Sony's Intrusive Intrusion

So, the general consensus here is that Sony, all of Sony mind you, should be ripped from their offices, and thrown into the street. On the other side of this, the hacker or hackers responsible should be publicly, and gruesomely, executed. Am I about right?

Let's step back from this for a second. Sony, whether you want to see it or not, is a victim is these attacks. I say attacks, plural, because, admitted from Sony's court statement (http://bit.ly/lz46ae), there were more than one set of individuals responsible. I'll let you all do the digging, but, essentially, it states that the group Anonymous did indeed perform a major DoS, or Denial of Service attack against Sony's systems. Amidst the confusion and clamor, another set of individuals snuck in through the magic hole that had been created, and, quite literally, stole the show. Let me quickly state that I'm not a supporter of either side. I like to think that I'm a fairly neutral person, while I have my own personal views, which I will share below. So, Sony was the victim of an extremely malicious cyber-attack.

That leads me to you, the gamer. You are the victim as well. But, where do we put our blame? The knee-jerk reaction is Sony. They are the company that held our info, so, they're most certainly to blame. Right? Well, yes and no. Sony is indeed responsible for your data warehousing. Their systems should most certainly have been much more secure, with a bunch of high-level technical crap I'm not going to list here. Just use this link to find more- http://lmgtfy.com/?q=File+system+encryption Now, most of the data that was stolen, such as names, addresses, zip codes, etc., is all public. One can find that with relative ease these days, and having very little technical expertise. Try it sometime...it's an eye opener. But, the two major issues here are both relating to credit card data. The first is the actual credit card number itself. This number should have been extremely secure, by using secure data transmissions, file encryption, private vLANs, etc. It's still not clear if this was happening on Sony's end, as they are remaining quiet about it...for now. I'm certain that at some point, a court system will rip this info from them. The other part, and perhaps, the most damaging, is the CVV number. This number is that little three digit number on the back of the credit cards. It is the best way to verify that you physically are who you say you are, and that you have the card in hand. http://bit.ly/iT0Hyd  There were early claims of these numbers, obviously attached to all the other above listed data, being sold on some less that reputable web sites. IF, and I stress, IF this is the case, there will be a lot of heads rolling. That number is not to be saved. Ever. End of story. Period. That number is embedded inside the magnetic stripe of credit cards, and is not asked for when you make a purchase in a store for that reason. If Sony did in fact store that number, and it was part of the intrusion, then yes, by all means, blame the hell out of Sony. Or, at least, the executives who authorized such a bone head move. They may have had slightly good intentions, not making you enter the CVV number every time you wanted to make a purchase on their store, of, let's say, 20 individual songs for Rock Band or the likes. But, it seems that the bad should have outweighed the good in that decision.

So, who do we blame as the end-user? Well, that's sort of grey, and not yet clearly defined. Let's all step back, and stop causing such a ruckus over this, and let the court system, fallible as it may be, and the Federal and private investigation companies do their jobs unhindered. When the dust settles, let's see what Sony did wrong, and how much was lost. It could still be just a scare tactic, or outright lie, by these people selling the lists. It could be all valid information up to the credit card area, where they just came up with some randomly generated numbers, which isn't complicated to do, and sold them as-is. If questioned, they can say that you didn't purchase it fast enough, and the cardholder has already canceled that particular card. We shall see. For now, keep waiting until Sony brings their network on-line, play some single-player, maybe a few card games. Maybe even go take a look at the sun. I know I did, and I almost went blind.