So the Sony EU blog page is down, but this was posted on the US one earlier:

 

http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/

 

Seriously, ten fucking days before they tell people that their personal data has been ripped wholesale from their databse, which may* include credit card number + security code and PSN password.

 

Mother /fuckers/.

 

:@ :@ :@ :@ :@ :@ :@

 

*more like "almost definitely"

I agree. It shouldn't have taken that long to figure that out.

 

I am glad they turned the fucking thing off until they get it fixed, but come on. A company as big as Sony, this should never happen. It isn't like they hired me to code their shit.

 

My son wanted to trade his 360 in on a PS3. This has made him change his mind.

I'm not pissed off that it happened - any system can be fucked with - I'm pissed off that it took them so long to say what had happened. They made out it was just a DDoS attack at first, no way they've only just found out that their database was compromised.

I agree. They knew when they shut it down. I would be a little pissed because it's interrupting other stuff like your steam games!

Don't worry! As a Valued PlayStation Network/Qriocity Customer, you're only being informed at all out of an abundance of caution.

Besides, Sony are doing whatever it takes to resolve the issue as quickly and efficiently as practicable!

Obviously Sony takes information protection very seriously, which is why it was even possible for someone from the Internet to access all the personal and billing details of the entire Sony user base.
After all, an abundance of firewalls to make this impossible is not practicable, and can't seriously be expected from a company with security as their utmost priority.

So the answer to better security is more firewalls? I can probably set up 100's of these!

The portal 2 thing is anoying, but it doesn't PISS ME OFF like this does :@
4

 

*goes back to changing passwords on gmail, amazon, lovefilm etc. etc. etc.*

Has Goog rolled out 2 step verification for you fellows yet?

Fuck me, they stored your info in plain text! Sony is so awesome!

Dunno, what's 2 step verification?

You have a main password and a 2nd that is generated every month. You use your phone to generate the 2nd.

 

If you use a new computer you need to generate a 2nd pw. So it doesn't matter if someone gets your main password. As soon as they try to sign in on a different computer they are shut down.

I'm trying out a combination of Dropbox and Keepass for keeping my passwords in. That way I can use the password generation routines in Keepass, and have different passwords for everything.

 

I know it's possibly a bit silly to put the Keepass file in Dropbox, but the password on the Keepass file would be a right bugger to break, and my Dropbox password is pretty good, too.

Ah, no. not yet, although that does sound both good and anoying :|

Once you get stuff set up it's not bad. And way safer. Here is a shot of their page about it.

 

you go to www.google.com/accounts to set it up - that's where you'd do it if you can get it.

heh. It's pretty naughty innit! i am looking forward to seeing what weasel words get employed in the coming week or two.

I've been using KeyPass for a couple of years now, it's really good. I still have a couple of places I use my "common" password, one of which just happens to be PSN, which I've now changed.

The only downside to KeyPass is it makes it impossible to gain access to a site from anywhere that isn't the machine you have your KeyPass database on (except of course if you use DropBox like you're doing - just don't go using the same password to access your DropBox account as you do to unlock your KeyPass database) and you don't know what the randomly assigned password is.

The upside to that downside is that I tend to buy less things on my lunch break that I don't really need.

Incidentally it was my Steam account that was compromised (though this was before Steam allowed you to save your card details) that instigated the need for me to start using KeyPass.

I'd like to seem them get fined by the ICO for not telling people quickly enough, but I doubt that will happen :(

I think it's possible to use portable versions of Keepass and Dropbox and bung them on a USB stick to carry round, but that just means that I'd have to add a USB stick to my keyring and I'm not too keen on that idea.

Hmm - I use one strong password for sites/things that are anything to do with money stuff, because I am incapable of remembering more than one strong password :$

 

I would like an app on my laptop, PC and Android that would let me easily store and sync (and generate new ones when registering for sites) passwords. That would be good. Does keypass do this?

You could check into LastPass. That's what I use.