Poll: Is GeoHotz to blame for PSN going down?

[intheweeds]

Wow! So many people just shutting this guy down, eh? The poor guy was just asking a question! So he's not a programming expert, then inform him. No reason to start insulting people. Relax! You guys act like someone not knowing/realizing something is a personal affront to your family.

OT: No, essentially because of what Xzi said.

 

[mitchell271]

I think it's possible. He agreed to sony's demands and then the shit hit the fan. Playstation site goes down. Couple weeks later, PSN gets hacked. the hacker made have seen these demands, which GeoHotz accepted as too strict and maybe this is their way of saying "Screw you Sony."

 

[V8 Ninja]

Directly? No.

Indirectly? Probably. When you give the whole internet the way to hack a system, don't expect people to not do anything.

 

[kebab4you]

Directly? No.

Indirectly? Probably. When you give the whole internet the way to hack a system, don't expect people to not do anything.

Yes, now go shout at a hardware store for selling crowbars to criminals.

OT;Nope he got nothing to do with this.

 

[DEAD34345]

Yes, also the inventor of knives killed thousands, the first caveman to discover fire is responsible for all deaths caused by combustion and Adam and Eve are responsible for every bad thing that's happened to anyone ever. /Sarcasm

When people do stupid things, don't blame the other people who "allowed" them to do it. It doesn't make any sense.

 

[MelasZepheos_v1legacy]

Sony is to blame for their poor security, and nobody else. GeoHotz did not design Sony's terrible network security, and GeoHotz was not the one to store everybody's personal information in a plain text, non-encrypted format. Sony did those things.

Of all the things to come out of this debacle this is the one that is really pissing me off. (I know the quoted member is not the only one but it was the first that caught my eye)

Perhaps someone can explain how exactly Sony's security was bad. Not hackable, not accessible, but bad; since this is the word that's getting thrown around.

Maybe I'm giving them too much credit, but Sony is a multi-billion dollar company that knew that if they got hacked, they would lose billions, so for some reason I don't see them having bad security. As far as I can tell, no one knows if the hackers have been trying to break this system for years, and failing because in fact the security was too good.

Does anyone actually know, with no speculation or guesswork, but with actual insider knowledge, what Sony's security protocols were? Can you tell me exactly how this data was stored and guarded? Can you tell me what it might possibly take to break down the security? Give me an estimated time frame?

In fact, can anyone give me any details that aren't internet hyperbole and a VGCats or Penny Arcade comic?

I know my voice means nothing in the grand scheme of things, but until someone can tell me definitively and with proof how and why Soyn'w security was bad, then stop saying it was bad with no proof. Don't just take it as read that because everyone is saying it it must be true, because that is willful ignorance.

 

[kebab4you]

Sony is to blame for their poor security, and nobody else. GeoHotz did not design Sony's terrible network security, and GeoHotz was not the one to store everybody's personal information in a plain text, non-encrypted format. Sony did those things.

Of all the things to come out of this debacle this is the one that is really pissing me off. (I know the quoted member is not the only one but it was the first that caught my eye)

Perhaps someone can explain how exactly Sony's security was bad. Not hackable, not accessible, but bad; since this is the word that's getting thrown around.

Maybe I'm giving them too much credit, but Sony is a multi-billion dollar company that knew that if they got hacked, they would lose billions, so for some reason I don't see them having bad security. As far as I can tell, no one knows if the hackers have been trying to break this system for years, and failing because in fact the security was too good.

Does anyone actually know, with no speculation or guesswork, but with actual insider knowledge, what Sony's security protocols were? Can you tell me exactly how this data was stored and guarded? Can you tell me what it might possibly take to break down the security? Give me an estimated time frame?

In fact, can anyone give me any details that aren't internet hyperbole and a VGCats or Penny Arcade comic?

I know my voice means nothing in the grand scheme of things, but until someone can tell me definitively and with proof how and why Soyn'w security was bad, then stop saying it was bad with no proof. Don't just take it as read that because everyone is saying it it must be true, because that is willful ignorance.

Linking this again;

 

[RA92]

OP

Even if - if - it was GeoHot's firmware hacking that helped convert hacked PS3s to dev tools for breaking into servers, then the PSN deserves to be hacked.

Yes. I just said that.

One of the primary concepts of server security is that you're always prepared for the client side to be compromised.

Frankly, I believe Sony's security team isn't that inept, and the hackers who broke into the PSN found some other weakness or used social engineering. Pirating off the PSN using Rebug is one thing, taking down an entire network is another.

 

[Dan Steele]

yes, it thanks to him psn got hacking popular

 

[manythings]

Was he directly responsible? I doubt it. Was his work part of it? I guess, I'm not knowledgable of such things.

 

[Googenstien]

Yes he is.. those anonymous guys are acting on his behalf

 

[Findlebob]

Anyone with a brain wouldnt try to hack the company who wanted to sue him for everything.

 

[Longsight]

snip

Aww, you beat me to it - although the really juicy stuff comes in part 3.


Anyway, Sony have a very, very poor record when it comes to security, and the PS3 root key debacle proved that their security auditing procedures are non-existent. They spent huge amounts of time and money ensuring everything in the world was signed and certified, and then screwed up the signing algorithm so anyone could do it themselves.

Also: [18:56] security rule #1: assume every piece of data coming into the system is a malicious payload.

 

[kebab4you]

snip

Aww, you beat me to it - although the really juicy stuff comes in part 3.


Anyway, Sony have a very, very poor record when it comes to security, and the PS3 root key debacle proved that their security auditing procedures are non-existent.

Ah yes, was from you I saw the video to begin with >.<

 

[Longsight]

snip

Aww, you beat me to it - although the really juicy stuff comes in part 3.


Anyway, Sony have a very, very poor record when it comes to security, and the PS3 root key debacle proved that their security auditing procedures are non-existent.

Ah yes, was from you I saw the video to begin with >.<

Ha, awesome. Yeah, I've been posting it around a bit lately to try to quell the tide of misinformation a bit.

 

[zehydra]

A person cannot be held responsible for something he did not do himself. If GeoHotz did not hack the PSN, then he cannot be held in any way responsible for the hacking of it.

 

[MegaManOfNumbers]

has it ever occured to anyone that Geo could have done MORE than just jailbreak the PS3? it is possible he hacked the system open also for other hackers to go "serious Sam" on?

I FULLY believe GeoHotz MUST be involved with the hacking issue for the PS3; think about it, what are the odds that hackers ripping apart the PS3 RIGHT AFTER the whole Jailbreak mess to be an accident?

P.S. Also, I'm sure anomynous can't be involved with this, seeing that they only shut down Sony websites and PSN temporarily.

here's an analogy to explain this: there's a difference between hiding the egg and cracking it open.

 

[Longsight]

The most likely consequence of geohot's actions is that a custom firmware was developed which allowed too much information about the PSN to be revealed - which again is down to Sony's failings more than anything else. He might have enabled further exploration of the system, but that doesn't make him responsible. You may as well argue that Bill Gates is ultimately personally responsible for Windows viruses.

 

[Hectix777]

No and http://youtu.be/PetqKh7lr8g

Seriously OP what was going through our mind when you made this thread?

My growing paranoia and lack of foundation on the basic security code protocols and safeguards that prevent systems from being hacked and my of not knowing the that their was no link between the the PS3's root code and PSN, believing that the PS3 root code had access that enabled the player to gain access to PSN and also their own private account and credit information leading me to suspect that now that the root code was out in the open people could have manipulated the part of the root code that allowed the player to access PSN and terminate the protocols limiting them to their own account and altering it to gain access to other accounts. I just didn't know that the root code wasn't part of PSN, sorry.