backtop


Print 59 comment(s) - last by Poikilothermic.. on May 24 at 5:23 PM


"You cannot be serious!!"

Users are greeted with this message when trying to login to PSN through Sony's website
Sony strikes again!

It's getting rather difficult to be surprised by Sony's lack of security credentials when it comes to its PlayStation Network (PSN) service. That's why today's latest revelation can't be too much of a shocker to those that have been following this ongoing saga.

According to Joystiq, Sony has once again taken web access to PSN offline after users found a gaping loophole in the password recovery functionality on the site. "A new hack is currently doing the rounds in dark corners of the internet that allows the attacker the ability to change your password using only your account’s email and date of birth," reports Nyleveia.

Considering that information like birth dates and email addresses were obtained when PSN was initially hacked, it looks as though anyone with access to the "master list" would have the ability to change your account password.

Nyleveia goes on to warn:

I would suggest that you secure your accounts now by creating a completely new email that you will not use ANYWHERE ELSE, and switching your PSN account to use this new email. You risk having your account stolen, when this hack becomes more public, if you do not make sure that your PSN account’s email is one that cannot be affiliated with or otherwise traced to you.

Sony is currently aware of the situation and is taking steps to resolve the issue as soon as possible. For more information on the exploit, check out Nyleveia's FAQ.

Perhaps the Japanese government was wise to take a wait and see approach with regards to allowing PSN service to restart in Japan…



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Xbox 360
By bug77 on 5/18/2011 2:42:46 PM , Rating: 3
Why? Do you think M$ is a master of security?
They may have more expertise than Sony, but I bet if the same group took a look at XBLA, they'd have another field day.


RE: Xbox 360
By Flunk on 5/18/2011 2:57:40 PM , Rating: 3
If you look into it, the way they breached Sony's security was fairly unsophisticated. Sony made a lot of really stupid mistakes with their PSN design.

You can't just postulate that Xbox Live must be as bad without doing a lot of research. The very fact that it hasn't been breached is enough to throw a lot of doubt on your argument right there.


RE: Xbox 360
By Strunf on 5/19/2011 7:46:36 AM , Rating: 2
Are you working for SONY or anywhere related to their security/IT staff or even part of the ones that are working against SONY? ... 90% of what I've read is based on assumptions, wild guessing and trash talking... the other 10% is what SONY itself said and that wasn't even very technical.


RE: Xbox 360
By omnicronx on 5/18/2011 3:32:53 PM , Rating: 5
Please stop making baseless blind comments.

There has never been in the history of Microsoft any kind of internal data breach like the one we are discussing today for ANY product or service.

Call me when MS starts using third party services to store personal information with unhashed credit cards and plain text information for pretty much everything else.

These are security basics that not only can I assure you MS employs, and most other large companies do too.

This security breach was the result of terrible security, plain and simple. So please stop trying to validate your purchase and pretend as though everyone else suffers from the pitfalls that is the lack of security at Sony corp...


RE: Xbox 360
By karielash on 5/19/2011 6:26:56 AM , Rating: 2

You could argue that the loss of the entire Windows Code base was a fairly significant security breach from an intellectual property point of view.

But other than that, you say you know what security MS employs, that means one of a couple of things:

1. you work with MS and are now discussing the levels of security they employ on a public, which is a security breach in itself.

2. You don't know what security they employ and are merely puffing gas out of your rear and smearing it all over a public forum... messy....

As for most other companies employing high levels of security on their shared data I will refer you to Epsilon (just the latest in a string of breaches) where basic precautions with the customer data of some of the biggest commercial institutions in the country were not taken.

Personally I would say a lot of other companies are in exactly the same boat as Sony are in except their boats haven't been sunk yet..... and little or nothing will be done about it until the Feds starting outfitting some of the CISO's responsible with those snazzy orange jump suits and inviting them for a long stay at a federal entertainment center.


RE: Xbox 360
By p05esto on 5/18/11, Rating: 0
RE: Xbox 360
By tayb on 5/18/2011 7:45:17 PM , Rating: 3
I guess I'll believe it when I see it but as of right now both of you just sound like fanboys and XBL is up and running while the PSN has been down for over a month. I've never experienced anything like what is happening with Sony right now. Not with Microsoft not with anyone or anything.


RE: Xbox 360
By bug77 on 5/19/2011 5:02:22 AM , Rating: 2
Nobody experienced what is happening with Sony right now. That doesn't automatically mean Sony is the worst of the bunch, it just means it was the first to fall.

And for your comment about fanboyism, it says more about you than it says about me. I own neither a PS nor an XBox.


RE: Xbox 360
By Reclaimer77 on 5/19/2011 1:01:47 PM , Rating: 2
quote:
Why? Do you think M$ is a master of security?


Maybe not but complete amatures brought PSN down for a month. You really don't think X-Box Live has been targeted before?

quote:
They may have more expertise than Sony, but I bet if the same group took a look at XBLA, they'd have another field day.


Wrong. Just way wrong. They just basically back doored their way into PSN. Hacking X-Box live is obviously far more of a challenge, and they would NOT have been able to steal customer information either.


"I'm an Internet expert too. It's all right to wire the industrial zone only, but there are many problems if other regions of the North are wired." -- North Korean Supreme Commander Kim Jong-il














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki