InsecureID: No more secrets?

Update — Though I chose to keep secret the identity of the defense contractor to limit the damage it was subsequently revealed by Reuters to be Lockheed-Martin. There was one additional detail presented at the end of a story in Saturday’s New York Times.

Back in March I heard from an old friend whose job it is to protect his company’s network from attack. “Any word on just what was compromised at RSA?” he asked, referring to how the RSA Data Security division of EMC had been hacked. “I suspect it was no more than a serial number, a seed, and possibly the key generation time. The algorithm has been known for years […]

By |May 25th, 2011|2011|137 Comments

Sony may be clueless in PSN hack

Sony’s huge PlayStation Network (PSN) has been down for a week now following the theft of ID and credit card data on some or all of the gaming and video entertainment network’s 77 million customer accounts. Readers have been asking for comment but I stay out of these things unless I have something new to contribute. That something finally comes a week into the crisis as gamers begin to wonder why the network is still not back in operation and speculate on what this all means to Sony? It’s a huge loss of face, if course, but beyond that the damage to Sony is minimal. And the upside for PSN members, […]

By |April 28th, 2011|2011|60 Comments