By using this site, you agree to our Privacy Policy and our Terms of Use. Close
fordy on 25 February 2013
Edit Thread
KylieDog said:
fordy said:


You really know nothing about the security process, do you?

Security holes are generally only fixed by discovery, whether it's by people who specialise in attempted compromise of security or by hackers. If the breach is found to be caused by a protocol or service, then the relative fix is applied and the new version is published.

Valve's system breach incited a revision of protocol functionality on the thought that it might have been the cause. It was outside of Valve's juristriction altogether.

However, Sony's PSN system was at least two MAJOR revisions out of date (MINOR revisions generally contain at least several patches/fixes. MAJOR revisions are exponentially greater). Therefore, Sony left it's doors open for HUNDREDS of different types of KNOWN and DOCUMENTED security breaches that were already fixed in later versions.


Evidence etc...

http://www.computerandvideogames.com/300332/sony-was-using-outdated-security-and-no-firewall-for-psn-says-security-expert/

http://www.pcworld.com/article/227770/experts_on_psn_hack_sony_could_ve_done_more.html

http://www.redspin.com/blog/2011/05/05/sony-psn-breach-%E2%80%93-how-bad-was-their-security-a-look-into-error-messages/

 

Sony was fined for poor security, as well...

http://www.newsfactor.com/story.xhtml?story_id=86566&full_skip=1

 

EDIT: To add, the article states Sony used Apache Tomcat 5.5.23 . When the system was breached, the latest edition of Tomcat was 7.0.26