Thursday, May 5, 2011

77 MILLION PSN Accounts Compromised

Sony announced today that the group "Anonymous" is responsible for the compromise of 77 million PSN user accounts. Sony's Kaz Hirai has been forwarding documents to US congress about what happened. And that is the problem, Sony still has no idea what was stolen from account holders. The server contained 12.3 million credit card numbers, 5.6 million from US accounts. During the investigation, Sony techs found a file titled "Anonymous" which when opened said "We are Legion".
Anonymous has apparently responded saying it "has never been known to have engaged in credit card theft."

More updates to come.

Wednesday, May 4, 2011

How The Playstation Network Got Pwned

January 11, 2011. Sony sues George “GeoHot” Hotz and others for jailbreaking, or circumventing the security sytsetm of the PlayStation 3.

January 27, 2011. Sony asks for a temporary restraining order stopping Hotz from further distributing the jailbreak tools to users, who can download them and break the security on their machines so they can run unauthorized software.

February 12, 2011. Hotz posts on rap video on his YouTube page explaining his side of the case. (It now has 1.8 million views).

February 19, 2011. Hotz starts a blog about the lawsuit.

March 6, 2011. Court approves Sony request to access all the internet protocol addresses of the people who visited GeoHot’s blog to download the jailbreaking tools.

March 23, 2011. Sony claims that Hotz has fled to South America and destroyed evidence. That turns out not to be true, according to Hotz’s attorney.

April 3, 2011. Hacktivist group Anonymous launches a cyber attack against various Sony web sites in an operation called #OpSony in retaliation for Sony’s pursuit of George “GEoHot” Hotz and Graf_Chokolo.

April 11, 2011. Sony settles the PS 3 jailbreaking case with Hotz. Anonymous says it will continue with boycott of Sony on April 16.

April 19, 2011, 4:15 pm Pacific time. Members of the Sony Computer Entertainment network team detected unauthorized activity in the PlayStation Network system in San Diego, Calif. Certain systems were rebooting when they were not scheduled to do so. The network service team started reviewing the logs from the system to see what was wrong. It took four servers offline.

April 20, 2011, early afternoon. Sony’s team discovered evidence that an unauthorized intrusion had occurred and that data of some kind had been transferred off the PSN servers without authorization. Six more servers are found to have been possibly compromised. Sony hires a forensic investigation team that afternoon. That team begins to “mirror” Sony’s systems, a meticulous process.

The team couldn’t determine what had been taken and so they shut the network system down. At that point, the 77 million registered users of the network couldn’t play online games, access their accounts, or purchase movies and other entertainment on the network. Sony’s experts have to delve through 130 servers and 50 programs.

April 21, 2011. Sony hired a second computer security and forensic consulting firm to provide more manpower.

April 22, 2011. The forensics team completes the mirroring of nine of ten servers that were believed to be compromised. Sony Computer Entertainment’s general counsel provided the FBI with information about the intrustion. Sony’s forensics team had not reached any conclusions at that point.

April 23, 2011. Sony’s forensics teams confirm that very sophisticated and aggressive techniques were used to obtain access, hide their presence from system administrators, and steadily escalate their privileges inside the servers. The intruders deleted log files to hide thier work. Sony now realized it needed yet another forensic team to help.

April 25, 2011. The forensics teams determined the scope of the personal data that had been stolen from all PSN and Qriocity service accounts, but the team did not know if credit card numbers had been accessed.

April 26, 2011. Sony provides public notice about the intrusion. It also notifies regulatory authorities in a variety of states about the criminal intrusion.

April 28, 2011. Hotz denies any involvement in PSN attack.

April 30, 2011. Sony’s No. 2 executive, Kazuo Hirai, apologizes to Sony’s customers and holds the first public press conference about the attack. He says the PSN should be up within a week and that Sony has beefed up its security.

April 29, 2011. House of Representatives subcommittee asks for more information on the attack as it considers legislation to require companies to notify consumers in case of data theft.

May 1, 2011. Sony finds new evidence that hackers broke into the servers of Sony Online Entertainment, the PC online gaming division of the company which runs online games such as Free Realms and EverQuest. Sony discovers a file that says “Anonymous,” “We are legion.” That’s the slogan for the hacktivist group.

May 2, 2011. Sony says it will explain what happened to Congress but won’t testify yet.

May 4, 2011. Sony sends letter to Congress answering questions.



As an Xbox fan i rejoice.

Grieves: Together/Apart

Grieves will soon be dropping his third full length album, and his first full length on Rhymesayers Entertainment. He will be performing at Soundset this year, give him a listen. Beautiful stuff. Here is a sample of whats to come:

Soundset 2011!

I dont know if you all are into indie hip hop at all, but if you are, and you live within driving distance of Minnesota; i suggest you go to Soundset this year. As always, Atmosphere will be headlining the festival. Last year they had Method Man and Redman, this year they got Big Boi to perform before Atmos. This year is gonna kick ass, hopefully it doesnt rain like it did last year. I got my VIP tickets, do you?

Even more details on the OBL photos – The 1600 Report - CNN.com Blogs

Even more details on the OBL photos – The 1600 Report - CNN.com Blogs

Hey yall!

Kinda new at this whole blogging thing, but ill take a crack at it.

First things first; opinions on the Bin Laden death. Real? Fake? Coverup? I read on Yahoo! news that the government will be releasing photos as proof.