Why are Sony getting more hate than the actual hackers?

[Nihilism_Is_Bliss]

I agree with OP, this has really been annoying me.

 

[DocBalance]

Because they lied to the public. They knew for a week, and didn't tell anyone.
Because they trusted their PS3 security so much that they didn't install proper security for PSN.
Because left to their own designs, they'd never even give a cent of compensation to the customers affected by this.
Because they've been riding on the cash flow from all their other products to secure third party support for years, and it's about time they get knocked off their pedestal.
My only regret when Sony pulls out of the game market will be Kevin Butler getting sacked.

 

[Dragonpit]

Right this is seriously getting on my nerves, why are people directing all their hate about this PSN hack towards Sony and not the people who hacked PSN and took their details. Sony didn't choose to get hacked so why are they being blamed for it. Yes their security could have probably been better but surely any security system is hackable anyway. Maybe I'm wrong about this whole thing, I don't know, I just think all the Sony hate is a bit unreasonable. What are your opinions on this?

You're right, but the reason why everyone is going after Sony is not just because they were hacked. It's because they were hacked and the hackers got to everything. Sony has a responsibility to make that the information of all the customers stays secured, and they failed in that respect. Sure, if they were hacked and a marginally smaller amount of people had their info taken, if might have been a different story. But this level of catastrophe only comes about when there is some level of incompetence on Sony's part. Those hackers should not have gotten away with the personal data of Sony's entire customer base, no matter how good they are.

 

[Quaidis]

Anybody who actually does blame Sony and not the hackers is just being ignorant.

It's like going to someone's house to find it robbed, then blaming them for not double bolting all their doors.

Or if someone double-bolts their doors, gets robbed, and is blamed for not putting barbed wire around their house and making their guard dogs aggressive enough.

Not all hackers are going to be stopped by red tape and an alarm. Some rather astounding places were hacked into this year and last. Places that no one thought could be hacked into. Suddenly Sony gets hacked bad and everyone is flipping out at the hackee like they were to blame. Sure Sony could've handled the PR better, but blaming them for it is stupid.

 

[Troublesome Lagomorph]

As most people have said, Sony has a name and a face. These hackers do not. Therefore Sony is blamed.

 

[Dragonpit]

Either way, Sony can't genuinely be blamed for it. It can be just 1 line of code out of 1 billion that brings down a system.

This just blows my mind. It's disturbing that people can think this way.

Of course Sony can be genuinely blamed for it. This "everything can be hacked" attitude people have needs to go. Of course IT systems are very complex, and having a 100% secure system is probably a pipe dream. But you can make your systems prohibitively difficult to break into. By and large, most of the headline hacking incidents involve unsecured systems (and increasingly, social engineering), not some genuis hacker finding some fiendishly obscure backdoor. Having the entire database stolen raises some red flags.

By your logic, any company that loses customer data to hackers can just wash their hands and say "sorry guys, 1 line in a billion".

Of course people hate the hackers. They're the criminals, they stole the information, that's a given. But none of us gave our info to Sony expecting hackers not to hack. We gave it to Sony expecting Sony to keep it secure.

And yes, Sony have confirmed that the entire personal information dataset was kept unencrypted. Failing to at least hash passwords would be poor practice for an amateur web developer, let alone a multi-national corporation. This isn't just some obscure code vulnerability, this is a serious failing of security practices. So yeah, I will quite happily hate on Sony for failing to do what companies like Microsoft, VISA, Amazon, and countless others have managed to do for quite some time now: keep the majority of their customer's information safe.

INTERESTING... Sony says the data WAS encrypted.

They only said the credit card information was encrypted. Everything else is up in the air.

 

[Freeze_L]

They did not protect their customers as expected. Ya the hacker did it but it should not have happened in the first place. Sony is thus at fault for letting it happen. The thief did it but the blame fall on the fool that let it happen. Sony ought to have been prepared for this...

 

[-Dragmire-]

Sony handled the situation very, very shittily.

I actually am more against the hackers in this instance though.

Not because they hacked Sony, but because they're selling private information.

I would side with the hackers if they weren't doing what they are doing to Sony's customers.

I know that common sense would dictate that a person who engages in a high risk activity must be seeking a proportional amount of reward but that's an assumption. Case and point, there has been no evidence that the PSN was hacked for monetary gain regardless of how 'likely' it is. Likelihood in this case, is based on fear and speculation, neither of which should be trusted as factual evidence.

 

[S3Cs4uN 8]

for the same reason the bank guarding $77 million Dollars would get more hate than a bank robber If it was Robbed if they left one guy with a BB gun to guard all the money. People can't really hate on the bank robber as that's what bank robbers do, they rob banks, the bank on the other hand had a responsibility to protect the people's money that was stored and by failing miserably they would naturally receive lots of hate by the people who lost their money to the bank robbery. The only other option would be to hate on the existence of crime.

Um...yes you do blame the bank robbers, even though it's "what bank robbers do" it's still against the law and we punish them for it. If someone hacks into your home computer and steals your identity do you blame your yourself? or the person who stole your identity?

doesn't matter in that situation I'm only dealing with me and the criminal, if I took no precautions at all to protect my data and I suppose I would blame myself and the criminal for the data being stolen.

If my friend lent me his car however then I left it somewhere out in the open unprotected In the bad part of town and someone stole it I believe that my friend would probably blame me for being careless with his property is much easy would blame the robber for stealing it.

Sony didn't leave the data unprotected in the bad part of town.

yeah they left it in the neighbourhood across from it

 

[Grey_Focks]

Two reasons, really. They didn't hold up their end of the EULA, and most importantly, they waited a goddam week before letting their customers know about it. They put PR ahead of the well being of their customers, and for that they get no sympathy from me. They way they've been going about this whole situation is really just dumbfounding. Seriously, how the hell can a multi-million dollar corporation mishandle something this serious so completely!?

Though I still hope they bounce back from this, if only because competition is good for everyone, and even 360 and Wii owners benefit from Sony staying in the game, if only to help keep the prices from going into "full retard" range.

Oh, and yea, the hackers are the ones to blame for the actual hacking, but please stop being so quick to defend Sony, when they clearly don't give a rat's ass about you guys, their own customers.

 

[Elamdri]

Right this is seriously getting on my nerves, why are people directing all their hate about this PSN hack towards Sony and not the people who hacked PSN and took their details. Sony didn't choose to get hacked so why are they being blamed for it. Yes their security could have probably been better but surely any security system is hackable anyway. Maybe I'm wrong about this whole thing, I don't know, I just think all the Sony hate is a bit unreasonable. What are your opinions on this?

Oh, I'm unhappy about them as well. But I don't know who they are, I don't know how to find them, and if I can find them, I really don't have much of a course of action that I can take against them. Suing them wouldn't make sense, they likely have no money. I'm sure they'll suffer criminal penalties if they're ever found, but that's something that is handled separately from my remedies.

Sony, meanwhile, has been on notice for a WHILE that the PS3 root key was out, they've had problems with their network in the past, they waited a LONG time to inform us that our personal information was compromised, I think that is fair enough reason to be pissed off at them.

 

[Sentox6]

INTERESTING... Sony says the data WAS encrypted.

No, they don't. That's the credit card data, not the personal data.

http://www.eurogamer.net/articles/2011-04-28-sony-your-card-data-data-was-encrypted

Adding fuel to the fire, Sony has admitted that personal data ? PSN logins, passwords, emails, names and addresses, was not encrypted. Sony confirmed this week that this data had indeed been stolen.

"The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack," Seybold said.

 

[Bek359]

Because the stupid fuckers stored everyone's personal information in plaintext with absolutely no form of encryption or hashing. That's why. Hacking is inevitable, so that's why you keep the most sensitive information in a form unusable to any but yourself, possibly even on a computer not connected to the Internet. The responsibility is on YOU (you being Sony), because hackers gonna hack.

 

[Wintermoot]

they protected their consumers information badly
they keep removing features from their systems in a vain attempt to combat piracy
they want complete control over their products (even though people already bought them and aren't their property anymore)

 

[Sparcrypt]

I love how people are posting 'oh any network can be hacked, it's not their fault!'

Crap. Utter crap.

1. Human error
2. Lack of security policy/procedures
3. Failure to enforce/adhere to 2
4. Using systems with known security flaws

Those are what cause system compromises and all of them can be avoided. The fact they were not is COMPLETELY Sonys fault.

Yay for not being on the PSN.

 

[Dratis]

Both deserve a nice thrashing. If we could get at the Hackers they deserve more heat then Sony themselves I'd think. But Sony still need heat from this because without it they will NOT improve their security to make it so this sort of thing doesn't happen again.

 

[The Naked Emperor]

Because Sony has handled this very poorly, not to mention something is seriously wrong with their architecture if all of that information was leaked at once.

 

[Bre2nan]

Ah, Sony: you just can't seem to get anything right nowadays.

They were asking for the whole hacking mess they've been in ever since they made the design mistake of letting people install a secondary OS on their PS3s

yes, I said design MISTAKE

Sure, it's a nice feature, but it's practially asking for people to use the secondary OS to sniff around and really learn how the system ticks so they can exploit it for whatever purpose they might have, whether that purpose is relatively benign or something like installing custom firmware to pirate games.

Sony have been playing damage control ever since then. That's why the secondary OS feature was removed from the newer PS3s. The damage may not be as bad as they think, and there is the whole moral dilemma over what owners of the hardware have the right to do, but that's the strategy they've been sticking to and so far has only gotten them deeper into trouble.