No doubt this is revenge in some way for the attack on George Hotz - the hacker I wrote about here over the last few months.
Apparently this started about six days ago. A friend of mind made note of it to me but I did not think anything of it at the time - perhaps just some upgrade or routine maintenance.
But no, this was a full fledged hack.
Apparently up to 75 million or so credit card and user records are in jeopardy. Potentially the largest hack in world history.
Now one thing is for sure - access to that mount of data, as in downloading, requires a lot of time and network performance. This would mean the hacker or hackers had a lot of time to access the system unknown to Sony. (For example downloading the latest Apple iPhone SDK, which is 4.5 Gb takes hours on a fast connection.)
This is a big black eye for Sony.
Over the weekend my son was visiting me and we were discussing web site development for an upcoming project. As usual the discussion turned to the advantages of Microsoft versus Apache for a commercial server.
My son, a Microsoft Certified Gold code slinger, laughed at the idea of a Linux and Apache being secure for our project. Apparently he has worked on a number of successful payment-related systems which have influenced his thinking. He also pointed out how the Apache folks diligently publish flaws in their code on bug lists - he thought that anyone planning on hacking an Apache site would surely look there for ideas.
Sony's PS/3 is a linux box and I would imagine that so is its network - which would save them million of USD in Microsoft software purchase.
Personally I have always wondered about the concept of free software - how good would it really be compared to something commercially written by experts. Personally I have never been impressed with "free" software - I have always found commercial software to work better and more reliably.
Its not that I don't use free software. The company web site for Lexigraph (www.lexigraph.com) is now Apache based. The old Windows 2003 servers were continually hacked - the linux versions are not.
As to why this is I do not know. I suspect that the world of hackers likes Microsoft because products like 2003 Server are rife with well known flaws and there is a long and well documented knowledge base of hacker attack models available (there are even sites which off pre-built virus packages to install your payload on any Windows system).
If all that attention was turned to Apache/Linux I would bet it would be just a vulnerable.
No comments:
Post a Comment