PlayStation 3 jailbreaker George Hotz, also known as GeoHot, has denied that he was involved in the PlayStation Network hack last week that took the network offline and saw 77 million user accounts comprised. Here's his stance:
And to anyone who thinks I was involved in any way with this, I'm not crazy, and would prefer to not have the FBI knocking on my door. Running homebrew and exploring security on your devices is cool, hacking into someone else's server and stealing databases of user info is not cool. You make the hacking community look bad, even if it is aimed at douches like Sony.
Earlier this month, Sony and GeoHot announced they had settled the lawsuit, though the terms were not fully disclosed. Despite this, GeoHot is still boycotting Sony and insists that he continues to oppose the company and its fight with hackers.
That being said, GeoHot tells his fans not to fault Sony engineers for the PSN hack attack. He believes that the fault lies with the executives "who declared a war on hackers, laughed at the idea of people penetrating the fortress that once was Sony, whined incessantly about piracy, and kept hiring more lawyers when they really needed to hire good security experts." In short, he insists that Sony is in this situation because it alienated the hacker community.
GeoHot also speculates that Sony's "arrogance and misunderstanding of ownership" put them in this position. He argues that Sony executives believe they own both the server and the client, so they likely disregarded that there should be a trust boundary for a web service between the server and the client and instead just put a trust boundary between the consumer and the client (anti piracy measures and so on). His argument is that this undermines the basic security principle of never trusting the client. This is a fundamental problem that Sony has, according to GeoHot:
Notice it's only PSN that gave away all your personal data, not Xbox Live when the 360 was hacked, not iTunes when the iPhone was jailbroken, and not Gmail when Android was rooted. Because other companies aren't crazy.
GeoHot comes full circle and once again declares that Sony needs to accept that they do not own and control the PS3 when they sell it to the consumer. That would be nice, but the fact of the matter is that Sony beat GeoHot in court and we haven't made any progress: Sony's official stance remains if you crack your PS3, you'll get banned while hackers continue to battle with the company by cracking the latest PS3 firmware and finding workarounds for the console.