• Motorburn
      Because cars are gadgets
    • Gearburn
      Incisive reviews for the gadget obsessed
    • Ventureburn
      Startup news for emerging markets
    • Jobsburn
      Digital industry jobs for the anti 9 to 5!

It’s not Sony’s fault

I was one of the lucky few South Africans that was invited to be a part of the Call of Duty 4: Modern Warfare Beta a few years ago. I’ll admit, I was pretty chuffed at the prospect of getting to play that game prior to its release date, but a 1GB internet cap meant that I had to decline that opportunity. Telkom disappoints in so many ways.

Recently, I was given a second shot at joining a beta, this time for the PlayStation 3 exclusive, Infamous 2. Unfortunately, however, Sony’s online service, the PSN, is still down. Chances are, by the time it gets back on its feet, Infamous 2 will already have been released and my shot at taking part in a Beta will have come and gone. Again.

The crash of the PSN has been rage inducing for many people, whether it’s the inconvenience of not being able to play online, fears about loss of private information (well founded if the recent spat of hacks are anything to go by) or the feeling of being gypped out of something you paid for. Many people have directed that rage straight at Sony, because surely it’s Sony’s responsibility to keep the service stable and, more importantly, to keep our information safe? ‘They messed up and now we have to suffer for it. F@#k them, I hate Sony for doing this to me.’

There’s a lot of talk like that going around and I can sympathise, but I think the anger is a bit misguided. The hack is not Sony’s fault. You don’t blame the bank for getting robbed. Were there holes in their security? Perhaps. But the thing to remember is, no network is 100% safe.

Last year, while attending the 2010 NEPAD ICT Africa Summit, I met with Sergey Novikov, a Senior Representative of the largest privately owned computer security company, Kaspersky Labs. Kaspersky protects 300 million users and deals with 30 000 new malicious programs on a daily basis. It’s safe to say then that they know what they are talking about as far as protecting networks is concerned. The most important bit of info that Novikov had to share for me was: “No, system is 100% safe. A determined enough hacker will find a way in.”

It’s view that’s wildly held in the IT security industry. Every system has a weak point somewhere. Bruce Schneier, an internationally renowned security technologist and author commented on the PSN hack saying, “It’s another network break-in, it happens all of the time,” emphasising that “this stuff happens a lot.”

The fact is it happened. And regardless of any efforts, or lack thereof on Sony’s part it could well happen again. And it could just as easily have been Xbox live, or Battle.net or Steam. As Schneier put it, “Everyone is probably equally sucky.”

The thing to bear in mind here is, that this is the internet we’re talking about, and the internet’s intrinsic nature is one of connectivity. That means there will always some small crack somewhere to let something or someone in.

I’ve criticised Sony for many of their decisions regarding the PS3 and PSP in the past and I’ll probably criticize them a lot more in the future. But I’ll give them a pass free on this one – it wasn’t their fault and we shouldn’t be blaming them.

  • Mr Smith

    Of course, you’re right…I wouldn’t blame a bank for being robbed if all expected security measures had been considered but I would blame the bank if they left the front door open, the lights on and the safe unlocked.

    Storing personal information in plaintext….Sony left a sign in the bank window saying “Rob Me”.

  • I am also agree with you.

  • I am also agree with you.

  • Chris

    Your robbing a bank analogy is misleading.  Yes banks are robbed and no it’s not their fault.  But do the banks keep all their money behind the counters?  Or is it stored behind a safe door that takes more than just a a group of guys with guns to get open?

    A company should be judged by how they handle the situation.  A robbed bank doesn’t shut down it’s entire banking network for 3-4 weeks while it investigates, and they certainly don’t allow themselves into a position where they can say “oh well, we’ve been robbed. Your money’s gone.  Sorry about that”.

    I know I’ve picked up a lot on your bank analogy, which isn’t the entire basis of the article, but the point remains – they allowed a security hole to be uncovered (do they not have intrusion systems?  Or did they just not have someone monitoring them at that time?), it took them 2 days to notice, it took a month to “fix” the issue, and now days later they’ve been hacked again.  In my opinion, Sony are well past the point of being able to credibly blame anyone else.

  • Who’s at fault for Sony storing passwords in plaintext?

More in Web development

Facebook moves closer to Microsoft with Bing deal

Read More »