PS3 PS3 Firmware Update Incoming, Will Force PSN Users To Change Password

Discussion in 'Articles' started by x3sphere, Apr 28, 2011.

  1. x3sphere

    x3sphere Administrator Staff Member

    Joined:
    May 17, 2006
    Messages:
    14,667
    Likes Received:
    125
    Last played:
    Velocity 2X on
    [​IMG]
    As revealed today in an update posted on the official PS Blog, Sony plans on releasing a new PS3 firmware update soon. In addition to allowing users to connect to the rebuilt PSN infrastructure, it'll force a password change on connect. This comes in response to the recent PSN security breach, which has left a staggering 70 million+ accounts compromised.

    Here's the item in question, direct from the FAQ:
    We are working on a new system software update that will require all users to change their password once PlayStation Network is restored[...]

    Continue reading: PS3 Firmware Update Incoming, Will Force PSN Users To Change Password...
     
  2. Seth

    Seth MD Party Room

    Joined:
    Oct 17, 2008
    Messages:
    2,859
    Likes Received:
    1
    Last played:
    Velocity 2X on
    [​IMG]

    Via reddit
     
  3. Biggy204

    Biggy204 Member

    Joined:
    Jan 28, 2011
    Messages:
    36
    Likes Received:
    0
    So how secure is this supposed secure firmware $ony has in store for users?
     
  4. karnbmx

    karnbmx ceebs. :)

    Joined:
    May 20, 2009
    Messages:
    116
    Likes Received:
    0
    Sony failed. Miserably.
    *FACEPALM* >
     
  5. El Diablo

    El Diablo Member

    Joined:
    Apr 11, 2009
    Messages:
    966
    Likes Received:
    3
    I switch the S with a $ to show how greedy and money hungry of a corporation $ony is, maaaaaaaaaaaaan.
     
  6. karnbmx

    karnbmx ceebs. :)

    Joined:
    May 20, 2009
    Messages:
    116
    Likes Received:
    0
    Ummm...
    I checked their blog, and they say that all our personal data was "protected, and access was restricted both physically and through the perimeter and security of the network".
    So our personal data WAS actually encrypted, and hence, they didn't fail that badly.
     
  7. x3sphere

    x3sphere Administrator Staff Member

    Joined:
    May 17, 2006
    Messages:
    14,667
    Likes Received:
    125
    Last played:
    Velocity 2X on
    No it wasn't. Just the credit card data. Read the rest.

    "The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack."

    So whoever hacked PSN has a massive wordlist of 70+ million passwords, thanks to Sony's inability to prepare for a worst case scenario.
     
  8. Robby

    Robby Los Doyers!

    Joined:
    Apr 24, 2010
    Messages:
    1,949
    Likes Received:
    3
    Last played:
    Call of Duty: Black Ops II on Xbox 360
    Seeing as they lied to us once, I wouldn't trust them. They probably don't want to cause a bigger uproar.
     
  9. TeamOverload

    TeamOverload Active Member

    Joined:
    Feb 22, 2009
    Messages:
    1,037
    Likes Received:
    0
    Since they continuously can't comment on the fact of if our credit card information was taken or not, they obviously have a very poor series of protections put in place to begin with. How do you not know what was retrieved from your own servers?
     
  10. x3sphere

    x3sphere Administrator Staff Member

    Joined:
    May 17, 2006
    Messages:
    14,667
    Likes Received:
    125
    Last played:
    Velocity 2X on
    Also, even though CCs are encrypted, it doesn't mean the hacker wasn't able to obtain the real values.

    As encryption is not a one way street, there is a decrypt function located on the server since it remembers your CC for subsequent purchases. So a skilled intruder could have decrypted every CC using their server. No brute force needed.
     
  11. NeilR

    NeilR eXo Admin Staff Member

    Joined:
    Oct 14, 2008
    Messages:
    1,359
    Likes Received:
    4
    Last played:
    PixelJunk Shooter 2 on PS3
    I very much doubt that x3. For that to be true they would have to serve as their own clearing house which is unlikely. The encrypted CC info is what is sent to clearing houses; CC numbers are supposed to be encrypted immediately upon submission and it is this encrypted value that gets sent for processing. A clearing house (payment gateway) is responsible for the public and private keys issued to each of their clients; meaning Sony would not have access to the keys. They wouldn't be in business if they didn't follow the global standards; they're subject to audits just like everyone else.
     
  12. JohnVani18

    JohnVani18 New Member

    Joined:
    Apr 7, 2011
    Messages:
    23
    Likes Received:
    0
    Last played:
    Dead Nation on PS3
    Yeah!! Kick them in the nut$.. in the nut$.... in the nut$...... xD
     
  13. Hellcat

    Hellcat Staff Member

    Joined:
    Feb 6, 2008
    Messages:
    1,715
    Likes Received:
    6
    That sounds like there is hope CC information is not compromised.... doesn't it?
     
  14. Sarcasm

    Sarcasm New Member

    Joined:
    Apr 25, 2011
    Messages:
    14
    Likes Received:
    0
    Well, that's good now i'm a bit more impressed.
     
  15. Dan

    Dan Contributor

    Joined:
    Jan 13, 2010
    Messages:
    2,022
    Likes Received:
    9
    Still, there's a chance the credit card data table can be decrypted, right?
     
  16. NeilR

    NeilR eXo Admin Staff Member

    Joined:
    Oct 14, 2008
    Messages:
    1,359
    Likes Received:
    4
    Last played:
    PixelJunk Shooter 2 on PS3
    Sure there's a chance but it isn't simple. It would be far easier for someone to try and manipulate the system by sending requests using the encrypted info directly to a payment gateway but that would also require knowledge of all kinds of other things.

    Personally, I'm more concerned about the obvious potential for identify theft rather than the legitimate card I've used with PSN.
     
  17. Dan

    Dan Contributor

    Joined:
    Jan 13, 2010
    Messages:
    2,022
    Likes Received:
    9
  18. iamjoeyb

    iamjoeyb New Member

    Joined:
    Apr 30, 2011
    Messages:
    1
    Likes Received:
    0
    Smoke and mirrors! They are blowing this up so when we all get back on our systems and there is a charge to use the network we convince ourselves its for safety so its ok to pay. Sony is not dumb, they pay for the best of the best in all fields, marketing included. So i am guessing the price will be something like $29.99 to $49.99 and they will make back all there money they lost and some. 70million users times 20 bucks hahahah yeah. around of applause for the genius marketeer behind this one. Let us know how big your bonus is. Thumbs down!!!!
     
  19. Abe Froeman

    Abe Froeman Gamer Dad Staff Member

    Joined:
    Mar 31, 2009
    Messages:
    5,396
    Likes Received:
    25
    Last played:
    Destiny on Xbox One
    I'm so confident that won't happen, I'd eat my own shit if it does.
     
  20. Josey Wales

    Josey Wales Evil Poptart

    Joined:
    Jan 11, 2010
    Messages:
    859
    Likes Received:
    5
    Im on Sony's side just to see this happen
     

Share This Page