Support NeoGAF

[CrunchyFrog]

All existing PlayStation Network customers will be provided with 30 days free membership in the PlayStation Plus premium service.

Is this 30 days starting from when PSN goes back up? Or just 30 days from when you first log back into your account?

 

[MalboroRed]

Shit this must be a humbling experience for Hirai, this generation has not been easy for him.

 

[chris0701]

double posted.

 

[Metalmurphy]

Salting refers to doping up the password being hashed before the hashing occurs so that someone who obtains a list of hashed passwords can't simply use a rainbow table to derive the original password. Also, by making the password longer, it can also increase the amount of time a bruteforce attack would take or foil simple dictionary attacks.

The simplest salt would be to simply prepend a set of fixed characters to a password; if your password was butts and my password was farts, a very simple salt would be to hash "psnbutts" and "psnfarts" rather than our actual passwords. A more secure salt would be to make the salt dynamic based on the password itself; for example appending the password backwards to the end of the password.

... and probably best not trying to explain how these things work if you're just learning them for yourself as you google

Well I know/knew how hashed passwords work, just not the salting part (which wasn't even in the question). The salting part was what I was googling. I don't think I've said anything misleading did I?

Pardon me for trying to help.

 

[chris0701]

Do you know what encryption and hashes are? Do you know why it doesn't make much sense to encrypt passwords from a practical standpoint?

Encryption requires some key, whether public or private. Hashes don't. They're stand-alone. If someone steals a hashed password, they haven't gotten much (hopefully). If someone steals an encrypted password along with its decryption key, then they can easily see what your password is.

I can see your point. To be precisely the "encryption" needs keysas we know,like RSA one.

But in the result, one hashed password as "password" can be said to be "encrypted" when it doesn't looks like as the original text.It is why the "no encryption on password" statement confuses me.

 

[loosus]

I can see your point. To be precisely the "encryption" needs keys.

But in the result, one hashed password as "password" can be said to be "encrypted" as it is not looks like as the original text. It is why the "no encryption on password" statement confuses me.

Uh, the wording is correct. A hashed password is not encrypted. Encryption implies decryption, which is not possible with a hash.

 

[Metalmurphy]

I can see your point. To be precisely the "encryption" needs keysas we know,like RSA one.

But in the result, one hashed password as "password" can be said to be "encrypted" when it doesn't looks like as the original text.It is why the "no encryption on password" statement confuses me.

They corrected that statement afterwards.

 

[ApolloJoh]

Is this 30 days starting from when PSN goes back up? Or just 30 days from when you first log back into your account?

I'd assume it would be when the Store's back up.

 

[alr1ght]

 

[Metalmurphy]

[]http://k.min.us/ilpwdU.jpeg[/IMG]

[]http://min.us/jltKQ0.jpeg[/IMG]

You should stop or I'm gonna start felling sad for them lol

 

[Stumpokapow]

man those AP watermarks are embarrassing.

 

[loosus]

They are probably dynamic watermarks applied when hotlinking.

 

[chris0701]

wow,the AP must think this image wil be hot so they put lots of watermark on it.

 

[Wolves Evolve]

That animated gif + E3 gif madness = preemptive belly laughs right now.

 

[Seraphinianus]

that gif is making me feel bad for ever criticizing sony :'(

 

[Rebel Leader]

That animated gif + E3 gif madness = preemptive belly laughs right now.

Cause it's a never ending apology and bow.

 

[alr1ght]

happier times

 

[Metalmurphy]

Ok, this one made me laugh

 

[Wario64]

Ok, this one made me laugh

Looks like someoen photoshopped it and turned his smile upside down

 

[Luckyman]

Do you know what encryption and hashes are? Do you know why it doesn't make much sense to encrypt passwords from a practical standpoint?

Encryption requires some key, whether public or private. Hashes don't. They're stand-alone. If someone steals a hashed password, they haven't gotten much (hopefully). If someone steals an encrypted password along with its decryption key, then they can easily see what your password is.

wat

hashing is never secure. High grade encryption is when used wisely.

 

[Rebel Leader]

Looks like someoen photoshopped it and turned his smile upside down

That is the face of shame

 

[loosus]

wat

hashing is never secure. High grade encryption is when used wisely.

A lot of fucking good encryption is going to do you when your keys are stolen right along with your encrypted data. lol

 

[Metalmurphy]

Looks like someoen photoshopped it and turned his smile upside down

Still looks sad.

A lot of fucking good encryption is going to do you when your keys are stolen right along with your encrypted data. lol

In such case hashing is definitely the better solution. However hashing can't be done to store all data, that wouldn't make any sense.

 

[chris0701]

Still looks sad.

Looks creppy.

Where can I find bow images of Kaz san on this meeting ?

Watermark is so disgusting.

 

[Speevy]

You'd think the entire Sony executive staff had just been arrested on drug trafficking charges.

 

[alr1ght]

if you want to dl the press conference: http://www.multiupload.com/NAS448CZO1

 

[vilmer_]

Still looks sad.

omg LOL!

 

[loosus]

Still looks sad.


In such case hashing is definitely the better solution. However hashing can't be done to store all data, that wouldn't make any sense.

Lots of data may be stored encrypted, but at best, it's a CYA maneuver because if someone has gotten far enough to steal encrypted data, they can probably get your keys, too.

Encryption makes a lot more sense in transmission of data than storage -- and that's exactly how most companies use it.

Some of you guys must have read in a textbook that encryption is some kinda silver bullet against attacks, but it's not. Create an actual information system and get back to me.

 

[Lupin the Third]

Looks creppy.

Made me think of this:

http://www.youtube.com/watch?v=Tv0S2gzcEeU#t=1m08s

Spoiler

Kaz = Creepy Girl's brother confirmed?

 

[cRIPticon]

A lot of fucking good encryption is going to do you when your keys are stolen right along with your encrypted data. lol

Except they weren't? LOL? Seriously.....

Lots of data may be stored encrypted, but at best, it's a CYA maneuver because if someone has gotten far enough to steal encrypted data, they can probably get your keys, too.

Encryption makes a lot more sense in transmission of data than storage -- and that's exactly how most companies use it.

Some of you guys must have read in a textbook that encryption is some kinda silver bullet against attacks, but it's not. Create an actual information system and get back to me.

Except that the keys are almost never kept with the data. Best practices put the two on different servers. If they absconded with the database, there is a good bet the keys were nowhere to be found.

But you are correct, the most secure point of encryption is in transmission, when someone pulls it in flight.

 

[loosus]

By the way, metalmurphy, weren't you the one who earlier admitted to Googling as you went along? You really need to just stop trying to explain things you clearly don't understand.

Except they weren't? LOL? Seriously.....

If an attacker can get to your database and not your code, let's just say that's a bizarre situation. Can it happen? Sure. But if they can access your database, encryption/decryption should be the least of your worries.

 

[Raoh]

A good idea is to use a password manager. I use passdroid and I imagine there are loads on ios as well. That way you can generate ludicrously hard and different passwords for all your accounts.

Just don't forget your master password or uninstall the app though...

I've never been a fan of those. It can surely help, especially if can gauge the strength of a password you created. but what if it holds data, or uses an algorithm that can help a hacker figure your your potential password.

I just think that as highly as I rely on software from my day to day, there needs to be a point where I cut the cord to how involved my connection to software my password is.

I would say that out of 10 friends, I am the only one at risk for fraud after this psn hack. Most are older folk over 40 and not once used a credit card or password related to anything they use in their day to day life.

what if someone hacks passdroid? couldn't a hacker get the potential passwords suggested to you?

While there is always the possibility of Human Error (I D 10 T errors if you will) I still dont and shouldn't rely on a computer program to help me come up with a better password.

That's just my belief, i wont knock anyone for using your method for creating a password, I just dont feel that a program is the best solution for protecting you against a program used to hack programs.

Truth is as technology gets smarter so do we as human beings.

 

[Marsipolami]

Would be hilarious if the PS3 folks got stuff but us only PSP-ownin' folks get squad.

Hilarious, but not surprising.

 

[Metalmurphy]

By the way, metalmurphy, weren't you the one who earlier admitted to Googling as you went along? You really need to just stop trying to explain things you clearly don't understand.

Dude, I was agreeing with you. And all I googled was salting. *sheesh*

 

[alr1ght]

av

 

[Clott]

That gif is so epic, the action o a bow is so strong, I always love that about the Japanese culture.

 

[test_account]

http://i.imgur.com/lmTzo.jpg

Haha

 

[Snuggles]

Haha, how could you stay angry at a face like that?

all is forgiven, Kaz, you poor thing

 

[A.R.K]

I can't believe shit articles like this still getting posted on the internet:

http://news.cnet.com/8301-17852_3-20058743-71.html

But this had all been said already. What hadn't been said was a clear, public and human apology.

WTF??? What can be more human apology than this???

Whats up with so much hate for Sony this gen??? is the $599 still butt hurting them?

 

[Wario64]

"Everything went better than expected"

 

[Mama Robotnik]

The aggresive watermarks make it look like AP and Getty have copyrighted his misery, to be sold on for the morbid scrutiny of others.

Bet E3 is the last thing on his mind at the moment.

 

[jiggles]

WTF??? What can be more human apology than this???

Um, "hadn't" is past tense.

 

[get2sammyb]

I can't believe shit articles like this still getting posted on the internet:

http://news.cnet.com/8301-17852_3-20058743-71.html

WTF??? What can be more human apology than this???

http://www.abload.de/img/0117_kn7c.gif[IMG]

Whats up with so much hate for Sony this gen??? is the $599 still butt hurting them?[/QUOTE]

That does seem a bit unfair. You can criticise the apology being late and the compensation and assurances being weak (I personally think they've done a great job, but I guess I could loosely understand some argument here), but to criticise that apology is pretty crazy. It looks as sincere and genuine as they come.

 

[MalboroRed]

http://min.us/jn6vTk.jpg

Sad face.

 

[alr1ght]

fuck you getty watermark

trickery!

 

[Syphon Filter]

wait so if we get 30 free days will we keep the free ps1 classics?

 

[Metalmurphy]

wait so if we get 30 free days will we keep the free ps1 classics?

Someone said that PS1 classics also expire with the subscription.

 

[Raoh]

wait so if we get 30 free days will we keep the free ps1 classics?

I don't believe you do. You keep discounted items. if its a sale for ps+ members then its just a discount and its yours. Even after your subscription runs out. Free monthly games I believe expire once you cancel PS+.

But I'm not an expert, I too need to read through the PS+ thread and PS+ ToS.

 

[Alx]

I can't believe shit articles like this still getting posted on the internet:

http://news.cnet.com/8301-17852_3-20058743-71.html



WTF??? What can be more human apology than this???

http://www.abload.de/img/0117_kn7c.gif[IMG]

Whats up with so much hate for Sony this gen??? is the $599 still butt hurting them?[/QUOTE]

Well I read the cnet article and they were mentioning the psblog press release, not the conference itself. While it's true that during the conference they dis ask for apologies, there's no such thing in the press release ( [url]http://blog.us.playstation.com/2011/04/30/press-release-some-playstation-network-and-qriocity-services-to-be-available-this-week/[/url] ). Its content can indeed be shortened to "we were under attack, we're working on it, and will thank you for your patience".
I think that this press release was cautiously written to avoid any kind of apology, so that it cannot be used agains them as a confession of having made a mistake. Which makes sense legally even if it will angry a few people.

And even if it wouldn't have changed much, I think that they could have made the press conference a week earlier, since they didn't present anything today that they didn't know then.

 

[JaseMath]

The bow was a fantastic gesture; much respect. I accept the apology.