The PSN Hack: What Sony Did WRONG

Posted: Apr 29 2011, 2:08pm CDT | by , in News | Gaming

The PSN Hack: What Sony Did WRONG

Hackers are very, very tricky people. Billions of dollars spent on security and a whole team of experts can't protect you from sufficiently creative nerds. Which is why I tried to give Sony the benefit of the doubt immediately after the details of the PSN hack came out. The best security in the world isn't perfect...but, as it turns out, Sony wasn't using the best security in the world. In fact, their entire defence system seems based around "hoping real hard no one hacks the PS3".

Famed hacker Geohot- who cracked the PS3 and was then sued for it, has posted his thoughts on the PlayStation Network hack. He denies any involvement (Geo is too high profile and, frankly, too good a guy to mess with people like that) but has some harsh words for Sony's security people.

"Traditionally the trust boundary for a web service exists between the server and the client. But Sony believes they own the client too, so if they just put a trust boundary between the consumer and the client(can't trust those pesky consumers), everything is good."

In essence, Sony relied too much on the PS3 remaining secure in order to keep their databases secure. The PS3 was a strong moat, so Sony didn't feel obligated to build any walls. Hell, most of the stolen data was stored unencrypted. You can rail against the hackers all you want, but none of this mess would have been possible without a heaping spoonful of hubris from Sony.

Not that encrypting all that personal data would have ensured its safety. Recent mutterings from hacker forums indicate that at least some credit card info made its way out of PSN. Hackers on several forums have caught debating over how much to sell the list- which may have up to 2.2 million numbers- for. The final selling price could exceed $100,000.

Sony's security leading up to the breach was absolutely unacceptable, and their first response to customers came far too late. As it stands now, the company is working on a showy goodwill gesture to make everything OK again. But it won't work. Every customer who considers a PlayStation from now on will know that his credit card information won't truly be safe. This loss of consumer confidence could cost Sony billions.

And they deserve every penny of it.

This story may contain affiliate links.


Find rare products online! Get the free Tracker App now.

Download the free Tracker app now to get in-stock alerts on Pomsies, Oculus Go, SNES Classic and more.

Latest News


The Author

<a href="/latest_stories/all/all/2" rel="author">Luigi Lugmayr</a>
Manfred "Luigi" Lugmayr () is the founding Chief Editor of I4U News and brings over 25 years experience in the technology field to the ever evolving and exciting world of gadgets, tech and online shopping. He started I4U News back in 2000 and evolved it into vibrant technology news and tech and toy shopping hub.
Luigi can be contacted directly at ml[@]




comments powered by Disqus