-
News - Spanish police arrest three in connection with PSN attacks
Quote:
Claim to have detailed Spain's Anonymous leadership.
Read more.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
"the capacity to make decisions and direct attacks."
A mob has the same capacity, that doesn't mean there is a leadership/hierarchy in a mob. It is amusing to watch bureaucrats flailing around trying to get a grasp on anarchy. It's *completely* alien to them. :lol:
-
Re: News - Spanish police arrest three in connection with PSN attacks
In any mob there are normally a few who shout first, then the mob might or might not take take up the cause, every ripple has to start from somewhere, though it is fair to say it has to go through a large number of people "agreeing" with it for it to succeed, however when it because critial, even the reserved tend to follow the line.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Being charged with "discovery and disclosure of secrets and conspiracy." ... so sad.
One of these days we'll change the way we do things, until then I'll amuse myself with the stupid actions police and government take to maintain and extend their powers.
-
Re: News - Spanish police arrest three in connection with PSN attacks
i wonder how the police found then if they were using someone elses wifi? surely they would have went to the home that had the internet connection by tracing the account, but how did they find those piggybacking from it?
obviously it's not impossible to do it, but i'm surpised they got caught so easy as surely they would have noticed the police next door or something
i presume they thought that doing that would help keep the heat off them
-
Re: News - Spanish police arrest three in connection with PSN attacks
"Whether the server ceased had carried out any more sophisticated an attack than simply running this program the Spanish police failed to say."
Seized, Shirley?
-
Re: News - Spanish police arrest three in connection with PSN attacks
It's good to see someone is picking up my slack... just been too busy to highlight the errors in Hexus articles lately.
You guys really need an editor... or at least share your article with other hexus staff for a quick check before publishing.
-
Re: News - Spanish police arrest three in connection with PSN attacks
If they're guilty I'd quite like them to have their balls removed with a rusty razorblade.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
Betty_Swallocks
If they're guilty I'd quite like them to have their balls removed with a rusty razorblade.
Why, because the companies that got hacked didn't take enough time and pay enough to properly secure their networks. Too busy paying their directors and senior managers fat bonuses instead of ploughing the money into ensuring their network was secure:censored:
The big companies that control this mass of information have an inherent obligation to look after it, Sony doesn't seem to have proven it's capability to do so. In my personal opinion they should be declined a data protection licence in the UK, which would cease their operations in this country and send a stark warning to companies to start looking into their security policies pretty sharpish.
Until such time as the ICO does something against large corporates, who are treating our data with disdain then I really have lost faith in the online system but have no way of easily requesting they delete information they hold on me.
I've this week also found out that Codemasters has lost all my personal information, 2 companies in as many months. What can I do about it other than to sign up to some scheme for checking my identity hasn't been stolen and that isn't fool proof.
Sony's offering of a years protection really isn't going far enough. Some of that info doesn't have to be used for a couple of years but it will still be totally valid and I'll have to pay for any protection after the year is up.
They're spending a fortune on diverting attention away from themselves and onto the perpetrator of the hack and are obviously winning as they're got you convinced.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
[GSV]Myocardial
They're spending a fortune on diverting attention away from themselves and onto the perpetrator of the hack and are obviously winning as they're got you convinced.
Okay. I can't let that go without some comment.
Yes Sony had been pants on head retarded in the way the PSN worked, the security model was inherently flawed, once someone had any cyrpto certification they could do anything, from update the characters position to a game server, to executing arbitrary code. That is bad.
But think about it, your saying its OK for someone to do whatever they want because they can?
I can break in to someones house steal what I want because well they shouldn't have left the window open, they were stupid enough to use a Yale lock, rather than a bump proof lock. She was asking for it. They didn't cypher the passwords, they where asking for it, they used only and MD5 with no salting, our rainbow list owned the passwords, they where asking for it, they used a classic salt of the first two letters of the username, our improved rainbow lists found 80% of the users passwords because complexity rules were not enforced. If these concepts don't make perfect sense to you, then never post again saying a company failed on computer security topic.
There has to be a middle ground, taking reasonable steps to prevent but at the same time people not breaking in.
These guys broke in to the PSN network, yes I appreciate the intellectual fun of such things, but no system is secure, except of course macs, because st jobs said so, and so they must be.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
TheAnimus
Okay. I can't let that go without some comment.
Yes Sony had been pants on head retarded in the way the PSN worked, the security model was inherently flawed, once someone had any cyrpto certification they could do anything, from update the characters position to a game server, to executing arbitrary code. That is bad.
But think about it, your saying its OK for someone to do whatever they want because they can?
I can break in to someones house steal what I want because well they shouldn't have left the window open, they were stupid enough to use a Yale lock, rather than a bump proof lock. She was asking for it. They didn't cypher the passwords, they where asking for it, they used only and MD5 with no salting, our rainbow list owned the passwords, they where asking for it, they used a classic salt of the first two letters of the username, our improved rainbow lists found 80% of the users passwords because complexity rules were not enforced. If these concepts don't make perfect sense to you, then never post again saying a company failed on computer security topic.
There has to be a middle ground, taking reasonable steps to prevent but at the same time people not breaking in.
These guys broke in to the PSN network, yes I appreciate the intellectual fun of such things, but no system is secure, except of course macs, because st jobs said so, and so they must be.
If you break into a house and take somebody's tv, you leave them without a tv. That's stealing.
The guys who "stole" Sony's customers credit card numbers (note they aren't even Sony's by any reasonable definition), also left Sony with those numbers. That's copying.
Or maybe those CC numbers are Sony's copyright now too? That will be the next line of bull**** we have to put up with, and you wonder why some people are fighting back?
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
Jimbo75
If you break into a house and take somebody's tv, you leave them without a tv. That's stealing.
The guys who "stole" Sony's customers credit card numbers (note they aren't even Sony's by any reasonable definition), also left Sony with those numbers. That's copying.
Or maybe those CC numbers are Sony's copyright now too? That will be the next line of bull**** we have to put up with, and you wonder why some people are fighting back?
Really the only way they managed to "fight back" Sonny was by coping credit card details from customers? A real service for the common man over there, right now my details might be in anyone's possession but at least I can sleep well knowing that Sonny has kept their copy.
I just hope they don't target BAA security polices next, otherwise passengers are in for a bumpy ride.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
Jimbo75
If you break into a house and take somebody's tv, you leave them without a tv. That's stealing.
The guys who "stole" Sony's customers credit card numbers (note they aren't even Sony's by any reasonable definition), also left Sony with those numbers. That's copying.
Or maybe those CC numbers are Sony's copyright now too? That will be the next line of bull**** we have to put up with, and you wonder why some people are fighting back?
Somehow I think your the kind of person that thinks IP THEFT is somehow OK because they want everything for free, and as such can't even see that in this case I was referring to the breaking and entering of a server. You've missed the act, breaking in to the server.
I then went on, to try and draw parrellels with the whole rape been OK because she was asking for it.
I'm going out on an extrapolation here, but I reckon if I wanted I could easily break in to your PC system, and put everything up on the internet. You'd be fine with that I assume? Obviously I'm not going to, but my point is someone can do that to anyone. I'm running on a fairly secured system here, but I bet any money someone could break in to it if they wanted too.
But if you want to try and bring this thread on to a debate about how its perfectly OK for you to pirate movies, tv, porn, music without paying for any of it, then I think you might some kind of malfunction.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
TheAnimus
Somehow I think your the kind of person that thinks IP THEFT is somehow OK because they want everything for free, and as such can't even see that in this case I was referring to the breaking and entering of a server. You've missed the act, breaking in to the server.
You think? In that case I think you're the kind of person who hasn't got a clue about what is actually going on and simply parrots the views of the industry that you've been getting force fed.
Quote:
I then went on, to try and draw parrellels with the whole rape been OK because she was asking for it.
Which again is absolutely ludicrous and an offence to anybody right minded.
Quote:
I'm going out on an extrapolation here, but I reckon if I wanted I could easily break in to your PC system, and put everything up on the internet. You'd be fine with that I assume? Obviously I'm not going to, but my point is someone can do that to anyone. I'm running on a fairly secured system here, but I bet any money someone could break in to it if they wanted too.
If they wanted to. That's the whole point. Maybe these companies shouldn't make themselves such obvious targets?
Quote:
But if you want to try and bring this thread on to a debate about how its perfectly OK for you to pirate movies, tv, porn, music without paying for any of it, then I think you might some kind of malfunction.
I don't think I tried to make that debate. I simply pointed out that Sony was asking for it, as are many others. Codemasters got broken into as well, thousands of details stolen. DETAILS THAT THEY DON'T NEED TO HAVE.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
Mama Sumae
Really the only way they managed to "fight back" Sonny was by coping credit card details from customers? A real service for the common man over there, right now my details might be in anyone's possession but at least I can sleep well knowing that Sonny has kept their copy.
I just hope they don't target BAA security polices next, otherwise passengers are in for a bumpy ride.
Did Sony need to have your details in the first place? This is the point here - these companies are taking every detail of everyone and claiming it makes them more "safe and secure" online, which is BS it makes you LESS secure.
There is no other way for the thinking man to fight back against it, because sheep happily give all their details out without question. Every single thing I do online now I have to sign my life away almost to get it. That is why people are fighting back against it.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
Jimbo75
You think? In that case I think you're the kind of person who hasn't got a clue about what is actually going on and simply parrots the views of the industry that you've been getting force fed.
I'll say it again:
"I was referring to the breaking and entering of a server. You've missed the act, breaking in to the server."
Copying data is another offense. Breaking in is one itself. Putting the details on a torrent I'm sure was for the public good, no ego fluffing there... But I guess I've been brainwashed by you know not been a complete douche just because I can.
Quote:
Originally Posted by
Jimbo75
Which again is absolutely ludicrous and an offence to anybody right minded.
Excellent, hold that thought of claiming a victim was asking for it as ludicirous... Hold onto it and:
Quote:
Originally Posted by
Jimbo75
Maybe these companies shouldn't make themselves such obvious targets?
Ah yes, there we go.
Quote:
Originally Posted by
Jimbo75
I don't think I tried to make that debate. I simply pointed out that Sony was asking for it, as are many others. Codemasters got broken into as well, thousands of details stolen. DETAILS THAT THEY DON'T NEED TO HAVE.
No you were saying it wasn't theft, the law and terminology gets confusing because of the international boundaries, but in the US that would be classified as IP theft.
They also needed to have the details on the PSN system for the billing to happen. What was wrong is that the system gave out the clear text versions so simply. They were not asking for it. They had flawed security but they had actually taken steps.
I suppose you feel that the hexus forums were asking for the hack they suffered previously?
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
TheAnimus
I'll say it again:
"I was referring to the breaking and entering of a server. You've missed the act, breaking in to the server."
Breaking suggests physical force, which of course did not happen. Nothing was "broken".
Quote:
Copying data is another offense. Breaking in is one itself. Putting the details on a torrent I'm sure was for the public good, no ego fluffing there... But I guess I've been brainwashed by you know not been a complete douche just because I can.
You're being a complete douche by suggesting I was making a case for piracy when I didn't even mention that at all.
Quote:
Excellent, hold that thought of claiming a victim was asking for it as ludicirous... Hold onto it and:
No your attempt to compare rape to hacking was ludicrous, and I'm sure you realised that's exactly what I meant.
Quote:
Ah yes, there we go.
No you were saying it wasn't theft, the law and terminology gets confusing because of the international boundaries, but in the US that would be classified as IP theft.
Too bad we aren't in the US? Or too good? The EU is constantly making laws to protect us from American laws, all I can say is I hope they speed some of them up before it gets even worse.
Quote:
I suppose you feel that the hexus forums were asking for the hack they suffered previously?
I have no idea. There are various kinds of hackers out there, but then again people are different no matter what. Some of them are more like Robin Hood while you seem to think they are all like the Yorkshire Ripper or some other beastly thing.
Learn to prioritise, yours are laughably out of whack. I'm gonna guess you lost some money in Sony shares or you possibly work for them, either way you are definitely going way overboard with your comments here.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Much like Jimbo75 I don't "subscribe" to the privilege model of life, however, I feel the projections and snipes above are besides the point and of no use to anyone.
I don't agree that attacking a company to make a point is a good thing but how can we influence our experience on their systems without doing that?
The problem I have with the current situation is that we have certain things dictated to us and the choice we get is either deal with it or get on without it. That doesn't count as a choice for me and I feel that abstaining from a platform is not an option when your friends aren't bothered. You either loose out or you loose out, great choice there.
I don't know of a way to improve it, but I think a good starting point would be changing the way companies view their customers. Companies need to become part of the community they provide for, being disconnected causes too many problems.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Exhail, the problem with companies like Sony is they just don't listen to reason. There is only one way to deal with a company like that.
All of this happened to them because some guy found a way to hack the PS3 to use different OS's, and they took him to court over it. For the sake of what would have been a few thousand quid, they started law cases running into much higher amounts, then finally saw billions wiped off their shares.
I hope it's been a hard lesson to them and others. Corporate greed brought Sony down and nothing else.
You made a very valid point on being unable to abstain from making choices as well. This is the new thing. I cannot sign up to play a game online without giving out more and more details every year. It didn't stop me from being hacked, and probably hundreds of thousands of others as well. They do not need this info for our safety like they claim, they need it because it is worth money to them pure and simple.
If there was another choice I'd take it, but these same companies are involved in cartels and neverending anti-trust issues which prevents anyone else from breaking their stranglehold. The EU is making laws as fast as it can but it's not fast enough for some of us.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
Jimbo75
Breaking suggests physical force, which of course did not happen. Nothing was "broken".
Damn. Guess we never broke enigma then, never cracked the lorenz either. Same way that breaking and entering doesn't have to involve a damage to the property that is been entered.
Quote:
Originally Posted by
Jimbo75
You're being a complete douche by suggesting I was making a case for piracy when I didn't even mention that at all.
Well you sir... Don't get how your thinking that, because I wasn't that one that started to complain that critising people posting stolen data on the net was wrong.
Quote:
Originally Posted by
Jimbo75
No your attempt to compare rape to hacking was ludicrous, and I'm sure you realised that's exactly what I meant.
Not really. Rape is a violation, people are seeing this now happen online, someone blackmails some normally young girl, and using data acquired from their PC gets them to take video or something for them. An extreme point, but valid that to a lot of these young victims, they are so scared about having intimate details of their life posted to all their school friends, that one picture they took for their boyfriend, they will capitulate with someones sexual fantasies. There was a case in the news which was most shocking a couple of weeks back. I shan't link it here, doubt the mods would be happy, but it would certainly fall into the extreme violation category.
Now just because she was guilable enough to download and run as elevated an executable which proported to be from the school does not mean she deserved it. No matter how lax her security measures were.
Quote:
Originally Posted by
Jimbo75
Too bad we aren't in the US? Or too good? The EU is constantly making laws to protect us from American laws, all I can say is I hope they speed some of them up before it gets even worse.
Last I checked the PSN was a global thing admistered mostly out of the US. Which law do they use to charge the hacker, they can be extradited you know.
Quote:
Originally Posted by
Jimbo75
I have no idea. There are various kinds of hackers out there, but then again people are different no matter what. Some of them are more like Robin Hood while you seem to think they are all like the Yorkshire Ripper or some other beastly thing.
Oh yes these guys were really doing it for all the little peoples good weren't they? I mean the little people were glad to erm.... Can't think of any upside for them, except they might have gotten some fresh air whilst the network was offline... Yes they helped the working man get fresh air, they are heros.
I'm not for a second saying there aren't many people who are just doing it for the fun in ways which are harmless. But these guys weren't harmless.
Quote:
Originally Posted by
Jimbo75
Learn to prioritise, yours are laughably out of whack. I'm gonna guess you lost some money in Sony shares or you possibly work for them, either way you are definitely going way overboard with your comments here.
No they put torrents of peoples information up on the net, for no reason other than they could. How the hell do you make that sound like a good thing?
Someone trashed the hexus forums because they could. At the risk of a flame war its not hard because PHP is a pile of insecure poo, but just because its possible, does it really mean they should? No.
So to recap, theft of IP, is erm, theft. Breaking in to a system in an un-authorised way is naughty. Posting details of people who had nothing to do with any of it makes you a douche.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
TheAnimus
Last I checked the PSN was a global thing admistered mostly out of the US. Which law do they use to charge the hacker, they can be extradited you know.
Yes exactly, like the US are trying to do with a UK citizen Gary McKinnon for example, a guy with a serious personality disorder.
Quote:
I'm not for a second saying there aren't many people who are just doing it for the fun in ways which are harmless. But these guys weren't harmless.No they put torrents of peoples information up on the net, for no reason other than they could. How the hell do you make that sound like a good thing?
These are the same guys who are outing the US's war crimes, which is the only reason the US is interested in the first place. As for putting people's information up on the net, you realise that this allows these people to start a class action against the company? That's why its a good thing, that's why Sony has put aside a fortune to pay off people who were victims of this so called "crime". You have to wonder, who really is the criminal when Sony is the one facing $billion payouts?
http://www.computerandvideogames.com...er-data-theft/
On top of that, some of these people are waking up to the reality of what is actually going on, which is the main reason for posting details - publicity. If people weren't so ignorant in the first place Sony would not have free reign on all of their personal information. This is a good thing.
Quote:
So to recap, theft of IP, is erm, theft. Breaking in to a system in an un-authorised way is naughty. Posting details of people who had nothing to do with any of it makes you a douche.
In your opinion. Laws can change and they will change. You would have them change for the worse, along with the board at Sony, the US government and the rest who would have us living in a corporate police state.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
Jimbo75
Yes exactly, like the US are trying to do with a UK citizen Gary McKinnon for example, a guy with a serious personality disorder.
Erm, this is about people leaking information about customers of the PSN. The Gary McKinnon thing is irrelevant.
Quote:
Originally Posted by
Jimbo75
These are the same guys who are outing the US's war crimes, which is the only reason the US is interested in the first place. As for putting people's information up on the net, you realise that this allows these people to start a class action against the company? That's why its a good thing, that's why Sony has put aside a fortune to pay off people who were victims of this so called "crime". You have to wonder, who really is the criminal when Sony is the one facing $billion payouts?
I can't believe this. Your saying its OK to publish information on PRIVATE people who have done nothing more than buy a service from sony?
I cannot begin to fathom how you arrive at that. How the hell?
The wikileaks thing is completely irrelevant. No matter how good the intentions of someone are in one act does not excuse them in another.
Quote:
Originally Posted by
Jimbo75
On top of that, some of these people are waking up to the reality of what is actually going on, which is the main reason for posting details - publicity. If people weren't so ignorant in the first place Sony would not have free reign on all of their personal information. This is a good thing.
Yes we should really question more about what information people hold on us, but there are ways of going about it that are correct.
I think you would be singing a different tune if it was your information posted, if your credit card was subsequently used fraudulently.
Quote:
Originally Posted by
Jimbo75
In your opinion. Laws can change and they will change. You would have them change for the worse, along with the board at Sony, the US government and the rest who would have us living in a corporate police state.
Really? No government has been looking at relaxing the laws regarding accessing systems without prior authorisation. I love how you go straight to corperate police state.
In what way, in this scenario are Sony not a victim? How are they been an evil corporate? Providing an online gaming service which people choose to use (surely xbox live is better!).
Where would you draw the line, I'm self employed, I have personal data on my home office network. Should people be allowed to break in to that at whim to show how bad my security is?
And that is the last bit. All security is flawed. If you respond to my first post about where you draw the line, I think we might move this along a bit better.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
TheAnimus
Erm, this is about people leaking information about customers of the PSN. The Gary McKinnon thing is irrelevant.
You were the one who brought up extradition. What's the difference here?
Quote:
I can't believe this. Your saying its OK to publish information on PRIVATE people who have done nothing more than buy a service from sony?
I'm saying it's not ok for Sony to have that information in the first place. They don't need to have it, if they didn't have it this wouldn't have happened.
Quote:
I cannot begin to fathom how you arrive at that. How the hell?
How hard is it to believe? These companies are collecting data on people that they simply do not need to have in order to sell us their products. On top of that, they are failing horribly to keep that data safe. That is why Sony is facing more $billion lawsuits.
Quote:
The wikileaks thing is completely irrelevant. No matter how good the intentions of someone are in one act does not excuse them in another.Yes we should really question more about what information people hold on us, but there are ways of going about it that are correct.
I don't believe it is completely irrelevant. It's the same people. Do you really think the US government cares about a Japanese company losing a fortune? Did Obama care about BP while putting the boot in? No, Americans only care about American interests. This has EVERYTHING to do with wikileaks and if you can't see that then something is wrong.
Quote:
I think you would be singing a different tune if it was your information posted, if your credit card was subsequently used fraudulently.
For all I know my information could be there. I should check, maybe join the ranks of people suing Sony. I know I didn't give them any of my information but it would not surprise me one jot to find out that they had it anyway. That is how they work.
Quote:
Really? No government has been looking at relaxing the laws regarding accessing systems without prior authorisation. I love how you go straight to corperate police state.
That's not what I meant. Laws are being put in place to allow customers to opt out of this crap so it wouldn't be an issue in the first place. Just because lawmaking is slow does not give Sony and the rest the right to abuse our goodwill and trust until that law is made.
Read - http://www.telegraph.co.uk/technolog...med-by-EU.html
And that is just the first of many steps that will be taken.
Quote:
In what way, in this scenario are Sony not a victim? How are they been an evil corporate? Providing an online gaming service which people choose to use (surely xbox live is better!).
Try googling Sony antitrust why I play the worlds smallest violin for them.
Quote:
Where would you draw the line, I'm self employed, I have personal data on my home office network. Should people be allowed to break in to that at whim to show how bad my security is?
And that is the last bit. All security is flawed. If you respond to my first post about where you draw the line, I think we might move this along a bit better.
The line should be drawn at corporate abuse of trust and need to know information. Until it is, they will only end up losing more and more in the long run, just like Sony. And believe me it's not over for Sony by a long shot, maybe they need to go under for the others to really take notice of how serious people are about personal rights.
Codemasters -http://www.bbc.co.uk/news/technology-13731822
My information is probably included in that as. I hated given out those details just to play on online game, and frankly if I find out it has been used to con me out of money they'll be getting sued too. That their greed should come back to haunt them is the best kind of justice that can be meted out to them, as the guy in that article says...
Quote:
"Does a company like Codemasters or any video game company really require such sensitive information? In my opinion - no."
-
Re: News - Spanish police arrest three in connection with PSN attacks
I'm sorry, I tried, I couldn't write something that wouldn't violate the family huggy friendly nature.
So I'll simply leave it with, the law says your wrong. Long live that status quo.
-
Re: News - Spanish police arrest three in connection with PSN attacks
The law is changing to prevent stuff like this happening in future.
You are welcome to your opinion but for the love of God I hope you don't actually believe you have the moral upperhand, or are feeling any actual pity for Sony.
The only difference between something like Sony and Anonymous is individuals in Sony can hide behind their corporation and get away with all sorts of criminal activity because of it, while the Anonymous guys will probably end up in jail for far lesser crimes.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
TheAnimus
Okay. I can't let that go without some comment.
Yes Sony had been pants on head retarded in the way the PSN worked, the security model was inherently flawed, once someone had any cyrpto certification they could do anything, from update the characters position to a game server, to executing arbitrary code. That is bad.
But think about it, your saying its OK for someone to do whatever they want because they can?
I can break in to someones house steal what I want because well they shouldn't have left the window open, they were stupid enough to use a Yale lock, rather than a bump proof lock. She was asking for it. They didn't cypher the passwords, they where asking for it, they used only and MD5 with no salting, our rainbow list owned the passwords, they where asking for it, they used a classic salt of the first two letters of the username, our improved rainbow lists found 80% of the users passwords because complexity rules were not enforced. If these concepts don't make perfect sense to you, then never post again saying a company failed on computer security topic.
There has to be a middle ground, taking reasonable steps to prevent but at the same time people not breaking in.
These guys broke in to the PSN network, yes I appreciate the intellectual fun of such things, but no system is secure, except of course macs, because st jobs said so, and so they must be.
TheAnimus, how do you get from what I've posted that it's OK to do anything they want. I had an objection to someone wanting physical harm to someone who "could" have been involved with the group that "may" have been involved in hacking the PSN and SOE network. I'd call asking for them to have their balls removed with a rusty razor blade as a call to torture. Personally if we have to drop to that level then we've totally lost the plot as a civilised society. The hackers weren't in the right but neither was the large corporate.
(I'll make the same sort of assertion that you made against both myself and Jimbo75 just for effect) But think about it, you're saying that it's OK to torture a convicted person with razor blades? (Of course you're not, so stop making those sort of assertions about others when you post, it's not appreciated and not what was meant). Maybe I should have been clearer with my objection.
Sony was in charge of over a hundred million end users personal data. Data that can allow a criminal to basically wipe out your bank account, use your credit card and live as though they are anyone on the list. If your bank lost all your money from your account and offered you a year of insurance (that doesn't cover any losses just the money you'd have to spend rectifying your credit record) and a couple months free gaming, you'd be rightfully a little narked. Sony have, through poor administration and control procedures, given away access to potentially a hundred million bank accounts, credit cards etc and potentially blighted people for years to come with problems with fraud.
And for me I don't even want to play their games anymore. I ceased paying for my account over four years ago, there is no way to get your information removed completely from their database, I've tried before and didn't get very far as no one could ever answer my questions and in the end I gave up, thinking that a large corporate like Sony would have appropriate measures of firewalling my personal data away from criminals.
It turns out that they didn't have appropriate measures in place and that such data was available to external sources. In my mind they should be punished to the full extent of the law and severely financially penalised, as well as coutries revoking their rights to administer data.
The other insult comes in their insurance offering, they're not even using all the contact details they have on file to contact people, instead you have to go out of your way to phone the damn company up administering the insurance and ask to be added in some way. Or that's what I've read and since sony seem to have no links to a central place to get information easily findable on the affected sites; www.soe.com has no banner linking to the info as I would expect, it takes some googling to actually find their web pages about this incident.
And on the point of a group publishing the data, it really does seem that this has become the only way that the common man actually gets any say in getting the law governing data protection tightened up.
Although if they do find the people responsible then I think they should also be tried and given appropriate jail sentences.
Quote:
Where would you draw the line, I'm self employed, I have personal data on my home office network. Should people be allowed to break in to that at whim to show how bad my security is?
Hope you're registered with the ICO as a data controller then?
What security do you have in place and if you think your security is deficient then you better spend some cash on rectifying it, by what you've said above you obviously don't think the data is very secure or is that just me reading something into what you've posted again :rolleyes: A recent case that came across my desk has indicated that it is the data controllers problem to have reasonable security in place, comparable to the amount and type of information present. Basically a person had information on their laptop, took it home and while the data was encrypted I believe, the passwords were also on the machine and the machine was not physically secured within the house, i.e. in a locked cupboard or chained to something. The ICO therefore found the company negligent, so things are being done.
It also gave me something more to consider in the business I work for as technically it'll be my boss as Company Secretary who'll be in the firing line should we loose a load of data.
One thing that I would like to see on sites that require you to enter data is that they are forced to give you the option to have all the personal data removed on request, and I don't mean by telephoning or jumping through hoops. Also data should be proportionate with what is required, on SOE all my data is available in one area, rather than being properly seperated. Why do my CC payments need to be in my online game login section, that data should be held completely seperate. Also, technically my chars on the relevant game are also gone as they wiped them as part of a downsize, so my CC details are not even relevant anymore.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Fascinating exchange on this topic - albeit a little heated in places! :o
Glad to hear that some of the Anonymous folks have been caught. They had my support for the action against Sony, up to the point when they supposedly released all this confidential data to the world at large (or at least the criminal element of it). At that point, as far as I'm concerned they're just scum, and deserve some hard jail time. If they'd just spiked PSN for a day, and then proved they'd compromised the servers, then fine. But to do the other stuff was just ridiculous - particularly data theft for gain is still theft, (and the next person who compares Anonymous to Robin Hood is going to get slapped).
As an ex-Sony online customer (closed my accounts) I'm disgusted by the way that Sony's been handled - a "sorry" from the managers doesn't do it, I want firings at the manager level, (and maybe lower if the admins weren't warning about the lack of security)! I'd be quite happy to see Sony get some swingeing fines from UK (unlikely), EU and US for their horrific negligence - it's long overdue that someone was made a very public example of.
Like others have eloquently stated, I'm getting increasingly uneasy by the amount of data that companies are insisting you provide, and the cavalier way that some of them treat data or copies thereof. Maybe if a few CTO's etc got some personal fines and/or some jail time then we'd see some downsizing of the "requirements" and better handling?
And heaven help you if you try to find out information from these folks. My most recent failure was trying to find out from a pet product advertisement agency why I'd been banned from their forums for "spamming" despite the manner etc of them doing this was in violation of their T&C's. Similarly trying to find out what MS, Apple, Sony are permitting themselves to do with your data is frustrating.
By the way
Quote:
Claim to have detailed Spain's Anonymous leadership.
in the subhead - shouldn't that be "detained" rather than "detailed"? Pedant mode off ...
-
Re: News - Spanish police arrest three in connection with PSN attacks
http://www.bbc.co.uk/news/technology-13749181
they've now targeted the spanish police website
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
uni
That's what makes me really question the ability of this group to have hacked the PSN and SOE network. They just seem like that have a lot of bots at their disposal to push DoS attacks.
I doubt we'll ever know who the real perpetrators were.
-
Re: News - Spanish police arrest three in connection with PSN attacks
Quote:
Originally Posted by
[GSV]Myocardial
That's what makes me really question the ability of this group to have hacked the PSN and SOE network. They just seem like that have a lot of bots at their disposal to push DoS attacks.
I doubt we'll ever know who the real perpetrators were.
Actually if their claims are to be believed, pretty much all their hacks have been relatively mundane - SQL injection, local file inclusion, etc.
Apparently Facebook proved a tougher nut to crack... from the Twitter feed:
Quote:
If you try to snack on Facebook's innards, it unleashes phantom anti-hacker arms that tear you limb from limb while boiling your bones. :(
Ironically, with all the privacy fiascos, Facebook apparently has a reasonably good security wing.
Does make me wonder though, why can't Sony et al subpoena Twitter for the details of the posters? - though naturally one would assume it's all through Tor, etc.
