backtop


Print 72 comment(s) - last by superstition.. on Jul 21 at 1:50 AM


Bill Waterson
Sony also says it discovered hackers attack everybody and that it didn't do anything to deserve hacks

Sony Corp. (TYO:6758just had a "great experience", according to Tim Schaaff, the president of Sony Network Entertainment in an interview he gave VentureBeat at the conference MobileBeat.  He elates, "We're back online, everything's live again around the world, and the amazing thing through all of this is that the customers have all come back, and network performance is better than ever, sales are better than ever, and we've been very, very pleasantly surprised by the experience."

So what was this "great", "pleasantly surpris[ing]...experience"?  Believe it or not, Sony is referring to the slew of recent hacks [1][2][3][4][5][6][7] on its properties and the experience of losing its customers' information to hackers.

In the realm of unnaturally happy PR statements, Mr. Schaaff deserves an Emmy.  He elates that the attacks helped his company learn some vague, nebulous lesson, stating, "I think for people running network businesses, it's not just about improving your security, because I've never talked to a security expert who said, 'As long you do the following three things you'll be fine, because hackers won't get you'… the question is how do you build your life so you're able to cope with those things."

He adds, "It's been a great experience."

The cheerful spin took even the interviewer, VentureBeat executive editor Dylan Tweney, off guard.  He remarked, somewhat stunned, "A great experience?"

The ever cheerful Mr. Schaaff replies, "A great experience. I would not like to do it again. One time was enough. Great learning experience."

In his cheerful bliss, the Sony executive neglects the very important underlying point that his company lost its customers' private data and that for them it might not have been such a "great" experience.  But Mr. Schaaff quickly brushed off the notion that Sony was somehow to blame for the attacks, implying everyone is being attacked.

He comments, "It's dramatic but that the lesson we learned from this process is that there are some crazy things going on in the world right now, and in the beginning we were very concerned that we were the focal point for this attack, and it was all about Sony, and what was Sony doing."

It appears Sony remains ignorant -- perhaps willfully so -- to the fact that it was indeed singled out by hackers for doing things like illegally installing rootkits on peoples' computers, banning its paying customers from using Linux on their PlayStation 3s, and trying to imprison hardware enthusiasts who would dare to help users try the aforementioned installation.

Through Sony's eyes the world is black and white.  It's a beloved game developer renowned worldwide.  And its adversary are evil "terrorists" (hackers) who want to destroy it and kill gamers' fun.

Of course many would argue the world is not as black and white as Sony would have you believe.  But they sure are trying hard to make you believe it is.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Did Hacking Suddenly Become Legal?
By Reclaimer77 on 7/14/2011 6:53:08 PM , Rating: 2
Help me out here Jason, because I see no opposing view in any of these Sony "articles" you write. Did hacking suddenly become legal, or did Sony "lose" customer data? Because, silly me, I thought they were hacked and it was stolen.

This belong in the blog section. It's so terribly biased against Sony, unfairly so, it just reeks of your personal bias.

After Sony was hacked, Lulz went on to hack a senior citizen online magazine, insurance companies, the FBI and who the hell knows what else. And you think he's off his rocker for thinking they hack everyone? They ARE hacking everyone Jason, plainly so.

Speaking of black and white, you have posed this article in such a way as to state Sony deserves to be hacked for it's actions. Besides the rootkit, which took place 10 years before Lulz even existed, all of your other examples were completely legal and justified actions taken by Sony. Breaking the law, no matter how you feel, cannot be a legitimate response to these. That's a fact.

How many more of these articles are you going to churn out that do nothing but hammer home the same tired rhetoric?




RE: Did Hacking Suddenly Become Legal?
By Yoshino Kurokawa on 7/14/2011 7:05:53 PM , Rating: 1
I'm going to have to agree. No company can be 'blamed' for something that's illegal. That's like saying that a house deserves to be robbed, or a car deserves to be wrecked. It's simply immoral and says volumes about a person's methodology; no to mention his own ideals.

The fact is - Sony itself was not harmed - only its constituents. So to say that it deserved to be hacked is to condemn all of the consumers that used it services.

To speak ill of others' ignorance sir, is to not acknowledge you own - especially in this case, it's profound, as well as sickening.


RE: Did Hacking Suddenly Become Legal?
By Skelum on 7/15/2011 10:05:55 AM , Rating: 1
I agree that no one can be blamed for being a victim...

That being said let's not forget why Sony was hacked... That Linux story on PS3... Ok they legally had the rights to do so but what a bout morality?

FYI, justice is always trying to catch up on morality but is always far behind...


RE: Did Hacking Suddenly Become Legal?
By BZDTemp on 7/15/2011 11:19:10 AM , Rating: 3
That Linux thing is a totally overblown issue.

Did Sony take something away, for sure but in reality only very very few used the option to run another OS on the PS3. I work in the IT business and loads of people I know run Linux on their computers but not one person has tried it on their PS3.

Sony took the "Other OS" option because some pricks exploited it to break the console not to mess with people - for some reason many forget that. I for one feel fine about losing an option I did not use for the hope of keeping cheaters out of the platform. I'd hate to have console gaming be needing something like Punkbuster.

I no way do I see the Lulz people's actions being justified but what Sony did.


RE: Did Hacking Sudde#$* Become Legal?
By superstition on 7/20/2011 10:07:39 PM , Rating: 2
Taking away functionality from something that was sold to people is theft.

Imagine if Ford decided to come by your house, get into your car, and make the radio inoperable.


By superstition on 7/21/2011 1:50:07 AM , Rating: 1
Or, I should say... pull the radio out and get your neighbor thrown in jail for helping you put a new one in.


RE: Did Hacking Suddenly Become Legal?
By JasonMick (blog) on 7/14/2011 7:06:34 PM , Rating: 4
quote:
Help me out here Jason, because I see no opposing view in any of these Sony "articles" you write. Did hacking suddenly become legal, or did Sony "lose" customer data? Because, silly me, I thought they were hacked and it was stolen.

This belong in the blog section. It's so terribly biased against Sony, unfairly so, it just reeks of your personal bias.

After Sony was hacked, Lulz went on to hack a senior citizen online magazine, insurance companies, the FBI and who the hell knows what else. And you think he's off his rocker for thinking they hack everyone? They ARE hacking everyone Jason, plainly so.

Speaking of black and white, you have posed this article in such a way as to state Sony deserves to be hacked for it's actions. Besides the rootkit, which took place 10 years before Lulz even existed, all of your other examples were completely legal and justified actions taken by Sony. Breaking the law, no matter how you feel, cannot be a legitimate response to these. That's a fact.

How many more of these articles are you going to churn out that do nothing but hammer home the same tired rhetoric?

First "hacking" in the abstract is not illegal... there's no law against "hacking" in its most general sense. Bill Gates, Steve Jobs, et al. all started their career as hardware hackers.

That said, wrt the Sony situation, have you ever heard the saying "two wrongs don't make a right"?

Of course a great number of the hacks on Sony were in outright violation of local laws and further were reprehensible in that they targeted innocent users.

That said, Sony endangered its own users by behaving belligerently and suing multiple high profile hardware hackers. Further, if they were going to sue hackers, they should have at least had the common sense to protect themselves property. Instead they laid off a large portion of their security staff and left their websites -- and their users -- open to painfully obvious attacks like SQL injection.

The chaos that ensued wasn't a good thing, but it's far from the worse that would have happened. Imagine if the hacks never happened, but Sony's careless landed the PSN user credit card database in the hands of identity thieves who were more subtle and didn't publish their hack. It could have been weeks or months before Sony realized what happened.

Did the hackers do something bad? Absolutely. Did Sony do something bad? Yep.

I own some Sony products, but I'm hesitant to trust a company in the future that endangers its users like it has and that commits to the kind of corporate policies it has, and then appears to have learned little from its mistakes.


RE: Did Hacking Suddenly Become Legal?
By Reclaimer77 on 7/14/2011 7:26:55 PM , Rating: 1
quote:
First "hacking" in the abstract is not illegal... there's no law against "hacking" in its most general sense. Bill Gates, Steve Jobs, et al. all started their career as hardware hackers.


Don't dance with me. Lulz broke laws, period. I'm not getting into a debate about the legality of hacking. The type of hacking Lulsec did is most certainly illegal. Stealing financial information is very wrong AND illegal. And it was STOLEN, Jason, not "lost" by Sony. I'm not sure what your Bill Gates and Steve Jobs examples are supposed to do with this, but they don't seem relevant.

quote:
That said, wrt the Sony situation, have you ever heard the saying "two wrongs don't make a right"?


Yes, I think we all have. It was said by our mothers when we were all 5 and the world was a simple place and our parents were too lazy to explain how complicated life really is. Is this your journalistic guiding star or something?

quote:
Of course a great number of the hacks on Sony were in outright violation of local laws and further were reprehensible in that they targeted innocent users.


And not once has this been mentioned in ANY Sony article you have wrote to this date. Your slant is clear. "Sony did bad things in my opinion, so umm, it's good they were hacked"

quote:
That said, Sony endangered its own users by behaving belligerently and suing multiple high profile hardware hackers.


Uhh I'm sorry, that's an utterly failed logic bridge. No wonder you write the way you do. You seriously don't see anything wrong with this statement? Sony, by protecting their IP and making other decisions, deliberately endangered customers because they brought the wrath of the hackers down upon them. Really? That's how we make decisions now, out of fear and weakness? This is like saying 911 was because we were "in the Middle East", so it's okay it happened. I absolutely despise this kind of justification.

Next time I get pulled over by a cop, I'll just blow him away for bothering me. Because, hey, he deliberately put his life at risk by trying to enforce local laws and policies. It's really his fault, if you look at from a certain point of view. Wooo, this sure is fun. Now back to reality...

quote:
I own some Sony products, but I'm hesitant to trust a company in the future that endangers its users like it has and that commits to the kind of corporate policies it has, and then appears to have learned little from its mistakes.


That's fine, and it's your right and opinion. And that's where opinions go, in the blog section.

And let's be clear. You never even waited to see if Sony had "learned" from their mistake. On DAY ONE of the hacks, you used them as an excuse and justification to vent about how you thought Sony had been wrong to peruse hardware hackers and exert control over their own products. And that's the crux of this. It's you using current events as a springboard to hatchet job Sony. I mean, for goodness sake, at least TRY to have an opposing viewpoint or something.


RE: Did Hacking Suddenly Become Legal?
By JasonMick (blog) on 7/14/2011 7:51:01 PM , Rating: 4
quote:
Don't dance with me. Lulz broke laws, period. I'm not getting into a debate about the legality of hacking. The type of hacking Lulsec did is most certainly illegal. Stealing financial information is very wrong AND illegal. And it was STOLEN, Jason, not "lost" by Sony. I'm not sure what your Bill Gates and Steve Jobs examples are supposed to do with this, but they don't seem relevant.

Err...I was addressing your title "Did hacking suddenly become legal?", which implies it is inherently illegal, a logical fallacy.

LulzSec broke many laws, a fact that I emphasize in every piece about their hacks.

Personally I think the term "stolen" is inaccurate -- illegally duplicated is more accurate, since Sony still has a copy.

But yes, there's no disagreement between you and I there.

Again, I was addressing your erroneous comment title, which suggested hacking in general was illegal.

Bill Gates and Steve Jobs are famous hardware hackers, if you're not aware. I wasn't commenting wrt LulzSec, which I thought would be obvious given that I didn't mention them in that paragraph (or actually in my whole comment). I was commenting on the overall legality of hacking as a practice be it software or hardware hacking.

quote:
And not once has this been mentioned in ANY Sony article you have wrote to this date. Your slant is clear. "Sony did bad things in my opinion, so umm, it's good they were hacked"

Perhaps you missed where I was constantly talking about the possibility of LulzSec members being arrested...

Of course it's illegal.

But again, Sony has a civil liability to reasonably protect its customers from malicious parties, which it arguably didn't do.

Again, the issue is not as black and white as you would like to believe.

quote:
Uhh I'm sorry, that's an utterly failed logic bridge. No wonder you write the way you do. You seriously don't see anything wrong with this statement? Sony, by protecting their IP and making other decisions, deliberately endangered customers because they brought the wrath of the hackers down upon them. Really? That's how we make decisions now, out of fear and weakness? This is like saying 911 was because we were "in the Middle East", so it's okay it happened. I absolutely despise this kind of justification.

Next time I get pulled over by a cop, I'll just blow him away for bothering me. Because, hey, he deliberately put his life at risk by trying to enforce local laws and policies. It's really his fault, if you look at from a certain point of view. Wooo, this sure is fun. Now back to reality...

If I go down to the worst part of New York City unarmed and bring my kid with me and then find the first gang-banger I see and punch them in the face, am I partially to blame if my kid gets shot?

Of course.

Sony's mistakes here was picking a fight with a community that was clearly security savvy, while at the same time it crippled its security staff with mass layoffs.

Who's the most to blame for the lost of customer data? The hackers who took it, of course.

But who's also to blame? Sony, for having crappy security.

quote:
And let's be clear. You never even waited to see if Sony had "learned" from their mistake. On DAY ONE of the hacks, you used them as an excuse and justification to vent about how you thought Sony had been wrong to peruse hardware hackers and exert control over their own products. And that's the crux of this. It's you using current events as a springboard to hatchet job Sony. I mean, for goodness sake, at least TRY to have an opposing viewpoint or something.

They clearly didn't. They kept letting themselves get hacked again... and again... and again...

All with the same novice attacks, such as SQL injection. Over the course of covering the story it's hard not to come away with the impression that Sony was grossly negligent.


RE: Did Hacking Suddenly Become Legal?
By Reclaimer77 on 7/14/2011 8:09:45 PM , Rating: 1
quote:
They clearly didn't. They kept letting themselves get hacked again... and again... and again...


Oh ok. So their alternatives were to shut down EVERY NETWORK and website and lose billions more, also depriving consumers of services. Or devise new security measures and practices overnight. A world wide multinational conglomerate of huge proportions. Jason you're being completely bullheaded and unreasonable. They didn't "let themselves" be hacked. They just were. And, again, you keep blaming the victim.

quote:
Sony's mistakes here was picking a fight with a community


Picking a fight? So protecting your own IP and those of your vendors is picking a fight? Good grief, are you a teenager?

You many not like Sony's decisions, but one thing is clear, they were completely within their rights to remove Linux and prosecute those who intentionally defied the EULA by trying to educate others to do the same.

But that's a completely different debate, the issue here is that you believe Sony "deserves" to be hacked because they did things you don't like. And that's really all this boils down to.

quote:
If I go down to the worst part of New York City unarmed and bring my kid with me and then find the first gang-banger I see and punch them in the face, am I partially to blame if my kid gets shot?


Great analogy. Because turning off Linux and violating someones civil rights by physically assaulting them are COMPLETELY comparable.

quote:
Again, the issue is not as black and white as you would like to believe.


Maybe so, but it's a damn sight more clearer than you maintain.


RE: Did Hacking Suddenly Become Legal?
By JasonMick (blog) on 7/14/2011 8:21:43 PM , Rating: 3
quote:
Oh ok. So their alternatives were to shut down EVERY NETWORK and website and lose billions more, also depriving consumers of services. Or devise new security measures and practices overnight. A world wide multinational conglomerate of huge proportions. Jason you're being completely bullheaded and unreasonable. They didn't "let themselves" be hacked. They just were. And, again, you keep blaming the victim.

How would shutting down obsolete databases have affected users?? Many of the databases hacked were years old -- lists of contest entrants, and stuff.

They were still damaging because they had lots of personal info.

Honestly Sony should have taken those down long ago, but most certainly should have taken them down when the hacking began.

Again, there were many cases where Sony could have avoided additional attacks if it showed a SMALL degree of security competence.

quote:
Picking a fight? So protecting your own IP and those of your vendors is picking a fight? Good grief, are you a teenager?

You many not like Sony's decisions, but one thing is clear, they were completely within their rights to remove Linux and prosecute those who intentionally defied the EULA by trying to educate others to do the same.

But that's a completely different debate, the issue here is that you believe Sony "deserves" to be hacked because they did things you don't like. And that's really all this boils down to.

EULAs hold little weight it court. That's been established numerous times.

What Sony did was hardly "protecting IP". It was essentially the same thing Apple did, when it tried to brick jailbreakers phones.

Except Sony took it a step further and carried out an extensive campaign of legal harassment against jailbreakers.

I firmly believe jailbreaking electronic devices will eventually be fully legalized. Already, phone jailbreaking is explicitly legal.

Customers bought their devices. They should be able to use it fully, including modify it.

quote:
Great analogy. Because turning off Linux and violating someones civil rights by physically assaulting them are COMPLETELY comparable.

Err... perhaps you missed the part where they tried to sue jailbreakers into bankruptcy in an effort to imprison them.

In other words, they tried to rob individuals of their freedom because they modified a device they LEGALLY purchased.

Sounds pretty darn abusive to me.

And then there's the harassing subpoenas of GeoHot's personal Twitter, Facebook accounts, etc -- again because he was modifying a product he legally owned.

How do you justify that morally?

Wouldn't you agree that's blatant abuse of the legal system and waste of U.S. taxpayer dollars?

quote:
Maybe so, but it's a damn sight more clearer than you maintain.

Again I think you're failing to grasp that I get that what the hackers did was illegal and wrong. I really do.

But what you even admitted below was that Sony's security was "really bad". Plus, I'd hope you appreciate that the actions outlined above also constitute abuse of customers. In both regards, Sony is guilty of mistreating its users, be it by neglectfulness, or outright punitive behavior.


RE: Did Hacking Suddenly Become Legal?
By Reclaimer77 on 7/14/11, Rating: -1
RE: Did Hacking Suddenly Become Legal?
By JasonMick (blog) on 7/14/2011 11:02:55 PM , Rating: 5
quote:
Jason Sony is not the judicial system. They can't "sue people into oblivion" unless the suit is justified, legal, and upheld in court. Hello? Sony can't just go around throwing people in jail because they want to. Since when did they have that power?

You think that an individual has the resources of a multi-billion dollar company with an axe to grind? Get real.

I agree with your statement, though it is ridiculous.

Read my previous article on the German unlocker. He's literally likely to go to prison, because Sony has sued him and he's been bankrupted by legal fees, and now will likely have to serve prison time for going bankrupt as per local laws. Stupid, I know.

As for GeoHot, perhaps they couldn't send him to prison under the more reasonable U.S. court system, but they can and did gain access to his private accounts in an abusive invasion of privacy.

Still not right, but a little less bad, I suppose.

quote:
Except that hasn't happened yet. Reading your stories on this, one would come to the conclusion that this is the case.

Er... I disagree. In EVERY one of my pieces where I mention the legality of jailbreaking, I clearly state that jailbreaking smart phones has been legalized (which it has), but that jailbreaking other electronic devices is a legal gray area, with some lawyers arguing it to be technically illegal under the DMCA.

quote:
Yes but the difference between you and me is that you obviously believe Lulzsec performed an appropriate and correct response to this. Because Sony got what was coming, so it's all good.

Wow you really think yourself to be a mind reader, huh?

I wrote a whole editorial how I thought what LulzSec was doing was not only illegal, but abusive and wrong. As I said in that piece two wrongs don't make a right.

You somehow have misconstrued my criticism of Sony as praise for LulzSec. Is it really that hard to understand the two are not mutually exclusive?
quote:
Do you think the hundreds of millions of people who had to go a month without PSN service gave a crap that Linux was turned off or that some community of social misfits were upset?

No, but they sure as h3ll should give a crap that Sony was using weak security to protect their private information.

I own a PS3, so I absolutely feel for my fellow gamers who got hurt in this mess.

That's precisely why I think both Sony and LulzSec should be held accountable for their actions, at the end of the day.


RE: Did Hacking Suddenly Become Legal?
By Reclaimer77 on 7/15/11, Rating: -1
By GTVic on 7/15/2011 1:22:20 PM , Rating: 2
You are lucky he responded so many times. Trying to pick him apart, you are making less and less sense with each new post.

But I think you do have a point. He does write with an obvious bias at times and perpetuates misinformation to support his views especially when it comes to topics involving evolution.


By Warwulf on 7/16/2011 12:16:43 AM , Rating: 1
You, sir, are either an idiot or a die-hard Sony apologist.

Either way, it takes impressive determination to stick to your guns in the face of overwhelming evidence that you're plain wrong.

GG


By The Raven on 7/18/2011 3:56:31 PM , Rating: 2
I think you are missing the fact that (to use Jason's example) when the guy takes his family into the bad part of town and his kids get killed, no one wonders, "Gee, why did that thug do that?" (The fact that they call them a 'thug' pretty much explains why this is.) They instead wonder, "Why did that moron take his family into that part of town?"

And that is what Jason is addressing... what people want to know. Not why a 'thug' would act like a 'thug'. Boring.


By tastyratz on 7/15/2011 3:38:07 PM , Rating: 3
Jason, if I could +6 every reply you had to this and -2 every reply he had so far I would. It is absolutely despicable that Sony treats their customers personal data this way and this could be compared to your dr's office storing medical records in filing cabinets lining the front of the building. The blatant lack of security lacks so much I would say they are equal plane with the hackers.

How naive can a man truly be to think the judicial system now will not involve large companies just litigating you out of house and home? The system can be bought because big companies can drag it out till you just go broke, standard practice. He is not right and you should not agree with him there. The lawsuit at that point is not about who wins, it's about who can make it to the finish line.


By Targon on 7/14/2011 11:06:38 PM , Rating: 2
You clearly have no idea how the court system works. Anyone with a bit of knowledge about how the system works can start a lawsuit against ANYONE, and the system has no safeguards to protect people against harassment of this type. If I were to start opening lawsuits against you in 40 states, your reaction would be to get a lawyer to protect you, no matter that I didn't have a case. A large corporation like Sony can literally cause a person to go bankrupt trying to defend themselves against lawsuits.

In the corporate world, when these big companies start lawsuits against smaller companies, that is the tactic, just push on with legal BS that would never stand up in court, but the lawyer fees would cause the smaller players to give in and just settle. Ever notice how many cases that really are baseless get settled? That's the reason, legal fees would be higher than the cost of the settlement, and it takes someone who either has lots of free time plus enough legal knowledge to just stand up and dedicate their entire life for several years to fighting this sort of garbage.


By Autisticgramma on 7/15/2011 10:48:25 AM , Rating: 2
Results are what I require, 'we intended', or attempted or whatever doesn't cut it. Regardless of whatever law you care to site.


RE: Did Hacking Suddenly Become Legal?
By adiposity on 7/14/2011 7:42:35 PM , Rating: 2
quote:
First "hacking" in the abstract is not illegal... there's no law against "hacking" in its most general sense. Bill Gates, Steve Jobs, et al. all started their career as hardware hackers.


The meaning of the term "hacker" has changed a lot since that time. Generally speaking, today hacking can refer to two categories: black hat, and white hat hackers. By which is usually meant, people that obtain illegal access to systems through illegal means, and people that either "counter-hack" or attempt to simulate the experience of a black-hat hacker for the purposes of testing security.

Usually, this refers to internet connected systems. It could also apply to hardware that is "locked down" such as a PS3 or Xbox.

I do not think Steve Jobs or Bill Gates would ever have been called "hackers" by today's use of the word, or even its historical usage. Bill Gates was little more than a programmer. He and a few others were once banned from a computer system for figuring out how to get free computer time, which could qualify as a hack. As far as I know, Steve Jobs is not even a programmer. Steve Wozniak was definitely a hacker of phones, but then again, hacking phones to make free phone calls was illegal.

But yes, hacking is not always illegal, per se. But usually, it is. And in this case, it was.

quote:
I own some Sony products, but I'm hesitant to trust a company in the future that endangers its users like it has and that commits to the kind of corporate policies it has, and then appears to have learned little from its mistakes.


I'm not saying you are wrong, but I don't think a PR statement that the experience was "pleasant" really means anything about what they learned. It is basically a poor choice of words. And what he meant, I believe, is that he is thankful event did not significantly harm Sony as a company. He probably should have chose his words more wisely.


RE: Did Hacking Suddenly Become Legal?
By JasonMick (blog) on 7/14/2011 7:58:48 PM , Rating: 2
quote:
The meaning of the term "hacker" has changed a lot since that time. Generally speaking, today hacking can refer to two categories: black hat, and white hat hackers. By which is usually meant, people that obtain illegal access to systems through illegal means, and people that either "counter-hack" or attempt to simulate the experience of a black-hat hacker for the purposes of testing security.

Usually, this refers to internet connected systems. It could also apply to hardware that is "locked down" such as a PS3 or Xbox.

I do not think Steve Jobs or Bill Gates would ever have been called "hackers" by today's use of the word, or even its historical usage. Bill Gates was little more than a programmer. He and a few others were once banned from a computer system for figuring out how to get free computer time, which could qualify as a hack. As far as I know, Steve Jobs is not even a programmer. Steve Wozniak was definitely a hacker of phones, but then again, hacking phones to make free phone calls was illegal.

But yes, hacking is not always illegal, per se. But usually, it is. And in this case, it was.

Not necessarily, what Gates & Jobs did (hacking the phone system and computers) was seen as a grey area of the law at the time, much like "jailbreaking" is today.

George "GeoHot" Hotz, is an example of a modern hacker who seems somewhat similar. Incidentally he's one of the individuals Sony tried to sue into bankruptcy (in his case, he was lucky in that his reputation earned him enough free legal support that he was able to negotiate a supposedly favorable legal settlement).

Generally these types would be called "grey hat".

quote:
But yes, hacking is not always illegal, per se. But usually, it is. And in this case, it was.

We agree.

quote:
I'm not saying you are wrong, but I don't think a PR statement that the experience was "pleasant" really means anything about what they learned. It is basically a poor choice of words. And what he meant, I believe, is that he is thankful event did not significantly harm Sony as a company. He probably should have chose his words more wisely

I agree, it could have just been a poor choice of words, by a PR person who was overeager to spin things in a positive light.

But actions speak louder than words, and the fact that Sony continues to aggressively sue PS3 jailbreakers, to the point where it's trying to bankrupt and send them to prison, robbing them of their freedom for modifying a device they legally purchased is not only downright abusive, it's asking for trouble.

I have no doubt Sony has somewhat shored up its security, but the amount of times it got hacked indicates it is a very slow learner.

Further its executives in multiple statements (not just this one) have pretended the attacks were random and that it did nothing to earn hacker disdain, which is patently false.


By 0ldman on 7/16/2011 11:08:18 AM , Rating: 2
You have a modded PS3, don't you?


RE: Did Hacking Suddenly Become Legal?
By 91TTZ on 7/15/2011 2:32:57 PM , Rating: 1
quote:
Bill Gates, Steve Jobs, et al. all started their career as hardware hackers.


Steve Jobs just got Steve Wozniak to do all the technical work. I don't think Jobs was ever that technical. He was interested in hacking because he's a fan of counter-culture bullshit but he was never especially logical or technical.


By superstition on 7/20/2011 10:12:08 PM , Rating: 2
Jobs did some programming for Atari, but it was Woz who was the computer genius. Jobs' real talent is business.


RE: Did Hacking Suddenly Become Legal?
By makius on 7/14/2011 7:49:17 PM , Rating: 5
Sorry but I'm gonna have to agree with Jason on this one. I've been a fan of Sony for years, but the way they've handled this debacle is just plain inexcusable.

It would be like borrowing your friends brand new Mercedes and then leaving it parked on the bad side of town with the engine running and the windows rolled down. You bet your ass you deserve to have that car stolen, and guess what... it will be. That doesn't mean it's ok or legal for someone to steal it, but when you behave like an idiot you absolutely deserve the consequences.

Oh, and then it it would be like telling your friend that it was a "great experience" and expect him not to punch you in the face. Sony should at least be able to take responsibility for their actions, or lack thereof. But instead they try to deny accountability by saying, "well a lot of people have their cars stolen". Come one... really?

Sorry but Jason was right on the money with this one. Sony has proven their incompetence and ignorance. They absolutely deserve what they got, and customers like myself and Jason have every right to be pissed off.


RE: Did Hacking Suddenly Become Legal?
By Reclaimer77 on 7/14/11, Rating: -1
RE: Did Hacking Suddenly Become Legal?
By JasonMick (blog) on 7/14/2011 8:01:40 PM , Rating: 3
quote:
Umm no. Sony DID have security in place, it was just really bad. So to use a better analogy, if I think the locks on your house aren't good enough, that does NOT give me the right to kick your door in and steal your property.

Exactly, so the hackers were arguably criminally liable for breaking certain computer crimes statutes -- specifically, the Computer Fraud and Abuse Act, among others.

And Sony was arguably civilly liable for having "really bad" security, as you put it, going out of its way to taunt malicious parties, and then losing its customers' private information, endangering them with its reckless negligence.


RE: Did Hacking Suddenly Become Legal?
By Reclaimer77 on 7/14/2011 8:14:10 PM , Rating: 2
quote:
And Sony was arguably civilly liable for having "really bad" security, as you put it, going out of its way to taunt malicious parties, and then losing its customers' private information, endangering them with its reckless negligence.


And when a judge rules that this was the case, I will personally say I was wrong. I think you're going way out on a limb to claim "criminal negligence" in this case. Good luck proving that. Who's the judge of what security measures are "good enough"? The best security in the world can, and has, been hacked. So it's really just subjective, isn't it?

Maybe you should, you know, consult with a lawyer or retired judge on this situation and put his opinions in your article? My, that sure would give it some credibility...

But why do that when Jason Mick can be judge, jury, and executioner.


By Lord 666 on 7/14/2011 8:22:09 PM , Rating: 4
NERD FIGHT!!!!!!!!


By JasonMick (blog) on 7/14/2011 8:25:31 PM , Rating: 2
quote:
And when a judge rules that this was the case, I will personally say I was wrong. I think you're going way out on a limb to claim "criminal negligence" in this case. Good luck proving that. Who's the judge of what security measures are "good enough"? The best security in the world can, and has, been hacked. So it's really just subjective, isn't it?

That's what expert witnesses are for.

And since when were trials not somewhat subjective, particularly jury ones?

As for the difficulty "proving" Sony was criminally negligent, you forget that for civil (e.g. class action lawsuits) cases there's generally a far lower burden of proof.

quote:
Maybe you should, you know, consult with a lawyer or retired judge on this situation and put his opinions in your article? My, that sure would give it some credibility...

I did quote a lawyer in the article about the lawsuits against Sony. I didn't include that here because this article is not about the lawsuits. It's about certain PR statements that Sony made.

I just mentioned the lawsuits, because it seemed pertinent to your comment.


RE: Did Hacking Suddenly Become Legal?
By poi2 on 7/14/2011 8:33:30 PM , Rating: 2
quote:
Umm no. Sony DID have security in place, it was just really bad. So to use a better analogy, if I think the locks on your house aren't good enough, that does NOT give me the right to kick your door in and steal your property.

Oh, so company as big as SONY don't have money to buy good door locks of customers private emails and credit cards number Warehouse ?
But have money to produce and put illegal alien on customers house ?
Is that what you sayin ?


By sigmatau on 7/14/2011 9:20:11 PM , Rating: 2
Imagine Wal-mart opening up a store with no security tags on their merchandise, no employees working for loss prevention, and have their electronics department setup in an area with no cameras, little or no employees, and multiple exits.

Imagine how the investors of Wal-mart would feel about their stores losing millions due to this. You don't think they would be scratching their heads as to why Wal-mart didn't implement reasonable security measures. This is what the OP is missing. Sony did not have reasonable security measures.

What's sad is that Sony did worse than my fake Wal-mart example. Not only did Sony harm their company, they hurt a 3rd party. Even sadder is that 3rd party is a large portion of their customers some of whom blindly defend their abuser.


RE: Did Hacking Suddenly Become Legal?
By makius on 7/14/2011 9:28:05 PM , Rating: 2
Umm yes. They kept user's personal information in an unencrypted plain text file. So I guess by Sony standards, they would argue the keys were inside the car and therefore "safe". (even though the windows were rolled down and the engine was on)

Sorry but the analogy stands.


RE: Did Hacking Suddenly Become Legal?
By Reclaimer77 on 7/15/2011 12:53:35 PM , Rating: 2
quote:
They kept user's personal information in an unencrypted plain text file.


On a PRIVATE network. That you had to break in to get the text files.

quote:
So I guess by Sony standards, they would argue the keys were inside the car and therefore "safe". (even though the windows were rolled down and the engine was on)


No, because that car is sitting out in public.

quote:
Sorry but the analogy stands.


Sorry but the analogy FAILS.


By makius on 7/15/2011 9:26:09 PM , Rating: 3
Not sure why I'm even bothering with this anymore... but here goes.

quote:
On a PRIVATE network. That you had to break in to get the text files.

The car in my analogy is also personal/private property. And just because the windows are down doesn't mean you wouldn't still be "breaking in" in order to steal it.

quote:
No, because that car is sitting out in public.

Umm... And Sony isn't sitting out in Public? Help me out with this one. They are one of the biggest electronics companies in the world, they are a PUBLICLY traded company, and their "private" networks are accessible via the internet.(A very public place last time I checked) So please explain to me how Sony isn't "sitting out in public"?

quote:
Sorry but the analogy FAILS.

Sorry but when a company that big has security that weak, it's exactly like parking your car in the bad part of town with the windows rolled down and the engine on. Oh and storing millions of people's personal info in the trunk... in a paper bag.


RE: Did Hacking Suddenly Become Legal?
By Beavermatic on 7/14/2011 10:46:13 PM , Rating: 2
NOTHING is illegal... until you get caught.


By messyunkempt on 7/15/2011 6:58:48 AM , Rating: 2
Remind me never to let you babysit my kid.


RE: Did Hacking Suddenly Become Legal?
By Willhouse on 7/15/2011 9:18:02 AM , Rating: 2
I pretty much agree with Reclaimer77 on this issue. Here's a quote from the main article:

"Through Sony's eyes the world is black and white. It's a beloved game developer renowned worldwide. And its adversary are evil "terrorists" (hackers) who want to destroy it and kill gamers' fun.

Of course many would argue the world is not as black and white as Sony would have you believe. But they sure are trying hard to make you believe it is. "

How is this not black and white? Sony had users information, and hackers stole it. Sony was in the right, and the hackers were in the wrong.

Clearly the author is suggesting Sony was also in the wrong for not having tighter security, but that's not illegal. Again, pretty black and white on legality. Keep in mind that institutions with tight security still get robbed.

It's clear that the author's opinion on Sony's legal strategy to protect its IP has biased him and his "news" articles against them. This is unfortunate.


By Digimonkey on 7/15/2011 9:35:22 AM , Rating: 2
quote:
Clearly the author is suggesting Sony was also in the wrong for not having tighter security, but that's not illegal. Again, pretty black and white on legality. Keep in mind that institutions with tight security still get robbed.


Until people start accepting the fact that wrong and right can't always be defined by laws there is no use arguing this point.


RE: Did Hacking Suddenly Become Legal?
By Reclaimer77 on 7/15/11, Rating: -1
RE: Did Hacking Suddenly Become Legal?
By Bostlabs on 7/15/2011 1:37:07 PM , Rating: 2
I don't comment here very often and rarely agree with Jason, Reclaimer, but in this case I have to.

I work for a bank as a programmer. Most of my work in on the Intranet which is a internal network of course. Many of the applications I write will contain customer data in their database. I am REQUIRED BY LAW (GLBA) to protect that information, even though it is in a private network. Anything to do with customer information I MUST encrypt and decrypt it in a secure manager to display it.

Jason is correct when he says Sony dropped the ball here. I'm constantly training and learning new things to stay ahead of an Information Security audit.

Is what LULZSEC did illegal? You bet your butt it is. Here, what Sony did with not protecting their customer's data is illegal too.


By Bostlabs on 7/15/2011 1:43:46 PM , Rating: 2
Pardon me. Secure manner not secure manager.

Not enough caffeine yet. :)


RE: Did Hacking Suddenly Become Legal?
By Reclaimer77 on 7/15/2011 1:45:45 PM , Rating: 1
The banking sector is a lot different. Do you know for a fact if Sony's responsibility here falls under the same rules?

quote:
Jason is correct when he says Sony dropped the ball here.


Of course they did. That is NOT the argument here. Jason is the one trying to turn the focus of this discussion to ONLY what Sony did.

Whatever Sony did or didn't do, that's no reason to blatantly support online terrorism.


RE: Did Hacking Suddenly Become Legal?
By Bostlabs on 7/15/2011 2:01:05 PM , Rating: 2
quote:
The banking sector is a lot different. Do you know for a fact if Sony's responsibility here falls under the same rules?


You forced me to review GLBA to get your answer. Thanks! :) I was close, but no cigar.

You are correct about the banking sector being different. GLBA covers a lot of ground, but the following section pertains to my discussion. As Sony does not fall into that category they are not bound to the regulation.

quote:
In terms of compliance, the key rules under the Act include The Financial Privacy Rule which governs the collection and disclosure of customers’ personal financial information by financial institutions. It also applies to companies, regardless of whether they are financial institutions, who receive such information. The Safeguards Rule requires all financial institutions to design, implement and maintain safeguards to protect customer information. The Safeguards Rule applies not only to financial institutions that collect information from their own customers, but also to financial institutions – such as credit reporting agencies, appraisers, and mortgage brokers – that receive customer information from other financial institutions.


However, encrypting customer data is a Best Practice. Sony's I.T. Department should have known that. SQL Injection has been known about for years. The ways to counter that are fairly simple. Again Sony's developers should have known that. So this isn't illegal on Sony's part, it should because of CC information, but isn't. Stupid? Very much.


By Bostlabs on 7/15/2011 2:04:13 PM , Rating: 2
Although Sony could fall into this part.
quote:
It also applies to companies, regardless of whether they are financial institutions, who receive such information.


By nikon133 on 7/17/2011 9:15:02 PM , Rating: 2
Well, Sony should be held responsible for not having security up to the standards. In fact, anyone storing money / credit card related info should be audited on regular base and forced to beef up security if audit comes out below required standards.

That being said, JM's article oozes with anti-Sony bias and seems very apologetic toward hackers; basically it does feel like author's opinion is Sony deserved to be hacked for dealing with hackers etc.

With that emotion I do not agree. I am PS3 owner and know number of PS3 owners. For most if not all of us, one of major reasons for gaming PS3 is lack of online cheaters and cheats. None of us could care less for Linux on PS3 even if it cannot be used for shady business, but if it can - good riddance.

Coincidently, we all think GeoHot went off the hook too easy. Little weasel was attention seeker, we think he deserved much more attention than he really got.

Now... it is worth saying that there are no teens in my group of PS3 mates, and everyone has a job and decent income. We can buy games we wont to play. We don't look for free ways of getting games, and we are responsible enough to expect that Sony and developers have to make good money in order to keep developing some good quality titles.


By jmhart on 7/16/2011 7:05:42 AM , Rating: 2
This guy's articles often border on preposterous, lunatic rantings. He's like a gadget industry conspiracy theorist always looking to stir the pot with his ridiculous articles riddled with negative spin or outright misinformation.

I've made a game out spotting his articles from the Anandtech.com sidebar by titles alone. I just chuckle to myself everytime I'm right which is upwards of 90% of the time.

Article about Apple or Sony: check.
Title is clearly an exaggeration of the facts, or facts taken completely out of context: check.

Gotta be another article from that nutter...


By poohbear on 7/16/2011 10:20:04 PM , Rating: 2
i totally agree. this is not a news article, its way too bias, its a blog attack on Sony.


By Wolfpup on 7/18/2011 1:49:57 PM , Rating: 2
This article is spinning what he said too...frankly the article seems more like spin than the PR release does.

He's not saying being hacked was a "great experience" or something, he's saying the response from the community was positive.

Is that true? Who knows, but this article is trying to make it sound like he's excited about being hacked, when he clearly said nothing of the sort.


in denial
By GulWestfale on 7/14/2011 6:34:49 PM , Rating: 1
when you consider just how far sony has its head up its ass, then being in denial over this isn't exactly surprising. i wonder whether they will still feel "elated" when they realize how many customers they have lost (and continue to lose) as a result of their security failures and their utter, openly displayed contempt for aforementioned customers.




RE: in denial
By OAKside24 on 7/14/2011 7:42:40 PM , Rating: 2
I wish we could find out just how many customers they lost. Sony's leadership really is incompetent and in denial, and have stated multiple times how surprised they are that their "customers came back!" (kids with parent's credit cards?) and everything's "better than ever!". I really don't think things will actually be getting better for them for quite a while, at least in terms of total customers, satisfaction and trust. I've never felt better about selling any piece of technology, even as a long-time PlayStation gamer; what a relief.


RE: in denial
By HoosierEngineer5 on 7/14/2011 7:44:20 PM , Rating: 2
If I were Sony, I would fear that Apple would sue them. I believe Jobs owns the patent on declaring that black is white!

Maybe Apple will by buying Sony...


I think...
By Aikouka on 7/14/2011 7:04:43 PM , Rating: 2
I think he means that the fact that their services are back online, customers are back, and they're selling again is great... not that losing customer data is great. :P




RE: I think...
By Reclaimer77 on 7/14/2011 7:33:23 PM , Rating: 2
Of course! What do you expect a spokesman to say? It's like Jason Mick and all these haters would just prefer it if he pulled out his sword (cause we know they all carry one, right) and killed himself.

Or maybe he should have gone the other way, torpedoed his career, and crapped all over the shareholders by prostrating himself. That would have been so productive.


IMHO
By poi2 on 7/14/2011 8:10:36 PM , Rating: 2
IMHO by illegally silently install rootkit program on innocent
customer operating system is an act of War!




RE: IMHO
By lightmessiah on 7/15/2011 12:38:57 AM , Rating: 2
I think Sony were just trying to find out why people bought Celine Dion CDs.


Sony had it coming
By slickr on 7/14/2011 10:54:55 PM , Rating: 2
They have been transformed from the decent guys to the arrogant pricks who's only goal is to make as much profit as possible even by lying customers about its products and services.

Ever since they fired the PS1, PS2 and PS3 developer they've been going downhill and having 10 years old networks and keeping people personal information illegally for 10 years and more is not something companies should do.

So I hope they suffer massive monetary losses and the shareholders get rid of all the senior management in Sony.




RE: Sony had it coming
By Cheesew1z69 on 7/15/2011 6:20:59 PM , Rating: 2
They have been arrogant pricks for many, many years...


Criminals
By Autisticgramma on 7/14/2011 7:37:24 PM , Rating: 2
If $ony gets to play off their lack of security as a great experience, maybe their audio IP unit can play off piracy as a great opportunity to learn about the Free Market.

I recently read an article, some web periodical,(yes I'm going to plagiarize them)

"In a land where everyone is a criminal, the last sin is stupidity." $ony is guilty. Of being stupid, over and over and over... etc.

I think I'll be hard pressed to find techies who would disagree that $ony became criminal the minute they installed a root kit on their Music CD's.

Just because it isn't illegal doesn't make it OK. (it goes both ways, just because it's outlawed doesn't mean its morally wrong)

At the end of the day, there will always be an underbelly threatening any organization that gets big and dumb enough. The used car spokes person, had one thing right:

We all have to deal with this: person, company, PC, MAC.

Failing to compensate for a clear and present risk/threat is a sin, especially for a multi billion, multi national company. (insert inquisition joke here)

If you can't get it right, use a pencil, its a little hard to remotely 'hack' a file cabinet. For refusing to secure their network, or use a pencil $ony is in the wrong. I can't say I'm disappointed someone took the time to point it out.




It's called...
By Duwelon on 7/14/2011 7:54:00 PM , Rating: 2
... battered wife syndrom.




Ahh yes, the Ostrich Defence
By BugblatterIII on 7/15/2011 3:50:53 AM , Rating: 2
Except their heads aren't buried in sand.




Quick and to the point
By Digimonkey on 7/15/2011 9:08:08 AM , Rating: 2
Sony and Apple are the douche bags of the corporate world.




Really?
By adpr02 on 7/15/2011 11:13:09 AM , Rating: 2
quote:
Through Sony's eyes the world is black and white. It's a beloved game developer renowned worldwide. And its adversary are evil "terrorists" (hackers) who want to destroy it and kill gamers' fun.


Can you please give a source for that and pretty much the entire last 1/3 of your article?




stuuupid
By p05esto on 7/15/2011 11:53:01 AM , Rating: 2
Sony is so dumb. YES they were singled out, YES a lot of people hate them right now, YES it was directed at them and YES it's going to happen because of these stupid and ignorant comments. This interview is going to outrage the hackers again as if Sony didn't get the hint. Can you imagine how another hack will destroy Sony's reputation forever, it could literally shut them down as a company. lol




By XZerg on 7/14/2011 6:49:18 PM , Rating: 1
A person wants to have a job so he can provide for his family. He works for a company. A company, A, needs to make money to keep the investors happy. The investor having earned money by working felt that he can invest it somewhere until he needs it so that the money grows to meet the future rise in cost. The company spends the money that the investor invested to research some new technology. They build a product around it.

Then there is another company, B, which too had investors and ... The build a similar product but not all the capabilities and sells it cheaper than the first company. The trimmed capabilities are not high in demand by most of the customers and so many customers feel it is better to pay less.

Now the company A feels that they are losing business, the investors are not happy and the worker feels his job security is threatened.

Get the picture or I need to walk the rest of abc? The moral is quit pointing your finger at a company when its directions are driven by many joe smoes who want their investments protected whether it be money or education for the job or the effort.

And I agree that this was a great experience for them and a company should try to admit so and learn to being brought to shame in such a manner.

I barely own anything Sony or their shares but bashing them or anyone while they are trying to get back up from the lessons learnt is just wrong imho.




cxxzc
By nannang on 7/15/2011 8:23:55 PM , Rating: 1
http://www.benzlogo.com/

I tide fashion Good-looking, not expensive Free transport




Someboy buy Jason Mick a dictionary
By madoka on 7/14/11, Rating: -1
By BugblatterIII on 7/15/2011 3:40:20 AM , Rating: 1
Does it have to be a boy?


Really?
By TheRealArdrid on 7/14/11, Rating: -1
RE: Really?
By Cybercat on 7/15/11, Rating: -1
"What would I do? I'd shut it down and give the money back to the shareholders." -- Michael Dell, after being asked what to do with Apple Computer in 1997














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki