Sony the Victim of Another Hack Attack, was "Asking for It"

37

Comments

+ Add a Comment
avatar

f104chrome

Sony needs to beef things up but really only some retard would think what these hackers did was ok. If it was my info I'd want some payback, I'd love nothing more than to beat the crap out of a hacker, they ruin every game worth playing and steal info personal info gee aren't they great. Punks.

 

avatar

iceman08

The way I look at it is, sony should have better security across the board (and making other major companies silently beefing up THEIR crappy security). But the hacker groups are being dishonorable with attacks like this. Even the original attack that led to the PSN shutdown; I can't agree with that either

avatar

Taz0

I just can't believe that any respectable company is still vulnerable to an SQL injection attack AND stores passwords in plain text. I mean, most countries have laws criminalizing storing customer passwords in plain text, simply because most people use the same password for multiple website, and so compromising someone's password could compromise their entire identity.

A website (or any computer system) should NEVER EVER store a user's password (not even in encrypted form), nor should there be ANY way to retrieve the password if the whole system is compromised ("here hacker, take all the servers with all the data and try and extract even a single password"). A computer system doesn't really need to know your password to know if the password you've entered matches the one you've previously chosen. That's what (salted) hashes are for.

Being vulnerable to SQL injection is pretty pathetic. But storing passwords, and in plain text, is simply CRIMINAL (though US law is a bit behind the rest of the world in that regard). If it turns out it's true, they should be FEDERALLY PROSECUTED. Of course, revealing all that info to the wide world is also criminal. LulzSec should have just provided a small sample to prove their point.

avatar

kixofmyg0t

I'm still trying to figure out who the hell these million people are that had login id's with credit card info on Sony Pictures. Seriously. Me thinks Sony used it as bait. Think about it, even a fresh IT graduate would blow the whistle on keeping passwords stored in plain text. I personally think Sony left the door open on purpose, the 'ol bait and switch. 

But then again you have to realize that Sony's divisions are seperate. The playstation division and the Sony pictures division both have the name "Sony" as owners but they arnt on the same server, or even building. The IT department of PSN has nothing to do with the IT department of Sony Pictures.

avatar

Zachary K.

*Steals guys wallet*

Its not like it was locked or anything, he was asking for it, therefor it is OK.

avatar

bling581

I find it humorous how people try and compare things with simple real world examples when it's not even remotely similar. Your example is flawed because you're assuming the guy that's getting robbed is completely innocent and has never stolen from anyone else. Sony has done plenty of bad things to it's customers and if they didn't bother to tighten their security after the first hack then they really do deserve it a second time.

avatar

kixofmyg0t

don't forget that the cash in his wallet wasn't encrypted! i mean it clearly says $20 right there on the bill! In plain text! ugggh stupid idiots for not encrypting their wallets!

 

btw what would happen if an IED showed up on the streets of america, and blew up a school bus full of children? oh yeah they were "asking for it" since they wern't riding in a bomp proof bus. So i guess all the people in the twin towers were "asking for it" since the building didnt have its own air defensive system. Everybody thats ever been mugged, shot and killed, raped, beaten etc were "asking for it" to hmm? 

The "logic" of Anon and lulzsec will be the end of the world.

avatar

TheZomb

More like showing the bottom of a security truck is made out of paper by stealing money and saying you shouldn't have transport your money. Their idiots for doing it this way, but if sony is storing personal data they need to protect it, you can whine that its the hackers fault all the time, but their not going away and it becomes your fault if you don't protect yourself against them.

avatar

Trooper_One

"Sony was "asking for it," the hacker group said."

... by that logic, one can rape pretty girls who happened to be walking down a dark alley?  Or rob an elderly person in a parking lot?

Sony is a bitch ass company but there's no need to blame the victims, in this case, the customer who uploaded their data in good faith.

 

 

 

avatar

Supfresh

this couldnt have come at a better time,  i just moved into a new house and was trying to decided whether to buy a ps3 or 360, not too hard to decide now lol.

avatar

Gezzer

Yeah it does seem like the new game in town is to pile on Sony. Hopefully they and any other companies not taking the safe guarding of personal data seriously will have had their wake up call. Most likely they won't though.

I'm kind of dissapointed with Sony. You'd think after the PSN hacks they would of taken a good long look at all their data base security on all the company's sites. These sanctimonious hackers on the other hand really @iss me off. As pointed out by others poor security does not mean your "asking for it". Isn't that the same line rapists often use? Well their posting of personal data in a sense was a rape of the users.

As my dear old dad use to say "two wrongs don't make a right". Sure Sony's at fault for poor security, but the hackers are abusing the users by posting the data which is worse in my eyes.

avatar

nealtse

I've lived with two separate roomates I had to get on their ass about locking the front door.  Both said verbatim "I thought this was a safe neighborhood."  That's right two.  Sony is like them, except that they already got robbed once and just kept on as usual, but their house was full of your stuff.

avatar

tiger_shark

what caught my attention first was the funny pic!

i'm happy that sony got slapped in the face again but i'm not happy why they had to post private info for everyone to see. someone who's been following tech news should know by now that sony's servers have already been raped.

they should've just post some snippets of the information they got from sony.

avatar

weengo

While I don't think Sony was "asking" to be hacked...

What they are "asking" for is a headache and bad publicity by not encrypting anything when they ARE hacked.

If only there was some sort of indicator to Sony that they were going to be hacked.... <sarc>

I'm not blaming the victim but not taking protective measures against theft is just plain incompetence.

avatar

Carlidan

I think them hacking Sony network and showing the there is a flaw in the secruity was legit but when they posted people's personal infomation that definetly crossed the line. They could of just show proof of the hack and warned Sony and their customers.

avatar

d3v

What personal info? People always make stuff up when filling web forms. I doubt any of its true.

avatar

Kano

My thoughts exactly...

"Every bit of data we took wasn't encrypted." They are so noble aren't they?!?

"They were asking for it"  ...and so were those stupid customers, right?

I'm not even a user of sonypictures but, I'm furious that those POS posted the personal info of the users. They should have skipped the whole bit about making Sony look bad because the real motive is obvious... they wanted to exploit an already hurting company and make personal gain and are therefor just pathetic criminals with big heads! Why the hell are these low life hacker groups getting publicity??? That is exactly what they want.

avatar

Carlidan

I'm confused on your reply. I never said it was noble nor did I say it was the customers fault. Where did you get that from my post. I only said them hacking and finding the expliot was a good thing because sooner or later someone will. I wish it was a white hacker who had found the expliot. I also stated that what they did was wrong. Please read. Rather than rant. I said when they posted the information online, they crossed the line.

avatar

Kano

I said nothing towards you. You must not understand sarcasm, my friend. How about you read, and I'll continue to rant. :)

avatar

Carlidan

Well your post was kind of heard to understand. Rant away. I couldn't make heads or tails out of it. :)

avatar

iceman08

That wasn't directed to you, I think. That was sarcasm directed to the hackers who won't read this.

avatar

Kano

...and yes they will! I emailed them and told them to come to MaxPC and read my nasty posts about them. Oh they'll be furious... that's for sure. They'll be so furious they'll have to go physically abuse some elderly people just to feel good again. (note the sarcasm) geeze...

avatar

iceman08

That wasn't directed to you, I think. That was sarcasm directed to the hackers who won't read this.

avatar

bling581

It's good to know that you can't trust Sony with anything even semi-important.

avatar

TerribleToaster

So because it was easy, "they were asking for it"?

By that logic, I should go out and take candy from babies.

It's easy, so they must be asking for it, right?

 

On a side note, Sony can no longer disappoint me as my expectations have been set to zero. Glad I was iffy over getting a PS3, probably saved me a lot of hassle. 

avatar

kixofmyg0t

who the hell has a login for Sony Pictures? But beside the point, i'm not sure if i believe this one.

avatar

Kano

Two very valid pionts.

avatar

Iglidden

IMO Sony has an obligation to protect the personal information of their users and they are simply not living up to their obligation. The fact that they can be hacked by something as simple as a SQL injection attack means that they are not even tring to protect NPI data in some of the most simple ways.

I would be interested to see the diclaimer Sony sends out when you supply them your personal informaiton.

 

avatar

Neufeldt2002

My files on my computer are not encrypted, guess I am asking to be hacked.

avatar

DDRDiesel

Thanks for the tip!

 

 

(I'm in your computer right now, nice pr0n, bro!)

avatar

Neufeldt2002

LOL, Thanks...  Uhm, I mean Damn!

avatar

TommM

Buncha losers.  Pretty high and mighty of them to act as judge, jury and executioner to serve their own petty purposes.

avatar

Kano

My thoughts as well. I want LulzSec brought down HARD.

avatar

siramic

That was my thought too, do they think thay are providing a "service" to show the flaws of websites, and in this case, Sony. Will LulzSec next be asking to receive compensation for thier services? I believe Google paid $20k to anyone who could hack a newer version of Chrome, but that is a whole different story than this.

avatar

tony2tonez

if these guys are so good why not hack the pentagon and get some some pics of Bin Ladens Body? Steeling people private information does not win friends. Only turns the population against them. 

avatar

DDRDiesel

They said themselves that they are not Master Hackers.  They did this to prove that any script kiddie with enough patience could have parsed all the unencrypted information from Sony.  Am I saying that I am in favor of LulzSec?  Hell no.  But I'm just trying to bring some light to what happened.  It sucks that Sony got hacked so many times, they really are a great company that produces great products (inb4PS3sux, I am not a PS3 fanboy), and they just happened to become this year's target.

 

Also, for the record, I am neither supporting Geohot, nor the hackers responsible.  I think it's terrible what's going on right now.  Let's not forget that Japan is still facing a potential nuclear disaster, and are still recovering from the destruction caused by the earthquakes and tsunami

avatar

I_pwn_newbz86

LOL nice picture

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.