Sony's software was months out of date.

Discussion in 'GBAtemp & Scene News' started by Rydian, May 5, 2011.

May 5, 2011
  1. Rydian
    OP

    Member Rydian Resident Furvertâ„¢

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    Sony's software was months out of date.
    New information about the Sony hacking.
    [​IMG]

    New information has come to light surrounding the Sony hacking incident.

    According to Dr. Gene Spafford, a security expert Purdue University, Sony was informed of a security concern months before the incident. A user on Sony's public forums informed them that the version of Apache (web server software) Sony was using on it's servers was out of date, and not running behind a firewall. According to the report, no action was taken to remedy this.

    Anybody who works on servers can tell you that it's often a pain to update the software running on them. You run into deprecation of required functions, incompatibility with other software, you often have to re-create configurations, and sometimes you need to get used to a new method of doing things. This process costs a company more money as they often need to pay their techs overtime, and servers are often down for periods of time as the upgrades are completed and troubleshooting steps are done.

    This doesn't mean it's okay to slack off! It's very important to stay up-to-date from a security perspective. Newer versions of server programs come out often because they fix security vulnerabilities. If your server isn't updated, then even though the new version of the software may fix a flaw, your server is still vulnerable to it because you haven't updated. There's often a buffer time between when an exploit is patched and when it's targeted in the wild, but waiting multiple months is well beyond an acceptable limit.

    There's many places online where security flaws are publicly published, where people are encouraged to submit security flaws they've found in a program so that the creating company in question can fix it, and so users of the software can be warned. These are valuable resources for companies, to the point where some companies run bug trackers themselves on their site. The problem is that since many these are public resources, the company in question is not the only one with access to the information. Submissions often include a proof-of-concept exploit to prove to the company that the flaw should be taken seriously, but it's often not hard for an anonymous visitor to take the proof-of-concept code and modify it into something that's actually dangerous.

    This is an issue that a company such as Sony should be well aware of.[/p]

    [​IMG] Source
    [​IMG] Discussion
     


  2. Rydian
    OP

    Member Rydian Resident Furvertâ„¢

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    Personal opinion: Hey look, Sony decided to try to cut maintenance costs again!
     
  3. 1234turtles

    Member 1234turtles GBAtemp Advanced Fan

    Joined:
    Jan 1, 2011
    Messages:
    717
    Country:
    United States
    thats the price of free online
     
  4. TwinRetro

    Global Moderator TwinRetro Don't start nothin', Won't be nothin'

    Joined:
    Aug 29, 2008
    Messages:
    6,181
    Location:
    Las Vegas, NV
    Country:
    United States
    So there you go. It's no longer speculation, there is undeniable proof that Sony's servers weren't up to snuff.
     
  5. Quietlyawesome94

    Member Quietlyawesome94 GBAtemp Maniac

    Joined:
    Dec 4, 2010
    Messages:
    1,146
    Location:
    The Internet
    Country:
    United States
    Well we saw how that approach worked out for them.

    C$1 Billion suit filed against Sony (I might feel sorry for them if they lose this. But than again, probably not.)
     
  6. chrisrlink

    Member chrisrlink Rouge Temper

    Joined:
    Aug 27, 2009
    Messages:
    1,222
    Location:
    Unova
    Country:
    United States
    well thats ironc no wonder they got hacked it's like a big "hack me" sign on their back sony word of advice next time just don't update you proprietary ps3 (which infact should't be yours because we bought the damn thing(s) ) but update you DAMN server security next time
     
  7. FrozenIndignatio

    Member FrozenIndignatio Tyrant R. of ye olde Prinny Squad

    Joined:
    Nov 10, 2010
    Messages:
    517
    Location:
    Wherever Yakity sax plays
    Country:
    Australia
    Oh sony, you silly troll you. [​IMG]
     
  8. RexNebular

    Newcomer RexNebular Advanced Member

    Joined:
    May 1, 2006
    Messages:
    54
    Country:
    They weren't kidding about removing Linux support. They even stopped updating their own Linux servers [​IMG]
     
  9. ShadowSoldier

    Member ShadowSoldier GBAtemp Guru

    Joined:
    Oct 8, 2009
    Messages:
    9,383
    Country:
    Canada
    Seriously, how the hell can people defend Sony at all at this time? I can still find people who say "suing sony or bitching at them isn't going to help anything. They don't deserve any of it."

    Bullshit they don't. Like I said, the damage has been done already, people should be suing Sony harshly. And so far, nothing is happening. And yet this shows that Sony was just lazy and didn't care about protection. What a joke of a company.
     
  10. Nollog

    Member Nollog GBAtemp Addict

    Joined:
    Oct 10, 2008
    Messages:
    2,691
    Country:
    Ireland
    Oh Shock!
    Sony not listening to people trying to help them secure their servers.
     
  11. TwinRetro

    Global Moderator TwinRetro Don't start nothin', Won't be nothin'

    Joined:
    Aug 29, 2008
    Messages:
    6,181
    Location:
    Las Vegas, NV
    Country:
    United States
    BLAM! You ALL get a taste of the Bitch Puddin'!
     
  12. ultimate.fake.ac

    Member ultimate.fake.ac GBAtemp Regular

    Joined:
    May 29, 2010
    Messages:
    107
    Country:
    Canada
    Yay, yet another chapter to the saga. Looking forward to the next one!
     
  13. Skyline969

    Member Skyline969 MENUdo Afficionado

    Joined:
    Nov 18, 2008
    Messages:
    2,206
    Location:
    Saskatchewan
    Country:
    Canada
    [​IMG]

    Nintendo has never had a failure of this magnitude, and their online services are free as well.

    Now then, I'm deeply disappointed in Sony over this. I was before, but this has even further pushed it. However, will I stop using Sony products? Of course not... but I will further be known as John Doe, living at 123 Fake St in Anytown, Canada.
     
  14. junkerde

    Banned junkerde Banned

    Joined:
    Jan 3, 2011
    Messages:
    483
    Country:
    United States
    sony is fag, thus i dub thee troll.
     
  15. ShadowSoldier

    Member ShadowSoldier GBAtemp Guru

    Joined:
    Oct 8, 2009
    Messages:
    9,383
    Country:
    Canada
    If you're going to make a fake address, at least use a real one that isn't yours. Use

    1313 S. Harbor Blvd, Anaheim Ca. 92802.

    Disneyland won't mind.
     
  16. TwinRetro

    Global Moderator TwinRetro Don't start nothin', Won't be nothin'

    Joined:
    Aug 29, 2008
    Messages:
    6,181
    Location:
    Las Vegas, NV
    Country:
    United States

    Or 1060 West Addison Street
    Chicago, IL 60613

    lol
     
  17. Skyline969

    Member Skyline969 MENUdo Afficionado

    Joined:
    Nov 18, 2008
    Messages:
    2,206
    Location:
    Saskatchewan
    Country:
    Canada
    Preferably somewhere in Canada, since I do plan on continuing usage of PSN and purchasing stuff (using prepaid cards only, of course). That way I can pay in Canadian dollars. I may set my location to be in Alberta though, so I can skip 5% sales tax. [​IMG]
     
  18. EpicJungle

    Member EpicJungle stop browbeating me can't you see i'm sexy

    Joined:
    Aug 28, 2009
    Messages:
    1,002
    Country:
    Canada
    Why is Sony so careless [​IMG]
     
  19. Gh0sti

    Member Gh0sti iOS Guru

    Joined:
    Aug 19, 2009
    Messages:
    1,300
    Location:
    Inside you, all around you
    Country:
    United States
    this says it all
    [​IMG]

    source vgcats.com
     
  20. gamefan5

    Member gamefan5 Kid Icarus Uprising connoiseur

    Joined:
    Aug 29, 2010
    Messages:
    4,834
    Location:
    Somewhere in this Earth
    Country:
    Canada
    Ok this is ridiculous as hell.

    My friend, you just described perfectly the situation.
     

Share This Page