Already infamous for defacing PBS's website earlier this week, cracking outfit LulzSec today claimed a familiar scalp—whatever remains of it, anyway. This time, it's Sony Pictures Entertainment, the movie-making division. From a statement attributed to the group
Our goal here is not to come across as master hackers, hence what we're about
to reveal: SonyPictures.com was owned by a very simple SQL injection, one of
the most primitive and common vulnerabilities, as we should all know by now.
From a single injection, we accessed EVERYTHING. Why do you put such faith in
a company that allows itself to become open to these simple attacks?
What's worse is that every bit of data we took wasn't encrypted. Sony stored
over 1,000,000 passwords of its customers in plaintext, which means it's just
a matter of taking it. This is disgraceful and insecure: they were asking for it.
The haul of data, already posted to The Pirate Bay
, also includes 3.5 million Sony Music coupons.
Sony traditionally is run as a set of 'silos', independent departments, divisions and joint ventures that have much autonomy from one another. This might be why there are so many different attacks: perhaps there is always another Sony silo which runs its own web infrastructure, where hundreds of dollars worth of web development can go down the drain, just like that.
It’s the end of an era, sort of: Fraunhofer IIS, the developers of the MP3 audio compression format, announced that they are ceasing their licensing program. In a blog post, spokesman Matthias Rose says that it’s had a good 20-year run and is obsolete. But it’s also true that the decoding patents expired last year, […]
Freddy deBoer writes that he’s been telling the same joke for years about Silicon Valley’s only product, which might be universalized as “At last, a way to verb with nouns on the internet!” But the social-media techopoly is stable, now, and so the venture capitalists have moved on to the three terrible trends that will […]
Alex Wood is an addict but won’t give up his smartphone. But he has five strategies for limiting its control over him: “I used to wake up tired. My body would ache and my head felt sore, like waking up with a hangover. Finally, I took control, like attending an AA class for addicts, I […]
Loot Crate is a subscription service that delivers a box of curated pop culture goods to your doorstep. To sample their geeky wares, you can order a single mystery box exclusively from the Boing Boing Store.Each month Loot Crate sends you 6-7 unique items and apparel, including collectibles, books, and t-shirts. Pulling inspiration from all […]
Yes, yes there is. The ultraportable Twisty Glass Mini boasts all of the simplicity of its forebear, while fitting just a little bit better in your pocket.The Mini is perfect for casual smokers, and anyone who doesn’t have the patience or fine motor skill for rolling papers. This piece keeps the convenient design of its older […]
Learning to code is a perfect way to grow your technical sophistication, and open up a host of new career options. But since most “learn to code” initiatives focus heavily on web development, it can be tough to find good resources for general-purpose computer science outside of a 4-year degree program. To get a broad […]