So I assume EQ's servers are down and I should probably change my debit card number...
And So much for EQ Next. Hopefully a better company can buy it from em and make it right with the quality it deserves!
Correct, every SoE game went down a few days ago and has been down ever since.
SoE is apparently going to notify people by email if their data was compromised. I have received a lot of automated mails from Sony about this but none were personally directed at me.
Anonymous don't steal credit card infomation, they had access to the DDos previous to the attack but nothing else, and Sony have only brought this on themselves with there lame security. Hopefully this will teach them that security isn't a joke and needs to be updated and upgraded all the time to keep up with the latest threats.
How's the front door of your home? Is it lockpickable? Breakable? How about windows? Oh and one good way (I've heard) is to go through wooden walls if you have those. It takes a moment but not too long. Is there any weak spot in your house that would justify breaking into and making those that do it heroes?
Actually the main problem is that you arent legally allowed to have say concealed pits in the house that drop the victim down into your own personal dungeon cell. It would be a lot easier to have an active defense once your house is broken into as opposed to making the house impenetrable.
Oops you triggered the knock-out gas... Nighty-night and I hope you don't look too tasty to the dog...
Ahh -- nobody really ever touches the tv -- you found out it has 200 volts running through it -- oops.
I can't believe people would defend the hackers and blame Sony. Sure their security wasn't good at all. But you know, in a world without these e thugs, we wouldn't need it. That's not to say I think it was ok for Sony to be s relaxed with security. They should have known better. Stop holding these hackers up on pedestals. They are criminals plain and simple. I would say the same thing no matter what company it happened to. It isn't Sony out there trying to sell the credit card info. It isn't Sony that said let's hack the network and take away gaming abilities for millions. I swear only in this day and age does a victim get blamed for a crime and the criminals held up high and celebrated. Anonymous or whoever it was should be ashamed of themselves.
Originally posted by skeaser Care to explain how? Stating "facts" without any type of justification or explanation of why you feel that way really doesn't accomplish much.
I am not sure what part of my post you do not understand..
If you buy a book, dismantle it and use to set a fire in our fireplace, it's fine. Problem comes when you start messing the with content of the book which is an intellectual property of the author and having no consent for modification.
Same as your PS3, you use the technology as intellectual property to serve different purpose, you modify it.
PS3 isn't HW parts only, it is how they are put together and purpose.
Care to explain how? Stating "facts" without any type of justification or explanation of why you feel that way really doesn't accomplish much.
I am not sure what part of my post you do not understand..
If you buy a book, dismantle it and use to set a fire in our fireplace, it's fine. Problem comes when you start messing the with content of the book which is an intellectual property of the author and having no consent for modification.
Same as your PS3, you use the technology as intellectual property to serve different purpose, you modify it.
PS3 isn't HW parts only, it is how they are put together and purpose.
I can take any book off my shelf right now and edit it all I want. I can make Harry Potter a sci-fi tale if I want, as long as I don't try to sell it. I can rewrite Twilight to be an action espionage tale.
The only prohibitions I see are:
1. Piracy. Modifying my PS3 to run pirated games is legal, until I actually pirate a game.
2. The PSN. Their terms wouldn't allow a modded console so I have to stay offline.
Bottom line is I own the machine and if I want to install linux or a homebrew running program and create my own programs to run on it, I don't see any legal recourse they can take.
I can't believe people would defend the hackers and blame Sony. Sure their security wasn't good at all. But you know, in a world without these e thugs, we wouldn't need it. That's not to say I think it was ok for Sony to be s relaxed with security. They should have known better. Stop holding these hackers up on pedestals. They are criminals plain and simple. I would say the same thing no matter what company it happened to. It isn't Sony out there trying to sell the credit card info. It isn't Sony that said let's hack the network and take away gaming abilities for millions. I swear only in this day and age does a victim get blamed for a crime and the criminals held up high and celebrated. Anonymous or whoever it was should be ashamed of themselves.
Sony should be ashamed as well. Both parties share blame in this tale.
My own desktop PC was likely more protected than Sony's servers.
That is hardly true statement as you have no idea how servers are protected, especially ones at Sony...
Why not? The security expert explained the flaws.
"The issue reported was the fact Sony was running PSN on a server that had an outdated version of Apache and no firewall in place. That meant any vulnerabilities known about for that version of Apache, and patched in more up-to-date releases, were easy to take advantage of. With no firewall in place too, the hacker probably had a very easy time of it."
I use a hardware firewall and the apache software I use is updated non-stop, so I'm very likely much more protected than Sony was.
I kinda felt the need to weigh in here as well after reading some of the idiotic comments posted.
I'm not fanboy, and I have over the years played SOE games - some I've enjoyed, some I've hated. I got the same emails everyone else did from Sony.
That said, this idea that its good guys (hackers) vs Evil sony, or that sony somehow deserved this is insane. I guarantee you the people that will suffer most for this will be the guy making hourly wages, will be the lowest of the lowest working at Sony - that's how all companies operate. If your trying to justify what the hackers did by your perception that Sony is evil because of the Star Wars fiascal I think it's time you grow up and put the internet games away.
It was incredibly stupid of Sony to have such lax security, as well as wait so long to notify everyone, but they have paid the price and will continue to do so, and as I've said $#it rolls down hill at big companies and it's the low employees that will pay, people with bills and families and not 6 or 7 digit pay checks.
I hope the FBI catches whoever did this and prosecutes them with the full extent of the law - they deserve nothing less.
Those of you wishing to sue, you better have a lot of money at your disposal and a REAL good lawyer, if you think your gonna go hire some lawyer and get million in a few weeks you've obviously never dealt with a law suit, espcially against a huge company.
I kinda felt the need to weigh in here as well after reading some of the idiotic comments posted.
I'm not fanboy, and I have over the years played SOE games - some I've enjoyed, some I've hated. I got the same emails everyone else did from Sony.
That said, this idea that its good guys (hackers) vs Evil sony, or that sony somehow deserved this is insane. I guarantee you the people that will suffer most for this will be the guy making hourly wages, will be the lowest of the lowest working at Sony - that's how all companies operate. If your trying to justify what the hackers did by your perception that Sony is evil because of the Star Wars fiascal I think it's time you grow up and put the internet games away.
It was incredibly stupid of Sony to have such lax security, as well as wait so long to notify everyone, but they have paid the price and will continue to do so, and as I've said $#it rolls down hill at big companies and it's the low employees that will pay, people with bills and families and not 6 or 7 digit pay checks.
I hope the FBI catches whoever did this and prosecutes them with the full extent of the law - they deserve nothing less.
I stick with the hackers and Sony being the bad guys in this one. The victims are Sony's clients. Sony and the hackers, in conjuction through combined malice and negligence caused harm and inconvience to millions. I don't feel sympathy for either side.
Originally posted by CalmOceans Why not? The security expert explained the flaws.
The very same security expert also said:
"I have no information about what protections they had in place"
Yet it does not prevent him from pulling all the stuff out of his ass and only information he got was when he was browsing some forums. And we know well from these boards how those are...
In other words, he has no more clue than you about Sony network and their web servers.
My own desktop PC was likely more protected than Sony's servers.
That is hardly true statement as you have no idea how servers are protected, especially ones at Sony...
Why not? The security expert explained the flaws.
"The issue reported was the fact Sony was running PSN on a server that had an outdated version of Apache and no firewall in place. That meant any vulnerabilities known about for that version of Apache, and patched in more up-to-date releases, were easy to take advantage of. With no firewall in place too, the hacker probably had a very easy time of it."
I use a hardware firewall and the apache software I use is updated non-stop, so I'm very likely much more protected than Sony was.
Who reported this? I have a hard time believing sony was this lazy in secruity.
"I have no information about what protections they had in place"
Yet it does not prevent him from pulling all the stuff out of his ass and only information he got was when he was browsing some forums. And we know well from these boards how those are...
In other words, he has no more clue than you about Sony network and their web servers.
Again, you're making the stuff up.
He didn't get it from "some forum". He got it from security mailing lists. He states he has no information as he has no firsthand information and is going off of what he read. Unless you assume the director of the largest University center for Information Assurance and Security lied to congress and provided hearsay as testimony, which it seems you do.
My own desktop PC was likely more protected than Sony's servers.
That is hardly true statement as you have no idea how servers are protected, especially ones at Sony...
Why not? The security expert explained the flaws.
"The issue reported was the fact Sony was running PSN on a server that had an outdated version of Apache and no firewall in place. That meant any vulnerabilities known about for that version of Apache, and patched in more up-to-date releases, were easy to take advantage of. With no firewall in place too, the hacker probably had a very easy time of it."
I use a hardware firewall and the apache software I use is updated non-stop, so I'm very likely much more protected than Sony was.
Who reported this? I have a hard time believing sony was this lazy in secruity.
In a House Energy and Commerce Committee hearing yesterday, Gene Spafford, a professor at Purdue University and executive director of the school's Center for Education and Research in Information Assurance and Security—the largest of its kind in the country—said the following about the recent breach of Sony's PlayStation Network:
"[I]ndividuals who work in security and participate in the Sony network had discovered several months ago while they were examining the protocols on the Sony network to examine how the games work, [that] the network game servers were hosted on Apache web servers—that's a form of software.
But they were running on very old versions of Apache software that were unpatched and had no firewall installed, and so these were potentially vulnerable.
And they had reported these in an open forum that was monitored by Sony employees, but had seen no response and no change or update to the software. That was two to three months prior to the incident where the break-ins occurred."
My own desktop PC was likely more protected than Sony's servers.
That is hardly true statement as you have no idea how servers are protected, especially ones at Sony...
Why not? The security expert explained the flaws.
"The issue reported was the fact Sony was running PSN on a server that had an outdated version of Apache and no firewall in place. That meant any vulnerabilities known about for that version of Apache, and patched in more up-to-date releases, were easy to take advantage of. With no firewall in place too, the hacker probably had a very easy time of it."
I use a hardware firewall and the apache software I use is updated non-stop, so I'm very likely much more protected than Sony was.
Who reported this? I have a hard time believing sony was this lazy in secruity.
An unnamed source from the U.S. Postal Service. Who cares its a PR desaster for Sony.
" Life Liberty and the Pursuit of Those Who Would Threaten It " MAGA
Originally posted by skeaser I can take any book off my shelf right now and edit it all I want. I can make Harry Potter a sci-fi tale if I want, as long as I don't try to sell it.
That isn't completely true. You are not allowed to distribute it either, regardless if you profit on it or not and caused damage to the company isn't negligable either.
You could say that gun manufacturers aren't responsible for fire-arms being used in criminal acts, which is true.
You cannot buy a gun and do whatever you want with though. There are numerous restrictions and rules you have to follow. You need a permission to use one and the gun needs to be registered. Any attempt in obtaining the a fire-arm without a permission or removing the registration number will cause legal consequences.
If gun manufacturers and gun usage is submitted to protection of implying thorough procedure for gun use, why avoiding a protection of intellectual property should be allowed?
I can take any book off my shelf right now and edit it all I want. I can make Harry Potter a sci-fi tale if I want, as long as I don't try to sell it.
That isn't completely true. You are not allowed to distribute it either, regardless if you profit on it or not and caused damage to the company isn't negligable either.
You could say that gun manufacturers aren't responsible for fire-arms being used in criminal acts, which is true.
You cannot buy a gun and do whatever you want with though. There are numerous restrictions and rules you have to follow. You need a permission to use one and the gun needs to be registered. Any attempt in obtaining the a fire-arm without a permission or removing the registration number will cause legal consequences.
If gun manufacturers and gun usage is submitted to protection of implying thorough procedure for gun use, why avoiding a protection of intellectual property should be allowed?
You can distribute modified (fan-fic) as a derivative work under Fair Use of Copyright material.
How are you using guns in this comparision. I can't rob a bank with a PS3 nor can I kill someone. The purpose of gun laws is no way related to modding a PS3.
Ok the modifying the ps3 thing... Dude who said its illegal to alter cars n stuff...that would mean
That would mean shows like "pimp my ride" are doing illegal things to cars such as changing engines n body
Fanfiction authors are criminals (www.fanfiction.com are all the authors there criminals?)
Why isnt sony going after the ones who has been selling chipped ps3s in asia? Seriously... There has been ps3s that play fake games since... Forever! Same with wii and xbox 360
''/\/\'' Posted using Iphone bunni ( o.o) (")(") **This bunny was cloned from bunnies belonging to Gobla and is part of the Quizzical Fanclub and the The Marvelously Meowhead Fan Club**
It states that the hacker(s) got behind 2 firewalls. So, it would seem that Sony was at least doing something to protect the data.
HOWEVER, Sony also says the hacker(s) exploited a known vulnerability. That being the case, while it is certainly true that the hackers are to blame and should be punished if caught, Sony certainly has some culpability for allowing their customers' private info to be stolen.
Someone on this thread earlier likened the security Sony would use to the security of your home to try to illustrate that it's not perfect and Sony should in no way be held responsible for this breach. I would disagree with that. If a homeowner has two locks on his door (knob lock and deadbolt), and the homeowner knew the deadbolt was broken but never got around to fixing it, I would say the homeowner was at least partially responsible if his home is broken into through that door. I'm not saying the thief would have never been able to break in, but the homowner made themselves a much easier target. That is exactly what Sony did and that's why they are partially responsible for this mess.
You want me to pay to play a game I already paid for???
My own desktop PC was likely more protected than Sony's servers.
That is hardly true statement as you have no idea how servers are protected, especially ones at Sony...
It's been posted. They were running old Apache, unpatched and with no firewall.
Again, quit making up facts.
That server could have been on a different subnet then the main network, it could have been part of a developer network. You do not know where or how this server was setup in their network, nor do we truly know that it was running an Old Apache upnpatched and with no firewall.
This was posted by some 3rd party nobody that may or may not of had access to Sony's network. Again nobody but Sony knows how or what this server was setup to do.
Nobody is making up facts, we are simply stating that nobody outside of Sony and the people involed truely know Sony Security setup and network design
Comments
So I assume EQ's servers are down and I should probably change my debit card number...
And So much for EQ Next. Hopefully a better company can buy it from em and make it right with the quality it deserves!
Correct, every SoE game went down a few days ago and has been down ever since.
SoE is apparently going to notify people by email if their data was compromised. I have received a lot of automated mails from Sony about this but none were personally directed at me.
Actually the main problem is that you arent legally allowed to have say concealed pits in the house that drop the victim down into your own personal dungeon cell. It would be a lot easier to have an active defense once your house is broken into as opposed to making the house impenetrable.
Oops you triggered the knock-out gas... Nighty-night and I hope you don't look too tasty to the dog...
Ahh -- nobody really ever touches the tv -- you found out it has 200 volts running through it -- oops.
I can't believe people would defend the hackers and blame Sony. Sure their security wasn't good at all. But you know, in a world without these e thugs, we wouldn't need it. That's not to say I think it was ok for Sony to be s relaxed with security. They should have known better. Stop holding these hackers up on pedestals. They are criminals plain and simple. I would say the same thing no matter what company it happened to. It isn't Sony out there trying to sell the credit card info. It isn't Sony that said let's hack the network and take away gaming abilities for millions. I swear only in this day and age does a victim get blamed for a crime and the criminals held up high and celebrated. Anonymous or whoever it was should be ashamed of themselves.
I am not sure what part of my post you do not understand..
If you buy a book, dismantle it and use to set a fire in our fireplace, it's fine. Problem comes when you start messing the with content of the book which is an intellectual property of the author and having no consent for modification.
Same as your PS3, you use the technology as intellectual property to serve different purpose, you modify it.
PS3 isn't HW parts only, it is how they are put together and purpose.
I don't defend the hackers, I think they should go to jail.
But Sony is in the wrong too.
Several weeks before the intrution Sony was warned that their security was outdated and they used no firewall:
http://www.geek.com/articles/games/psn-was-running-on-unpatched-apache-server-with-no-firewall-2011055/
My own desktop PC was likely more protected than Sony's servers.
I can take any book off my shelf right now and edit it all I want. I can make Harry Potter a sci-fi tale if I want, as long as I don't try to sell it. I can rewrite Twilight to be an action espionage tale.
The only prohibitions I see are:
1. Piracy. Modifying my PS3 to run pirated games is legal, until I actually pirate a game.
2. The PSN. Their terms wouldn't allow a modded console so I have to stay offline.
Bottom line is I own the machine and if I want to install linux or a homebrew running program and create my own programs to run on it, I don't see any legal recourse they can take.
That is hardly true statement as you have no idea how servers are protected, especially ones at Sony...
Sony should be ashamed as well. Both parties share blame in this tale.
It's been posted. They were running old Apache, unpatched and with no firewall.
Again, quit making up facts.
Why not? The security expert explained the flaws.
"The issue reported was the fact Sony was running PSN on a server that had an outdated version of Apache and no firewall in place. That meant any vulnerabilities known about for that version of Apache, and patched in more up-to-date releases, were easy to take advantage of. With no firewall in place too, the hacker probably had a very easy time of it."
I use a hardware firewall and the apache software I use is updated non-stop, so I'm very likely much more protected than Sony was.
I kinda felt the need to weigh in here as well after reading some of the idiotic comments posted.
I'm not fanboy, and I have over the years played SOE games - some I've enjoyed, some I've hated. I got the same emails everyone else did from Sony.
That said, this idea that its good guys (hackers) vs Evil sony, or that sony somehow deserved this is insane. I guarantee you the people that will suffer most for this will be the guy making hourly wages, will be the lowest of the lowest working at Sony - that's how all companies operate. If your trying to justify what the hackers did by your perception that Sony is evil because of the Star Wars fiascal I think it's time you grow up and put the internet games away.
It was incredibly stupid of Sony to have such lax security, as well as wait so long to notify everyone, but they have paid the price and will continue to do so, and as I've said $#it rolls down hill at big companies and it's the low employees that will pay, people with bills and families and not 6 or 7 digit pay checks.
I hope the FBI catches whoever did this and prosecutes them with the full extent of the law - they deserve nothing less.
Those of you wishing to sue, you better have a lot of money at your disposal and a REAL good lawyer, if you think your gonna go hire some lawyer and get million in a few weeks you've obviously never dealt with a law suit, espcially against a huge company.
I stick with the hackers and Sony being the bad guys in this one. The victims are Sony's clients. Sony and the hackers, in conjuction through combined malice and negligence caused harm and inconvience to millions. I don't feel sympathy for either side.
The very same security expert also said:
"I have no information about what protections they had in place"
Yet it does not prevent him from pulling all the stuff out of his ass and only information he got was when he was browsing some forums. And we know well from these boards how those are...
In other words, he has no more clue than you about Sony network and their web servers.
Who reported this? I have a hard time believing sony was this lazy in secruity.
Again, you're making the stuff up.
He didn't get it from "some forum". He got it from security mailing lists. He states he has no information as he has no firsthand information and is going off of what he read. Unless you assume the director of the largest University center for Information Assurance and Security lied to congress and provided hearsay as testimony, which it seems you do.
In a House Energy and Commerce Committee hearing yesterday, Gene Spafford, a professor at Purdue University and executive director of the school's Center for Education and Research in Information Assurance and Security—the largest of its kind in the country—said the following about the recent breach of Sony's PlayStation Network:
"[I]ndividuals who work in security and participate in the Sony network had discovered several months ago while they were examining the protocols on the Sony network to examine how the games work, [that] the network game servers were hosted on Apache web servers—that's a form of software.
But they were running on very old versions of Apache software that were unpatched and had no firewall installed, and so these were potentially vulnerable.
And they had reported these in an open forum that was monitored by Sony employees, but had seen no response and no change or update to the software. That was two to three months prior to the incident where the break-ins occurred."
Read more: http://techland.time.com/2011/05/05/security-expert-sonys-network-unpatched-and-had-no-firewall-installed/#ixzz1La2g3WAN
An unnamed source from the U.S. Postal Service. Who cares its a PR desaster for Sony.
MAGA
That isn't completely true. You are not allowed to distribute it either, regardless if you profit on it or not and caused damage to the company isn't negligable either.
You could say that gun manufacturers aren't responsible for fire-arms being used in criminal acts, which is true.
You cannot buy a gun and do whatever you want with though. There are numerous restrictions and rules you have to follow. You need a permission to use one and the gun needs to be registered. Any attempt in obtaining the a fire-arm without a permission or removing the registration number will cause legal consequences.
If gun manufacturers and gun usage is submitted to protection of implying thorough procedure for gun use, why avoiding a protection of intellectual property should be allowed?
Security what...? All they do is monitor various forums.
You can distribute modified (fan-fic) as a derivative work under Fair Use of Copyright material.
How are you using guns in this comparision. I can't rob a bank with a PS3 nor can I kill someone. The purpose of gun laws is no way related to modding a PS3.
That would mean shows like "pimp my ride" are doing illegal things to cars such as changing engines n body
Fanfiction authors are criminals (www.fanfiction.com are all the authors there criminals?)
Why isnt sony going after the ones who has been selling chipped ps3s in asia? Seriously... There has been ps3s that play fake games since... Forever! Same with wii and xbox 360
''/\/\'' Posted using Iphone bunni
( o.o)
(")(")
**This bunny was cloned from bunnies belonging to Gobla and is part of the Quizzical Fanclub and the The Marvelously Meowhead Fan Club**
Here is the latest info I could find about the PS3 hack from a trustworthy source:
http://news.cnet.com/8301-31021_3-20058950-260.html?tag=contentMain;contentBody;5n
It states that the hacker(s) got behind 2 firewalls. So, it would seem that Sony was at least doing something to protect the data.
HOWEVER, Sony also says the hacker(s) exploited a known vulnerability. That being the case, while it is certainly true that the hackers are to blame and should be punished if caught, Sony certainly has some culpability for allowing their customers' private info to be stolen.
Someone on this thread earlier likened the security Sony would use to the security of your home to try to illustrate that it's not perfect and Sony should in no way be held responsible for this breach. I would disagree with that. If a homeowner has two locks on his door (knob lock and deadbolt), and the homeowner knew the deadbolt was broken but never got around to fixing it, I would say the homeowner was at least partially responsible if his home is broken into through that door. I'm not saying the thief would have never been able to break in, but the homowner made themselves a much easier target. That is exactly what Sony did and that's why they are partially responsible for this mess.
You want me to pay to play a game I already paid for???
Be afraid.....The dragons are HERE!
That server could have been on a different subnet then the main network, it could have been part of a developer network. You do not know where or how this server was setup in their network, nor do we truly know that it was running an Old Apache upnpatched and with no firewall.
This was posted by some 3rd party nobody that may or may not of had access to Sony's network. Again nobody but Sony knows how or what this server was setup to do.
Nobody is making up facts, we are simply stating that nobody outside of Sony and the people involed truely know Sony Security setup and network design
Sooner or Later