Later this week in Las Vegas the hacking experts and security researchers will converge on Las Vegas for the annual Black Hat conference, and when they are done discussing hacking techniques and security breaches, they'll hand out awards for the best and worst security called the "Pwnie Awards." Sony is a leading contender for one particular award this year – for obvious reasons.
Awards include such categories as Best Server-Side Bug, Best Client-Side Bug, Best Privilege Escalation Bug, Most Innovative Research, Best Song, and the unflattering award for Lamest Vendor Response. Nominees for the latter award include Novell, Magix and RSA. Of particular note is the sole nominee for "Pwnie for Most Epic FAIL" – all Sony. Here's the nomination note from the Pwnie awards site:
Pwnie for Most Epic FAIL
Sometimes giving 110% just makes your FAIL that much more epic. And what use would the Internet be if it wasn't there to document this FAIL for all time?
This award is to honor a person or company's spectacularly epic FAIL. And the nominees are: – Sony
After Fail0verflow and GeoHot published how to jailbreak the PS3, Sony got a bit miffed. Apparently unfamiliar with how the Internet works and how difficult it is to remove the piss from a swimming pool, Sony proceeded to try erase the information from the Internet and sue GeoHot et al. into oblivion. Needless to say, this was about as successful as the MiniDisc.
Speaking of piss in a swimming pool, that just happened to be how well Sony protected their Sony Online Entertainment (SOE) users' account info and roughly 25 to 77 million account details were stolen by unknown hackers. That metaphor makes just about no sense at all, but you get the point: FAIL.
Sony is definitely good at one thing: keeping the hits coming and their fans entertained. Oh wait, did we say Sony? We meant LulzSec. I guess that counts as another FAIL for Sony.
After learning the hard way that their PlayStation Network was about as porous as air, Sony had to shut it down for over two months to rebuild it from scratch. In doing so, they made everyone from your 8-year old cousin to your barber learn about the importance of security. Hooray for us, sorry Sony shareholders.
Noticing a pattern here? But wait, it gets better. Sony might have been able to better repel the multitude of attacks if they hadn't just recently laid off a significant number of their network security team. Great timing, guys.
Also of note is the "Pwnie for Epic 0wnage," which nominates Lulz Security for hacking "everyone." From the description:
– LulzSec for hacking everyone
LulzSec provided many Lulz for all the hackers and security professionals around the world. They have attacked Fox News, PBS, Nintendo, pron.com, the NHS, Infraguard, the US senate, Bethesda, Minecraft, League of Legends, The Escapist magazine, EVE online, the CIA, The Times, The Sun; all the while generating a media fiasco and evading law enforcement.
Sometimes it's not an honor to simply be nominated, let alone win an award that has the term "Epic Fail" in it. Winners will be announced later this week.
Source: PC Magazine