hot  /  reviews  /  video  /  blogs  /  forum

Reports on Sony server security lack accuracy (Update)

2:20 PM on 05.05.2011 // Maurice Tan

Sony responded to the questions from the U.S. House of Representatives' Subcommittee on Commerce, Manufacturing and Trade with an open letter yesterday. But Dr. Gene Spafford, professor at the department of Computer Science at Purdue University, noted something interesting when speaking at the hearing.

Apparently, the Apache Web server software that Sony used was an outdated version and it also didn't have a firewall installed. Oooops.

Even better, that issue seems to have been "reported in an open forum monitored by Sony employees" about 2-3 months before the Anonymous attacks and subsequent other hacks happened. I think it's safe to say that if Anonymous knew about this, its attacks would've been more successful.

Actually, page 7 of this PDF that was inaccessible at the time of writing (maybe it hated foreigners) only said:

"Presumably, both companies are large enough that they could have afforded to spend an appropriate amount on security and privacy protections of their data; I have no information about what protections they had in place, although some news reports indicate that Sony was running software that was badly out of date, and had been warned about that risk."

Awesome. Thanks to the commenters for pointing out my failing though! It was deserved and I love you all. Community member KwikPwn also found the YouTube video of the hearing (the official webcast still gives 404 error) that shows Dr. Stafford's comments on the outdated Apache software and the lack of a firewall. Take a look for yourself!

Sony Was Using Outdated Software Prior to PSN Breach [GamePro] [Image]




 Reblog (or) Blog Reply

Maurice Tan,
 Follow Blog + disclosure

This blog submitted to our editor via our Community Blogs, and then it made it to the home page! You can follow community members and vote up their blogs - support each other so we can promote a more diverse and deep content mix on our home page.



Get more destructoid:   We're indie-run, blogging for the love of it, and our site will always be free. Optionally, you can support us and get: (1) Faster pages from our cloud server (3) Wide(r)screen (3) No big ads on Dtoid, Japanator, Tomopop, or Flixist (4) Auto contest entries, and (5) Dibs on betas & downloads. Try it out

 Setup email comments

Unsavory comments? Please report harassment, spam, and hate speech to our moderators, and flag the user (we will ban users dishing bad karma). Can't see comments? Apps like Avast or browser extensions can cause it. You can fix it by adding *.disqus.com to your whitelists.


  Around the web (login to improve these)




Back to Top


We follow moms on   Facebook  and   Twitter
  Light Theme      Dark Theme
Pssst. Konami Code + Enter?
You may remix stuff our site under creative commons w/@
- Destructoid means family. Living the dream, since 2006 -