By using this site, you agree to our Privacy Policy and our Terms of Use. Close

Forums - Sony - A Network Analysts View on the PSN Incident

DarkD on 18 May 2011

Reading about the recent PSN incident I thought I would throw my two cents in, being that I have a degree in Network Security.  

I and many other network security analysts like what hackers do.  Why?  Because they force companies to adopt the latest security trends and fix holes faster.  This is a good thing because it prevents larger issues from happening later.  Imagine if Sony left their security the way it was for another 10 years....  The PSN network would have probably been deleted altogether, and all of your data would be taken.  

Be glad that Sony had such nice hackers come by that didn't actually use that credit card information and other stolen items.  Now the information is gonna get the proper protection it needs.  On top of that governments like Japan's have taken notice of how horrible companies like Sony handle these situations. 

Let me give you an example of something that happened long ago by a white hat.  He made the worlds first and most destructive worm ever.  

http://en.wikipedia.org/wiki/Robert_Tappan_Morris

His worm infected something like 1/10th of the worlds computers and shut down the INTERNET for something like a week.  My teacher Aman Abdulla taught me about him and said that us network people wanted to let him go.  He identified a MAJOR security problem.  



Around the Network
Ajescent on 19 May 2011

"nice" hackers? give me a fucking break...

It's like me saying, in order to encourage all my neighbours to have better security, I'm gonna go around all their houses and check they've locked all their doors and windows, if they haven't I'll let myself in an "confiscate" their Plasma TVs and then leave it out in the open. Because if it had been a real burglar, they would have taken the tv without a second thought ¬_¬



PS One/2/p/3slim/Vita owner. I survived the Apocalyps3/Collaps3 and all I got was this lousy signature.


Xbox One: What are you doing Dave?

Max King of the Wild on 19 May 2011
Ajescent said:

"nice" hackers? give me a fucking break...

It's like me saying, in order to encourage all my neighbours to have better security, I'm gonna go around all their houses and check they've locked all their doors and windows, if they haven't I'll let myself in an "confiscate" their Plasma TVs and then leave it out in the open. Because if it had been a real burglar, they would have taken the tv without a second thought ¬_¬



hahaha exactly



kitler53 on 19 May 2011
DarkD said:

..

I and many other network security analysts like what hackers do.  Why? ...


..because it justifies your career and paycheck.



Tridrakious on 19 May 2011

Wish we could frame this post for future generations to see what is wrong with the world they live in.

With the motto "They left the door wide open and trusted us not to take their stuff, so we took it"



Around the Network
DarkD on 10 June 2011

I thought I would resurrect this thread of mine now that some more people have voiced similar opinions to mine.

http://newschoolsecurity.com/2011/06/are-lulz-our-best-practice/

Sure it sucks when they take down something like PSN, but now these security problems are getting some public exposure. Security analysts scream our heads off at managers every day saying "Our security is terrible give us money to fix it" the managers nod along and say go to hell.... We whip out a contract and say "Sign here saying that we warned you about these security problems and that you knowingly refused to implement fixes for them. "

Sure its great if a white hat comes out and just points goes around mailing to companies about security flaws, but often all the companies do is say "ok lets add a rule to the firewall blocking just that one command and leave everything else". Well guess what.... YOU DIDN'T FOOL ANYONE!!!!

Do I have to scream it in your ears, THIS WAS SONY'S FAULT!!!! They still haven't fixed anything by the sounds of it. GET ANGRY!!!!

http://www2.macleans.ca/2011/06/08/harper-hacked-by-hash-brown/

LulzSec (or whoever) has done Harper and Canada a favour by pointing out a dangerous security vulnerability in a pretty innocuous, harmless and lulzy way. The Conservatives are justly embarrassed, and you can bet they’re tightening up their web security right now, and hopefully making sure that a pair of human eyes sees each tweet before it hits their feed.

Can you imagine what would have happened if they wanted to really screw things up? These hackers are capable of sinking an economy if they have access to sites like this.

They also hit PBS as well

http://www.youtube.com/watch?v=sXPe1Rckcjw

listen about 11 minutes in, This guy talks about how dangerous the PBS hack could have been. They could have posted a rumor about Apple and sunk their stocks. Or started a riot by posting on a hot button topic like japan's nuclear crisis.

You get angry at me but you have no clue what your talking about. I don't want them to go around and destroy the world, but if that's what it takes to get things fixed then maybe it's worth it....



goforgold on 10 June 2011
DarkD said:
I thought I would resurrect this thread of mine now that some more people have voiced similar opinions to mine.

http://newschoolsecurity.com/2011/06/are-lulz-our-best-practice/

Sure it sucks when they take down something like PSN, but now these security problems are getting some public exposure. Security analysts scream our heads off at managers every day saying "Our security is terrible give us money to fix it" the managers nod along and say go to hell.... We whip out a contract and say "Sign here saying that we warned you about these security problems and that you knowingly refused to implement fixes for them. "

Sure its great if a white hat comes out and just points goes around mailing to companies about security flaws, but often all the companies do is say "ok lets add a rule to the firewall blocking just that one command and leave everything else". Well guess what.... YOU DIDN'T FOOL ANYONE!!!!

Do I have to scream it in your ears, THIS WAS SONY'S FAULT!!!! They still haven't fixed anything by the sounds of it. GET ANGRY!!!!

http://www2.macleans.ca/2011/06/08/harper-hacked-by-hash-brown/

LulzSec (or whoever) has done Harper and Canada a favour by pointing out a dangerous security vulnerability in a pretty innocuous, harmless and lulzy way. The Conservatives are justly embarrassed, and you can bet they’re tightening up their web security right now, and hopefully making sure that a pair of human eyes sees each tweet before it hits their feed.

Can you imagine what would have happened if they wanted to really screw things up? These hackers are capable of sinking an economy if they have access to sites like this.

They also hit PBS as well

http://www.youtube.com/watch?v=sXPe1Rckcjw

listen about 11 minutes in, This guy talks about how dangerous the PBS hack could have been. They could have posted a rumor about Apple and sunk their stocks. Or started a riot by posting on a hot button topic like japan's nuclear crisis.

You get angry at me but you have no clue what your talking about. I don't want them to go around and destroy the world, but if that's what it takes to get things fixed then maybe it's worth it....

I would fcuking respond to this..........but then I would get banned........again........>_<



badgenome on 10 June 2011

Thank you, nice hackers!



Scoobes on 10 June 2011
kitler53 said:
DarkD said:

..

I and many other network security analysts like what hackers do.  Why? ...


..because it justifies your career and paycheck.

Lol. The OP could have saved a load of waffle if he'd just admited this!




Get your Portable ID!