PS3 PS3 Firmware Update Incoming, Will Force PSN Users To Change Password

Discussion in 'Articles' started by x3sphere, Apr 28, 2011.

  1. x3sphere

    x3sphere Administrator Staff Member Enforcer Team

    As revealed today in an update posted on the official PS Blog, Sony plans on releasing a new PS3 firmware update soon. In addition to allowing users to connect to the rebuilt PSN infrastructure, it'll force a password change on connect. This comes in response to the recent PSN security breach, which has left a staggering 70 million+ accounts compromised.

    Here's the item in question, direct from the FAQ:
    We are working on a new system software update that will require all users to change their password once PlayStation Network is restored[...]

    Continue reading: PS3 Firmware Update Incoming, Will Force PSN Users To Change Password...
  2. Seth

    Seth MD Party Room


    Via reddit
  3. Biggy204

    Biggy204 Member

    So how secure is this supposed secure firmware $ony has in store for users?
  4. karnbmx

    karnbmx ceebs. :)

    Sony failed. Miserably.
    *FACEPALM* >
  5. El Diablo

    El Diablo Member

    I switch the S with a $ to show how greedy and money hungry of a corporation $ony is, maaaaaaaaaaaaan.
  6. karnbmx

    karnbmx ceebs. :)

    I checked their blog, and they say that all our personal data was "protected, and access was restricted both physically and through the perimeter and security of the network".
    So our personal data WAS actually encrypted, and hence, they didn't fail that badly.
  7. x3sphere

    x3sphere Administrator Staff Member Enforcer Team

    No it wasn't. Just the credit card data. Read the rest.

    "The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack."

    So whoever hacked PSN has a massive wordlist of 70+ million passwords, thanks to Sony's inability to prepare for a worst case scenario.
  8. Robby

    Robby Los Doyers!

    Seeing as they lied to us once, I wouldn't trust them. They probably don't want to cause a bigger uproar.
  9. TeamOverload

    TeamOverload Active Member

    Since they continuously can't comment on the fact of if our credit card information was taken or not, they obviously have a very poor series of protections put in place to begin with. How do you not know what was retrieved from your own servers?
  10. x3sphere

    x3sphere Administrator Staff Member Enforcer Team

    Also, even though CCs are encrypted, it doesn't mean the hacker wasn't able to obtain the real values.

    As encryption is not a one way street, there is a decrypt function located on the server since it remembers your CC for subsequent purchases. So a skilled intruder could have decrypted every CC using their server. No brute force needed.
  11. NeilR

    NeilR eXo Admin Staff Member Enforcer Team

    I very much doubt that x3. For that to be true they would have to serve as their own clearing house which is unlikely. The encrypted CC info is what is sent to clearing houses; CC numbers are supposed to be encrypted immediately upon submission and it is this encrypted value that gets sent for processing. A clearing house (payment gateway) is responsible for the public and private keys issued to each of their clients; meaning Sony would not have access to the keys. They wouldn't be in business if they didn't follow the global standards; they're subject to audits just like everyone else.
  12. JohnVani18

    JohnVani18 New Member

    Yeah!! Kick them in the nut$.. in the nut$.... in the nut$...... xD
  13. Hellcat

    Hellcat Staff Member

    That sounds like there is hope CC information is not compromised.... doesn't it?
  14. Sarcasm

    Sarcasm New Member

    Well, that's good now i'm a bit more impressed.
  15. Dan

    Dan Contributor

    Still, there's a chance the credit card data table can be decrypted, right?
  16. NeilR

    NeilR eXo Admin Staff Member Enforcer Team

    Sure there's a chance but it isn't simple. It would be far easier for someone to try and manipulate the system by sending requests using the encrypted info directly to a payment gateway but that would also require knowledge of all kinds of other things.

    Personally, I'm more concerned about the obvious potential for identify theft rather than the legitimate card I've used with PSN.
  17. Dan

    Dan Contributor

  18. iamjoeyb

    iamjoeyb New Member

    Smoke and mirrors! They are blowing this up so when we all get back on our systems and there is a charge to use the network we convince ourselves its for safety so its ok to pay. Sony is not dumb, they pay for the best of the best in all fields, marketing included. So i am guessing the price will be something like $29.99 to $49.99 and they will make back all there money they lost and some. 70million users times 20 bucks hahahah yeah. around of applause for the genius marketeer behind this one. Let us know how big your bonus is. Thumbs down!!!!
  19. Abe Froeman

    Abe Froeman Gamer Dad Staff Member Enforcer Team

    I'm so confident that won't happen, I'd eat my own shit if it does.
  20. Josey Wales

    Josey Wales Evil Poptart

    Im on Sony's side just to see this happen

Share This Page