PSN and SOE are back online (except in Japan) and Sony is looing to kiss and make up. What are they offering? A couple of free video games, 30 days to their subscription services, a handful of movie rentals, and some virtual crap for their Second Life clone, Playstation Home. Technically they are also offering one year of credit monitoring, yet that offer is strangely omitted from their announcement.
Sony is responsible for the second largest data breach in history. 77 million customers had their names, addresses, gender, birthdate, email, password, credit card number, and expiration date stolen from a service that couldn’t be bothered to patch their web servers or install a basic firewall. Furthermore, Sony failed to take proactive measures in their other online divisions and the door was left open for ANOTHER 24 million customers to be victimized. Now, Sony plans to make it all go away for a couple of old, underperforming video games and a weekend on the couch watching movies. Really? This is a childish bribe to a very grown up problem.
Has the problem even been fixed? Sony has refused to disclose exactly how their network is any better than before. Even if we assume it is, can we be assured that Sony will continue to provide adequate security in the future? Online security is an ever escalating arms race. Are people expected to simply sit back and trust a company that got caught with security that would have been inadequate 10 years ago?
Then we have the possibility that this attack could have been motivated by Sony’s brash actions against the private sector. Sony’s long history of suing private innovators came to a head recently with the much publicized court cases against George Hotz (Geohot) and Alexander Egorenkov(graf_chokolo). Not content with attacking these private citizens, Sony even went so far as to petition the courts to gain access to the records of anyone who had viewed a video created by them on YouTube, visited their websites, or donated to their legal defense.
And what of the motivations of these two “hackers”? Sony removed the ‘Other OS’ feature from from the Playstation 3 system; A feature touted as a selling point for the device. The reason? “Security.” Sony’s security, not yours. Sony was concerned that, in an industry where sales are measured in the hundreds of thousands, a couple hundred people were going to play a video game without paying.
100 million Sony customers were subjected to identity theft because they couldn't be bothered to enable security measures that your grandmother’s Windows laptop has by default and they want you to forgive them for the price a an old lollypop they found in the bottom of their coat pocket.