Sony implicates Anonymous in PlayStation Network hack Forensics experts investigating the security breach on Sony's PlayStation Network found a file on one of the hacked systems that was titled “Anonymous” and contained the phrase “We are Legion,” the company's chairman told members of congress. The revelation, made in a letter, (PDF here) that Sony Chairman Kazuo Hirai sent on …
If it were at all possible Sony would have just gone down further in my estimation.
I don't for one minute think that Anon. had any connection with this. It's just not the way they work.
What is far more likely is that a criminal gang was already preparing for this attack, and found the Anon. DDOS a convenient smokescreen. Obviously they'd think of leaving a 'note' behind to muddy the waters further. One could argue they wouldn't be very {ahem} professional if they didn't!
In reality Sony is responsible for their own lax security - has a certain familiarity doesn't it?
Anonymous would never have done this.
Not only do they go for big targets in protection of the little guy (this attack was not against Sony but its user base) but the information stolen is bound to contain a vast number of anonymous supporters if not actual members.
The first thought I had on reading this is that it's a distraction by the real perpetrators but I wouldn't put it past Sony to have planted that message themselves.
I am reluctant to use the word "never" in this context. Whilst it would constitute a major change of direction for Anonymous to do this, Anonymous isn't an organisation with clearly defined structure. Unlikely as I think it is, it could be someone who thinks they are operating under the Anon banner who has missed the basic ethos of Anon.
Alternatively, this loathsome Sony bastard is trying to get Anon to do his work for him by giving them incentive to find the culprit - come to think of it, that actually sounds more plausible to me ...
Anonymous doesn't have an official registration list, the same case in any criminal organization. If I blow up my house and leave a note that says "al qaeda claims responsibility" does that make me a member of al qaeda? Does it make them responsible? Of course not.
If Anon "did this" it is the same case I outlined. Someone who claimed to be a member and has nothing to do with it. Anon could "never" do this because it is against their established platform. It'd be like al qaeda assassinating the president of Iran. It wouldn't make any sense.
If Anon did do it, there'd be no cause for alarm. Anon hacks things because they can (tm) and would not use or resell the personal information collected.
> I don't for one minute think that Anon. had any connection with this.
Yeah. Sure.
Anonymous is such a TRUSTWORTHY organization, right?
> What is far more likely is that a criminal gang was already preparing for
> this attack, and found the Anon. DDOS a convenient smokescreen.
> Obviously they'd think of leaving a 'note' behind to muddy the waters further.
> One could argue they wouldn't be very {ahem} professional if they didn't!
One could argue that you need to cut back on your drinking.
Look, Anonymous by their own admission is a criminal organization. They can't argue the "honor among thieves" plot because as a collective, it only takes one of them to decide to aim all their guns at one target, right? At best, this was a rogue member of Anon that decided to use their bot network to steal valuable data. At worst, Anon is tired of just being irritating and have decided that it's time to make some money off of innocent people. Look at any cracker network and you'll see that inevitably they abandon any "principles" that started them and eventually graduate into more malicious crimes. Anon is now getting greedy.
Sony, unpunished for a long series of CRIMES (rootkit, removal of porduct feature, sueing whitout legal ground, draconian ILLEGAL DRM etc...) got it just deserve. This incident will hopefully bring Sony down, as it is a OPENLY CRMINSAL CORPORATION that should have been shutdown after the rootkit fiasco.
Sony need to be sued for every single penny they have, it;s owner jailed and the company shutdown.
GAME OVER SONY
...hyperbole much? Come on - you don't shut down a massive company over a fiasco involving some extremely small percentage of its business. It's absurd.
And Sony may be a**holes, calling them openly crminsal... uhh... criminal... is just not true. A good chunk of their idiocy would be covered by civil or contract law, and the rest of the stuff that pisses people off is usually their *using* the law.
Sony's behavior has been contemptible, but rabid, nonsense tantrums serve only to lower the credibility of those rightly concerned about Sony's actions. There's a reason the term 'freetards' exists - people taking justified anger to unreasonable extremes.
You only hurt the cause when you fly off the handle. Please stop.
...I'm not sure where, or whether, that falls foul of actual criminal law. There was a warning (vague, albeit) about copy protection, and the software itself wasn't malware. I'm talking from a court's perspective, not the user's perspective - it wasn't a keylogger or a backdoor etc.
I'm actually curious where that falls in terms of legality. But the OP's assertion that Sony should be 'shut down' is utterly absurd, since the penalty for doing the same thing as an individual would at most be a few years in the lockup - particularly if it was for the purposes of content protection.
And, of course, the other parts are just laughable - removing a feature from a product is criminal now? Kinda funny how loud people are about having the right to add features to products they buy... but then do a 180 and claim the crime of the century has been committed if a manufacturer removes features from a product that it *makes*! Even if the feature had been explicitly promised in a EULA or service contract, violating the terms would be a civil issue, not a criminal one.
Oh well... talking to a wall and all that. A crazy wall. Made out of crazy bricks.
In crazyville.
"There was a warning (vague, albeit) about copy protection, and the software itself wasn't malware."
Err... define malware?
The Sony XCP software was apparently installed silently before a EULA was displayed, and the EULA didn't mention taht it installed hidden software. It then ate resources, caused bluescreens, put in measures that allowed processes to hide themselves and generally caused trouble. Then it prevented you format shifting music you had bought, except to a few (mostly Sony) devices.
Whether it's criminal depends on how you interpret the actions against various laws about using computers without permission, laws Sony are currently trying to bend as myuch as possible in their favour when it comes to people accessing their own playstations without Sony's permission...
sony shouldn't be shut down, they should be ignored and left to wither and die.
Let's get something straight because people do seem a bit dim in understanding this. The DRM/rootkit issue was solely down to SONY USA, not the Sony Corporation. Once it was discovered that the rootkit issue existed Sony Corporation shot down SONY USA and apparently set rules that with regards to things like this so it doesn't happen again.
Again, afaik, the servers that were hacked are in the USA and protected by Sony USA. If there was lacksadaisical security then the decisions were down to SONY USA - not the head office,
So, in conclusion - shutting down the whole corporation is an idiotic idea conceived by a moron.
And just to finish - while people go on about the poor security I think you are blurring the issue or are just trolling. The did have the items well secured but sometimes hackers are determined.
Finally, if anonymous's DDoS attack did take down one of the PSN servers then yes, they can be held responsible because they effectively kicked down the gate and opened the door. They may not have committed the robbery but they are a part of it.
Oh, and if Sony deserve to be shutdown then Microsoft deserve to be shutdown and all their employees, past and present, lined up against the wall and shot.
Actually it's more like taking advantage of an anti-globalisation riot to commit a bank robbery while the police are distracted. The rioters are to blame for any destruction they caused, but not for the robbery, although any sufficiently vindictive prosecutor would find some way to make a charge of aiding and abetting stick.
"Once it was discovered that the rootkit issue existed Sony Corporation shot down SONY USA and apparently set rules that with regards to things like this so it doesn't happen again."
Why did Sony Corporation need to do a single thing? According to your logic, Sony Corporation are not in the slightest bit responsible for "SONY USA" who are just a bunch of loose cannons acting on their own initiative.
In reality, Sony Corporation are responsible and have an ongoing responsibility to make sure that everyone in their worldwide organisation, subsidiaries and partners behave according to the law. They also have to make sure that compliance with the law is not an "after the fact" effort.
And to the person claiming that the whole business wasn't criminal, even in the US putting unadvertised snooping facilities onto people's systems probably gets you mixed up with surveillance-related legislation. Moreover, had an individual been responsible for this, they'd have been up before a judge in no time.
But then it's always been fashionable to advocate a soft touch for corporations, especially in America.
"Let's get something straight because people do seem a bit dim in understanding this. The DRM/rootkit issue was solely down to SONY USA, not the Sony Corporation. Once it was discovered that the rootkit issue existed Sony Corporation shot down SONY USA and apparently set rules that with regards to things like this so it doesn't happen again."
Well dude after I shot that guy in the head I totally stopped shooting people in the head and sold my gun and made sure I'll never guy a gun in the head... so... no harm no foul right?
"Finally, if anonymous's DDoS attack did take down one of the PSN servers then yes, they can be held responsible because they effectively kicked down the gate and opened the door. They may not have committed the robbery but they are a part of it."
The Sony rootkit kicked open the door of millions of computers, so therefore, by your logic, Sony is responsible for all current and future issues those computers have. I'm fine with that, a couple hundred billion should cover it.
...I actually had help start a slangin match between Sony and Philips and get a CD replaced.
A CD I bought many years ago had copy protection and refused to play in my (hi0-fi) CD recorder. So I contacted Philips.. I was then copied in a mail from Philips to Sony asking why this this was carrying the CD logo, when clearly it did not conform to the Red Book standard.
Apparently it turned out it was one of the early protected CD's and should not have had the logo on it.
Philips then got back to me to say to ask for a non copied protected version, or (had to laugh at this point) use the optical ports from another standard player and make a clone on the recorder for a perfect copy without the protection. It works for all protected material :-)
However this was at the time a blank disc knocked you back a tenner.
I took the CD back to HMV and got my money back. Not on principle, but because it was crap!
Another idiot that's fallen for the internet myth of the Sony Rootkit.
A rootkit needs to give root access AND cover it's tracks. The "rootkit" never gave root access, it installed a copy protection system and covered it's tracks.
Immoral, yes, illegal no, malicious, no.
Still why let facts get in the way of a great internet myth.
This place is hilarious these days, all the children that glean their only knowledge from Wikipedia and Xbox Forums....
You can think what you like about the legitimacy or otherwise of the Sony Rootkit based on the questionable idea that those who installed it on their computers consented to this. (If anyone infected didn't authorise access, then this was technically a UK Computer Misuse Act section 3 offence.) Regardless of your opinion, when push came to shove the Windows Antivirus vendors were forced to respect their customers interests in having spyware which compromised system security and allowed other malware to infect systems removed. I imagine the reason the AV vendors didn't designate the Sony rootkit as malware immediately and took some time to do this, is that they had to understand what it did and also had to overcome any fear of potential libel/slander action by Sony, in relation to this decision so to designate. The fact they eventually designated the rootkit as malware in their search engines disproves your assertion this software was non-malicious, whatever the motivations behind the misguided arrogance of Sony executives who commissioned the design and distribution of this software.
This road to hell is paved with good intentions: http://freedom-to-tinker.com/blog/felten/sony-first4-knew-about-rootkit-issue-advance
You might also want to check Dan Kaminsky's research into the DNS behaviour of infected computers: http://en.wikipedia.org/wiki/Dan_Kaminsky#Sony_Rootkit .
Immoral, yes. Illegal, YES. malicious, YES. Rootkit? That would depend on what level of access it used to do what it did. I would suspect that it grabbed admin level permissions from itself, but I can't say that for sure. If that is, in fact, what it did then it could legitimately be called a rootkit.
Now let me explain. It was illegal because it installed with niether the consent nor the knowledge of the owner of the computer. It was malicious because it caused damage to the system. Their intentions may not have been malicious, but the end result most definately was.
This post has been deleted by its author
It's perfectly possible that the perpetrator is a "member" of Anonymous, but so what? We don't know who they are, because they themselves don't know. There's evidence that some pretty clever hackers sometimes contribute to their campaigns, and I suspect most members of Anon would consider Sony to be fair game, after the DRM fiasco.
It's also notable that, according to Sony, the attackers weren't interested in the credit card data. That does fit the modus operandi of Anon.
In any case, a file called "anonymous" containaining "we are legion" proves nothing except that the perpetrators know about Anonymous. And what net-savvy person doesn't?
According to Sony they are squeaky clean.
That's just bollocks though, they have been very reticent in providing information, reluctant to tell users they had been hacked, slow in making announcements (apart from 'it was the nasty boys from next door wot done it') and extremely cagey about what was done and when.
According to Sony they have the interests of thier users at heart - and that's really big, huge, enormous, Buster Gonads-sized bollcks in a wheelbarrow.
"according to Sony, the attackers weren't interested in the credit card data."
Yeah, right, Sony have been so late with info that many people now believe the opposite is true, there has been more than one attack that we know of and that info has been reluctantly dragged out of Sony.
Had we noticed the net was dangerous, yes, we would have reacted more proactively. Now, please, accept one month's free subscription to a network capable of compromising a lifetime's worth of credit rating.
Stop hitting yourself. Stop hitting yourself.
The problem with Sony's contention of Anonymous' culpability is that Anonymous is actually pretty inept; witness their Low Orbit Ion Cannon applet, which has an auto-aim feature that aims it at the users' own foot. Have they ever done anything that is above the capability of a 12-year-old?
"They" don't exist. Anonymous is about as much of a "collective" as our "Anonymous Coward" is. If someone claims that they are part of "Anonymous", we shouldn't jump to the conclusion that an entire coalition of supporters is backing their every move! They are just one person, hiding behind an ambiguous screen name. Hardly part of a collective.
Maybe if Sony hadn't pissed of so many of its clients world wide, by deciding that just because they bought a Play Station that didn't mean they actually now own it. Perhaps Sony wouldn't be in quite so much shit as it is today!
Modifying equipment you own, anyway you may chose, is not in itself illegal. While modifying other peoples computer software without telling them, when they install a Sony DVD player is!!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
