|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by Ravenous
(Post 10743841)
If I was MS I would totally but the xbox on sale for $100 off each version and do some kind of media blitz and totally over hype Live... shit Id get 4gb 360 for $100 :lol:
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by dino88
(Post 10743866)
I'm curious what game you tried to play that didn't work, because the updates are working just fine.
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by Fandango
(Post 10743850)
You guys need to calm down, apparently they didn't know this until yesterday.
What if they still didn't know? Would we be safe then? |
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
I'd be happy if psn stayed offline for a month or even more as long as it takes to fix everything and get it all back up and running.
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
How do they even know that customer information was taken? What lets them know this?
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by glassdragon
(Post 10743457)
I don't know if this is something sony could have avoided.
Originally Posted by Fandango
(Post 10743850)
You guys need to calm down, apparently they didn't know this until yesterday.
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by dsa_shea
(Post 10743893)
How do they even know that customer information was taken? What lets them know this?
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Just got the official email at 10:18 PM, by the way. I won't repost it since it's essentially exactly the same thing that pinata posted earlier.
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Would be kind of funny if Microsoft ended up being the 3rd party investigating the breach...
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by slop101
(Post 10743717)
If people's card info was stolen and being fraudulently used, we'd be hearing about it by now.
Not sure what to do right now. I sold my PS3 last year, but my PSN account is still around. Can't remember if I had a card on file or not. Of course I can't login and check either... :( |
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
this sucks, and it will suck for a couple more weeks till everything gets straightened out but in no way is this going to get me to buy another Microsoft product.
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by pinata242
(Post 10743886)
This statement confuses me. Are we supposed to calm down because they don't know how to monitor their own systems for intrusion? It sounds like you're saying ignorance is a valid defense.
What if they still didn't know? Would we be safe then? |
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by Fandango
(Post 10744062)
No, what I'm saying is people are implying they knew about it days ago and didn't report it until now. If they pre-emptively told people their information might have been stolen and people had to cancel their cards, change passwords etc and it turned out nothing had been stolen they would have gotten backlash too. So either way Sony was screwed.
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by Fandango
(Post 10744062)
No, what I'm saying is people are implying they knew about it days ago and didn't report it until now. If they pre-emptively told people their information might have been stolen and people had to cancel their cards, change passwords etc and it turned out nothing had been stolen they would have gotten backlash too. So either way Sony was screwed.
I'm not saying anyone else is impregnable, but I am sure they're all going through a new round of testing and simulations to find any heretofore unknown holes. |
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Are they sending out emails to all PSN accounts, or just ones they think are compromised? So far I haven't received anything from Sony.
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
[user2] cuz its way too easy todo scamming at this point [user2] for example: [user2] creditCard.paymentMethodId=VISA&creditCard.holderName=Max&creditCard.cardNumber=4558254723658741&cre ditCard.expireYear=2012&creditCard.expireMonth=2&creditCard.securityCode=214&creditCard.address.addr ess1=example street%2024%20&creditCard.address.city=city1%20&creditCard.address.province=abc%20&creditCard.addres s.postalCode=12345%20 [user2] sent as plaintext [user3] uh [user3] did you censor that card? [user2] ya its fake [user3] good [user1] wow, plaintext :S [user5] plaintext wow [user3] im never putting in my details like that |
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by DarthPrime
(Post 10744129)
Are they sending out emails to all PSN accounts, or just ones they think are compromised? So far I haven't received anything from Sony.
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
I am not so concerned about my CC number getting stolen. That is an easy fix. If someone starts charging on that account, my CC company will take care of me, especially with the knowledge of this extensive breach.
Much more frightening to me is the thought of identity theft. With names, addresses, birthdates, emails and all the other shit they mentioned, I am concerned about someone setting up NEW credit accounts in your name. They can go crazy and by the time it is found out, your credit is toast. This is god damn ridiculous. |
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
I don't have a PSN account but am following the story since this could be the biggest data breach in history. I was just surprised with how long the outage was but now the possibility of CC info being stolen is pretty bad. So Sony says there's no evidence CC info was stolen but that can't be ruled out and says to check your card statements...
Any groups taking credit for the hack? |
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by SoonerDoc
(Post 10744215)
I am not so concerned about my CC number getting stolen. That is an easy fix. If someone starts charging on that account, my CC company will take care of me, especially with the knowledge of this extensive breach.
Much more frightening to me is the thought of identity theft. With names, addresses, birthdates, emails and all the other shit they mentioned, I am concerned about someone setting up NEW credit accounts in your name. They can go crazy and by the time it is found out, your credit is toast. This is god damn ridiculous. |
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by Ranger
(Post 10744232)
You think that'd be bad - what about the people who used debit cards and have their bank account wiped out?
|
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Some funnies from Twitter, as reported by Kotaku (and some others):
"Hey folks, they told Playstation Plus subscribers about this credit card thing last Thursday." - Bookscout "If Sony had required firmware updates hourly instead of daily, this never would've happened." - MTV Multiplayer's Russ Frushtick "PSN's down for a week, my credit card info might be stolen, but the most irritating thing about Sony's service is still the name 'Qriocity.'" - Casey Malone "PS3 Mortal Kombat exclusive: Kratos. Xbox 360 Mortal Kombat exclusive: being online." -Andre Black Nerd "BREAKING NEWS: Nintendo takes WiiWare/Virtual Console offline, just to see If anyone will even notice" -GeorgeBray |
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
This is from the comments section of the latest PSN story at Kotaku. I have familiarity with PCI compliance and it sounds like Sony was indeed negligent. Class action time...
For all of you Sony apologists, here is why this is a big deal. Lets put everything into perspective. December 2010: failOverflow/George Hotz hack the PS3. January 2011: Sony files a lawsuit against failOverflow and George Hotz. February 2011: PSN's network traffic is detailed. Personal information is stored locally and sent unencrypted to Sony via PSN. April 2011: PSN is breached. As a credit card merchant, Sony has some obligations. As defined in the Payment Card Industry Data Security Standard (PCI DSS) Sony is supposed to do the following: 1) Build and Maintain a Secure Network 2) Protect Card holder Data 3) Maintain a Vulnerability Management Program 4) Implement Strong Access Control Measures 5) Regularly Monitor and Test Networks 6) Maintain an Information Security Policy [en.wikipedia.org] They failed to do this. The biggest weakness is Sony assumed that PSN was a private network. A network between a secure PS3 and PSN. How do we know this is Sony's assumption? Because in a detailed analysis of the network transmissions between a PS3 and PSN a hacker discovered that user credit card data was transmitted to PSN unencrypted. [pastie.org] (See line 66) Once the PS3 was hacked, PSN became an open/public network. With credit card information being sent unencrypted, it was only a matter of time before, on a limited basis, private data would be stolen. But the fact that Sony didn't encrypt the data was in violation of the PCI DSS agreement with credit card companies. Sony knew in January what was at stake, we know this because when they filed the lawsuit against failOverflow and George Hotz, Sony invoked the Computer Fraud and Abuse Act. The act is exclusively used by financial institutions and the government to protect against hacking of banks, atms, credit card merchants and transaction processors, or government systems. It further defined the relationship between the PS3 and PSN in such a way by implying specific provisions of the law that George Hotz broke. I know it's easy to sit there and say every network is hackable. While that's true to some degree, some networks are more difficult to breach than others. The fact that Twitter or Gawker got hacked is meaningless compared to a company that does financial transactions. Again, the whole idea of a company that follows the PCI DSS properly is that they won't get breached. In fact, since the release of the PCI DSS no company found in compliance with the PCI DSS has been breached. Sony knew since January that user data was at risk, but it did little to nothing to secure that data. It knew that it couldn't close the hole that was created by failOverflow and George Hotz, that cat was let out of the bag despite "assurances" from hackers that it was secure with FW 3.56. The changes Sony is making to PSN today are changes Sony should have made to PSN months ago. The fact that they didn't was either negligence or wishful thinking on their part. If the breach was only a breach of personal information, then Sony got lucky. However, if this was a breach of financial information and Sony clearly understood what was at stake back in January, then they have to explain why for three months they did nothing to secure their customers personal and private data. |
Re: The Official PS3 thread - Software bugs? We don't need no software bugs
Originally Posted by redbill
(Post 10743342)
if you keep your emails, look for a receipt for adding funds to your wallet. it tells you the last 4 digits.
Edit: Bunkaroo, can we get a link to that comment? I want to forward it to a friend. |
| All times are GMT -5. The time now is 03:59 AM. |
Copyright © 2026 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.