Official PSN discussion thread

*pokes head out of bomb shelter*

"is it over yet?"

Supposedly there's still a week to go before we're even allowed online yet.

Supposedly there's still a week to go before we're even allowed online yet.

PlayStation Network Hack: Who Did It?
By Kevin Poulsen

It’s one of the biggest data breaches in history. Now that Sony has come clean — sort of — on a computer intrusion this month that exposed personal information on 77 million PlayStation Network users, one obvious question remains: Who pulled off the hack?

In the old days, the answer would be simple: some kid did it. But today’s underground is more complicated — a slew of competing players with different agendas and techniques. Here’s a quick rundown on the likely suspects.

Anonymous
While noncriminal pranks are their stock in trade, the griefers of Anonymous have been on a hacktivism spree of late, staging distributed denial-of-service attacks against the corporate enemies of WikiLeaks, then famously cracking the computer security firm HBGary Federal and exposing the shady plotting of its CEO. Coincidentally, Anonymous declared Sony as its latest protest target right around the time of the intrusion. They were unhappy with Sony’s lawsuit against PlayStation 3 rooter George Hotz, and unsatisfied by the settlement deal reached between Hotz and the company this month.

But spokespeople for Anonymous have denied any role in the PlayStation Network hack, and the whole flavor of the hack just isn’t Anonymous’ style: they’ve pulled intrusions in the past, but computer crime isn’t their mainstay, and a stealth run through the network of a corporate giant is decidedly short on lulz.

Verdict: Probably innocent

China
Chinese hackers have been responsible for some of the most sophisticated known intrusions in recent years — low-and-slow attacks against defense contractors, human rights groups and Silicon Valley bigwigs like Google. The attackers typically get in by hitting a single employee with an exploit, and then carefully expand through the network until they’ve found what they’re looking for — generally trade secrets, source code, or intelligence.

A list of 77 million names, dates of birth and passwords could be useful as the raw material for future attacks, but aside from that, Sony’s gaming infrastructure is not a logical target for this bunch. You also wouldn’t expect a professional Chinese intrusion to be detected so quickly.

Verdict: Innocent

Random Recreational Hacker
This breed still exists, though now in much smaller numbers than the professionals. The PlayStation Network would be an alluring target for a bored teenager or twenty-something who spends a lot of time grinding through multiplayer shooters — to paraphrase Silence of the Lambs, you covet what you see every day. A recreational hacker might go after the user database as a trophy.

Verdict: Maybe guilty

For-Profit Cyberthief
These guys, largely concentrated in Ukraine and Russia, know databases like the backs of their hands — they dream in SQL — and similar, if smaller, stolen databases are bought and sold routinely over carder forums and in private transactions.

In this scenario, the credit card numbers potentially stolen in the hack aren’t as important as they seem. According to Sony, the CVV2 — the security code on the back of card — wasn’t stored in the compromised database, which greatly reduces the cards’ usability to fraudsters. Credit cards without the magstripe data or CVV2 are among the least valuable commodities.

But combined with the other data, the database is valuable indeed. The passwords (which Sony evidently didn’t bother to hash) could be a gold mine, because people have a tendency to use the same password everywhere; you can bet a big chunk of those 77 million PlayStation Network passwords will unlock everything from Facebook accounts to online banking. The e-mail addresses could be used in phishing attacks, with the fraudster using stolen details — like the target’s date-of-birth — to increase the chances of a response. Hell, even if it were just sold as a spam list, the Sony database could draw a pretty penny.

Verdict: Probably guilty

It depends on the person but, I know in cases of a 2 of my friends while it wasn't an outright negative, they could not use that credit card for 90 days while the company sorted out the "logistics". Also, anything can really hurt your credit score under the right circumstance. I mean, my credit score was hurt because it was checked 4 times in less than 8 months.

That's one thing I never understood about credit scores. Your whole life you're taught that you should shop around, especially when making a significant purchase. Yet if you shop around when it comes to a car or a house they have to run your credit every time, which fucks you in the long run.

My credit score is over 800 so if this Sony debacle fucks that up heads will roll.

As far as your first point, credit is such incredible bullshit. I think all of the cliches they tell you (shop around, have debt to increase credit, etc...) are just rumors the credit card companies created to make money off of us. That is obviously coming straight from my fairly uneducated, conspiracy theory brain, but still, it doesn't add up to me.

what is an "interest only" loan?