It’s not just North America getting some PlayStation Network and Qriocity service this weekend. Sony has taken to Twitter to confirm that phase one of the restoration is now rolling out in the UK, Ireland and the Middle East, as the company brings the reinforced servers back online.
After weeks of downtime, governmental scrutiny and untold user fury, Sony has finally begun to restore PlayStation Network and Qriocity streaming media services. It’s not been an easy journey, either: it wasn’t just server failure that took the PSN offline, but a security breach that saw millions of consumer records snatched out from under Sony’s nose. With only the slightest publicly-released information to go on, systems experts have looked on in horror as Sony took a forced deep-dive through server strata, uncovering the flaws – in its data centers and its ego – that allowed the hack to take place. Still, Sony may find that restoring the PlayStation Network and Qriocity services were the easy part – rebuilding its ailing reputation may be far trickier.
Sony started slow with its apologies and its explanations, letting users stew as they waited for the bad news to unfold. While the company insists that it only reached the realization that credit card information had been lost a week or so into the downtime, gamer consensus seems to be that they’d rather have had an earlier – if tentative – warning than feel like the people paying the fees were the last to know. Read the rest of this entry
In the video game industry, there have always been debates among gamers over which company delivered the best hardware on the market. Years ago, that debate raged on between Sega and Nintendo fans. After Sega was knocked out of the market, the attention shifted to Nintendo and Sony.
Nowadays, we have our work cut out for us. We need to decide which console — the Nintendo Wii, Sony PlayStation 3, or Microsoft Xbox 360 — is the best of this generation.
There are some who have supported Nintendo over the years that can point to several reasons their favored company should take that prize. They say that the Wii delivered a new style of gaming and changed the industry forever. Read the rest of this entry
According to a report by CVG, Android Market downloads of games specifically designed to run on Sony Ericsson’s Xperia PLAY handset have been extremely low. As evidence in its case, the report hones in on five Play titles that all have under 1,000 total Market downloads: Cool Boarders 2, 100–500; Destruction Derby, 500–1,000; Jumping Flash, 50–100; MediEvil, 100–500; and Syphon Filter, 100–500. Despite this, the handset’s creator is undeterred. “There’s no concerns, it’s a revolutionary device, it’s shaking up the market, we’re very pleased with it,” said Dominic Heil- Read the rest of this entry
Sony has confirmed that the PlayStation Network is coming back online, with a mandatory system software update (v3.61) for PS3 consoles before they can rejoin the PSN. The phased update has now spread across North American and Europe, though there may be some delay as servers repopulate. Plus, Sony’s Kazuo Hirai has shared a video message about the restoration, which you can see after the cut.
The first phase includes sign-in to PSN and Qriocity, online gaming across PS3 and PSP, Netflix and Hulu streaming, chat functionality and PlayStation Home, including other elements. Logging in on your PS3 will present users with a mandatory password change, and there will be limits in future as to which device you can change your password again.
“If using a PS3, your password can only be changed on your own PS3 (or a PS3 on which your PSN account was activated), as an added layer of security. If you have never downloaded any content using your account on the system, an email will be sent to the registered sign-in ID (email address) associated with your account when you first attempt to sign-in to PSN. This e-mail will contain a link that will enable you to change your password. In this email, click on the link and follow the instructions to change your password. Once you have changed your password you can sign-in to your account using your new password”
“We recognize that actions speak louder than words” Hirai admits, going on to detail Sony’s changes to the security systems compromised. Users already know they will get free access to identity protection tools.
Sony’s PlayStation Network breach saga continues, having left customers without PSN service for over a week and now with possibly compromised credit card information. Sony claims the credit card information is encrypted, but that doesn’t stop claims that the hackers have gotten to it and already offering it up for sale. There are surely many many questions PSN users have for Sony, and in response they have posted a Q&A list yesterday and one more today.
The questions answered yesterday focused on the security concerns regarding customers’ personal information and credit card data. Sony assured that they are working with law enforcement on the matter and insisted that all personal and credit card data was encrypted. However, they did note that although they have no current evidence to suggest that the encrypted credit card information was taken, they also cannot rule out the possibility.
The second batch of questions and answers posted today address some of the less threatening issues such as whether certain game data and history will be lost. On that front, Sony assures that no game trophies will be lost and that they will be re-synced when the network comes back on. Histories and friends lists also will remain intact. Sony is also evaluating a “goodwill gesture” for its PSN users to show its appreciation for their extraordinary patience.
[via PlayStation Blog]
Sony still refuses to detail the exact exploit used to hack the PlayStation Network and its Qriocitystreaming service, but has admitted that as well as updating the software security of the network, it is physically “moving our network infrastructure and data center to a new, more secure location.” The changes are part of a number of steps Sony has been forced to take after reportedly pulling down the PSN after rampant piracy took hold.
According to reports earlier this week, a custom PS3 firmware allowed hackers to unofficially gain access to the PlayStation Network developer channels. There, they were supposedly able to use false – and unchecked – credit card details to make purchases. Sony’s only recourse, it was suggested, was shutting down PSN access altogether.
In a new Q&A – which overlaps considerably with Sony’s previous FAQ on the subject – Sony’s Patrick Seybold, Senior Director for Corporate Communications & Social Media, confirms that the company is working with both law enforcement and “a recognized technology security firm” on what is being viewed as a criminal act. According to Seybold, credit card data was encrypted and users are only being warned about it “out of an abundance of caution”; personal data, however, was not encrypted but was, he insists, “behind a very sophisticated security system.”
It’s that security system which has been breached, of course, a side-effect of what Sony hacker George Hotz suggests is likely down to “arrogance and misunderstanding of ownership.”
“Traditionally the trust boundary for a web service exists between the server and the client. But Sony believes they own the client too, so if they just put a trust boundary between the consumer and the client(can’t trust those pesky consumers), everything is good. Since everyone knows the PS3 is unhackable, why waste money adding pointless security between the client and the server? This arrogance undermines a basic security principle, never trust the client … Notice it’s only PSN that gave away all your personal data, not Xbox Live when the 360 was hacked, not iTunes when the iPhone was jailbroken, and not GMail when Android was rooted. Because other companies aren’t crazy.” George Hotz
Sony maintains that certain services will be back online in under a week, though is yet to confirm which those services will be. The company is also facing a class action suit and what experts predict could amount to $24bn in credit card fraud.
The Sony Playstation Network or PSN has been offline for a while now. At first users were irritated that they weren’t able to play online games and watch movies via Netflix. As the outage drug on things started to look worse with Sony hinting early on that the breach was believed to have been caused by a third party. Things deteriorated when Sony finally admitted there had been a breach, and it was possible that all the user’s account data was stolen including the credit card information.
Sony says at this point it has no indication that user credit card data was stolen. However, Application Security CTO Josh Shaul said, “They [Sony] indicated that they’re worried about it, which is probably a very strong indication that everything was stolen.” Sony has said that purchase history and credit card details “may” have been stolen but the three-digit security code wasn’t. The lack of that three digit code will do very little to protect anyone whose credit card details were stolen.
Forbes reports that if the hacker or hackers responsible for the heist were successful in getting the credit card data this would be one of the biggest known thefts of financial data. Sony is already facing class action suits over the breach, and that is only a fraction of the monetary liability Sony could have in the incident. The Ponemon Institute says that the estimated cost per record of a data breach in 2010 resulting from malicious action was $318 per compromised record. With 77 million user accounts, exposed Sony is looking at $24 billion in possible expenses.
A new explanation for the ongoing Sony PlayStation Network downtime has been suggested, with claims that Sony has taken the service offline so as to close a loophole that had been responsible for “extreme piracy of PSN content.” PSX-Scene‘s “Chesh” took to Reddit to outline how a new PlayStation 3 custom firmware called Rebug was used by hackers to gain access to the PSN’s developer networks. From there, it was possible to input fake credit card information and buy content without ever paying for it.
The security glitch, it’s suggested, is because Sony was not validating credit card information since the users were on its trusted private developer network. Sony allegedly responded by pulling the plug on the network completely; the “additional security” Sony representatives have admitted is being installed is apparently to combat this sort of hacking.
Chesh admits that the explanation is speculation pieced together from information throughout the PlayStation hacking community, however sources with access to the SCE devnet servers have apparently confirmed that Sony is telling developers that, moving forward, only 3.60+ debug firmware will be allowed onto the network. If developers want to retain their access then they not only need to upgrade, it’s claimed, but contact Sony too.
Rebug’s developers are not responsible for the credit card hack, though whether Sony will look kindly on them anyway remains to be seen. However, user credit card information is believed to be secure still.
For those who who don’t live for Call of Duty: Black Ops, or other popular PS3 titles, you may not have noticed how much trouble Sony has been having lately. Their free online service, PSN (Playstation Network) has been down since late Wednesday night.
We’re not talking about a a minor inconvenience here, we’re talking about millions of people being blocked from Sony’s version of Xbox live for 4 days now. Netflix, Hulu, and several major online games are feeling the effects of Sony’s crippled network…
It certainly looks like the Sony v.s. GeoHot saga isn’t quite over. You might recall the hacking group, known as Anonymous, making threats against Sony and their network in wake of the GeoHot litigation.
Sony sure seems to think it’s them, or at least some sort of outside attack that’s crippling their servers:
“An external intrusion on our system has affected our PlayStation Network and Qriocity services. in order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th. Providing quality entertatinment services to our customers and partners i our utmost priority.”
The group of electronic activists are well known for fighting for freedom and privacy via security breaches. Their major beef with Sony seems to be that the company requested social media sites like YouTube and Facebook to hand over IP addresses of people who viewed GeoHot’s social pages.
While Anonymous has admitted to previous attacks on Sony’s servers, they are claiming innocent on this one. They posted this message on their blog yesterday:
“While it could be the case that other Anons have acted by themselves, AnonOps was not related to this incident and does not take responsibility for whatever has happened. A more likely explanation is that Sony is taking advantage of Anonymous’ ill-will towards the company to distract users from the fact that the outage is actually an internal problem.”
In past Sony attacks, Anonymous has been careful not to bring down PSN servers that hosted multiplayer games to avoid effecting the gaming community.
Regardless of who’s behind the shutdown, the news still made me smile. Even though I’m an avid Call of Duty fan, it’s nice to think that a major corporation may not always be able to hide behind their stacks of money. Some might call these activists a bit too extreme, I say it’s kind of nice to have such a powerful group on the side of freedom. Who knows, we may need their help fighting for the right to jailbreak some day.
What do you think?