Canadian TV, Computing and Home Theatre Forums banner

81 - 100 of 128 Posts

·
Registered
Joined
·
3,368 Posts
Most big companies that are large enough to have IT departments which follow industry standard patterns and practices. In a couple cases the places where I worked have purchased appliance devices ("vulnerability scanners") that sit on the network and scan for known vulnerabilities (usually due to unpatched software, but sometimes due to misconfigured software), and produce a report for managers to turn into action items.

Sure, not all companies do this, but if they don't then they're taking a big risk that may bite them in the ass.

pinner62, keep posting. I find your Sony-can-do-no-wrong posts amusing. Maybe one day when you are done school you'll be able to work for Sony's PR department. You could even use your posts on this forum in your portfolio! Next you should explain to us how Sony was just looking out for their customers best interests when they deployed rootkits on the audio CDs that Sony manufactured in 2005.
 

·
Registered
Joined
·
200 Posts
never said they can do no wrong ,just tired of all the whining its video games get over it ,plus its mostly xbox users complaining ,it happened to them couple years ago!ps in back online lets play ,enough complaining ,it sucked but its over with ,hopefully sony learned there lesson and it doesn;t happen again.
 

·
Registered
Joined
·
1,749 Posts
According to Anonymous, the Sony Servers were out of date running unpatched applications with many known vulnerabilities.

Most Fortune 500 companies outsource their IT servers to big companies like IBM, HP, and so on so they likely have their servers properly patched.

My guess is SONY did all of this in-house so they let things slide.

In addition, Many Fortune 500 are often being probed by the Chinese, Russians etc looking for confidential corporate info so I suspect their servers are very well guarded.
Whoa there, Hugh, you're posting some stuff that isn't true at all. First, it wasn't Anonymous that said the servers were out of date, it was someone (Dr. Gene Spafford) that "heard" they were out of date from some other people:

“….some news reports indicate that Sony was running software that was badly out of date, and had been warned about that risk….

Nonetheless, the increase in sophistication of attackers, and the growth in data do not totally explain all the incidents. My personal conclusion from reviews of reports in the press and discussions at professional meetings is that operators of these systems — both in government and the private sector — continue to run outmoded, flawed software, fail to follow some basic good practices of security and privacy, and often have insufficient training or support.
That information was also proven to be incorrect a few days later:

Bitmob reports that Sony's PSN servers were running the most recent version of the Apache server software when they were hit, countering testimony made to the US Congress claiming that the PSN was running "very old versions of Apache software that were unpatched and had no firewall installed." That testimony was admittedly based on second-hand information.

Using Google's webcache, a member of the Beyond3D forums showed that as of March 23, Sony was running version 2.2.17, which was the latest stable version. If you're so inclined, you can double-check the process of B3D's "deathindustrial."
The problem with incorrect information being stated is that it usually causes more of a splash than the follow up correct info, and spreads farther and faster.
 

·
Registered
Joined
·
5,436 Posts
According to reports on Nyleveia.com, Eurogamer, and NeoGAF, Sony's PlayStation Network password reset system-the one just put in place after the PSN hack-has been compromised, allowing hackers to change a PSN password if they know your email and date of birth. Exactly the sort of information that was released in the original hack.

Sony has taken the password reset system offline. Kotaku has reached out to Sony for comment.
http://kotaku.com/5803050/
 

·
Registered
Joined
·
1,328 Posts
The question becomes, if the hackers have all of the personal information you gave Sony, what information do you provide to Sony for a password reset?

Resetting your password through the PS3 only works if you're connecting through the same PS3 as before the outage. If you replaced, upgraded, or don't have a PS3, this isn't an option, and you have to reset your password by other means, such as email authentication.
 

·
Registered
Joined
·
1,181 Posts
never said they can do no wrong ,just tired of all the whining its video games get over it ,plus its mostly xbox users complaining ,it happened to them couple years ago!ps in back online lets play ,enough complaining ,it sucked but its over with ,hopefully sony learned there lesson and it doesn;t happen again.
you tend to have a blind love for sony and the ps3 and will defend it to the bitter end,
in the past no matter how logical and factual the argument against ps3 is, you tend to just ignor those facts and state how great sony is
 

·
Registered
Joined
·
200 Posts
tires of the x box 360 rules crap ,thats all ,i had one ,never again ,its all about choice!
Not really 360 fans stood by Microsoft with the red rings, and I'm pretty sure ps3 fans will do the same regardless of the situation. So meh, whatever
 

·
Registered
Joined
·
1,181 Posts
either way love or hate sony, they have dropped the ball here, both in allowing it happen, and the way they handled it

maybe the fact that the playstation network is free is why it wasn't protected enough, as a company bean counter, I can't see them investing enough into something that doesn't bring in a profit,

got to remember in the world we live in, profit is above all else,
 

·
Registered
Joined
·
1,491 Posts
never said they can do no wrong ,just tired of all the whining its video games get over it ,plus its mostly xbox users complaining ,it happened to them couple years ago!ps in back online lets play ,enough complaining ,it sucked but its over with ,hopefully sony learned there lesson and it doesn;t happen again.
No it is not over. Just hope and pray that these hackers don't use your information to get credit cards/loans/mortgages, because if they do, I hope you have identity theft insurance or a helluva great lawyer to get you out of the mess of a bad credit rating and companies wanting to get paid even though you never did apply to them for anything.

maybe the fact that the playstation network is free is why it wasn't protected enough, as a company bean counter, I can't see them investing enough into something that doesn't bring in a profit
Again, MS did have a breach of live that did cost people the anguish of credit card fraud not to long ago, but it was obviously no where near this scale and for the most part swept under the rug.

Everyone needs to remember that even though these systems are very secure, there are always some warped individuals with the skills to acquire your information.
 

·
Registered
Joined
·
200 Posts
lol,lawyers,mortgages ,bank loans all over a 500 dollar credit card ,guess all 50 plus million of us are screwed.Paranoid or what,live in fear if you desire ,lifes to short for that ,i'm going to play games under my roof before they take my house away!
 

·
Registered
Joined
·
1,328 Posts
They took it down due to a "URL exploit". If you have a PS3, you can still change your password through there.
 

·
Registered
Joined
·
1,181 Posts
lol,lawyers,mortgages ,bank loans all over a 500 dollar credit card ,guess all 50 plus million of us are screwed.Paranoid or what,live in fear if you desire ,lifes to short for that ,i'm going to play games under my roof before they take my house away!
I wouldn't say everyone is 100% at risk, but there are some that are,
my wife has had her bank card copied and money spent from her account, just dealing with that was a huge pain,
I can't imagine the stuff you would have to deal with if somebody started opening up accounts and credit cards in your name

sure the odds are low, but identity theft is not something you want to go through,
I know people that only use prepaid credit cards online simply cause they have had issues, you'd be surprised how common it is, and it could be years before they use your information, they could have a list with thousands of people identity for sale right now,
I'm careful about where I put my info, and sony should have taken it more seriously that they had all these peoples info, people that trusted sony to keep it safe

granted its not something I'm worried about but, it is more than possible, and would suck
 

·
Registered
Joined
·
1,491 Posts
lol,lawyers,mortgages ,bank loans all over a 500 dollar credit card ,guess all 50 plus million of us are screwed.Paranoid or what,live in fear if you desire ,lifes to short for that ,i'm going to play games under my roof before they take my house away!
It is not your credit card you have to worry about, it is the card/loan/mortgage they get in your name using your information that they stole from the psn. So hopefully you never get a letter from a credit collection company wondering why you haven't paid your $50000 credit card bill that you yourself never actually opened.
 

·
Registered
Joined
·
1,328 Posts
Turn on your PS3, download the 3.61 firmware update, and Sign In. You will be immediately prompted to change your password.
 

·
Registered
Joined
·
1,088 Posts
I did that and it told me to go to my email and follow the links to change the password. I'll try again with the PS3.
 

·
Registered
Joined
·
1,749 Posts
I'm hoping that the people that hacked PSN were just out to screw Sony, not the users. If they wanted to harm Sony as a business, they've done so, they don't need to do anything with the information they obtained. Now, if they were actually after the information to conduct fraud with it...
 
81 - 100 of 128 Posts
Top