SONY knew it's Software was obsolete months before PSN Breach

Feuer Frei! · 05-05-11, 03:35 AM

according to Security expert.

In congressional testimony this morning, Dr. Gene Spafford of Purdue University said that Sony was using outdated software on its servers — and knew about it months in advance of the recent security breaches that allowed hackers to get private information from over 100 million user accounts.
According to Spafford, security experts monitoring open Internet forums learned months ago that Sony was using outdated versions of the Apache Web server software, which "was unpatched and had no firewall installed." The issue was "reported in an open forum monitored by Sony employees" two to three months prior to the recent security breaches, said Spafford.

Spafford made his comments in a hearing convened by the House Subcommittee on Commerce, Manufacturing, and Trade. Sony was invited to participate in the hearing, but declined to attend. In a letter to the committee, Sony said it has added automated software monitoring and enhanced data security and encryption to its systems in the wake of the recent security breaches.
"If Dr. Spafford's assessment is accurate, it's inexcusable that Sony not only ran obsolete software on servers containing confidential data, but also that the company continued to do so after this information was publicly disclosed," said Jeff Fox, Consumer Reports Technology Editor.

SOURCE

All i can say is...wow.

Fish In The Water · 05-05-11, 03:51 AM

Quote:

Originally Posted by Feuer Frei!

In a letter to the committee, Sony said it has added automated software monitoring and enhanced data security and encryption to its systems in the wake of the recent security breaches.

Right, let's add the encryption after the hack...

Whatever happened to securing credit card data before someone steals it? Silly idea I guess, after all Sony must know what they're doing.

Sony security = Major fail.

HunterICX · 05-05-11, 04:03 AM

Quote:

Originally Posted by Fish In The Water

Sony security = Major fail.

from my experience I can say the same for their products and services

whenever I buy a new electronic device I'll avoid Sony like the plague.

but I guess they where taking this risk to save costs...but I figure this will cost them even more.

HunterICX

05-05-11, 03:35 AM	#1
Feuer Frei! Navy Seal Join Date: Sep 2009 Location: Valhalla Posts: 5,295 Downloads: 141 Uploads: 17	SONY knew it's Software was obsolete months before PSN Breach according to Security expert. In congressional testimony this morning, Dr. Gene Spafford of Purdue University said that Sony was using outdated software on its servers — and knew about it months in advance of the recent security breaches that allowed hackers to get private information from over 100 million user accounts. According to Spafford, security experts monitoring open Internet forums learned months ago that Sony was using outdated versions of the Apache Web server software, which "was unpatched and had no firewall installed." The issue was "reported in an open forum monitored by Sony employees" two to three months prior to the recent security breaches, said Spafford. Spafford made his comments in a hearing convened by the House Subcommittee on Commerce, Manufacturing, and Trade. Sony was invited to participate in the hearing, but declined to attend. In a letter to the committee, Sony said it has added automated software monitoring and enhanced data security and encryption to its systems in the wake of the recent security breaches. "If Dr. Spafford's assessment is accurate, it's inexcusable that Sony not only ran obsolete software on servers containing confidential data, but also that the company continued to do so after this information was publicly disclosed," said Jeff Fox, Consumer Reports Technology Editor. SOURCE All i can say is...wow. __________________ "History is the lies that the victors agree on"- Napoleon LINK TO MY SH 3 MODS