1
00:00:00,320 --> 00:00:02,880
Speaker 1: Brought to you by the reinvented two thousand twelve camera.

2
00:00:03,200 --> 00:00:09,000
Speaker 1: It's ready. Are you get in touch with technology? With

3
00:00:09,080 --> 00:00:17,840
Speaker 1: tech Stuff from how stuff works dot com. Hello again, everyone,

4
00:00:17,880 --> 00:00:20,040
Speaker 1: welcome to tech Stuff. My name is Chris Poulette and

5
00:00:20,040 --> 00:00:22,560
Speaker 1: I'm an editor how stuff works dot Com. Sitting across

6
00:00:22,560 --> 00:00:27,280
Speaker 1: from me, as always, from Sunny South Beach senior writer

7
00:00:27,360 --> 00:00:32,120
Speaker 1: Jonathan Strickland. She had actual squirrels in her pants. We

8
00:00:32,320 --> 00:00:37,800
Speaker 1: got served two guys in the park. Yeah, clearly you

9
00:00:37,840 --> 00:00:40,600
Speaker 1: know what episode I'm up to now, Yes, and you're right,

10
00:00:41,080 --> 00:00:44,000
Speaker 1: it was awesome. And those of you there, there are

11
00:00:44,040 --> 00:00:46,279
Speaker 1: several of you out there who know exactly what we're

12
00:00:46,320 --> 00:00:48,479
Speaker 1: talking about and will be very excited that Jonathan has

13
00:00:48,560 --> 00:00:51,199
Speaker 1: jumped on the bandwagon. And you guys are also awesome.

14
00:00:52,960 --> 00:00:57,200
Speaker 1: So let's talk about something that's totally not awesome. Yeah, yeah,

15
00:00:57,280 --> 00:01:00,120
Speaker 1: this is definitely not awesome. This is um. You know.

16
00:01:00,160 --> 00:01:03,120
Speaker 1: From time to time in the podcast we tackle issues

17
00:01:03,280 --> 00:01:08,160
Speaker 1: of privacy and internet security, partially because um, they're relevant,

18
00:01:08,240 --> 00:01:10,280
Speaker 1: there are things that a lot of people want to

19
00:01:10,400 --> 00:01:13,600
Speaker 1: learn more about, and partially because I think, if I

20
00:01:13,640 --> 00:01:15,560
Speaker 1: may speak for you, Jonathan, I think there are issues

21
00:01:15,600 --> 00:01:18,520
Speaker 1: that are are important to both of us personally that

22
00:01:18,680 --> 00:01:21,320
Speaker 1: we're very interested and want to, uh to keep an

23
00:01:21,319 --> 00:01:24,280
Speaker 1: eye on there's and there's still a very casual attitude

24
00:01:24,400 --> 00:01:28,560
Speaker 1: among certain segments of the population that used the Internet

25
00:01:28,920 --> 00:01:32,840
Speaker 1: toward privacy. And I think some of it is just

26
00:01:32,880 --> 00:01:34,800
Speaker 1: a lack of information of the sort of things that

27
00:01:34,840 --> 00:01:37,319
Speaker 1: can go wrong if you do not protect your privacy.

28
00:01:37,319 --> 00:01:39,840
Speaker 1: So let's we'll stop dancing around this. We're specifically going

29
00:01:39,880 --> 00:01:43,760
Speaker 1: to talk about the breach of security within the PlayStation

30
00:01:43,800 --> 00:01:48,240
Speaker 1: Network and Curiosity, which is q R I O C

31
00:01:48,560 --> 00:01:53,800
Speaker 1: I T Y since one of Sony's online services, and

32
00:01:53,840 --> 00:01:57,880
Speaker 1: there was a breach that happened between April seventeenth and

33
00:01:57,920 --> 00:02:02,400
Speaker 1: April nineteen eleven. Uh. And I want to stress this today,

34
00:02:02,560 --> 00:02:05,240
Speaker 1: the day that we are recording this is April twenty nine.

35
00:02:06,600 --> 00:02:09,080
Speaker 1: The reason why I say that is because hopefully by

36
00:02:09,120 --> 00:02:13,480
Speaker 1: the time this podcast goes live, the PlayStation Network will

37
00:02:13,480 --> 00:02:16,640
Speaker 1: be back up and running. It has been down since

38
00:02:16,800 --> 00:02:21,400
Speaker 1: they um so uh, you know, ten days and counting

39
00:02:21,520 --> 00:02:25,440
Speaker 1: of of no support from the PlayStation network, so all

40
00:02:25,440 --> 00:02:29,640
Speaker 1: that online support has gone. Uh. People cannot play online games,

41
00:02:29,880 --> 00:02:32,880
Speaker 1: and some some games they can't play at all, even

42
00:02:32,960 --> 00:02:35,680
Speaker 1: a single player local games they aren't able to play

43
00:02:35,840 --> 00:02:39,680
Speaker 1: for for certain titles because those titles rely upon the

44
00:02:39,680 --> 00:02:43,760
Speaker 1: PSN network. I'm just that's redundant. But the PSN in

45
00:02:43,840 --> 00:02:48,040
Speaker 1: order to uh to update information on things like trophies

46
00:02:48,440 --> 00:02:50,880
Speaker 1: and things like that, and so games that that tie

47
00:02:50,919 --> 00:02:53,880
Speaker 1: into that, that rely upon that network, they do not

48
00:02:54,120 --> 00:02:57,400
Speaker 1: run when the networks down. So there are some single

49
00:02:57,400 --> 00:02:59,560
Speaker 1: player games out there that just won't work on the

50
00:02:59,600 --> 00:03:04,640
Speaker 1: ps So as a result, players are understandably upset, and

51
00:03:04,639 --> 00:03:07,760
Speaker 1: they're upset for multiple reasons. One the network's down. That

52
00:03:07,840 --> 00:03:09,600
Speaker 1: was the first thing that upset people because when the

53
00:03:09,600 --> 00:03:12,560
Speaker 1: network went down, there was very little information from Sony

54
00:03:12,600 --> 00:03:15,480
Speaker 1: about the reason for taking the network down. As a

55
00:03:15,560 --> 00:03:18,919
Speaker 1: matter of fact, I remember a story just a few

56
00:03:19,000 --> 00:03:22,639
Speaker 1: days ago before it came to light what was really happening,

57
00:03:23,320 --> 00:03:27,120
Speaker 1: um that uh one of I only read the headline,

58
00:03:27,120 --> 00:03:30,960
Speaker 1: I admit, Uh. They were saying basically that Sony's customers

59
00:03:31,000 --> 00:03:34,680
Speaker 1: were actually not quite as irritated as they might have been. Now, granted,

60
00:03:34,680 --> 00:03:37,520
Speaker 1: at that point, the network hasn't been down very as

61
00:03:37,600 --> 00:03:39,920
Speaker 1: long as it has now it's you know, still out,

62
00:03:40,120 --> 00:03:42,400
Speaker 1: it's going on more than a week now, so but

63
00:03:42,520 --> 00:03:46,600
Speaker 1: you know, Sony's fans are known to be very, very

64
00:03:46,640 --> 00:03:49,640
Speaker 1: loyal and outspoken, which I think is it can be

65
00:03:49,680 --> 00:03:52,880
Speaker 1: a good thing. Um, And I think basically it's surprised

66
00:03:53,080 --> 00:03:57,280
Speaker 1: some that people weren't more concerned at the time, but again,

67
00:03:57,640 --> 00:04:01,560
Speaker 1: I think that's probably because it had had been released

68
00:04:01,680 --> 00:04:06,560
Speaker 1: that hackers were involved, and they had apparently UH managed

69
00:04:06,600 --> 00:04:09,440
Speaker 1: to gather up some personal information. Yeah. So let's let's

70
00:04:09,480 --> 00:04:13,400
Speaker 1: talk about kind of what Sony said at the beginning.

71
00:04:13,880 --> 00:04:19,560
Speaker 1: At the very beginning, when the PlayStation network went went offline, UH,

72
00:04:19,640 --> 00:04:23,040
Speaker 1: Sony essentially UH issued a message that there was going

73
00:04:23,080 --> 00:04:26,919
Speaker 1: to be some maintenance on the network and that it

74
00:04:27,080 --> 00:04:29,400
Speaker 1: was going to be back up between twenty four and

75
00:04:29,440 --> 00:04:33,200
Speaker 1: forty eight hours. Well, part of that wasn't a lie

76
00:04:33,400 --> 00:04:35,720
Speaker 1: or or actually they probably didn't intend for it. Well,

77
00:04:35,760 --> 00:04:37,640
Speaker 1: I'm sure they did not intend for it to be

78
00:04:38,360 --> 00:04:42,480
Speaker 1: down longer than so they weren't weren't outright lying. They

79
00:04:42,640 --> 00:04:46,000
Speaker 1: just didn't know, but it was due to maintenance. Yeah,

80
00:04:46,040 --> 00:04:48,520
Speaker 1: but they the way it was worded, it sounded like

81
00:04:48,560 --> 00:04:51,720
Speaker 1: it was a planned maintenance sort of issue. Well, of course,

82
00:04:51,880 --> 00:04:54,520
Speaker 1: I mean, if you again, UM, I like to get

83
00:04:54,560 --> 00:04:56,680
Speaker 1: people to think from the other side of this. If

84
00:04:56,680 --> 00:05:01,359
Speaker 1: you're PR, corporate PR. You're one, and it's something that

85
00:05:01,400 --> 00:05:05,680
Speaker 1: they can sort of obfuscate about, they can sort of

86
00:05:05,720 --> 00:05:08,000
Speaker 1: muddy the water about. They're probably going to try to

87
00:05:08,040 --> 00:05:10,920
Speaker 1: do it to make themselves look as good as possible. Yeah,

88
00:05:10,960 --> 00:05:13,599
Speaker 1: you don't want to say, hey, guys, our security was

89
00:05:13,640 --> 00:05:16,160
Speaker 1: breached and we don't know what the extent of the

90
00:05:16,160 --> 00:05:18,840
Speaker 1: problem is yet, UH, and our network is down as

91
00:05:18,839 --> 00:05:21,800
Speaker 1: a result of that. So just chill out because it

92
00:05:21,920 --> 00:05:24,760
Speaker 1: may have turned out that yes, security was breached, but

93
00:05:24,880 --> 00:05:28,679
Speaker 1: nothing went beyond that, right And if that were the case,

94
00:05:28,760 --> 00:05:32,240
Speaker 1: if no one had had a chance to access any

95
00:05:32,360 --> 00:05:35,560
Speaker 1: private information or or anything along those lines, are fiddle

96
00:05:35,640 --> 00:05:40,000
Speaker 1: with the network then Sony, So it would it would

97
00:05:40,080 --> 00:05:42,799
Speaker 1: benefit Sony to just leave that little bit out because

98
00:05:42,800 --> 00:05:44,960
Speaker 1: if no one managed to do anything, then there was

99
00:05:45,000 --> 00:05:47,919
Speaker 1: no real harm done to the end consumer apart from

100
00:05:47,960 --> 00:05:51,840
Speaker 1: a couple of days of the network being offline. Right

101
00:05:51,960 --> 00:05:54,800
Speaker 1: like the a few weeks ago, we were talking about

102
00:05:54,880 --> 00:05:58,040
Speaker 1: the data breach that happened here in UH the United

103
00:05:58,080 --> 00:06:02,520
Speaker 1: States with a number of UH loyalty marketing companies. There

104
00:06:02,560 --> 00:06:05,720
Speaker 1: was one provider that they used UM that that got

105
00:06:05,760 --> 00:06:08,880
Speaker 1: hacked into and Epsilon and all they got from Epsilon

106
00:06:08,960 --> 00:06:13,520
Speaker 1: really was names and addresses, although there may have been

107
00:06:14,320 --> 00:06:17,520
Speaker 1: there may have been some account not not like not

108
00:06:17,560 --> 00:06:20,720
Speaker 1: like credit card information, but loyalty account so they know

109
00:06:20,880 --> 00:06:22,919
Speaker 1: the kinds of things you buy right or or it

110
00:06:22,960 --> 00:06:26,640
Speaker 1: may or a number that identifies you for that particular system,

111
00:06:26,880 --> 00:06:28,920
Speaker 1: like not a not a credit card number, but say

112
00:06:29,000 --> 00:06:31,920
Speaker 1: you know you are like when you join a club

113
00:06:31,960 --> 00:06:33,920
Speaker 1: and it says you know you are member number four

114
00:06:34,080 --> 00:06:36,839
Speaker 1: seven eight nine three, Well at four seven eight nine

115
00:06:36,839 --> 00:06:39,279
Speaker 1: three is might be associated with you in that account,

116
00:06:39,279 --> 00:06:41,520
Speaker 1: and they may the hackers also have access to that,

117
00:06:41,600 --> 00:06:45,560
Speaker 1: but then has limited usability. Yeah, and that's not to

118
00:06:45,600 --> 00:06:48,080
Speaker 1: say that it isn't serious, because it is serious, mostly

119
00:06:48,120 --> 00:06:52,279
Speaker 1: because it can be used to target uh spear phishing attacks.

120
00:06:52,320 --> 00:06:55,240
Speaker 1: These are very directed phishing attacks where they say, hey,

121
00:06:55,400 --> 00:06:59,640
Speaker 1: Jonathan Strickland member number four seven one eight three, Uh,

122
00:06:59,720 --> 00:07:01,960
Speaker 1: we need to get your information. We don't have your

123
00:07:01,960 --> 00:07:04,839
Speaker 1: social security number on file? Can you please just type

124
00:07:04,839 --> 00:07:08,560
Speaker 1: that in this little box? I mean, or visit this website.

125
00:07:08,560 --> 00:07:11,120
Speaker 1: And as it turns out, the website is not the

126
00:07:11,240 --> 00:07:13,640
Speaker 1: corporate website. It's a different web. It's just there too

127
00:07:13,840 --> 00:07:16,120
Speaker 1: to steal as much of your information as possible. Well,

128
00:07:16,360 --> 00:07:20,119
Speaker 1: at the time, Sony wasn't sure exactly what white extent

129
00:07:20,200 --> 00:07:22,640
Speaker 1: the attack had, uh, you know, how far did the

130
00:07:22,680 --> 00:07:27,280
Speaker 1: attack go? So rather than cause alarm, Sony said the

131
00:07:27,560 --> 00:07:29,520
Speaker 1: network was down for maintenance and that it would be

132
00:07:29,600 --> 00:07:33,640
Speaker 1: back up for hours while they conducted an internal investigation.

133
00:07:34,280 --> 00:07:37,600
Speaker 1: So you could argue that Sony made the wrong call

134
00:07:37,920 --> 00:07:40,400
Speaker 1: and that Sony should have said that there had been

135
00:07:40,400 --> 00:07:43,240
Speaker 1: a breach and that there was the possibility that there

136
00:07:43,320 --> 00:07:46,840
Speaker 1: was more than just a breach of security. Uh. But

137
00:07:47,040 --> 00:07:49,400
Speaker 1: on the flip side of it, Sony was you wasn't

138
00:07:49,440 --> 00:07:52,440
Speaker 1: sure how bad it was. Once Sony was sure how

139
00:07:52,480 --> 00:07:55,360
Speaker 1: bad it was, they did come forward and say, all right,

140
00:07:55,960 --> 00:07:59,360
Speaker 1: our network is down due to a security breach, and

141
00:07:59,440 --> 00:08:03,080
Speaker 1: it appears is that the hackers have accessed uh at

142
00:08:03,160 --> 00:08:07,560
Speaker 1: least the personal data tables. These are the tables within

143
00:08:07,880 --> 00:08:11,640
Speaker 1: the network that UH that have all the the user

144
00:08:11,720 --> 00:08:18,160
Speaker 1: information things like your name, your address, UH, your m uh,

145
00:08:19,720 --> 00:08:24,400
Speaker 1: the country of origin. It might be your email as well, UM,

146
00:08:24,440 --> 00:08:30,040
Speaker 1: your PlayStation network password and log in information, the handle

147
00:08:30,120 --> 00:08:32,920
Speaker 1: that you use on the PlayStation network. UM. It might

148
00:08:33,000 --> 00:08:36,360
Speaker 1: also include your purchase history and building address. If you've

149
00:08:36,480 --> 00:08:40,160
Speaker 1: used the PlayStation network to buy games or or content

150
00:08:40,240 --> 00:08:45,520
Speaker 1: within games. UM. But those tables did not include the

151
00:08:45,520 --> 00:08:48,280
Speaker 1: credit card information. The credit card information were stored in

152
00:08:48,400 --> 00:08:51,840
Speaker 1: separate tables which may or may not have also been accessed.

153
00:08:52,160 --> 00:08:54,600
Speaker 1: And here's the big difference between those two tables. Besides

154
00:08:54,679 --> 00:09:00,319
Speaker 1: the content. The credit card table was encrypted, the personal

155
00:09:00,360 --> 00:09:04,719
Speaker 1: data table was not. Right. So there's actually it's kind

156
00:09:04,720 --> 00:09:08,320
Speaker 1: of UM. It's actually a little painful to read. But

157
00:09:08,360 --> 00:09:13,440
Speaker 1: there's a a frequently asked questions document on PlayStation where

158
00:09:13,480 --> 00:09:18,000
Speaker 1: they it addresses the actual outage and and what happened. UM.

159
00:09:18,160 --> 00:09:20,480
Speaker 1: And there's a specific bit here. Let's see if I

160
00:09:20,480 --> 00:09:25,160
Speaker 1: can find the particular question about uh whether or not

161
00:09:25,200 --> 00:09:28,920
Speaker 1: the personal data was encrypted? UM, because they kind of

162
00:09:29,040 --> 00:09:33,640
Speaker 1: dance around it. Let's see here. You wanna do you

163
00:09:33,640 --> 00:09:36,720
Speaker 1: wanna dance while I do this? Well, UM, I could

164
00:09:36,720 --> 00:09:39,400
Speaker 1: tell you that I was about to talk to uh,

165
00:09:39,520 --> 00:09:43,000
Speaker 1: to you about the fact that UM just yesterday again

166
00:09:43,080 --> 00:09:46,560
Speaker 1: as of the day we recorded this on the Stephen

167
00:09:46,640 --> 00:09:51,840
Speaker 1: Mussel of c Net wrote that, UM, there have been

168
00:09:51,960 --> 00:09:56,840
Speaker 1: messages circulating that hackers have claimed that they do in

169
00:09:56,960 --> 00:10:00,000
Speaker 1: fact have credit card information and it is for sale,

170
00:10:00,480 --> 00:10:02,880
Speaker 1: that they offered it back to Sony, but Sony refused

171
00:10:02,920 --> 00:10:07,280
Speaker 1: to buy it. Um, And the information includes, uh, not

172
00:10:07,360 --> 00:10:11,400
Speaker 1: only the credit card numbers, but the expiration dates of

173
00:10:11,440 --> 00:10:14,320
Speaker 1: the cards and the cvvs, which are the numbers on

174
00:10:14,360 --> 00:10:17,920
Speaker 1: the back of most credit cards or the front. Actually

175
00:10:17,960 --> 00:10:20,520
Speaker 1: it's not a CBV on an AMEX American Express card,

176
00:10:20,520 --> 00:10:23,520
Speaker 1: but it's the same It fulfills the same purpose security.

177
00:10:23,640 --> 00:10:26,840
Speaker 1: Do you have the security number? And so they claim

178
00:10:26,960 --> 00:10:29,480
Speaker 1: to have that, but it has not been established whether

179
00:10:29,559 --> 00:10:32,520
Speaker 1: or not that is legitimate. I would guess I'm guessing

180
00:10:32,520 --> 00:10:35,160
Speaker 1: that that's not legitimate. And the reason why I say

181
00:10:35,200 --> 00:10:38,040
Speaker 1: that's not legitimate is because Sony does not collect the

182
00:10:38,080 --> 00:10:43,120
Speaker 1: security numbers that and Sony collects the expiration date and

183
00:10:43,160 --> 00:10:45,440
Speaker 1: the actual credit card number, but not the security number.

184
00:10:45,480 --> 00:10:47,800
Speaker 1: So if someone claims to have all that information, they

185
00:10:47,840 --> 00:10:50,600
Speaker 1: didn't get it from Sony. So where did they magically

186
00:10:50,600 --> 00:10:54,880
Speaker 1: get these security numbers? I call shenanigans on that claim exactly. Well,

187
00:10:54,960 --> 00:10:57,280
Speaker 1: you see, um, you know, if you have a couple

188
00:10:57,280 --> 00:10:59,040
Speaker 1: of million dollars and you want to buy this database,

189
00:10:59,080 --> 00:11:02,280
Speaker 1: I'm sure they'll sell it to you. Show Uh So, yeah,

190
00:11:02,320 --> 00:11:04,079
Speaker 1: I've also got a bridge that I would like to

191
00:11:04,160 --> 00:11:07,079
Speaker 1: interest you in. But I did find the the specific

192
00:11:07,240 --> 00:11:10,920
Speaker 1: section and the frequently asked questions document on at PlayStation's

193
00:11:11,080 --> 00:11:15,600
Speaker 1: UM supports area, and it was was my personal data encrypted?

194
00:11:15,800 --> 00:11:19,920
Speaker 1: Here's Sony's answer. All of the data was protected and

195
00:11:20,120 --> 00:11:23,840
Speaker 1: access was restricted both physically and through the perimeter and

196
00:11:23,880 --> 00:11:27,960
Speaker 1: security of the network. The entire credit card table was encrypted,

197
00:11:28,160 --> 00:11:30,880
Speaker 1: and we have no evidence that credit card data was taken.

198
00:11:31,360 --> 00:11:34,240
Speaker 1: The personal data table, which is a separate data set,

199
00:11:34,320 --> 00:11:37,680
Speaker 1: was not encrypted, but was of course behind a very

200
00:11:37,720 --> 00:11:41,400
Speaker 1: sophisticated security system that was breached in a malicious attack.

201
00:11:41,800 --> 00:11:47,280
Speaker 1: So alright, Sony, come on, guys, it doesn't help your

202
00:11:47,400 --> 00:11:49,439
Speaker 1: case at all to say that your security system was

203
00:11:49,480 --> 00:11:54,720
Speaker 1: incredibly sophisticated if once the stuff has already been stolen, right,

204
00:11:55,040 --> 00:11:57,800
Speaker 1: I mean, that's like a bank coming out and saying

205
00:11:58,160 --> 00:12:01,640
Speaker 1: we had the best security measures imp place the burglars

206
00:12:01,640 --> 00:12:05,120
Speaker 1: stole everything. I mean, doesn't No one cares how sophisticated

207
00:12:05,120 --> 00:12:07,600
Speaker 1: your security was if in fact it was breached, because

208
00:12:07,600 --> 00:12:10,840
Speaker 1: clearly it was not secure enough. I mean, it's obvious

209
00:12:10,880 --> 00:12:13,160
Speaker 1: it wasn't secure enough, because if it were secure enough,

210
00:12:13,280 --> 00:12:16,520
Speaker 1: no one would have breached it. So arguing that your

211
00:12:16,559 --> 00:12:20,520
Speaker 1: security was really sophisticated doesn't impress anybody once the theft

212
00:12:20,559 --> 00:12:23,000
Speaker 1: has already happened. And also, you know, like I said,

213
00:12:23,040 --> 00:12:25,520
Speaker 1: it kind of danced around that question. Uh you know,

214
00:12:25,600 --> 00:12:27,439
Speaker 1: they didn't just come out and say no, we did

215
00:12:27,440 --> 00:12:30,959
Speaker 1: not encrypt your personal data until it got pretty far

216
00:12:31,000 --> 00:12:33,520
Speaker 1: into the answer. But yeah, so that personal data is

217
00:12:33,559 --> 00:12:37,200
Speaker 1: all out there and it's available. And then my opinion

218
00:12:37,920 --> 00:12:41,160
Speaker 1: that personal data is far more valuable than your credit

219
00:12:41,160 --> 00:12:45,080
Speaker 1: card number. And and here's why. So, yeah, getting your

220
00:12:45,080 --> 00:12:48,720
Speaker 1: credit card stolen stinks. I've had I've had my credit

221
00:12:48,760 --> 00:12:52,640
Speaker 1: card number stolen once before. And it's a pain because

222
00:12:52,679 --> 00:12:55,679
Speaker 1: it means that you you have to you have to uh,

223
00:12:56,000 --> 00:12:58,600
Speaker 1: you know, you dispute the the charges, you have to

224
00:12:58,679 --> 00:13:00,520
Speaker 1: change your credit card, you have to get a new card.

225
00:13:00,960 --> 00:13:04,320
Speaker 1: You know, they're there may be trouble disputing some charges

226
00:13:04,360 --> 00:13:07,640
Speaker 1: depending upon your credit card company and all that mess.

227
00:13:07,720 --> 00:13:09,840
Speaker 1: And this stuff can affect your credit rating and it's

228
00:13:09,840 --> 00:13:13,440
Speaker 1: a real pain in the neck. But ultimately you're talking

229
00:13:13,480 --> 00:13:16,640
Speaker 1: about probably a few hundred dollars if you're paying attention,

230
00:13:16,679 --> 00:13:19,360
Speaker 1: it may not even be that much, but you know

231
00:13:19,720 --> 00:13:21,440
Speaker 1: that's there's still a lot of money to a lot

232
00:13:21,480 --> 00:13:24,760
Speaker 1: of people, but it's not as much money as thousands

233
00:13:24,880 --> 00:13:28,800
Speaker 1: of dollars or tens of thousands of dollars, which is

234
00:13:28,880 --> 00:13:33,000
Speaker 1: what can be stolen from you or stolen within your

235
00:13:33,080 --> 00:13:37,400
Speaker 1: name should someone be able to steal your identity. And

236
00:13:37,840 --> 00:13:41,240
Speaker 1: when you think about it, these if a personal information

237
00:13:41,280 --> 00:13:44,800
Speaker 1: includes your name and your address and your birth date

238
00:13:45,440 --> 00:13:48,480
Speaker 1: and all of this sort of things, people could start

239
00:13:48,559 --> 00:13:52,000
Speaker 1: to use that to try and uh and apply for

240
00:13:52,080 --> 00:13:55,600
Speaker 1: credit cards in your name. And then that's where you

241
00:13:55,679 --> 00:13:58,360
Speaker 1: really start seeing some nasty, nasty hits. I mean, your

242
00:13:58,360 --> 00:14:01,679
Speaker 1: credit rating could plumb it as people take advantage of

243
00:14:01,679 --> 00:14:04,120
Speaker 1: that and steal your identity. Yes, and speaking of someone

244
00:14:04,160 --> 00:14:06,960
Speaker 1: who's had to do it, it's very very difficult to

245
00:14:08,120 --> 00:14:11,720
Speaker 1: uh go in and try to clean up your past

246
00:14:11,800 --> 00:14:15,560
Speaker 1: credit history, even when it's not um, you know, they're

247
00:14:15,640 --> 00:14:20,120
Speaker 1: very the credit agents are very protective of their information. Um.

248
00:14:20,160 --> 00:14:22,240
Speaker 1: And of course there are people who would love to

249
00:14:22,280 --> 00:14:24,440
Speaker 1: go up and go no, no, it was it was

250
00:14:24,800 --> 00:14:29,560
Speaker 1: it was hackers. Um. You know, so they uh, you know,

251
00:14:29,600 --> 00:14:32,000
Speaker 1: I would imagine that they are just particularly concerned that

252
00:14:32,040 --> 00:14:34,400
Speaker 1: people are allying to them. But it is very difficult

253
00:14:34,440 --> 00:14:37,400
Speaker 1: for even for those who can offer you know, more

254
00:14:37,400 --> 00:14:41,880
Speaker 1: concrete proof to go in and make changes. So um,

255
00:14:41,920 --> 00:14:45,600
Speaker 1: but even though I'm getting back to Sony specifically. UM,

256
00:14:45,680 --> 00:14:47,680
Speaker 1: I think in a way, they did some things right

257
00:14:47,720 --> 00:14:49,920
Speaker 1: and they did some things wrong. Obviously, the way they

258
00:14:50,000 --> 00:14:53,480
Speaker 1: handled it with regard to the customers, especially in the

259
00:14:53,480 --> 00:14:55,440
Speaker 1: eyes of the customers, leaves a lot to be desired.

260
00:14:55,440 --> 00:14:59,360
Speaker 1: I've seen many, uh complaints about that, and there's there

261
00:14:59,400 --> 00:15:01,560
Speaker 1: have even been law suits filed at this point. Yeah,

262
00:15:01,640 --> 00:15:03,560
Speaker 1: and we'll we'll talk. We'll need to talk a little

263
00:15:03,560 --> 00:15:05,920
Speaker 1: bit about those lawsuits because there's some there's a recent

264
00:15:05,960 --> 00:15:09,920
Speaker 1: Supreme Court ruling that might actually bear upon that. And

265
00:15:10,000 --> 00:15:12,920
Speaker 1: there's also one other element within the terms of use

266
00:15:12,960 --> 00:15:15,000
Speaker 1: that I would like to address as far as the

267
00:15:15,160 --> 00:15:17,760
Speaker 1: lawsuits are concerned. Yeah, we can, we can totally do

268
00:15:17,800 --> 00:15:19,400
Speaker 1: that in just a second. I just wanted to mention though,

269
00:15:19,560 --> 00:15:22,920
Speaker 1: that Sony did, in fact, UH call in an external

270
00:15:22,920 --> 00:15:26,560
Speaker 1: security auditor to take a look at the practices, um

271
00:15:26,880 --> 00:15:29,760
Speaker 1: and and did shut the networks down as soon as

272
00:15:29,800 --> 00:15:33,480
Speaker 1: they realized that there was a serious problem. And Uh,

273
00:15:33,520 --> 00:15:36,880
Speaker 1: the reason it's taking Song at least according to Sony,

274
00:15:37,120 --> 00:15:39,840
Speaker 1: is to get everything back up online is they're changing

275
00:15:40,040 --> 00:15:42,560
Speaker 1: the security structure of the site, which and I think

276
00:15:42,600 --> 00:15:45,520
Speaker 1: that that's an excellent thing and they're require They're going

277
00:15:45,600 --> 00:15:48,040
Speaker 1: to require everyone as soon as they reconnect to the

278
00:15:48,040 --> 00:15:52,240
Speaker 1: network to change their password. UM and that's something else

279
00:15:52,280 --> 00:15:54,520
Speaker 1: we should point out. If you are, if you're practicing

280
00:15:54,520 --> 00:15:59,840
Speaker 1: good security, first of all, you're in the most people

281
00:16:00,000 --> 00:16:02,040
Speaker 1: out I know there's some people out there who are

282
00:16:02,040 --> 00:16:04,480
Speaker 1: our listeners who claim that they do, and that's great,

283
00:16:04,640 --> 00:16:09,040
Speaker 1: I'm glad, fantastic. The rest of you are probably doing

284
00:16:09,040 --> 00:16:11,200
Speaker 1: the same thing that almost everyone is doing, which is

285
00:16:11,240 --> 00:16:14,800
Speaker 1: that you use maybe maybe a handful of passwords. Some

286
00:16:14,800 --> 00:16:17,280
Speaker 1: people just use one and they use it across everything,

287
00:16:17,440 --> 00:16:20,440
Speaker 1: and they might even use the same user name across everything,

288
00:16:20,880 --> 00:16:23,760
Speaker 1: in which case, if someone has access to your name,

289
00:16:24,200 --> 00:16:27,840
Speaker 1: your email address, your user name, and your password, and

290
00:16:27,840 --> 00:16:30,840
Speaker 1: you're using that same password across multiple platforms, all of

291
00:16:30,840 --> 00:16:34,360
Speaker 1: those platforms are now at risk. UH. That means the

292
00:16:34,400 --> 00:16:37,480
Speaker 1: hackers who stole that information could, in theory, access your

293
00:16:37,520 --> 00:16:41,320
Speaker 1: accounts across multiple platforms that might include emails, social networks,

294
00:16:41,800 --> 00:16:46,200
Speaker 1: other services. So you want to make sure that you're

295
00:16:46,320 --> 00:16:50,400
Speaker 1: using multiple passwords, make them difficult to guess. Don't just

296
00:16:50,440 --> 00:16:52,720
Speaker 1: make it a variation off a password that you're using

297
00:16:52,760 --> 00:16:55,440
Speaker 1: over and over again. Use a strong password generator. If

298
00:16:55,440 --> 00:16:59,360
Speaker 1: you need to, um, yeah, those are those are excellent.

299
00:16:59,400 --> 00:17:01,840
Speaker 1: There's there's a couple out there that you do things like,

300
00:17:01,920 --> 00:17:04,720
Speaker 1: for instance, you want to create a password, you put

301
00:17:04,760 --> 00:17:08,199
Speaker 1: in the u r L for the the website that

302
00:17:08,240 --> 00:17:10,320
Speaker 1: you're going to use. You can actually download code that

303
00:17:10,359 --> 00:17:12,359
Speaker 1: will allow you to do this, and you can even

304
00:17:12,400 --> 00:17:14,760
Speaker 1: turn your computer offline so that you know, you don't

305
00:17:14,800 --> 00:17:17,800
Speaker 1: have to worry about it broadcasting this anywhere. But you

306
00:17:17,840 --> 00:17:19,560
Speaker 1: put in the u r L for the website you

307
00:17:19,600 --> 00:17:22,280
Speaker 1: plan to visit. You put in a master password that

308
00:17:22,560 --> 00:17:24,119
Speaker 1: this is the same password you're going to use for

309
00:17:24,160 --> 00:17:28,520
Speaker 1: every single site. But using the master password and the

310
00:17:28,600 --> 00:17:31,040
Speaker 1: u r L, it creates a hash of that and

311
00:17:31,119 --> 00:17:34,000
Speaker 1: creates a strong password based on that. So then all

312
00:17:34,040 --> 00:17:36,000
Speaker 1: you do is put in different u r l's with

313
00:17:36,080 --> 00:17:39,000
Speaker 1: the same master password and it will generate its strong

314
00:17:39,040 --> 00:17:42,240
Speaker 1: password for you. You create your accounts that way using

315
00:17:42,240 --> 00:17:44,199
Speaker 1: that strong password, and if you ever forget it, all

316
00:17:44,240 --> 00:17:46,600
Speaker 1: you have to do is go back into that program.

317
00:17:46,640 --> 00:17:48,879
Speaker 1: You know, again disconnect yourself from all the networks if

318
00:17:48,880 --> 00:17:51,240
Speaker 1: you want to, but go back into that program, type

319
00:17:51,240 --> 00:17:53,280
Speaker 1: in the u r L and your master password again

320
00:17:53,359 --> 00:17:57,720
Speaker 1: and it will the same strong password will pop up again. Yeah, yeah,

321
00:17:57,840 --> 00:17:59,840
Speaker 1: and I have a I have a password wallet that

322
00:17:59,880 --> 00:18:03,239
Speaker 1: I use that will generate passwords, and uh, I have

323
00:18:03,400 --> 00:18:08,000
Speaker 1: the app on my phone and iPod and there's a

324
00:18:08,000 --> 00:18:10,760
Speaker 1: plug in for my browser. So it's that that actually

325
00:18:10,800 --> 00:18:13,680
Speaker 1: goes into the database and everything is encrypted. And if I,

326
00:18:13,680 --> 00:18:16,200
Speaker 1: if I do happen to lose my phone, the uh

327
00:18:16,680 --> 00:18:18,960
Speaker 1: uh and somebody else gets it and and breaks into it,

328
00:18:19,000 --> 00:18:22,879
Speaker 1: they have to they won't find out specifically what is

329
00:18:22,920 --> 00:18:25,280
Speaker 1: in there because they would have to actually get into

330
00:18:25,400 --> 00:18:27,680
Speaker 1: the password app two, which requires a separate and more

331
00:18:27,720 --> 00:18:33,000
Speaker 1: complex password. Um. So yeah, I mean it's uh, these

332
00:18:33,040 --> 00:18:36,120
Speaker 1: are these are good ideas, but uh, it doesn't change

333
00:18:36,160 --> 00:18:39,080
Speaker 1: the fact that that Sony customers are very upset not

334
00:18:39,200 --> 00:18:42,479
Speaker 1: only that they got that they weren't told about this,

335
00:18:42,520 --> 00:18:45,040
Speaker 1: but that they're on top of that, you know, that's

336
00:18:45,080 --> 00:18:48,960
Speaker 1: really insult to injury having their information taken. And a

337
00:18:48,960 --> 00:18:51,240
Speaker 1: lot of people are upset that they can't go back

338
00:18:51,280 --> 00:18:54,439
Speaker 1: in and change their user name and password on the

339
00:18:54,480 --> 00:18:57,280
Speaker 1: network because the network is down. Of course, if no

340
00:18:57,280 --> 00:18:59,520
Speaker 1: one else can get in, I would argue that that's

341
00:19:00,040 --> 00:19:02,480
Speaker 1: not quite as big as at this point, you should

342
00:19:02,520 --> 00:19:06,040
Speaker 1: really be concentrating on changing your password everywhere else. Yes,

343
00:19:06,280 --> 00:19:09,320
Speaker 1: like all the different emails and and social networks and

344
00:19:09,359 --> 00:19:11,639
Speaker 1: all the other services you use. If you use that

345
00:19:11,680 --> 00:19:14,040
Speaker 1: same password, you need to change it. Um, I want

346
00:19:14,080 --> 00:19:16,440
Speaker 1: to put a fraud alert on your credit report? Yeah. Yeah,

347
00:19:16,520 --> 00:19:19,280
Speaker 1: those can be a real pain too, just because if

348
00:19:19,280 --> 00:19:22,040
Speaker 1: you start using your credit card and you're you know,

349
00:19:22,080 --> 00:19:25,320
Speaker 1: you're out of town, then you may end up getting

350
00:19:25,320 --> 00:19:27,880
Speaker 1: a call from your your bank or credit union every

351
00:19:27,920 --> 00:19:31,880
Speaker 1: time you Yeah. Compared that compared to yeah, that it's

352
00:19:31,920 --> 00:19:33,800
Speaker 1: it's inconvenient, and it's a pain in the butt, but

353
00:19:33,840 --> 00:19:35,760
Speaker 1: it's less of a pain in the butt than dealing

354
00:19:35,800 --> 00:19:38,040
Speaker 1: with the fact that someone has stolen your information and

355
00:19:38,200 --> 00:19:43,080
Speaker 1: is using your card without your approval. Just as an aside, Yeah,

356
00:19:43,080 --> 00:19:45,919
Speaker 1: I've I've heard recently, very recently that the people who

357
00:19:46,040 --> 00:19:50,199
Speaker 1: steal credit card numbers now are not And you know,

358
00:19:50,240 --> 00:19:53,040
Speaker 1: if I were stealing credit card numbers, I would think

359
00:19:53,080 --> 00:19:55,080
Speaker 1: that I would want to do things as quickly as

360
00:19:55,160 --> 00:19:58,680
Speaker 1: possible to avoid, uh, you know, the person I stole

361
00:19:58,680 --> 00:20:01,880
Speaker 1: it from. Changing, Yeah, to call in and say, hey,

362
00:20:01,920 --> 00:20:04,640
Speaker 1: my credit card, my credit card has been stolen. Um.

363
00:20:04,680 --> 00:20:07,880
Speaker 1: But in a lot of cases, when when, apparently, when

364
00:20:07,880 --> 00:20:10,080
Speaker 1: this kind of thing happens. They don't run out and

365
00:20:10,240 --> 00:20:13,280
Speaker 1: buy lots of big screen TVs and designer genes and

366
00:20:13,320 --> 00:20:16,719
Speaker 1: all sorts of other cool fun stuff computers, video games.

367
00:20:16,760 --> 00:20:20,359
Speaker 1: They go and they buy stuff for twenty dollars or

368
00:20:20,560 --> 00:20:23,840
Speaker 1: thirty dollars because it doesn't go noticed. People let that

369
00:20:23,920 --> 00:20:26,040
Speaker 1: kind of thing slide on their card. They go, wait

370
00:20:26,080 --> 00:20:28,520
Speaker 1: a minute, I don't remember going to Best Buy and

371
00:20:28,600 --> 00:20:32,480
Speaker 1: spending twenty five times. I probably bought a movie or something. Oh, well,

372
00:20:32,560 --> 00:20:34,359
Speaker 1: you know, I'm sure it's it's just twenty bucks. It's

373
00:20:34,400 --> 00:20:36,480
Speaker 1: no big deal. That's the thing that they've started to do.

374
00:20:36,560 --> 00:20:39,960
Speaker 1: And that's very insidious because they could continue to do

375
00:20:40,000 --> 00:20:42,480
Speaker 1: that and continue to hold on your information and take

376
00:20:42,520 --> 00:20:44,960
Speaker 1: money from you for years. Well, like we said, though,

377
00:20:45,000 --> 00:20:49,000
Speaker 1: credit cards, that's cheap. In the long run, the long game,

378
00:20:49,200 --> 00:20:51,640
Speaker 1: credit card is nothing. In fact, we had a security

379
00:20:51,640 --> 00:20:54,200
Speaker 1: expert come and talk to the editorial department at House

380
00:20:54,200 --> 00:20:56,000
Speaker 1: Stuff Works just as part of our we have this

381
00:20:56,080 --> 00:20:59,119
Speaker 1: ongoing lecture series where we get to listen to various

382
00:20:59,119 --> 00:21:02,120
Speaker 1: experts in different fields. And the security expert was talking

383
00:21:02,119 --> 00:21:05,000
Speaker 1: about how credit card information is cheap. It's it's you know,

384
00:21:05,119 --> 00:21:07,359
Speaker 1: it's like fifteen cents for a credit card number, and

385
00:21:07,359 --> 00:21:10,280
Speaker 1: it's because it's because there is no guarantee that credit

386
00:21:10,320 --> 00:21:13,240
Speaker 1: card number is going to be good for very much longer. Um.

387
00:21:13,359 --> 00:21:16,439
Speaker 1: What's valuable is the personal information, because that's where you

388
00:21:16,440 --> 00:21:19,520
Speaker 1: can start to you know, you you create your own

389
00:21:19,560 --> 00:21:22,880
Speaker 1: credit card based upon this person's identity, on that person's

390
00:21:22,920 --> 00:21:25,119
Speaker 1: credit rating, and you have all the billing go to

391
00:21:25,440 --> 00:21:27,119
Speaker 1: information go to a different place. You don't have to

392
00:21:27,119 --> 00:21:29,439
Speaker 1: worry about paying for it. You're just gonna run that

393
00:21:29,520 --> 00:21:31,320
Speaker 1: up as much as you can, and that's where you

394
00:21:31,359 --> 00:21:35,239
Speaker 1: make the big purchases, right So, and and ultimately the

395
00:21:35,280 --> 00:21:38,680
Speaker 1: person whose name is attached to that number that's their

396
00:21:38,720 --> 00:21:41,359
Speaker 1: credit rating, is going to suffer as a result, and

397
00:21:41,800 --> 00:21:44,640
Speaker 1: that's where you really have to worry. So again, even

398
00:21:44,680 --> 00:21:47,600
Speaker 1: if the credit card information wasn't touched, that personal data

399
00:21:47,640 --> 00:21:52,320
Speaker 1: is very important now they the hackers would lack certain

400
00:21:52,320 --> 00:21:55,359
Speaker 1: information that would really make it useful, like your Social

401
00:21:55,359 --> 00:21:59,440
Speaker 1: Security number. That part is not in your ps N profile,

402
00:21:59,720 --> 00:22:03,720
Speaker 1: So he does not ask for that. So for that reason,

403
00:22:03,760 --> 00:22:06,600
Speaker 1: Sony has alerted users that they should be on the

404
00:22:06,640 --> 00:22:12,040
Speaker 1: lookout for any spear phishing attempts. Sony has said it

405
00:22:12,080 --> 00:22:15,640
Speaker 1: will not ask for personal information through email. Just like

406
00:22:16,080 --> 00:22:19,439
Speaker 1: most retailers and organizations will say the same thing. They

407
00:22:19,480 --> 00:22:22,679
Speaker 1: will never ask for your personal identifiable information to be

408
00:22:22,760 --> 00:22:25,600
Speaker 1: sent over email. So if you get an email from

409
00:22:25,640 --> 00:22:29,359
Speaker 1: apparently Sony that says, all right, we're ready to reinstate

410
00:22:29,400 --> 00:22:32,520
Speaker 1: your ps N profile, but we need your Social Security

411
00:22:32,560 --> 00:22:34,919
Speaker 1: number in order to do it, that's a red flag.

412
00:22:35,440 --> 00:22:37,879
Speaker 1: That's a that's a sign of spear fishing, and that

413
00:22:37,920 --> 00:22:40,239
Speaker 1: the person who sent that is probably just trying to

414
00:22:40,280 --> 00:22:42,760
Speaker 1: gather as much user information as possible to sell it

415
00:22:42,800 --> 00:22:46,480
Speaker 1: off to whomever. So um we we said this a

416
00:22:46,520 --> 00:22:50,959
Speaker 1: few weeks ago, but basically, any reputable company who values

417
00:22:51,000 --> 00:22:53,639
Speaker 1: your business and and may actually need some of this

418
00:22:53,760 --> 00:22:59,600
Speaker 1: information for legitimate purposes, legitimate real world companies are not

419
00:22:59,760 --> 00:23:01,919
Speaker 1: going to ask for you to mail that in or

420
00:23:02,000 --> 00:23:07,119
Speaker 1: to send it in over um A network because basically,

421
00:23:07,160 --> 00:23:09,600
Speaker 1: at this point they all know that these kinds of

422
00:23:09,640 --> 00:23:12,119
Speaker 1: things are going on. It's always better if you have

423
00:23:12,200 --> 00:23:15,040
Speaker 1: any questions to give the company a call at the

424
00:23:15,119 --> 00:23:18,359
Speaker 1: number listed on its legitimate website. Go to the website yourself,

425
00:23:18,400 --> 00:23:22,399
Speaker 1: don't click on any links and those emails, and h

426
00:23:22,680 --> 00:23:24,720
Speaker 1: get the phone number, use the one on your bill

427
00:23:25,400 --> 00:23:28,159
Speaker 1: or whatever to I to call and say, hey, did

428
00:23:28,240 --> 00:23:31,000
Speaker 1: you do you actually need this information? Talk to a

429
00:23:31,000 --> 00:23:33,440
Speaker 1: customer service representative and say, you know, I'm happy to

430
00:23:33,560 --> 00:23:36,080
Speaker 1: you know, hopefully I'm happy to give you the information

431
00:23:36,119 --> 00:23:38,280
Speaker 1: you need if you need it. But I believe this

432
00:23:38,359 --> 00:23:41,480
Speaker 1: might be an attempt to get my information. And if so,

433
00:23:42,200 --> 00:23:44,040
Speaker 1: you guys need to be aware of it so that

434
00:23:44,240 --> 00:23:46,840
Speaker 1: you know, you can maybe message out to people that

435
00:23:46,880 --> 00:23:51,280
Speaker 1: there are these kinds of attacks. Um and yeah, I've

436
00:23:51,320 --> 00:23:53,840
Speaker 1: I've actually had my information soul and wasn't actually related

437
00:23:53,880 --> 00:23:56,640
Speaker 1: to a tech thing. Somebody else that I did business with,

438
00:23:56,960 --> 00:24:01,000
Speaker 1: um had a person on the inside who was uh

439
00:24:01,080 --> 00:24:04,959
Speaker 1: selling information. Yeah, yeah, that can happen. That's essentially you know,

440
00:24:05,040 --> 00:24:07,760
Speaker 1: sabotage is really what that comes down to. Yeah. Yeah.

441
00:24:07,800 --> 00:24:09,800
Speaker 1: And so you know, if you were if you were

442
00:24:09,800 --> 00:24:13,280
Speaker 1: in a situation like this, either through the PlayStation network

443
00:24:13,440 --> 00:24:15,800
Speaker 1: or some other company, you want to make sure you

444
00:24:15,880 --> 00:24:18,439
Speaker 1: keep an eye in your your credit reports. And in

445
00:24:18,480 --> 00:24:20,520
Speaker 1: the United States you can do that. Um. You know,

446
00:24:20,560 --> 00:24:23,240
Speaker 1: I believe there's there's a law and effect now for

447
00:24:23,320 --> 00:24:26,119
Speaker 1: everybody that you can get one reporter year free, one

448
00:24:26,440 --> 00:24:31,520
Speaker 1: free credit report from each of the credit Yeah and um,

449
00:24:31,520 --> 00:24:35,200
Speaker 1: and those would be Equifax, trans Union, and Experience UM

450
00:24:35,280 --> 00:24:37,200
Speaker 1: and you you would definitely want to keep an eye

451
00:24:37,200 --> 00:24:40,240
Speaker 1: on that. UM. Some states like the one we live

452
00:24:40,280 --> 00:24:42,919
Speaker 1: and allow you, I believe, to reports per year. You

453
00:24:42,920 --> 00:24:45,720
Speaker 1: can sign up for services that will allow you to

454
00:24:45,920 --> 00:24:47,760
Speaker 1: check it as many times as you want to. I

455
00:24:47,960 --> 00:24:52,040
Speaker 1: I you know, there's usually a pretty decent fee associated

456
00:24:52,080 --> 00:24:55,880
Speaker 1: with that. UM. And I've talked, I've I've heard information

457
00:24:55,960 --> 00:25:01,560
Speaker 1: from some of the UH consumer protect your folks. I

458
00:25:01,680 --> 00:25:04,080
Speaker 1: can't think of what you call them, like consumer watchdogs

459
00:25:04,080 --> 00:25:05,760
Speaker 1: and say, yeah, you know, you do need to keep

460
00:25:05,760 --> 00:25:07,159
Speaker 1: an eye on your credit, but you might not need

461
00:25:07,200 --> 00:25:09,399
Speaker 1: to spend twenty dollars a month to keep an eye

462
00:25:09,400 --> 00:25:14,000
Speaker 1: on your credit every day. UM. So you know, just

463
00:25:14,000 --> 00:25:16,760
Speaker 1: just be wary of that. Certainly, UH, if I were

464
00:25:16,800 --> 00:25:21,080
Speaker 1: affected by the PlayStation network fiasco, I would I would

465
00:25:21,080 --> 00:25:24,800
Speaker 1: certainly change that credit card number immediately if you haven't

466
00:25:24,800 --> 00:25:28,760
Speaker 1: already hopefully you already have. Yeah, and um I changing

467
00:25:28,800 --> 00:25:30,919
Speaker 1: credit card numbers today is even a bigger pain than

468
00:25:30,960 --> 00:25:33,160
Speaker 1: it used to be. The reason for that is things

469
00:25:33,160 --> 00:25:36,720
Speaker 1: like when you set up recurring payments for stuff. Yes,

470
00:25:36,960 --> 00:25:39,879
Speaker 1: I mean, as we make these systems simpler to do

471
00:25:39,920 --> 00:25:43,520
Speaker 1: all your your payments online. Then we have to remember, oh,

472
00:25:43,600 --> 00:25:45,440
Speaker 1: I changed my credit card number. I have to go

473
00:25:45,640 --> 00:25:49,919
Speaker 1: through every single building service I use and change my

474
00:25:50,040 --> 00:25:53,840
Speaker 1: information there or else I'm going to default on a bill. Yeah. Yeah,

475
00:25:54,000 --> 00:25:56,640
Speaker 1: pain in the butt, but still still better than having

476
00:25:56,640 --> 00:25:59,320
Speaker 1: your identity still in For Sony, though, this is gonna

477
00:25:59,320 --> 00:26:02,399
Speaker 1: be a real headache for sometime. Sony has got This

478
00:26:02,440 --> 00:26:04,600
Speaker 1: is gonna be costs Sony big time. And it's gonna

479
00:26:04,640 --> 00:26:08,080
Speaker 1: cost it because there are between seventy and seventy seven

480
00:26:08,320 --> 00:26:14,040
Speaker 1: million users of PSN. That's a lot of people. And

481
00:26:14,119 --> 00:26:18,440
Speaker 1: to UH to update the security information is it's this

482
00:26:18,480 --> 00:26:22,400
Speaker 1: is a major investment to to fix this problem. It's

483
00:26:22,400 --> 00:26:25,760
Speaker 1: almost like creating the network over from scratch. And they

484
00:26:25,800 --> 00:26:30,720
Speaker 1: have a huge blow to their reputation because not all

485
00:26:30,760 --> 00:26:33,159
Speaker 1: of those users are necessarily going to be willing to

486
00:26:33,200 --> 00:26:37,240
Speaker 1: come back after having their information stolen like this. They aren't,

487
00:26:37,440 --> 00:26:42,080
Speaker 1: and new users might rethink joining because of this breach,

488
00:26:42,560 --> 00:26:45,080
Speaker 1: and so they may say, I don't want to put

489
00:26:45,080 --> 00:26:47,840
Speaker 1: my information in the hands of a company that has

490
00:26:47,880 --> 00:26:51,560
Speaker 1: shown itself incapable of keeping it protected. Well, I would, uh,

491
00:26:52,119 --> 00:26:54,200
Speaker 1: I would go out on a limb. We It's a

492
00:26:54,280 --> 00:26:56,440
Speaker 1: long ways away now from our prediction episode, I would

493
00:26:56,440 --> 00:26:58,199
Speaker 1: go out on a limb and say that's Sony. The

494
00:26:58,240 --> 00:27:00,680
Speaker 1: thing that saves Sony in this case, if anything does,

495
00:27:00,880 --> 00:27:06,520
Speaker 1: is that amazing loyalty that PlayStation customers have. But I

496
00:27:07,000 --> 00:27:09,200
Speaker 1: still think a lot of people are going to be

497
00:27:09,920 --> 00:27:13,480
Speaker 1: extremely upset and quite a few will probably drop out. Yeah,

498
00:27:13,520 --> 00:27:16,359
Speaker 1: and this is again, by the time this podcast goes live,

499
00:27:16,480 --> 00:27:20,359
Speaker 1: there may very well be many more developments. Maybe you

500
00:27:20,400 --> 00:27:24,000
Speaker 1: will know exactly who was responsible for these attacks. As

501
00:27:24,000 --> 00:27:27,240
Speaker 1: of this moment, we don't. We can't say Sony may

502
00:27:27,240 --> 00:27:29,640
Speaker 1: have an idea, but Sony's not letting everyone know, which

503
00:27:29,840 --> 00:27:33,880
Speaker 1: makes sense, rightification Right, So by the time this goes live,

504
00:27:33,960 --> 00:27:35,639
Speaker 1: we may have more information. I might have to come

505
00:27:35,720 --> 00:27:38,359
Speaker 1: in with a breaking news segment at the end and

506
00:27:38,520 --> 00:27:41,560
Speaker 1: kind of update. But but as of the twenty ninth

507
00:27:41,600 --> 00:27:44,640
Speaker 1: of April, we should also mention you you talked about

508
00:27:44,680 --> 00:27:47,439
Speaker 1: the fact that there's a class action suit or some

509
00:27:47,600 --> 00:27:52,480
Speaker 1: lawsuits being levied against Sony. Have seen one right so far?

510
00:27:53,000 --> 00:27:56,359
Speaker 1: There was an interesting news report I saw that said

511
00:27:56,480 --> 00:28:00,359
Speaker 1: that um, because of a different UH suit that was

512
00:28:00,400 --> 00:28:03,639
Speaker 1: brought forth to the Supreme Court. UM, there was a

513
00:28:05,280 --> 00:28:09,520
Speaker 1: class action lawsuit that was brought against a phone company UM.

514
00:28:09,800 --> 00:28:14,520
Speaker 1: A Southern California couple uh levied a lawsuit, began a

515
00:28:14,520 --> 00:28:17,560
Speaker 1: class action lawsuit against the phone company because they were

516
00:28:18,119 --> 00:28:21,320
Speaker 1: they had a fee of around thirty dollars tacked onto

517
00:28:21,480 --> 00:28:25,919
Speaker 1: their cell phone UM bill or cell phone purchase, and

518
00:28:26,000 --> 00:28:30,479
Speaker 1: they said that that that was an unfair bill and

519
00:28:30,480 --> 00:28:33,240
Speaker 1: that it wasn't communicated to them, and that they were

520
00:28:33,840 --> 00:28:35,920
Speaker 1: essentially that the company had stolen that money from them.

521
00:28:35,960 --> 00:28:39,240
Speaker 1: So I started a class action lawsuit. A class action lawsuit,

522
00:28:40,080 --> 00:28:42,600
Speaker 1: it's like a when you get a whole bunch of

523
00:28:42,600 --> 00:28:46,080
Speaker 1: people who all have been affected by the same well

524
00:28:46,120 --> 00:28:48,240
Speaker 1: if the if the court decides at the same crime,

525
00:28:49,200 --> 00:28:52,880
Speaker 1: and they all are seeking damages against a company for

526
00:28:52,960 --> 00:28:56,200
Speaker 1: that crime. Now, normally the money in a class action

527
00:28:56,280 --> 00:28:59,800
Speaker 1: lawsuit for each individual consumer is pretty low, uh. And

528
00:28:59,800 --> 00:29:01,920
Speaker 1: that that's why you want a class action lawsuit. You

529
00:29:01,920 --> 00:29:04,560
Speaker 1: want a lot of people banded together for this because

530
00:29:05,320 --> 00:29:08,600
Speaker 1: it doesn't make any financial sense to pursue this in

531
00:29:08,840 --> 00:29:11,360
Speaker 1: a small claims court because you're gonna spend way more

532
00:29:11,440 --> 00:29:14,600
Speaker 1: money in court than you would reclaiming whatever it was

533
00:29:14,640 --> 00:29:17,000
Speaker 1: was stolen from you. Right, But together you can pull

534
00:29:17,040 --> 00:29:21,560
Speaker 1: the costs and and actually bring a suit and and

535
00:29:21,640 --> 00:29:25,120
Speaker 1: lawyers love them because they get a little bit off

536
00:29:25,160 --> 00:29:28,040
Speaker 1: of each and every transaction. And if there are if

537
00:29:28,040 --> 00:29:30,560
Speaker 1: there are millions of people in the in the lawsuit,

538
00:29:30,680 --> 00:29:34,240
Speaker 1: that that's big bucks. It's It's very weird though, when

539
00:29:34,280 --> 00:29:36,440
Speaker 1: you're somebody who didn't actually bring the suit and you

540
00:29:36,480 --> 00:29:38,720
Speaker 1: get the letter in the mail and says, hey, you're

541
00:29:39,160 --> 00:29:41,479
Speaker 1: so sure, so and so customer, you're part of this

542
00:29:41,600 --> 00:29:45,320
Speaker 1: class action lawsuit. Here's your five dollars, yeah, dollar forty nine.

543
00:29:45,320 --> 00:29:47,800
Speaker 1: Here you um And they're like, hey, I won five

544
00:29:47,840 --> 00:29:49,800
Speaker 1: dollars and you don't even think. You don't even think

545
00:29:49,880 --> 00:29:52,240
Speaker 1: of whatever it was that was the purpose of the

546
00:29:52,240 --> 00:29:56,000
Speaker 1: suit in the first place. But the in this case,

547
00:29:56,320 --> 00:30:00,280
Speaker 1: the cell phone company or they said that they ad

548
00:30:00,280 --> 00:30:04,240
Speaker 1: within their terms of use a a statement that prevented

549
00:30:04,280 --> 00:30:07,479
Speaker 1: people from bringing a class action lawsuit against them. And

550
00:30:07,560 --> 00:30:09,560
Speaker 1: that's what was being taken to court, the challenge of

551
00:30:09,680 --> 00:30:13,520
Speaker 1: can you have something in your terms of service that

552
00:30:13,520 --> 00:30:17,560
Speaker 1: that will prevent the the ability of class action lawsuit

553
00:30:17,600 --> 00:30:20,320
Speaker 1: being levied against you? And the Supreme Court upheld that

554
00:30:20,560 --> 00:30:24,080
Speaker 1: five to four. So if you are a company and

555
00:30:24,120 --> 00:30:26,200
Speaker 1: you put in your terms of service that you do

556
00:30:26,360 --> 00:30:30,479
Speaker 1: not allow class action lawsuits to be levied against you

557
00:30:30,520 --> 00:30:36,400
Speaker 1: for whatever reason. Apparently that can be Um, that's upheld

558
00:30:36,440 --> 00:30:38,520
Speaker 1: by the Supreme Court. That doesn't mean that that's permanent.

559
00:30:38,560 --> 00:30:41,200
Speaker 1: And of course that's just the United States. Not every

560
00:30:41,920 --> 00:30:45,760
Speaker 1: uh country does this. Not every country allows class action lawsuits. Actually,

561
00:30:45,760 --> 00:30:49,200
Speaker 1: so UM, it's not it's not a done deal. But

562
00:30:49,320 --> 00:30:53,120
Speaker 1: also there was I saw someone mentioned that Sony has

563
00:30:53,200 --> 00:30:57,880
Speaker 1: a statement called the limitation of liability and uh, if

564
00:30:57,880 --> 00:31:00,720
Speaker 1: you read that paragraph in their terms of use, uh,

565
00:31:00,800 --> 00:31:03,440
Speaker 1: it says, I'll just read the part that pertains to this.

566
00:31:04,520 --> 00:31:06,600
Speaker 1: We have to throw in some more legal language. We

567
00:31:06,680 --> 00:31:08,560
Speaker 1: need to protect us so that we can provide you

568
00:31:08,600 --> 00:31:11,800
Speaker 1: the benefits of the sites. In no event will s

569
00:31:11,840 --> 00:31:16,800
Speaker 1: c e A, Its officers, directors, employees, shareholders, representatives, or

570
00:31:16,840 --> 00:31:23,080
Speaker 1: agents be liable to you for any direct, indirect, incidental, special, punitive,

571
00:31:23,240 --> 00:31:27,680
Speaker 1: or consequential damages whatsoever resulting from any and then there's

572
00:31:27,680 --> 00:31:30,120
Speaker 1: a list of of criteria, but the one that pertains

573
00:31:30,120 --> 00:31:34,720
Speaker 1: to our discussion is c any unauthorized access to or

574
00:31:34,920 --> 00:31:38,640
Speaker 1: use of our secure servers or any and all non

575
00:31:38,680 --> 00:31:42,640
Speaker 1: secured personal information. I saw someone suggest that maybe that

576
00:31:42,640 --> 00:31:45,480
Speaker 1: would give Sony an out in this case. I don't

577
00:31:45,480 --> 00:31:47,600
Speaker 1: think so. And the reason why I don't think so, now,

578
00:31:47,600 --> 00:31:50,880
Speaker 1: granted I am not a lawyer, so this is just

579
00:31:50,960 --> 00:31:55,400
Speaker 1: basically this is based upon my understanding of the English language. Right, So,

580
00:31:55,760 --> 00:32:02,240
Speaker 1: they said all non secured personal information, but this is secured, Yes,

581
00:32:02,280 --> 00:32:06,360
Speaker 1: this information was, well, the credit card is encrypted, but

582
00:32:06,360 --> 00:32:08,680
Speaker 1: the personal data they don't know that the credit card

583
00:32:08,720 --> 00:32:10,680
Speaker 1: information was taken in the first place, but the personal

584
00:32:10,760 --> 00:32:14,240
Speaker 1: data they do know that someone that was that was

585
00:32:14,280 --> 00:32:16,920
Speaker 1: one of the targets of the attack. The argument might

586
00:32:16,960 --> 00:32:20,240
Speaker 1: be that it wasn't secured, right, So, well, they would

587
00:32:20,320 --> 00:32:23,280
Speaker 1: argue that maybe they might argue that they're that information,

588
00:32:23,520 --> 00:32:26,120
Speaker 1: that the liability means that they're free to go. But

589
00:32:26,480 --> 00:32:30,520
Speaker 1: because it says non secured personal data, you know, they

590
00:32:30,640 --> 00:32:34,280
Speaker 1: specifically said in uh in that in that fact that

591
00:32:34,360 --> 00:32:39,640
Speaker 1: I mentioned that the the that it was restricted both

592
00:32:39,640 --> 00:32:42,640
Speaker 1: physically and through the perimeter and security of the network.

593
00:32:43,040 --> 00:32:46,160
Speaker 1: They were very specific to say that this information was

594
00:32:46,200 --> 00:32:51,080
Speaker 1: behind state of the art, sophisticated security system. So I

595
00:32:51,120 --> 00:32:53,440
Speaker 1: don't think they could argue that it was non secured

596
00:32:53,520 --> 00:32:57,240
Speaker 1: personal data. No, probably not, because in their own statements

597
00:32:57,240 --> 00:32:58,920
Speaker 1: out to the customer they said no, no, no, no,

598
00:32:58,920 --> 00:33:01,120
Speaker 1: no, no no, this information was cure. It's just these people

599
00:33:01,120 --> 00:33:03,920
Speaker 1: were really good and they managed to breach the system.

600
00:33:04,000 --> 00:33:07,720
Speaker 1: So I don't think Sony can avoid a lawsuit based

601
00:33:07,760 --> 00:33:11,080
Speaker 1: upon that criteria. Now there may be that there's other

602
00:33:11,200 --> 00:33:13,800
Speaker 1: information buried within the terms of use that would would

603
00:33:14,120 --> 00:33:17,000
Speaker 1: protect Sony from that, but in that particular paragraph, I

604
00:33:17,040 --> 00:33:19,880
Speaker 1: don't think it applies. Yeah, it sounds like it, but

605
00:33:19,920 --> 00:33:23,400
Speaker 1: I don't. It's certainly going to uh too. This is

606
00:33:23,400 --> 00:33:26,040
Speaker 1: going to dog them for some time, I belive, especially

607
00:33:26,040 --> 00:33:28,760
Speaker 1: on the heels of other missteps they've made over the

608
00:33:28,800 --> 00:33:31,040
Speaker 1: past few years well, and and that, and the fact

609
00:33:31,080 --> 00:33:34,200
Speaker 1: that it came on the heels of the Epsilon breach,

610
00:33:34,840 --> 00:33:39,840
Speaker 1: so people's attention to security online security has already been heightened,

611
00:33:40,320 --> 00:33:43,120
Speaker 1: and to see this happened shortly after that that breach

612
00:33:43,200 --> 00:33:46,480
Speaker 1: became public was really bad news for Sony. And also

613
00:33:46,600 --> 00:33:49,800
Speaker 1: I have to say, you know, Sony's strategy of not

614
00:33:49,920 --> 00:33:51,880
Speaker 1: coming forward and saying that there was a breach early

615
00:33:51,920 --> 00:33:54,920
Speaker 1: on that probably has hurt them quite a bit as well.

616
00:33:54,960 --> 00:33:56,560
Speaker 1: But there was no way of knowing at the time

617
00:33:56,600 --> 00:33:58,400
Speaker 1: that it was going to hurt them. It's just that

618
00:33:58,480 --> 00:34:00,720
Speaker 1: in retrospect, you sit there and you you come forward

619
00:34:00,720 --> 00:34:02,440
Speaker 1: and say, oh, it's just down for maintenance, and then

620
00:34:02,480 --> 00:34:03,880
Speaker 1: a couple of days literally say all right, there was

621
00:34:03,880 --> 00:34:07,320
Speaker 1: a breach. Then people say, well, we how how can

622
00:34:07,360 --> 00:34:10,600
Speaker 1: we trust you as a company if you're going to um,

623
00:34:11,080 --> 00:34:13,800
Speaker 1: you know, lie to your users. Now, you could argue

624
00:34:13,840 --> 00:34:16,280
Speaker 1: that Sony had to do that in order to conduct

625
00:34:16,360 --> 00:34:20,600
Speaker 1: its investigation and as uh effective a way as possible,

626
00:34:20,640 --> 00:34:23,440
Speaker 1: because all the more information Sony gives out, the more

627
00:34:23,640 --> 00:34:27,439
Speaker 1: firepower they give to the attackers. So there's there's a

628
00:34:27,480 --> 00:34:30,880
Speaker 1: scale there. When I meant miss when I was saying missteps,

629
00:34:30,920 --> 00:34:34,359
Speaker 1: I was specifically thinking of the root kit situation from

630
00:34:34,400 --> 00:34:36,680
Speaker 1: a few years ago, which we mentioned on an podcast,

631
00:34:36,680 --> 00:34:39,480
Speaker 1: and they were very um, oh no, nothing's wrong. Okay,

632
00:34:39,520 --> 00:34:41,960
Speaker 1: So yeah, there was this root Kit. Sorry, Yeah, I've

633
00:34:41,960 --> 00:34:44,839
Speaker 1: seen I've seen kind of the same thing. I've seen

634
00:34:44,920 --> 00:34:48,200
Speaker 1: some journalists out there say that Sony should at least

635
00:34:48,239 --> 00:34:52,359
Speaker 1: actually offer an apology to users. Uh, there's a lot

636
00:34:52,400 --> 00:34:55,480
Speaker 1: of we regret that this information was stolen, but not

637
00:34:55,520 --> 00:34:58,839
Speaker 1: an outright we're sorry, right, and that we're sorry might

638
00:34:58,880 --> 00:35:02,279
Speaker 1: go a long way. I'm not or what Sony's thought,

639
00:35:02,400 --> 00:35:04,800
Speaker 1: what the the executives at Sonny, what their thought processes.

640
00:35:04,840 --> 00:35:07,040
Speaker 1: I know that if I were an executive at Sony,

641
00:35:07,280 --> 00:35:10,560
Speaker 1: I would probably if I were not issuing an apology,

642
00:35:10,600 --> 00:35:14,160
Speaker 1: it would probably be because in my mind, that would

643
00:35:14,200 --> 00:35:18,480
Speaker 1: be accepting even more responsibility for the breach, and there

644
00:35:18,640 --> 00:35:22,480
Speaker 1: that might in turn look bad to shareholders because we

645
00:35:22,480 --> 00:35:25,600
Speaker 1: have to remember that for companies, they have multiple kinds

646
00:35:25,600 --> 00:35:29,840
Speaker 1: of customers. Right, there's the customer like I mean myself,

647
00:35:29,880 --> 00:35:34,080
Speaker 1: you know, or Chris there. We're customers of various companies

648
00:35:34,200 --> 00:35:37,799
Speaker 1: where you know, we're purchasing goods or services. But then

649
00:35:37,880 --> 00:35:40,920
Speaker 1: there are customers like the shareholders who own a stake

650
00:35:41,000 --> 00:35:44,360
Speaker 1: within that company and to serve them, you know, you

651
00:35:44,400 --> 00:35:48,400
Speaker 1: have this delicate balancing act. There's only so much responsibility

652
00:35:48,440 --> 00:35:51,040
Speaker 1: you're going to be able to lay claim to without

653
00:35:51,440 --> 00:35:54,200
Speaker 1: making the shareholders say, you know, maybe this isn't the

654
00:35:54,280 --> 00:35:59,120
Speaker 1: right company for me to invest in. So yeah, it's um,

655
00:35:59,120 --> 00:36:02,240
Speaker 1: it's a dirty world there. It's a dirty, dirty world

656
00:36:02,280 --> 00:36:05,840
Speaker 1: out there in the in the financial sector. So uh, guys,

657
00:36:06,160 --> 00:36:09,279
Speaker 1: be careful with your personal information. You may need to

658
00:36:09,360 --> 00:36:12,359
Speaker 1: keep an eye on your accounts. Like we said, change

659
00:36:12,360 --> 00:36:15,040
Speaker 1: your password if you're using the same password everywhere. Really

660
00:36:15,360 --> 00:36:17,759
Speaker 1: try to consider using multiple passwords. I know it's a

661
00:36:17,760 --> 00:36:20,839
Speaker 1: pain in the butt, but it it it death does

662
00:36:20,880 --> 00:36:23,720
Speaker 1: pay off. I mean, it's it's much better than finding

663
00:36:23,760 --> 00:36:27,040
Speaker 1: out that all of your accounts have been compromised. Um,

664
00:36:27,080 --> 00:36:29,360
Speaker 1: and yeah, just be careful and we hope that the

665
00:36:29,400 --> 00:36:33,200
Speaker 1: PSN system is back running by the time this podcast

666
00:36:33,200 --> 00:36:35,560
Speaker 1: goes live and that everyone's having fun with Portal Too.

667
00:36:36,760 --> 00:36:38,960
Speaker 1: That was a big bummer. Portal Too launched, has this

668
00:36:39,080 --> 00:36:44,960
Speaker 1: awesome online gaming component and then the network goes down. Yikes.

669
00:36:45,920 --> 00:36:49,920
Speaker 1: So I'm just gonna go and plan my xbox alright, guys, Well,

670
00:36:49,960 --> 00:36:53,560
Speaker 1: if you want to know about other news stories within

671
00:36:53,600 --> 00:36:55,400
Speaker 1: the tech world, you'd kind of like to hear some

672
00:36:55,400 --> 00:36:58,080
Speaker 1: more context around it, or you just have a particular

673
00:36:58,120 --> 00:37:00,120
Speaker 1: subject do you think that we should tackle Let us know. Oh,

674
00:37:00,560 --> 00:37:03,520
Speaker 1: you can contact us on Facebook and Twitter. That handle

675
00:37:03,640 --> 00:37:06,439
Speaker 1: is tech Stuff h s W. Or you can send

676
00:37:06,480 --> 00:37:09,520
Speaker 1: us an email that addresses tech stuff at how stuff

677
00:37:09,520 --> 00:37:11,279
Speaker 1: worth dot com and Chris and I will talk to

678
00:37:11,280 --> 00:37:20,840
Speaker 1: you again really soon. Breaking news everyone, So this is

679
00:37:20,880 --> 00:37:23,920
Speaker 1: Jonathan Strickland, just coming back with some stuff that's developed

680
00:37:23,920 --> 00:37:28,680
Speaker 1: since we recorded this podcast. Actually lots happened. First of all,

681
00:37:28,719 --> 00:37:30,759
Speaker 1: the problem was bigger than anyone thought it was at

682
00:37:30,800 --> 00:37:34,440
Speaker 1: the time. The Sony online entertainment accounts were also compromised,

683
00:37:34,440 --> 00:37:37,960
Speaker 1: which added another million or so accounts to the seventy

684
00:37:38,040 --> 00:37:40,840
Speaker 1: to seventy seven million accounts that have been compromised, So

685
00:37:40,920 --> 00:37:43,600
Speaker 1: that makes about a hundred million accounts total. Of course,

686
00:37:43,600 --> 00:37:46,680
Speaker 1: there's probably some overlap there, so that was a big problem.

687
00:37:47,280 --> 00:37:50,759
Speaker 1: Then around the beginning of May, Sony said that they

688
00:37:50,800 --> 00:37:54,200
Speaker 1: were going to roll out an identity theft protection program

689
00:37:54,239 --> 00:37:58,240
Speaker 1: to all ps N and Curiosity customers, which would involve

690
00:37:59,080 --> 00:38:03,200
Speaker 1: having a a year long program that would allow this

691
00:38:03,440 --> 00:38:07,040
Speaker 1: company called all Clear i D Actually that's a program

692
00:38:07,120 --> 00:38:11,680
Speaker 1: name to cyber monitor your information and if your information

693
00:38:11,719 --> 00:38:14,279
Speaker 1: was being used for nefarious purposes, they would alert you

694
00:38:14,320 --> 00:38:18,239
Speaker 1: to it. You could also have some ready access to

695
00:38:18,480 --> 00:38:23,000
Speaker 1: private investigators as well as some identity restoration specialists to

696
00:38:23,080 --> 00:38:25,640
Speaker 1: try and fix things once they go wrong, and there

697
00:38:25,640 --> 00:38:28,920
Speaker 1: would be a one million dollar identity theft insurance policy

698
00:38:29,360 --> 00:38:34,240
Speaker 1: on all accounts and this was complimentary. Uh PSN players

699
00:38:34,280 --> 00:38:36,759
Speaker 1: would have to enroll in the program, but it was

700
00:38:36,800 --> 00:38:41,759
Speaker 1: completely free. Then a little later in May, Sony announced

701
00:38:41,760 --> 00:38:46,040
Speaker 1: that the new ps N rollout was going to take place.

702
00:38:46,040 --> 00:38:49,840
Speaker 1: This around May fourteen, and that at this point you

703
00:38:49,840 --> 00:38:55,080
Speaker 1: would start to see restored services in online play, online video,

704
00:38:55,120 --> 00:38:58,040
Speaker 1: online music. All of these services were starting to come back,

705
00:38:58,080 --> 00:39:01,400
Speaker 1: not everything under the PSN network. Sony said that that

706
00:39:01,480 --> 00:39:04,560
Speaker 1: stuff would be rolled out by the end of May,

707
00:39:04,600 --> 00:39:07,360
Speaker 1: but we'd at least start to see some of the

708
00:39:07,360 --> 00:39:10,160
Speaker 1: the service return, and sure enough, it started to get

709
00:39:10,239 --> 00:39:14,880
Speaker 1: rolled out across North America. So then Sony announced a

710
00:39:14,880 --> 00:39:18,560
Speaker 1: welcome back program for North American customers. Uh P S

711
00:39:18,600 --> 00:39:21,399
Speaker 1: three owners would be allowed to select two titles from

712
00:39:21,400 --> 00:39:26,319
Speaker 1: the following Dead Nation, Infamous, Little Big Planet, Superstar, Dust

713
00:39:26,440 --> 00:39:29,480
Speaker 1: h D and wipe Out the HD plus Fury. Now

714
00:39:29,520 --> 00:39:32,879
Speaker 1: PSP owners would be able to select two titles from

715
00:39:32,880 --> 00:39:37,839
Speaker 1: the following Little Big Planet, moder Nation, Racers, Pursuit, Force Kill,

716
00:39:37,960 --> 00:39:42,480
Speaker 1: Zone Liberation, and that this offer would last for thirty days.

717
00:39:42,600 --> 00:39:47,759
Speaker 1: UH since the PSN UH service was restored and it

718
00:39:47,800 --> 00:39:49,800
Speaker 1: was completely free and you get to keep the games

719
00:39:49,840 --> 00:39:54,160
Speaker 1: forever UH the you would also get a thirty day

720
00:39:54,280 --> 00:39:58,040
Speaker 1: ps N Plus membership if you were not a PSN

721
00:39:58,080 --> 00:40:01,560
Speaker 1: Plus member before. If you were a ps N Plus member,

722
00:40:01,880 --> 00:40:05,160
Speaker 1: you got an extra sixty days free of that service.

723
00:40:05,560 --> 00:40:07,760
Speaker 1: So Sony was really trying to do a lot to

724
00:40:07,800 --> 00:40:11,680
Speaker 1: apologize and make up for the lost service during the

725
00:40:11,719 --> 00:40:19,719
Speaker 1: whole hacking incident. However, on May seventeen, Nilivia website reported

726
00:40:19,760 --> 00:40:23,080
Speaker 1: that there's a possible problem with sony solution. Now. Part

727
00:40:23,080 --> 00:40:25,480
Speaker 1: of that solution was that Sony wanted everyone to go

728
00:40:25,560 --> 00:40:28,719
Speaker 1: in and reset their passwords for their accounts to make

729
00:40:28,760 --> 00:40:32,760
Speaker 1: them safe. But Nilivia reported that there was a nasty

730
00:40:32,840 --> 00:40:36,280
Speaker 1: hack going around that would allow hackers who had access

731
00:40:36,320 --> 00:40:39,440
Speaker 1: to your email and your date of birth to reset

732
00:40:39,480 --> 00:40:44,000
Speaker 1: your password for you, thus effectively stealing your PSN account,

733
00:40:44,640 --> 00:40:48,040
Speaker 1: and they they had some detailed information about this that

734
00:40:48,080 --> 00:40:51,279
Speaker 1: they later went back and removed and dumbed down so

735
00:40:51,320 --> 00:40:55,560
Speaker 1: that to to help cut back on actual stiff thefts.

736
00:40:56,360 --> 00:40:58,279
Speaker 1: They did point out that if the hackers did not

737
00:40:58,440 --> 00:41:00,920
Speaker 1: have your email or date of birth, could not perform

738
00:41:01,040 --> 00:41:03,160
Speaker 1: this hack, but since that information was hacked in the

739
00:41:03,280 --> 00:41:06,920
Speaker 1: initial attack on Sony, there's a good bet that a

740
00:41:07,000 --> 00:41:09,280
Speaker 1: lot of hackers out there had access to that information.

741
00:41:09,840 --> 00:41:13,960
Speaker 1: So what Nilvia suggests is that people who are PSN

742
00:41:14,760 --> 00:41:17,960
Speaker 1: users go in and change their email address, create a

743
00:41:18,040 --> 00:41:22,040
Speaker 1: new email address just for the PSN network, and use

744
00:41:22,120 --> 00:41:26,280
Speaker 1: that update their information through PSN so that the hackers

745
00:41:26,400 --> 00:41:28,719
Speaker 1: would not have the right email address and could not

746
00:41:29,000 --> 00:41:32,640
Speaker 1: steal your account. Meanwhile, Sony actually took down the web

747
00:41:32,760 --> 00:41:37,279
Speaker 1: based service to change your password so that hackers could

748
00:41:37,320 --> 00:41:40,920
Speaker 1: not access that and and and change it for you.

749
00:41:41,719 --> 00:41:45,240
Speaker 1: So it's still a big mess. Even at the recording

750
00:41:45,320 --> 00:41:49,359
Speaker 1: of this update, Sony has not yet returned that web

751
00:41:49,440 --> 00:41:53,960
Speaker 1: based system to reset your password to full service, so

752
00:41:54,920 --> 00:41:57,359
Speaker 1: we'll keep an eye on it see if things develop further.

753
00:41:58,160 --> 00:42:00,879
Speaker 1: This has just been an enormous headache for Sony. They've

754
00:42:00,880 --> 00:42:03,080
Speaker 1: been trying to do the right thing, trying to to

755
00:42:03,239 --> 00:42:06,920
Speaker 1: make it up to users, but it's definitely a blow

756
00:42:07,160 --> 00:42:12,600
Speaker 1: against online security in general, identity, theft fears, all of

757
00:42:12,719 --> 00:42:15,760
Speaker 1: that has really taken a big hit as a result

758
00:42:15,800 --> 00:42:17,920
Speaker 1: of this hacking program. We'll keep an eye on it,

759
00:42:18,040 --> 00:42:22,480
Speaker 1: will update anything that happens from this point forward. Well,

760
00:42:22,600 --> 00:42:24,319
Speaker 1: you can check it out on the blogs, you can

761
00:42:24,400 --> 00:42:26,520
Speaker 1: check it out on our Facebook and Twitter feeds, and

762
00:42:26,640 --> 00:42:29,520
Speaker 1: we may even do another podcast about a similar topic

763
00:42:29,600 --> 00:42:31,640
Speaker 1: in the future, just because this has become such a

764
00:42:31,800 --> 00:42:34,960
Speaker 1: huge story. So thanks a lot, guys, and we'll talk

765
00:42:34,960 --> 00:42:38,960
Speaker 1: to you again soon for more on this and thousands

766
00:42:39,040 --> 00:42:41,239
Speaker 1: of other topics. Is it how stuff works dot com.

767
00:42:41,480 --> 00:42:44,120
Speaker 1: So learn more about the podcast, click on the podcast

768
00:42:44,320 --> 00:42:47,840
Speaker 1: icon in the upper right corner of our homepage. The

769
00:42:47,920 --> 00:42:50,880
Speaker 1: House Stuff Works iPhone app has arrived. Download it today

770
00:42:51,160 --> 00:42:58,400
Speaker 1: on iTunes. Brought to you by the reinvented two thousand

771
00:42:58,440 --> 00:43:00,440
Speaker 1: twelve camera. It's ready, are you