Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Astral]

Welcome back! We were down for a month, here's some free goodies in the hopes you'll forget all about that whole "losing your credit card and user information" business. It'll be just like old times!

Painfully transparent, but it'll probably work on the people with no compulsion (or ability) to buy another game system. And they're still having problems with their networks.

In regards to

There is no motivation for serious hackers to break a console just to pirate games. You have no idea the hardware that you have to purchase and physical labor you have to do to even begin calling yourself a ps3(or any hardware) hacker.

This is about as true as it gets. When Sony (or anyone, really) locks down something, it's just like putting a big "come at me bro" sign on your forehead: people who are smarter or more capable are going to take the challenge and trash you for it. Security is a cat and mouse game, but the mouse only needs to win once, then he's got a foothold and a bunch of friends ready to use it. All it takes is time.

[dogstile]

And round... what is it, round 4? 5?

http://www.escapistmagazine.com/news/view/110269-Sony-Servers-Infiltrated-Abroad-Twice

[Sinned]

...and now Sony BMG (greece) gets hacked. Username's & passwords.

http://nakedsecurity.sophos.com/2011/05/22/sony-bmg-greece-the-latest-hacked-sony-site/

SQL Injections even, that's not really reassuring. Then again, this (probably) has nothing to do with SOE network, its still very painfull they get hacked so soon after the SOE incident.

[alway]

Lol, 2 more hacks in as many days. One by LulzSec, one as of yet unknown.
http://geeks.thedailywh.at/2011/05/24/sony-music-hack-of-the-day-2/
http://geeks.thedailywh.at/2011/05/25/sony-ericsson-hack-of-the-day/
This puts it up to 8 or 9 now.

[Rakonas]

My god, I just realized this means my station access was refilled.
I've got 45 days of pretty much every game.

[olemars]

What the hell do I use PSN+ for anyway?

[alway]

http://geeks.thedailywh.at/2011/06/02/sony-hack-of-the-day-2/
Sony hacked again by LulzSec.

Sony Hack of the Day: With Sony’s PlayStation Network fully restored for less than a day, hackers at Lulz Security say they’ve compromised PSN again.

While they were at it, they also hit Sony Pictures and Sony BMG, scoring a treasure trove of unencrypted usernames and passwords, as well as millions of coupons and music codes.

[Rumrusher]

when nintendo got hacked all was done was Wii brew.
when Xbox 360 got hacked all that lead was online multiplayer hackers getting banned and flagged.
ps3 had to brag and be large baby and try to start a war against hackers.
why didn't they just tackle the online players and let the homebrew make games for them, no other developer doing so. they got no games.

[lordcooper]

when nintendo got hacked all was done was Wii brew.
when Xbox 360 got hacked all that lead was online multiplayer hackers getting banned and flagged.
ps3 had to brag and be large baby and try to start a war against hackers.
why didn't they just tackle the online players and let the homebrew make games for them, no other developer doing so. they got no games.

Coherent.

[SeaBee]

If what LulzSec is saying is true (and it probably is), I can't understand why Sony doesn't bother to encrypt user data. Is it for internal convenience? Or just negligence?

I wouldn't care so much if it weren't for Sony being so DRM-heavy. I remember the root kits.

[G-Flex]

If what LulzSec is saying is true (and it probably is), I can't understand why Sony doesn't bother to encrypt user data. Is it for internal convenience? Or just negligence?

Storing passwords themselves instead of their hashes seems like a terrible idea to begin with when you're such a high-profile target.

However, we all should consider this: Is Sony's security really that bad, or have they just become a popular target after the first hack? Can we really be sure that anyone else's security is better?

[YouR_DooM]

However, we all should consider this: Is Sony's security really that bad, or have they just become a popular target after the first hack? Can we really be sure that anyone else's security is better?

In the last weeks, there have been attacks on Pokertablerating, Cardrunners, Best Buy, Chase, the US Dept. of Mass Commerce and tons more. And these are just the names that I remember.

PSN makes such a fuss because it has 70.000.000 accounts...

[Soulwynd]

Storing passwords themselves instead of their hashes seems like a terrible idea to begin with when you're such a high-profile target.

That doesn't really matter. If you get to the password and know what type of hash is being used, it's easy to reveng a string to generate the same hash and match the password. It's a problem with these lazy days of webservice and integration.

[Virex]

I can see a way to make some bucks out of this. Just threaten Sony that you'll tell everyone you've hacked them unless they give you enough money. Because right now, who's going to believe Sony in claiming they have not been hacked?

Storing passwords themselves instead of their hashes seems like a terrible idea to begin with when you're such a high-profile target.

That doesn't really matter. If you get to the password and know what type of hash is being used, it's easy to reveng a string to generate the same hash and match the password. It's a problem with these lazy days of webservice and integration.

Besides, this was likely an inside job because the hackers had to know something about the new PSN security model to hack it in less then a day. If you've got a mole, getting the hash is trivial.

[Soulwynd]

Nono, there was one that was a simple SQL injection any non-hacker douche can do.

It's really bad.