back to article Sony implicates Anonymous in PlayStation Network hack

Forensics experts investigating the security breach on Sony's PlayStation Network found a file on one of the hacked systems that was titled “Anonymous” and contained the phrase “We are Legion,” the company's chairman told members of congress. The revelation, made in a letter, (PDF here) that Sony Chairman Kazuo Hirai sent on …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge
Unhappy

Bullshit

If it were at all possible Sony would have just gone down further in my estimation.

I don't for one minute think that Anon. had any connection with this. It's just not the way they work.

What is far more likely is that a criminal gang was already preparing for this attack, and found the Anon. DDOS a convenient smokescreen. Obviously they'd think of leaving a 'note' behind to muddy the waters further. One could argue they wouldn't be very {ahem} professional if they didn't!

In reality Sony is responsible for their own lax security - has a certain familiarity doesn't it?

40
4
Anonymous Coward

Re: Bullshit.

Anonymous would never have done this.

Not only do they go for big targets in protection of the little guy (this attack was not against Sony but its user base) but the information stolen is bound to contain a vast number of anonymous supporters if not actual members.

The first thought I had on reading this is that it's a distraction by the real perpetrators but I wouldn't put it past Sony to have planted that message themselves.

7
0
Silver badge

Re: Anonymous

I am reluctant to use the word "never" in this context. Whilst it would constitute a major change of direction for Anonymous to do this, Anonymous isn't an organisation with clearly defined structure. Unlikely as I think it is, it could be someone who thinks they are operating under the Anon banner who has missed the basic ethos of Anon.

Alternatively, this loathsome Sony bastard is trying to get Anon to do his work for him by giving them incentive to find the culprit - come to think of it, that actually sounds more plausible to me ...

0
0
Bronze badge
Pint

More Bullshit

> I don't for one minute think that Anon. had any connection with this.

Yeah. Sure.

Anonymous is such a TRUSTWORTHY organization, right?

> What is far more likely is that a criminal gang was already preparing for

> this attack, and found the Anon. DDOS a convenient smokescreen.

> Obviously they'd think of leaving a 'note' behind to muddy the waters further.

> One could argue they wouldn't be very {ahem} professional if they didn't!

One could argue that you need to cut back on your drinking.

Look, Anonymous by their own admission is a criminal organization. They can't argue the "honor among thieves" plot because as a collective, it only takes one of them to decide to aim all their guns at one target, right? At best, this was a rogue member of Anon that decided to use their bot network to steal valuable data. At worst, Anon is tired of just being irritating and have decided that it's time to make some money off of innocent people. Look at any cracker network and you'll see that inevitably they abandon any "principles" that started them and eventually graduate into more malicious crimes. Anon is now getting greedy.

0
11
Bronze badge

Re: Intractable Potsherd

Anonymous doesn't have an official registration list, the same case in any criminal organization. If I blow up my house and leave a note that says "al qaeda claims responsibility" does that make me a member of al qaeda? Does it make them responsible? Of course not.

If Anon "did this" it is the same case I outlined. Someone who claimed to be a member and has nothing to do with it. Anon could "never" do this because it is against their established platform. It'd be like al qaeda assassinating the president of Iran. It wouldn't make any sense.

If Anon did do it, there'd be no cause for alarm. Anon hacks things because they can (tm) and would not use or resell the personal information collected.

0
0
Pirate

@Bullseyed

"If Anon did do it, there'd be no cause for alarm. Anon hacks things because they can (tm) and would not use or resell the personal information collected."

But it could be held for ransom.

0
0
Stop

"...this loathsome Sony bastard is trying..."

to make Anon into a massive criminal organisation, possibly with a view to invoking the USA's RICO statutes. Which would be a very, very dangerous thing for anyone who has so much as bought a drink for a member of Anonymous.

0
0

yap yap yap

Sony, unpunished for a long series of CRIMES (rootkit, removal of porduct feature, sueing whitout legal ground, draconian ILLEGAL DRM etc...) got it just deserve. This incident will hopefully bring Sony down, as it is a OPENLY CRMINSAL CORPORATION that should have been shutdown after the rootkit fiasco.

Sony need to be sued for every single penny they have, it;s owner jailed and the company shutdown.

GAME OVER SONY

19
14
Unhappy

Wow...

...hyperbole much? Come on - you don't shut down a massive company over a fiasco involving some extremely small percentage of its business. It's absurd.

And Sony may be a**holes, calling them openly crminsal... uhh... criminal... is just not true. A good chunk of their idiocy would be covered by civil or contract law, and the rest of the stuff that pisses people off is usually their *using* the law.

Sony's behavior has been contemptible, but rabid, nonsense tantrums serve only to lower the credibility of those rightly concerned about Sony's actions. There's a reason the term 'freetards' exists - people taking justified anger to unreasonable extremes.

You only hurt the cause when you fly off the handle. Please stop.

19
12
Silver badge

@David W.

I think the rootkit they embedded in the audio CD would be classed as criminal. Installing software onto a machine without the user's consent.

25
1
Boffin

But still...

...I'm not sure where, or whether, that falls foul of actual criminal law. There was a warning (vague, albeit) about copy protection, and the software itself wasn't malware. I'm talking from a court's perspective, not the user's perspective - it wasn't a keylogger or a backdoor etc.

I'm actually curious where that falls in terms of legality. But the OP's assertion that Sony should be 'shut down' is utterly absurd, since the penalty for doing the same thing as an individual would at most be a few years in the lockup - particularly if it was for the purposes of content protection.

And, of course, the other parts are just laughable - removing a feature from a product is criminal now? Kinda funny how loud people are about having the right to add features to products they buy... but then do a 180 and claim the crime of the century has been committed if a manufacturer removes features from a product that it *makes*! Even if the feature had been explicitly promised in a EULA or service contract, violating the terms would be a civil issue, not a criminal one.

Oh well... talking to a wall and all that. A crazy wall. Made out of crazy bricks.

In crazyville.

11
10

@David W.

"There was a warning (vague, albeit) about copy protection, and the software itself wasn't malware."

Err... define malware?

The Sony XCP software was apparently installed silently before a EULA was displayed, and the EULA didn't mention taht it installed hidden software. It then ate resources, caused bluescreens, put in measures that allowed processes to hide themselves and generally caused trouble. Then it prevented you format shifting music you had bought, except to a few (mostly Sony) devices.

Whether it's criminal depends on how you interpret the actions against various laws about using computers without permission, laws Sony are currently trying to bend as myuch as possible in their favour when it comes to people accessing their own playstations without Sony's permission...

sony shouldn't be shut down, they should be ignored and left to wither and die.

16
2
Go

@yap yap yap.

Opera has a built in spell check mechanism. Time to switch browsers?

6
8
Anonymous Coward

ID10T errors abound

Let's get something straight because people do seem a bit dim in understanding this. The DRM/rootkit issue was solely down to SONY USA, not the Sony Corporation. Once it was discovered that the rootkit issue existed Sony Corporation shot down SONY USA and apparently set rules that with regards to things like this so it doesn't happen again.

Again, afaik, the servers that were hacked are in the USA and protected by Sony USA. If there was lacksadaisical security then the decisions were down to SONY USA - not the head office,

So, in conclusion - shutting down the whole corporation is an idiotic idea conceived by a moron.

And just to finish - while people go on about the poor security I think you are blurring the issue or are just trolling. The did have the items well secured but sometimes hackers are determined.

Finally, if anonymous's DDoS attack did take down one of the PSN servers then yes, they can be held responsible because they effectively kicked down the gate and opened the door. They may not have committed the robbery but they are a part of it.

Oh, and if Sony deserve to be shutdown then Microsoft deserve to be shutdown and all their employees, past and present, lined up against the wall and shot.

4
5

it falls in terms of

not actually meeting the red book standard for CD's :)

Perhaps its a breach of trade descriptions marketing an audio CD that doesn't conform to the standard?

1
0
FAIL

Rootkit?

Another idiot that's fallen for the internet myth of the Sony Rootkit.

A rootkit needs to give root access AND cover it's tracks. The "rootkit" never gave root access, it installed a copy protection system and covered it's tracks.

Immoral, yes, illegal no, malicious, no.

Still why let facts get in the way of a great internet myth.

This place is hilarious these days, all the children that glean their only knowledge from Wikipedia and Xbox Forums....

6
10
Bronze badge

Re: 1D10T errors abound

Actually it's more like taking advantage of an anti-globalisation riot to commit a bank robbery while the police are distracted. The rioters are to blame for any destruction they caused, but not for the robbery, although any sufficiently vindictive prosecutor would find some way to make a charge of aiding and abetting stick.

3
0
Boffin

Sony rootkit designation as malware was no myth

You can think what you like about the legitimacy or otherwise of the Sony Rootkit based on the questionable idea that those who installed it on their computers consented to this. (If anyone infected didn't authorise access, then this was technically a UK Computer Misuse Act section 3 offence.) Regardless of your opinion, when push came to shove the Windows Antivirus vendors were forced to respect their customers interests in having spyware which compromised system security and allowed other malware to infect systems removed. I imagine the reason the AV vendors didn't designate the Sony rootkit as malware immediately and took some time to do this, is that they had to understand what it did and also had to overcome any fear of potential libel/slander action by Sony, in relation to this decision so to designate. The fact they eventually designated the rootkit as malware in their search engines disproves your assertion this software was non-malicious, whatever the motivations behind the misguided arrogance of Sony executives who commissioned the design and distribution of this software.

This road to hell is paved with good intentions: http://freedom-to-tinker.com/blog/felten/sony-first4-knew-about-rootkit-issue-advance

You might also want to check Dan Kaminsky's research into the DNS behaviour of infected computers: http://en.wikipedia.org/wiki/Dan_Kaminsky#Sony_Rootkit .

4
1
Joke

Hmm...Good Idea

What are you guys doing next May 1st, London? :)

Wheres my Guy Fawkes icon btw?

0
0
Happy

Close...

...I actually had help start a slangin match between Sony and Philips and get a CD replaced.

A CD I bought many years ago had copy protection and refused to play in my (hi0-fi) CD recorder. So I contacted Philips.. I was then copied in a mail from Philips to Sony asking why this this was carrying the CD logo, when clearly it did not conform to the Red Book standard.

Apparently it turned out it was one of the early protected CD's and should not have had the logo on it.

Philips then got back to me to say to ask for a non copied protected version, or (had to laugh at this point) use the optical ports from another standard player and make a clone on the recorder for a perfect copy without the protection. It works for all protected material :-)

However this was at the time a blank disc knocked you back a tenner.

I took the CD back to HMV and got my money back. Not on principle, but because it was crap!

0
0
Headmaster

@AC @yap yap yap @Opera "built in spell checker"

Correct usage is "built-in". So much for Opera.

1
1
Flame

Re: ID10T errors abound

"Once it was discovered that the rootkit issue existed Sony Corporation shot down SONY USA and apparently set rules that with regards to things like this so it doesn't happen again."

Why did Sony Corporation need to do a single thing? According to your logic, Sony Corporation are not in the slightest bit responsible for "SONY USA" who are just a bunch of loose cannons acting on their own initiative.

In reality, Sony Corporation are responsible and have an ongoing responsibility to make sure that everyone in their worldwide organisation, subsidiaries and partners behave according to the law. They also have to make sure that compliance with the law is not an "after the fact" effort.

And to the person claiming that the whole business wasn't criminal, even in the US putting unadvertised snooping facilities onto people's systems probably gets you mixed up with surveillance-related legislation. Moreover, had an individual been responsible for this, they'd have been up before a judge in no time.

But then it's always been fashionable to advocate a soft touch for corporations, especially in America.

4
0
Silver badge

@Rootkit?

Immoral, yes. Illegal, YES. malicious, YES. Rootkit? That would depend on what level of access it used to do what it did. I would suspect that it grabbed admin level permissions from itself, but I can't say that for sure. If that is, in fact, what it did then it could legitimately be called a rootkit.

Now let me explain. It was illegal because it installed with niether the consent nor the knowledge of the owner of the computer. It was malicious because it caused damage to the system. Their intentions may not have been malicious, but the end result most definately was.

2
0
Bronze badge

Re: AC 8:52 GMT

"Let's get something straight because people do seem a bit dim in understanding this. The DRM/rootkit issue was solely down to SONY USA, not the Sony Corporation. Once it was discovered that the rootkit issue existed Sony Corporation shot down SONY USA and apparently set rules that with regards to things like this so it doesn't happen again."

Well dude after I shot that guy in the head I totally stopped shooting people in the head and sold my gun and made sure I'll never guy a gun in the head... so... no harm no foul right?

"Finally, if anonymous's DDoS attack did take down one of the PSN servers then yes, they can be held responsible because they effectively kicked down the gate and opened the door. They may not have committed the robbery but they are a part of it."

The Sony rootkit kicked open the door of millions of computers, so therefore, by your logic, Sony is responsible for all current and future issues those computers have. I'm fine with that, a couple hundred billion should cover it.

2
0
Jobs Halo

@Mectron

Have you ever kissed a girl son?

0
0
Thumb Down

It wasn't OUR fault !!!

Soooooo....

"It wasn't our fault we have crap security yada, yada, yada..." ????

Typical.

14
0
Paris Hilton

We found a file

Handy that, saves a fortune in forensic investigation when the perp leaves such a blatant calling card.

Of course they are clever enough to get into the network and steal all that data so they may be clever enough to leave false clues!

Paris, more secure than Sony

21
0
Silver badge
WTF?

Oh look, its the next Boogeyman of the week.

Give me a break.

If anonymous had hacked Sony, they'd take credit for it publicly! They're in it for the Lulz remember, and there's no lulz if noone knows it was you.

Are Anonymous the new Boogeyman of the week? What else can we blame on them?

33
0
Silver badge

Indeed

Gordon Brown had actually ended boom and bust until Anonymous hacked him.

7
0
Anonymous Coward

The moment his defences were penetrated...

...was captured on TV for all to see. You can see what happens when someone else takes control right here: http://www.youtube.com/watch?v=ji4WD2b-anM

0
0

This post has been deleted by its author

Joke

Blame Anonymous

This morning I got up and went to the fridge for my normal glass of orange juice.

I came away with a glass of milk, Anonymous are in my fridge hacking my drink choices.

0
0

Yeah, right

Good luck trying to get anybody to believe this, Sony! Even if it was true, all you're doing is helping to build the Anonymous brand.

15
0

I hope Congress is astute..

..as the journo who wrote this.

The Sony man probably put that file there, to garner sympathy.

6
0
Silver badge

Sympathy ?!

They'll need much, much more than that to get a shred of sympathy from me.

3
0
Silver badge

FUD

Makes it easy for Sony to blame Anon instead of looking for the real perps.

All smoke and mirrrors - move along people.

10
0
Unhappy

Disgree

It's perfectly possible that the perpetrator is a "member" of Anonymous, but so what? We don't know who they are, because they themselves don't know. There's evidence that some pretty clever hackers sometimes contribute to their campaigns, and I suspect most members of Anon would consider Sony to be fair game, after the DRM fiasco.

It's also notable that, according to Sony, the attackers weren't interested in the credit card data. That does fit the modus operandi of Anon.

In any case, a file called "anonymous" containaining "we are legion" proves nothing except that the perpetrators know about Anonymous. And what net-savvy person doesn't?

11
1
Silver badge

According to Sony

According to Sony they are squeaky clean.

That's just bollocks though, they have been very reticent in providing information, reluctant to tell users they had been hacked, slow in making announcements (apart from 'it was the nasty boys from next door wot done it') and extremely cagey about what was done and when.

According to Sony they have the interests of thier users at heart - and that's really big, huge, enormous, Buster Gonads-sized bollcks in a wheelbarrow.

"according to Sony, the attackers weren't interested in the credit card data."

Yeah, right, Sony have been so late with info that many people now believe the opposite is true, there has been more than one attack that we know of and that info has been reluctantly dragged out of Sony.

2
0

Sony implicates self in attack of stupidity

Had we noticed the net was dangerous, yes, we would have reacted more proactively. Now, please, accept one month's free subscription to a network capable of compromising a lifetime's worth of credit rating.

Stop hitting yourself. Stop hitting yourself.

14
0
FAIL

hmm who to believe

I feel that Sony may be trying to cover up some really really poor monitoring and design, and as for it being anonymous, they are really flying a kite.

3
0

Weaker ...

Than my 90 year old gran's bladder.

11
0
Silver badge

Anonymous...

The problem with Sony's contention of Anonymous' culpability is that Anonymous is actually pretty inept; witness their Low Orbit Ion Cannon applet, which has an auto-aim feature that aims it at the users' own foot. Have they ever done anything that is above the capability of a 12-year-old?

6
0
Flame

Please stop labeling unrelated people as "Anonymous"

"They" don't exist. Anonymous is about as much of a "collective" as our "Anonymous Coward" is. If someone claims that they are part of "Anonymous", we shouldn't jump to the conclusion that an entire coalition of supporters is backing their every move! They are just one person, hiding behind an ambiguous screen name. Hardly part of a collective.

7
0
Silver badge
Big Brother

It's convenient like Al Qaeda

Also starts with A and you can probably whip up some War on Stuff to tag onto it.

6
0
Silver badge
Pint

Well said sir!

Anonymous is simply a bunch of basement dwellers who spend way, way too much time trawling 4-chan for the want of getting a fucking life!

1
0
Flame

I paid for it, I own it, I can do what I like to it!

Maybe if Sony hadn't pissed of so many of its clients world wide, by deciding that just because they bought a Play Station that didn't mean they actually now own it. Perhaps Sony wouldn't be in quite so much shit as it is today!

Modifying equipment you own, anyway you may chose, is not in itself illegal. While modifying other peoples computer software without telling them, when they install a Sony DVD player is!!

9
1
Troll

The only consequence should be

The manufacturer not honouring the warranty if you break it.

7
0
Anonymous Coward

Get over it

(see title)

1
9
Silver badge

shhhh

imagine if st jobs hears you say that, the legal implications for sony would be massive

1
3
Silver badge
FAIL

Sony should put the blame...

On wizards, a wizard did it.

Nobody believes that story about the file, it is too good to be true. And even if true, nobody will believe it, Sony's reputation leaves a lot to desire.

4
0

Page:

This topic is closed for new posts.

Forums