Last week's Congressional inquiry and resulting letter response was part of a hearing on the threat of data theft organized by the House Subcommittee on Commerce, Manufacturing, and Trade. During the hearings, security expert Dr. Eugene Spafford testified that Sony's security was obsolete and lacked a firewall, a quote widely reported and discussed on Weekend Confirmed. Now a new report from Bitmob claims that Spafford's testimony was entirely speculative.
In a written statement that accompanied his testimony, Spafford noted that he was passing along unconfirmed information:
I have no information about what protections they had in place, although some news reports indicate that Sony was running software that was badly out of date and had been warned about that risk.
Meanwhile, Bitmob users are offering conflicting accounts on Sony's Apache servers. The report's writer points to a Beyond3D forums user, who claims that a Google webcache shows Sony running current version 2.2.17 as of March 23, 2011. Others in the comments counter that only some of Sony's servers were up to date, while others were running version 2.2.11.