Wednesday, May 8, 2013

PSNSSS - patched

Dear SONY employee,

Congratulations for finding the ridiculous mistake and fixing it :) It took you guys over 1 week and probably external consultation to solve this problem. The question is why did it take so long and how was it even possible to miss this important step of security which any skiddy can setup easily?

I don't blame you since I know how large your network is, but if it takes one guy hours and one damn huge company days to find such a vulnerability, something is wrong don't cha think so?

Sadly I have to tell you that it was part of the plan, simply to check your resources and capabilities. Sorry, had to know how much time I'd possibly have to grab the data from the really interesting sources :) We both know that this part of the network won't be used for long anymore. Therefor I will switch over to the new target now and leave you a well-intentioned advice:

Do not outsource all your data storages externally, most of them are even weaker than your own spaces.

Kind regards,

- SK