Thoughts on the Sony Mess

Ah, Sony. You just can't get a break, can you? Just as you're all primed to have your best year with PS3 ever, you go and let PSN get hacked. Not only that, you let a ton of user data get compromised. You say that you have no evidence that credit card info was taken, and that's great. I'm looking forward to hearing the details of that in your press conference tomorrow.

So, I guess that just leaves one big unanswered question: whose fault is this mess, anyway? Well, the answer to that one is not so simple, as there's plenty of blame to toss around.

First, Sony is to blame. Obviously, they could have taken plenty of extra security measures. Now, if you know anything about IT, security, and the web, you know that there is no such thing as a 'hack-proof' system. No matter how high you build the wall, there's always some asshole with a longer ladder or a bigger breaching charge.

Still, Sony apparently had user info stored unencrypted (credit card data was encrypted, according to Sony, just not user details) on the system. Really? That's the best you've got, Sony? I picture some guy at PlayStation headquarters hunched over a keyboard filling an Excel spreadsheet with user info and just shake my head. This is bad, Sony.

You also decided to make a complete investigation of the hack before informing your users what had happened, and that their info might be at risk. Now, this one you need to think about. It's easy for users to get bent out of shape over this, but there are two things that many people need to consider before they go getting their panties in a bunch.

1. If Sony believes this was a criminal act (and they obviously do), they are perfectly within their legal rights to withhold the info pending the commencement of a law enforcement investigation. I feel like this is the leg Sony is going to try to stand on in court, but that is nothing more than me guessing at it.
2. Sony wanted to be damn sure before they announced the severity of the breach. Think of it this way: How mad would you be if Sony had announced that your info may be compromised, and then turned around and said, "Oh, never mind, it's not." First, you wouldn't believe them. The net would be full of posts howling at the "Sony cover-up." Second, the bad PR would already be out there, and they'd have to fight it just like they are doing now. By investigating it first, they made sure that they were announcing the truth, and made sure that the PR war was necessary.

Now, I'm not defending the amount of time that Sony allowed to lapse between discovering the hack and making the announcement. A week is an inexcusable amount of time, and there's no excuse for it. THAT is what I'm mad about. Investigate as much as you want, Sony, just don't take days letting us know the extent of our risk. Had you managed this announcement in the first 24-48 hours of the downtime, you wouldn't be hurting nearly as bad as you are today. If you can't determine what's wrong in that amount of time, you may want to re-examine your IT department.

You see, it doesn't make sense to get angry about Sony getting hacked. Companies get hacked all the time. Some announce it, some don't. Some don't involve user information, and some do. Less than 6 months ago, Kotaku get hacked, and a ton of user info was freely available on the web. Already this year, Play.com user details were leaked, although they named a third-party marketing firm as the location of the breach. The government gets hacked, non-profits get hacked, it's the price of doing business in the online world that we live in today.

Therein lies the second, and far more appropriate place to lay blame: the hackers themselves. There's plenty of speculation that Anonymous may have been behind the breach, even though the group has denied being involved. However, it's entirely possible that one or more of the many folks who make up that amorphous group could be responsible without the knowledge of the folks who speak for them. At the moment, no one knows who the culprit was.

What we do know is that a malicious person or persons illegally accessed private data on Sony's servers, and that's a crime. Yes, Sony should have secured it better. Yes, they could have hardened their network more. Neither of these things is up for debate. But if you review the facts logically, it's difficult for me to understand how anyone can point the finger solely at Sony.

I guess what this long-winded diatribe is saying is that while it's perfectly OK to be pissed off at Sony for their handling of this incident, it's not OK to give the hackers a free pass. Go ahead, rail at Sony for the shoddy job they did protecting your info. They completely deserve it. Just make sure you save a dose of the same ire for the criminals who perpetrated the act. After all, they're the ones benefiting from breaking the law.

No, Red Octane, Guitar Hero Doesn't Have a 'Significant Market'

Note: This post is fairly dated, as the quotes contained herein are old. For whatever reason, this one never made the cut for me. Apparently, my cut here is far easier to make.

Pretty much everyone is already aware that Activision has cancelled the Guitar Hero series. Most of those people should remember that the original Guitar Hero was a collaboration between Red Octane and Harmonix.

Kelly Summer, former CEO of Red Octane, believes that Activision "abused" the Guitar Hero franchise, and that, "there’s no reason why Guitar Hero cannot continue. It’s a great product. My gut tells me there is still a significant market for Guitar Hero." While I can appreciate the sentiment behind those thoughts, the reality is that Activision only did what should have been done years ago by putting a stake in the heart of Guitar Hero.

When Guitar Hero first released in 2005, it was an instant success. Naturally, a sequel soon followed, and it was the best game in the Guitar Hero series to date. After Guitar Hero II, the future of the series was basically doomed when Activision purchased Red Octane, but opted to pass on Harmonix. Instead, they gave development chores to Neversoft, who had previously only worked on the Tony Hawk series.

Meanwhile, Harmonix was snapped up by MTV Games, and went on to release Rock Band, the game that basically did everything Guitar Hero did, did it better, and let your friends be part of the band. The one-two punch of a new developer and a competitor that was making a much more desirable product sent Guitar Hero reeling, and it never recovered. Activision tried to emulate Rock Band with Guitar Hero: World Tour, but the game was harnessed with a cumbersome interface and a substandard drum peripheral, among other problems.

GH: Warriors of Rock only exacerbated the issue, as it ended up going head to head with what is widely considered the most polished music game ever produced, Rock Band 3. Most of the people who are still playing music games were ready for something new, and Rock Band 3's Pro Mode was right on the money.

So while I can't argue with the sentiment that Activision abused the GH series, I can't support the idea of continuing it. It's been withering on the vine for quite some time now, and killing it was the only decent thing to do.

Rebooting, Reactivating

So I was asked by a friend why I haven't posted here in forever. Quite simply, I've been far too busy. However, I feel that there are things that I'd like to write that aren't really fitting for the page at work, so I'm going to endeavor to write them here, assuming that I can get enough free time together to do so.

I'll start things out with a couple of somewhat dated pieces I started on for work that never made the page. Of course, they're gaming related. I mean, duh.

Roleplaying Doesn't Need Core Rules

I was reading through one of my favorite tabletop RPG blogs today, when I came across this post. Its author, a contributor whose own blog I read regularly, posits that there is a dearth of roleplaying in tabletop RPG's these days. He attributes this (at least in part) to the trend of publishers focusing heavily on the rules, and little to none on roleplaying.

While this may be true, I think it misses a fundamental point. Dungeons and Dragons never really told anyone how to roleplay. Sure, they provided articles in magazines like Dragon to give some pointers to players, but the responsibility for roleplaying always rested in the same place: the players.

As tabletop gamers, do we really need someone to write a book to tell us how to perform? Does the lack of what we might consider an appropriate mention in the core books preclude us from roleplaying entirely? I submit that it does not.

I have heard many people give voice to this same lament, and to them all I say this: Your roleplaying is up to you, and no one else. If you enjoy roleplaying, as I know many of you obviously do, there is nothing in 3rd or 4th Edition D&D that prevents you from doing it. In fact, your efforts to include roleplaying in your games may very well inspire and teach the next generation of roleplayers.

I am currently running a 4E campaign with two virtually brand new players, and they are quickly picking up the basics of roleplaying from the others in the group. They didn't have to read it in a core book, or buy a supplement. They simply watched the group having fun roleplaying, and decided that it was something they wanted to do.

With the shift in recent game systems becoming more focused on the rules, it is up to us, the players, to educate the new players in the art of roleplaying, and to show them why it enhances the game so much. This more than anything will guarantee that they continue to roleplay, no matter what campaign they find themselves in.

In short, let Wizards, Paizo, or whoever provide the game. We'll supply the roleplaying from our own stores.

Nothing Like a Little Unconstitutional Tax

It's always nice to see our elected officials passing another unconstitutional bill. Seriously, what the hell are we paying these guys for? Even the most liberal President in history is looking at this bill and backing away, with advisors saying, "the House bill may go too far in terms of some -- some legal issues, constitutional validity, using the tax code to surgically punish a small group." It's always fun to see a Democrat actually remember the existence of our Constitution.

Passing a 90% tax on executive bonuses is just ridiculous. I know there is a lot of outrage out there right now, but directing death threats at AIG employees is not placing the outrage where it belongs. If you want to blame someone for the bonus 'scandal,' look no further than the people who are now up in arms about it: The US Congress.

The worthless Obama stimulus plan included language that specifically allowed this type of behavior. Everyone knew it, including that brainless git Geithner. Geithner then brazenly lied to the public, saying that he didn't find out about the bonuses until March 10th or so, when there was a raft of documentary evidence to the contrary.

Besides, regardless of how much Congress whines about it, they not only allowed for this behavior, they enabled it. How? Simple. They did not allow AIG to fail when they should have. By enforcing the idea of a bailout, they artificially prolonged the life of the company. It's not like AIG got into the predicament they are in through outstanding management. Had they been allowed to go bankrupt, how many bonuses do you think that company would be paying right now? That's right, NONE.

One thing I have rarely seen mentioned is that even if the bailout bill had included language to bar these companies from paying bonuses, these payments would not have been affected. No matter how powerful Congress believes it is, it does not have the power to abrogate contracts. As these bonus payments were already stipulated by contracts, they were going to be made as long as AIG was still in business.

If the 'geniuses' in Congress want to fix the economy, here's a tip. GET THE HELL OUT THE WAY. The market will fix itself without any help from you. It always has.

Another Stimulus? Seriously?

Looks like the government (or at least part of it) is considering another stimulus package. Now, I was against both the stimulus bill that Pres. Bush passed last year, and the one the Pres. Obama passed earlier this year. As Wall Street is proving, there's really nothing stimulating about the bills that have been passed so far.

So, why another stimulus, and when will this happen? Former Clinton advisor David Gergen said to CNN's Anderson Cooper earlier this week, "I think the son of stimulus is on its way. It's going to be here sooner than we think. My bet is we're going to see a second stimulus much sooner than we thought." The folks over at Politico report that House Speaker Nancy Pelosi is receptive, even open, to the idea of a second stimulus.

If the Democrats in Congress and the White House really want to stimulate this economy, they need to do what the Republicans are finally suggesting: cut spending and then cut taxes. We're falling off a cliff toward an FDR-style government expansion here, and the only hope in sight is that the Republican Party can win enough seats in 2010 to be in a position to head off the vast majority of the first stimulus bill's spending, which won't take place until 2011 - 2012.

Here's hoping that happens, because we can't afford this kind of change.

Posting Drought

Well, it's been pretty slow around here. If you're wondering why, I'm working on transitioning all my gaming-related thoughts into a new project with some friends and past co-workers. As soon as we get everything lined out, I'll provide a link to the new project.

Since most of my gaming production will be transferring over there, I'll be filling my blog with random thoughts on other things, like politics, current events, weird news, and just about anything else. I hope you enjoy the change!