Friday, April 29, 2011

Breaking News: Playstation Network (PSN) is...Down...Still

Imagine you had been wanting to pick up a PS3 for a while, but could never quite rationalize it since you had a great gaming PC, XBOX 360, and Wii.  Now, imagine that you finally picked one up so you could compare DC Universe Online (DCUO) PS3 vs. PC.

You create an account on Playstation Network (PSN), because they make you before you can play.  Yet another set of credentials to memorize for yet another network.  You bite the bullet and go through the tedium once again of setting up a security question, etc.

You fire up DCUO and activate the free month of gaming that came with the game.  Now the clock is ticking on evaluating a game that you may not want to play after that month expires.

Then the PSN goes down.  A little annoying since your guy is only level 10 out of 50 (?) or so levels and you want to get as far as you can to give the game & platform combo the fairest shake possible.

Then it stays down...for over a week.

It's Too Long

Don't get me wrong.  I applaud Sony Online Entertainment (SOE) for being proactive and cautious.  They detected a dayslong intrusion...after it happened.  So they shut everything down and got busy.  I appreciate that.  I think it's vital to do the following:
  • Identify the attack vectors and shut them down
  • Conduct damage control for the breach
  • Make sure no back doors are left in the system
  • And a whole lot more
But this is not some random tech-savvy person with a server in their garage.  Well, maybe it is and I am giving SOE too much credit.  A company in a computer technology industry should be better than this.  Regardless of what their specific line of business is...
  • Sony makes hardware
  • Sony makes software
  • Sony is a very large company with a lot of resources
This should never have happened in the first place but, when it did, it should have been handled much more swiftly and expertly.  The fact that they deal in computer games with communities, ranking, and other things of high value to folks that might be hackers increases the need for vigilance.  Whether it's an identity scam operation or a brilliant, nerd raging script kiddie, SOE should be far better protected that most against such things.

They Are Being Too Pensive

I don't want them to simply tell me that my data may be compromised.  I want them to disable my account and force me to reactivate it by requesting a secure link via the e-mail tied to my account.  This should stymie most of the value of the data acquired.

The Scope of the Threat is Alarming

The comprehensive list of data endangered is staggering.  Don't they have any isolation of the data?  Is it really that easy to get at everything?  Please, break it off by into categories.  Require permissions for each component, e.g., separate billing information from log in data in a meaningful way.  Even with the gigantic snafus I have had to suffer through as a veteran, I never had this amount of data endangered.

The Damage Is Irrevocable

I am glad I don't have a huge investment in PS3 games, gear, etc.  This debacle has left me with two conclusions:
  • Don't buy any game for PS3 unless it's a PS3 exclusive.
  • If said game requires me to use the PSN, I need to strongly consider if I really want it; if not, then pass.
The inconvenience is bad enough.  The hemorrhage of personal information is intolerable.

Thankfully, most of the games that I really care about (albeit not all) are available via XBox or PC, and the ones that I am likely to play on the PS3 are generally not multi-player.

As for DCUO, you may be able to guess which version, PS3 or PC, I am probably going to recommend... ;)

No comments:

Post a Comment