[marshray]

Right, so what changed in mid-April then to prompt Sony to pull their own plug?

All I can figure is either Sony saw evidence that someone was sniffing their decrypted SSL traffic, or Sony is exaggerating a little (or passive-aggressively erring on the side of it) to bring the heat of financial crimes down on the console/PSN hackers. The latter seems like a reeely expensive and painful way to combat a few console hackers.

I glanced at some PSN domains and noticed that their certs were fairly old and not revoked, and they were being served by some kind of 3rd party DDoS mitigation service. They're likely using some form of SSL offload hardware, which might provide more opportunity for the unencrypted (now plain HTTP) traffic to pass in view of a compromised node.