Support NeoGAF

[Dambrosi]

not just that, but people misunderstand the concept of anonymous altogether. Their definition in that letter is how I've understood since forever, but now it's like they're being pegged as a global conspiracy organization. I'm sure factions of it border on that, but even considering them as a whole group is side-stepping the question of who did it. On top of that, it's dangerous to try and peg this as some abuse of the free internet by some terrorist group that was easily able to form a network to attack Sony. Should the guys who did this get caught? yeah. But for it to be blown up into something more is just gonna give governments ammo to regulate the internet more.

This is correct. The below is also correct.

1)Anonymous is not a group, it is an idea, ideology, or something.

Hence, there is no "them"

2)People who are blaming Anonymous with no evidence are ignorant.
Hence, Anonymous (what pronoun should I be using?) perfectly have the right to correct those parties (ex: Financial Times.) in the first part of their letter for their inadequate journalism.

The remainder part of that letter, which has nothing to do with being accused of anything, is totally unwarranted until further evidence, audit report are available to the public.

To quote anonymous them/it self:
"Until the forensics reports are released we don't know which exploit was used. The forensic investigators need to conclude their work, and speculation in articles, blogs and comments brings the factual results no closer."

EVIDENCE, people. Until we have it, please refrain from casting stones.

Also, I have no doubt that, after all is done, Sony and their PSN will be stronger, more secure and more trustworthy (though still not totally) than ever before - and in the end, isn't that what we all want?

 

[Bumblebeetuna]

Tonight the local Dallas news ran a story about the Kuma War game that lets you kill Bin Laden and then they branched from that right into the PSN fiasco. No new details, but the first time I have heard my local news really report anything like that about gaming.

 

[DrForester]

Tonight the local Dallas news ran a story about the Kuma War game that lets you kill Bin Laden and then they branched from that right into the PSN fiasco. No new details, but the first time I have heard my local news really report anything like that about gaming.

Hasn't been a huge story but my local news mentioned the PSN thing the day the announcement about lost personal data came down.

 

[EricHasNoPull]

Maybe "Anonymous" should change their name to "No, no not THAT Anonymous" we're the "Other" Guys.

 

[ithorien]

Maybe "Anonymous" should change their name to "No, no not THAT Anonymous" we're the "Other" Guys.

The other other anonymous anonymous.

 

[Seraphinianus]

Maybe "Anonymous" should change their name to "No, no not THAT Anonymous" we're the "Other" Guys.

when i read your posts, your avatar turns into ALF in my peripheral vision.

 

[Mailenstein]

Probably a Nintendo fangirl judging by his avatar.

Totally, Einstein.

 

[Pyccko]

when i read your posts, your avatar turns into ALF in my peripheral vision.

DUDE me too! Oh man, I've been trying to figure out what was weirding me out with that avatar.

 

[DailyVacation]

when i read your posts, your avatar turns into ALF in my peripheral vision.

It has that effect for me too.

EVIDENCE, people. Until we have it, please refrain from casting stones.

I think the evidence is derived from the fact that Anonymous had openly threatened Sony, the PSN intrusion occurred, then another for SOE, and the Anonymous "we are legion" file was found.

I admire Sony for continuing to give Anon the benefit of the doubt by stating that they still do not know for sure who did it.

 

[Dreamgazer]

It has that effect for me too.



I think the evidence is derived from the fact that Anonymous had openly threatened Sony, the PSN intrusion occurred, then another for SOE, and the Anonymous "we are legion" file was found.

I admire Sony for continuing to give Anon the benefit of the doubt by stating that they still do not know for sure who did it.

Unfortunately that doesn't qualify as evidence, as anyone could have put that down.

It's also sad that certain sites are quick to attacking Sony thinking that the whole "legion file" is just their way to frame Anonymous...even though Sony said they themselves are not sure in the same document.

 

[Nakazato]

Do i still want to rent Brink with PSN down.... Hmmmm

 

[Dambrosi]

I think the evidence is derived from the fact that Anonymous had openly threatened Sony, the PSN intrusion occurred, then another for SOE, and the Anonymous "we are legion" file was found.

I admire Sony for continuing to give Anon the benefit of the doubt by stating that they still do not know for sure who did it.

That's all circumstantial at best. Even Sony wouldn't try to use that in court.

Oh, and EricHasNoPull's avatar has that effect on me, as well.

Anyway, I doubt that something like the current situation will happen again. Someone in a previous post described the DDoS/PSN hack timing as "an Asteroid Event-level coincidence", and I tend to agree. Plus, Sony's new security protocols should be strong enough to withstand any repeated attacks using the same vector, at least.

I'm betting that the online gaming portion will be up on Wednesday or Thursday, or failing that, June 2nd.

 

[Hex]

Probably a Nintendo fangirl judging by his avatar.

While I personally can not stand drama whores who are more interested in drama than gaming, and also while I do say that the person in question has kind of made themselves rather transparent through this thread you might want to reword that a bit because the whole fanboi fangirl name calling thing calls forth the dooooooom.

 

[Dedication Through Light]

The remainder part of that letter, which has nothing to do with being accused of anything, is totally unwarranted until further evidence, audit report are available to the public.

To quote anonymous them/it self:
"Until the forensics reports are released we don't know which exploit was used. The forensic investigators need to conclude their work, and speculation in articles, blogs and comments brings the factual results no closer."

Seems they need to follow their own advice

In order to process credit cards, every company needs to be PCI compliant. "If you are a merchant that accepts payment cards, you are required to be compliant with the PCI Data Security Standard" [4]. Since Sony's network was "unpatched and had no firewall installed" [5], that is a clear violation of the PCI standards and ongoing reviews [4], thus likely to be criminal negligence [see Further Reading]. More importantly, "I can't think of a major data breach where the company was PCI compliant," said Ira Rothken, the lead attorney handling the class action lawsuit [6].

Sony claims they were patched up. Patrick Seybold said:

"The previous network for Sony Network Entertainment International and Sony Online Entertainment used servers that were patched and updated recently, and had multiple security measures in place, including firewalls."

 

[WretchedTruman]

It's clearly a moot point pointing a finger at anonymous in the first place, as you're essentially pointing into open space and asking for handcuffs.

What irritates me is that these "press releases" beg for us, as an audience and a consumer base, to give them all the benefits of being anonymous and ignore the disadvantages.

As a philosophy, I will appreciate "it" for standing up for what "it" believes in...eg, boycotting, rallying, freedom of speech and internet, etc.

But when "it" is very, very clearly associated with something that is causing me, the consumer, an inconvenience, then I will expect whoever is representing "it" to take blame.

Again, I say that these press releases are, if not a contradiction to what "it" embodies, simply annoying and tacky, but when the representatives of Anon plead for me to ignore them and fight the real enemy (Sony, in this case) like some fucking Sinead O'Conner, they can go fuck themselves.

Three entities deserve blame in this:

Sony,
The unidentified hacking sphere,
and those who decided to take Anonymous as an ideology and a symbol and hoist it upon their flagpole in a war against Sony.

It needs to be reiterated: I'm not going to loathe anyone in a Guy Fawkes mask from now on, but those making these very specific public statements and claiming to be under said Umbrella term will be met with disdain from me, personally.


We should understand that to dislike Anonymous itself is missing the point entirely. But I'll be damned if whoever's writing these statements isn't no less of a potential snake in the grass than those they're citing in their sources.

 

[HeresSomeWeapons]

1)Anonymous is not a group, it is an idea, ideology, Lain, or something.

Hence, there is no "them"

This makes no sense. An ideology doesn't put out press releases.

 

[strem]

Sony just needs to win their hearts and minds

 

[Commanche Raisin Toast]

yeah lots of heresay being used against sony, as well as directed towards anonymous.

we still have fraudulent CC charges popping up but luckily the banks are looking into things well and can't find anything related to PSN at all. then we have random 'experts' talking about how they heard on some forum that some guys said they totally know stuff was unpatched etc.

that can be used as flags to follow up with investigation, but not as actual evidence. anyone can say anything in any forum and then go tell the media about it if that were the case.

i just want the new firmware, to reset my pw, and get on with the downloading of free sega genesis games.

 

[Raoh]

This makes no sense. An ideology doesn't put out press releases.

LMFAO



Quote of the day

 

[Lince]

Also, I have no doubt that, after all is done, Sony and their PSN will be stronger, more secure and more trustworthy (though still not totally) than ever before - and in the end, isn't that what we all want?

yeah for new users it will be definitely a good thing, but for us old timers... our private info has been already leaked, the damage is done so to me it's no consolation. At least we can rest assured these outages won't be commonplace after the rebuilding of the systems. Sorry for the negative post anyway.

 

[Akainu]

and in the end, isn't that what we all want?

It was a complete none issue until children and assholes started screwing with it.

 

[jetsetfluken]

I just hope there is a new Kevin Butler ad. Outside Sony Computer Entertainment America HQ, crowds of angry people have picket signs, trying to knock down the door of Butler's office.

Please help fill in the rest.

Spoiler

There must be a cameo from Marcus PSP

 

[Dreamgazer]

This makes no sense. An ideology doesn't put out press releases.

It makes perfect sense. Especially when I want to save myself the headache of someone popping out and explaining to me that Anonymous is really no different than a form less, odor less, tasteless, colorless PONY( or whatever else I want it to be).

I mean, I did say "something" at the end of that sentence.

Seems they need to follow their own advice

I totally agree, please see previous page.

 

[strem]

This thread has me so entertained.

 

[Sol..]

Somebody needs to tell Anonymous that you don't have to be PCI Compliant. Nobody does. It's not law, it's not enforced, it's just a guideline.

Q: What if a merchant refuses to cooperate?
A: PCI is not, in itself, a law. The standard was created by the major card brands such as Visa, MasterCard, Discover, AMEX, and JCB. At their acquirers/service providers discretion, merchants that do not comply with PCI DSS may be subject to fines, card replacement costs, costly forensic audits, brand damage, etc., should a breach event occur.
For a little upfront effort and cost to comply with PCI, you greatly help reduce your risk from facing these extremely unpleasant and costly consequences.

Thanks Anonymous for a backhanded troll. After reading about Sony supposedly breaking laws by not being PCI compliant months ago when they discovered the unencrypted text files with the SSL bypass hack. I decided to use that to write a short essay. What I got was a full day of hell. PCI compliance is boring, not even enforced, and largely consists of common sense steps to security like having firewalls and telling people when you get compromised. Then at the end of the day they still expect you to get hacked.

 

[brentech]

EVIDENCE, people. Until we have it, please refrain from casting stones.

Not hard to understand why people would "cast stones" at "them" when they provide the very motive against them.

I would never flat out say they did it. And I don't think it's their thing anyways, but what we know at this point basically comes from their threats. So, it's hard not to think that someone or a group within them decided to take their attack too far.
I've stated before as well, I think it's plausible given their known attack window that someone else completely unrelated to Anon has taken that time to do the deed.

Problem is that by making their distaste for Sony known they just put the authorities onto them. I highly doubt with the shroud of eyes on Sony that they would plant that file, so someone either left it or did it to create a lead. And that's enough to get authorities to give a hard look at them.

If anything, it's more like "casting stones in the most logical direction".

 

[firen]

We've all been hearing over and over again for the last week that Sony was running an outdated version of the Apache web-server software on its webservers. The implication, of course, was that this represents Sony's laissez-faire attitude toward the protection of customer information, making it easy for the hackers to gain entry to the PlayStation Network.

But the funny thing about this kind of "common knowledge" in the age of the Internet is the way rumors have an unfortunate tendancy to be repeated as fact. Just a week ago it was "common knowledge" that Sony stored every PSN password in plain text. It was also "common knowledge" that Sony Online Entertainment hadn't been compromised. Neither of those things proved true.

Old?

 

[androvsky]

I just hope there is a new Kevin Butler ad. Outside Sony Computer Entertainment America HQ, crowds of angry people have picket signs, trying to knock down the door of Butler's office.

Please help fill in the rest.

Spoiler

There must be a cameo from Marcus PSP

Remember the final Segata Sanshiro ad? They absolutely have to do that with Kevin Butler, preferably in reference to this whole mess.

 

[angelfly]

The more threats they get the more testing they've going to do. Their E3 conference is right around the corner and at this point I'm kind of worried that it won't even be up by then.

 

[DiscoJer]

I just hope there is a new Kevin Butler ad. Outside Sony Computer Entertainment America HQ, crowds of angry people have picket signs, trying to knock down the door of Butler's office.

Please help fill in the rest.

Spoiler

There must be a cameo from Marcus PSP

Okay, how about his. Kevin Butler has a Milk Carton, with PSN on the one side, showing to the camera. He turns it around (signifying that it's back up) and you see Marcus on the other side.

 

[ElRenoRaven]

The more threats they get the more testing they've going to. Their E3 conference is right around the corner and at this point I kind of worried that it won't even be up by then.

Nah. At some point they're going to have to bring it up. No matter how good your security is it is not unhackable. If they bring it up and it gets hacked and they show that the security was the best they could do people who aren't childish morons will understand and it will only hurt whoever did it and hell all hackers and groups like Anonymous in general because there there will be a huge push to police the net a lot more then it is now.

 

[androvsky]

I do find it interesting that, as far as I know, none of Sony's public-facing websites have been defaced throughout all of this.

 

[Averon]

I do find it interesting that, as far as I know, none of Sony's public-facing websites have been defaced throughout all of this.

With the FBI now involved, any sane would-be hacker wouldn't touch a Sony website/service at the moment.

 

[SneakyStephan]

Nah. At some point they're going to have to bring it up. No matter how good your security is it is not unhackable. If they bring it up and it gets hacked and they show that the security was the best they could do people who aren't childish morons will understand and it will only hurt whoever did it and hell all hackers and groups like Anonymous in general because there there will be a huge push to police the net a lot more then it is now.

I'd understand it, I'd still not put my credit card info in there ever again though.
Not because it's personal, but because it's not safe in that case.
(as in them getting their security breached twice in a row, while still being a target , and with no way to prevent it)

 

[B1gg_Randall]

With the FBI now involved, any sane would-be hacker wouldn't touch a Sony website/service at the moment.

I hope so man..We miss so much time off-line on PSN..

 

[Kagari]

People need to stop giving Anonymous attention.

 

[spats]

People need to stop giving Anonymous attention.

No kidding, they thrive on it. On the other hand I feel like they would pull another huge stunt like this just to regain attention.

 

[firen]

People need to stop giving Anonymous attention.

You should check out this brilliant piece by NPR.

 

[Diablos]

People need to stop giving Anonymous attention.

Don't count on it.

People like to place blame on someone/something and pointing the finger at Anonymous does that. It's already fairly clear that whoever did this went against what most other "Anonymous" would consider proper. Doesn't matter.

 

[Amir0x]

Keep them down until E3 just for the lulz. Would be totally worth it.

Well we'll just have to keep you down until after E3 just for the lulz. Seems like a fair trade off.

It's such a shame the day people stop being gamers and instead started playing companies.

 

[Dreamgazer]

People like to place blame on someone/something and pointing the finger at Anonymous does that. It's already fairly clear that whoever did this went against what most other "Anonymous" would consider proper. Doesn't matter.

What exactly does "most other" "Anonymous" consider proper?
Last I checked that criteria changes all the time.

The only thing we can say is that there is no concrete evidence tying Anonymous to the crime, Sony has not declared them to be the hackers, and Anonymous has denied responsibility. <- facts.

 

[DailyVacation]

Unfortunately that doesn't qualify as evidence, as anyone could have put that down.

It's also sad that certain sites are quick to attacking Sony thinking that the whole "legion file" is just their way to frame Anonymous...even though Sony said they themselves are not sure in the same document.

That's all circumstantial at best. Even Sony wouldn't try to use that in court.

Oh, and EricHasNoPull's avatar has that effect on me, as well.

Anyway, I doubt that something like the current situation will happen again. Someone in a previous post described the DDoS/PSN hack timing as "an Asteroid Event-level coincidence", and I tend to agree. Plus, Sony's new security protocols should be strong enough to withstand any repeated attacks using the same vector, at least.

I'm betting that the online gaming portion will be up on Wednesday or Thursday, or failing that, June 2nd.

It's definitely not evidence Sony can use in court to convict Anonymous, but it's fuel for suspicion that would suffice for Sony to say that they have reason to believe, or at least suspect, that these guys could be remotely involved, and thus greater scrutiny should be placed on them as a responsible measure. And that's what's happening now.

I also thought Dambrosi was referring to people on this thread about waiting for hard evidence before casting stones, and for our level as simple onlookers, mere speculation can easily and erroneously be upgraded to evidence. Thankfully that's not the same case for court.

 

[Blimblim]

Somebody needs to tell Anonymous that you don't have to be PCI Compliant. Nobody does. It's not law, it's not enforced, it's just a guideline.



Thanks Anonymous for a backhanded troll. After reading about Sony supposedly breaking laws by not being PCI compliant months ago when they discovered the unencrypted text files with the SSL bypass hack. I decided to use that to write a short essay. What I got was a full day of hell. PCI compliance is boring, not even enforced, and largely consists of common sense steps to security like having firewalls and telling people when you get compromised. Then at the end of the day they still expect you to get hacked.

If you are not PCI compliant, no credit card processing company will allow you to handle payments directly (as in having the credit cards number go through your own website and not being done by a third party). At least here in France, that's the way it works. I would know, I was in charge of the payment processing before I moved on to system/network administration.
Up to level 2 (less than a 6 million transactions a year) it's just a regular security scan by a third party company, and a form where you basically swear you are doing all your development and stuff the right way, but there is no actual audit. Audits are for level 1 (more than 6 million transactions, definitely PSN's level), and damn they are expensive. They also include pentests, which if done right should have exposed some of Sony's problems.

 

[Jive Turkey]

Well we'll just have to keep you down until after E3 just for the lulz. Seems like a fair trade off.

So what's the bodycount for this whole affair? Seems like more people have been banned over the last two weeks in one PSN thread or another than usual.

 

[Amir0x]

So what's the bodycount for this whole affair? Seems like more people have been banned over the last two weeks in one PSN thread or another than usual.

Oh, it's massive. Easily over 60 bans related to this PSN hacking fiasco. GAF is unhinged for this situation

 

[krimsoncharge]

did anon ops site get hacked?
http://anonops.net/

sorry if old/posted.

 

[Dreamgazer]

did anon ops site get hacked?
http://anonops.net/

sorry if old/posted.

Their IRC server were supposedly hacked on the 28th also.

Not really relevant to this thread though.

 

[shintoki]

Oh, it's massive. Easily over 60 bans related to this PSN hacking fiasco. GAF is unhinged for this situation

Bit off topic, but how long are they gone for? Is it individual case or just a week or two off for everyone to cool down?

 

[Mr_Elysia]

Emotions are, understandably, high. What gets me is the energy with which some people will throw themselves behind something blindly.

 

[Chipopo]

http://ispsnstilldown.com/