Tuesday, May 17, 2011

Sony offers PSN apology package

Sony has begun offering Playstation Network gamers incentives to return to the system following its major hack attack.

The compensation package includes a selection of free games and additional days of premium content.

The plans also include a 12-month free identity protection programme.

The protection will be available for Playstation gamers in the UK, France, Italy, Germany and Spain.

It will offer victim of fraud support, a dedicated helpline and insurance covering expenses incurred in identity restoration.

Details of how to apply for protection can be found on the Playstation blog. Users must be over 18 and have been an account holder on 20 April 2011.

In a press release, Sony said it will "investigate the possibility of similar programmes" in other countries.

Free games

So far, the announcements have been met with mixed response in the Playstation community.

Many gamers complained the games offered were too old, and that the package was "disappointing".

However, senior PR manager for Sony Computer Entertainment Europe (SCEE) Jonathan Fargher told the BBC it represents a good offer.

"Clearly there's going to be a minority of people out there who have some of those games.

"We certainly believe the welcome back programme and the choice of games that we're offering, for free, is good value."

He added that it is the first step in regaining the trust of Playstation users, with more plans being announced soon.

In a blog post, SCEE head of communications Nick Caplin told PS3 gamers that they could pick two games from a list of Little Big Planet, Infamous, Wipeout HD/Fury, Ratchet and Clank: Quest for Booty and Dead Nation.

Playstation Portable users, who were also affected by the downtime, could choose from Little Big Planet PSP, ModNation PSP, Pursuit Force and Killzone Liberation.

"I would like to thank all of the developers and publishers involved in this programme for their support in making this happen. We certainly couldn't have done it without you," Mr Caplin wrote.

"You will be able to access this content once PlayStation Store comes back online and we are doing everything we can to make that happen as soon as possible."

In addition to the free games, users were also offered 30 days free Playstation Plus membership which offers premium content not available to free users.

Existing Playstation Plus subscribers will receive 60 days free.

Users on the Sony Online Entertainment network - another affected by the hack - will receive their own package of 45 days of game time as well as in-game currency.

Old games

The gaming community's reaction to the PSN package has been mixed.

"I own all of the five games I can choose from and have finished most of them," commented user Arkeologen in response to the announcement.

"Isn't there any way you can offer alternatives instead of these old games?"

However, on the US Playstation blog, commenter WhizKid105 said: "Jeeze Sony, I know you're sorry, but you don't have to welcome us back that hard.

"Not that I'm complaining or anything."

Oli Walsh, from Eurogamer.net, believes the compensation package is "fairly generous" given that the Playstation Network is a largely free service.

"They are old games, but they're all good games. The risk is that if you're a real passionate fan you've probably played them already," he said.

"I think it was a very difficult one for them to get right. I'm not sure there is something that would satisfy most people."



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

Net pirate monitoring firm hacked

A firm employed by the French government to track down net pirates has been hacked.

Trident Media Guard is believed to have exposed a range of data, including advice on how to avoid detection.

TMG monitors peer-to-peer networks as part of France's anti-piracy measures.

Eric Walter, head of the French anti-piracy unit, confirmed on Twitter that it had "temporarily suspended" links with TMG.

France's so-called HADOPI law has caused controversy since it was introduced in 2009.

Suspected illegal file-sharers receive three official warnings, after which they are reported to a judge who can hand out a range of punishments, including disconnecting them from the internet.

The UK is due to introduce similar legislation, although at this stage it has no plans to punish offenders with disconnection.

But it will need to employ a firm similar to TMG.

When anti-piracy firms monitor peer-to-peer networks for copyright infringements, they find IP addresses - the numerical code linked to a specific computer.

Armed with this information, copyright holders can request that a judge forces ISPs to hand over the physical addresses associated with the IP address.

"Any firm that gets involved in this will need to make sure that its security is nailed down," said John Walker, professor at Nottingham Trent University's school of computing.

"This was the perfect storm waiting to happen. It was an instant target for hacktivists. You can't even call it a hack, it was a walk-in, a travesty," he said.

A similar attack was perpetrated by hacktivists from the loose-knit Anonymous group against ACS Law, a firm pursuing alleged net pirates in the UK.

In the process of rebuilding his website, the firm's sole Andrew Crossley exposed thousands of names and addresses plus lists of pornographic films that people were alleged to have been downloaded without paying for.

He was fined just �1,000 after he claimed bankruptcy, but the UK Information Commissioner said the breach was so severe it warranted a fine of �200,000.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

Court rejects new Facebook case

The latest attempt by Cameron and Tyler Winklevoss to re-open their case against Facebook founder Mark Zuckerberg has been rejected.

They had asked the 9th US Circuit Court of Appeals in San Francisco to reconsider its April ruling upholding the $65m (�40m) settlement from 2008.

The twins say that Facebook concealed information and they should have received more Facebook shares.

Mr Zuckerberg denies their claims that he stole the idea of Facebook.

In April, a three-judge panel decided not to scrap the original settlement and not to allow a fresh case to begin.

In their latest move, the Winklevoss twins had asked for a full panel of 11 judges to review that decision.

No fresh reasons were given for declining the appeal.

Their lawyer Jerome Falk said in a statement that they would appeal to the Supreme Court.

The 2008 settlement gave them $20m in cash and $45m of stock valued at $36 a share.

But the shares are not yet traded anywhere, and the brothers say that they were duped because internally the shares were only valued at $9.

Their claim that Mr Zuckerberg stole their website idea while they were all students at Harvard was made famous by the film The Social Network.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

Android handsets 'leak' ID data

More than 99% of Android phones are potentially leaking data that, if stolen, could be used to get the information they store online.

The data being leaked is typically used to get at web-based services such as Google Calendar.

The discovery was made by German security researchers looking at how Android phones handle identification information.

Google has yet to comment on the loophole uncovered by the researchers.

ID attack

University of Ulm researchers Bastian Konings, Jens Nickels, and Florian Schaub made their discovery while watching how Android phones handle login credentials for web-based services.

Many applications installed on Android phones interact with Google services by asking for an authentication token - essentially a digital ID card for that app. Once issued the token removes the need to keep logging in to a service for a given length of time.

Sometimes, found the researchers, these tokens are sent in plain text over wireless networks. This makes the tokens easy to spot so criminals eavesdropping on the wi-fi traffic would be able to find and steal them, suggest the researchers.

Armed with the token, criminals would be able to psoe as a particular user and get at their personal information.

Even better, found the researchers, tokens are not bound to particular phones or time of use so they can be used to impersonate a handset almost anywhere.

"[T]he adversary can gain full access to the calendar, contacts information, or private web albums of the respective Google user," the researchers wrote in a blog post explaining their findings.

Abuse of the loophole might mean some people lose data but other changes may be harder to spot.

"...an adversary could change the stored e-mail address of the victim's boss or business partners hoping to receive sensitive or confidential material pertaining to their business," the team speculated.

There is no suggestion that attackers are exploiting the Android loophole at the moment.

Almost all versions of the Android operating system were passing round unencrypted authentication tokens, found the researchers. It was fixed in version 2.3.4 but, suggest Google figures, only 0.3% of Android phones are running this software.

Some Google services, such as image sharing site Picasa, are still using unencrypted authentication tokens that can be stolen, found the team.

The researchers urged Android phone owners to update their device to avoid falling victim to attacks via the loophole. Google is also known to be working with operators and handset makers to get updates to people faster than at present.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials