"Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems. We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.
Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained. We will be notifying each of those customers promptly."
Credit cards have more security than a debit card, though it sounds like you're using a prepaid card. Assuming your identity isn't totally hosed and they only got a credit card number, you can call the bank and cancel it pretty quickly and are not liable for fraudulent charges.
That's the main reason this Sony breach hasn't gotten me too bothered. They got already public information and a password hash (Sony updated their site to say that indeed they were hashed). I don't use the passwords elsewhere so not really worried about that. And though they claim they didn't get the credit card numbers, if they did it's not going to set me back anything. Of course, I actually look at my credit card statements and more often than just once a month.
That said, the prepaid store-bought game cards are a great way to keep your info offline.
The problem with debit cards is they went and made them function like credit cards. Sure, I can hit debit and it works exactly like he's mentioning... or, if I don't know the pin, I just hit the credit button and sign with a scribble. "It works everywhere even if they don't take debit!" won out over security.
Have you been living under a rock? Steve Jobs responds to emails somewhat regularly, and they are usually one line answers such as "No, we do not" or "You're holding it wrong" (Yes, he said that in an email, where do you think the meme came from?)
The file is unencrypted, but Apple is a walled garden (remember?). "Any app" does not have access to "any file" on the filesystem. Now, the backup on the computer is another story, and it is unencrypted by default.
I believe it's meant for people that have cut the cable, because cable TV is ridiculously overpriced. The number of people leaving cable for Netflix/Hulu streaming is growing quite nicely.
No, they don't really provide anything. It's one of the reasons I haven't touched my Xbox since I bought a PS3 over a year ago, because I don't play online games enough to justify $60 a year to Microsoft just for Netflix and ESPN.
Netflix is free (other than their subscription) and Hulu is also free (again, I think you have to be a Hulu Plus member), which isn't even available on the Xbox yet. I don't have to pay some fee to the gatekeeper to use a service where their only involvement is blessing the icon in the menu and splashing their own branding all over it, but Sony surprisingly hasn't even put custom branding all over those third party services. So what if I don't have "online matchmaking" for watching movies... really? That's some killer feature? I have a phone or Skype if I really feel the need, but I can't say I ever have.
TFA is quoting Sewall from last year and trying to put it into the context of the current situation when his comments were not in the context of the current situation. That seems pretty disingenuous.
As opposed to sitting here while governments bask in bureaucracy? Say what you will about commercial interests, unless there is a war on commercial interests have been the driving force of many discoveries and innovations, not governments.
They all do it, to some extent. The file in question is designed to be a cache, and the deletion mechanism is apparently broken. The news is about a bug, nothing more. Even more, the data is not transmitted to Apple, as those who discovered the issue were quick to point out. Android caches, WebOS probably caches.
The quote is old, from 2010 and before this current situation even existed.
The situation now is most likely a bug, as the file in question (which is not transfered to Apple) is meant to be the location cache. Obviously the cache isn't being purged as it should be.
It's not sent to Apple. It is stored on the device and the computer it syncs with.
It's been mentioned elsewhere, this is very likely a bug and not designed behavior. The file in question is meant to be the location cache and should be operating much like the cache on Android, only the deletion has not been happening.
So then why is Apple suing over a look and feel on a device which isn't much of a player in the Android world?
Why aren't they going after HTC or Motorola? Oh yeah, because this is about look and feel and copying of the UI and hardware. A redesign of both and the Samsung phone would and will be left alone. This is not about Apple feeling threatened.
You have commented on every single reply here saying the exact same thing. We got it, you're a fanboi.
It doesn't matter why they removed it from the Slim, even if they "lied" in some product report somewhere. Nobody expected OtherOS to be on the Slim because they said it wouldn't, I don't have to go around questioning their motives to know better than to expect it to be there. I never expected the Slim to play PS2 games either, not because it physically couldn't, but because they said it wouldn't. Cisco/Linksys removed Linux from the WRT54G, and never gave any explanation whatsoever... but then they released the WRT54GL which costs more, I bet they were doing it to create a new product that costs more! And?
It is perfectly alright for a company to remove features on another revision when they say "Heads up, we're doing this on the next model!" If I want to buy one with that feature I buy it right then, or decide I don't really need the feature. Their motives for the change are not really important at that point because it's their product.
I think they removed it from the Slim because they figured out these vulnerabilities and hoped people would eventually upgrade out of the fat consoles and not figure it out, but I certainly wouldn't expect them to advertise this as the reason. I don't really care about that, except that it was of course not right to remove the feature from the fat PS3 even after the vulnerabilities were out in the open.
There may not have been a logical need for a removal from the Slim, but customers KNEW that they were buying a console without that feature. I can't really defend Hotz for using that has a reason to hack the system's security, he had the option to just not buy the Slim model.
Those opt-in utility programs will probably become mandatory at some point, or the utilities charge more for those who do not opt-in. Regardless, none of the features you mentioned requires a change after the sale, you just have to get the majority of manufacturers to change it on all future products and eventually everyone is using products with those features.
Because people were looking to pirate and/or cheat on PSN. By far the majority of PS3 owners were using PSN and NOT OtherOS, and would be much more put out if the cheaters were using OtherOS to disrupt their gameplay.
I agree not giving any kind of compensation was wrong, but forcing people to choose what was important to them was not necessarily unfair. The only rub is there is no way to downgrade or reenable the functionality, which really should be provided.
The upgrade was not mandatory. The catch was, if you did not upgrade and remove the feature, you could no longer get on PlayStation Network. Apparently this was unfair.
I think Sony should just release an optional OtherOS patch, which unlocks the full functionality of the PlayStation but removes the ability to use PlayStation Network, except for a path to go back to the "commercial" version. Maybe take it to the next level and provide a full dev kit with access to every part of the device, but remove the ability to use any commercially released games while using it. I think many of the tinkerers would not even mind, assuming there was a restore process.
I understand why they removed it, but it could have been handled much better, even to the point where the hackers got more functionality and the gamers will still protected from software cheats and piracy.
Slashdot Mirror
Sony has updated the page with a full notification of what happened, see: http://www.soe.com/securityupdate/
"Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems. We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.
Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained. We will be notifying each of those customers promptly."
Credit cards have expiration dates for a reason.
Credit cards have more security than a debit card, though it sounds like you're using a prepaid card. Assuming your identity isn't totally hosed and they only got a credit card number, you can call the bank and cancel it pretty quickly and are not liable for fraudulent charges.
That's the main reason this Sony breach hasn't gotten me too bothered. They got already public information and a password hash (Sony updated their site to say that indeed they were hashed). I don't use the passwords elsewhere so not really worried about that. And though they claim they didn't get the credit card numbers, if they did it's not going to set me back anything. Of course, I actually look at my credit card statements and more often than just once a month.
That said, the prepaid store-bought game cards are a great way to keep your info offline.
Everyone knows GUIs hunt down suspects, you just have to write them in Visual Basic. Duh!
The problem with debit cards is they went and made them function like credit cards. Sure, I can hit debit and it works exactly like he's mentioning... or, if I don't know the pin, I just hit the credit button and sign with a scribble. "It works everywhere even if they don't take debit!" won out over security.
SpiderOak is a great alternative, also with the coupon code 'worldbackupday' you get 5GB free up from 2.
Have you been living under a rock? Steve Jobs responds to emails somewhat regularly, and they are usually one line answers such as "No, we do not" or "You're holding it wrong" (Yes, he said that in an email, where do you think the meme came from?)
[citation needed]
The file is unencrypted, but Apple is a walled garden (remember?). "Any app" does not have access to "any file" on the filesystem. Now, the backup on the computer is another story, and it is unencrypted by default.
I believe it's meant for people that have cut the cable, because cable TV is ridiculously overpriced. The number of people leaving cable for Netflix/Hulu streaming is growing quite nicely.
No, they don't really provide anything. It's one of the reasons I haven't touched my Xbox since I bought a PS3 over a year ago, because I don't play online games enough to justify $60 a year to Microsoft just for Netflix and ESPN.
Netflix is free (other than their subscription) and Hulu is also free (again, I think you have to be a Hulu Plus member), which isn't even available on the Xbox yet. I don't have to pay some fee to the gatekeeper to use a service where their only involvement is blessing the icon in the menu and splashing their own branding all over it, but Sony surprisingly hasn't even put custom branding all over those third party services. So what if I don't have "online matchmaking" for watching movies... really? That's some killer feature? I have a phone or Skype if I really feel the need, but I can't say I ever have.
This is not what caused the uproar. If you go to the original source that even disclosed this was happening, they point out there is "[no] evidence to suggest this data is leaving your custody".
TFA is quoting Sewall from last year and trying to put it into the context of the current situation when his comments were not in the context of the current situation. That seems pretty disingenuous.
As opposed to sitting here while governments bask in bureaucracy? Say what you will about commercial interests, unless there is a war on commercial interests have been the driving force of many discoveries and innovations, not governments.
They all do it, to some extent. The file in question is designed to be a cache, and the deletion mechanism is apparently broken. The news is about a bug, nothing more. Even more, the data is not transmitted to Apple, as those who discovered the issue were quick to point out. Android caches, WebOS probably caches.
The quote is old, from 2010 and before this current situation even existed.
The situation now is most likely a bug, as the file in question (which is not transfered to Apple) is meant to be the location cache. Obviously the cache isn't being purged as it should be.
It's not sent to Apple. It is stored on the device and the computer it syncs with.
It's been mentioned elsewhere, this is very likely a bug and not designed behavior. The file in question is meant to be the location cache and should be operating much like the cache on Android, only the deletion has not been happening.
You're tri-curious.
Kinky.
This would be more of an issue if it was free.
I remember when Xbox Live was down for something like 11 days, and I do not remember being compensated (maybe I was though, I really don't remember).
So then why is Apple suing over a look and feel on a device which isn't much of a player in the Android world?
Why aren't they going after HTC or Motorola? Oh yeah, because this is about look and feel and copying of the UI and hardware. A redesign of both and the Samsung phone would and will be left alone. This is not about Apple feeling threatened.
You have commented on every single reply here saying the exact same thing. We got it, you're a fanboi.
No they don't sell them at a loss. They did at first, for a while.
It doesn't matter why they removed it from the Slim, even if they "lied" in some product report somewhere. Nobody expected OtherOS to be on the Slim because they said it wouldn't, I don't have to go around questioning their motives to know better than to expect it to be there. I never expected the Slim to play PS2 games either, not because it physically couldn't, but because they said it wouldn't. Cisco/Linksys removed Linux from the WRT54G, and never gave any explanation whatsoever... but then they released the WRT54GL which costs more, I bet they were doing it to create a new product that costs more! And?
It is perfectly alright for a company to remove features on another revision when they say "Heads up, we're doing this on the next model!" If I want to buy one with that feature I buy it right then, or decide I don't really need the feature. Their motives for the change are not really important at that point because it's their product.
I think they removed it from the Slim because they figured out these vulnerabilities and hoped people would eventually upgrade out of the fat consoles and not figure it out, but I certainly wouldn't expect them to advertise this as the reason. I don't really care about that, except that it was of course not right to remove the feature from the fat PS3 even after the vulnerabilities were out in the open.
There may not have been a logical need for a removal from the Slim, but customers KNEW that they were buying a console without that feature. I can't really defend Hotz for using that has a reason to hack the system's security, he had the option to just not buy the Slim model.
Those opt-in utility programs will probably become mandatory at some point, or the utilities charge more for those who do not opt-in. Regardless, none of the features you mentioned requires a change after the sale, you just have to get the majority of manufacturers to change it on all future products and eventually everyone is using products with those features.
Why should it? Have you read any of this thread?
Because people were looking to pirate and/or cheat on PSN. By far the majority of PS3 owners were using PSN and NOT OtherOS, and would be much more put out if the cheaters were using OtherOS to disrupt their gameplay.
I agree not giving any kind of compensation was wrong, but forcing people to choose what was important to them was not necessarily unfair. The only rub is there is no way to downgrade or reenable the functionality, which really should be provided.
The upgrade was not mandatory. The catch was, if you did not upgrade and remove the feature, you could no longer get on PlayStation Network. Apparently this was unfair.
I think Sony should just release an optional OtherOS patch, which unlocks the full functionality of the PlayStation but removes the ability to use PlayStation Network, except for a path to go back to the "commercial" version. Maybe take it to the next level and provide a full dev kit with access to every part of the device, but remove the ability to use any commercially released games while using it. I think many of the tinkerers would not even mind, assuming there was a restore process.
I understand why they removed it, but it could have been handled much better, even to the point where the hackers got more functionality and the gamers will still protected from software cheats and piracy.
I'm sorry, is this a haiku?
You're a few syllables off.