hot  /  reviews  /  videos  /  cblogs  /  qposts

Anonymous am disappoint, accuses Sony of deflecting blame

10:20 AM on 05.09.2011 // Jim Sterling
  @JimSterling

Anonymous has released another statement concerning the PSN breach controversy, once again professing innocence in the face of negative press and Sony's own implications. The group has gone so far as to accuse Sony of overblowing Anon's involvement in order cover its tracks. 

"Once again Anonymous has been blamed for a security breach, this time by the journalist Joseph Menn, in his article 'Hackers point finger over Sony incursion'," reads the message, referencing a recent Financial Times post. "Here, Anonymous wishes to lay out our case against these allegations and false assumptions.

"Is all of this attention on Anonymous acting as a distraction from other problems, and overhyping the nature of the DDoS attacks? ... Outraged about the blatant coverup and shameful misdeeds, other internet hacker groups will apparently proceed with attacks over Sony's mishandling of the matter. These reactions prove that requesting legislation to cover up corporate crimes and the abuse of law is frowned upon by all online communities, not just the Legion of Anonymous."

The full -- massive -- statement can be read below.

 

Yesterday, an article appeared in Financial Times, alleging Anonymous' involvement in the data and identity theft of some hundred million users of Sony's Playstation Network and Sony Online Entertainment. This crime is now being investigated by the Homeland Security Agency (HSA), the Department of Justice (DOJ), and other legal entities. 

Once again Anonymous has been blamed for a security breach, this time by the journalist Joseph Menn, in his article "Hackers point finger over Sony incursion" [1]. Here, Anonymous wishes to lay out our case against these allegations and false assumptions:

First, let us consider a different article by Menn published on the Financial Times website and entitled "Hackers Warned of Arrest" [2]. This poor piece of journalism has already been extensively referenced in the Sony matter and is being used by many people who oppose Anonymous as proof of guilt. The only quoted source used by Menn was the now infamous Aaron Barr, former CEO of the humiliated HBGary. Barr made the claim that a chat room called #anonymous, founded by the identity "Q", was irrefutable proof that this "Q" began the movement known as Anonymous. Confident in his assertion, he attempted to sell this and other pieces of so-called "intelligence" about the nature of Anonymous to the U.S. FBI.

His information, however, was incorrect. It would be considered common knowledge that Anonymous began as a "meme", or shared belief, at the turn of the century and later developed to become a "global collective conscience" in 2006. But it was not until 2008 that Anonymous became a true display of "power in numbers". Organised protests against the "Church" of Scientology were staged in over 140 cities around the world, forever associating the Guy Fawkes mask and the right to protest with the movement.

Second, just like Anonymous, John Doe and Joe Bloggs are placeholders, rather than proper names, and are available for free use without repercussions. However because of this, there is no membership to Anonymous and anyone can claim to be a "member". It could be said that "Anonymous is anonymous to Anonymous".

Barr and Menn did not pause to protect the integrity of their professions, but instead made clearly misinformed assumptions, and accordingly published a factually incorrect article. The article was highly scrutinized as being blatantly biased against Anonymous and its participants, and many readers pointed out obvious inconsistencies in the technicalities, and the physical time line.

Third, in the primary article, Menn claims that a "member" of Anonymous, Kayla, made comments as an apparent admission of guilt from the "leaders". Kayla reportedly said, "If you say you are Anonymous, and do something as Anonymous, then Anonymous did it". This statement is inherently weak; an equivalent statement would be that "I confess to being human. Humans performed the attack". Andy Greenburg at Forbes [3] got it right.

Finally, Menn's reference to "technical details" [1] regarding a vulnerability in Sony's network without revealing actual content isn't useful. Until the forensics reports are released we don't know which exploit was used. The forensic investigators need to conclude their work, and speculation in articles, blogs and comments brings the factual results no closer.

Menn's anonymous source claims that "a few ops disappeared" but so has a solid chunk of software infrastructure including NickServ and channel bots over attacks during the PSN outages. Menn's other quotes are a vague mixture of assertions and denials. During the PSN downtime, Anonymous closed #opsony and put "sony" on the automatic kick list as 'profanity' last week.

Is all of this attention on Anonymous acting as a distraction from other problems, and overhyping the nature of the DDoS attacks? Sony's recurring issues are beyond providing free game credits:

In order to process credit cards, every company needs to be PCI compliant. "If you are a merchant that accepts payment cards, you are required to be compliant with the PCI Data Security Standard" [4]. Since Sony's network was "unpatched and had no firewall installed" [5], that is a clear violation of the PCI standards and ongoing reviews [4], thus likely to be criminal negligence [see Further Reading]. More importantly, "I can't think of a major data breach where the company was PCI compliant," said Ira Rothken, the lead attorney handling the class action lawsuit [6].

Sony has been accused of false billing, especially in the repairs department: customers who provided credit card details for an MMORPG are charged $150 for repairs to PS3s that they don't own; repairs are double billed and then referred to retailers; equipment is charged $150 multiple times (2-4) for repairs that aren't performed. [7 and Further Reading]

A decent credit card transaction gateway includes recurring billing as an option. Data mining by corporations has a profit motive, but as Sony has demonstrated it can be a massive liability. Why not start a discussion about corporate responsibility to protect user information, especially since they didn't need it to begin with? 

Sony's response to the U.S. Senate [8] is to request more laws and further the myth of "best practices." Since Sony was warned of security holes months in advance [5], one of those "best practices" would be to accept the advice of the experts. In Sony's passing the blame there is no justification for the collection and retention of personal information they didn't need.

Outraged about the blatant coverup and shameful misdeeds, other internet hacker groups will apparently proceed with attacks [9] over Sony's mishandling of the matter. These reactions prove that requesting legislation to cover up corporate crimes and the abuse of law is frowned upon by all online communities, not just the Legion of Anonymous. Apparently Sony will have to learn the hard way that corporate malfeasance will not go unpunished. When the dust settles Sony may have more to fear from a massive class action lawsuit by their user base than the brief actions of the Global Hacker Nerd Brigade, Anonymous... Let THE GAMEs begin. :>

Knowledge is free.

We are Anonymous.

We are Legion.

We do not forgive.

We do not forget.

Expect us.

 



Jim Sterling, Former Reviews Editor
 Follow Blog + disclosure JimSterling Tips
Destructoid reviews editor, responsible for running and maintaining the cutting edge videogame critique that people ignore because all they want to see are the scores at the end. Also a regular f... more   |   staff directory

 Setup email comments

Unsavory comments? Please report harassment, spam, and hate speech to our moderators, and flag the user (we will ban users dishing bad karma). Can't see comments? Apps like Avast or browser extensions can cause it. You can fix it by adding *.disqus.com to your whitelists.

 Quickposts
Status updates from C-bloggers

SeymourDuncan17 avatarSeymourDuncan17
Lacking recording/social features aside (I actually do love that aspect of the PS4), I've been really enjoying my Xbone. Sunset Overdrive is like Saints Row meets Tony Hawk and lovingly self-aware.
OverlordZetta avatarOverlordZetta
Wait, wasn't that Pokemon Detective Pikachu game supposed to come out this year?
sakesushi avatarsakesushi
Humble Bundle End of Summer Sale! They're doing it wrong though, putting up [url="https://www.humblebundle.com/store"]Stealth Inc. 2 for free[/url]
Snaveage avatarSnaveage
Just cleared out a whole village fultoning every single guard. I AM BIG BOSS.
Jiraya avatarJiraya
Metal Gear Solid - Marriage - Revengeance [youtube]https://youtu.be/YN470wKT9PM[/youtube]
wutangclam avatarwutangclam
Divinity: Original Sin 2 stretch goal lets you be a spooky skeleton. This is what I have dreamed of.
wutangclam avatarwutangclam
Going on the record saying a Borderlands movie is a terrible idea.
Tubatic avatarTubatic
Watching Free To Play. I kinda want to try DOTA2, though I'll be very bad at it. Its a very good story of pro-gamer culture, so far. Good Stuff.
RexterNathan avatarRexterNathan
Hello there, I just wanted to say that I'm new here and glad to be part of the community.
Niero Desu avatarNiero Desu
Just tried to explain the word BEAT to an ESL student. Reference.com has 58 variations of the definition. At the least, they can finally understand that Michael Jackson was not asking people to fight each other.
Mediamister avatarMediamister
Steven Hansen avatarSteven Hansen
DTOID PAX MEET UP DAY 1 WAS FIRE.EMOJI!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Shinta avatarShinta
[youtube]https://youtu.be/JOXdORyTqVY[/youtube] I told you guys ... The Witcher 3 has more pirouettes than a ballet show. It's ridiculous!
Nathan D avatarNathan D
Are we really calling followers "fappers" on these quick posts? I knew I loved Dtoid.
OverlordZetta avatarOverlordZetta
[youtube]https://youtu.be/z04MAOubUgM[/youtube] This might've been a fun show.
Cosmonstropolis avatarCosmonstropolis
Someone is trying to log into my Dtoid account. I keep getting emails notifying me of bad password attempts. What?
gajknight avatargajknight
If you spend 10 minutes trying to write a Quickpost...can it really be called Quickpost?
Mike Wallace avatarMike Wallace
So I have enough coins to get a new character in Heroes of the Storm. I like big portly characters like the Butcher or Stitches, but I did enjoy my free week of Tychus. Crowd thoughts?
GoofierBrute avatarGoofierBrute
Today I learned that Bad Rats 2 is a thing that is happening. I don't know how to feel about this.
techsupport avatartechsupport
The temp agency that employs me had me work as a sign spinner today. As in, I held a six foot cardboard arrow-shaped sign and spun it and danced for six hours. It got interesting when a homeless couple confronted me about hogging their spot.
more quickposts


Contest!


Seriously

Invert site colors

  Dark Theme
  Light Theme


Destructoid means family.
Living the dream, since 2006

Pssst. konami code + enter

modernmethod logo



Back to Top


We follow moms on   Facebook  and   Twitter
  Light Theme      Dark Theme
Pssst. Konami Code + Enter!
You may remix stuff our site under creative commons w/@
- Destructoid means family. Living the dream, since 2006 -