1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News PSN password reset vulnerability uncovered

Discussion in 'Article Discussion' started by CardJoe, 18 May 2011.

  1. CardJoe

    CardJoe Freelance Journalist

    Joined:
    3 Apr 2007
    Posts:
    11,346
    Likes Received:
    316
  2. Nutyy

    Nutyy Widden Palettes

    Joined:
    24 Aug 2010
    Posts:
    165
    Likes Received:
    8
    Hmm lots of people i've talked to are having this problem but i had no troubles at all. All i had to do was change password automatically, no hassle and done in less than a minute. Looked at my account details and looking at the random data i entered i'm safe from hackers, anyway im back off to my home town of Nutwood, i hope no hackers come to my house.....
     
  3. mi1ez

    mi1ez Modder

    Joined:
    11 Jun 2009
    Posts:
    1,644
    Likes Received:
    115
    Hope this one hasn't been known for a week...
     
  4. AcidJiles

    AcidJiles Minimodder

    Joined:
    19 Jun 2006
    Posts:
    377
    Likes Received:
    4
    Sony said they took security seriously. No miscommunication.
     
  5. Whirly

    Whirly What's a Dremel?

    Joined:
    25 Dec 2002
    Posts:
    515
    Likes Received:
    16
    Just so long as they're taking security seriously this ti...D'oh!
     
  6. tad2008

    tad2008 What's a Dremel?

    Joined:
    6 Nov 2008
    Posts:
    332
    Likes Received:
    3
    The data should have been stored encrypted and only takes an extra line of code to handle.

    Since the hackers supposedly got the source code as well as the user data they will have the necessary keys for any encryption. All Sony had to do was change their keys add a line of code to encrypt user data, iterate through it all and then force a password reset on ALL user accounts thus preventing any hackers from making use of pre-existing keys or passwords and all their users would then just have to confirm via a link in an email to then change their password to something they would remember.

    All elementary stuff tbh.
     
  7. LordPyrinc

    LordPyrinc Legomaniac

    Joined:
    7 Mar 2008
    Posts:
    599
    Likes Received:
    6
    Considering their continued problems, the hack still smells like an inside job to me.
     
  8. Malvolio

    Malvolio .

    Joined:
    14 Dec 2003
    Posts:
    4,632
    Likes Received:
    178
    How much forethought does it actually take to realise that your entire database has been compromised, and that those whom took it may wish to use it? What does it say of your security and technical teams when before even being put live the simplest of things is egregiously overlooked? I've pondered over a parallel to draw from this situation for nearly twenty minutes now, but I've yet to come up with something so absolutely daft as this one. The first time I heard about the extent to which the network had been compromised the least I expected was for everything to be locked down when PSN came back on-line, and password changes only allowed from the last console used to log-in to the network, at which point in time you force users to change their password along with any form of secret question or such, and completely review their account details in their entirety, allowing for deletion of any detail not specifically wanted (all the better to placate the agitated masses). Anything less would be an insult to a disenfranchised user base one hundred million strong.

    But what do I know? I certainly don't make the kind of money those in Sony's digital security department make, so surely they know what's best, right? Right?
     
  9. Jake123456

    Jake123456 Surprise!

    Joined:
    25 Jan 2011
    Posts:
    1,735
    Likes Received:
    50
    I'm actually loving this :)
     
  10. BurningFeetMan

    BurningFeetMan What's a Dremel?

    Joined:
    24 Feb 2006
    Posts:
    114
    Likes Received:
    0
    What about if Steam got hacked? Would you love that? Or iTunes? Hell, why stop with online stores? Hospitals, schools and all other kinds of public & private systems!

    Yes, there's heaps to love about security breaches and millions of people having their private details exposed and their accounts compromised.
     
  11. KiNETiK

    KiNETiK What's a Dremel?

    Joined:
    7 Apr 2011
    Posts:
    74
    Likes Received:
    2
    This is comedy
     
  12. SNIPERMikeUK

    SNIPERMikeUK What's a Dremel?

    Joined:
    21 Feb 2006
    Posts:
    204
    Likes Received:
    1
    This could become an excuse for the PSN store being down longer....
     
  13. Memnoch-fr

    Memnoch-fr What's a Dremel?

    Joined:
    13 Sep 2010
    Posts:
    22
    Likes Received:
    0
    I'm not a PS hater, but shouldn't this have been obvious ? The website password change should have been locked out until the change had been made via a PS3.

    @SNIPERMikeUK : PSN store was always going to be delayed (31st of may deadline)
     
  14. bobwya

    bobwya Custom PC Migrant

    Joined:
    3 May 2009
    Posts:
    193
    Likes Received:
    1
     
  15. Waynio

    Waynio Relaxing

    Joined:
    20 Aug 2009
    Posts:
    5,714
    Likes Received:
    229
    Agreed but this should serve as a warning to other corporations not to mess with hackers too much & sony clearly underestimated what they could do thinking they could handle a determined force, which from my viewpoint looks like they can't especially after them holding their hands up & saying they can't guarantee users security, this says to me they were using the best security available & they still knocked it down.

    But it is a scary thought of what could be done if master hackers got together for criminal stuff or deeply bad things :worried:.

    Or yes it could simply be an inside job, guess we'll never know.
     
  16. BurningFeetMan

    BurningFeetMan What's a Dremel?

    Joined:
    24 Feb 2006
    Posts:
    114
    Likes Received:
    0
    So, is the reported value of Facebook 50 billion dollars, or is that the data within Facebook that's worth that much?

    There are hackers and then there's organized crime. The worst part about online databases, is that once your data is out there, you have zero control. For example, who here has ever tried to close their PayPal account? I have,upon finding out that my PayPal account details were leaked. And to close my account, they wanted me to give them my bank account details! And I was like... To close my unused PayPal account after finding a breach in their security, where spammers started spamming me with details that had only ever been given to PayPal, I had to give Pay Pal my bank account details.

    And I still wonder how the hell this breach in Pay Pal's security never made headlines. I guess there's the heavy rollers, and then there's Sony.
     
  17. Da_Rude_Baboon

    Da_Rude_Baboon What the?

    Joined:
    28 Mar 2002
    Posts:
    4,082
    Likes Received:
    135
    Only a fool would say they have 100% full proof security. Not only would it be untrue it would make you the number 1 target for any hacker/s wanting to make a name for themselves.
     
  18. Waynio

    Waynio Relaxing

    Joined:
    20 Aug 2009
    Posts:
    5,714
    Likes Received:
    229
    I know this but apparently sony didn't or were just too arrogant.
     
Tags: Add Tags

Share This Page