Geohotz Uninvolved in Sony Hack

Geohotz Uninvolved in Sony Hack

We've covered the legal case of George Hotz, the Playstation 3 modder, several times in the past year. Hotz recently reached a settlement with Sony and announced he was going on vacation. "It was never my intention to cause any users trouble or to make piracy easier," said Hotz in an interview a few weeks ago." I'm happy to have the litigation behind me.* A few days later, Hotz announced he was joining a Sony boycott:

"As of 4/11/11, I am joining the SONY boycott," he wrote on his blog. "I will never purchase another SONY product. I encourage you to do the same. And if you bought something SONY recently, return it."

Mild stuff, all things considered, which is why rumors that Hotz is somehow involved in the hack against the PSN make so little sense. GeoHotz got off lightly, more lightly than we honestly expected. Even if Sony hadn't thought it could win the case against him, it could've tied him up in court for years. We've seen other organizations like the RIAA do this; it's rarely pretty. Charging Sony's virtual stronghold with the ink scarcely dry on his first settlement would be begging Sony to hammer him.


Our Hero

There's also the matter of cost. With the PS3, GeoHotz and Fail0verflow were able to claim, with at least a veneer of plausibility, that they cared about restoring OtherOS functionality, not about enabling game piracy. Absent evidence to the contrary, it would've been more difficult to tag them as guilty. The link between their work and Sony's income would've also been tangled.

Not so in this case. With the PSN network down, virtually every aspect of PS3 gaming and the oft-quoted, ill-defined PS3 experience is crippled. Sony, therefore, could claim direct damages and loss of revenue. These amounts and charges will increase further if Sony is forced to admit that credit card data was compromised and the remaining encryption broken. That spells very deep trouble for whoever did this should the Japanese electronics company ever find them.

Asked if he was part of the break-in, Hotz said:
I'm not crazy, and would prefer to not have the FBI knocking on my door. Running homebrew and exploring security on your devices is cool, hacking into someone else's server and stealing databases of user info is not cool. You make the hacking community look bad, even if it is aimed at do***es like Sony.
Hotz did say that he believes the problem here was caused by executives who declared war on hackers, but then hired lawyers instead of security researchers to stop it. Regardless of the root cause, Sony has announced that it intends to begin bringing the PSN back online next week. there's no word yet on how long it'll take to restore the network to full functionality or what security fixes (if any), will be installed to prevent this from happening again.
0
+ -

Fail war :D, hackers will always win, too many of them :)

+1
+ -

Good Job, GeoHotz I like your philosophy "Running homebrew and exploring security on your devices is cool, hacking into someone else's server and stealing databases of user info is not cool"

I would not doubt if this was some malicious organization who saw GeoHotz litigation as an opportunity to hit Sony and grab what they could.

+1
+ -

I finally got my notice from Sony last night (ten days after the event). My response to them went something like this:

To whom it may concern,

Please forward this feedback to the highest levels possible:

First, you sell audio CDs with rootkits. Time passes...

Later, you remove Linux from the PlayStation3. Such that I haven't been able to log on to the PSN for over a year because I don't want to upgrade my firmware and lose one of the main reasons I bought your console (and therefore my kids can no longer play their games online). Don't feel sorry for the kids - I bought them your main competitors console.

Now you have lost my information, and potentially that of my children to unknown hackers. I've been working professionally in the computing field for 20+ years and I can't believe the level of incompetence it would require for someone to build a networked system that stores passwords as plaintext and not one-way hashes.

AND, you're emailing me to tell me this 10 DAYS AFTER IT HAPPENED?!?!?

"When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password." I CAN'T - READ THREE PARAGRAPHS BACK. Well, I can - because I know that I can log in via a web browser, but you might want to tell all the other Linux enthusiasts you screwed over who never have had need to log in via the web.

Your company seems to know as little about security as it does basic consumer rights. I will never, ever, do business with Sony again. As I write this, I am permanently deleting EverQuest and other online Sony games from my desktop system.

Sincerely,

+1
+ -

Just like I explain to my little girl Yellow Jackets, Hornets, Wasps and fire ant's will get you defensively in an aggressive manor. Seems Hackers take the same route when you get near one of them who is noted publicly, or there server nest.

0
+ -

Although i'm like the other millions suffered from PSN blackout, however i have this to say "God Bless You Hackers"

This just showed me that I've been keeping some of my very private information in the hands of some incompetent people, not because they got hacked, everyone can get hacked, but because of the way they delt with this incident.

I mean, 10 days it took SONY to tell us that our credit card and other information has been hacked ??? what kind of !?*&*&&^ &^^%^&&!))(( is this!

To hell with you SONY.

0
+ -

I think Sony handled this the wrong way... unstead of spending time on lawsuits on hackers... they should have just worry more about their security and make sure it doesnt happen... I think after this Sony has learn thier lesson... but i think though the hacking part is wrong because your not just ruining one person but everyones life on the consol...

Its like learing how to break a Bank its against the law to do that... in this case its similiar because your traspassing into a place where its off limits... I think Geohotz broke the rules here, of course everyone says theres nothing wrong but if you were the one to get hacked they take your account change password etc. Its ridiclous really.

But Sony needs to buff up thier security becuase they are gona lose alot here.

0
+ -

>> Its like learing how to break a Bank its against the law to do that... in this case its similiar because your traspassing into a place where its off limits... I think Geohotz broke the rules here

It's like learning how to break into a piggy bank you bought from the store and took home. You used to have the combination to access part of it, but it was removed remotely by the store. And then the store sues you for breaking into your piggy bank because they said you only "licensed it".

As someone who like programming and playing with Linux on the PS3 - and wouldn't have bought it without that feature, I don't have any understanding of why you would support Sony's actions.

-1
+ -

@3vi1

I think you should forward a letter to GeoHotz as well..

Quote:"Later, you remove Linux from the PlayStation3."

Wasn't this Geo's doing that got Sony to no longer support Linux on the PS3?

http://en.wikipedia.org/wiki/George_Hotz#Hacking_the_PlayStation_3

 

Also to my understanding, this Geo dude made public all the knowledge to fully unlock the Ps3's security before the PSN issue came to play recently, therefore,  he was giving the knowledge to every hacker so that the PS3 can play illegal copies of games, and game studios who work their asses off for years developing a game,can lose millions of dollars just like they are in the PC industry. 


But it doesn't stop there, It also leaves the PS3 and what ever u have installed on its hard drive, vulnerable thru other methods using what Geo has given other hackers it doesn't have to be PSN related.

I plain and simple don't blame Sony for going after this guy.

 

0
+ -

>> Wasn't this Geo's doing that got Sony to no longer support Linux on the PS3?

No. You speak as if Sony had no choice but to remove a feature from everyone's console for something one person claimed to be able to do (but wasn't actually out in the wild). Hotz didn't hack the PS3 through OtherOS - he was hardware glitching until fail0verflow released their info (which also didn't need OtherOS).

Also, The first publicly available USB dongle hacks didn't use OtherOS/Linux at all to accomplish their bypass. The signing keys, also, have nothing to do with Linux - Sony just didn't want to support it anymore since using it to bypass import duties by selling the console as a "computer" in the EU was deemed unworkable.

Sony can try to justify the removal as a response to hacking - but support of their business model does not give them the right to take back what they sold me.

0
+ -

Worse information leaks that happened:

2004 – Softbank – 4,500,000

2005 – Visa, Mastercard – 40,000,000

2006 – KDDI – 4,000,000 – AOL – 660,000

2009 – ALICO Japan – 130,000

2010 – AT&T 110,000

Now this: 2011 – SONY – 77,000,000 – Messe Sanoh – 1405.

Good thing I never used my credit card to buy ad-ons from PSN I always used pre paid cards, however I received a message from my e-mail that I had to reset my password for security reasons. I checked my personal data and other info from my e-mail... everything was fine, thats a relief.

If I remember there was a external party who warned to Sony about a security hole, this external party told them that they should fix this hole or they will have problems but Sony never listened and here the consequences.

Everybody says that this security problem is an Epic Fail, in my opnion is not Epic is a "Mythic Fail"

 

If  you want to know a littled bit more about the situation of PSN go here: http://psx-scene.com/forums/cmps_index.php

0
+ -

Bodego Jackson:
Everybody says that this security problem is an Epic Fail, in my opnion is not Epic is a "Mythic Fail"

If you want, you can call it a "Sony Failure".

0
+ -

There are 2 kinda of "hackers" that exist in the world today, the ones like GeoHot, who find workaround to add new features and cool little tricks to their products and then kind that is like those who most likely infiltrated the PSN Network, the malicious kind who seek to gain for themselves by stealing or harming others.

The allegations that Hotz could be involved in the PSN breach is ludicrous, doing such a thing would serve no purpose to him and goes against everything he stands for.

0
+ -

Honestly I can see if he added the feature it being a problem. But he didnt all he did was reenable a feature that came with the device when many people purchased it. While seemingly small deal friend had a choice inbetween a pc xbox or playstation. He needed to be able to go online for work but also needed to play games a good gaming pc was too spendy xbox didnt have the other os feature. So he spent the little money he had on a playstation.

It one of the extreme case but I mean what if netflix said ok since people are able to use netflix online to download movies. We are no longer offering this service and you will not receive any refunds or compensation.

Honestly hope for the worst for sony, aka getting asses sued off by credit card companys. Cause think about all the money lost if people start using those numbers. Or if credit cards and numbers and logins all have to be changed.

As for the allegations a matter that big not only was he tied up in trials I wouldnt be surprised in the least if his net activity was being monitored.

Login or Register to Comment
Post a Comment
Username:   Password: