Sony Online Entertainment brought its PlayStation Network back online (after a major security breach took PSN down) in parts of Europe and the U.S. Saturday, but some 12 hours after the announcement many PSN customers were left wondering when it would be their turn.
At about 8:30 p.m. ET Saturday, Sony announced it would begin a "phased" return of PSN services to customers following a three-week outage caused by a hack of the network that forced the company to take it down. But a map of the U.S. that Sony is updating to reflect when its network goes live in individual states was left with numerous states without service in the Midwest, South and Northeast as of about 8 a.m. ET.
Several hours after the initial announcement, readers in Texas, Illinois and other states were complaining that PSN service had not been restored to their areas. Sony had warned that it would "take several hours to restore PSN throughout the entire country."
Meanwhile, PSN customers in Australia and the Caribbean wondered when their areas would go back online. Sony's Saturday announcement only referred to Europe and North America.
The company issued a further notice to PSN customers whose service had been turned on but who still weren't able to access the network:
Sony's devastating security breach is not only a public relations nightmare and now, an identity-theft worry for its customers, but it's also a reminder (yet again) of the vulnerability of computer networks.
Sony's PlayStation Network is comprised of networked servers housing massive amounts of data including valued customer data. The parts making up Sony's network are not much different than the parts making up any other business' network, except most business networks are on a smaller scale.
While Sony is not releasing a lot of detail as to how the breach was carried out or what security mechanisms it had in place that failed, there are some good lessons learned for any business no matter what the size about protecting network infrastructure and the data residing on those networks.
One of the key ways any company owner can protect themselves is to forget the notion of, "Why would anyone want to hack into my network?" Why? Because they can. Whether you run a business making chocolate candies or handle financials for thousands of clients, taking an offensive approach against hackers, network intruders, or script kiddies looking to make a name for themselves, is fundamental to protecting your business network.
It's important to know that in the technology world, there is no such thing as 100 percent secure. You can lessen the chances of network or data compromise though, with a few tips:
Sony confirmed Tuesday that hackers have managed to obtain personal information Sony stored within the PlayStation Network, possibly including credit cards. The service will be down, at most, another week.
In an update posted to the PlayStation Blog, Sony senior director of corporate communications and social media Patrick Seybold noted that the "malicious actions" has caused Sony to send a email to all of its customers.
That email will tell subscribers that Sony has turned off the PlayStation Network and Qriocity cloud-music service; engaged an outside security firm; and "taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information".
Microsoft has confirmed that Windows Phones don't store location history in a manner similar to the iPhone, which records the location data in an unencrypted file. The news that some iOS devices keep location data came to light last week, although
Microsoft told us unequivocally that phones running Windows Phone 7 do not store location history. Like most other phones, the platform offers plenty of location-based apps, and those apps require user consent before they begin tracking. Windows Phones also offer the common feature of a "global switch" that lets the user disable all location services, and Microsoft says its "Find My Phone" service keeps only the phone's most recent location.
We also contacted Nokia, RIM, Google, and HP about how the companies' mobile platforms store location data, and none, save Microsoft, have responded. It's been confirmed independently that Google Android also tracks and stores location data.
Did you know that Apple is tracking your every move with your iPhone and iPad? A blog post published today on O'Reilly Radar claims that devices running iOS 4 are gathering location and storing it in an unencrypted manner.
"What makes this issue worse is that the file is unencrypted and unprotected, and it's on any machine you've synched with your iOS device. It can also be easily accessed on the device itself if it falls into the wrong hands. Anybody with access to this file knows where you've been over the last year, since iOS 4 was released," wrote Pete Warden, founder of the Data Science Toolkit, and Alasdair Allan, a senior research fellow at the University of Exeter.
The data is being stored to a file known as "consolidated.db," which includes latitude-longitude coordinates and a timestamp.
Of course, this shouldn't surprise anyone who read the entire 45-page EULA, as it clearly states the following clause when going into detail on the type of “non-personal information” that Apple can “collect, use, transfer, and disclose … for any purpose.”
We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.
Back in September, Google introduced the ability to add two-step verification for Google Apps accounts. What this means is that in order to log into your Google account, you not only enter your username and password, but you also enter an ever changing code. The code is sent to you by SMS, or can be found by using an iPhone, Blackberry, or Android app. This security feature makes it so that if someone finds your password by looking over your shoulder, phishing it, guessing it, or sniffing it from whichever network or computer you use, they will be unable to access your account, because they won't have access to this second factor authentication.
Now, Google just announced that they are rolling out the feature for all users. Over the coming days, a new option will appear in the Security tab of your Google Account. The feature is optional, and will allow you to use this option to better protect your account, either by receiving an automated call, SMS, or by using an app on your phone. This only occurs when you need to actually log on, which only happens on a new system or after a few months of use, so you won't need to do this every time you check your email. The process is not completely painless. The sign-up involves registering a backup number and one-time password, and you need to make special cases for apps which may need access to your Google account but do not support this feature, such as a desktop mail app. Still, it's a very good security measure, which everyone should look into.
Read More | Google Blog
In a reminder to always use strong, unique passwords on every service we use, we learn this week that Trapster, a web site and app used by over 10 million users, was targeted by a hacker which may have compromised the login and password information of all of their users. The company has posted an advisory urging people to change their password on the web site, and anywhere else they may be using the same password.
Read More | Peer360
Many people take the security of their smartphones for granted. As the amount of private data communicated through smartphones increases, so does the threat of attacks from viruses and hackers. Choosing to act now rather than wait for a security fiasco, phone companies such as AT&T, are hiring security researchers to focus on strengthening the security of mobile phones from attacks. Since security has previously not been a major concern on mobile devices it will take some time (years) for these security measures to fully implement.
"Everyone is realizing that this is an uncontrolled environment," said Edward G. Amoroso, chief security officer of AT&T Inc. "We don't want to have the same problems that we had with PCs."
Read More | Wall Street Journal
We've spent some time with the Zomm "wireless leash" and have come away impressed by the simplicity of the device, as it's one of those things that make you wonder why a product like it hasn't been available until now. With that, we thought it would be a good inclusion in our 2010 Holiday Gift Guide. The Zomm can be attached to your keychain, and connects to your smartphone over Bluetooth. Once paired, it becomes your wireless alarm system for your phone. For example, if you walk away from your phone, Zomm will sound a notification alarm and start vibrating, letting you know that you've left your device more than 30 feet away. This way, you don't leave a restaurant without your phone, or spend forever looking for it because you left it in the car (or, that you are in your car driving and left your phone at home!) Cool enough, but it does more.
Zomm also has an integrated speaker and microphone, so it also acts as a hands-free calling device. If your phone rings, Zomm will ring as well, and you just press the Z button to take the call without having to fish around for your phone while driving. Zomm also has a built-in panic alarm. Hold down the Z button and the alarm will go off. Continue holding it, and the Zomm will use the Bluetooth connection to your phone to dial 911, and it will let you speak with the authorities right from the Zomm device. This is seriously a cool piece of technology that is a must-have for those people who constantly leave their smartphones behind in cabs and restaurants, or just anyone who wants an extra layer of security with them at all times. You can get a Zomm from Newegg for $79.99.
Read More | Zomm Bluetooth Smartphone Leash
Sick of entering a PIN every time you turn on your phone? Want something a bit more futuristic to go with the vastly improved OS of your smartphone? The University of Manchester has the answer - facial recognition.
In order to keep your identity safe in the very likely situation of misplacing your phone, the University of Manchester has created a sophisticated facial recognition technology called the Active Appearance modeling technique that locks in and tracks twenty-two of your facial features, even when upside down. The facial recognition technology was created as a way to access social media sites securely through your smartphone, but no word yet as far as how quickly it works in action. Check out the video after the jump.
Read More | Manchester