Someone did a little footwork and found that the outdated server claims by Dr. Stafford were bogus and unsubstantiated.
http://bitmob.com/articles/detective-work-reveals-psn-servers-up-to-date
"As it turns out, it is fairly simple to use Google's webcache to show what version of Apache the PSN servers were using back in March. According to a page request archived by Google on March 23, 2011, at that time Sony was running version 2.2.17 of the popular software. You can see from Apache's website 2.2.17 is the latest, stable version of the webserver available even today."
Of course, like any good political smear campaign, once the initial statement is made, a small percentage of people will follow up to see if it's actually true or not.
Seems like a large majority of the "facts" that came out about this after the fact were fabrications, and possibly the only thing Sony did wrong in this situation was exactly what they were supposed to.
Based on all of these "facts" presented over the last 2 weeks, one can only assume that Sony's security was handled by a single person, I think I've figured out who it is.
PlayStation 3
Platform »
The PlayStation 3 (often abbreviated PS3) is the third home video game console created and released by Sony Computer Entertainment Inc.
Turns out Sony server we probably up-to-date after all
" Doesn't this also prove hackers are even more talented? "Yes, and with rumours of a third attack, Sony is probably putting this extra time into making sure they can't strike again.
So what about the "no firewalls" allegation? The above comes from a "community writer" for the Bitmob website. I'm not going to call him an apologist, but he is definitely in the "it's not a big deal" camp from what I've read of his other works. He also wrote a piece on how the XBL subscription was a "rip off" in 2010. I don't think that's enough to call him a fanboy, but I think his current defense might be motivation by some of his past stances.
" @jkuc316 said:If we're lucky, they'll get too tired of waiting for PSN to come online that they just decide to dump the idea!" Doesn't this also prove hackers are even more talented? "Yes, and with rumours of a third attack, Sony is probably putting this extra time into making sure they can't strike again. "
Regardless of where he sits in the Console Fanboy War of 2011, the forum post he references references links that show what he says to be the case." So what about the "no firewalls" allegation? The above comes from a "community writer" for the Bitmob website. I'm not going to call him an apologist, but he is definitely in the "it's not a big deal" camp from what I've read of his other works. He also wrote a piece on how the XBL subscription was a "rip off" in 2010. I don't think that's enough to call him a fanboy, but I think his current defense might be motivation by some of his past stances. "
I'm no expert in network security, but assuming Apache was updated properly, which seems to be the case, you'd think the firewall software in Apache was as well, or at least not nearly as outdated as we have been told to believe.
Also, at the end of his XBL article, he states: "I will leave you with this observation: The fact that you are paying isn't what makes Xbox Live better than PSN. It is better because it was better planned and better implemented by Microsoft." All in the all, it's a pretty well thought out article, and I didn't really see anywhere that he bashed MS for a pay system, he only pointed out the facts of the service.
" @endless_void said:Heh Sounds like a plan." @jkuc316 said:If we're lucky, they'll get too tired of waiting for PSN to come online that they just decide to dump the idea! "" Doesn't this also prove hackers are even more talented? "Yes, and with rumours of a third attack, Sony is probably putting this extra time into making sure they can't strike again. "
" @jkuc316 said:Haha you make it sound like a terrorist attack. Fuck, does Sony need to start taking better countermeasures." Doesn't this also prove hackers are even more talented? "Yes, and with rumours of a third attack, Sony is probably putting this extra time into making sure they can't strike again. "
Hey - you take your facts and get the hell out of here. There is no room for logic in this debate. I would prefer we not focus on the person(s) who actually broke several laws, and instead blame Sony. It is obviously their fault.
" @jkuc316 said:Now I just need to find a game to play until then..." @endless_void said:Heh Sounds like a plan. "" @jkuc316 said:If we're lucky, they'll get too tired of waiting for PSN to come online that they just decide to dump the idea! "" Doesn't this also prove hackers are even more talented? "Yes, and with rumours of a third attack, Sony is probably putting this extra time into making sure they can't strike again. "
yes, lets not blame the bank that left the vault open.. It is not the banks fault that thieves decided to take advantage of this exploit...." Hey - you take your facts and get the hell out of here. There is no room for logic in this debate. I would prefer we not focus on the person(s) who actually broke several laws, and instead blame Sony. It is obviously their fault. "
http://www.develop-online.net/news/37592/Sony-We-knew-PSN-security-flaws
'We have to admit we were not fully sufficient' exec admits
Sony was internally aware of security shortcomings before its PlayStation Network was hacked, the company has said.
Sony chief information officer, Shinji Hasejima (pictured), this week confessed at a Tokyo press conference that security measures could have been improved.
http://arstechnica.com/tech-policy/news/2011/05/house-hearing-blasts-sonys-half-hearted-half-baked-hack-response.ars
Apache doesn't have firewall software. Apache is an HTTP serving daemon or HTTP server if you want to be particularly non specific. It doesn't house any measure of firewall, though it does have aspects which will communicate and exchange data with known firewall software through commonly accepted means. The host OS houses some measure of the security implementation, most likely the perimeter alert aspects. The firewall is another matter entirely and isn't part of Apache in any way and in fact shouldn't even be part of the same OS or same systems if it's been implemented correctly. You're right, you are no expert in network security. Nor is he. What he is, however, is a clearly non objective Sony apologist who is using this poorly researched information based on supposed logs of conversation which have not been verified specifically to refute claims which Sony never refuted themselves. There is a reason they didn't refute these claims.@PenguinDust said:
Regardless of where he sits in the Console Fanboy War of 2011, the forum post he references references links that show what he says to be the case.I'm no expert in network security, but assuming Apache was updated properly, which seems to be the case, you'd think the firewall software in Apache was as well, or at least not nearly as outdated as we have been told to believe.Also, at the end of his XBL article, he states: "I will leave you with this observation: The fact that you are paying isn't what makes Xbox Live better than PSN. It is better because it was better planned and better implemented by Microsoft." All in the all, it's a pretty well thought out article, and I didn't really see anywhere that he bashed MS for a pay system, he only pointed out the facts of the service." So what about the "no firewalls" allegation? The above comes from a "community writer" for the Bitmob website. I'm not going to call him an apologist, but he is definitely in the "it's not a big deal" camp from what I've read of his other works. He also wrote a piece on how the XBL subscription was a "rip off" in 2010. I don't think that's enough to call him a fanboy, but I think his current defense might be motivation by some of his past stances. "
I think it does work: all the blame seems to be on Sony, and hardly anybody seems to be acknowledging that fact that CRIMINALS BROKE INTO a company's property and stole shit. Why aren't the hackers copping the blame? Yeah, I understand that Sony probably could have done more to secure this information, but there is not much difference when compared to a traditional criminal stealing shit. So, IMO the analogy works.@Tsoglani: Very stupid analogy that doesn't even work. Your own house and a corporation that holds million of credit card numbers and address, etc, cannot be compared.
get of Sony's back, their property (and by default) your property was stolen. So really, most of the blame should go to whoever thiefed, but by the looks of things, these hackers get more love than blame.
@xyzygy said:Your analogy doesn't work. The closest related analogies might be a bank, hotel or whorehouse, certainly not a privately owned house as you seem to claim. In each of the other relevant examples, customer discretion and privacy are part of the process. Sony are to blame; they let down ALL of their customers - both internal (game publishers, developers and accessory manufacturers) and external (those who had their credit card info stolen and those who lost access to their games and PSN).I think it does work: all the blame seems to be on Sony, and hardly anybody seems to be acknowledging that fact that CRIMINALS BROKE INTO a company's property and stole shit. Why aren't the hackers copping the blame? Yeah, I understand that Sony probably could have done more to secure this information, but there is not much difference when compared to a traditional criminal stealing shit. So, IMO the analogy works. get of Sony's back, their property (and by default) your property was stolen. So really, most of the blame should go to whoever thiefed, but by the looks of things, these hackers get more love than blame.@Tsoglani: Very stupid analogy that doesn't even work. Your own house and a corporation that holds million of credit card numbers and address, etc, cannot be compared.
Please Log In to post.
This edit will also create new pages on Giant Bomb for:
Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.Comment and Save
Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.
Log in to comment