Renowned hacker George “GeoHot” Hotz stated he had nothing to do the hack leading to Sony’s downed Playstation Network (PSN). GeoHot was targeted by a Sony lawsuit, which was dropped after Anonymous Operations retaliated.
Sony later pulled PSN and Qriocity offline, citing an “internal intrusion.” The company then informed the more than 70 million gamers their account information may have fallen into the hands of cybercriminals.
GeoHot stated in his blog, “anyone who thinks I was involved in any way with this, I’m not crazy, and would prefer to not have the FBI knocking on my door.”
He adds that while he regards people hacking and modifying their own devices as cool, “hacking into someone elses server and stealing databases of user info is not cool,” adding that such attacks “make the hacking community look bad,” even if it is against Sony.
GeoHot blames the latest attack on “the executives who declared a war on hackers, laughed at the idea of people penetrating the fortress that once was Sony, whined incessantly about piracy, and kept hiring more lawyers when they really needed to hire good security experts. Alienating the hacker community is not a good idea.”
Over the past few months, Sony launched a campaign against anyone hacking or modding the Playstation 3, in a campaign targeting feared mass piracy. Through this, however, Sony made enemies in nearly ever neck of the digital world, including Anonymous Operations.
GeoHot that the massive amount of compromised user data is due to Sony’s attempt to also stretch control into unnecessary corners:
Traditionally the trust boundary for a web service exists between the server and the client. But Sony believes they own the client too, so if they just put a trust boundary between the consumer and the client(can’t trust those pesky consumers), everything is good.
This arrogance undermines a basic security principle, never trust the client. It’s the same reason MW2 was covered in cheaters, EA even admitted to the mistake of trusting Sony’s client. Sony needs to accept that they no longer own and control the PS3 when they sell it to you. Notice it’s only PSN that gave away all your personal data, not Xbox Live when the 360 was hacked, not iTunes when the iPhone was jailbroken, and not GMail when Android was rooted. Because other companies aren’t crazy.