brunoafh wrote:
I don't see how you can look at it that way. That's like condoning thievery as long as the stuff you stole wasn't properly secured.
If a car is left running and it's stolen it's not grand thieft auto.
What? Yes it is. Just a quick google search turns up a few results that indicate that taking possession of someone's vehicle without their consent, no matter how possession was taken, all falls under the same law:
About the only variance I've seen is that if the car isn't worth a certain amount it doesn't count, but there is still no stipulation about the prescence or absense of keys and an unlocked door.
I think what the common misconception is, is that if a running car was stolen some insurance companies wont consider it stolen. Thus, they wont have to pay out. I wouldn't put this past most insurance companies, of course they don't wanna pay you, any way possible. Not sure if this is true, or even legal. I would like to think that if the law says it's theft, then it would be unlawful for an insurance company not to consider it theft. I think the misconception came from that Seinfeld episode. Jerry brings his car in to get worked on and the mechanic ends up stealing it. Jerry says the insurance company doesn't consider it stolen since Jerry gave him the keys.
I've also heard some one say that if you leave your car running and some one steals it, you're partially responsible for an accident if one occurs. Again, I don't know if that's true.
irixith wrote:How are you all assuming that Sony has done something wrong here? No-one knows how these hackers got in. Was it poor security? Social engineering? Some sort of masterful hack?
You can't condemn Sony until all the information is available.
Sony has a privileged inner network that modded PS3's were able to get into by spoofing developer / reviewer / trusted PS3's.
And then three bad things happened:
-Sony had no check at this level to determine if these modded PS3's were the real deal.
-Sony had no barrier at this level to prevent fake credit card numbers from being uploaded and 'free' PSN content from being downloaded.
-In this inner network, unknown persons were able to get unencrypted copies of PSN members credit card numbers, addresses, passwords, the keys-to-the-castle.
I guess Sony could have kicked some puppies over bridges to seal the deal but at this point I think it's okay to be angry at Sony for their incompetence.
The third point is the contention. However the first two points are true. Rebug allowed you to access dev-PSN servers. Sony basically handed the keys to the devs and allowed them free reign in dev-PSN land. No checks or limits for Devs on PSN (baaaad idea). Why is this a bad idea? Because of what happened. This is not just an issue with the rebug team, yes they enabled practically anybody with a CFW PS3 to access it, but anybody with access to a dev PS3 could do it. So technically if somebody were to get hold of dev PS3 hardware they could do whatever they want. No hacking involved. That's why it's Sony's fault. It's just yet another epic fail on Sony's part regarding security.
I assumed that this outage was a major security breach, where personal information has been compromised. If this is the case, I suspect they only confirmed it on Wednesday.
A DDoS would, generally speaking, still see the network up and running in some flavor. Not least of which is because you need to interpret the behavior in order to prevent it -- harder to do off-line, unless they have sufficient captures. Even then, taking it off-line would be silly.
But, to add some more fear and paranoia to this, my credit card, for the first time, has been compromised. I got a call this morning. The irony is that the guy bought an XBOX Live account, and this is what triggered the financial institution.
I'm a gamer, and it would not, should not, scare a bank to see XBOX Live stuff hit my account. So, to tweak it a little bit, I further suspect that there has been a slew of XBOX Live accounts fraudulently purchased in the last couple days, and thus this purchase hits a well defined profile.
Just guessing, but very suspicious. Legally, we (as individuals) have to be informed by Sony that this information was compromised.
I just got an email from Sony a little while ago explaining the outage and what might have been compromised. It seems that the email was tailored a bit to include some info about my rights under Massachusetts law, etc. There's no new info in the email and the closest thing to an apology is this:
Sony wrote:
We thank you for your patience as we complete our investigation of
this incident, and we regret any inconvenience. Our teams are working
around the clock on this, and services will be restored as soon as possible.
Sony takes information protection very seriously and will continue to work
to ensure that additional measures are taken to protect personally
identifiable information. Providing quality and secure entertainment
services to our customers is our utmost priority. Please contact us at
1-800-345-7669 should you have any additional questions.
It's a big issue and it will take them some time to get it all sorted out.
MrPopo wrote:but there is still no stipulation about the prescence or absense of keys.
I was just going to quote this and say HA! but thats pointless. I worked at a gas station and at least once a month someones running car was stolen. I'd always bullshit with the cops cuz it was always the same 2. I had said that people are idiots for leaving their cars running and should be fined if its stolen. They agreed and said it's not considered a GTA. Thats why I made that analogy.
Maybe I was wrong but at least after looking at your links I'm sure in most cases it ends up as a joy ride because
a) The cops are pissed off that they have to deal with it
and/or
b) Most of the time the it won't qualify for A thru H on the first link you posted.
