geekhack
geekhack Community => Off Topic => Topic started by: BucklingSpring on Wed, 27 April 2011, 20:00:08
-
Explicit subject...
This is probably a Guinness World Record's grade for the biggest breach in history.
Apparently Android and other PDA/SmartPhone OS' are not much stronger than Sony's
So what do you think… Is it the end of the world as we know it?
-
Maybe THAT'S where my Credit Card info got stolen.
Visa didn't particularly seem interested in catching the culprit when I talked to them
They don't make a big deal of it on the phone. But they do their homework...
It really depends what went wrong with your card.
There are so many scenarios – Here's a couple just to name a couple
- Dumpster diving to retrieve and steal data for carbon paper (small breach, low interest)
- Card cloned while swiped in a compromised sales point. All cards known to have been swiped during the suspected compromised window will be deactivated (still small-medium breach, low interest)
- Transactional Internet site compromised, gazillion cards stolen (major breach, high profile – They'll work day and night to track the hack. But the wise ones are often in Russia or China where US have very little reach.
Good old Wikipedia for CC fraud 101 (http://en.wikipedia.org/wiki/Credit_card_fraud)
-
Main thing with the PSN attack is you better not be using the same password as your bank accounts or you can be royally screwed.
Why not? It is so easyier to remember :-)
Credit card companies are so paranoid... I wouldn't be surprised if they cancell all the cards used to purchase a Play Station.
-
Main thing with the PSN attack is you better not be using the same password as your bank accounts or you can be royally screwed.
Or they could over do it like here in Finland. My bank requires 8 number indetifier+4 number Pin...
And one time usable pin. Still, CCs are less protected, if they don't force using this same system...
Still, CCs are somewhat unsafe, for the services which keep info around...
77Million, it hasn't yet been on web, so I guess it's "professional" job. Quite nice penny for info it has, even if CCs are not usable...
-
Whats funny is that every Xbox360 user is sitting back snickering.
77Million, it hasn't yet been on web, so I guess it's "professional" job. Quite nice penny for info it has, even if CCs are not usable...
You mean it hasn't posted on Wikileaks?
-
Whats funny is that every Xbox360 user is sitting back snickering.
You mean it hasn't posted on Wikileaks?
Or to piratebay ;D
-
Or to piratebay ;D
Eww, that would be ugly. I pretty sure piratebay has been shutdown though.
-
Eww, that would be ugly. I pretty sure piratebay has been shutdown though.
It would, but style of Anonymous and some for fame hackers... When did you last check on thepiratebay?
-
It would, but style of Anonymous and some for fame hackers... When did you last check on thepiratebay?
Well I know they have been in some pretty heavy legal trouble and heard they were being shut down. When you mentioned it I tried going to it and I get this.
-
Not that I was trying to look up 77,000,000 credit card numbers >=]
-
Well I know they have been in some pretty heavy legal trouble and heard they were being shut down. When you mentioned it I tried going to it and I get this.
You got an evil ISP, works perfectly fine here... Certain ISPs and countries block it, free internet, no cencorship...
Only, 2,2M "lost"... Still, I heard the other info might be good...
-
You got an evil ISP, works perfectly fine here... Certain ISPs and countries block it, free internet, no cencorship...
I kinda had a feeling that was the problem. I wish I wouldn't have seen that because now it's going to eat at me. I'm an isohunt evangelist anyways!
-
I don't know if any of you guys have accounts over at DSL Reports web site but they were attacked via SQL injection method just a few days ago. Emails & passwords were stolen.
http://news.cnet.com/8301-27080_3-20058471-245.html (http://news.cnet.com/8301-27080_3-20058471-245.html)
Theres's a link in the article that takes you directly to discussion on their forum.
-
And then we have this guy selling CC & CCV dumps, skimmers, etc. on this very forum. lol
-
This is not the first time that Sony has screwed-up.
-
sony is royally pissing me off lately. Now i got email re the xfactor audition registrations at fox - apparently they have also gotten hit too, though the amazing thing is thney didn't hsve much more than email and name anyway. What really irks me about the psn thing is the amount of info that was available for them to steal - name phone address email login pass age dob ... why did sony even need all that for their little game network anyway?
-
... why did sony even need all that for their little game network anyway?
Very good question. They would say something like, "that is the required info for billing purposes". Too bad you cant link the payment to paypal so you wouldnt have your billing info spread to the four winds. But the psn network is supposed to free anyways. Well their basic subscription anyways.
-
My dob is always Jan 1. Gung Hay Fat Choy is my city of birth.
Gung Hay Fat Choy, Alabama
-
eBay and Amazon are equally prone to screw up big, so this is not a Sony problem. This is a problem of massive data graves. Since nobody really likes Sony, well, hooray to us.
-
Apparently Android and other PDA/SmartPhone OS' are not much stronger than Sony's
?
-
Time to open up yet another email account for Forum use!
That's the way to go... I love unlimited aliases on paying webmail services.
It takes a split second to create and is live as soon as you click OK.
Then if I ever receive spam at MyGeekhack@whatever.com. I know where something went wrong… :-)
-
?
Just a matter of time before a major leak makes it to the news.
-
Where is the "apparent" weakness? If you are talking about "tracking data", that isn't really in the same scope, plain-text or otherwise.
-
Where is the "apparent" weakness? If you are talking about "tracking data", that isn't really in the same scope, plain-text or otherwise.
On the end user side, most phones are not encrypted vaults (Unless hardened). On the Network side, I don't know how Wireless phone companies are managing their central databases.
-
BTW, my PC still works online? How is that consoles "it just works"? ;D
Ease of gaming...
-
here we go again (http://thenextweb.com/industry/2011/05/18/not-so-fast-sonys-playstation-network-hacked-again/)
-
Re: NEW security hole/exploit:
Well, duh.
What kind of security fix lets you reset your stolen password with the same information that was already confirmed as being stolen?! 0_o
My nomination for the epic fail/Darwin award goes to Sony this year. Cripes!
-
That video lags like crazy. I'm not crazy about controller movement either. Mafia II on PC looks better (I don't care about AA). Ripster, please, check other PC forums about PC games and hardware. OCN is not the best place to hang out. I only use one video card too.
-
So it wasn't really a "hack", but it WAS a "hole"... only if you reset the pass through the website instead of from the ps3 directly apparently. But still, I missed the logic train in using personal data which is known to be exposed as criteria for proving your identity. That just seems like a no-brainer to me. I still think this is the fault of trying to mine and store so much information (particularly when it isn't even warranted for those specific purposes.) Sony is a complete cluster **** lately. What happened over there?
-
They are currently busy trying to put 80 year old grandmothers in jail because their grandson downloaded a movie.
-
So it wasn't really a "hack", but it WAS a "hole"... only if you reset the pass through the website instead of from the ps3 directly apparently. But still, I missed the logic train in using personal data which is known to be exposed as criteria for proving your identity. That just seems like a no-brainer to me. I still think this is the fault of trying to mine and store so much information (particularly when it isn't even warranted for those specific purposes.) Sony is a complete cluster **** lately. What happened over there?
Technically, you don't need to break or force anything to be considered a hack.
You are "hacking" as soon as you exploit or abuse the system for anything beyond your written rights and privileges.
No matter what, the hacker is exposed to serious legal retributions from the system owner. If a crime was committed, the hacker will also have the law on his back.
If the system owner was negligent at protecting personally identifiable information (PII) or financial data such as credit card information. Then he is also exposed to some major problems such as user class actions and even Federal/States lawsuits.
On the long run, this is going to be an interresting Sony story.
But they have so much money... They can afford to be dumb.
-
I laugh at ethical corporate concerns. That's why I own AAPL.
(Attachment) 18410[/ATTACH]
ROFL - Did Panda-R hit again? She looks like she might be his daughter.