Sony spent years and millions of dollars investing in things like “Digital Rights Management” and other schemes to “protect” and limit usefulness of their products, secretly installing rootkits on customers’ PCs, and suing individual customers.
They then stored their users’ logins and passwords in plain text (unencrypted and no hashes) on a central database.
That tells me all I need to know about Sony. If they cared a tenth as much about protecting their customers information as they care about locking down their own “intellectual property” then we wouldn’t be reading this story today.
Even a basement-dwelling amateur programmer knows not to store things like that in plain text. How could a multi billion dollar company make such elementary mistakes?
Sadly if their legal department hadn’t insisted on suing their own customers for re-enabling console features which Sony advertised and then remotely disabled they probably wouldn’t have been targeted in the first place.
Personally I want to know where to send the bill for the credit monitoring service. Sony recommends placing a “fraud alert” on your SSN with the credit bureaus — I guess they aren’t familiar with the immense headaches and lost time that brings.
Sony spent years and millions of dollars investing in things like “Digital Rights Management” and other schemes to “protect” and limit usefulness of their products, secretly installing rootkits on customers’ PCs, and suing individual customers.
They then stored their users’ logins and passwords in plain text (unencrypted and no hashes) on a central database.
That tells me all I need to know about Sony. If they cared a tenth as much about protecting their customers information as they care about locking down their own “intellectual property” then we wouldn’t be reading this story today.
Even a basement-dwelling amateur programmer knows not to store things like that in plain text. How could a multi billion dollar company make such elementary mistakes?
Sadly if their legal department hadn’t insisted on suing their own customers for re-enabling console features which Sony advertised and then remotely disabled they probably wouldn’t have been targeted in the first place.
Personally I want to know where to send the bill for the credit monitoring service. Sony recommends placing a “fraud alert” on your SSN with the credit bureaus — I guess they aren’t familiar with the immense headaches and lost time that brings.