Japan Says No To PlayStation Network Restart 146
tekgoblin writes "Although Sony may be restoring services on the PlayStation Network around the world, one country has said 'No.' Japan has not yet given Sony approval to start up their online services, making the company wait until they have proven that they have taken the necessary measures to secure their network against another incident."
Bravo Japan! (Score:5, Insightful)
A government that actually does its job (protect the citizens' rights). Good for them.
Re: (Score:2)
Re:Bravo Japan! (Score:4, Insightful)
That's no excuse to be lazy about keeping up to date with patches, and apparently having no disaster recovery plan.
Re: (Score:2)
and apparently having no disaster recovery plan.
I do not think it means what you think it means. Go here for more information. [wikipedia.org]
Re: (Score:2)
Hmm.. nope, that reads as exactly what I think it means. What do you think it means?
Re: (Score:2)
Hmm.. nope, that reads as exactly what I think it means. What do you think it means?
As linked in the wiki article, it refers to disasters like floods or bombing; where the building that housed your data center no longer exists and you're employees are probably living in shelters.
Patches, smatches... (Score:1)
The issue isn't patches...
The issue is that they didn't encrypt the data so that an embarrassing intrusion became a financially damaging intrusion for their customers.
The two things I am left with that really piss me off are:
- Why haven't they given me the last 4 digits of the card they had on file? Which card should I be watching? They gave the whole damn number to the intruder so telling me the last 4 digits isn't a big deal.
- Why do they even require a card number (which they can't be trusted with) when
Re: (Score:2)
Wow, way to FUD.
They didn't "encrypt", but they did hash.
You should be a bit more careful what you're doing with your cards.
They don't.. do you you even have a PS3?
Re: (Score:2)
They didn't "encrypt", but they did hash.
I thought they did encrypt the credit card data. They would only hash passwords.
Re: (Score:2)
Possibly, but according to one of the press releases I saw, people were complaining about a lack of encryption, and they explained that the passwords were not encrypted, but they were hashed.
Would encryption of the credit card data even be any use if they compromised the whole system, and therefore probably had access to the keys too?
Re: (Score:2)
Possibly, but according to one of the press releases I saw, people were complaining about a lack of encryption
The personal data wasn't encrypted but the credit card data was.
and they explained that the passwords were not encrypted, but they were hashed.
Well yes, hashing is a safer and better method for passwords anyway.
Would encryption of the credit card data even be any use if they compromised the whole system, and therefore probably had access to the keys too?
Good point, i guess that depends on their system architecture and whether it was just the database that was compromised or the entire system.
Re: (Score:2)
Perfect is the enemy of Good. The question is not is their setup perfect, but is it good. Odds are it is just the cheapest fix they could come up with.
Re: (Score:2)
Perfect and Good don't always get along, but they can and do cooperate in their eternal struggle against Sucks.
Re: (Score:2)
Perfect is the enemy of good.
Re: (Score:1)
Sure it is
All our technology is based on good enough. Do you see perfection anywhere? No! We must make do.
Re: (Score:2)
Re: (Score:2)
No, that would have been to have standards in place and make Sony follow them before they were permitted to even put up the PSN. This is the same kind of "protect" that the police are there for. "To Serve and Protect"? No. "To Punish After the Fact".
Re: (Score:2)
>>>"To Serve and Protect"? No. "To Punish After the Fact".
Excellent point. Didn't think of it in that way.
Of course, in order to prevent ANY kind of disaster/theft/etc (i.e. zero such events), the government would have to put its nose into everything. Seems kinda... invasive? Of course if they did that with corporations I'd certainly have no objections.
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
really... Troll? You may not agree, but I don't think he's being a troll. I wish I had some Mod points right now.
Re: (Score:2)
A government that actually does its job (protect the citizens' rights). Good for them.
Right. And just sort of ignores major problems with nuclear reactors. Nice set of priorities there.
Re: (Score:2)
The government does not have the duty to protect the citizens from themselves, nor to deny the citizens the right to run a service that is within the bounds of the law.
IF the Sony service is breaking the law, the government has the duty to step in. Until it breaks the law, Sony should be allowed to run its service just as Apple and Google and every other conte
Re: (Score:2)
But then, this isn't an issue of free speech, it is an issue of commercial activity, and discrimination by company is not a valid activity of go
Re: (Score:2)
A government that actually did its job in this instance (protect the citizens' rights). Good for them.
More like this. Japan's government takes some positive unilateral actions without consulting business on occasion, but on average they're not a lot better than ours in the US.
Re: (Score:1)
Re: (Score:1)
Kudos to Japan (Score:5, Insightful)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
profits at the expense of all else is. don't be a fucking idiot
Re: (Score:3, Insightful)
Re: (Score:2)
What is with the link between profit and slavery issue. When ever someone has a political stance that government interaction on the average will have more of a negative impact then a positive one they bring up this lame 150 year old slavery debate as "Proof" the their idea is wrong.
Extremes on either side is bad and Evil will occur. If you want to twist your logic around the reason for slavery success was because government supported it and enforced slavery laws. I can see if there were no slavery laws f
Re: (Score:2)
Unless you live in a pure communist state, your working class is paid by capitalist industry.
It's the capitalist industry that is paid by the working class. Who do you think pays the taxes, buys the products, and even does the work for the industry in your capitalist paradise?
Bedfellows (Score:5, Insightful)
It says a lot when the country a company is headquartered in tells them their stuff stinks.
+1 Japan for asking what everyone else lacked the sense to question.
Re: (Score:1)
Re:Bedfellows (Score:5, Informative)
This is certainly not something I would have expected of the Japanese government, although I'll admit I hadn't thought very much about it since the business-friendly era of the "bend-over-backwards and kiss business' butt" MITI [wikipedia.org]. Of course, that was international trade, and this is about domestic business.
I have the beginnings of a theory, though. The recent revelations about the government's virtually non-existent oversight over the nuclear power industry, and TEPCO in particular, may have sensitized the entire Japanese cabinet and bureaucracy to public perceptions of being asleep at the switch... hence, the surprising and almost-literal leaping to the defense of the public interest against a danger to network and financial security. (Yeah, comparing Fukushima to the PSN hack is ridiculous, except for the change in behavior of the government between the two events. Correlation != causation and all..)
As a theory, it strains my credibility, and I just thought it up, but who knows?
Re: (Score:2)
Well, the same thing had occurred to me.
In in the wake of the nuclear plant, er, 'problems' ... and not getting responses from the company for quite some time when they were asking for updates ... I think it highly likely that the Japanese government isn't looking to just simply take companies at their word.
And, yes -- obviously the importance of the nuclear reactors vs the PSN outage are nowhere near one another. But, that do
Re: (Score:2)
Re: (Score:2)
Like the other replies below, I find your theory fairly credible, actually. Their government has lost enough face over the poor showing by TEPCO that they probably want to take good care of the shred of a cheek they have left.
Re: (Score:1)
Sony Japan is probably blaming it on the incompetent *Americans* since the data breach occurred in Servers located in San Diego. Thus the foreigners created a mess for the parent company. Cynical Mode Off...
Re: (Score:2)
Re: (Score:2)
I think it is because Sony has failed to admit responsibility and apologise, and the government sees this as a way to boost their own popularity by taking a hard line on businesses that screw up.
TEPCO has apologised several times already. Sony has not, probably because the US and EU arms don't want to admit liability and open themselves up to lawsuits from customers, developers, merchants and Visa/Mastercard. Normally a Japanese company's top management would issue a heartfelt apology like Toyota did, accep
Re: (Score:2)
It says a lot when the country a company is headquartered in tells them their stuff stinks.
Obama wants his Call of Duty...see what happens when PSN goes down, he recreates the 'Castro's Compound' level as 'Osama's Compound', right down to where he uses his wife as a human shield!!!
Sony no longer the favorite?! (Score:2)
Seems like Japan used to bend over backwards for Sony. This ongoing outage is seriously harmful to Sony's reputation. It's deservedly so, but interesting to see happen nonetheless, especially at this time when Japan could use a little financial love.
Can Sony really be this incompetent, and/or incapable of hiring in the necessary talent?
Re: (Score:2)
Seems like Japan used to bend over backwards for Sony.
That happened to be the case. However after one earthquake, one tsunami and one muthafucking nuclear disaster they've grown some extra skin and decided Sony deserves some good facefarting.
Re: (Score:2)
With the fukushima daiichi incident fresh and lingering in the japanese publics eyes, exhibiting additional signs of blatant regulatory capture is counter intuitive to fat-cat politicians, and their political careers.
Prior to the disaster, there was a revolving door between government employees and politicians and the (ahem) regulated nuclear power industry-- a connection that was lambasted by inquiries and probes into the reasons for the spectacular failure of Fukushima Daiichi in preventing a meltdown. T
Say no? (Score:1)
Can someone remind me how can a government say "no" to someone operating a legal service again?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Corporate charters exist at the pleasure of the government. If your corporation would prefer not to have all its assets nationalized it will play along.
Re: (Score:2)
Re: (Score:2)
Who do you think enforces that?
This has zero to do with private property for real humans, just the construct called the corporation. With its limited liability should come limited freedoms. Having limited liability and unlimited freedom just means everyone should become a corporation and start committing crimes for fun.
Re: (Score:2)
This has zero to do with private property for real humans, just the construct called the corporation.
Corporations are owned by people. The property owned by a corporation is owned, ultimately, by the people who own the corporation.
Having limited liability and unlimited freedom just means everyone should become a corporation and start committing crimes for fun.
That statement is so pathetically ridiculous that it does not merit any response, buy I'll point out one tiny fact that demonstrates your lunacy: corporations don't have unlimited freedom, and people in corporations have gone to jail for committing crimes. Even so, many people do become corporations so they can take advantage of the laws for corporations, which also pretty much
Re: (Score:2)
Corporations are owned by people. The property owned by a corporation is owned, ultimately, by the people who own the corporation.
Tell the GM shareholders that lost out about that.
That statement is so pathetically ridiculous that it does not merit any response, buy I'll point out one tiny fact that demonstrates your lunacy: corporations don't have unlimited freedom, and people in corporations have gone to jail for committing crimes. Even so, many people do become corporations so they can take advantage of t
Re: (Score:2)
Tell the GM shareholders that lost out about that.
So you think that debts are not owned by the owners of a corporation, as well? How interesting. Please tell me how I can subscribe to your newsletter.
So who from BP is in jail for that oil spill?
Nobody I know of, yet. Was it BP breaking the law, or was it the firm that was supposed to maintain the flow diverters that didn't do it? Are you actually stupid enough to think that the legal process dealing with the gulf spill is actually over and nobody else will wind up in court?
If I let my car leak oil all over town and nature parks(since my car does not float) I bet I would be paying for cleanup and fines.
And now you are trying to tell us that BP didn't pay anything for the clean
Re: (Score:2)
If Japan had said: there is a clear threat to the wellbeing of the populace from network services and NO company may operate one until further notice, you'd have a fair comparison. For Japan to single out Sony in a prohibition against performing a legal service that others were still permitted -- Ja
Re: (Score:2)
The same way a government can setup a monopoly of companies [wikipedia.org] and be Ok with it.
Japanese laws are not US Laws.
Re: (Score:3)
What constitutes a "legal service" is entirely dependent on the law of the land. If you are in a country where the law requires you to seek government approval before operating a service, then your service is only "legal" if the government allows it.
Now, whether or not it is morally acceptable to have such a legal system is ano
When it's not a legal service (Score:4)
Can someone remind me how can a government say "no" to someone operating a legal service again?
When it looks like you're operating it in a way that does not comply with all of the laws.
You can read into that the Japanese government believes that PSN is not a legal service in Japan if PSN does not protect the privacy of the users.
"Prove", ie. "Patch Apache"? (Score:3)
proven that they have taken the necessary measures to secure their network
IIRC, one rather glaring issue was the use of a bone-stock Apache install that evidently hadn't kept up with any security updates. I wonder what sort of Powerpointology Sony will be needed to prove worthiness, and whether there's enough folks at the Media and Content Industry department to knowledgeably gage the degree to which Sony got its act together?
Re: (Score:3)
There were also the glaring issues of not hashing passwords, storing all kinds of sensitive information in plain text, failing to offer sunset on old customer data, etc...
Re: (Score:2, Informative)
Re: (Score:2)
I see!
I had heard it reported that they transmitted cleartext information over the wire protocol, and even read a packet dump taken some 2 weeks or so before the breach at PSX-SCENE. Hackers there reported that cc data and other sensitive information was sent in cleartext. [psx-scene.com]
Re: (Score:3)
I believe user2 when he says this. He seems like a trustworthy guy.
Re: (Score:3)
There was a whole thread on the PSX-SCENE forums that was over 11 pages long discussing this issue. It was independently verified by several forum members. Sadly, I am at work right now and we have some draconian internet filtering set up, so I cant link to the forum thread. You can find it yourself though. It was in the news section, dated april 30, 2011.
Names and some other information were redacted to protect people from corporate retaliation; remember, this was released at the height of the Geohot lawsu
Re: (Score:2)
When did they not hash passwords? They said they didn't *encrypt* passwords, but clarified that later that they meant they were hashed not encrypted. I actually found it rather reassuring that they understand the difference (and, yes, passwords should be hashed and not encrypted).
Re: (Score:2)
http://forum.beyond3d.com/showpost.php?p=1549251&postcount=491 [beyond3d.com]
Re: (Score:2)
So, the "unpatched" theory was based on nothing by Spaf's gut. It would seem Dr.Spafford is resting on his laurels. Great.
Re: (Score:1)
Re: (Score:2)
I wonder what sort of Powerpointology Sony will be needed to prove worthiness
Slide 1 - Intro slide
Slide 2 - Previous configuration - Insecure (include at least 4 bullet points, include lots of buzzwords)
Slide 3 - New configuration - Secure (include at least 6 bullet points, include even more buzzwords)
Slide 4 - Conclusions/Q&A
Remember, if you can't dazzle them with brilliance, baffle them with bullshit.
Re: (Score:3)
The same Powerpointology that was used to design the PS3 security system. It includes just about every single crypto buzzword and system under the sun. AES, RSA, Elliptic Curves, CBC, ECB, CTR, CFB, RC4, SHA1, MD5, HMAC, SSL, Full Disk Encryption, Isolated Security System, Hardware Decryption, Secure Boot, Per-Console Encryption, Tokens, Hypervisor, blah blah. You name it, it's in there, used in all the wrong ways and littered with holes.
This is the problem with Sony: they do Security by Powerpoint. Buzzwor
Re: (Score:2)
People weren't trying until OtherOS got removed, and that happened after geohot glitched the memory bus. Given what we know about the PS3 at this stage, I can tell you that there would've been plenty of easier avenues of attack from a black box perspective. For example, there are more than a couple fun header validation bugs that you can try to exploit just by dumping out the NOR and doing some analysis on the binaries contained within. Dumping out Flash memory and messing with it is standard operating prac
Sony is claiming this is voluntary... (Score:5, Insightful)
Sony is saying that this is a voluntary effort to cooperate with Japanese authorities, as they are not actually legally obliged to wait for permission to restart their services in Asia.
However, it's worth pointing out that in Japan it is common to allow companies and individuals to take "voluntary" actions to save face or prevent a public appearance of contention. There is also generally a greater public expectation of privacy amongst the Japanese, so their regulators are more less amused with Sony than American authorities.
Make of Sony's voluntary claims what you will.
Re: (Score:2)
/. Hypocrisy? (Score:1, Insightful)
In one story we have commenters berating the US government for unveiling a "cybersecurity plan," and here we have them praising another government for ordering a private corporation from continuing operations.
What gives?
Re: (Score:1)
Different laws of the land. USA doesn't care what businesses do with your data, EU goes bonkers if your screw up, and it would appear Japan takes data seriously too.
Re:/. Hypocrisy? (Score:4, Interesting)
I agree. It's almost as if slashdot commenters weren't just one homogenous unit with a fixed opinion on each issue, but instead were a collection of individuals with differing views on any given subject.
Re: (Score:1)
Re: (Score:3)
Re:/. Hypocrisy? (Score:5, Insightful)
I said 'No' to the Playstation Network restart too (Score:1)
Censorship (Score:2)
OK, so how is this different from censorship?
Re:Censorship (Score:5, Insightful)
censorship is about preventing speech because of its content, this is about preventing a database of personal and financial details from going online because its safety is dubious ?
Re:Censorship (Score:4)
I think the Onion pretty much nailed it (Score:2)
http://www.youtube.com/watch?v=8AyVh1_vWYQ [youtube.com]
Xbox sales (Score:1)
Now for the obligitory response: (Score:1)
Hahahahahahahahahahahahaaaaa! FUCK YOU SONY! OH IN YOUR FACE!!!! *dance wildly while singing GO JAPAN GO JAPAN*
Holy fuck this has been the biggest bunch of epic bullshit to come down the pike out of a corporation in a long time. ONE MONTH of being down, Sweet Jesus, where is the lynch mob? Has anyone been following what a bunch of idiots Sony is with ALL of their security? Reuters had to call and tell them about massive screw ups they had in basic security from a causal outside probe by a security expert. T
Just Sayin' (Score:2)
6,341,950 PS3 Units Sold in Japan.
http://en.wikipedia.org/wiki/PlayStation_3#Sales_and_production_costs [wikipedia.org]
Say the average PS3 uses 110W as typical power consumption.
http://en.wikipedia.org/wiki/PlayStation_3_hardware [wikipedia.org]
= 700 Million Watts.
= 700 Megawatts.
All those PS3's turned off is saving a lot of electricity!
Yes I am aware of the obscene amount of over simplification.
Re: (Score:1)
Re: (Score:2)
Or bluray movies.
I support this. (Score:2)
I just got off the line with Clear.com helpdesk.
The doofushead on the other end of the line posted my clear username/login info for me, even though I never asked for it.
People are just so clueless with security, it is pretty disgusting.
Japan forcing Sony to prove they have secured there network - I like this. I like this a lot.
Wonder if the.... (Score:1)
No worries (Score:1)
Re: (Score:2)
Wow - me too! I've bought a bunch of PS3 games, but the only ones that anybody in my house ever plays is LBP and Katamari. The rest of the games I've bought have been very disappointing. My wife bought me Portal2 and it was good, but short.
Re: (Score:2)
I'll put in a vote for Valkyria Chronicles. I really like that game.
Re: (Score:2, Troll)
Yea right, If anything that probably has strengthen Sony's resolve to keep "Other OS" out. Not that I support Sony having removed the option. But if you make a choice to do something then you get a bunch of criminals pretending to be activists attack you from the choice. It is a strong message that that feature was used by the wrong sort of people, who they will be better off in the future not come back.
If they were true Hactivists they would have hacked their playstations to support the feature once agai
Re: (Score:2)
Re: (Score:2)
If they were true Hactivists they would have hacked their playstations to support the feature once again and posted how to do it to the public.
What rock have you been under? That's EXACTLY what they did. That's why Sony sued George Hotz. Because he posted how to hack the PS3 on his block and via youtube for all to see. Also, you're assuming that the people who hacked the PSN are in any way associated with the same crowd asking for OtherOS to be back and not just some opportunistic crackers.
Re: (Score:3)