Sony Compromised, Again 452
Konsalik writes "The hacker group LulzSec on Thursday posted information it took from Sony Entertainment and Sony BMG on its site, called the LulzBoat. Lulz Security said it broke into servers that run SonyPictures.com. The information includes about a million usernames and passwords of customers in the US, the Netherlands and Belgium and is available for download and posted on the group's site."
Re:What are they trying to prove at this point? (Score:5, Interesting)
Case in point - I've been pro open source, anti IP laws, anti harsh pirating / copying fines for a very long time. I'm pretty liberal and I don't like big corporations. But this shit just pisses me off. They don't like Sony so they fuck over the services that millions of paying customers are using and expose all their personal details? What a pack of pricks. That ain't cool, that's fucked up and selfish.
Re:I wonder if the hackers would stop.. (Score:4, Interesting)
Strictly speaking in a free market sense, paying for Sony products does make you partially responsible. Why, you ask? Because the invisible hand that supposedly corrects poor behavior in corporations is supposed to be the swath of customers who will willfully boycott products in response. Continuing to purchase the corporation's products serves only to reinforce any behavior the it may be involved in.
Re:I wonder if the hackers would stop.. (Score:5, Interesting)
I think what the GP was suggesting would be if Sony, on their own, came out and apologized for being so negligent. Of course that will never happen.
It wouldn't be enough. At this point, I would want Howard Stringer fired (not allowed to resign, but actually fired) before I would consider buying Sony again.
And this from someone who at present has:
1 Sony HD TV
1 Sony high-end Receiver
1 Sony low-end Receiver/DVD combo
1 Sony BD player
1 Sony LocationFree
3 Sony Laptops
1 Sony PDA
1 Sony PSP
1 Sony CD Walkman
and lots of less expensive Sony stuff.
This revenue stream has now stopped, and yes, it will take Stringer's head on a platter before I would consider Sony again, or stop telling friends and family to avoid Sony like the plague. Else, they;re not taking this seriously, and then I will reciprocate that and not take Sony seriously.
Re:Sony company culture of indifference won't chan (Score:3, Interesting)
In many ways, the MPAA has lost. We have to keep in mind what they were really trying to hold on to, the same old way of doing things. They have lost that battle, have been forced to change and are slowly doing so. It isn't that Kazaa or Napster or any one thing caused it, nor that it was some kind of unified (or righteous) movement. It was a bunch of factors mixed together. Their rigidity and shortsightedness being the largest culprit.
Basically, the MPAA has been forced into a change they should have been making anyway.
I see the same thing going on here, actually. There are multiple things going on, on different levels, simultaneously. The main thing going on here is this: "lulz", Removing a promised functionality from a device. Telling Sony to stop doing business the way it has. People are fed up.
Remember the timeline of what has transpired here.
1.) Sony removes OtherOS option from PS3. A gaff. A small number of people bought the PS3 for this feature alone. They were forced into either a) upgrading firmware and losing said ability in order to keep using the console for games, etc. or b) buying ANOTHER ps3. Basically, they fucked over some people (not new for Sony).
2.) Communities of customers begin seeking a way to return this functionality (one that was a selling point for many and one that shouldn't have been removed in the first place.) No big deal, no one really cared.
3.) GeoHot gives people back the ability to do this. Again, not many people cared. Except Sony.
4.) Sony opts for the unpopular and morally wrong thing to do - sue (bully) GeoHot. A major gaff. This outrages people even further AND does nothing to fix the problem of this workaround. People who didn't previously care, now care a lot.
5.) Now that their customers have been pissed on multiple times, some of them decide to piss off Sony.
6.) They decide to perform a DDoS and to bit of a nuisance to Sony. ("lulz" ensue)
7.) Once they do this, someone decided to perform a SQL injection. (fuck it!)
8.) From this, according to them, they got access to EVERYTHING. Also, according to them, they are shocked and appalled. According to them, they decide to expose this negligence on the part of Sony in order to warn its customers. ("lolholyshitwtfbbq - guize, look!")
This also
A) embarrasses Sony ("lulz")
B) gains the attention of mass media ("lulz")
C) gets various figures up in arms about some (non-existent) "dangerous hacktivist group" ("lulz")
As for the customers whose data has been compromised or released, it is an unfortunate side-effect; collateral damage, if you will.
In the process, a couple of valuable and enlightening things have been learned by many parties:
1) Sony has shitty security. - This is news to many people who had assumed that Sony would be pretty safe to deal with, being such a large company. Surprising, a bit unsettling, but somewhat forgivable being that corporations often look to cut costs. For those with some knowledge it is disturbing in and of itself since they aren't PCI compliant. This may be illegal (criminal) in some states. (AFAIK there is no federal law regarding PCI compliance).
2) Sony keeps customer data in the clear. - (I am glad I'm not a customer. - They REALLY must not care about their customers). Not only is this not PCI compliant it is JUST STUPID. It also has me convinced (along with everything else, including their history of rootkits, etc..) to NEVER be a customer of Sony.
3) Sony is a bully who either hates its customers, or doesn't want them anymore.
As for the release of the customer I see it as a positive, not a negative. Those who have had their data compromised can now know this for certain, see it in black and white even, and take appropriate action to protect themselves from possible wrongdoing. Besides, who knows whether or not this data had already been compromised? Apparently, it was trivial to do so and thus it would not surprise me if it had already been compromised before all of this. No one would have known this had
Comedic? (Score:5, Interesting)
Posting people's emails and passwords?
It's not comedic. These people are stealing user info and posting it and you say Sony looks like arrogant nincompoops?
Uh-huh.
Re:I wonder if the hackers would stop.. (Score:3, Interesting)
Full disclosure, I do own a PS3. I was, and am currently, affected by the Other OS removal and the loss of personal data. I am responsible for it because I was also affected by the CD rootkit fiasco, but I didn't learn my lesson and I thought Sony was trying to turn over a new leaf. However, I have learned my lesson and I'm done with Sony.