*ren* PSN Down, Customer Info Compromised

mrcorbo said:
They are using "faith" in the sense of choosing to believe something without having supporting evidence to back up that belief. In this case, they are saying that the people who have given Sony their personal information had a belief that their information would be properly secured by Sony despite not having evidence that this would be the case...
Click to expand...
Just like anyone giving their info to MS or Amazon or an online banking service. Or even forming a business partnership with a friend believing they won't stab you in the back (continuing the Zuckerberg reference), or getting married on the faith your spouse isn't going to cheat on you. A great many decisions we make are made on faith in the integrity of the people we interact with.

...and in fact there being lots of evidence to the contrary.
Click to expand...
If this database was created before PSNHack, there'd be no reason to doubt Sony's security. And TBH there's good reason to put one's faith in Sony's security now as they've been actively, publicly addressing it, whereas other companies people share personal information with remain a private unknown. The reason for questioning Sony's security at this point, IMO, is because it's obvious the hackers are targeting them specifically - it's not so much Sony's security one has to worry about, but these hacker chumps!
 
I just bought Under Siege by the way, that was my first actual use of my credit card since the store went back up. I did not have to do anything special, went just like before.

Also, I noticed that my second PS3 was deactivated and I had to reactivate it. Could only do that this morning as before that activation failed due to a timeout or something similar, but it worked fine. I think there's a small silver line to this, in that my broken PS3 was not yet deactivated, but now I probably don't have to get that done through support.
 
Arwin said:
I think there's a small silver line to this, in that my broken PS3 was not yet deactivated, but now I probably don't have to get that done through support.
Click to expand...
That would be nice. Also is anyone having trouble with other PSN network services? I tried to log onto the blog yesterday on PS3 and it failed with the maintenance notice, but I can log onto PS3 just fine. I also cannot log onto LBP.me, always being told there's maintenance going on.
 
I've been getting errors associated with the massive amounts of load their servers have been facing recently is about it.
 
Shifty Geezer said:
That would be nice. Also is anyone having trouble with other PSN network services? I tried to log onto the blog yesterday on PS3 and it failed with the maintenance notice, but I can log onto PS3 just fine. I also cannot log onto LBP.me, always being told there's maintenance going on.
Click to expand...

Yeah, the browser login for PSN seems to be down still, just tried LBP.me myself.
 
Nesh said:
When we give information to a particular company we dont wait and think for a second "hey because its company A we will give information to company A" or "hey there is some chance our info are hackable in company A so I want bother". If we want a service or product we will simply try it out without thinking about the worst. Anything its possible.
Again we are going back to the same question. Why does he care so much that we give information to company A and why does he have the impression its because we have some special trust? We just do what we do to get a particular value from a product or service without thinking much about it or necessarily who makes them. How about companies from B to Z? How many of these are any more or less hackable?
Click to expand...

That seems unwise to me.

The statement wasn't even implying special trust. It was just trust, period. As for their motivations? It's probably the usual for hackers; they have some some BS justification to do something destructive because they can and because they can show "how much smarter they are" than a giant multinational corporation. It's an ego trip and, of course, there's "the lulz".
 
Shifty Geezer said:
Just like anyone giving their info to MS or Amazon or an online banking service. Or even forming a business partnership with a friend believing they won't stab you in the back (continuing the Zuckerberg reference), or getting married on the faith your spouse isn't going to cheat on you. A great many decisions we make are made on faith in the integrity of the people we interact with.

If this database was created before PSNHack, there'd be no reason to doubt Sony's security. And TBH there's good reason to put one's faith in Sony's security now as they've been actively, publicly addressing it, whereas other companies people share personal information with remain a private unknown. The reason for questioning Sony's security at this point, IMO, is because it's obvious the hackers are targeting them specifically - it's not so much Sony's security one has to worry about, but these hacker chumps!
Click to expand...

I only thought that Nesh was reading too much into their use of the word "faith". I don't really think there's too much to take away from this hack that the group's name doesn't already make quite plain.
 
mrcorbo said:
That seems unwise to me.

The statement wasn't even implying special trust. It was just trust, period. As for their motivations? It's probably the usual for hackers; they have some some BS justification to do something destructive because they can and because they can show "how much smarter they are" than a giant multinational corporation. It's an ego trip and, of course, there's "the lulz".
Click to expand...

Unwise? As if you have access to the inside security info of every company, institution, internet forum or online store, so you check before you give your information?

About trust thats exactly the point. Its trust at its simplest possible form that we have. The same and identical across all companies. So...why challenge that simple trust in giving information in some company called Sony? These guys are obsessed with one particular company. And there are countless out there
 
Rotmm said:
Sorry, I haven't read the link you provided, but what I've heard and read elsewhere about the Google situation sounds a lot more like 'phishing' and very little like 'hacking' to me.

I don't think it's comprable to the Sony situation.
Click to expand...

There were at least 2 instances. The very first one penetrated deep and is sophisticated according to Google themselves. That's when they threatened to pull out of China. The ones reported above are much more recent.
 
Nesh said:
Unwise? As if you have access to the inside security info of every company, institution, internet forum or online store, so you check before you give your information?

About trust thats exactly the point. Its trust at its simplest possible form that we have. The same and identical across all companies. So...why challenge that simple trust in giving information in some company called Sony? These guys are obsessed with one particular company. And there are countless out there
Click to expand...

You've now made a series of posts that seem to indicate that one should assume everything is fine unless one has reason to believe differently. I think that is dangerously naive thinking. I am usually very cautious about giving out my personal information and the PSN and SOE breaches have only reinforced that tendency. I believe you should always at least consider the risk vs. reward when you provide this information and only if you then deem the risk small enough or the reward large enough make the decision to input the information.
 
mrcorbo said:
You've now made a series of posts that seem to indicate that one should assume everything is fine unless one has reason to believe differently. I think that is dangerously naive thinking. I am usually very cautious about giving out my personal information and the PSN and SOE breaches have only reinforced that tendency. I believe you should always at least consider the risk vs. reward when you provide this information and only if you then deem the risk small enough or the reward large enough make the decision to input the information.
Click to expand...
How do you evaluate risk and reward for every other organisation that needs your details? Do you shop with MS, Amazon, or use any company that partners with Epsilon? If so, what makes you think your information is safe with them where people shouldn't have trusted Sony? Who else do you share your info with whom you've researched and found that their security is up to the task?
 
Shifty Geezer said:
How do you evaluate risk and reward for every other organisation that needs your details? Do you shop with MS, Amazon, or use any company that partners with Epsilon? If so, what makes you think your information is safe with them where people shouldn't have trusted Sony? Who else do you share your info with whom you've researched and found that their security is up to the task?
Click to expand...

Here's the statement I was responding to.

When we give information to a particular company we dont wait and think for a second "hey because its company A we will give information to company A" or "hey there is some chance our info are hackable in company A so I want bother". If we want a service or product we will simply try it out without thinking about the worst.
Click to expand...

I read that as there being a group of people that includes Nesh ("we") that just give up their information to any company that asks ('we dont wait and think for a second "hey because its company A we will give information to company A"') without any thought to any consequences to that information being adequately secured ("If we want a service or product we will simply try it out without thinking about the worst."). And I said that was unwise.

Do you disagree?
 
mrcorbo said:
I read that as there being a group of people that includes Nesh ("we") that just give up their information to any company that asks ('we dont wait and think for a second "hey because its company A we will give information to company A"') without any thought to any consequences to that information being adequately secured ("If we want a service or product we will simply try it out without thinking about the worst."). And I said that was unwise.

Do you disagree?
Click to expand...
I don't think Nesh is that free and easy. I'm sure he, like the rest of us, fill in bogus information in all those information requests you need to register with forums and whatever services where they don't actually need your details for delivery or similar. I for one have never entered a true security-question answer in my life. Maybe not in Nesh's case - you'd have to ask him. Lots of people aren't as guarded as they should be, which is how phishing etc. work. But in cases where you want a service and it's from a 'trusted' company, we part with out information on faith, without ever researching their security, just because we trust they know what they are doing. And by trusted, I'd say any company that is either a big name or looks kosher in their website. I've bought from complete unknown internet companies before but not if their website looks tacky. And if it's only a matter of a small saving having done a price comparison, I'll often stick with a company I've used before.

What about my questions to you though? You haven't said how you evaluate which companies get your true personal info. Did you actually know what Amazon's and Epsilon's security was like before registering with them (assuming you have - you may avoid all personal info sites like some people do, which would explain that one!), or are you like the rest of us, quite frankly naive to what's going on behind the scenes and getting a shock when a big, powerful multinational, or even a small, trusted company, gets hacked?
 
The Welcome Back package is up on PSN! Just go into the store and click it. Although I hit a Busy error - I imagine there'll be a lot of that!
 
Nesh said:
Unwise? As if you have access to the inside security info of every company, institution, internet forum or online store, so you check before you give your information?

About trust thats exactly the point. Its trust at its simplest possible form that we have. The same and identical across all companies. So...why challenge that simple trust in giving information in some company called Sony? These guys are obsessed with one particular company. And there are countless out there
Click to expand...

I'm kinda curious why we don't see hysterical calls to stop using Gmail now that they have been breached? Personally I would be more alarmed if someone was accessing my email than getting some info that is a mix of public record and banking info that I can change at anytime.
 
... because there is no large scale penetration to date, and there is no billing info there (Unless you use Google Wallet). I definitely won't use Google Wallet just yet. ^_^
 
patsu said:
... because there is no large scale penetration to date, and there is no billing info there (Unless you use Google Wallet). I definitely won't use Google Wallet just yet. ^_^
Click to expand...

Thats fair and I thought about that, but do we really think the same IT department at Sony Pictures is handling PSN's security? I think its more likely that IT is fragmented across business units and while the press might be sensationalizing the breaches which plays into the hackers strategy to discredit Sony a closer look at the situation reveals a more complicated IT infrastructure.
 
... but of course. The Sony Pictures website intrusion is of a different nature compared to PSN. Different level of protection, different people, different data. The taken sweepstakes databases should be outdated and spotty. If it's what I think they are, Sony's marketing will feed those input data into their (real) backend databases to de-dup and corelate the user info. These raw input dataset usually contains a lot of missing and wrong data. e.g., I seldom enter my real info (e.g., DOB, earnings, zip code, blah) in these marketing exercises anyway. I also have a separate free email for these things.
 
patsu said:
... but of course. The Sony Pictures website intrusion is of a different nature compared to PSN. Different level of protection, different people, different data. The taken sweepstakes databases should be outdated and spotty. If it's what I think they are, Sony's marketing will feed those input data into their (real) backend databases to de-dup and corelate the user info. These raw input dataset usually contains a lot of missing and wrong data. e.g., I seldom enter my real info (e.g., DOB, earnings, zip code, blah) in these marketing exercises anyway. I have a separate free email for these things.
Click to expand...

That's kind of my point, the Sony breach is somewhat sensationalized due to:

  • the media reporting the story in a way that suggest this is a bigger mistake than it likely is
  • the well thought out and executed attempt by the hackers to discredit Sony
  • to a lesser degree hyped by people who just don't like Sony as a company
 
You must log in or register to reply here.

Similar threads

Z
Does being messed about by women or people in general, turn you bitter?
Replies
16
Views
1K
Zombietoid
Z
BRiT
Oracle finally does what everyone else couldn't...
Replies
11
Views
8K
Deleted member 2197
D
D
Serious Damage To A Religious Monument [Davros PC]
Replies
8
Views
2K
entity279
E
BRiT
About the latest Equifax Incompetence, Credit Freezes, and why it's all pointless
Replies
1
Views
1K
Grall
G
R
Retro VGS coming: 100% offline retro ARM based console in Atari Jaguar shell
Replies
5
Views
2K
Rangers
R
Back
Top