Discussion in 'Article Discussion' started by CardJoe, 3 May 2011.
I never thought sony was this bad at security...
did they ever even think about encrypting this stuff?
Here is the customer service notification: http://www.soe.com/securityupdate/
Here is the press release: http://www.soe.com/securityupdate/pressrelease.vm
so no one can play any sony MMO's at the moment?
This sort of thing can bring a company down. I am sure there are more than a few guys looking for jobs in Japan right now.
I actually got an email today from sony apologising, it was sent to my old SWG account email address.
I think the ball has been dropped, shot, and then dropped again.
Good job, Sony!
Why blame Sony and not the criminals?
Why because when they take on the responsibilities of peoples details then they should be able to keep them safe. And simply they have not. Hackers could have anything just now Sony don't have a clue what they have taken everyday they seem to find out more and more has been compromised. They are just fumbling around in the dark.
So the fault\blame lies entirely on Sony?
This has not affected me but imo if a company takes my details and loses them then yes. I don't care how,who where or why. I am going to hold that company responsible. i hope they lose alot of buisness from this as i cant be acceptable for company to get away with leaking peoples details. I worked in the bank dealing with fraud and I know how it can affect people's lives. It can cripple people. Sony need to take the blame for this as it was their fault.
Yes it does. If there is nothing to blame Sony for then the details would still be safe and secure!
Dammit, that's my details potentially stolen twice then.. .
Given that the SoE network will have been separate from the PSN I'm being to think this was an inside job.
Ok, I now live in a parallel world where criminals are not to blame for the crimes they commit.
Of course the criminals are to blame, but it's really besides the point.
If a prisoner wandered out of his unlocked cell, unlocked prison, and then proceeded to murder some of your friends or relatives, would you not hold the prison somewhat responsible?
No you don't. By all means these criminals should feel the wrath of the law. But it seems these are invisible criminals who walked in through Sony's security and made of with what they wanted....
Don't know about you but I would be angry if I was one of the people whose details was stolen and I know who I would be blaming.
I'd say it's a mix of blame. The hackers are scum of the earth, but equally Sony should have protected their data a bit better.
The mystery team pulls the mask of Sony:
"if it weren't for those meddling kids!"
It's besides the point? If a prisoner uses a new method that prison officials are not aware then how can it be their fault for not knowing? At that point the method is noted and measures are taken to ensure it doesn't happen again. I'm no security expert but IMO Security is reactive at best. This isn't the Minority Report and the sudden standard of "They should know before it happens" is kind of out there. Network security cannot be 100% pro-active because too many vulnerabilities exists and hacker's are always one step ahead. This doesn't absolve Sony of any responsibility because it was their job to protect our data, but you can't seriously say this was Sony's fault for being targeted by a criminal entity.
The prison idea above is spot on. If a company takes our payment details, then we expect those details to remain safe, always. That is Sony's responsibility. And they failed. It IS their fault. If you are saying that there are no security measures on this earth that can offer that kind of protection then that is different and I'm not a security expert.
I somewhat agree, but in Sony's case it's more like that they forgot some of the basics. The prison walls were tall and manned, and the guards checked everybody at the gates, but they forgot to lock the cells and take away the shovels. The hack that got through the network is something they can't predict, and as you said, shouldn't be penalised for, but the unencryption of passwords etc is such a basic error that speaks of a flawed system.
Encryption isn't new, it's not an unknown technique, so they should have used it.
I see what you are all saying. I just feel that once a company has my details, if its doesn't keep them safe then I hold them responsible. Not to encrypt sensitive details is inexcusable imo.
Couldn't agree more.
Separate names with a comma.