Sony's PlayStation Network has been down for a week as the company scrambled to deal with what it now admits was a massive security breach:

We are currently working to send a similar message to the one below via email to all of our registered account holders regarding a compromise of personal information as a result of an illegal intrusion on our systems. These malicious actions have also had an impact on your ability to enjoy the services provided by PlayStation Network and Qriocity including online gaming and online access to music, movies, sports and TV shows.

The company says it expects to restore some service within a week, and that it's working with a security firm to plug the holes that allowed the breach. Sony also says it's been "rebuilding" its system to "enhance security and strengthen our network infrastructure."

Sony has come under criticism for both the breach and its handling of the situation. Ars Technica writes:

In other words, Sony's security has failed in a spectacular fashion, and we're just now finding out about it. In both practical and PR terms, this is a worst-case scenario.

It's clear that Sony's misfortune (and that of its customers) illustrates the importance of good security practices. But it also illustrates the way that gaming has changed in recent years. In many cases, not being able to play a game online downright hobbles the gaming experience. Wired writes:

The outage has played havoc with the launches of key online games, most notably Portal 2. The fantastic puzzle game, released Tuesday, allows PlayStation 3 players to team up with users of Valve's Steam platform on PC and Mac.

Unfortunately, the cross-platform play was only possible for one day. Once PSN went down, no one could play together — nor could they unlock the free Steam version of Portal 2 that was included with the PlayStation 3 version.

Running a (Windows-based) computer without antivirus is asking for trouble, and an e-mail system without a spam filter is unusable. How long before it's impractical to use Facebook without a dedicated app to protect you from spammers and scammers? It's a question raised in my mind by the debut of what appears to be the first security app for Facebook. You install BitDefender's safego, which is currently in beta, just as you would a game like FarmVille or any other of the many apps out there. Rather than letting you throw sheep at your friends, though, it scans your wall, inbox and any comments on your profile for malicious links that might lead to sites that try to install malware or hijack your account details. It also checks your privacy settings and offers reminders and tips on how much you are sharing and how to change those settings.

The privacy meter above is just one of the app's features, grabbed from my brief trial of the app before writing this post. See the app for yourself here and for an example of what it looks like when an attack is spotted see this screengrab. I must be lucky enough to have trustworthy friends because no bad links were detected when I tried it; but nor did I receive any warnings on privacy when I briefly made all my information fully public.

All this is made possible by the APIs that Facebook that lets developers build on top of the platform. But Facebook doesn't yet allow everything that such software really needs. An app can't, for example, automatically flag up suspicious links for you when you're browsing another person's wall. The only thing it could do is post a comment on a suspicious link, a feature BitDefender plans to add. "That's not ideal," Catilin Cosoi, head of BitDefender's threats lab, told me last week as work continued to finish the app, "but that does mean that other users who don't have the app can see the warning too."

Whether apps like safego are necessary yet is debatable. There is evidence that those spreading spam through Facebook are becoming more organized but it is not an everyday occurrence. It's clear, though, that the number of attacks will only increase, and the fact that other popular platforms like email have proven hard to defend doesn't bode well.

I doubt Facebook will welcome apps like safego though. Its very existence detracts from the feeling of safety the site elicits with its real-life friendship-centric feel. Why would you need such an app if Facebook were safe? It could lead some users to think Facebook isn't up to the task of protecting its users.

A screenshot shows a Diaspora user's homepage. Credit: Diaspora

A privacy-focused rival to Facebook, called Diaspora, released its project code last week, providing a glimpse of how it will look and function. The site closely resembles Facebook, but there's a key difference: users store and control all their own data.

Diaspora operates as a decentralized network. This means that users' data--photos, friend lists, statuses, etc.--are hosted on their own computers, or on servers they have access to, which are called "seeds". Diaspora lets users connect directly to other "seeds," and choose what data they want to share, and with whom, to build their social network. Data transferred over Diaspora will be encrypted (except for photos, for now).

The project was launched in April by four NYU students who obtained around $200,000 in funding in June via the fundraising program Kickstarter.

Diaspora may just be a welcome alternative to Facebook for many people. This year Facebook made a succession of a backlash from users.

But first Diaspora will need to address some of the security flaws hackers have found in the system. The alpha release is slated for October, and is expected to include Facebook integration, allowing unhappy users to easily jump ship.