Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sony Reportedly Is Using Cyber-Attacks To Keep Leaked Files From Spreading

Posted by samzenpus on from the fight-fire-with-fire dept.

HughPickens.com writes Lily Hay Newman reports at Slate that Sony is counterhacking to keep its leaked files from spreading across torrent sites. According to Recode, Sony is using hundreds of computers in Asia to execute a denial of service attack on sites where its pilfered data is available, according to two people with direct knowledge of the matter. Sony used a similar approach in the early 2000s working with an anti-piracy firm called MediaDefender, when illegal file sharing exploded. The firm populated file-sharing networks with decoy files labeled with the names of such popular movies as "Spider-Man," to entice users to spend hours downloading an empty file. "Using counterattacks to contain leaks and deal with malicious hackers has been gaining legitimacy," writes Newman. "Some cybersecurity experts even feel that the Second Amendment can be interpreted as applying to 'cyber arms'."

27 of 190 comments (clear)

  1. Is SONY breaking the law with this "defense"? by Anonymous Coward · · Score: 5, Insightful

    Then they are no better than those that hacked into their systems, and should be prosecuted like any criminal hacker
    Those that have helped them in this, should be prosecuted as accessories.
    Or, if what SONY is doing is acceptable, Than it was okay for those that hacked SONY to do what they did.

    The law applies to all, big and small.

    1. Re:Is SONY breaking the law with this "defense"? by cheater512 · · Score: 5, Funny

      Of course it was ok for the guys to hack Sony.
      Sony fired the first shots years ago.

      If we are using second amendment as an analogy, then Sony has been breaking in to houses all around the world.
      The hackers who screwed them up royally are just friendly neighbours helping defend the neighbourhood.

    2. Re:Is SONY breaking the law with this "defense"? by TechyImmigrant · · Score: 5, Funny

      AC should have let his four year old daughter type it in.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    3. Re:Is SONY breaking the law with this "defense"? by sjames · · Score: 5, Funny

      Try reading that without hearing it in the voice of a half-wit. It can't be done.

      So you're saying you read that aloud and heard the voice of a half-wit? Imagine that!

    4. Re:Is SONY breaking the law with this "defense"? by Artifakt · · Score: 5, Insightful

      If there are any legitmate files hosted on those servers Sony's hired guns are DOSing, a "second amendment analogy" means Sony just fired back at both their opponents and some innocent bystanders. How about that, posters defending Sony's right to use such tactics - does that right include unlimited collateral damage to random bystanders? If sony isn't breaking the law, then does that make the law right even if innocents get caught in the 'crossfire'?

      --
      Who is John Cabal?
    5. Re:Is SONY breaking the law with this "defense"? by cheater512 · · Score: 2

      There was also the Sony rootkit if you have forgotten: http://en.wikipedia.org/wiki/S...
      Destroying people's computers is not quite a nice thing to do.

    6. Re:Is SONY breaking the law with this "defense"? by cheekyboy · · Score: 2

      No
      Sony execs have been sacking lots of writers/artists/3d anims just to save another $100m, and yet they are still making $600m per $1000m spent on movies. They dont need to make MORE profits.

      The execs of sony are greedy scum that want nothing but 100000000% profits, based on zero expenses for zero effort on their behalf.

      --
      Liberty freedom are no1, not dicks in suits.
    7. Re:Is SONY breaking the law with this "defense"? by AntiSol · · Score: 4, Insightful

      the first paragraph of that wiki article was very damning! I thought wikis were supposed to be neutral.

      I thought that wikis were supposed to be factual. Sometimes the facts are damning.

    8. Re:Is SONY breaking the law with this "defense"? by AmiMoJo · · Score: 3, Informative

      I don't think they are actually DDOS'ing servers as TFS claims. They are using a "bad seed" attack on Bittorrent, which is where they run modified Bittorrent clients that claim to be seeding the stolen data but actually just return /dev/random. Of course the receiver notices that the checksum is wrong and discards the data, but if there are enough bad seeds in a swarm it can make getting a complete set of data quite difficult.

      Some US anti-piracy companies used to do it a few years ago, but the trackers quickly banned all their IP addresses and they gave up.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    9. Re:Is SONY breaking the law with this "defense"? by AmiMoJo · · Score: 4, Interesting

      It set a dangerous and horrible precedent. A company can remove features from a product that you already own on a whim. Some people managed to get refunds, but most were simply screwed.

      If it becomes acceptable then you will find that things you own start to self destruct after a year or two. It already happens with some smart TVs, where the manufacturer drops support for certain apps on older models so you lose the ability to watch NetFlix or Amazon Instant. Your TV breaks because they couldn't be bothered to pay the license fee for another year, or because they feel that it's time you upgraded.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    10. Re:Is SONY breaking the law with this "defense"? by DarkOx · · Score: 5, Interesting

      Speaking as a computer security professional the entire second amendment argument is juvenile and stupid, if not harmful. On top of this we continue as a society to tolerate an obviously corrupt system of double standards. I completely agree with you.

        We have corporations that now seem to operate under an entirely different set of lows than the rest of use do. We have HS and College kids being aggressively prosecuted for acts that cause tiny amounts of harm if any. Sony deploys a root-kit that puts the security of the systems of millions of customers in danger, and impairs those systems in general and they get basically asked to apologize and replace the defective product, they are not asked to do anything about the real damage. I don't recall prosecutors asking Aaron if he would like kindly remove his machine from MIT's wiring closet, delete the copies of the journals he made, tidy up and than forget the whole thing; no he was threatened with prison and a ruinous legal process until he killed himself. Yet for some reason Sony gets off without even having to clean up the mess they made.

      Meanwhile the security community continues to want play army. Weather its with red vs blue rhetoric, or bizarre and ill considered Second Amendment analogies. To anything thinking person software it self and digital communications are more closely tied to the First Amendment, in terms of speech and anything you might do with a computer or network is more relate-able to expression or assembly.

      A computer is not a weapon, let me repeat that a computer is not a weapon. Now it might control a weapon, be a component in or of a weapon but a computer it self is not a weapon. We don't need to conflate these things. By the logic they are using anything that can be weaponized is an arm. Which would mean I have the right to keep and bare well anything. "Sorry mister DEA agent, that brick of cocaine isn't drugs, I use it throw at people I don't like. Its a great arm, if you get hit with the corners of the package it really hurts; yet at only one kilo its light enough to carry around throw easily!" To say nothing of the implications for cars, kitchen knives etc.

      This is about impotent little pricks that want to feel powerful, without having to leave their desks. The CFAA is a terrible law that is vague and potentially criminalizes lots of very innocent activity. Still I hardly think given the number of shared resources out there we want go to a total free for all where anyone can do anything the like online with no real/physical world consequences either. I am not even necessarily against "attack back" if its allowed under a prescribe limited set of circumstances, just like castle doctrines or stand your ground laws. The important parts of that though are "limited" and "prescribed" none of which applies to what Sony is doing here.

       

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
    11. Re:Is SONY breaking the law with this "defense"? by david_thornley · · Score: 2

      Ever notice the other betrayal there? Anti-malware software uniformly missed the Sony rootkit, probably deliberately. It was finally found by independent researchers. The story is that Sony asked the antivirus people to let their rootkit through, and they did. If so, that's some pretty serious malfeasance on the part of antivirus vendors.

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
  2. Is anyone surprised? by Anonymous Coward · · Score: 5, Funny

    Sony doesn't just poke the hornets nest, they go balls deep and windmill

    1. Re:Is anyone surprised? by TuxWithoutPants · · Score: 3, Insightful

      Famous last words... We all know it can get a lot worse.

  3. The Internet Will Die by Anonymous Coward · · Score: 2

    If this is going to be the M.O. of companies that thing the internet is their plaything and they can do whatever they want then the biggest inovation since planes is going to be dead. The internet if constantly hacked is going to be more than useless. The big players always want to criminalize hacking and file shareing etc but when they are incompetant its ok for them to disregard the DMCA and crack others sites and totally try to trash the usefullness of the internet. These companies need to die. fuck them all. fuck the US Government as well and fuck Beta.

    1. Re: The Internet Will Die by Anonymous Coward · · Score: 3, Insightful

      The Internet died about 10 years ago. Just like everything else, the capitalists took something good and turned it into a giant cesspool of greed.

  4. Really... by the_skywise · · Score: 4, Insightful

    > Some cybersecurity experts even feel that the Second Amendment can be interpreted as applying to 'cyber arms'."

    Uh huh... the 2nd amendment says I have the right to defend myself. That means I can own guns to defend myself when I'm being attacked... PHYSICALLY.

    The proper analogy is that I have the right to secure my computer systems from being hacked by malcontents or governments (or both).

    It does not give me the right to go over to the local printing press and blow them up if they're xeroxing my naked selfies. That's not defense, that's just vandalism.

    Good lord can this world get any dumber...

  5. Re:I didn't care before by The+Grim+Reefer · · Score: 5, Funny

    but where can I find this juicy info? What the the websites being attacked by Sony?

    As competent as Sony has been with security lately, I'd guess they are using DDS attacks against The Pirate Bay.

  6. Re:No real evidence... by Khyber · · Score: 4, Informative

    "No real evidence"

    Anyone with half a brain can use map.ipviking.com and watch the shit happen. There's your evidence.

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
  7. Mixed Feelings by smashr · · Score: 5, Insightful

    So it's strange, I have completely mixed feelings about this. If Sony is using such borderline techniques to try and prevent people from downloading torrents of PII data pilfered from their servers such as SSNs, tax returns, W2s, celebrity phone numbers, etc, then I am willing to give them the benefit of the doubt. This may be slightly over the line, but if it is to protect the data belonging to outside people, then I am inclined to view it more favorably.

    If, on the other hand, this is about preventing the latest ZOMG HD SCREENER TORRENT of their most popular film from being shared one more time, I view such activities much less favorably.

    There is probably not a legal distinction between protecting future profits and protecting the private data of one's employees, but it certainly makes me struggle with how to view this..

  8. Re:Rootkit by fuzzyfuzzyfungus · · Score: 2, Interesting

    The rootkit was far worse than this. The only reason it wasn't a huge PR disaster is that most non-techies have no idea what it was.

    That and the invidious notion that 'consumers' really don't need or deserve control over their devices is fairly alarmingly entrenched. Even when the system in question isn't one that you 'licensed and not sold' to the sucker, you can have your merry way with them in ways that you'd never get away with in the context of real property.

    If infiltration and covert execution of a rootkit were treated even as seriously as, say, physical trespass, Sony would have had a problem. As it was, the response was along the lines of "Well, yes, you have a trespasser; but we can hardly make a case out of it unless you can prove that he is otherwise making a nuisance of himself or something."

  9. Re:defense against bennett by Noah+Haders · · Score: 4, Interesting

    the second amendment allows people to own firearms, but not to use firearms. so sony has it backwards. right now they are using firearms but don't own them. think much?

  10. SONY breaking the law (yet again) by TiggertheMad · · Score: 4, Interesting

    The interesting thing is that, if they are using outsourced servers strategically located in Asia to avoid the long arm of the law, that people should be able attack those same servers and do pretty much anything they want to them without fear of consequences. Being beyond the law is a double edged sword, and I personally would not bet against all the hackers on the Internet in that fight...

    --

    HA! I just wasted some of your bandwidth with a frivolous sig!
  11. Re:I hate Sony by Anonymous Coward · · Score: 2, Funny

    Did Sony make fun of your small peepee?

  12. Is SONY breaking the law with this by bill_mcgonigle · · Score: 5, Interesting

    The law applies to all, big and small.

    Which jurisdiction or period in time are you referring to? I can't think of a single example where this is true.

    Pretending life is the same as fantasy is a sign of mental illness.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  13. Re:I didn't care before by jythie · · Score: 2

    Pirate Bay? Knowing Sony they are attacking themselves. The battles between their electronics and media divisions have been pretty comic over the years...

  14. Re:defense against bennett by internerdj · · Score: 2

    Do you understand the "why" of stand your ground and castle? It is an extension of self defense justifications. Self defense justifications are for protection against crimes that result in intentional, direct, grievous harm to a specific person; things like rape and murder. Online interactions just don't bear those consequences in any normal case (maybe at some point for connected medical implants); certainly not in the case of Sony protecting itself from monetary loss. Anyone trying to extend SYG or castle that direction is undermining the entire justice system. SYG, castle, and self defense exist because the justice system is not fast enough to protect victims from irreversible damage from the most heinous of crimes. Property loss can wait on investigation, prosecution, and judgement.