Sony’s Chairman and CEO, Sir Howard Stringer, has released a letter to PlayStation Network users; read it after the jump. (Me, I would have edited out the “even” in the bit about making the network’s “defenses even stronger.”)
Technologizer posts about Security
Daring Fireball’s John Gruber did some research on Mac malware that I wish I’d been clever enough to conduct.
If I have this straight, Sony says that “Anonymous” isn’t behind the PlayStation Network security breach–but by launching a denial-of-service attack on the company, it helped set the stage for the breach.
How to Tell Me You Let Somebody Steal My Personal Information
I’ve been getting a lot of urgent messages from major companies I do business with lately. Urgent messages telling me that information I gave them has been stolen by unknown parties.
Yup, I’m not only a PlayStation Network member–and therefore a victim of the current Sony security breach–but also a customer of at least three companies (Marriott, TiVo, and 1-800-Flowers) who were involved in the recent data theft from marketing company Epsilon. I wrote about this for my new TIME.com Technologizer column, But after reading all this correspondence, I have some advice for the corporate entities who send these e-mails. (I care about this stuff in part because I have the uneasy feeling I’m going to be getting a lot more of these messages in the future.)
Read more:
Geohot Chimes In
By Harry McCracken | Posted at 10:28 pm on Thursday, April 28, 2011
Comments Off
George Hotz–the PS3-jailbreaking hacker whose Sony-instigated legal woes probably had something to do with the PlayStation Network security attack–has blogged about the breach. He’s not happy with it, isn’t sympathetic to Sony’s plight, and (like me) wonders how it was done.
Read more:
My new TIME.com Technologizer column is on the PlayStation Network and Epsilon leaks, and a few things we consumers can do to help defend ourselves from anything too nasty happening as a result of this kind of stuff.
Sony Disables PlayStation Network After Security Breach
By Dave Z | Posted at 10:46 am on Saturday, April 23, 2011
Sites and services go down all the time. Just ask Amazon. And all their customers. But they weren’t the only ones to suffer a massive outage this week, as Sony’s PlayStation Network (PSN) has been offline for several days now. After a long period of silence, Sony has finally provided some situational insight:
An external intrusion on our system has affected our PlayStation Network and Qriocity services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th.
Of course what they’re saying is that they’ve been hacked. And until Sony figures out what’s going on and how to stop it, they’ve pulled the network plug. So the forensics team has probably been doing their thing, maybe law enforcement too, as the engineers bolster PlayStation Network defenses.
Unfortunately, Sony hasn’t provided an ETA for PSN service restoration. And I know several of my work buddies with PS3s are suffering from Call of Duty, Black Ops withdrawal. But I’m not sure they appreciated my repeated mocking suggestions to join me on the superior Xbox Live.
(This post republished from Zatz Not Funny.)
Read more:
Your iPhone Logs Where You’ve Been. Why?
By Harry McCracken | Posted at 8:43 am on Wednesday, April 20, 2011
Where have you been lately? If you’ve got an iPhone or a 3G iPad, it knows. And two researchers have discovered that these devices store a record of your locations in an unencrypted file that gets backed up to your computer.
The researchers says that the information seems to be based on cell-phone tower triangulation, not GPS. They’re going to discuss what they’ve found at today’s Where 2.0 conference in Santa Clara, California. They’ve also released an open-source Mac application that maps out information from the file. That’s data for the iPad 2 I’ve been using at right, correctly showing that it’s been all around the Bay Area and also visited Austin, Texas.
Read more:
Companies Hacked: Track E-Mail and Avoid Spam
By Steve Bass | Posted at 3:54 pm on Friday, April 8, 2011
Another hack attack: The bad guys gained access to the database that stores customers’ names and e-mail addresses for Capital One, JPMorgan, Brookstone, BestBuy, TiVo, Walgreens, Kroger, and a long list of others.
The breach occurred through Epsilon, the firm each of the companies used to manage their e-mail communication with customers.
Chances are good that if you’ve corresponded with any of the companies, you’ll see phishing e-mails in your inbox. They’ll likely be messages for you to confirm a recent order, or reconfirm or update a credit card.
Read more:
I’m Getting E-Mails From Epsilon’s Clients. Are You?
By Harry McCracken | Posted at 11:09 am on Tuesday, April 5, 2011
On Friday, marketing company Epsilon announced that an unknown third party had broken into its e-mail system and gained access to the names and e-mail addresses of some of the companies which Epsilon performs services for. And so, over the past few days, Epsilon clients have been sending e-mail to their customers alerting them to the breach and its potential consequences.
Read more:
If you’re concerned with somebody hacking into your tweets, Twitter has just enabled an “always on” secure connection feature, according to a post on the company blog Tuesday. The feature can be enabled by checking the “Always Use HTTPS” check box in settings. This follows a similar move by Facebook in January.
It’s Time for Google to Rethink the Android Market
By Ed Oswald | Posted at 8:38 am on Friday, March 4, 2011
Does Android have a malware problem? After news earlier this week about Google removing 21 apps from the Android market earlier this week due to the discovery of a Trojan horse, it ‘s now being reported that as many as 50 or more apps in total have now gotten the axe.
While Android malware is nothing new, this apparently marks the first time that the problem has occurred on a larger scale. At least three different developers (if you want to call them that, since they were all basically malware pushers), have now used the same Trojan. There could be more.
Read more:
Having trouble getting Technologizer to load this morning? Us too. Our hosting platform, WordPress.com, has been the subject of a massive DDoS attack by an unknown party.
Unique Android feature: When you send a text message, it seems that it may deliver it to the wrong person.
I really hope the outrage over the TSA’s new scanners and frisking policies–and, just as important, investigative reporting like this–continues until the government has no choice but to make changes.
Make Yourself Invisible to Wi-Fi Hackers
By Steve Bass | Posted at 9:11 am on Wednesday, November 10, 2010
You’re at Starbucks, busy working on your Facebook page. Bad news: The guy at the next table is a hacker, and he’s also working on your Facebook page. Sit tight, I have a few ways for you to make yourself invisible to hackers.
One Very Serious Threat
There’s a pervasive, serious Facebook and Twitter exploit that leaves you wide open to any and every hacker who can download a simple-to-use, free tool called Firesheep. It’s a threat if you’re using an unsecured, public Wi-Fi network, typically available at an Internet cafe, airport, hotel, or RV campground.
Last week TechBite paid subscribers got the first dispatch about this in the Extra newsletter; here’s a more detailed version.
Continue reading this story…
Read more:
 |
By Harry McCracken | Posted at 3:53 pm on Friday, April 29, 2011
2 Comments