Sony Publishes Q&A to Address More PSN Concerns, Still Unanswered Questions

I broke the dam.

Dear Sir,

There is too much interesting news on Giant Bomb. Please become worse at your job. My RSS reader is choked full of great news posts.

Yours,
Doctor What, Not An M.D.

This isn't extortion.  This is an update keyed to the new security measures of PSN.  If you've been keeping your firmware up to date through legitimate means at all, then you already lost OtherOS functionality a long time ago. "

" @vividnova: Well of course. I am just saying that  if the credit card data on Sony's servers is encrypted how could it be used like this Norwegian guy claims. "

" @Vodun said:

" @Hailinel said:

" @boylie:  Word of advice: Don't accuse others of wearing tinfoil hats when you're the one defending the actions of a company that has all but admitted to fucking up. "

Wait, so companies shouldn't admit to fucking up? Cover ups are better? "

What?  No.  Don't go out of your way to defend companies that fucked up like Sony did.  I don't know how you interpreted what I said the way you apparently did. "

Would just like to point out... the longer this continues to be down, the PSN I mean, the more it will hurt Sony in the long run.

Working in the video game store, I've already noticed and influx in people trading-in PS3's for 360's claiming if they can't play online then the machine is dead to them.

The sad but true story of how console gaming is all online now, single player offline would seem to be dead in the water.

There's no defending Sony here, anyone who does has some kind of misplaced brand loyalty.

Man this is some fucked up shit, can't believe how inept Sony are. How could they not encrypt personal data

"  The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack."    

ALWAYS encrypt. For the love of god. I sure hope they bring back the service with the option to wipe all of the data you've given them and delete your account. The worst part for me is that the only reason I even used the service (not being a PS3 owner but being a PSP owner) was to download demos for games I couldn't even run on my PSP.

Good job sony, get all this mess sorted out so we can get back online.  PS.  CATCH THOSE MOTHER @^@^%@

I hope the guys/gals who started this fiasco get what is coming and pay for what they have done.

" @Vodun said:

" @Hailinel said:

" @boylie:  Word of advice: Don't accuse others of wearing tinfoil hats when you're the one defending the actions of a company that has all but admitted to fucking up. "

Wait, so companies shouldn't admit to fucking up? Cover ups are better? "

What?  No.  Don't go out of your way to defend companies that fucked up like Sony did.  I don't know how you interpreted what I said the way you apparently did. "

So my name, address, date of birth and password were not encrypted. At the very least passwords should have been encrypted as well as credit card info. That's just lazy. Sony deserve all the shit they are getting and are going to get over this. 

By the way: I got a new credit card with the fee for that waived by my card company.

" Man this is some fucked up shit, can't believe how inept Sony are. How could they not encrypt personal data "

"..., including moving our network infrastructure and data center to a new, more secure location,..."

" @evanomeara said:

" Man this is some fucked up shit, can't believe how inept Sony are. How could they not encrypt personal data "

You better get your ass off the Internet then because it's not common practice to encrypt stuff like names and adresses. If they encrypted everything (Iike people are expecting) it would kill performance of the network. Then people would be sitting here complaining about how "slow PlayStation Network is" and why "XBOX Live is better". You know it's true.But hey, it's cool when we can just look for every negative and spout bullshit about how "shit" Sony is, right? I understand people are angry (and you have every right to be!), but it sounds like they've done everything by the book to me. Taking the entire Network offline when they detected an intrusion was -- for a start -- an enormously bold move.I'm not defending anyone here. Clearly this sucks, and Sony's communication about it has been questionable at best. But I'm really bored with people spewing rubbish about things they don't understand. "

I know the importance of sounding formal and how it in most cases help bigger companies,
but in some cases it gets a little frustrating and we want to see necks getting wringed!
As for law enforcement in this case, it's a little ironic considering how Sony illegally
pulled the otherOS function from the PS3 without any repercuss.. oh wait here we are.
Probably not related of course, but it's a fun thought. Some noble, fat super hero hacker
out there somewhere with an outdated meme tshirt keeping the internet justice aflow.
Of couse this hurts 77 million consumers as well, so it's not much.. justicy, I guess.
Darn.

Just got an email from LoveFilm (UK Version of Netflix) with regards to the downtime saying their information has not been compromised. Not that I suspected it had been, but always good to know. (It's fully possible to sign up for LoveFilm via a PS3)

I feel bad for Sony.  As for me...it took me about ten minutes to scoot around the web changing a few passwords, truth be told I took this oppurtunity to chnge even ones taht were not the same as my PSN...call it Spring Cleaning. I popped into my credit card too just to look at transactions, and i changed some of my contact e-mails to newer ones....something I should have done a year ago.

Over all I feel the same way about Sony as I would if he were my teenager and he dented the car.  I'm glad he's safe and I glad nobody got hurt (nobody I care about), but I'm gonna tell him he has to be more careful.  

" @evanomeara said:

" Man this is some fucked up shit, can't believe how inept Sony are. How could they not encrypt personal data "

You better get your ass off the Internet then because it's not common practice to encrypt stuff like names and adresses. If they encrypted everything (Iike people are expecting) it would kill performance of the network.

" @hckling: Sorry to interfere in your "heated" argument, but the same discussion happens for days on IGN.Apparently, the people that don't know jack shit about basic law are also the most fanatic and brainwashed corporate ass-kissers I ever seen.These fucking idiots can't understand the simple fact that all PSN users had to accept an "user agreement" with Sony when they registered, and NOT WITH SOME HACKERS. In that "user agreement", Sony took it upon itself to protect the user's personal data. For some reason, Sony failed protect that info, thus failing to respect its part from the "user agreement", therefore being responsible for that mess.The hackers are not OUR problem-it's Sony's, because we (the PSN users) trusted Sony with our data, not anybody else. And those are hackers, that's what they do-they hack systems (duh!), so ironically, they did their job, while Sony didn't. (If the police fails to protect me when criminals attack, then I blame the police, because they are paid from my taxes)It's not our fault that Sony is apparently so cheap that they can't hire some serious  no-life jerk-off nerds and pay them to watch anime porn and to protect the servers and the PSN against those hackers.And another thing: if you, a big corporation, still can't give us one, at least ONE hacker name, after a whole week of stupid, unexplainable hush-hush secrecy mixed with a PR mess, then get the fuck out  of this industry and do something else.  I like playing on my PS3, I like its games and exclusives, but not to that point of being a raging stupid fanboy, oblivious to any reason and even to the simple fact that Sony handled my info and this whole situation less than amateurish, which is odd, now, in 2011, Sony being also one of the biggest electronics companies and not some newcomers on this market.End of rant. "

SAD DAY

In a strange way I hope the hackers were some nerd boys, thinking there such rebels and teaching Sony a lesson for suing over the security PSN thing. Because I can imagine them now, shitting themselves, completely out of their depth not realising that what they were doing would become international news and have the FBI breathing down their necks. I've noticed a shift in the focus of non gaming news that has started to put Sony in the victim position, gaming sites just seem to enjoy the controversy and slaming sony for being useless. whereas non gaming sites have put a much more criminal slant on it, i.e. Sony has been attacked and is doing the best it can to cope with it. I prefer the non gaming slant. At the end of the day we dont know anything about whats really happened, so how can we judge sony for not acting the way we'd want? 

"Rot in hell sony. "

This sucks. Keep up the good work Klepek.

" @MooseyMcMan said:

" So, top men are on it? Hopefully?  "

"

"

"..., including moving our network infrastructure and data center to a new, more secure location,..."

This is the first thing that popped into my head.  I can see them renting some office space between the Stargate and the W.O.P.R. 

   

"

Sorry Sony not good enough. Unless you make a statement confirming that going forward ALL personal data is going to be encrypted then you wont get another penny from me. Your response
"
We’ve taken several immediate steps to add protections for your personal data. First, we temporarily turned off PlayStation Network and Qriocity services and, second, we are enhancing security and strengthening our network infrastructure. Moving forward, we are initiating several measures that will significantly enhance all aspects of PlayStation Network’s security and your personal data, including moving our network infrastructure and data center to a new, more secure location, which is already underway. We will provide additional information on these measures shortly."

what fucking good is that going to do. so basically you are moving to a new house and installing more sophisticated locks?? that is completely redundant if the information contained within is still going to be stored as plain text.

PCI compliance is required for ANYONE who stores credit card data and its enforced and you must be certified for it.  There are different standards of PCI compliance for those who use CC information and those who actually store it...it amuses me that people think the cc data wasn't encrypted.

Someone just tried to access my Steam account. Luckily I have the 2 factor auth. I have been changing passwords but did not get to this yet - I'm pretty fucking pissed at Sony right now.

" @Mechabolic: They're saying that your login and other personal info may have have been unencrypted, but your credit card number was.

But fuck all that noise. If you're security is bad enough to be storing passwords, then I have no faith  that my CC info isn't long gone. Canceling the card I was using on PSN tomorrow.

"

maybe its just me but maybe sony should think about moving the playstation and PSN R&D out of japan.

My brother has been out of his mind because of this.

" @Norusdog said:

"Rot in hell sony. "

This is also aimed towards the london police after the Jack the Ripper-murders, the investigators of the JFK assassination and every person who ever disliked the Jesse James gang.What is up with people hating on the victims of crime while ignoring the actual problem; the criminals.I guess I'll be the first to say it: rot in hell hackers, or get a job like honest people. "

Well at least the credit card info was encrypted even if the personal info was not.

That's something, I guess.

Glad I don't have PSN account so I don't have to worry about this but this still sucks.

Just plain craziness.  Hopefully, Sony can get its act together soon.

" @twillfast:  Here, Here!So far, other than the delay in telling the consumer base about the issue, it seems Sony's security was up to par with most other companies. But the amount of people forgetting that it's really the Hackers/Criminals fault here and just blaming Sony is crazy.  It still is their fault in the end, cause they lost the data but that'd be like people just blaming a bank/police/security for a robbery and just forgetting about the people getting away with it. :S. "