Physical & Digital EST: The Future of Home Video Discussion Thread

[octagon]

Quote:

Originally Posted by Vilya

You are responsible for the security of your phone. If you lose it, few will care because the responsibility was yours all along and it affected just you.

Disney is responsible for the security of their streaming service; their failure to keep this information secure affected thousands of people; this is why it is news.

The "shit happens" argument does not resonate with me and it certainly does not excuse Disney's ineptitude here. They need to take responsibility for their mistake and hopefully they will do exactly that.

What ineptitude? Have any of these stories suggested that any of the user information was stolen from Disney?

If you leave your keys on a bar and your 150 gets boosted that's not necessarily your fault but it sure as shit isn't Ford's fault.

[sapiendut]

If 10,000,000 Altimas sold on one day and thousands of those Altimas got stolen within the first week due to ineffective car lock/immobilizer on Nissan’s part, I’m pretty sure it will be on the news for a very long time.

Your car’s analogy doesn’t work because the number is shown based on sales over the course of the year and/or spread across various brands. My scenario is the only scrnario that will somewhat equivalent to Disney’s service.

[octagon]

And what if those thousands of locks/immobilizers worked just fine but thousands of owners left thousands of keys in those thousands of cars?

Would that still be on Nissan?

[sapiendut]

Do you have problem reading my post?

I wrote “due to faulty lock/immobilizer caused by Nissan”

Sigh.

[Vilya]

Quote:

Originally Posted by octagon

What ineptitude? Have any of these stories suggested that any of the user information was stolen from Disney?

If you leave your keys on a bar and your 150 gets boosted that's not necessarily your fault but it sure as shit isn't Ford's fault.

Accounts were stolen; accounts that Disney was responsible for protecting. Thieves did not break into user's homes and eavesdrop on them logging into their accounts. Their login credentials were not left upon a bar in a public tavern.

Disney has not yet commented on these reports, but they are responsible for securing their service. The details of how and where the cyber thieves stole this information has not been stated, and it may never be published so as not to encourage other such attempts, but it is known that Disney chose not to require two factor authentication for their streaming service. Disney put an easily picked lock on their front door.

"The streaming service does not have two-factor authentication."

"Only hours after the service launched, hackers were selling Disney+ accounts for as little as $3."

"Thousands of these stolen accounts show what kind of subscription the person signed up with and when it expires.

Customers say they saw their emails and passwords changed."

"People waited on telephone and online chat lines for hours, and many still say that Disney has yet to sort their problems.

The company has not replied to a request for comment."

https://www.bbc.com/news/technology-50461171

That next to last quote speaks volumes about Disney's customer service.

[octagon]

Quote:

Originally Posted by sapiendut

Do you have problem reading my post?

I wrote “due to faulty lock/immobilizer caused by Nissan”

Sigh.

Right. And I asked what if it wasn't caused by Nissan.

Quote:

Originally Posted by Vilya

Thieves did not break into user's homes and eavesdrop on them logging into their accounts.

What are you basing that on? Keystroke logging is a pretty common way of illicitly gathering account information of this sort.

Quote:

Originally Posted by Vilya

Disney has not yet commented on these reports, but they are responsible for securing their service. The details of how and where the cyber thieves stole this information has not been stated, and it may never be published so as not to encourage other such attempts,...

So is that a no on whether any of these stories suggest any data was stolen from Disney?

Quote:

Originally Posted by Vilya

...but it is known that Disney chose not to require two factor authentication for their streaming service. Disney put an easily picked lock on their service.

"The streaming service does not have two-factor authentication."

https://www.bbc.com/news/technology-50461171

Neither does Netflix or Hulu. And even services like Paypal and Amazon that offer two factor authorization don't require it.

[Vilya]

Quote:

Originally Posted by octagon

Right. And I asked what if it wasn't caused by Nissan.

What are you basing that on? Keystroke logging is a pretty common way of illicitly gathering account information of this sort.

So is that a no on whether any of these stories suggest any data was stolen from Disney?

Neither does Netflix or Hulu. And even services like Paypal and Amazon that offer two factor authorization don't require it.

How hackers steal account information is rarely disclosed and the investigation is still ongoing, but even when it is concluded the details of how this heist was accomplished will likely remain unpublished. Disney has yet to publicly comment upon this news report.

Lax security is not excused by the always weak answer that others are guilty of it, too. If Netflix and others are similarly hacked due to inadequate security measures, then they, too, will be responsible for the consequences.

Thousands of accounts were stolen; not just a small few from those who might have been careless with their login info.

Bottom line is that the bank is responsible for securing the vault, not the account holder. The "bank" sets all of the security protocols, including password complexity and whether or not to require two factor authentication, and if the "bank" chooses these protocols poorly, then these bad choices are also their responsibility.

[octagon]

Quote:

Originally Posted by Vilya

How hackers steal account information is rarely disclosed and the investigation is still ongoing, but even when it is concluded the details of how this heist was accomplished will likely remain unpublished. Disney has yet to publicly comment upon this news report.

Wouldn't 'yeah, that was a no' have been a lot easier?

Quote:

Originally Posted by Vilya

Lax security is not excused by the always weak answer that others are guilty of it, too. If Netflix and others are similarly hacked due to inadequate security measures, then they, too, will be responsible for the consequences.

What you mean if? Netflix accounts get hacked all the time. It's just not news.

Just like this isn't really news.

Quote:

Originally Posted by Vilya

Bottom line is that the bank is responsible for securing the vault, not the account holder. The bank sets all of the security protocols and if they choose them poorly, then that bad choice is also their responsibility.

If I write my pin on the back of my debit card and leave that card on top of the last ATM I used my bank will cover any unauthorized withdrawals not because those withdrawals would be their fault in their interest to make me whole no matter how ****ing stupid or careless I've been.

Was Disney inept here. Maybe but it really doesn't sound like it.

[octagon]

Quote:

Originally Posted by Vilya

Thousands of accounts were stolen; not just a small few from those who might have been careless with their login info.

Again, what are you basing this on?

Forgive me if I've dropped a zero somewhere along the way but wouldn't a thousand accounts be one one-hundredth of one percent of the ten million total accounts?

How many thousands of accounts were compromised? Five? Ten? Twenty? Fifty?

None of the stories alleged that tens of thousands of accounts were compromised, did they?

So this is a clearly a small few. As to whether they were all careless with their account info, I don't really know.

And neither do you or any of the other people bashing Disney for their supposed ineptitude.

And while I don't know whether any of these people were careless with their account info or reused passwords across multiple platforms or the like, I have absolutely no doubt that the number of Disney account holders who were careless with their info number in the hundreds of thousands if not the millions.

Cause people are careless with this stuff.

[Vilya]

Quote:

Originally Posted by octagon

Wouldn't 'yeah, that was a no' have been a lot easier?



What you mean if? Netflix accounts get hacked all the time. It's just not news.

Just like this isn't really news.



If I write my pin on the back of my debit card and leave that card on top of the last ATM I used my bank will cover any unauthorized withdrawals not because those withdrawals would be their fault in their interest to make me whole no matter how ****ing stupid or careless I've been.

Was Disney inept here. Maybe but it really doesn't sound like it.

The basis for "thousands" is right in the BBC article's title and it is repeated within the body of the article:

Disney+ fans without answers after thousands hacked

"Thousands of Disney customers say they have been hacked after signing up to its online streaming service."

Until, and if, Disney chooses to comment, we will not be able to more specifically quantify the word "thousands"

It clearly is news as the BBC has reported upon it. Other news outlets have likely reported it as well.

I do not know how often Netflix gets hacked and your insistence that it is a routine occurrence has not been substantiated by anything that you have posted.

One person being sloppy with their pin number is not the same thing as thousands of people having their accounts hacked at the same time. If I leave my pin lying about and my account is compromised as a result, my bank will respond to my complaint pretty quickly and rather decisively.

The scale of the security breach clearly implicates Disney. Disney's slow responses, where they have even made any at all, to those affected implicates them further. This ain't one pin number left on a cocktail napkin at Joe's Bar and Grill; it is thousands, plural, of accounts being stolen and resold online all at the same time.

The last word is yours; my coherence wanes as my medication waxes. I did good today, though, posting about 18 times I think.

[sapiendut]

Quote:

Originally Posted by octagon

Right. And I asked what if it wasn't

To jive with Disney+ situation, it is akin to faulty lock/immobilizer caused by Nissan.

Other scenarios don’t come into play so no other instance needs discussing.

[octagon]

Quote:

Originally Posted by sapiendut

To jive with Disney+ situation, it is akin to faulty lock/immobilizer caused by Nissan.

Based on what? How did you determine this was a case of a faulty lock and not a case of keys being left in the lock?

Quote:

Originally Posted by sapiendut

Other scenarios don’t come into play so no other instance needs discussing.

Is that how this works now? You just declare your interpretation the correct interpretation and that obviates the need to discuss alternatives?

Well that must be nice.

[DustnBones001]

Quote:

Originally Posted by Steedeel

There will always be disc collectors.

What incentive do the studios have to keep catering to disc collectors? I hope your right. I wish I had that blind faith that studios will always cater to disc collectors.

[octagon]

Quote:

Originally Posted by Vilya

The basis for "thousands" is right in the BBC article's title and it is repeated within the body of the article:...

I wasn't asking your basis for saying thousands. I was wondering on what basis you concluded that these thousands of accounts were a "not just a small few from those who might have been careless with their login info."

Thousands of accounts aren't just a tiny fraction of the total number of accounts. It's a tiny fraction of one percent of the total number of accounts.

Quote:

Originally Posted by Vilya

The scale of the security breach clearly implicates Disney.

It's a tiny fraction of one percent. That's the scale of this so-called security breach.

[Vilya]

Quote:

Originally Posted by octagon

I wasn't asking your basis for saying thousands. I was wondering on what basis you concluded that these thousands of accounts were a "not just a small few from those who might have been careless with their login info."

Thousands of accounts aren't just a tiny fraction of the total number of accounts. It's a tiny fraction of one percent of the total number of accounts.



It's a tiny fraction of one percent. That's the scale of this so-called security breach.

Factually, there is no way to know what percentage of users were hacked as Disney has not provided any hard numbers. Your underlined statements are stated as if they were facts and we simply do not know precisely how many customers are affected. "Thousands" of users have reported that their accounts were hacked; that is all we know regarding the number of those affected at this time. What we also know is that you think that these "thousands" of people having their accounts hacked is trivial and that you are inclined to blame the victim.

Disney has since publicly responded stating:

"A spokesperson for Disney told CNBC the company “takes the privacy and security of our users’ data very seriously and there is no indication of a security breach on Disney+.”

Disney claims that there is no "indication" of a security breach on Disney+, but that does not rule one out, either. Many companies initially deny responsibility for such security breaches.

https://www.cnbc.com/2019/11/19/hack...o-reports.html

Zdnet.com was the first to report this story and their article is here:

https://www.zdnet.com/article/thousa...acking-forums/

Both articles state that some victims admitted using the same password for multiple websites while other victims said they used unique passwords with Disney+. The ratio of the two was not quantified, so we do not know how many did the former versus the latter.

Zdnet reported that:

"The speed at which hackers have mobilized to monetize Disney+ accounts is astounding. Accounts were put up for sale on hacking forums within hours after the service's launch."

"hacking forums have been flooded with Disney+ accounts, with ads offering access to thousands of account credentials."

Zdnet also stated that:

"One thing Disney+ could do to help users would be to roll out support for multi-factor authentication, a simple solution that would prevent attacks relying on password reuse."

It has been one week since Disney+ launched and it has been one week since the onset of these cyber attacks. Disney+ could have offered multi-factor authentication since these attacks began on day one, but they have failed to do so a full week later. Disney's only public response one week into these attacks has been to deny responsibility for them. Disney has had a week to address this problem and to at least communicate with their affected customers, many of whom have reported that Disney has not even responded to them. Disney's apathetic customer service is on full display.

Sorry about reneging on the "last word" thing; I'll try harder next time if you choose to reply.

[Vilya]

Quote:

Originally Posted by DustnBones001

What incentive do the studios have to keep catering to disc collectors? I hope your right. I wish I had that blind faith that studios will always cater to disc collectors.

For 2018, disc sales brought in $4.03 billion; that's the incentive. That is a fraction of what it once was, but it is still large enough that the studios apparently still want even that small bit of pocket change.

When, and if, compact disc production halts, I might start to worry about declining sales for physical media. It's death has been predicted for ages and yet it remains to this day. There are many niche markets in this world and discs are just one among that number.

[octagon]

Quote:

Originally Posted by Vilya

Factually, there is no way to know what percentage of users were hacked as Disney has not provided any hard numbers. Your underlined statements are stated as if they were facts and we simply do not know precisely how many customers are affected.

And yet we apparently a sufficient factual basis on which to conclude that the scale of the security breach implicates Disney.

Interesting.

Quote:

Originally Posted by Vilya

What we also know is that you think that these "thousands" of people having their accounts hacked is trivial...

True.

Quote:

Originally Posted by Vilya

...and that you are inclined to blame the victim.

False.

If you'll recall, in one of my hypotheticals I had you leaving the keys to your truck on a bar and said that the subsequent theft of your truck would not necessarily be your fault.

Every years tens of thousands of people admit to having left their keys in their stolen cars. Do I blame those tens of thousands of people for the theft of those tens of thousands of cars? I do not. Nor do I blame car companies for making it so easy to start a car when you have the freaking keys. Cause, you know, that would be

So who do I blame? I blame the idiots who think it's okay to drive off with somebody else's freaking car.

I confess to being a bit old-fashioned that way.

Quote:

Originally Posted by Vilya

Zdnet.com was the first to report this story and their article is here:

https://www.zdnet.com/article/thousa...acking-forums/

Yeah, I read it earlier, thanks. It was a hot link in the BBC story.

Quote:

Originally Posted by Vilya

Both articles state that some victims admitted using the same password for multiple websites while other victims said they used unique passwords with Disney+. The ratio of the two was not quantified, so we do not know how many did the former versus the latter.

The Zdnet article also states that among the stolen account information was account information placed there by the legitimate account owners for the purpose of account sharing. That's probably a relatively small slice of the account info available online but like you say, I guess we can't really know that.

Quote:

Originally Posted by Vilya

Zdnet reported that:

"The speed at which hackers have mobilized to monetize Disney+ accounts is astounding. Accounts were put up for sale on hacking forums within hours after the service's launch."

"hacking forums have been flooded with Disney+ accounts, with ads offering access to thousands of account credentials."

They also said that "Hacking forums have been overflowing with hacked Amazon Prime, Hulu, and Netflix accounts". This is exactly what I was talking about when I said this story wasn't really news.

This is not a new story. It's an old story with new names.

Quote:

Originally Posted by Vilya

Sorry about reneging on the "last word" thing; I'll try harder next time if you choose to reply.

It's not your fault. Far be it from me to blame the victim of my engaging conversational stylings.

[bhampton]

Quote:

Originally Posted by DustnBones001

What incentive do the studios have to keep catering to disc collectors? I hope your right. I wish I had that blind faith that studios will always cater to disc collectors.

This is simple. If something is available now and you want it then try to get it. It may not be there in the future if you get a future.

Worry about physical media is pointless. More so if you plan to buy the available physical media that exists.

The biggest Cheerleader for 8-Track tapes would not be able to prevent new forms of media but that person could get some 8-Track tapes and maybe a back up player.

Don't worry about the future unless you want to consider more important and real future possibilities. Maybe VR will take over and result in less energy use but also even less person to person interaction and maybe that's a good thing as people may not be so great when you get to know them.

I think Black Friday is next week... that's the future and a great time to add to your discs collection.

-Brian

[octagon]

Quote:

Originally Posted by bhampton

I think Black Friday is next week... that's the future...

-Brian

I'm not a tattoo person but if I was...

[Steedeel]

Quote:

Originally Posted by bhampton

This is simple. If something is available now and you want it then try to get it. It may not be there in the future if you get a future.

Worry about physical media is pointless. More so if you plan to buy the available physical media that exists.

The biggest Cheerleader for 8-Track tapes would not be able to prevent new forms of media but that person could get some 8-Track tapes and maybe a back up player.

Don't worry about the future unless you want to consider more important and real future possibilities. Maybe VR will take over and result in less energy use but also even less person to person interaction and maybe that's a good thing as people may not be so great when you get to know them.

I think Black Friday is next week... that's the future and a great time to add to your discs collection.

-Brian

Less energy use? Have you played some VR games?

If the industry is so obsessed with interaction, we won’t just be watching the films passively.