Hackers Nab Unreleased Michael Jackson Tracks From Sony

wiredmikey writes "Sony once again has found itself in the news surrounding another hacking-related incident. This time around, the breach doesn't appear to involve any lost user data or customer accounts, but instead, some valuable property owned by the record company. Today, several British news outlets have reported that more than 50,000 music tracks have been illegally accessed and downloaded by hackers, including a large number from the late Michael Jackson. Sony bought the catalog from Jackson's estate for $250 million in 2010, giving the company distribution rights to the unreleased music. The attack reportedly occurred shortly after details of the massive PlayStation Network breach last April, but details were only revealed this past weekend."

why?

[MickyTheIdiot]

Not every system you have needs to be connected to the Internet. Why in the world was such valuable digital property on a system that had ANY connection to the Internet, thorough NAT or otherwise?

I'm sorry... it just doesn't make sense. It's like all the talk of the vulnerable power grid... just don't put those items on the open internet. Or better yet... don't network them at all and have a human attend it in a secure place.

Re:

[Loether]

Wow what a pain that would be to administer such a landlocked system. Patching, backups, updating the content, accessing the content. What do they do when they want to access the file to mix it, or to distribute, publish the new song. What do they do when they get a new artist signed and it's time to add a song to the collection. Send in Joe the Admin with his thumbdrive to download or upload the needed song. I agree with you that there security is beyond poor, but land-locking the entire system as a

Re:why?

[jesseck]

I agree with you that there security is beyond poor, but land-locking the entire system as a solution to me doesn't seem like the best course of action.

I guess it depends on how valuable the item is- if RIAA were to be counting, what was stolen was trillions of dollars. A thumbdrive and a dedicated admin to administer the landlocked system is a fraction of the value in that case.

Of course, in the real world, Sony knew the music was not worth trillions, and that is why it was connected to the Internet.

Re:

[bernywork]

There is plenty of times these exact things happen. It's called "Security" and it's big business. While you complain about it, in a lot of places these things happen for a reason and yes there is security personnel who review data brought between the networks. Stop being so short sighted.

Re: $50,000 Tracks

[TaoPhoenix]

Wait a minute, the Spin Doctor got here and led us right where he wants us.

So the real story is that Sony lost security on 50,000 tracks and the title became "Michael Jackson tracks copied"?! Really? They had to pick one of only about 10 Flamebait artists?

Re:

[Sir_Sri]

Again though, if you have 25 studios all around the world, each one of which could be working on all or part of a track, it becomes very hard to manage thousands of separate pieces of data.

It's not that the potential security arrangements are impossible, they certainly aren't, record companies did business long before the internet, so that's even an option. It's that an effective, collaborative workflow for hundreds or thousands of employees around the world, or even on one large facility, it's a time wast

Re:

[Lumpy]

"Again though, if you have 25 studios all around the world, each one of which could be working on all or part of a track, it becomes very hard to manage thousands of separate pieces of data."

that never happens. they dont mix the beginning in hong kong and then have the ireland guys clean up the drums.

and even if you had to have such a wacked out unrealistic setup, you can easily have an isolated network that spans the globe, you just pay for a point to point connection. the size of sony, they could purch

Re:

[Sir_Sri]

Are you sure they don't? I did IT work for a guy who had a studio in toronto where he did guitar work for artists, which they did real time collaboration with other studios to integrate things. The artist could be in London or Los Angles or the like and they had some setup where they could collaboratively combine all of that stuff at once. I know his studio did voice work as well, but his specialty was guitar so I know they had some special hookup on the guiltar so it would transmit specially (i.e. the f

Re:

[Linuxmonger]

Wow what a pain that would be to administer such a landlocked system. Patching, backups, updating the content, accessing the content.

Do you really need to do those things on a machine that has no network connection?

Assuming that when the machine was put into place it did the functions it was required to, what is the point of updating? I remember doing an update on a machine once to find out that the single file changed was the software providers logo - they had changed a background color and listed it as a required update.

Re:

[betterunixthanunix]

Do you really need to do those things on a machine that has no network connection?

Absolutely -- there are going to be insider threats, and they have the potential to do more damage than outsiders. Do you really think that your $35k/year janitor is not going to be paid twice that by someone trying to download your valuable data? Do you really think that a disgruntled employee would not try to run an exploit pack on your airgapped, security-sensitive system? Security is about more than simply keeping the outsiders out.

Re:

[Lumpy]

You know how easy it is to get someone to infiltrate the cleaning crew? IF you want in a company's secret systems, that is what you do. The morons on the executive wing and security office don't understand this. the only way to fix it is either pay the cleaning people handsomely, or clean up your own trash. Either one will never happen in a corporation.

In fact at comcast we used to call the cleaning crew to get into the areas we did not have access. Their keycards would let them in everywhere, includ

Re:

[Isaac Remuant]

How about clean while you're there like it happens in our place? (Unless you can't handle a minor interruption once a day)

Re:

[AlamedaStone]

How about clean while you're there like it happens in our place? (Unless you can't handle a minor interruption once a day)

Yeah, like I'm going to pick up trash in my f**king $6300 suit.

Come on!

(/gob)

Correction.

[Isaac Remuant]

I fucked up what I was trying to say. The cleaning crew comes when we are present. If we are not present, door is locked and no one gets inside.

Re:why?

[betterunixthanunix]

Wow what a pain that would be to administer such a landlocked system

If you paid $250 million for the data stored on that system, and you know that there are lots of people who would love to download that data without your permission, would you really think that the administrative work is too much? That should have been one of the highest security systems Sony owned, and it should not have been connected to the Internet.

What do they do when they want to access the file to mix it, or to distribute, publish the new song

None of those require an Internet connection. You can connect the computers involved in mixing to a private network, where you can control who has access to the network and you can monitor the network as a whole, and then you can transfer the files. Likewise with machines that publish the music on physical media. Publishing electronically will be harder, but for the money they paid for that data, it seems like a reasonable effort.

What do they do when they get a new artist signed and it's time to add a song to the collection

Not store it on the same system as the collection that can never be updated, and that once leaked loses a lot of value. This sounds like a pretty typical MLS problem.

Re:

[DarwinSurvivor]

Sony did not pay $250,000 for copies of those songs. They paid $250,000 for the rights to SELL (or license as they call it) those songs for a profit. Sure, someone could steal the songs, but the "thief" is not going to be able to then sell those albums for $10 a pop at HMV or post them on iTunes. Remember, as soon as they start selling the songs, security of the original version is pretty much pointless since everyone with 10 bucks can get a legal copy as well. The only exception (as the title actually poin

Re:

[Oswald McWeany]

If I ever complete my novel and become famous I plan to do exactly this. Maintain a landlocked system where I write.

Of course- I need to complete a book first. Before that- I need to learn basic grammer and spelling.

Re:

[Lumpy]

The same thing they do on Video editing systems at most places. cart the files on a drive. I did IT for a major Tv production house, none of the AVID's were on a private separated network. all projects and assets were carted around outside the AVID isolated network and media server.

IF IT whines, you smack them and tell them to STFU and RTFM as putting extra effort into protecting the machines that actually makes money is more important than upsetting a few wanna-be BOFH's.

Re:

[RocketRabbit]

I suppose this is why all the top secret military information is on machines hooked up to the internet - so that it's easy to patch them.

If you have information that you never want to be released, why keep it on a "machine" at all? You'd put that data onto several kinds of storage media, to future-proof it, and store several copies in different locked vaults. No need at all to even have it available live.

Re:

[Wraithlyn]

Pretty sure he knows what the actual definition of landlocked is.

And yet, everyone instantly knew what he meant. Perfectly intuitive metaphor (ie, the internet as ocean).

Re:why?

[Isaac Remuant]

Ohhhhhh, so that's where Clouds come from. I get it now.

Re:why?

[Lennie]

It might have started with just a desktop with a browser you know. After one system gets compromised it might be possible to get deeper in the corporate networks of Sony.

Even the Nuclear facilities in Iran were not connected the Internet (it did have an air gap) but the Stuxnet virus still got in.

But did data get out?

[dutchwhizzman]

Sure, data got in, Stuxnet got in. But no data got out. If you want to protect your IP from "theft" (they still have the data, so any file sharing evangelist won't call it theft) landlocking seems like a perfect layer of security. Trusting just the one layer is not very smart, but as security layers come, in this case, it would be quite effective.

Encrypting each individual track and storing the keys on another landlocked location would make it a lot better, but it would make access to the date quite a bit

Re:But did data get out?

[Dog-Cow]

All my servers are landlocked. Unless the data center gets flooded.

Re:

[tlhIngan]

Sure, data got in, Stuxnet got in. But no data got out. If you want to protect your IP from "theft" (they still have the data, so any file sharing evangelist won't call it theft) landlocking seems like a perfect layer of security. Trusting just the one layer is not very smart, but as security layers come, in this case, it would be quite effective.

If Stuxnet could get in, it could leak data out (It just wasn't designed to). The fact it got in meant people with thumbdrives were regularly plugging stuf

Re:

[Jah-Wren Ryel]

Even the Nuclear facilities in Iran were not connected the Internet (it did have an air gap) but the Stuxnet virus still got in.

Getting in is the 'easy' part. It is the getting back out with useful information where the air-gap is useful.

Even the US DoD's air-gap networks were infilitrated [wired.com] but the attack didn't get back out again

Re:why?

[AvitarX]

It's fucking music tracks they were not releasing to cash in at a later point.

This was going to be available at some point in the future, and it's better for society that it's available now. Locked up in a vault they had zero value.

Re:why?

[poetmatt]

Yep, this actually highlights some really supreme losses to society by virtue of the Jackson estate hoarding the shit out of Michael's music and Sony too.

Were it not for this we'd see Jackson remixes for the next 100 years if Sony had their way. Good on the hackers to get that stuff out there instead into society where *society* can benefit.

Talk about greed vs culture.

Re:why?

[Richard_at_work]

I'm sorry, is "society" really entitled to everything a person created, ever? Even if they themselves never published it to the world?

My opinion is that, no, society isn't entitled to everything - a person is quite entitled to not release something and its no loss at all to society at large, because it never influenced it in the first place.

Re:why?

[Toze]

because it never influenced it in the first place.

Except that Michael Jackson was influenced by Little Richard, James Brown, and Diana Ross. And Michelangelo lifted Ghiberti's Gates of Paradise for the posing of the Sistine Chapel. And every artist ever is influenced tremendously by all the artists that preceded them, and no art is created ex nihilo. The arguments for not releasing an artist's work (ie copyright) are never that the artist doesn't owe anything to society, but that the artist needs to make a living, or to ensure that their children are provided for.

In other words, yes, society really is entitled to everything a person creates, ever, even if they never published it, because that person appropriated the majority of their work from society in the first place. Our societies have, in the last 400 years, been willing to trade some of what we're owed in free speech in order to provide monetary reward to the artists, but we're still owed that speech. Disney didn't invent Cinderella, Dan Brown didn't invent the Catholic church, Dan Bull didn't invent either rapping or Skyrim (nor did Bioware invent fantasy adventure or videogames, nor did Tolkien invent magic rings or elves, etc.., etc., etc.).

Re:

[Richard_at_work]

I'm sorry, but that entire argument is just fucking ridiculous, but I expect nothing less of a community such as Slashdot to come up with such rubbish.

The fact that an artist is influenced by those that went before him has absolutely nothing to do with the apparent appropriation of private, unreleased works - you have no right to those, no entitlement to them, and there is no justification you can give to support the forced acquisition of said private works.

I couldn't care less that Disney didn't invent Cin

Re:

[Toze]

Wow, you're really mad about this, huh? Okay. I have a clarification and a question.

The clarification is that I was talking about completed works after the artist's death.
The question is this; you describe the idea of society being owed the creative work as "rubbish" and "ridiculous" and "sociopathic" and "infantile" and that releasing work "should be" the artist's choice. Why? I get that you don't buy the idea that all art is theft- though I disagree with you on that- but you haven't explained what system

Re:

[mcgrew]

I'm sorry, is "society" really entitled to everything a person created, ever? Even if they themselves never published it to the world?

Yes. Article 2, section 8 of the US Constitution:

The Congress shall have power to... promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries;

Copyright is granted in order for more works to become the public domain's. I don't own the stories I write, you do, as does

Re:

[poetmatt]

Yes, they are. Why do you suppose copyright isn't forever? Eventually society is entitled to everything. It's just that people are selfish *and* idiotic and think that hoarding is somehow better. (cue arguments about "Steaaaling!" etc etc).

Not one piece of music wasn't influenced by something prior - hardly even a 'creative' work. Just a remix/derivative.

Re:

[Em Adespoton]

I'm sorry, is "society" really entitled to everything a person created, ever? Even if they themselves never published it to the world?

My opinion is that, no, society isn't entitled to everything - a person is quite entitled to not release something and its no loss at all to society at large, because it never influenced it in the first place.

This is an excellent point that just helped me clarify my own views on copyright:
A person or organization should not be allowed unlimited control over something they have used to influence society.
A person or organization SHOULD be allowed unlimited control over the choice of whether to use some work to influence society.

Pedants aside, and following the "Limited" discussion in the AT&T story, restricting socialization of works artificially in order to "create" value for the producer is anti-social. The

Re:

[Oswald McWeany]

it's better for society that it's available now

I disagree- this is Michael Jackson's music we're talking about- it is better that this never is broardcast ever. Legally or illlegally.

Re:why?

[MightyYar]

While I don't condone the theft, your comment is striking in how it highlights the way copyright has gone astray. Some of Micheal's music has been in copyright for close to 40 years already. And yet for a lucid, rational person for yourself, it seems reasonable to put forward that his kids need another shot of royalties so that they will have a "legacy". Now, I have nothing against providing your children (especially young children) with a bundle of cash to get them through early life and their educations - hell, maybe even a nice starter-mansion and first Rolls-Royce... but all of that could have been done through saving his money, investments, and life insurance... they sure don't need society to grant them welfare payments just because their dad(?) was a good singer.

Copyright is supposed to be about convincing artists to produce their creative works. It's supposed to be about making it a reasonable career choice to become a singer, painter, artist, etc. Why? So that we, as a society, get more creative output. It is not about making sons-of-good-singers rich. When the artist you are providing an incentive to dies, the incentive should die as well. At the very least, it should die within the number of years that a typical corporation plans for. If I'm being generous, Sony might have a 10-year plan.

As for the pizza parlor and the UPS man, this is beginning to sound an awful lot like the broken window fallacy to me. I have a sneaking suspicion that UPS could ship works based upon Michael Jackson's songs that fell into public domain just as well as they ship his 20-30 year-old stuff.

Re:

[The Archon V2.0]

they sure don't need society to grant them welfare payments just because their dad(?) was a good singer.

Or their granddad. Or their great granddad. Because there's copyrights around now that have outlived not merely the creator but also some (or all) of the creator's children, even when the creator died early and the children are dying of old age. The great-grandkids are old enough to have jobs while the works of someone who's more ancestor than family member are still under copyright, not that they ever see the profits anyway.

Long way from the desperate-widow-and-her-baby-in-a-shack image the companies pro

Re:

[MightyYar]

Shold MJ's kids profit form "anyone" singing MJ's songs? I don't think so. Should they profit from copies of their Father singing the song? I don't see a problem in that.

They can and do profit from it, even without royalties. If my father was a wall street tycoon (I wish), I would benefit from it even without getting a magic royalty benefit check every month. Presumably, he would have saved some money for me (maybe in a rich boy trust?), he would have fed me well, and he would have given me a good education. The fact is that those kids did no work whatsoever - not one shred, and they are getting paid for it by society (by the government, really). That makes it pure charity,

Re:

[MightyYar]

I am sorry, I don't understand the 'getting paid by government' part how does this work out?

The only reason that copyright exists is through government. That we pay them directly is just an implementation detail.

I guess, to be more clear is that I believe people should get paid for tangible products they create within the scope of original CP law but the intangible elements should be shared.

I see it all as equally tangible/not tangible. Especially now with everything going digital, most music never sees any kind of physical distribution. There is also nothing less tangible about notes printed on a sheet of paper than there is bits etched on a shiny disk.

At the end of the day, it is all just information. In ye olden days, you had two choices with any kind of information: share

Re:

[Stizark]

As I see it, you're the only one referring to it as 'free' music. Most of the rest of us see it as just music-- and, arguably, art. Art which, while already created, was kept in a vault for the sake of corporate profit. The artist didn't profit from it, his estate did-- and they were already paid. And the company would have waited until 'experts' tell them that such music would have been at most value. Then, they would slowly drip out small albums at exorbitant (IMHO) costs.

So while I understand the need

Re:

[Richard_at_work]

Still got more mod points I see?

Re:

[Richard_at_work]

Or in other words, the normal Slashdot mantra...

Re:

[hcs_$reboot]

Maybe they try to break their own 2011 hacking record? Frankly, considering the numerous and obvious methods used in 2011 (like SQL injection) I would not be surprised to learn (maybe from the inside) that their IT organization is an unimaginable mess.

Re:

[ackthpt]

Not every system you have needs to be connected to the Internet. Why in the world was such valuable digital property on a system that had ANY connection to the Internet, thorough NAT or otherwise?

I'm sorry... it just doesn't make sense. It's like all the talk of the vulnerable power grid... just don't put those items on the open internet. Or better yet... don't network them at all and have a human attend it in a secure place.

Really couldn't agree more. There'd be so little to read on Slashdot if people had a lick of sense anymore regarding networking computers. If it needs to be on the local network, put it there. If it needs to get to the outside, put it behind a firewall. If it doesn't require any connectivity, then don't network it at all (damn Microsoft and their auto-updates, forget about them!)

Geez, it's like the current generation of IT people would, in charge of a bank, leave the doors and vault open all night, with

Re:

[DarwinSurvivor]

The data on those machines was not worth $250,000 as many people erroneously assume. It was the LICENSE to SELL those songs on the market that was worth $250,000. The instant Sony starts making any money (by selling/licensing them), they are instantly available for $.99/each. The "thieves" did not steal the $250,000 licenses, they simply stole one copy of each song (which are all either available already or will be soon). The only material stolen that could POSSIBLY be considered a problem would be tracks t

Re:

[tixxit]

I do agree it was silly. Nonetheless, I (somewhat) recently read Kevin Mitnick's autobiography Ghost in the Wires. At some point he was basically going around collecting the source code of phone operating systems. For one OS, he went so far as to have someone mail out a set of floppies with the OS on it, since he couldn't get in from the outside.

Re:

[AmiMoJo]

It's obvious, when they want to distribute their latest (s)hits they use Megaupload! Didn't you see the video? Loads of Sony artists use it!

Re:

[517714]

Technically yes, this a pretext for heavy-handed RIAA sponsored legislation that will eliminate many consumers' rights while doing nothing to the actual criminals involved in such crimes. Undoubtedly, Michael Jackson's name will be prominent in the rhetoric and bill. I expect broad bipartisan support for the measure in both houses and from the President.

Smooth

[Anonymous Coward]

Some smooth criminals!

Bad

[langelgjm]

Really, really bad.

Re:

[arelas]

It's not as Black or White as you make it seem.

Re:

[Master Moose]

It was Dangerous

Re:

[Metabolife]

Whatever security measure Sony had in place, these hackers beat it.

Re:

[MimeticLie]

I bet Sony wishes all these hackers would just beat it.

Re:Smooth

[TheCarp]

Sony are you ok? Are you ok Sony?

Re:

[Ihmhi]

Oh no!

Re:

[acedotcom]

Sony, you can't win.

Good marketing

[asdbffg]

Really. This will get some good buzz going in advance of Sony formally releasing the tracks.

Re:

[Shoe Puppet]

I wouldn't be surprised if those where the only copies, and the hackers deleted them. But they'll probably chase after the hackers and force them to re-upload the tracks to their servers in either case.

Re:Good marketing

[DarkOx]

I certainly how those were the only copies and the hackers deleted them. If there is one thing Sony does not need its more money, and if there is one thing I don't want to have to suffer hearing on the play list of every pub, is more of that man's terrible music.

Re:

[Riceballsan]

Highly unlikely that they are the only copy, knowing sony they are probably behind the times, and thus have copies on CD's for the executives to listen to, and no matter how good a hacker is... destroying CDs remotely is not an easy feat.

Including a large number from Michael Jackson

[Barbara, not Barbie]

including a large number from the late Michael Jackson

And nothing of value was lost ...

In further news ...

[Barbara, not Barbie]

Reporter: "So you're saying that these are unreleased tracks that were made before Michael Jacksons' death?"
Sony: "No, no - these are tracks from the LATE Michael Jackson!"
Reporter: "You mean, this is stuff from AFTER he died?"
Sony: "Exactly! This is music he created after death."
Reporter: "That's didiculous! How can he write music if he's dead?"
Sony: "He's de-composing, duh!"
Sony: "It's all in the contract. When you sign with us, we really do own your soul!"

Re:

[Hentes]

Of course not, it was only copied and the original version is still there.

Re:

[oldmac31310]

Exactly what I was thinking.

I wonder

[ooshna]

Will Sony finally get their heads out of their asses and get some adequate security now that they have gotten something important stolen from them instead of their customers?

Re:I wonder

[ZeroSumHappiness]

No. They can now just conflate crackers, hackers AND pirates and get even stricter laws into enforcement. This isn't a security problem on their end of course. This is because we're too soft on those dirty music downloaders.

Re:

[ZeroSumHappiness]

Okay, I really can't let that go.

Whoosh.

Re:

[AdrianKemp]

Yeah, if only you had actually meant it that way.

Re:

[AngryDeuce]

I don't know but I'm sure I'll have another ToS to accept on my PS3 anyway...

Unreleased = No Copyright?

[udoschuermann]

Would copyright law apply to unreleased (and potentially unknown) materials? What if someone stamped their copyright notice on those stolen materials? How would Sony prove ownership and (exclusive) distribution rights? And would the simple assertion ("it's ours") be enough to support a take-down notice? Could anyone take down anything merely by making such a claim?

Re:

[langelgjm]

If the songs were created anytime in the past few decades, copyright applies automatically upon fixation of the work in a tangible medium of expression. Publication is not necessary. The rules for older works get much more complicated, but unlikely to apply here.

Re:

[kanto]

Publication is not necessary. The rules for older works get much more complicated, but unlikely to apply here.

The question was about how they will prove they own the work. Anyone can claim they make the track in his basement with synthesizer and various audio filter. Yes, copyright apply before publication, but if you are not the first to publish the burden of the prove rest on you. While i have no doubt that Sony has enough money to win any cause in court, the question remain valid and interesting.

Afaik you could use a use a sealed postal letter to yourself (not sure if this translates correctly) or use a public notary to do something similar; both would at least work as a sign of you being in possession of the songs before they were released.

Re:

[UnknowingFool]

Copyright exists when the work is created. Registering a copyright with the appropriate government agency makes it official. One of requirements of copyright is ownership so someone other than Sony trying to register these works would likely be challenged. See the SCO v Novell situation. Novell registered the Unix copyrights before SCO did because of SCO's behavior.

Where's the music?

[Dan East]

So where is this music? Why hasn't it spread far and wide over the net? I suspect the hackers are holding onto it in an attempt to blackmail Sony for a big chunk of cash.

Re:

[Hatta]

If I cared, I'd look for it on USENET or one of the darknets. Anyone connecting to a tracker that hosts this archive is begging for a lawsuit.

Service to man kind

[Shivetya]

You know, Weapons of Mass Distortion...

and not all of these tracks are by artist people want to hear, I mean, there are good chances of unreleased Celine Dion tracks in there. Think of the children

Re:Where's the music?

[ZombieBraintrust]

Hackers likely didn't know what they had. They grabbed a ton of data and used software to sift through it for passwords, credit cards and email addresses. Going through all the music and finding the songs that were unrealeased would take plenty of ears or a music matching database. That is why Sony waited a full year before talking about this.

Re:

[udoschuermann]

Maybe it was unreleased (and nobody bothered to make a torrent out of it) because it was actually awful?

distribution rights :)

[ciderbrew]

Sony, distribution is not a right. Well it's not now anyway.

Where can we get it?

[wisnoskij]

Is there a torrent or something now?

Arrests will be made

[Anonymous Coward]

Anyone want to bet that Sony will put a lot more time and money into this round of hacking versus the loss of customer data that happened previously?

Until now

[overshoot]

I've never had much of a problem with the mischief-cracking set.

This could change my mind.

Were they hackers from 1985?

[elrous0]

Look, nothing against the guy, but how many people young enough to pirate still give a rat's ass about a singer whose career peeked about 25 years ago?

Re:

[Hognoxious]

a singer whose career peeked about 25 years ago?

Some witty rejoinder about poking would appear to be in order, but unfortunately I can't find any way at all to link it to the deceased performer in question.

Re:

[Ziekheid]

You might want to think again when it comes to true sceners vs the average P2P user when it comes to age.
Also, you might want to have a look at the itunes sales from 'a singer whose career peeked about 25 years ago'.

Re:

[Beelzebud]

His career peaked 25 years ago, and he's dead; But I'll bet he still earned more money than you did last year...

Re:

[Hentes]

It might come as a surprise but there are also people listening to music that is hundreds of years old.

Truly baffling

[Anonymous Coward]

Ok. So 50,000 tracks got downloaded.

Let's say for sake of argument, and since this was from their digital archive according to news radio this morning, that each of these tracks were in format of uncompressed audio. Would they really keep tracks as AAC, MP3, or MPA in their digital archive? I'm gonna be generous here and say each track was 25MB. That's roughly, 125GB of data to be downloaded. That isn't something you do overnight. That's something that takes days if not weeks, and possibly a month. Massive net security failure here, or what?

You have an obviously massive amount of money invested in that archive, and yet you don't protect it with approriate network security? I have to wonder how much their yearly network security expenditure was to protect that investment. $10,000? Clearly, they still haven't gotten the message that network security is important, even after the PSN lashing.

As little as I want to sympathize with Sony and it's continual targetting by subverts of the net, I just can't. They're a multi-Billion dollar a year company who have been in business for DECADES! How are you still in business with blunders like this?!?!? How the hell can you go around dropping hundreds of Millions on music catalogues and not protect your investment?

On a personal note, I wrote off Sony in 2000 when I bought my last TV whose components shorted at half their estimated life-time. I'm just truly baffled that a company this large, and with such massive influence and monies, can't take its online presence seriously.

Re:

[Baloroth]

This is Sony. Their idea of a Captcha is, well, this [sony.com] (Google, BTW, returns the Captcha letters in plaintext if you search for it. Yeah, not so good on the "stopping bots" there Sony). Sony is simply incompetent when it comes to security: there is no other way to put it. Their vaunted PS3 secure bootloader? Yeah, turns out they don't know how to properly sign their keys (instead of using random numbers in the signature, they always used the same number, allowing anyone to discover their private signing key w

Re:

[TheCarp]

Yes yes but any large enough org starts to stop acting like a single company at some point, and more like a country. Sure there is some central group who speak for everyone and claim singular direction and vision, when the reality is, they are full of different and often competing interests.

It would surprise me more if they had all of the source for all of their software hosted on an unsecured FTP server...just because its unlikely there is a single company-wide repository...or even if there is one.... that

Re:

[Chris Brewer]

It's worse than that, the Captcha isn't even an image, it's a table with random vertical aligns (top, bottom). The letters are plain text in the source that Sony thinks disabling the context menu will protect.

Support your artists

[GodfatherofSoul]

If you don't want to more and more corporate-produced, demographically-designed artists, start buying your damned CDs from the people you like instead of downloading it for free and complaining about how crappy music is nowadays. I'm not even a huge music fan, but I make a point to buy CDs when I hear something I like.

Tiny violins?

[mindcandy]

filetype:torrent "tiny violins"

Legal lock down of digital media in 5..4..3..2...

[whovian]

No matter whether Sony should've kept this on an isolated network or they weren't really planning to do anything with the tracks, I expect them to portray this incident as evidence in support of legally locking down all digital media. I would not be surprised if the "look what can happen" card will be played with renewed vigor.

Data wants to be free - arts and music need to be

[Pf0tzenpfritz]

• Michael Jackson is dead - so he is not going to finish or republish anything
• Jackson -if you liked him or not- had massive influence on pop music during his creative phase
• SONY kept unpublished works as "property" and locked away from the public
• they had no right to do so

They might be legally entitled to do so but this only shows how screwed up IP is as a concept. You can not seriously keep unpublished works of an artist locked away after his death, as they are of common interest. History of culture and especially contemporary music would be plain incomplete and partially wrong if noone can find out which pieces a major artist did not publish and for what reasons. In fine arts and literature this is considered obvious, in music it always has been - before major labels and their absurd ideas about "owning" works arose. No need to mention that creative works are not solitary, isolated entities but results and part of their cultural context. To lock this context away, means to cripple culture itself. It doesn't matter if you agree. Progress won't matter. It will just happen elsewhere.

the "S" is for "sieve"

[swschrad]

if you got your CS skills from matchbook U, there's a job for you at Sony.

Jeez...

[Jawnn]

Why couldn't they have stolen some good music? Go ahead. Tag me for trolling. I don't care. Even at it's best, MJ's music, like so much "pop" music, has little to recommend it, sonically or stylistically.

Re:

[CodeHxr]

I don't think that all 50k tracks were MJ. Some were other artists, I'm sure...