This is not a post to condemn legions of Playstation followers. This is simply a post educating the frustrated gamers who have been placing the entire blame on the hackers or elites who've compromised the network and their PSN accounts. The truth is a lot of this blame must also be shared with Sony.

"This is all the hackers fault"

"Hackers are ruining everything. This is not Sony's fault"

These are the kinds of comments that have been running rampant all over the forums, comment boxes and chat rooms. Sony's fanbase is a dedicated bunch but many of them are also very ignorant of how a network works. Not in just hardware or software but as a service as well. I have been in IT since the late 1990s and I have worked on networks design, network security as well as designing and programming enterprise-level platforms over the web. In end-to-end development, I've been through it all. The Playstation Network is no different from networks like Battle.Net. The only difference comes only in the form of defined hardware (console) and defined interfaces (controller) – which misleads many to think that the Playstation Network is at its most secure simply because there is no keyboard attached to their console.

Sony was very deliberate about their strategic plan over how they would architect their network infrastructure. Sony went for a low-cost tactical network with short-term goals. When 360 debuted back in 2005, XBox Live was charging. So, Sony's strategy was to keep things low-cost not just in terms of keeping customers happy but low-cost in terms of total cost of ownership (i.e. operating costs) and return on investment (profits). And although there is a place to build low-cost tactical networks, Sony simply did not understand the difference between building a less secure Good Enough Network verses building the Next-Generation Network for millions of Playstation owners can only go so far. The network is only as reliable as its weakest link. The cost of an outage or a security hack quickly eliminates any savings and can quickly erode the trust of PSN users. It's like putting cheap oil in your car.

It's really easy to spot a Good Enough Network:

• Late patchwork of features
• Lack of transparency to PSN users (i.e. direct messages from Sony to PSN users on upcoming updates).
• No updates to UI to accomodate content usage or new releases (i.e. same cross media bar for everything)
• Lack of security to encrypt credit card info
• Security Policies
• And lastly, Unencrypted Account Info

What is Security Policy?

On a typical network, when an employee connects to the corporate network from a smartphone, the network identifies the device and the user as well as the privileges granted them. If someone is abusing the system by identifiying the number of repeated pings (potential attacks) from the same identified device, the network admin can easily see these attacks and can then lock the account and/or the device.

On PSN, Sony can only identify the user when the user logs in to their PSN account. Under their Good Enough Network philosophy, there is currently nothing in the PSN/PS3 architecture that can be used as a unique identifier for the console when it goes on PSN. Go to the System Settings of your PS3 and you'll see the IP Address and MAC address: Both of which can be easily manipulated. Head to the same similar settings on the on the XBox 360, and you will see along with the IP Address and MAC address two distinct pieces of information: Console Serial Number and Console ID – both of which can be identified over the XBox Live network and which can be moderated and locked accordingly if the console were to be used to compromise security on XBL. That is not to say that XBox 360 and XBox Live are fullproof but the onstant updates and Microsoft's emphasis to educate XBL users in protecting their accounts puts a strong emphasis on network security.

Unencrypted Account Info

When an open letter goes out to PSN customers that their full accounts and credit cards were compromised, Sony confirms that they did not have any kind of security or encryption used to protect their customers from the very beginning. This is something that has been reported as far back as February by Ars Technica and several large media sites where hackers found account info in the clear without even a simple hash technique to hide the passwords. This is the worst case scenario and is disastrous to Sony in many ways. A simple end-to-end encrypted system would be virtually difficult (if not impossible) for even for Geohotz and Anonymous to pull information from accounts. But when information gets passed via HTTP (out in the open), a 30 minute tutorial can pull unencrypted information in seconds. Sony knew this but did nothing to fix this. Data encryption would have avoided the damaging announcement to warn PSN users and put their identities on fraud alert but they had no choice. It was obvious that Sony deliberated in meetings before posting the blog.

It's understandable to see Playstation Plus users and active shoppers livid over their compromised accounts – especially if they have used credit cards to pay for the service. But PSN users who play for free need to understand that free does not give Sony a free excuse to provide an inferior level of security or long network outages. Even if you don't have CC info, there's still the potential for your login info. And if you've been using the same login info for other sites, look out. This is more serious than what the Playstation fans feel is simply bad press or overreacting from PSN users. We are talking about your personal info here. Your identity. People must be aware of the damaging effects of identity theft. So please change your usernames/passwords and (if applicable) set your credit bureaus to fraud alert. The quicker you do this, the better off you'll be. Trust me. I don't need to get into this.

Looking to the future, as more online games, movies and music become part of everyday use on PSN, the strategy, reliability and security of the next-gen network becomes more critical and I'm hoping that Sony's rebuild of PSN is a lesson that trading away capability, strategic value and especially security for price is always a risky proposition and one I have seen fail time and again.

We all know that hackers can ruin the party but Sony also has to take responsibility for securing the network and rebuilding the trust of their fans.

Here's to hoping Sony has truly learned their lesson.

Link to cleaner version of this post. :)

http://www.lazytechguys.com/commentary/what-gamers-do-not-understand-about-the-playstation-network/

They need to stop making these minor updates and stop trying to appease their execs by making the cross media bar appear on a variety of Sony products just for consistency's sake - especially the PS3 and PSN. They need to make PSN a major part of their platform and not something that comes as a checkbox for them to say "yes, we do online."

It's the same attitude with the Move. I like Sony and have been a fan of the platform for years. I just hope they do something because this can possibly mean jobs lost.

Some thoughts on PSN

...on my blog. I know. Shameless.

Yes. I know there are alot of sequels. For the most part 2011 looks to be the year of finishing trilogies. It seems crazy trying to pick up all these games in a single year but it looks like Black Friday is going to be alot more interesting this year. These are in no particular order.

1. Marvel vs. Capcom 3 (bought)

2. Zelda: Skyward Sword (Wii)

3. Mass Effect 3 (360)

4. L.A. Noire (360)

5. Okamiden (DS)

6. Homefront (PC)

7. Uncharted 3 (PS3)

8.Dead Space 2 (PS3)

9. Gears of War 3 (360)

10.Killzone 3 (PS3)

11. Shogun 2 (PC)

12. Crysis 2 (PC)

13. Kid Icarus (3DS)

14. Duke Nukem Forever (PC)

15. The Witcher 2 (PC)

16. F3AR (PC) - Hate that title

17. Infamous 2 (PS3)

18. Child Of Eden (360/Kinect)

19.Shadows of the Damned (360)

20. Rage (PC)

21. Max Payne 3 (360)

22. Batman: Arkham City (PS3)

23. Ghost Recon: Future Soldier (360)

24. Elder Scrolls: Skyrim

Anything you guys are looking for that happen to not be on this list?

Not sure if you guys have seen this already. I just thought it was hilarious when I came across it.

I ended up doing a quickwriteup on it too.

Thought it was hilarious.

I've been so busy with a ton of stuff but it has been a rewarding experience doing coverage at the CES. I think a person can only have so much 'Las Vegas' and the latest tech stuff in them that it starts to get a little overwhelming.

Leaving Vegas was a **** though. We missed our flight and one of my guys had to go back to work the next day. It was mostly impossible get a standby slight since we also had our families with us - 8 people. Yup. Not gonna happen. So we got some rental cars drove from Vegas all the way back to San Francisco. Not fun at all.

At least we came away with some coverage though. Here's my experience on two of the days I had at the CES. I'm still trying to finish the write-up on my last day but hey...I'm pretty busy with family and I'm pretty much heading up this site. I didn't get to cover the 4th day since I reserved that day to hang out with my family at the Vegas strip.

Day 1 at CES-Impressions and 1st Timers

Day 2 at CES-Kegs, 50-Cent, Tablets, Golf Carts and Jesus Loves Gaming

Here's also the rest of the coverage on some of the other stuff we wanted to cover which included the Blackberry Playbook, Motorola Xoom tablet (which looks cool).

I'm hoping to put out a writeup on my Move/3D impressions for Killzone 3 but I'm waiting for my vid guy to produce the video and I also got a chance to play with the games on the Windows 7 Phones which included the Fable mini game and some cool poker game.

So I've finally put together a review.

While there are a zillion other player reviews - one of which I have tried to submit to Gamespot but had an error, I've put together one on my own blog.

I basically look at Gran Turismo 5 with the background of playing all of the previous GT games, Forza and actual real-life racing.

Gran Turismo 5 Review

Also, has anyone tried submitting a player review lately receiving the same error (i.e. "no page to display")?

Anyway, let me know what you think.

It's been years since I've built a computer but I wanted to make this one a pretty good build. I think the cost looks alot higher than what other people would pay but hell, I wanted poowaah. Some may say I could've gotten X part cheaper at some other store. Anyway, I really went wild on this article and posted a whole ton of pics. My mobo is a tri-SLI setup. Proud of that.

http://www.lazytechguys.com/reviews/say-hi-to-ltgs-new-sli-based-gaming-rig/

I know I'm not as particularly sexy as my wife. You can check me out doing a demo of all the motion controls at my very own home. I know I'm late to the party but this posting was Motion Control Shootoff was made right before thanksgiving and I was going nuts trying to handle all the family and business stuff.

It's been 8 years since hiding my face from gamespotters but alas the deal is done.

Here is a link to the article my friends and I put together. My buddy Victor (who's also part of the LTG group did the video production).

Anyway, let me know what you think. A comment on the article would be great too.

http://www.lazytechguys.com/reviews/motion-control-shootoff/

What do you guys think? Personally, I'm happy that Playstation Move won an award. However, I still think that there's something for everyone on all motion-based systems.

While the Move feels more like an extension of the Wii, Kinect looks to blaze a more bold path but the current offerings make the device seem like they've squandered on a great opportunity to capture more than just the casual market.

http://bit.ly/eywm1p

So here I am starting off with the Nth website. I was unemployed since October but I'm trying hard to get this other site started (lazytechguys.com). What's really cool is that I actually got my first advertiser and it's a good one. It seems like I have a 5 year expiration date on my jobs. I always have thought I would have a career with a well-established company or even a government agency but things happen for a reason. I'm just coming to that realization but everyone copes and moves on in their own way.

In between each of these 5 year gaps, I've always done consulting for a ton of clients designing websites, creating web systems and pretty much everything they want interactive. Many of them would fail, a couple of them would be moderately successful and only a very small handful of them would grow into a bigger company and thrive.

I never thought I would be back here again doing the whole consulting/website thing but things are looking positive despite what the news and market says about unemployment and the economy.

Anyhow, there's a ton of work to be done. I'm in the middle of overhauling my personal site and working with marketing guys to help my site get more visibility.

It's been tough though considering that I now have 2 kids - one of them being born less than 2 months ago. So it's been pretty crazy playing the balance game with work and family.

Anyway, sorry for leaving out these details and just getting back to blogging here. I'm I'll be blogging on gamespot once in awhile but probably not as often as my own sites. When more time is available, I'll drop right back in when I'm in a mood to game.