Where's my popcorn? Where's my beer? It may not be Friday, but it'll do!
The notorious Sony PlayStation Network hack, which saw millions of accounts compromised in May 2011, doesn’t give grounds for a class action, according to a US judge. The ruling, available from Courthouse News, dismisses most of the grounds for the lawsuit against Sony, which was first filed in June last year. The judge, …
The goodwill hit Sony took by making an ass out of itself going after Geohot and then getting wtfpwned by Anonymous is probably greater than the punitive judgement of an even a class action would have been (especially after appeal). Still with 5+ years in the red and now 1/5 the size it was in its heyday any good news is appreciated I am sure these day.
They were storing password hashes.
Sounds like you have believed the twisted online version of events broadcast by Xbox.com
What's even funnier about this storm in a teacup, is nobody ever actually lost anything, unlike the very real and recurring Xbox Live account emptying that's been occurring for the past 2 years, but Microsoft are sweeping under the carpet....
I guess thats the price Sony pay for being responsible and owning upto the problem, getting raped by the press. In furture, it's clear the media message is to cover it up like Microsoft do.
As i understand from my limited time on their network, it was free.
Anything free has a "cost" in it somewhere, in this case it was hiring decent IT security auditors who would have spotted that passwords were stored in plaintext and rung alarm bells.
But no....Not our Sony.
Dear Sony, here's some salt, either rub it in your wounds or use it on your passwords..Dont care which...
The PS3 hacking scene is alive and well btw...eurasia.nu
" While the passwords that were stored were not “encrypted,” they were transformed using a cryptographic hash function. There is a difference between these two types of security measures which is why we said the passwords had not been encrypted. But I want to be very clear that the passwords were not stored in our database in cleartext form.”"
Sounds like YOU are the one that needs to understand security and the difference between encryption and hashing... Yes they weren't encrypted, but that by extension didn't mean they were cleartext.
Still, why let the truth get in the way of a good story and a fantastic internet myth.
Biting the hand that feeds IT © 1998–2018