After days and days of the Playstation Network being offline, Sony has announced it has taken the service down indefinitely. The cause is a lot more severe than previously thought: PSN has been systematically attacked, and personal information of all users has been stolen, possibly including credit card data. Sony is asking PSN users to keep close tabs on their credit card account statements. This has turned from a rather amusing slap on the wrist for Sony into a massive and truly epic security fail that could have tremendous consequences for millions and millions of people the world over.
Sony shut down PSN last week due to an attack by hackers. People quickly assumed it was Anonymous, but influential people within that “organisation” have denied any involvement. It makes sense to believe them, since the whole goal of Anonymous is to take credit for their actions, to make a point (whether you agree with said point or not). Now that we’re a week later, it’s becoming clear that we’re not dealing with a simple protest against Sony’s anti-consumer behaviour.
It’s all much more malicious.
Sony has confirmed what some folks have already been murmuring about on forums for a while – suspicious credit card activity. The attackers have managed to get their hands on the user information of all Playstation Network users, possibly including credit card information. As such, if you have linked a credit card to your PSN account, it is vital that you keep very close tabs on your credit card’s activity.
“We believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained,” Sony states, “If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility.”
However, if you read through for instance the Ars Technica forum, you’ll see several people sharing tales of seeing fraudulent activity on the credit cards they’re also using for PSN – activity which started during this whole PSN failure. I’m suspecting Sony isn’t being entirely transparant about what it knows at this point, but at least it offers an apology.
“We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience,” Sony states, “Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority.”
At this point, there is no indication as to when PSN will come online again, but I would say that at this point that’s no longer the main concern. The amount of personal data Sony has let slip through its fingers – probably due to a massive security fail – is astronomical; PSN has about 70 million registered users.
Before the news about the stolen user information got out, I found all this remarkably amusing, and as fully deserved payback for the rootkit fiasco, DRM, GeoHot, the removal of OtherOS, and the ‘bag of hurt’ that is Blu-ray. However, now that we’re actually talking about the user information – including credit card information – of 70 million people being stolen, it’s no longer amusing, but a downright disaster. I’m hoping law enforcement will track down and find the people responsible.
Still, something good might come out of this: it might lead to more awareness, both publicly and politically, of the dangers posed by handing over all your personal information to large companies. Hopefully, it will also be another nail in the coffin of the credit card, an inherently insecure and ridiculous concept that needs to die. People should learn to spend the money they have, not the money they may have.
However, won’t most websites not offer this option ? Frequently, means of payments other than Paypal, temporary debit card accounts, and the classic ones (paycheck, wire transfer) have this problem…
like sony management and their security-experts?
I realize this is mostly humor, but I do feel humor has a basis to it. The basis here is wrong. This is like telling a rape victim they have committed a crime because they placed themselves in too vulnerable of a position.
For once and… naw, it never ends. Anyhoo, the folks who stole the data committed the crime. They need to be apprehended and punished.
Sony is LIABLE (a civil matter) for any improper handling of the data, especially if they did not use proper encryption, etc. Do not confuse these issues.
OK, it was just a joke and it was funny…Next!
I don’t think you realize the second part of your argument (the liability) makes your initial equivalence a false one.
Not really, The second item, civil liability, is unrelated to the first, legal liability. What happens in the analogy breaks down. Legally, both those who are raped and those who have data stolen are innocent.
In regard to civil liability, the analogy no longer holds. Business do have a responsibility to secure data, and can be sued for not using sufficient safeguards. In the situation of rape, there is no civil liabilty. However, in the past, the fact that a victim was in a bar, wearing a short skirt, etc, WAS often used against a defendant, hopefully we are beyond those days.
Analogies only go so far.
I bet the DCUO and FFXIV customer service people really love Sony right now.
FFXIV isn’t out for the PS3 yet… ?
No its not, and DCUO is so buggy (and short) that I doubt most DCUO players mind (I know I dont).
Why would that even be possible? Can somebody explain how Sony sucked this bad.
My bad it was slashdot that said they think it was a console hack that exposed some sort of developer access.
Edited 2011-04-26 23:35 UTC
Excessive faith in DRM schemes bundled into game consoles to keep their own network safe, probably.
I assume they same, they were so trustful of their own console lockin, that they probably were sloppy on the server. I would not even be sure if a hacked PS3 was involved in the hack because every network sniffer could get the addresses and the encrypted data. So I would be careful to blame the PS3 hacks here.
Either way Sony omitted the golden rule of never trust the client here. On the other hand if the passwords and credit card data were really stored in clear text than they have a huge bigger problem also from a legal point of view.
Edited 2011-04-27 07:48 UTC
I still do not understand how a mean of payment as unsecure as a credit card can be so widespread. Maybe it’s time the banks figure out a mean to pay that requires something more than just what is written on the damn card.
For example in my bank, to access e-banking, I have to have : a login, a password AND a card reader.
After I have entered my login and password, the e-banking website display a number. I have to put my bank card in the card reader, type in the number given by the website and then the PIN associated with my card. The card reader will then display another number that I have to enter.
So unless somebody manages to steal my login, my password, my card and my PIN, I’m safe.
Really, if my bank can do it for e-banking, Visa and Mastercard should be able to do it.
Think about your own statement for a moment and you can discover the real answer:
Debit cards are Credit cards without the credit part; you just use whatever you need and pay instantly.
Credit cards are required to get a credit rating, gets discounts everywhere…
Seems like there is a huge amount of effort put into keeping the dead horse alive.
Think about it for a moment, and think whether keeping things safe is part of the bank’s job.
There’s always going to be a tradeoff between security and convenience. For example, with your system you could no longer just hand a credit card to the waiter after eating in a restaurant – you’d have to get up, go to the cashier, wait in line, type in your password, etc. And just imagine how many people would forget their passwords and be unable to pay. New technology might allow them to come around to your table with a mobile card reader, but that would take a while to become widespread.
Hello there; this is exactly how credit/debit cards work in France, the country were the smart card was invented. We even have mobile terminals everywhere that the waiter brings to you to read your card and enter your code. And nobody forgets his code, as we type it all the time. That or we are just naturally smart.
I’m always unsettled overseas when my card has just its magnetic band swiped and I just have to sign, and nobody really check the signature -which is easy to counterfeit, as it is already drawn on the back of the card. This is &*$#! dumb.
Same for the UK as well.
Cool. I agree those signatures are worthless even when they get checked, which is almost never. I suppose people probably could remember a 4 digit PIN if they used it all the time. I’m just wary of solutions like that because I know how often people forget their password where I work – they have to use it every day, it’s ridiculous how often people mess it up.
I’ve heard certain restaurants might start using tablets to show menus and let you order directly. It would be interesting to see if they could build the payment system right into that – maybe connect directly to your smartphone and link into your account through that.
It’s how everything works in The Netherlands too. You pay almost everything with your bank card and 4-digit PIN code. It’s become so entrenched in everyday life I can’t imagine living without it. Even waiters carry tiny payment terminals around now. I even use my bank card for all my online purchases, through a closed and trusted inter-bank system.
The problem with credit cards is similar to the problems with guns. I’m sure many people would be perfectly able to handle a gun responsibly, but I still believe regular folk should NOT have access to them. Credit cards are of the same nature; they pose a danger to the public, as it promotes a culture that is detrimental to the economy – both at macro and micro levels.
I don’t have a credit card, nor do I ever intend to get one. My bank card works all over the globe – even in some backwater town in Texas – and that’s all everyone really needs. People need to learn that they can’t buy that 70″ flatscreen TV until their bank account allows them to – and not a second sooner. Credit cards have brought many a decent household down to the ground, and it needs to stop.
Edited 2011-04-27 09:04 UTC
Although my understanding is that chip and PIN has some nasty security risks of its own due to design flaws…
Debit cards in the US require a PIN, but credit cards require a signature (for transactions over $25, and with exceptions for gas stations and online transactions).
As for guns, here in the US, the idea was for people to have the tools necessary to fight a government if need be, and treating the risk of irresponsible use as acceptable.
Unless someone gets AND your PIN AND your card AND you somehow fail to tell your bank… Then yes, then it’s insecure.
The problem is, every time you use your card in a shop, this is exactly the details you’re handing over (card AND pin AND agreement you’re not going to tell your bank). In theory you’re handing it over to the bank (since the terminal belongs to them), but in practice there’s no real way to know you’re not handing it directly to the retailer.
The same is true online. It’s crazy that you hand over all of the details needed to make a transaction (and unlimited future transactions) to a non-trusted retailer.
The process ought to be the other way around. When you want to make a purchase you should instruct your bank to transfer the money, rather than instruct the retailer to collect the money. Now that we all have mobile phones (our own trusted terminal) and practically instant communications, there shouldn’t be any reason why it doesn’t work this way, except bad habits.
[Edited to fix quoting]
Edited 2011-04-27 13:07 UTC
Well, if that is the argument for allowing guns in the public, most US Citizens lost their right to a gun when they let the second Bush administration run the country into the ground.
But then, most people in democracies get the government they deserve, and who am I to complain (living in Austria with a government as bad as the Bush administration but luckily not the power to do as much damage – which means we have to eat our own shit).
Unfortunately, the entire U.S. economy is founded on debt. If people every started opting out, I honestly think the whole economy here would tumble. Of course, that might not be a bad thing in the long run.
It is not really founded on debt. It is founded on monetary transfer. Its just that current economic thoughts fail to realize that debt is NOT a good thing. This is why we are in the recession that we are in, and why China will eventually take over as a larger economy. If we got our debt under control, and reduced or eliminated it, then that would not be a problem.
Economics does not require debt, just exchange of goods. Debt only comes into play when you want to play loosely with the exchange of goods such that one party may not be solvent. Eventually no one will be solvent and the system collapses under its own weight.
I’m glad to hear that! However, while the economy could theoretically go on, many large players in our current economy would go down in flames. I don’t believe that could happen without very serious consequences.
I also believe the same arguments could be used for insurance. What if hospitals, auto repair shops, morticians, etc. couldn’t count on private insurance? It would totally rearange several industries. Currently, in the U.S., people pay 5-10 thousand a year for medical insurance, and yet still have to deal with large medical costs. Something tells me that a whole lot of money is going to the wrong people. Nevertheless, a change in the arena would probably devastate a large part of our economy.
Thus, neither change is very likely to happen. The players have too much power to allow it.
Many of them deserve to. I’m not saying there won’t be consequences in change, but those consequences are probably a good thing in the end.
The only entities that benefit from insurance are insurance companies. No one else can count on receiving a dime.
On the input end (customer – e.g. you & me) they squeeze out premiums as high as they can, and then try to deliver as little as possible. This is why people end up with large medical costs, why the US has a problem with Health Care, etc.
On the output end (e.g. hospitals, doctors, dentists, auto-repair shops) they do what they can to minimize what they pay out. As exemplified by one doctor who made the news a few months ago, he stopped taking insurance and was able to cut his overhead by 60+% – overhead that went into filing, re-filing, and appealing the decisions of the insurance companies – and was able to cut the costs for his patients.
Now some insurance industries (e.g. auto insurance) are better than others (e.g. health), but they all do it.
Health insurance could be fixed rather simply – doable in under 10 pages of legislation – as I outline in my blog post (http://clocksmind.blogspot.com/2011/02/fixing-health-care.html).
It’s not to say that it won’t be disruptive, but the results would be beneficial for all involved. Perhaps too, insurance companies should be required to be non-profit entities.
I looked at your plan, and I agree it would be much better than what we currently have (with or without the Helath Care Initiative). However, it fails to deal with a fundamental problem – over-use of the health-care system. I worked for 17 years as a Respiratory Therapist. The current medical delivery system is a profit machine. Your system is actually a return to the 80’s and early 90’s, when insurance did pay what doctors/hospitals charged. The problem is this incentivises the providers of care to do more and more services, which is what happened. Much of the care delivered is useless – or of little benefit. There has to be some means of controlling this cycle. It is easy to “sanctify” the doctors, etc., but the pumping up of procedures is everywhere.
This is why I like national health care. It removes this incentive. There is a fixed pool of resources, and physicians are paid reasonable salaries, are do not generate revenue by ordering tests and procedures. Really, rationing is a necessity due to the fixed pool of resources. In the U.S., this rationing is done by the Insurance Industry (I suffer regularly at the hands of this!) – the classic coyote over-seeing the chicken coup! I would like to see the rationing done by your local physician in concert with groups like the AMA. Practically every civilized country BUT the U.S. has realized this necessity.
One thing I definitely agree with is that the current Health Care bill really does nothing. I just shifts a few more dollars around to pay for more insurance. It is definitely throwing gasoline at the fire!!
Nationalized Health Care will not change that as that is primarily a problem with bad physicians, of which there will always be.
Honestly, if you take a look at the proposed system no one would require health care; it’s just a matter of returning to whether or not you want to hedge your own bets that you will need extensive health care or just a routine check-up. That in itself will act as part of a restraint on the resources as people that don’t want to carry health care will likely be more likely to question their doctor on whether something is necessary before accepting the treatment.
The other side of the problem is the massively growing mass of hypochondriacs that push the limits on the resources as well. Of which they will also continue to do so under a nationalized system as well.
Nationalizing Health care solves nothing and only increases entitlements. Entitlements that the US cannot afford.
There is a difference between rationing and rationing pay. It is one thing for the Insurance Industry to be wary of treatments and hold the doctors to a standard of care as such. It is another to limit the cost of an approved treatment to only a fraction of the actual cost.
Standard of Care issues can be resolved through various means. Payment issues only cause the doctors to charge more in order to get enough back on the percent to make due, leading to the current problem.
Well, that’s probably about a enough OT for this thread. But I just wanted to say thank you for a thoughtful debate on the subject, without the invectives and exaggerations we see bandied about television these days. I hope one day our country can have exactly this kind of debate in the public forum. I can dream!
There ALWAYS is someone left who is solvent. It might be even one person only. And the economy is only in trouble if this person who is solvent does not buy enough goods.
Which leads us directly into the reason, why taxing the “richness” of people is good for the economy:
If no tax is put on money you are just sitting on, you are not encouraged to buy things.
But if taxes on your money (not your income!) are high, you will say: OK, I buy me a new $WHATEVER before taxes are eating up all I have. And that is good for the economy.
Which is why people have credit scores… to demonstrate that they can in fact be responsible with credit.
You keep referring to credit cards, but the same applies to any loan – you shouldn’t be able to purchase a house or car with a loan until you can demonstrate your responsibility to use it.
Sadly, the act of building one’s credit score does require that you obtain some credit in order to demonstrate your capabilities to use it responsibly first.
It’s the banks that need to be blamed – for giving credit out to individuals so willingly, knowing that they can recoup lost money easily through writeoffs, chargeoffs, bailouts, and increased interest rates for other customers.
As someone who has quite a few credit cards, excellent credit, and is financially responsible, I can safely tell you that using money you don’t actually have is a perfectly fine.
At the same time I know people who are racking up credit card bills for the sole purpose to file bankruptcy because they know the “broken banking system” will allow them to keep everything they have, and be given more credit cards within a couple years as if nothing has happened – THAT IS THE PROBLEM.
That is what we do in the UK …
However the machine is wireless so the waiter can take the chip and pin machine over to me.
“Chip and pin” is the marketing name for this in the UK. Where the waiter would come over with a card reader and passes it to you to insert card, enter pin and process payment. The vast majority of people have become use to this.
Internet purchases are getting a little more secured. There is “Verified By Visa” and “MasterCard SecureCode” where you set up a password that is used when making payments online. However not all shops implement this (for example amazon).
Both systems have their faults but in this case its not the issue.
Sony failed to secure their system.
The primary account number (PAN) should be encrypted or hashed to prevent it from being leaked if it must be stored.
That’s why I use a prepaid Visa card. Unfortunately, I’ve used this card on PSN so I’ve probably had the $300 stolen out of it. Nice one, Sony. And nice one, Thom: Passing judgement on everyone who has a “credit card” as being people who spend money they don’t have.
Indeed, that’s what I don’t understand either. Having a credit card doesn’t automatically mean you’re going to be spending more money than you actually have on your account. I too have a credit card because it’s a whole damn lot easier and more convenient to use than cash, but I have set a limit on it that I cannot draw more money with it than what I have.
So, did Thom actually have some point to make, or is he just being an ass?
I can’t speak for Thom, but there is a distinction to be made between credit cards and debit cards.
Yah mon, tru dat. I’m really effing sick atm so it’s hard to think straight. Still, I retain my opinion that having a credit card doesn’t automatically mean one is going to spend money they don’t have, and that is was an ass comment from Thom.
Reading Thom’s comment again, I think what he’s actually saying is that the “average” person is too stupid to responsibly use a credit card. And I’d agree with that. They’re just so convenient for people who are able to handle them, that I don’t really want them to just die out completely.
I use my credit card for big one-offs. I’m absolutely crap at saving money because I usually just blow it on something frivolous when I’m halfway there. I buy stuff I’d normally save for with the credit card and then I kind of have no choice but to pay for it. I don’t see it as “money I may have”, but as “money I will certainly have and just as certainly waste”.
The statement is stupid anyways. How far do you take it? Don’t get a car loan? Don’t get a mortgage? Don’t ask someone to spot you for lunch?
At some point we all use and rely on credit in one form or another.
I never carry a balance on my credit card, but won’t use debit as it typically has side effects like NOT advocating for you in case of fraudulent charges, higher liability, and removing the money from my account immediately – in which case, since I’m going to pay it off anyway, I’d rather let the card company carry the charge until then. If debit cards lowered the cost of the purchase or something, I’d be more interested.
While the credit card industry is effectively legalized loan-sharking, if you use it wisely it’s not always a bad thing – beats dealing with money orders, checks to clear, or giving out your bank routing number, etc., particularly in this day of online commerce. Of course, there are plenty of people who don’t use it wisely. :/
In many countries, the tiny plastic smart card is usually a credit card where the “credit” part really means “credit” – there are people, especially in the US, who buy everything with a credit and have zero savings (except a 401(k) for their retirement – but they can’t use it to buy stuff). It is also easier as you don’t need a permanent connection to the banking system to check at every transaction if there is money on the account.
In France and maybe other countries, we abusively also call it “credit” card while it is in fact often restricted to a specific amount loaded on the card, or the terminal even get in touch with your bank each and every time you buy something to check if you still have enough money.
Where do you see him generalizing about anyone?
Too many people are blindly blowing this out of proportion.
I have had no less than four separate companies emailing me the last month about how their servers were accessed and my stored personal information was taken. I remember a few times over the years when the “stored” cc information from physical stores was accessed and posted on the Internet.
Hackers violating the privacy of individuals is nothing new, and it wont ever go away. Sony isn’t the first to be intruded upon, and wont be the last. If you are afraid of having your information stolen, don’t provide it to any service online or in a physical store (because they store their data in networks that can be and have been hacked as well). You have options, for example, Sony provides prepaid PSN cards for those unwilling or unable to provide CC information.
Also, its worth noting that Sony said that they are unsure if cc information was taken but that it would be in your best interest (just in case) to keep an eye on your accounts to make sure. This is far from the doomsday that too many of you are spouting.
Edited 2011-04-27 00:36 UTC
I’m not sure if this foul-up is really much worse than other stories I’ve heard in this regard. On one hand, 70 million is certainly a lot of accounts, but on the other hand, how many accounts have to be compromised before it becomes a big deal? 100? 1000? 10,000? 100,000?
However, one has to wonder why Sony waited nearly a week to inform customers that their account (and possibly their CC) information had been breached. I’m pretty sure they didn’t just find out about this today …
Edited 2011-04-27 00:57 UTC
I think it’s the potential sheer scope of the breach — if it released the mass of information it looks like it did and not just a subset, it would be a treasure trove for identity thieves.
If you think that your private information is really private in the age of the Internet, you should Google a bit. There isn’t much that you cannot find out about someone from their SSN to their home address if you scour the net enough. There are so many records of everything you do, and everywhere you have been that its naive to think that your info is “secure”.
There are security breaches all the time, an while most are not as large as say the TJX data breach (45 million CC #’s stolen) or Heartland Payment Systems (130 million CC #’s stolen) or the Epsilon data breach, etc… they sure add up over time.
No one can ever prepare for every possible avenue of attack. They can only respond, and secure.
I think it should be reiterated, because everyone is taking it as gospel, that Sony has stated that its UNKNOWN if the CC info was taken. This doesn’t mean that it was, just that there is at least a possibility. Everyone needs to stop overreacting to a possibility. Btw neither my CC info, nor any friends of mine, or family, or online buddies has been used since the intrusion a week ago. Nor do I know of anyone who has had such violations. Which leads me to believe, until information shows otherwise, that the CC info was probably not taken, or if taken, was taken only to prove a point.
Sony most likely didn’t know (for sure) until now. They hired outside agencies to see what happened, how it happened, and what it means. They could probably have guessed on day one (but so could anyone) and it would have been irresponsible for them to post a guess at that point.
I completely disagree. It is a matter of responsibility. If Sony wants your personal information they better protect it as if it is worth 1 million dollar. If they can’t guarantee that they should make their system work without it.
I would love to be able to make whole identities per company that I have to use. Right now a lot of companies force me to fill in dozens of forms before I can use their services.
It does. There is no reason that you HAVE to enter CC information to access the PSN or even to make purchases. You can get preloaded PSN cards at most major department stores and game stores. The rest of the information is unimportant and you can put anything at all in there if you are not using a CC. So their system DOES work without it, quite well in fact.
No, these are not molehills. Breach of privacy information of itself a serious problem. Breach of Credit card information is a severe violation of the PCI regulations. Any company that has this problem will be heavily fined, and should be ostracised. Everyone does make mistakes but that doesn’t mean that they shouldn’t pay the appropriate penalty for making the mistakes.
Does anyone happen to know which operating system Sony uses on their servers? I’d don’t suppose Sony will be very forthcoming with details on just how their system got cracked, but for us OS security enthusiasts this is just the sort of thing we’d like to know.
I doubt it really matters for a couple reasons. The first is that no OS is 100% secure, even were an OS to be 99.9% secure, that 0.1% is still enough for a group with enough time and resources to exploit, especially when they are going after a single individual/company and can target them specifically.
That being said, its most likely their own in-house or middle-ware applications that were exploited. Which, again doesn’t make a bit of difference what OS they were on.
Whatever the answer to this question, it will just incite flames from one group or another.
Edited 2011-04-27 00:49 UTC
Well, the OS may not matter, but to defiantly say it does not matter is going too far. You simply don’t know enough about their stack to say that.
Think of a buffer overflow in a piece of middle ware. Address space randomization on the Host OS may prevent it from being reliably exploited. Proper role based authentication, may also prevent the scope of the bug form being harmful.
But yeah, it was most likely a middleware or application bug. Knowing sony, it was most likely middleware of their own creation as well.
I’d hazard a guess that they aren’t using Windows…
Thom,
I registered for OSnew just so that I could tell you that your last line is simply… stupid. You apparently have no idea that there is a whole world of people out there that actually, you know, use things responsibly. You editorialized in a situation with something completely unrelated and ruined what was a good piece.
Scott
OSNews is Thom’s blog, so… whatever.
…but, your comment does make me wonder: Is it possible to use a credit card responsibly and NOT spend money you don’t have? (which I would consider irresponsible)
The only case I can think of is for an emergency, when you don’t have the money at the moment but (hopefully) will in the near future. I wouldn’t consider the Playstation Network to be an emergency, and don’t see a reason a person would need to use a credit card on it. (as opposed to a debit card)
Even in the case of an emergency, one could argue that it would have been more responsible to have a savings for such an emergency…
Just some thoughts from someone who tries to use his money responsibly.
When you enter your “debit card” information into the PSN you are actually using the “credit card” option on your Bank Card.
That being said, saying you are being irresponsible by spending money you don’t have is idiotic. How would a typical individual buy a house? Or a car? Or pay for college? Is it irresponsible to get a loan (essentially a line of credit) to pay for a college degree?
Edited 2011-04-27 02:23 UTC
Kudos to you. This is the most sensible comment I’ve read on this topic.
This topic is about credit cards, not mortgages, auto loans, or college loans.
Sure, I do it all the time. There are legal protections you get when buying with credit cards that you don’t get with debit cards. Plus I get air miles and other benefits, I use my credit card for everything then pay it back each month.
Of course it is. I charge almost everything to a credit card, which i pay off in full every month. I do that instead of using a debit card because i get some (small) benefits in exchange, and because i know i will never spend too much. All it takes is a little self-control to know how much you make per-month versus how much you spend.
I suspect the credit card company hates having me as a customer, since i never pay them any interest.
Edited 2011-04-27 02:50 UTC
Have you heard of things like mortgages, student loans etc … according to your logic buying a house and going to university to get a degree is irresponsible.
Also if my bike breaks (which I use to commute on), and I don’t have money to fix it I can use my credit card to buy replacement part … is this also irresponsible.
Before you type next time … try engaging your brain please.
Read the OP carefully. He SPECIFICALLY talks about emergencies. However, even then I would personally be against using a credit card. If you had been responsible enough, you would’ve set aside some money SPECIFICALLY for emergencies like that. I have a stash of cash in my savings account that has been reserved for the case something happens to my car. THAT is being responsible.
I have savings as well I put away money, but I still use my Credit card because it is more convenient, then having to wait for the building society to open.
I pay very little in interest, maybe less than £10 a month.
It is like with anything … if you use it without understanding the risks and how it works, you will end up in trouble .. this is true for most things.
Stop being so narrow-minded and deliberately inflammatory.
Having and using a credit card is fine for the vast majority of people.
Edited 2011-04-27 11:58 UTC
I fail to see the benefits of a credit card over a Visa or Mastercard debit card.
I can use it everywhere with no fees and no interests, and it’s not like I will be spending more than I own anyway, which would be the only advantage of a credit card (the “credit” part, that is).
There are advantages … for example you have far better fraud protection and detection on a credit card compared to the equivalent Debit Card.
I also for example get other benefits such as Airmiles (I have a free flight to Madrid/Paris/Brussels for example), Reduction of Tickets to certain events, such a sporting events or music festivals.
I also have a better credit rating which helps me to secure other loans (such as bank loans and hire purchase) … if I need it in the future. For example I will want to get a Motorbike after I pass my license.
If you treat it as “Free” money as opposed to “Credit” you will end up in trouble.
There are pros and cons like with anything, It suits me to have one. Not everyone will want one, but saying outright that having a credit card is wrong and you deserve your details stolen is ridiculous.
Edited 2011-04-27 12:45 UTC
Who on earth said that?!
[quote]People should learn to spend the money they have, not the money they may have.[/quote]
In the previous comments and there you are effectively saying that anyone that uses a Credit Card are treating it as free money and are irresponsible and it was some sort of “lesson” to them.
Don’t play the game of “I didn’t say that” … your words imply it. If you didn’t mean it, I suggest in future you consider your words more carefully.
The fact that you read all that into that statement tells me that I hit a nerve.
Because, if this does not apply to you, if you are, as you claim, responsible, then why feel offended? If you are responsible with your credit card, why apply this statement, which is clearly geared towards those that are not responsible, to your own situation?
If someone states “gaming is dangerous because it turns people into killers”, the implied meaning is that all gamers are killers. However, because I am not a killer, I do not feel offended by this statement. Even though I game, it does not apply to me. Get it?
Edited 2011-04-27 13:16 UTC
Oh here we go …
So apparently because I think you were talking rubbish, I am also Offended because it hit a nerve. Not so.
By your logic, I shouldn’t be offended when someone is making racist comments about chinese people since I am not chinese? And I shouldn’t be offended when people make homophobic comments, because I am not gay.
My problem is the comment on the end of the article … was nothing to do with it, it was also deliberately inflammatory, and you were talking crap i.e. you were being a dick.
Get It?!
Edited 2011-04-27 13:33 UTC
Your logic btw is backwards.
Somebody is implying that you will become violent because you play games.
Therefore it does apply to you because they are saying that you will be a killer at some point in the future.
So by saying that people are irresponsible with credit cards, means that you are saying I am irresponsible … because I also have a credit card.
Edited 2011-04-27 15:17 UTC
You lack basic reading comprehension skills.
“People are irresponsible with credit cards” DOES NOT MEAN “every person with a credit card is irresponsible”. It also DOES NOT MEAN “you have a credit card, therefore you are irresponsible”. It just says that people are irresponsible with credit cards – and they are. Not everyone, and those that are not to the same degree.
This is very basic reading. I think the fact that you feel so offended by this speaks volumes of how you, especially after the recent crisis, really feel about credit cards, deep down. Rationalise it all you want, but a credit card is used by many, many people to pay for things they don’t need with money they don’t have. I am full within my right to find that a despicable and destructive behaviour.
And, as the comment two above me states, it has NOTHING to do with mortgages or university loans, which fail the “do not need” test.
Edited 2011-04-27 15:25 UTC
Firstly you are wrong it can mean that also … it is down to interpretation and how you interpret it is down to the tone.
It is ambiguous whether People means everyone or the vast majority.
http://www.thefreedictionary.com/people
There are several different meanings, some which support your intrepretation … some of them support mine, which is btw ..
Secondly, the original statement was,
If you are going to make such a statement as you did you better make sure there is no ambiguity because people will mis-interpret it .. which is what you claiming that I did (I don’t think I did, I still think you were being a dick).
The tone of what you said also implies the meaning. Apparently you lack basic writing skills, if you cannot appreciate how tone affects meaning.
Yes it does speak volumes about me … This is what it says,
“I thought you and original poster who I replied to were being dicks and I find my credit card very useful thankyou very much.”
As I said before, the problem is that it was unnessary, inflammatory and incorrect.
Most people can manage to use a Credit Card just fine and not end up in massive debt.
A credit card is like any loan, it just more short term. You get given a limit on how much you can spend, which is decided on your credit rating (how much they think you can pay back), this is exactly the same when you apply for a loan or a mortgage.
Because somepeople abuse something doesn’t mean it is fundamentally wrong. Just means that people abuse it.
It is like saying we should ban knives in kitchens because some people have used them to stab people, the vast majority of people do not go stabbing people with kitchen knives.
Not everything is based on a “need” basis … again you are showing your narrow-minded view of the world. Sometimes things just tend to be really useful and convenient.
Being the fool I am for following a thread like this to the end, I just thought that I’d add my 2 cents and assume that Thom’s sparring partner here is a fellow American, and note that here in the states we have serious psychological hangups regarding money and responsibility. Even the slightest suggestion that people may be irresponsible with their money is enough to set off a firecracker.
Maybe it comes from the way big purchases are made very early in life here. The competition in the suburbs for “who has what car” starts around 16 when people are still in middle school. Young people are expected to move out quickly after graduating high school and often they get married early. Have you seen Rachel Black’s “Friday”? That’s pretty much the American Dream in a nutshell: extreme youth combined with extreme consumption. At its best, it makes us look like Greek gods, evergreen Apollos speeding over the world; at its worst, it makes us Phaetons plummeting to reality. Not to get all Freudian, but that threat of never growing up into mature Apollo, never becoming legitimate, causes a lot of anxiety. Just look at the patronizing way our Congress talks; just look at the way Paul Ryan says that we need to “grow up” and “act like adults”, as if the country and its leaders were little kids just itching for Monday to spend their allowance at the candy store.
For the record, anyone who’s reading Thom as saying that anyone who has a credit card is irresponsible clearly hasn’t read his original post carefully enough. This was Thom’s real point:
Nowhere did he generalize about anyone. The analogy to guns was very apropos: x amount of people are qualified to use one, but world_pop – x aren’t. Disagree with him you may, but that is not the same as saying world_pop – x_who_dont_have_credit_cards = irresponsible_pop.
*Rebecca Black (http://www.google.com/url?url=