Sony's PSN Network



  • Ok, I don't own a PS3, but I know a WTF when I see it:

    @Wired said:

    The online gameplay/shopping service for Sony’s PlayStation 3 and PSP has been offline since last Wednesday night. On its blog, Sony cited an “external intrusion” as the reason for the downtime. On Monday, the company said it would be completely retooling the PlayStation Network in a “time intensive process” with no set end date.

    This is due to a hacker response that Sony knew was coming (or should have-- it was on all the gaming news sites before the network went down.)

    Count the WTFs:
    1) It's been down the better part of a week
    1a) Despite Sony having several days notice that the hacker attack was coming
    2) Instead of bringing it back up and then fixing security, Sony is keeping it down until they finish "retooling" it
    2a) This undoubtedly means that they were only relying on the PS3 firmware to keep the network secure in the first place, instead of using security in depth-- otherwise why would it even need to be "retooled"?
    3) Sony doesn't know whether credit cards stored on PSN are secure

    And just as a reminder, this is the network that went down when it mistook 2010 for a leap year.



  • Didn't they also originally claim that things were down due to maintenance instead of because someone hacked the crap out of them (at least that's what I remember my friend saying)?



  •  But 2010 isn't even divisible by four - not that that's safe, but come on.  They didn't even do as well as neonatal programmer would do in QBASIC.



  • I wonder what they are running for an OS on PSN network and what exploit was used to hack it.


  • Considered Harmful



  • That link doesn't work. I love the frontpage fail:

    AnonNews uses an open-posting concept. Anyone can post to the site, and moderators will approve relevant posts. No censorship takes place!

    Note to AnonNews: if I can't just post stuff without someone giving artbitary approval, THAT IS CENSORSHIP.



  • @hoodaticus said:

     But 2010 isn't even divisible by four - not that that's safe, but come on.  They didn't even do as well as neonatal programmer would do in QBASIC.

     

    Y2K FTW!



  • @da Doctah said:

    Y2.01K FTW!
    FTFY



  •  Maybe Sony's network runs on a PS3 supercomputer  like the Airforce but they accidentally upgraded the firmware and wiped out the "Install Other OS" option.



  • @El_Heffe said:

    @da Doctah said:
    Y2.01K FTW!
    FTFY

    When I see a number like 2.01, I immediately think "Oh, but that's not really 2.01 because of the finite binary representation we have". That's worrying.



  • @blakeyrat said:

    And just as a reminder, this is the network that went down when it mistook 2010 for a leap year.

     

    The 2010 lap year  incident had nothing to do with the network itself, it was a client hardware problem, some chip (Arm Syscon Cpu) in the older series of ps3 had a calendar bug

    ( gameOs then switched to its origin date when the internal cpu clock desynced, screwing the internal drm system, self repair 24h later ).

     

     


  • Considered Harmful

    @nexekho said:

    That link doesn't work.

    It does but not with this site as the referer[sic]. You have to hit enter in the address bar after you click it to clear that.



  • @MustBeUsersFault said:

    @blakeyrat said:

    And just as a reminder, this is the network that went down when it mistook 2010 for a leap year.

     

    The 2010 lap year  incident had nothing to do with the network itself, it was a client hardware problem, some chip (Arm Syscon Cpu) in the older series of ps3 had a calendar bug

    ( gameOs then switched to its origin date when the internal cpu clock desynced, screwing the internal drm system, self repair 24h later ).

    Oh well in that case it's perfectly acceptable!

    No wait, it's still shit, and still nobody should ever buy Sony anything. (Or were you not arguing that it's ok because it's not Sony's fault, and instead being a pedantic dickweed? I'm not sure.)



  • @joe.edwards said:

    AnonOps is disclaiming responsibility, and raising the possibility that Sony is blaming hackers for infrastructure problems.

    Say, did you read that link before you posted it?

    http://anonnews.org/uploads/notus.png?do-not-hotlink,-hotlinking-attempts-will-be-blocked,-point-to-the-press-release-instead

    Think they wanted you to use http://anonnews.org/?p=press&a=item&i=848 instead.

     



  •  On the other hand, if 2.0999999... repeating = 2.1, then maybe it's not that far off...



  • @blakeyrat said:

    Oh well in that case it's perfectly acceptable!

    No wait, it's still shit, and still nobody should ever buy Sony anything. (Or were you not arguing that it's ok because it's not Sony's fault, and instead being a pedantic dickweed? I'm not sure.)

     

    You said it was a network problem, it was not.

    I don't care about sony nor i find it less a failure, i was just trying to be informative.

    Your agressive answer perfectly demonstrates who is the dickhead here.

     

     

     



  • @MustBeUsersFault said:

     i was just trying to be informative.

     That is not what we do here, you are in the wrong forum

    @MustBeUsersFault said:

    Your agressive answer perfectly demonstrates who is the dickhead here.

    Indeed

    Remember, arguing in the internet.....



  • @MustBeUsersFault said:

    @blakeyrat said:

    Oh well in that case it's perfectly acceptable!

    No wait, it's still shit, and still nobody should ever buy Sony anything. (Or were you not arguing that it's ok because it's not Sony's fault, and instead being a pedantic dickweed? I'm not sure.)

     

    You said it was a network problem, it was not.

    I don't care about sony nor i find it less a failure, i was just trying to be informative.

    Your agressive answer perfectly demonstrates who is the dickhead here.

    You have to understand that this forum (and most geek forums, actually) is filled with pedantic dickweeds who constantly feel the need to "correct" already correct statements.

    For example, if I say "the network went down when it mistook 2010 for a leap year", that's an essentially correct statement. A normal person would be perfectly ok just letting it lie, because he realizes that the point I was making is that the PSN has a history of being unreliable.

    The pedantic dickweed, however, will see that word "it" there, and that word will burn into his forehead, causing an intense rage that can't be sated. As if the sun itself were lodged in his cerebral cortex. In an attempt to quell the firey anger, he'll feel compelled to post something like, "the network didn't go down! it was a hardware fault!" Can you believe it? Someone was wrong on the Internet! (Forgive the XKCD link.)

    Does it matter to the pedantic dickweed that his correction doesn't change the gist of my original statement at all? No! Does it matter to him that it completely derails a perfectly fine thread? Not at all!

    (Actually, my real theory is that by "correcting" me, you think you're demonstrating that you're smarter than I am. If that's the case, you should read this article and maybe you'll be less of a pedantic dickweed next time.)

    Now, if you were making that "correction" to defend Sony, I could actually understand your motivation and I wouldn't think you're being a pedantic dickweed. Which is why I assumed that's what you were doing, in an effort to give you the benefit of the doubt. But son I am disappoint.



  •  ok



  • [url=http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/] Dammit sony[/url]



  • @Sony said:

    ...PlayStation Network/Qriocity passwords...

    So they had passwords stored as plain text? Awesome idea, no one has ever found any problems with that after all.



  • @blakeyrat said:

    For example, if I say "the network went down when it mistook 2010 for a leap year", that's an essentially correct statement. A normal person would be perfectly ok just letting it lie, because he realizes that the point I was making is that the PSN has a history of being unreliable.
     

    Sorry to jump in and derail your thread even further, but it really did make a difference at the time whether the problem was with the network or the hardware itself.  Because the hardware itself was affected by the "2010 leap year bug", affected PS3s refused to play most (but not all, IIRC) games either offline or online, even for people who had rarely or never used PSN up to that point.

    However, several mainstream blog sites (and many posters on gaming forums) immediately assumed that the problem was with the network, simply because games would fail to start with a message similar to "Unable to sign in to PSN".  It's as if everyone forgot that you can play PS3 games without connecting to the Internet at all, let alone PSN.  A few people on forums like GameFAQs complained that they had previously played their PS3 games almost exclusively offline, yet they were being hit with a problem that seemed to be network-related.  The 2 most common responses to this complaint in the forums were:

    "LOL, if you paid for a decent Internet connection this wouldn't happen to you!"

    "LOL, if you can't connect to PSN how would you expect to be able to play any games at all?"

    In other words, the majority response was completely illogical and uninformed (even to the point of ignoring the fact that these people already said they usually play their games without connecting to PSN just fine).  In fact, when several people guessed that the problem might have something to do with the internal clock mistaking 2010 for a leap year, the majority of responses sounded like:

    "LOL, that doesn't make any sense!"

    "Yeah, that's what the 'mob science' says.  We'll see in a couple of days."

    So nothing against you personally, or your statement.  I get that your essential point is that PSN/PS3 has a history of being unreliable and that Sony is incompetent.  But the way you worded your statement reminded of the completely ignorant, illogical, and knee-jerk responses of most people at the time. It was the minority of people who used logic, critical thinking, and experience in the IT industry to guess that the problem likely had nothing to do with the network; of course, those were the people who were shouted down by the loud majority.

    If being annoyed by all of that makes me one of those well, actually guys, I guess that's just my problem, and hopefully I'll overcome it one of these days.  I don't feel superior to any of those guys who got it wrong (after all, they were mostly kids and gaming bloggers who didn't really give a shit), but I thought it was a slightly depressing lesson on group think.  Yeah, the PS3 leap year bug is not at all important in the grand scheme of things, but the mindless mob mentality tends take over in all kinds of situations.

    I do agree with you that Sony sucks.  I used to like their products, but I dunno if I'd buy another one.


  • Garbage Person

     I don't give a flying fuck at a rolling donut about Sony and their 'problems' - whether self or hacker-inflicted. I do, however, HATE this thread's title. "PSN" stands for "PlayStation Network" - or at least it used to. Therefore, "PSN Network" is a crime against language.



  • @CodeSimian said:

    But the way you worded your statement reminded of the completely ignorant, illogical, and knee-jerk responses of most people at the time. It was the minority of people who used logic, critical thinking, and experience in the IT industry to guess that the problem likely had nothing to do with the network; of course, those were the people who were shouted down by the loud majority.

    If that's not flame bait, then I don't know what is. :)



  • Look, seriously, I'm not trying to troll, insult or flame anyone here.  Just pointing out the simple fact that most people did not understand what the real problem was at the time; those who guessed at what had actually happened were actually laughed at and insulted by the majority. 

    And sorry, but the reaction was illogical.  Most people confused an effect (error message saying something like "can't connect to PSN" when you try to play a game) with a cause ("Oh, PSN must be down!") discounting the simple fact that you don't need PSN connectivity to play PS3 games.

    But like I said, the reaction was understandable, because most of it was coming from kids and "gaming journalists".  My point about the minority of people who guessed at the problem was not to say that they were any smarter or better, just that they probably worked in a job (software/hardware engineering) that put them in a position to better guess what the problem was.

    So what bothered me about the whole thing was not that people jumped to a unfounded conclusion (happens to everyone), but that they laughed at those who knew a little better and actually tried to help the community out with their knowledge.  And to me, that's the tragedy of group think.  I realize the PS3 bug was not a big deal in the grand scheme of things, but to me it was just another demonstration people's willingness to embrace the wrong conclusion, as long as everyone else agrees.

     



  • @CodeSimian said:

    Look, seriously, I'm not trying to troll, insult or flame anyone here.

    Again, you are in the wrong forum then,

    wtf, where are this helpful people comming from? 

    @CodeSimian said:

     

    Just pointing out the simple fact that most people did not understand what the real problem was at the time; those who guessed at what had actually happened were actually laughed at and insulted by the majority. 

    So?  This happens all the time, further proof that life is full of douchebags

    @CodeSimian said:

     

    So what bothered me about the whole thing was not that people jumped to a unfounded conclusion (happens to everyone), but that they laughed at those who knew a little better and actually tried to help the community out with their knowledge.  And to me, that's the tragedy of group think. 

    That is why we need less people, let us work for that goal as a group



  • The real mystery about CodeSimian is that he seems to have missed the big picture: Sony done fucked up good.

    Why does it matter if the community has the details of Sony's fuck up slightly wrong? Is this relevant at all? "Well, yes, Sony done fucked up good... but some guys on a forum who don't work for Sony and are probably 12 are saying they fucked up in a slightly different way than the way they actually fucked up!!!"

    The real sadness is that all of those people affected by the fuck up will go out and buy the PS4 the instant it's available. I swear, Sony is putting some kind of addictive chemical in their products' plastic cases or something... after the last *decade*, how is there anybody left who goes into an electronics store and says, "hm, Sony... that's a pretty good brand!" Who is this person? Why is he giving Sony money? I want to kill them.



  • @blakeyrat said:

    The real sadness is that all of those people affected by the fuck up will go out and buy the PS4 the instant it's available. I swear, Sony is putting some kind of addictive chemical in their products' plastic cases or something... after the last decade, how is there anybody left who goes into an electronics store and says, "hm, Sony... that's a pretty good brand!" Who is this person? Why is he giving Sony money? I want to kill them.

    Maybe you could get a job at Sony and exchange those addictive chemicals with deadly neurotoxin.



  • @blakeyrat said:

    The real mystery about CodeSimian is that he seems to have missed the big picture: Sony done fucked up good.

    I didn't miss the big picture. I said I agreed with you, and I do think Sony sucks (for many reasons, not just the 2010 bug or what's been happening recently). I think their latest fuck-up is probably the most damaging to both the company and its consumers.

    @blakeyrat said:

    Is this relevant at all?

    I agree it isn't relevant today. I just thought it was interesting (and annoying) how people, including the gaming "press", reacted at the time. At the time, people weren't just (justifiably) angry but they were also trying to figure out what was wrong, in case there was some workaround or fix.



  • @CodeSimian said:

    @blakeyrat said:
    Is this relevant at all?

    I agree it isn't relevant today.

    I win again.

    @CodeSimian said:

    I just thought it was interesting (and annoying) how people, including the gaming "press", reacted at the time.

    Two points here:

    1) People are idiots. Especially people who actually use official company forums.

    2) Game journalists are incompetent fuckwits.

    These facts are neither new, nor interesting.

    @CodeSimian said:

    At the time, people weren't just (justifiably) angry but they were also trying to figure out what was wrong, in case there was some workaround or fix.

    What's wrong is they gave Sony money.



  • @Weng said:

     I don't give a flying fuck at a rolling donut about Sony and their 'problems' - whether self or hacker-inflicted. I do, however, HATE this thread's title. "PSN" stands for "PlayStation Network" - or at least it used to. Therefore, "PSN Network" is a crime against language.

    Indeed.  Someone ought to report this to the Department of Redundancy Department!



  • @blakeyrat said:

    2) Game journalists are incompetent fuckwits.
    and, apparently, so are the people who write about them.  That guy's site is quite the WTF itself.



  • @Mason Wheeler said:

    @Weng said:

    I don't give a flying fuck at a rolling donut about Sony and their 'problems' - whether self or hacker-inflicted. I do, however, HATE this thread's title. "PSN" stands for "PlayStation Network" - or at least it used to. Therefore, "PSN Network" is a crime against language.

    Indeed.  Someone ought to report this to the Department of Redundancy Department!

    I think Sony's Sony Playstation PSN Network has bigger things to worry about than the DRD Department of Redundancy Department.

    Things such as whether it matters whether it was a network or hardware issue last time. SONY, WE DEMAND AN OFFICIAL STATEMENT FROM SONY!

    Come on guys, we have to get this thread back on track so I can get laid.

     



  • @El_Heffe said:

    @blakeyrat said:

    2) Game journalists are incompetent fuckwits.
    and, apparently, so are the people who write about them.  That guy's site is quite the WTF itself.

    Seriously. I took him off my RSS reader when he spent like 2 months doing nothing but begging for donations... he used to write constant sob stories about having no job, etc, etc. It was ridiculous.

    But the general sentiment is correct: game journalists are incompetent fuckwits.



  • @ComputerForumUser said:

    Come on guys, we have to get this thread back on track so I can get laid.

    Fat chance, unless it is paid or pity.

    The fact that you are in here makes you 99.99% unfuckable



  • @ComputerForumUser said:

    I think Sony's Sony Playstation PSN Network has bigger things to worry about than the DRD Department of Redundancy Department.

    Things such as whether it matters whether it was a network or hardware issue last time. SONY, WE DEMAND AN OFFICIAL STATEMENT FROM SONY!

    Come on guys, we have to get this thread back on track so I can get laid.


    Which issue, the current one [url=http://blog.us.playstation.com/2011/04/26/clarifying-a-few-psn-points/] where they took the network down after someone got in[/url] and [url=http://cyberinsecure.com/sony-playstation-network-breached-77-million-users-private-data-stolen/] the intruder stole information including credit card information because the data was unencrypted.[/url] or the year 2010 issue.



  • @blakeyrat said:

    But the general sentiment is correct: game journalists are incompetent fuckwits.
    I'm not disagreeing with the general sentiment.  However, devoting an entire website to the subject is quite odd (and probably explains why he has no money).



  • @serguey123 said:

    The fact that you are in here makes you 99.99% unfuckable
    On average, forum users are getting laid about once a week just based on my activity - unless someone's actually managing to get negatively laid. Although I have to say, I'm not quite sure about letting all of you near my wife.



  • @intertravel said:

    @serguey123 said:
    The fact that you are in here makes you 99.99% unfuckable
    On average, forum users are getting laid about once a week just based on my activity - unless someone's actually managing to get negatively laid. Although I have to say, I'm not quite sure about letting all of you near my wife.

    Maybe you are in the 0.01%, also, your wife reads this forum?  If not that explain it.

    Release the inner nerd!



  • @Weng said:

     I don't give a flying fuck at a rolling donut about Sony and their 'problems' - whether self or hacker-inflicted. I do, however, HATE this thread's title. "PSN" stands for "PlayStation Network" - or at least it used to. Therefore, "PSN Network" is a crime against language.

    But it's the network known as "Playstation Network". The network is not called "Playstation", it's called "Playstation Network", and it is a network. Therefore, it is the "Playstation Network" network.



  • @blakeyrat said:

    Ok, I don't own a PS3, but I know a WTF when I see it:

    @Wired said:

    The online gameplay/shopping service for Sony’s PlayStation 3 and PSP has been offline since last Wednesday night. On its blog, Sony cited an “external intrusion” as the reason for the downtime. On Monday, the company said it would be completely retooling the PlayStation Network in a “time intensive process” with no set end date.

    This is due to a hacker response that Sony knew was coming (or should have-- it was on all the gaming news sites before the network went down.)

    Count the WTFs:
    1) Sony
    1a) Sony
    2) Sony
    2a) Sony
    3) Sony

    And just as a reminder, this is the network that went down when it mistook 2010 for a leap year.

     

     

    FTFY



  • Sony now says they'll have it back up on tuesday. I would not wager on that.


  • Trolleybus Mechanic

    @delta534 said:

    @ComputerForumUser said:

    I think Sony's Sony Playstation PSN Network has bigger things to worry about than the DRD Department of Redundancy Department.

    Things such as whether it matters whether it was a network or hardware issue last time. SONY, WE DEMAND AN OFFICIAL STATEMENT FROM SONY!

    Come on guys, we have to get this thread back on track so I can get laid.

    Which issue, the current one where they took the network down after someone got in and the intruder stole information including credit card information because the data was unencrypted. or the year 2010 issue.
     

    You know, the unencrypted passwords is a WTF, but I can almost, *almost* pass it off as just a mistake.

    But storing credit card information-- encrypted or not-- motherhumper, there's no forgiveness for that. There is absolutely no reason to store credit card information, period. Need to do a refund? That's what the transaction number is for. Need to do an add on? Transaction number? Void a transaction-- you see where I'm going.

    Not only is there no reason to store CC numbers, but last I checked, it was at least contrary to every payment gateway's TOS, if not illegal as per their local data retention laws.



  • @Lorne Kates said:

    But storing credit card information-- encrypted or not-- motherhumper, there's no forgiveness for that. There is absolutely no reason to store credit card information, period.

    It makes it easier to sell impulse items.

    How would Apple's AppStore function if you had to enter your CC# on a phone screen every time you wanted to make a $1 purchase? ... yeah.

    (By the way, did you really think about what you were typing? Because it's dead-obvious that: 1) there are substantial benefits to storing CC#, and 2) that dozens of companies already do this, so it can't be *that* illegal)





  • Also the fact that Sony is unable to tell people whether or not their credit card details were stolen, implies they have sod all auditing/logging in place. I'd say I'm surprised, but 5 years in the industry + TDWTF has taught me that the strength of security measures employed is generally inversely proportional to the sensitivity of the data "protected" by said security.



  • It's also strange that Sony is only now telling people that credit card details were encrypted (as if they weren't sure and or didn't feel like telling us before?). Terrible PR.

    As for storing CC numbers, blakeyrat pretty much covered what I wanted to say. Amazon, XBL, Steam, and many other online services and shopping sites have the ability to remember your credit card number, even if some have an option to forget your details. The point is to make it easier for you to buy stuff. Probably the same thinking behind contactless credit cards and payment via smartphones.



  •  Big news here on Tuesday was yet another raging fire at a big paper recycling plant near the state capitol.  Next day we got a followup story on the news about neighbors of the recyclers who are complaining that, in addition to the frequent fires, papers are blowing all over the place whenever there are high winds.

    Then it hits me: besides collecting old newspapers and the like, this place supposedly services companies that need secure destruction of records.  And even though the grounds are protected by junkyard dogs, the lovable pitbulls and rottweilers pay zero attention to any scrap of paper that breaks free and blows over the fence.



  • I doubt their network was first breached just last wednesday, my thought is that it's been breached for several months at least, and was only found because of a security review triggered by the Anonymous/Geohot incidents.

    So they couldn't be sure that even if they did store information encrypted, that the intruders didn't install backdoors, sniffers, rootkits, etc. all over their network. with enough access. The hackers could have had the ability to, for example, modify the source HTML/JScript for the web pages onto which users enter their sensitive information to just send a copy to the hackers; install a new firmware unto network printers to forward copies of internal documents; opened holes in their firewalls; took an inventory of what systems/configurations they use, giving inside information for future attacks... (even a list of valid employee account names/phones is valuable... "Hi, I'm John Smith from Finance, I need a password reset. My employee ID? 12345...")

    Sony basically may have to wipe everything, and rebuild from scratch.



  • @bgodot said:

    So they couldn't be sure that even if they did store information encrypted, that the intruders didn't install backdoors, sniffers, rootkits,
    One of the PSN admins inserted a Sony music CD into his computer.

     


Log in to reply