» One computer, many hacks: Investigators say that the computer used in the Sony breach — located in a basement in Gijón, Spain — was responsible for hacks to two Spanish banks, an Italian energy company and numerous government Web sites, including Arab Spring hotspots Egypt and Libya. The main guy was actually arrested back in the middle of May, but his arrest wasn’t publicized until today. The other arrests took place in other parts of the country. So, is it surprising that the PlayStation Network hackers (not any of the other Sony hacks, by the way) appear to have been tied to Anonymous?
PSN hacked again…kind of. PlayStation Network was down again today, but not for the familiar reason of widespread hacks. A newly discovered exploit allows people to change account passwords armed with nothing but an email address associated with the account and the owner’s date of birth — both of which hackers obtained in the larger exploit earlier this month. Gaming Nyleveia.com discovered the newest flaw and contacted Sony about the problem. The network then went down again, apparently so Sony could fix it before it got out of hand. It’s important to know that the network wasn’t actually hacked again — hackers stole no new information, but instead discovered a new exploit that’s now being fixed. Sony is going to have a rough time recovering from all of this. source
» What’s the big problem? Without breaking into major details, Japanese Ministry of Economy official Kazushige Nobutani puts it like so: ”As of May 13, Sony was incomplete in exercising measures that they said they will do on the May 1 press conference.” So, in other words, Sony’s not proving they’ve actually fixed anything to Japan yet. As Sony is famously based in Japan, this is another pretty embarrassing turn of events.
producermatthew said: Suggesting companies should learn to “get hackers on their side” is like saying banks should learn to play nice with robbers. There’s a difference between telling someone their door is unlocked and blatantly breaking in to their house.
» We say: While it’s not necessarily an even match, here’s the reason why I stand behind my prior post. By keeping low-level hackers happy by encouraging homebrew solutions that respect the intentions of the device creators (such as what the article suggests Microsoft has done with their Kinect device), it encourages an environment where much more sinister hackers might give you a pass. The thing is, the PlayStation Network’s hackers should get punished. What Geohot and Alexander Egorenkov did pushed the edges a little but was something Sony could have responded to without lawsuits or raids. Neither of them were intending to do the type of wrong the PSN hackers were. But Sony’s heavy-handed response to Geohot and Egorenkov got their attention.
In the future, a blowback in the realm of cybersecurity might be known as the Sony Effect.Bloomberg’s Michael Riley and Ashlee Vance • In a piece called “The Company that Kicked the Hornet’s Nest.” Oh God, let’s hope it’s called “The Sony Effect,” because maybe it’ll remind other companies why not to actively antagonize their hacking-focused users. In Sony’s case, they were a combination of litigious (going after two well-known hobbyist hackers and threatening many others) and incompetent (they apparently ignore security researchers who find flaws and left their network wide open to an attack). The end result is that a company that needed to learn a lesson about getting hackers on their side learned a very expensive one — one that’s shut down their PlayStation Network for nearly a month now. source (via • follow)