Either way from here and elsewhere I'm seeing scattered reports of stuff related to peoples emails being abused to send out email traps already and other lower grade stupid crap. The odds of coincidence are highly unlikely due to it all.
ETA: This isn't the doing of those anon kids. You don't just fall into hacking a database like Sony's, like they do and their site pinging.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
ETA: This isn't the doing of those anon kids. You don't just fall into hacking a database like Sony's, like they do and their site pinging.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
Which is probably what they're using my credit card to fund.
I don't know any kids that could hack a huge database by Sony. This isn't anon, it's not related at all, if you know that anon isn't that big of threat you'd put 2+2 together. This is a completely different attack not related to the Other OS stuff that's going around right now. This is just somebody wanting to steal information. They did this to Nintendo and the Wii, and it wasn't because of Homebrew blockading!
ETA: This isn't the doing of those anon kids. You don't just fall into hacking a database like Sony's, like they do and their site pinging.
This is exactly right. Much as I'd like to wave my pitchfork and torch at Anon, this was something far more sophisticated than they would try to pull off. This goes beyond "Doing it for the lulz". I do think the hackers took the opportunity to perpetrate the hack when they did, because Anon brought attention to themselves and declared war on Sony, so that they could use Anon as a scapegoat but I really doubt that Anonymous was actually behind it.
Why does everyone talk about "anon" like it's a real group? It's just some moron(s?) who take credit for stuff. We could easily see something saying "now you know what it's like messing with anon Sony" or whatever and it would mean nothing like always.
There's more than one degenerate user over at 4chan, and they all call themselves Anonymous. Sounds like a group to me. Maybe not a very cohesive one and one that's pretty much comprised of 13 year old trolls, but a group nonetheless.
I don't know any kids that could hack a huge database by Sony. This isn't anon, it's not related at all, if you know that anon isn't that big of threat you'd put 2+2 together. This is a completely different attack not related to the Other OS stuff that's going around right now. This is just somebody wanting to steal information. They did this to Nintendo and the Wii, and it wasn't because of Homebrew blockading!
ETA: This isn't the doing of those anon kids. You don't just fall into hacking a database like Sony's, like they do and their site pinging.
This is exactly right. Much as I'd like to wave my pitchfork and torch at Anon, this was something far more sophisticated than they would try to pull off. This goes beyond "Doing it for the lulz". I do think the hackers took the opportunity to perpetrate the hack when they did, because Anon brought attention to themselves and declared war on Sony, so that they could use Anon as a scapegoat but I really doubt that Anonymous was actually behind it.
Why does everyone talk about "anon" like it's a real group? It's just some moron(s?) who take credit for stuff. We could easily see something saying "now you know what it's like messing with anon Sony" or whatever and it would mean nothing like always.
There's more than one degenerate user over at 4chan, and they all call themselves Anonymous. Sounds like a group to me. Maybe not a very cohesive one and one that's pretty much comprised of 13 year old trolls, but a group nonetheless.
I guess. A little group of note writers claiming or to be responsible for things they aren't to feel important maybe. Not sure why anyone thinks the notes are true and there is some actual largish group with organization or who share an agenda instead of just some note writers.
Also people that argue about which system is better and all that shit has no life, people should just buy what they want and leave it at that. I have a 360 and no ps3 but i know the ps3 has its pros over the xbox its just not for me.
THANK YOU. Damn, I feel the same way, fanboys are just plain ignorant. Both systems have pros and cons, and it ultimately comes down to personal preference for which is "better".
On topic, I never use PS Network, it doesn't really bother me. If it were Xbox Live, you know, with the Gears of War 3 beta being out and everything, then that would be different.
ETA: This isn't the doing of those anon kids. You don't just fall into hacking a database like Sony's, like they do and their site pinging.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
ETA: This isn't the doing of those anon kids. You don't just fall into hacking a database like Sony's, like they do and their site pinging.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
LOL. Yeah, there's no such thing as a smart kid with too much time on their hands... sheesh.
Kids always lead the way in technology. They absorb that like a sponge. All you need to do is hang out on warez sites, makes connections, download programs and they're more capable of what you think.
You don't even need to worry about a movie, just look through history and find news publications about hackers who've been caught. I'm sure the average age is less than 20, it's just how it works.
"Professionals" with extensive backgrounds in networking and security are going to go get a $60-$100k job doing legal activities rather than attempt to hack a big corporation just for fun and notoriety. Juveniles have nothing to lose.
ETA: This isn't the doing of those anon kids. You don't just fall into hacking a database like Sony's, like they do and their site pinging.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
I think this qualifies for a *facepalm*...
He was obviously joking. "Hackers" was one of the most ridiculous Hollywood misrepresentations of all time.
ETA: This isn't the doing of those anon kids. You don't just fall into hacking a database like Sony's, like they do and their site pinging.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
I think this qualifies for a *facepalm*...
He was obviously joking. "Hackers" was one of the most ridiculous Hollywood misrepresentations of all time.
ETA: This isn't the doing of those anon kids. You don't just fall into hacking a database like Sony's, like they do and their site pinging.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
I think this qualifies for a *facepalm*...
He was obviously joking. "Hackers" was one of the most ridiculous Hollywood misrepresentations of all time.
I'm not sure why people get all uppity about Hackers. I don't think it was supposed to be a documentary It's sci-fi.. no one complains that star wars was a "misrepresentation".
ETA: This isn't the doing of those anon kids. You don't just fall into hacking a database like Sony's, like they do and their site pinging.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
I think this qualifies for a *facepalm*...
He was obviously joking. "Hackers" was one of the most ridiculous Hollywood misrepresentations of all time.
I'm not sure why people get all uppity about Hackers. I don't think it was supposed to be a documentary It's sci-fi.. no one complains that star wars was a "misrepresentation".
That's because Star Wars is more realistic than Hackers...
I'm not sure why people get all uppity about Hackers. I don't think it was supposed to be a documentary It's sci-fi.. no one complains that star wars was a "misrepresentation".
That's because Star Wars is more realistic than Hackers...
So what if it was? It's a fiction story. It's supposed to be entertaining not educational. Angelina flashed her boob in it, what more could you ask for!
That's because Star Wars is more realistic than Hackers...
So what if it was? It's a fiction story. It's supposed to be entertaining not educational. Angelina flashed her boob in it, what more could you ask for!
Hah.
Well, I don't think anybody was complaining about "Hackers" anyway. I was just stating a fact, regarding its ridiculousness, to point out that Mr Clutch was obviously joking when he suggested it showed what kids were capable of.
I knew that it was a joke, I just wanted to make sure somebody else didn't take it as truth, so I denounced it with some obvious points. But apparently it didn't work...
And Jonebone, this is a WHOLE different millennium. In the 80's and very early 90's, computer hacking was a lot easier because they all had simpler OS's that could be decompiled, studied, rewritten, and put back into place. But when OS's got more complex and harder to understand to outsiders and used more advanced processors, [68030/386, anyone?] it became more than a kids job to hack a computer. My dad and his friends [Mainly his friends] added an assembler, programmer, 64K mode on boot up, and some more functions to their Microsoft basic on the color computer back in the day to break and copy games. All without any documents of how it worked or anything. It was easier and simpler back then, which made it possible. But in todays world, as being a great programmer for even my age, I'd say impossible. Even I wouldn't have any idea where to start hacking an OS, let alone a network or network of encrypted databases. I just don't see it being possible.
But in todays world, as being a great programmer for even my age, I'd say impossible. Even I wouldn't have any idea where to start hacking an OS, let alone a network or network of encrypted databases. I just don't see it being possible.
There are legions of Chinese cyber warfare hackers who are encouraged to experiment and figure out new vulnerabilities and exploits, without rigorous formal training. Most of them are "just kids" in an internet cafe whose internationally illegal actions are condoned by their government.
It doesn't neccessarily have to difficult or technical at all. It can be as simple as fooling the right sucker who has more access than they should into giving up their account info.
It doesn't neccessarily have to difficult or technical at all. It can be as simple as fooling the right sucker who has more access than they should into giving up their account info.
Well, that's the legions of Chinese cyber warriors who do Google searches for people connected to sensitive information, all day, every day.
Then they send a guy to talk to you at a technical conference or industry convention, and threaten you with photos showing how close they can get to your family if you don't comply.
But how do you do that to a database run by corporation? You don't. Do you understand?
And yeah, that's different. That's just getting somebody to click "Run this program" from a download you don't know what it is. [Or are misleaded] And sadly, people do fall for that crap.
But how do you do that to a database run by corporation? You don't. Do you understand?
And yeah, that's different. That's just getting somebody to click "Run this program" from a download you don't know what it is. [Or are misleaded] And sadly, people do fall for that crap.
Social engineering attacks get way more complicated and intrusive than duping somebody into running malicious software. And compelling a corporate IT guy into somehow allowing access is certainly doable. You just have to put pressure in the right spots.
But that's not what happened in Sony's case, anyway, so it's kind of irrelevant to the thread.
But how do you do that to a database run by corporation? You don't. Do you understand?
And yeah, that's different. That's just getting somebody to click "Run this program" from a download you don't know what it is. [Or are misleaded] And sadly, people do fall for that crap.
Social engineering attacks get way more complicated and intrusive than duping somebody into running malicious software. And compelling a corporate IT guy into somehow allowing access is certainly doable. You just have to put pressure in the right spots.
But that's not what happened in Sony's case, anyway, so it's kind of irrelevant to the thread.
I've never heard of a virus getting into a server via IT people.....I mean....it makes no sense. What are you citing your words from? Please share!
But how do you do that to a database run by corporation? You don't. Do you understand?
And yeah, that's different. That's just getting somebody to click "Run this program" from a download you don't know what it is. [Or are misleaded] And sadly, people do fall for that crap.
Social engineering attacks get way more complicated and intrusive than duping somebody into running malicious software. And compelling a corporate IT guy into somehow allowing access is certainly doable. You just have to put pressure in the right spots.
But that's not what happened in Sony's case, anyway, so it's kind of irrelevant to the thread.
I've never heard of a virus getting into a server via IT people.....I mean....it makes no sense. What are you citing your words from? Please share!
I'm not talking about viruses.
But if you want an example of viruses getting deployed via IT people, you need look no further than how we took out Iraq's missile defense network in the first Gulf War.
The social engineering attacks I'm talking about tend to involve very advanced phishing methods (capable of deceiving even savvy IT guys), or more direct approaches of corporate espionage.
For the direct approach, you just need to dig up dirt on the guy with the most access and the worst finances. Or the guy with the drag fetish. Or the guy who's latchkey kids are unattended for 3 or 4 hours every day before the parents get home.
Then you turn the screws.
But you don't do this kind of thing for something petty like Sony's PSN or stealing credit card numbers. This is more along the lines of how you steal defense secrets.
This may sound like ridiculous James Bond stuff, but it definitely happens exactly how I described it.
^ Sorry, I didn't realize there was info about the methodology used to gain access and such. Anyway, just an example.
Well, in premise, Sony's system should be set up in such a way that all of the stolen information was encrypted and protected in a fashion that prevents even the high-up IT guys from digging through it.
So the only way to get it would be to break their encryption by exploiting some previously ignored weakness.
But how would you get a virus to an IT's computer, and have it be on the right system you want to hack? Because I'm pretty sure each database and server they have each has different methods of protection. How do you get your software to steal their database information on to their computers via misleading them?
But how would you get a virus to an IT's computer, and have it be on the right system you want to hack? Because I'm pretty sure each database and server they have each has different methods of protection. How do you get your software to steal their database information on to their computers via misleading them?
I think you're misreading what I wrote. If you're doing a pure social engineering attack, in the sense I'm describing, it has nothing to do with the attacker writing any kind of software. It has to do with duping some schmuck into giving you the keys to the kingdom.
IF we were talking about a piece of malicious code that some patsy was going to install for your, you take the Gulf War approach of infected firmware that's tailor-made for whatever you're doing. That approach can take A LOT of patience, because unless you have guys on the inside to sabotage equipment, you have to wait for equipment to fail and require replacement or repair. That way, you only need guys to infiltrate the supplier of the secure facility, rather than the secure facility, itself.
^ Sorry, I didn't realize there was info about the methodology used to gain access and such. Anyway, just an example.
Well, in premise, Sony's system should be set up in such a way that all of the stolen information was encrypted and protected in a fashion that prevents even the high-up IT guys from digging through it.
So the only way to get it would be to break their encryption by exploiting some previously ignored weakness.
From what I heard (read on techdirt I think), the fact that this info was stored in plain text is one of the big items in their negligence lawsuit.
Yeah, possibly I am misunderstanding you. You're saying they're tracking peoples data into the server, niot the database I think. But as I have been reading, there was a security breach of the database of the PSN, and all the information [or lots of it] had been stolen.
And I'm sure it's encrypted. But what's encryption when they know how to unencrypt it.
^ Sorry, I didn't realize there was info about the methodology used to gain access and such. Anyway, just an example.
Well, in premise, Sony's system should be set up in such a way that all of the stolen information was encrypted and protected in a fashion that prevents even the high-up IT guys from digging through it.
So the only way to get it would be to break their encryption by exploiting some previously ignored weakness.
From what I heard (read on techdirt I think), the fact that this info was stored in plain text is one of the big items in their negligence lawsuit.
Well, that would clearly be a no-no.
Your bank's website, for instance, stores your log-in in a fully encrypted way where nobody is capable of recovering it (in theory). They have an external token to reset the log-in, so that can be exploited, but the log-in itself is "secure".
When you use credit cards with your cable bill, cellphone, etc, they're supposed to do the same sort of thing, where some encryption key is associated with your credentials and locks everything else down.
Comments
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
Which is probably what they're using my credit card to fund.
I don't know any kids that could hack a huge database by Sony. This isn't anon, it's not related at all, if you know that anon isn't that big of threat you'd put 2+2 together. This is a completely different attack not related to the Other OS stuff that's going around right now. This is just somebody wanting to steal information. They did this to Nintendo and the Wii, and it wasn't because of Homebrew blockading!
This is exactly right. Much as I'd like to wave my pitchfork and torch at Anon, this was something far more sophisticated than they would try to pull off. This goes beyond "Doing it for the lulz". I do think the hackers took the opportunity to perpetrate the hack when they did, because Anon brought attention to themselves and declared war on Sony, so that they could use Anon as a scapegoat but I really doubt that Anonymous was actually behind it.
Why does everyone talk about "anon" like it's a real group? It's just some moron(s?) who take credit for stuff. We could easily see something saying "now you know what it's like messing with anon Sony" or whatever and it would mean nothing like always.
There's more than one degenerate user over at 4chan, and they all call themselves Anonymous. Sounds like a group to me. Maybe not a very cohesive one and one that's pretty much comprised of 13 year old trolls, but a group nonetheless.
I don't know any kids that could hack a huge database by Sony. This isn't anon, it's not related at all, if you know that anon isn't that big of threat you'd put 2+2 together. This is a completely different attack not related to the Other OS stuff that's going around right now. This is just somebody wanting to steal information. They did this to Nintendo and the Wii, and it wasn't because of Homebrew blockading!
This is exactly right. Much as I'd like to wave my pitchfork and torch at Anon, this was something far more sophisticated than they would try to pull off. This goes beyond "Doing it for the lulz". I do think the hackers took the opportunity to perpetrate the hack when they did, because Anon brought attention to themselves and declared war on Sony, so that they could use Anon as a scapegoat but I really doubt that Anonymous was actually behind it.
Why does everyone talk about "anon" like it's a real group? It's just some moron(s?) who take credit for stuff. We could easily see something saying "now you know what it's like messing with anon Sony" or whatever and it would mean nothing like always.
There's more than one degenerate user over at 4chan, and they all call themselves Anonymous. Sounds like a group to me. Maybe not a very cohesive one and one that's pretty much comprised of 13 year old trolls, but a group nonetheless.
I guess. A little group of note writers claiming or to be responsible for things they aren't to feel important maybe. Not sure why anyone thinks the notes are true and there is some actual largish group with organization or who share an agenda instead of just some note writers.
Also people that argue about which system is better and all that shit has no life, people should just buy what they want and leave it at that. I have a 360 and no ps3 but i know the ps3 has its pros over the xbox its just not for me.
THANK YOU. Damn, I feel the same way, fanboys are just plain ignorant. Both systems have pros and cons, and it ultimately comes down to personal preference for which is "better".
On topic, I never use PS Network, it doesn't really bother me. If it were Xbox Live, you know, with the Gears of War 3 beta being out and everything, then that would be different.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
LOL. Yeah, there's no such thing as a smart kid with too much time on their hands... sheesh.
Kids always lead the way in technology. They absorb that like a sponge. All you need to do is hang out on warez sites, makes connections, download programs and they're more capable of what you think.
You don't even need to worry about a movie, just look through history and find news publications about hackers who've been caught. I'm sure the average age is less than 20, it's just how it works.
"Professionals" with extensive backgrounds in networking and security are going to go get a $60-$100k job doing legal activities rather than attempt to hack a big corporation just for fun and notoriety. Juveniles have nothing to lose.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
I think this qualifies for a *facepalm*...
He was obviously joking. "Hackers" was one of the most ridiculous Hollywood misrepresentations of all time.
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
I think this qualifies for a *facepalm*...
He was obviously joking. "Hackers" was one of the most ridiculous Hollywood misrepresentations of all time.
Ding Ding Ding. We have a winner!
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
I think this qualifies for a *facepalm*...
He was obviously joking. "Hackers" was one of the most ridiculous Hollywood misrepresentations of all time.
I'm not sure why people get all uppity about Hackers. I don't think it was supposed to be a documentary It's sci-fi.. no one complains that star wars was a "misrepresentation".
Are you kidding me? Havent you even seen the movie "Hackers"??? Those kids could could not only steal your credit card, they could hack into a virtual reality style database and make you deceased!
So a movie is now being used to show kids can hack stuff? That was back in a simpler day, where hacking a LAN network and other computers was easy if you know how it worked and put the time in. Not today. Heck, that movie was pretty close to being out before the internet its self. When you throw in the advancements in networking and network protection, you have to be a professional to get halfway to any data today.
I think this qualifies for a *facepalm*...
He was obviously joking. "Hackers" was one of the most ridiculous Hollywood misrepresentations of all time.
I'm not sure why people get all uppity about Hackers. I don't think it was supposed to be a documentary It's sci-fi.. no one complains that star wars was a "misrepresentation".
That's because Star Wars is more realistic than Hackers...
I'm not sure why people get all uppity about Hackers. I don't think it was supposed to be a documentary It's sci-fi.. no one complains that star wars was a "misrepresentation".
That's because Star Wars is more realistic than Hackers...
So what if it was? It's a fiction story. It's supposed to be entertaining not educational. Angelina flashed her boob in it, what more could you ask for!
That's because Star Wars is more realistic than Hackers...
So what if it was? It's a fiction story. It's supposed to be entertaining not educational. Angelina flashed her boob in it, what more could you ask for!
Hah.
Well, I don't think anybody was complaining about "Hackers" anyway. I was just stating a fact, regarding its ridiculousness, to point out that Mr Clutch was obviously joking when he suggested it showed what kids were capable of.
And Jonebone, this is a WHOLE different millennium. In the 80's and very early 90's, computer hacking was a lot easier because they all had simpler OS's that could be decompiled, studied, rewritten, and put back into place. But when OS's got more complex and harder to understand to outsiders and used more advanced processors, [68030/386, anyone?] it became more than a kids job to hack a computer. My dad and his friends [Mainly his friends] added an assembler, programmer, 64K mode on boot up, and some more functions to their Microsoft basic on the color computer back in the day to break and copy games. All without any documents of how it worked or anything. It was easier and simpler back then, which made it possible. But in todays world, as being a great programmer for even my age, I'd say impossible. Even I wouldn't have any idea where to start hacking an OS, let alone a network or network of encrypted databases. I just don't see it being possible.
But in todays world, as being a great programmer for even my age, I'd say impossible. Even I wouldn't have any idea where to start hacking an OS, let alone a network or network of encrypted databases. I just don't see it being possible.
There are legions of Chinese cyber warfare hackers who are encouraged to experiment and figure out new vulnerabilities and exploits, without rigorous formal training. Most of them are "just kids" in an internet cafe whose internationally illegal actions are condoned by their government.
It doesn't neccessarily have to difficult or technical at all. It can be as simple as fooling the right sucker who has more access than they should into giving up their account info.
Well, that's the legions of Chinese cyber warriors who do Google searches for people connected to sensitive information, all day, every day.
Then they send a guy to talk to you at a technical conference or industry convention, and threaten you with photos showing how close they can get to your family if you don't comply.
And yeah, that's different. That's just getting somebody to click "Run this program" from a download you don't know what it is. [Or are misleaded] And sadly, people do fall for that crap.
But how do you do that to a database run by corporation? You don't. Do you understand?
And yeah, that's different. That's just getting somebody to click "Run this program" from a download you don't know what it is. [Or are misleaded] And sadly, people do fall for that crap.
Social engineering attacks get way more complicated and intrusive than duping somebody into running malicious software. And compelling a corporate IT guy into somehow allowing access is certainly doable. You just have to put pressure in the right spots.
But that's not what happened in Sony's case, anyway, so it's kind of irrelevant to the thread.
But how do you do that to a database run by corporation? You don't. Do you understand?
And yeah, that's different. That's just getting somebody to click "Run this program" from a download you don't know what it is. [Or are misleaded] And sadly, people do fall for that crap.
Social engineering attacks get way more complicated and intrusive than duping somebody into running malicious software. And compelling a corporate IT guy into somehow allowing access is certainly doable. You just have to put pressure in the right spots.
But that's not what happened in Sony's case, anyway, so it's kind of irrelevant to the thread.
I've never heard of a virus getting into a server via IT people.....I mean....it makes no sense. What are you citing your words from? Please share!
But how do you do that to a database run by corporation? You don't. Do you understand?
And yeah, that's different. That's just getting somebody to click "Run this program" from a download you don't know what it is. [Or are misleaded] And sadly, people do fall for that crap.
Social engineering attacks get way more complicated and intrusive than duping somebody into running malicious software. And compelling a corporate IT guy into somehow allowing access is certainly doable. You just have to put pressure in the right spots.
But that's not what happened in Sony's case, anyway, so it's kind of irrelevant to the thread.
I've never heard of a virus getting into a server via IT people.....I mean....it makes no sense. What are you citing your words from? Please share!
I'm not talking about viruses.
But if you want an example of viruses getting deployed via IT people, you need look no further than how we took out Iraq's missile defense network in the first Gulf War.
The social engineering attacks I'm talking about tend to involve very advanced phishing methods (capable of deceiving even savvy IT guys), or more direct approaches of corporate espionage.
For the direct approach, you just need to dig up dirt on the guy with the most access and the worst finances. Or the guy with the drag fetish. Or the guy who's latchkey kids are unattended for 3 or 4 hours every day before the parents get home.
Then you turn the screws.
But you don't do this kind of thing for something petty like Sony's PSN or stealing credit card numbers. This is more along the lines of how you steal defense secrets.
This may sound like ridiculous James Bond stuff, but it definitely happens exactly how I described it.
^ Sorry, I didn't realize there was info about the methodology used to gain access and such. Anyway, just an example.
Well, in premise, Sony's system should be set up in such a way that all of the stolen information was encrypted and protected in a fashion that prevents even the high-up IT guys from digging through it.
So the only way to get it would be to break their encryption by exploiting some previously ignored weakness.
But how would you get a virus to an IT's computer, and have it be on the right system you want to hack? Because I'm pretty sure each database and server they have each has different methods of protection. How do you get your software to steal their database information on to their computers via misleading them?
I think you're misreading what I wrote. If you're doing a pure social engineering attack, in the sense I'm describing, it has nothing to do with the attacker writing any kind of software. It has to do with duping some schmuck into giving you the keys to the kingdom.
IF we were talking about a piece of malicious code that some patsy was going to install for your, you take the Gulf War approach of infected firmware that's tailor-made for whatever you're doing. That approach can take A LOT of patience, because unless you have guys on the inside to sabotage equipment, you have to wait for equipment to fail and require replacement or repair. That way, you only need guys to infiltrate the supplier of the secure facility, rather than the secure facility, itself.
^ Sorry, I didn't realize there was info about the methodology used to gain access and such. Anyway, just an example.
Well, in premise, Sony's system should be set up in such a way that all of the stolen information was encrypted and protected in a fashion that prevents even the high-up IT guys from digging through it.
So the only way to get it would be to break their encryption by exploiting some previously ignored weakness.
From what I heard (read on techdirt I think), the fact that this info was stored in plain text is one of the big items in their negligence lawsuit.
And I'm sure it's encrypted. But what's encryption when they know how to unencrypt it.
^ Sorry, I didn't realize there was info about the methodology used to gain access and such. Anyway, just an example.
Well, in premise, Sony's system should be set up in such a way that all of the stolen information was encrypted and protected in a fashion that prevents even the high-up IT guys from digging through it.
So the only way to get it would be to break their encryption by exploiting some previously ignored weakness.
From what I heard (read on techdirt I think), the fact that this info was stored in plain text is one of the big items in their negligence lawsuit.
Well, that would clearly be a no-no.
Your bank's website, for instance, stores your log-in in a fully encrypted way where nobody is capable of recovering it (in theory). They have an external token to reset the log-in, so that can be exploited, but the log-in itself is "secure".
When you use credit cards with your cable bill, cellphone, etc, they're supposed to do the same sort of thing, where some encryption key is associated with your credentials and locks everything else down.