*ren* PSN Down, Customer Info Compromised

[mrcorbo]

I don't think Nesh is that free and easy. I'm sure he, like the rest of us, fill in bogus information in all those information requests you need to register with forums and whatever services where they don't actually need your details for delivery or similar. I for one have never entered a true security-question answer in my life. Maybe not in Nesh's case - you'd have to ask him. Lots of people aren't as guarded as they should be, which is how phishing etc. work. But in cases where you want a service and it's from a 'trusted' company, we part with out information on faith, without ever researching their security, just because we trust they know what they are doing. And by trusted, I'd say any company that is either a big name or looks kosher in their website. I've bought from complete unknown internet companies before but not if their website looks tacky. And if it's only a matter of a small saving having done a price comparison, I'll often stick with a company I've used before.

What about my questions to you though? You haven't said how you evaluate which companies get your true personal info. Did you actually know what Amazon's and Epsilon's security was like before registering with them (assuming you have - you may avoid all personal info sites like some people do, which would explain that one!), or are you like the rest of us, quite frankly naive to what's going on behind the scenes and getting a shock when a big, powerful multinational, or even a small, trusted company, gets hacked?

Based on what you said above, not too different than you do. Just because I claimed that it was imprudent to give up your personal details without any regard to consequences doesn't mean I do a full risk analysis every time I fill out a web form! Don't forget, I got nailed by the PSN hack AND the SOE one. For the record, I was only clarifying the statement by LulzSec, not endorsing it.

I will now be more likely to fill in falsified information when correct information is not required for operation of the service/product than I was before, and I have always only filled in the required information (leaving the other fields blank). I have also attempted to keep my various online profiles seperate, not linking between Facebook, Twitter, forums, online gaming accounts, etc.

 

[patsu]

That's kind of my point, the Sony breach is somewhat sensationalized due to:

• the media reporting the story in a way that suggest this is a bigger mistake than it likely is
• the well thought out and executed attempt by the hackers to discredit Sony
• to a lesser degree hyped by people who just don't like Sony as a company

Such is the nature of the media. T_T
Sony PR will have to do their job to counter the negative news. It's their brand afterall.
I have been training my son in identifying the general tricks marketers and the press use.

If you want to complain about the media, then take "comfort" that we are starting to lose a global media war. Now that countries like China and Middle-East understand the importance of media power, they have invested heavily into a global media platform. Some of my friends are following Middle-East sources as their de facto source of international news these days. I took a quick look the other day, and was unexpectedly impressed by their objectivity, abundance of facts, and relentless probe into the interview topic. It's very interesting. ^_^

 

[temesgen]

Based on what you said above, not too different than you do. Just because I claimed that it was imprudent to give up your personal details without any regard to consequences doesn't mean I do a full risk analysis every time I fill out a web form! Don't forget, I got nailed by the PSN hack AND the SOE one. For the record, I was only clarifying the statement by LulzSec, not endorsing it.

I will now be more likely to fill in falsified information when correct information is not required for operation of the service/product than I was before, and I have always only filled in the required information (leaving the other fields blank). I have also attempted to keep my various online profiles seperate, not linking between Facebook, Twitter, forums, online gaming accounts, etc.

I have an created essentially an online alias for online forms which I use for everything that way if I have to answer security questions I have the info committed to memory. I also have 2 bank accounts at the same bank linked so I can do immediate online transfers and when I online transactions I send from my real account to the proxy account. Even though I have all that in place I have never spent any money on PSN or Live, if I need something I would simply by one of their cards and use that info.

 

[temesgen]

Such is the nature of the media. T_T
Sony PR will have to do their job to counter the negative news. It's their brand afterall.
I have been training my son in identifying the general tricks marketers and the press use.

If you want to complain about the media, then take "comfort" that we are starting to lose a global media war. Now that countries like China and Middle-East understand the importance of media power, they have invested heavily into a global media platform. Some of my friends are following Middle-East sources as their de facto source of international news these days. I took a quick look the other day, and was unexpectedly impressed by their objectivity, abundance of facts, and relentless probe into the interview topic. It's very interesting. ^_^

No question that media isn't doing their job, not sure if its due to an agenda or the fact that a degree in journalism doesn't completely prepare you to write on issues like IT for example. Stories written about economics are particularly bad, 4 years into the credit crisis and you would be hard pressed to find main stream articles that truly capture the causes and effects accurately. Thankfully we have blogs, I'll take stories written by someone passionate about a subject over stories written by a journalism major in most cases.

 

[patsu]

Shared responsibility between Sony PR and the media. I know some of the media reported that the PSN hack has leaked billing info for sure, even though Sony said it's unknown (or they didn't see any evidence). But I didn't hear any clarifications from the PR team.

... and yes, the media usually wants to tell a story, a simple story that everyone can understand. ^_^

 

[Shifty Geezer]

Well, hat's off to Sony's server farm. I'm managing 1 megabyte a second, the very maximum my theoretical 8 megabit connection can supply, and higher than I've ever got before on any download. The store throws up lots of errors as it's so busy, but the actual service of content is remarkably fast considering they must be getting absolutely hammered with downloads.

 

[Arwin]

Well, hat's off to Sony's server farm. I'm managing 1 megabyte a second, the very maximum my theoretical 8 megabit connection can supply, and higher than I've ever got before on any download. The store throws up lots of errors as it's so busy, but the actual service of content is remarkably fast considering they must be getting absolutely hammered with downloads.

I'm reckoning the actual bandwidth is provided by an external hosting party and if Sony pays, file hosting can be scaled up dynamically fairly easily. If you're finding you have better speed than previously, then it may well be that Sony has (temporarily) provided for a higher or even virtually uncapped total bandwidth from its provider (which could be amazon by the way?). With the (probably Sony owned) PSN databases, store content and store front-end servers however that's probably not so easy for them to upscale without making significant investments, so that's where the biggest bottleneck is right now.

Anyway, off to attempt to download Infamous and Quest for Booty then.

 

[Shifty Geezer]

I agree they probably are renting out capacity. Although the fact my typical 6 Mbps phoneline is delivering 8 Mbps is extra remarkable!

 

[patsu]

Yap... it's their CDN partners' servers.

 

[Nesh]

I don't think Nesh is that free and easy. I'm sure he, like the rest of us, fill in bogus information in all those information requests you need to register with forums and whatever services where they don't actually need your details for delivery or similar. I for one have never entered a true security-question answer in my life. Maybe not in Nesh's case - you'd have to ask him. Lots of people aren't as guarded as they should be, which is how phishing etc. work. But in cases where you want a service and it's from a 'trusted' company, we part with out information on faith, without ever researching their security, just because we trust they know what they are doing. And by trusted, I'd say any company that is either a big name or looks kosher in their website. I've bought from complete unknown internet companies before but not if their website looks tacky. And if it's only a matter of a small saving having done a price comparison, I'll often stick with a company I've used before.

The same here. I never use real security questions either. I am always cautious with my information, but it doesnt ma e a difference if its Sony or MS or Samsung or Ebay or whatever, unless its some unknown institution or company that sounds fishy in nature. No matter what news spread about being hacked or how secure it is, my actions are the same with every company. I will use its services as long as I know it and I am interested in their products and services.
I cant really know how secure Samsung, Sony, Beyond3d, Play, MS, Amazon or Ebay are. We simply dont have internal access to know and check.
If I started worrying about the worst every time because I dont have that information and any of these are vulnerable to hacking I wouldnt have used any of them
They could all be at the same level of security as Sony. Just because some hackers want to hack and spread impressions about one company doesnt say much about the security of others or that I shouldnt use their services. PSN being one of them. Whatever impressions these hackers are trying to spread intentionally is useless.

 

[-tkf-]

That seems unwise to me.

The statement wasn't even implying special trust. It was just trust, period. As for their motivations? It's probably the usual for hackers; they have some some BS justification to do something destructive because they can and because they can show "how much smarter they are" than a giant multinational corporation. It's an ego trip and, of course, there's "the lulz".

The Lulz is out of reach in any normal way of thinking and they are very likely going to be arrested and sent to jail for a long time. The same reason they get "lulz" because they are hitting on a mega corp is the same reason they are unlikely to escape.

Mega Corps have all the money and the time in the world to round up people that does these things it´s like a T1000, they just keep on pursuing until the target is neutralized.

And their reasoning is really bad "why trust someone that is so bad with security". Are we to stop using anything in the world that has examples of breached security?

It seems that the way Gmail got hacked gets more understanding here, and is not considered "a real hack" because it uses phising. It´s stil results in a break in, and it can potentially be much worse than a "standard" hack since it can give access to even more data.

 

[BoardBonobo]

The same here. I never use real security questions either. I am always cautious with my information, but it doesnt ma e a difference if its Sony or MS or Samsung or Ebay or whatever, unless its some unknown institution or company that sounds fishy in nature. No matter what news spread about being hacked or how secure it is, my actions are the same with every company. I will use its services as long as I know it and I am interested in their products and services.
I cant really know how secure Samsung, Sony, Beyond3d, Play, MS, Amazon or Ebay are. We simply dont have internal access to know and check.
If I started worrying about the worst every time because I dont have that information and any of these are vulnerable to hacking I wouldnt have used any of them
They could all be at the same level of security as Sony. Just because some hackers want to hack and spread impressions about one company doesnt say much about the security of others or that I shouldnt use their services. PSN being one of them. Whatever impressions these hackers are trying to spread intentionally is useless.

Many organisations have far worse security than Sony had. It's just a fact of life. The internet has grown at such a pace and the technologies used, at the top level, are changing on almost a monthly basis that keeping up is quite hard to do. Especially if you are a large organisation with multiple diverse interests spread across multiple continents. The investments required to retrain staff or hire new staff is phenomenal, and then you run into wet-ware problems, where people don't want to let go or are just not up to the job in hand.

 

[Cornsnake]

Does anyone know if the 30 days free PS+ offer will expire if you don't use it soon? I would prefer not using until it comes with some stuff I actually want.

 

[DJ12]

Do you have to activate it?

I already have PSN+ but when I click on the PSN+ icon it takes me straight to it not a download page like the welcome back package (which now seems to have disappeared from UK PSN )

 

[Shifty Geezer]

Yes, you have to select the PS+ offer in the Welcome Back part of the store. They say it's 30 days, so I guess that's 30 days from purchase, though it could be just June. and they don't say when the Welcome Back offers will be removed. Maybe never? One to ask the Blog (who'll ignore you, no doubt!).

 

[Cornsnake]

I'm not subscribed right now, and it's available in the store as a download. So I guess I can active it that way.

 

[-tkf-]

Do you have to activate it?

I already have PSN+ but when I click on the PSN+ icon it takes me straight to it not a download page like the welcome back package (which now seems to have disappeared from UK PSN )

This confused me a abit as well, i bought the DLC pass for Noire, had an error and the "buy" button disappeared, however all the downloads were suddenly "free" and i could get them.
Same with PS+, once you activate it it disappears , you can check under account management and activce services to see if it´s active and when it runs out. Plus you get a + sign next to the time in the upper right corner.

 

[Npl]

from what I understood, the 30 days PSN+ offer should be valid forever.
I did try to get my free games, but I somehow happened to "cheat" PSN to only giving me 1 free game, I chosen Wipeout as freebie aswell and it aint showing up anywhere while the corresponding WB offer disappeared
Worked fine on my primary Euro Account, so I still got 3 PS3 games and 2 PSP games (apparently dint buy anything PSP on my Eur Account).

Stupid question, but are free PSN+ offers getting diasbled once subscription runs out? I dint think so and the Eur PSN doesnt say anything, but the US PSN says content will be disabled when PSN+ is gone?

 

[Shifty Geezer]

Stupid question, but are free PSN+ offers getting diasbled once subscription runs out? I dint think so and the Eur PSN doesnt say anything, but the US PSN says content will be disabled when PSN+ is gone?

Yes. PS+ (BTW people, it's PlayStation Plus, not PlayStation Network Plus, so lose the PSN+ already ) is a content services offering a mix of discounts on content you purchase, and effectually free rentals. Anything that's free is lost when the subscription lapses, whereas anything you've bought, regardless of how much discount there is (though not 100% as that's not a purchase), is yours to keep.

Incidentally, how does your PS3 know when your subscription expires? Does it have a record internally, or is it an online check? If that latter, presumably not connecting to the internet with your PS3 would mean you could keep free content until such time as you do go online and your status is updated.

 

[patsu]

If the DRM is public key based, then the check can be done off-line.