night commercials fishing for anyone who worked at Sony to join in.
Hollywood is a schadenfreude kind of town. There will be a lot of movie industry types who will derive a lot of satisfaction from watching Sony suffer mightily because of this.
Why is Snark Required?
As a practical matter, a lot of valuable talent is not healthy.
This is so true. It is difficult to deal with as a boss and even more so as an employer. One of my guys is seriously over weight, and has a number of health complications that come with it. He is also highly intelligent and very capable. It is challenge because I want to be able to depend on him, and for the most part I can. But I also have to mitigate risk and make sure that there are people shadowing his projects and documenting his recommendations so that they can carry on if the time comes that he is no longer able to come into work.
As his boss, I want to have a legitimate, sincere conversation with him about his health and his value to the company. I also want to have it with him as a friend and someone who cares about him. But due to the way employment law works, I have to avoid the subject.
Hours and minutes. Its obvious to me, a former backup/dr guru in another life, this data was either walked out of Sony itself in 2-3 plastic bins, or fell off the back of an offsite storage truck.
---Up Up Down Down Left Right Left Right B A START