Friday, August 5, 2011

The Pwnie Awards

A couple of days ago the Pwnies were handed in Las Vegas. In case you're not familiar with them, they're basically the Oscars for achievements in technology (more specifically Information Security), awarded to those who move the field forwards, but at the same time they're the Raspberries, giving the dreaded "Most Epic Fail" award to those who deserve it.

The ponies pwnies

The big loser this year was Sony. It came as no surprise because it was the only nominee, albeit for a number of different reasons:

Sony After Fail0verflow and GeoHot published how to jailbreak the PS3, Sony got a bit miffed. Apparently unfamiliar with how the Internet works and how difficult it is to remove the piss from a swimming pool, Sony proceeded to try erase the information from the Internet and sue GeoHot et al. into oblivion. Needless to say, this was about as successful as the MiniDisc.
Sony Speaking of piss in a swimming pool, that just happened to be how well Sony protected their Sony Online Entertainment (SOE) users' account info and roughly 25 to 77 million account details were stolen by unknown hackers. That metaphor makes just about no sense at all, but you get the point: FAIL.
Sony Sony is definitely good at one thing: keeping the hits coming and their fans entertained. Oh wait, did we say Sony? We meant LulzSec. I guess that counts as another FAIL for Sony.
Sony After learning the hard way that their PlayStation Network was about as porous as air, Sony had to shut it down for over two months to rebuild it from scratch. In doing so, they made everyone from your 8-year old cousin to your barber learn about the importance of security. Hooray for us, sorry Sony shareholders.
Sony Noticing a pattern here? But wait, it gets better. Sony might have been able to better repel the multitude of attacks if they hadn't just recently laid off a significant number of their network security team. Great timing, guys.

The polar opposite, Epic 0wnage, which goes for "the hackers responsible for delivering the most damaging, widely publicized, or hilarious 0wnage.", went to Stuxnet this year, a worm that targets Siemens industrial equipment and that some say was engineered on purpose to tackle Iran's nuclear program supposedly using black marketed Siemens machinery.
How many centrifuges did your rootkit destroy? How many national nuclear programs did your worm disrupt? How many 0day exploits and rootkits for equipment that no one you has ever heard of have you written? Exactly.
Other nominees included LulzSec, Anonymous and Wikileaks.

Click here for the rest of the winners.


  1. Haha I didn't know they had such a thing. The Pwnies? xD
    I like Lulzsec's logo :D
    Sony is obviously going through a bad phase, wonder how long it will take for them to work out their issues and not feature on the Pwnies nominations (damn, I can't get over the name :P)

  2. I didn't know they actually had awards like this, I would say that Sony really did deserve that award though.

  3. I dunno, I still like sony even though they made some big mistakes there... Thing is, if you don't risk anything you won't get anywhere... It's true that a security breach isn't nice, but at least they put their effords into it and fixed it...

  4. I guess I've been living under a rock or something but I didn't hear about stuxnet. I think LulzSec or Wikileaks should have won...they did some big damage.

  5. once you've failed, there's nowhere else to go than doing it right, good thing their mistakes has shown us the importance of security

  6. Or die in the adventure, be my helps, Following!

  7. Of monstrous lust the due and just reward: Following!

  8. Can't believe these

  9. I can't believe these actually exist :P