Linked by Thom Holwerda on Wed 18th May 2011 14:50 UTC, submitted by sawboss
Privacy, Security, Encryption Sony just restarted its Playstation Network, after the massive security fail dismissed as a 'hiccup' by Sony CEO Howard Stringer. Well, the PSN has barely been up two days, and a massive security oversight has already been discovered. Yes, Sony just got Sony'd. Again. Unbelievable.
Thread beginning with comment 473688
To read all comments associated with this story, please click here.
I must be missing something
by WorknMan on Thu 19th May 2011 07:41 UTC
WorknMan
Member since:
2005-11-13

If I understand the situation correctly, Sony brings back the password recovery service that only requires an email address and DOB, and it took 2 days for somebody to realize this was a bad thing? In the two days that hundreds of thousands of new passwords were requested, nobody, either inside OR OUTSIDE of Sony, stopped to question that the only two pieces of information required were just handed over to hackers a few weeks ago?

So, somebody please help me out... what piece of this puzzle am I missing? And if what I just described is exactly what happened, why is Sony portrayed as idiots, if nobody else caught on to it either until today?

Reply Score: 2

Soulbender Member since:
2005-08-18

and it took 2 days for somebody to realize this was a bad thing?


No competent person would think it was a good idea in the first place.

why is Sony portrayed as idiots

Because they're the ones who implemented it and thought it was a good idea.

if nobody else caught on to it either until today?


Maybe no-one is using PSN anymore.

Reply Parent Score: 2

umccullough Member since:
2006-01-26

nobody, either inside OR OUTSIDE of Sony, stopped to question that the only two pieces of information required were just handed over to hackers a few weeks ago?

So, somebody please help me out... what piece of this puzzle am I missing? And if what I just described is exactly what happened, why is Sony portrayed as idiots, if nobody else caught on to it either until today?


Well actually, lots of people outside Sony *did* realize this, which is why the linked blogpost had been telling people to create a new email address immediately after resetting the password.

But the real news hit when Sony removed the service again and people starting asking why.

Unfortunately, I would guess that the majority of people using PSN are either 1) kids who don't know any better or 2) 20-30-somethings who sit around all day playing games and could give a shit less about security.

Reply Parent Score: 2