PS3 News: Rumor: PSN Shut Down Due To Rebug Custom Firmware - PS3 News

Members Login: Register | Why sign up? | Forgot Password?

Rumor: PSN Shut Down Due To Rebug Custom Firmware

Maybe Sony hasn't confirmed all the reasons why the PlayStation Network is down.

We've known for some time that, officially, it was due to an "external intrusion," but something else has come to light: according to PSX-Scene moderator chesh420, Sony shut down the PSN due to a custom firmware called Rebug. Basically, this allowed users to simulate a PS3 debug unit (something we and other sources have to play betas and certain games early); with a few proxy-server changes, Rebug lets a retail PS3 mimic a debug PS3. So, when the hacker inputs false credit card numbers, Sony doesn't check them because they assume developers or journalists are logged in. So yeah, they can then get the PSN stuff for free and that's a definite problem. Of course, all of this is speculation - as admitted by chesh420 - and Sony hasn't said anything about Rebug being the cause of the PSN downtime.

Whatever the reason, it'll be interesting to hear Sony's detailed explanation on the entire issue...provided they ever provide one.

Tags: psn, psn outage, playstation network, sony

4/25/2011 6:48:48 PM Ben Dutka

Put this on your webpage or blog:
Email this to a friend
Follow PSX Extreme on Twitter

Share on Twitter Share on Facebook Share on Google Share on MySpace Share on Delicious Share on Digg Share on Google Buzz Share via E-Mail Share via Tumblr Share via Posterous

Comments (115 posts)

Ignitus
Monday, April 25, 2011 @ 7:04:14 PM
Reply

I wonder how SONY feels about online distribution now.

Agree with this comment 9 up, 1 down Disagree with this comment

The Doom
Monday, April 25, 2011 @ 9:07:41 PM

Aksys games LOVES doing digital downloads; maybe this will convince them that it isn't always the way to go. A hardcopy of Arcana Heart 3 would be sweet

Agree with this comment 2 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 2:00:19 AM

I believe the real question should be "I wonder how Sony feel about their security now". This rebug feature sounds like a really sloppy solution to me.

Agree with this comment 3 up, 2 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 2:41:58 AM

Oh c'mon thumbers, Sony can make errors too.
Just read the link above, on how this rebug works and some of the comments regarding this.
Basically Sony created a network that were built around trusting the users. To quote one of the posts: "You do not trust users!" And that is like rule numero uno: You *never* build a service around such a principle. Anyone who has ever been anywhere near administrating or maintaining a network know this! And here we got a world wide company with millions of users basing their security more or less on trusting their users??? Insanity.
The more I get to know about this case the more obvious it gets to me: If what we now read turns out to be the truth then Sony can *so* thank themselves for being in this situation.

Last edited by Beamboom on 4/26/2011 2:43:24 AM

Agree with this comment 3 up, 1 down Disagree with this comment

Alienange
Monday, April 25, 2011 @ 7:11:25 PM
Reply

Anyone have an ode to PSN? I miss it dearly.

Agree with this comment 4 up, 1 down Disagree with this comment

ElJefeDiablo
Monday, April 25, 2011 @ 7:21:11 PM

Oh PSN it feels like sin
Not to have you yet again
By light of day you are gone
By dark of night you have fled
I am forsaken, left, alone
A thousand pints I have bled
A thousand lives lived in my head
A million tears shed in vain
Not to have you yet again


Last edited by ElJefeDiablo on 4/25/2011 7:25:43 PM

Agree with this comment 10 up, 1 down Disagree with this comment

Excelsior1
Tuesday, April 26, 2011 @ 5:35:43 AM

oh psn we are approaching day six
could you please tell us the nature of the fix
days have went by in vain
some might even start to complain
no matter the cost
we would like to know what's been lost
and what will be done to keep this from happening again

@eljefe

your ode is a lot better than mine. great job.

Last edited by Excelsior1 on 4/26/2011 5:40:45 AM

Agree with this comment 5 up, 0 down Disagree with this comment

ElJefeDiablo
Tuesday, April 26, 2011 @ 10:06:07 AM

Thanks man. Sometimes the words just flow.

This situation really isn’t a huge deal to me. Of course I am curious to see how it all turns out and exactly why it happened in the first place.

I have a good buddy, with a very addictive personality, who is going through withdrawal because he can’t play multiplayer CrapOps. I have to bust on him because he doesn’t commit to playing any cool SP games. I have lent him titles such as Infamous, Dead Space and GOW III, yet he lacks the skill, patience and determination to even finish these titles on easy. I believe a lot of casual gamers have these issues. Thus the massive trend towards multiplayer cotton candy titles. I tend to deny people who send friend requests, after realizing that they only play the multiplayer portion of a game. Why order a 4 course meal when you only eat the dessert? ROOkies!

Agree with this comment 0 up, 0 down Disagree with this comment

SmokeyPSD
Monday, April 25, 2011 @ 7:17:35 PM
Reply

Sounds plausible though in the end sony would've lost a lot of money taking it down on this specific period. I have a hard time believing a manufactured attack for that reason.

Agree with this comment 0 up, 0 down Disagree with this comment

LittleBigMidget
Monday, April 25, 2011 @ 7:23:12 PM
Reply

Sh** just got real.

Last edited by Ben Dutka PSXE on 4/25/2011 8:44:50 PM

Agree with this comment 3 up, 0 down Disagree with this comment

Jawknee
Monday, April 25, 2011 @ 7:23:38 PM
Reply

If true can't this be traced back to Geohot's release of key information and instructions on how to build custom firmware?

Agree with this comment 5 up, 0 down Disagree with this comment

Highlander
Monday, April 25, 2011 @ 10:03:17 PM

It can be traced back to GeoHot, the PS Jailbreak guys, Fail0verflow, GeoHot again, Graf Chokolo and a host of others involved in breaking the encryption and chain of trust in the PS3s security system and then creating modified firmware that bypasses the security. Every one of the is responsible in part for this, although I doubt any of them had this intent with their work (except for Chokolo maybe, he's off his rocker). But, they facilitated this hack with their work. Anonymous has some of the fault here too because their actions have made it fashionable among certain groups to attack Sony again. All in all, a very small number of people have caused huge damage to Sony and their customers. Sadly very few, if any, of them will ever be brought to justice for it.

Agree with this comment 2 up, 0 down Disagree with this comment

Jawknee
Monday, April 25, 2011 @ 10:54:03 PM

Sony should have made more of an example of Geohot by asking for nothing less than some jail time.

Agree with this comment 1 up, 1 down Disagree with this comment

Highlander
Tuesday, April 26, 2011 @ 9:10:02 AM

Jawknee,

I'm not so sure of that. Under the current laws, Sony was correct to open a civil case against GeoHot because his actions definitely fell under the DMCA and other copyright/computer mis-use laws. But I don't believe he did anything that falls within the criminal law. As much as Sony has been vilified, all they have done is protect their platform, and right now, it looks like they were right to try to protect their platform.

If the laws change then future actions by GeoHot or his like may land them jail time, but for now the civil law is the appropriate venue. One thing I wish the folks behind all of this would recognize is that very rule of law. It provides remedies for both sides, you just have to find the right way to approach matters.

Agree with this comment 1 up, 1 down Disagree with this comment

Danny007
Monday, April 25, 2011 @ 7:29:59 PM
Reply

Can we really trust chesh420?

Did you notice the last numbers?

Agree with this comment 4 up, 2 down Disagree with this comment

thj_1980
Monday, April 25, 2011 @ 7:57:20 PM

HAHHAHAAHAHAHAHHAAHAHAHAHAHAHAHAHAHAHAHAHA

Sorry but I had to get that out.

Agree with this comment 4 up, 0 down Disagree with this comment

Cpt_Geez
Monday, April 25, 2011 @ 10:46:20 PM

Lmao

Agree with this comment 3 up, 0 down Disagree with this comment

WolfCrimson
Tuesday, April 26, 2011 @ 11:27:13 AM

I don't get it.

Agree with this comment 0 up, 1 down Disagree with this comment

dkmrules
Monday, April 25, 2011 @ 7:31:14 PM
Reply

As long as the anonymous cowpatties dont steal my credit card info I'll be fine.

Agree with this comment 5 up, 0 down Disagree with this comment

Bloodysilence19
Monday, April 25, 2011 @ 7:42:15 PM
Reply

g4 aot pointed this out today isn't weird the psn went down on 420. anyoo what chelsea420 said that could be the problem who knows. so many rumors flying around the net that nobody knows whats really going on. you got rumors such as ms did it, or anon did, to steam cause the outage, to coffee being spilled on the servers. im sure by tonight though sony will gives us a update on whats going on or tomorrow.

Last edited by Bloodysilence19 on 4/25/2011 7:52:18 PM

Agree with this comment 1 up, 0 down Disagree with this comment

jimmyhandsome
Monday, April 25, 2011 @ 7:52:35 PM
Reply

This is starting to get a little ridiculous with Sony's PR department. I'm with you Ben, that they need to be more upfront with its customers and say SOMETHING. Their "updates" on the PS Blog aren't updates at all....in fact they flat out tell you nothing about what is going on or when it'll be resolved.

And this isn't me whining about not being able to play online. I've been a-ok with the PSN being down (and would be if it were down for a longer amount of time), but this is more about the principal of the matter. Will it take a week to fix? 2 weeks? a month? Fine, just say that. Tell us if our information has been compromised. You aren't 100% sure? Say that. At this point I think I'll be flat out pissed if Sony doesn't provide an explanation once this is all over. I don't like to be taken for a ride, especially by a company that already has hundreds (close to thousands) of my money already. Sony needs to stop treating its customers like 5 year olds who still believe in Santa.

/rant

Agree with this comment 9 up, 3 down Disagree with this comment

Highlander
Monday, April 25, 2011 @ 9:58:16 PM

Oh?

What more do you think that they can say other than - We were attacked. We stopped the attack by turning off PSN. We're rebuilding PSN to ensure the network is clean and secure again. We are investigating the intrusion to determine whether customer data was accessed.

That's pretty much what they've said, and that's pretty much all you could expect at this point. What do you want, a timeline for each server? If they are still investigating to determine whether customer information was accessed, they have to complete that work before saying anything.

Agree with this comment 4 up, 4 down Disagree with this comment

Jawknee
Monday, April 25, 2011 @ 10:52:19 PM

Yea Jimmy, I know this sucks but I think you're being completely unfair to Sony. Highlander is 100% correct.

Agree with this comment 3 up, 4 down Disagree with this comment

jimmyhandsome
Tuesday, April 26, 2011 @ 8:33:01 AM

No, I don't want a detailed timeline of when each individual server is up and running. What I want is a clear and concise explanation once this is all over, because thus far their "updates" are laughable. If you go on the PS blog, they first report on the 20th and 21st that they're aware that the PSN is down and are investigating the causes of it and it could take a day or two to fix. Ok sounds good. Then on the 22nd they say it was the result of an external intrusion and that THEY turned off the servers on the evening of the 20th. So which is it? Did these hackers distrupt the servers on the 20th, or did something happen before then and you just decided to turn them off yourselves? I feel like they thought they could fix it quicker than they could so they just shut down their servers and played dumb by saying they're "investigating" whats going on. Then when they realize they couldn't fix the problem without completely rebuilding their system they decide to tell us that. Also, not one single solitary apology in any of their "updates".

This may not offend some people, but like I said it really chaps my ass when I'm basically lied to by a company that I've been very good to. I don't feel like I'm being "unfair" to Sony, as a paying customer that has supported them through the years I have the right to feel offended. And I understand that this whole incident isn't Sony's fault, and I'm not blaming them for the PSN being down. But their PR/Marketing department thus far hasn't handled the situation well at all. This is just my opinion of course, I know others could care less what they update on the PS Blog. I'm not about to start a "I hate Sony" campaign, either. I'd like to think that they work this all out in the end. This incident isn't going to make me up and sell my PS3 or even not buy games, I still have inFamous 2, Twisted Metal and Uncharted 3 all preordered at Amazon.

Agree with this comment 5 up, 1 down Disagree with this comment

slugga_status
Tuesday, April 26, 2011 @ 9:16:08 AM

Gotta agree with Jimmy here. Sony should have explained the issue clearly so that the customers know and understand what is happening. Yes they gave us updates in the blogs but they really didn't say much of anything that wasn't apparently obvious.

Sony could have handled the situation differently and it will get under peoples skin. Personally I feel they're just beating around the bush about the true problem but it is what it is.

Pointless to get mad/angry/upset over something we can't control..but I can understand the feeling of dishonesty

Last edited by slugga_status on 4/26/2011 9:16:37 AM

Agree with this comment 4 up, 0 down Disagree with this comment

thj_1980
Monday, April 25, 2011 @ 8:00:49 PM
Reply

Usually when stuff like this happens, you know shit is going down. It's another big business corperate over up. It could be a employee gone rouge, or just hackers found a flaw in their security system that enables people's information to be seen by others. You never know, even though we would consider it to be a rebuild of the network I'm sure it would be done by now. 5 days and nothing just useless posts by playstation blog and other stuff. Estimates of times by other sources isn't the best way to go about this now. I'de say sony should spill the beans and tell us what is really going on.

Just saying.

Agree with this comment 3 up, 0 down Disagree with this comment

Clamedeus
Monday, April 25, 2011 @ 8:42:01 PM

Why they won't is beyond me, I'm sure it would add a bit of relief to people who are concerned about it.

Agree with this comment 3 up, 0 down Disagree with this comment

Excelsior1
Monday, April 25, 2011 @ 8:13:10 PM
Reply

sony needs to give an update that has some real info to stop all this rampant speculation. an eta as to when services are restored would go a long way as well. they need to just get on top of this and control the message.

we are 6 days into this outage, and still know nothing. i've noticed even the diehard sony loyalists are getting fed up with this situation. that's just poor crisis management on sony's part.

Agree with this comment 4 up, 3 down Disagree with this comment

thj_1980
Monday, April 25, 2011 @ 9:10:46 PM

not six days yet, we are only at 5 technically 4. Most people knew about this around the 21st and it started around the 20th.

Agree with this comment 2 up, 0 down Disagree with this comment

tornado03
Monday, April 25, 2011 @ 8:18:54 PM
Reply

Yeah this is getting pretty weird. There must be a great big fish that there trying to clean and if it's foul play from hackers, Ms, who ever. There not gonna fry that bad boy until the grease is hot. They have something and there being very careful with it somebody's going down!

Agree with this comment 3 up, 0 down Disagree with this comment

Superman915
Monday, April 25, 2011 @ 8:19:22 PM
Reply

couldn't that have been traced though? was complete shutdown of the 'SN necessary

Last edited by Superman915 on 4/25/2011 8:19:44 PM

Agree with this comment 2 up, 0 down Disagree with this comment

Clamedeus
Monday, April 25, 2011 @ 8:37:54 PM

It might be a possibility to trace it, but i have no idea on how that stuff works.

Agree with this comment 0 up, 0 down Disagree with this comment

BikerSaint
Monday, April 25, 2011 @ 8:43:00 PM
Reply

I've been reading numerous articles today & IMO, the most plausible one is that Sony's tracing back into everything to see how far in the hacker(s) got,& how widespread the damages are within plus whether they got any or all of the sensitive credit card, addresses & any other pertinent customer info. BTW, I read one commenter stated that he was alerted that someone had used his card info to make a $250 purchase 4 states away, and he said he only used his card 1 time in the last 6 month & it was only on the PSN 2 weeks ago.

But I'm not sure I believe that poster seeing how he's the only single solitary person I've come across so far to report a Sony/CC fraud issue, so he could very well be lying as a paid M$ astro-turfer trying to take advantage of Sony's bad situation

I also read that Sony is backtracking every single step to see if any virus, worms, or backdoor programs, etc, etc, were installed, so that when they re-build the PSN & other related sites, they aren't being piggybacked onto the improved site.

So that means every server worldwide, plus they'll have to get all their 2nd & 3rd party business partner's sites worldwide checked too somehow.

So this is a major big-time deal, so I wouldn't expect Sony's sites up too soon with all this work they've now got to do.

I sent Ben some stuff, so I'm sure he'll incorporate some of that into any update thread

Agree with this comment 5 up, 0 down Disagree with this comment

Mog
Monday, April 25, 2011 @ 9:05:02 PM

I never use a credit card anyway. Never could completely trust anyone with that number. And besides, why use a credit card when you can just buy a playstation network card?

Agree with this comment 2 up, 0 down Disagree with this comment

thj_1980
Monday, April 25, 2011 @ 9:12:06 PM

Well I've had not problems with credit cards except for the one time, I purchased something on accident because I clicked buy now, damn sony for nto asking you to confirm when you click that. Now when I make purchases I always have password at check out.

Agree with this comment 0 up, 0 down Disagree with this comment

shadowscorpio
Monday, April 25, 2011 @ 9:51:37 PM

Yeah, that would actually make perfect sense if its true. I would just hope that Sony could understand that we can take this type of information.

Anyone that has a PSN account most likely has credit card/check card info with Sony so this issue is just as much inportant to us as it is to Sony.

Agree with this comment 2 up, 0 down Disagree with this comment

Highlander
Monday, April 25, 2011 @ 9:53:26 PM

The Dev PSN may not connect directly to the live PSN that customers use. However it seems that at least one admin account on the dev PSN was compromised. At least that's what I've been able to gather today.

Sony is rebuilding PSN from the ground up. It's a scorched earth policy where the software is rebuilt and reconfigured completely from scratch to avoid any problems with software left behind. Then they put the data back from backups, and roll the transaction logs forward to bring PSN back to a 'live' state. But before they put that data back, you can be sure that every administrative account will be reviewed, passwords changed. I would not be surprised if they change the encryption keys on their internal data encryption as well as improving whatever security checks and protocols exist. I'd also bet a large sum of money that they beef up the audit logging of all the servers to log every in and out of the network.

@ShadowScorpio,
Just about anything Sony says about Credit Card information before it actually knows for sure is likely to be counter-productive and lead to more speculation. They need to be sure before they say anything.

Last edited by Highlander on 4/25/2011 9:55:32 PM

Agree with this comment 3 up, 0 down Disagree with this comment

BikerSaint
Monday, April 25, 2011 @ 10:07:21 PM

Thanks Highlander, I was hoping you'd chime in with all the tech-stuff side of it.

Always informative!!!


Now for the other commenter's, I don't have any credit cards, but what I'll do when I need to buy something at a on-line store, is to purchase a $500 pre-paid Mastercard/Visa cardm use it up within 2 weeks, & toss it once I've zeroed it out.

Agree with this comment 1 up, 0 down Disagree with this comment

Clamedeus
Tuesday, April 26, 2011 @ 5:46:28 AM

Do any of you know where you can get a card that's like a prepaid card, but it's rechargeable that doesn't have fee's like a credit card but it acts like both a real one and a prepaid one and you can add funds to it?

I also don't use a credit card on PSN, I strictly use prepaid cards.

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, April 26, 2011 @ 10:23:32 AM

What I do is I have a separate account for online purchases. It's the only one linked to PSN or other online payment services and it has no over-draft facility, so no transaction beyond what's in the account will be processed. Every month some pocket money get's transferred into the account, so the worst that can happen is that the money left in that account goes missing. My actual current (checking) account remains untouched. It was easier to do this than use a pre-paid card of some kind, although that's a good option too.

Agree with this comment 0 up, 0 down Disagree with this comment

Clamedeus
Tuesday, April 26, 2011 @ 10:49:21 AM

@Highlander

Ah. I heard of this a while back, it acts as a credit card and a prepaid card but you can add more funds into it without any fee and such, I'll have to look around to see on what else is involved with it.

Agree with this comment 0 up, 0 down Disagree with this comment

BikerSaint
Tuesday, April 26, 2011 @ 6:03:14 PM

Clamedeus,

Not sure where you're located but in the states, most banks & credit unions, most check cashing stores, & all the Wawa convenience stores carry those pre=paid cards. Matter of fact, Wawa also carries most store brand gift cards too, including PSN cards too

WARNING:

The biggest thing you have to make sure to watch out is all the fine print of what they're to be charging you for them, because the fees can be anywhere from $2.50 to $10 for the card.

Plus some places deduct fees from your card if you don't use it up by whatever the amount of time was stated on your contract(usually 12 months).

Another thing, some places only allow you to make up your to a certain max(from $100 & up to $500)& they increase your fee the higher you make your card out for.

I get all my cards at my local credit union, where they charge me the cheapest fee, only $2.50 for a $500 card. Wawa is $6.95 but I'm not sure what their card max is, or their fine print.
My local check-cashing place charges the most, at $10 & is rechargeable but I believe they also have numerous extra, and completely, unwarranted restrictions with a separate fee on each one.

Last edited by BikerSaint on 4/26/2011 6:05:04 PM

Agree with this comment 0 up, 0 down Disagree with this comment

mexgeo86
Monday, April 25, 2011 @ 8:46:09 PM
Reply

I'd rather they take their time tightening security since I wouldn't want my personal and credit card information to be stolen. People shouldn't be complaining too much as it is a free service (except PSN+ subscribers).

Agree with this comment 4 up, 0 down Disagree with this comment

DjEezzy
Monday, April 25, 2011 @ 8:52:32 PM
Reply

Why everytime 420 or some kind of reference towards Mary Jane, people automatically discount what they say. I know a lot of really smart and successful people who smoke weed. Just saying...

Agree with this comment 4 up, 0 down Disagree with this comment

slugga_status
Tuesday, April 26, 2011 @ 9:38:46 AM

Co-sign

Agree with this comment 1 up, 0 down Disagree with this comment

Underdog15
Tuesday, April 26, 2011 @ 10:19:26 AM

It's because of the image weed has. When people get into it too much, they're typically pretty lethargic people.

I mean, to illustrate, I know alot of very successful people who drink alcohol. Obviously, in moderation, it poses no threat to a person's health, success, or image. Yet, if a successful person had a tag of "Smirnoff" or any other alcohol reference, they would likely be assumed as less than they are.

Especially when you consider the fact that anyone who thinks to make week or alcohol a part of their online identity, likely makes that substance a priority in their life as well. So it's a safe assumption.

Let's just say you wouldn't want to put chesh420@whatever as your email address on a resume.

Agree with this comment 4 up, 2 down Disagree with this comment

Underdog15
Tuesday, April 26, 2011 @ 6:06:32 PM

Thought I edited that.... huh...
Yeah..... "week" = weed. Bad typo.

Also, lol @ the downvoters.

Agree with this comment 0 up, 1 down Disagree with this comment

skyplaya
Monday, April 25, 2011 @ 9:00:26 PM
Reply

I remember having the message "Error: Cannot add funds to your wallet". That was on wednesday night before i got kicked out of psn.

Agree with this comment 0 up, 0 down Disagree with this comment

zork
Monday, April 25, 2011 @ 9:16:30 PM
Reply

All this speculation is making me dizzy, i feel like it's an endless round of Call of Duty.

Agree with this comment 1 up, 0 down Disagree with this comment

Dreno
Monday, April 25, 2011 @ 9:37:57 PM
Reply

Welll, whatever the reason for psn being down, I'm just glad to hear that sony is on it like a fresh tattoo on skin. Although I really do wish they were more upfront and are more so in the. Future if anything like this happens again.

On a side note though... psn still being down STILL doesn't bother me.

I just picked up heavy rain today! So I'm very sure that will keep me occupodo for awhile. So I'm stoked about the game.

Still sorry for the psn needing gamers though. Hope you guys get the psn back soon. But stop whining about it. Sony is re-building it for everyones personal protection.

I don't mean to sound rude, but c'mon. Sony has your best interest at heart.

Fo sho.

Agree with this comment 3 up, 0 down Disagree with this comment

Jawknee
Monday, April 25, 2011 @ 9:45:47 PM

Indeed. The whining is getting old.

Agree with this comment 5 up, 1 down Disagree with this comment

LittleBigMidget
Monday, April 25, 2011 @ 10:31:12 PM

No, you can't tell them that. Just because you're happy with half of the package doesn't everyone else should be. You also have to remember that their are people like me who have subscriptions to games like DCUO and Free Realms, and this subscription money is being wasted thanks to this downtime. People have the right to "whine" and complain about this.

Agree with this comment 2 up, 0 down Disagree with this comment

Jawknee
Monday, April 25, 2011 @ 10:46:29 PM

And I am almost certain Sony will find a way to compensate people like you. The whining isn't going to make PSN return any faster. Why cry over spilled milk?

Agree with this comment 5 up, 1 down Disagree with this comment

BikerSaint
Monday, April 25, 2011 @ 11:07:55 PM

For those who want Sony to spill all the beans, remember one thing...


"A great General will never telegraph his battle strategy knowing his enemy would intercept"

Agree with this comment 2 up, 0 down Disagree with this comment

Jawknee
Monday, April 25, 2011 @ 9:39:45 PM
Reply

I know you all want more updates from Sony but isn't it entirely plausible that they don't have anymore updates? That they still aren't entirely sure how much damage was done? Patience is a virtue people.

Agree with this comment 7 up, 4 down Disagree with this comment

maxpontiac
Tuesday, April 26, 2011 @ 10:16:01 AM

Your comment makes a lot of sense brother. To bad the microwave mentality that is present today won't understand that.

Agree with this comment 1 up, 0 down Disagree with this comment

acdramon
Monday, April 25, 2011 @ 9:44:17 PM
Reply

The worst part of this whole ordeal is all my xbox friends narking on me and trying to convert me. A system is a system. They all have flaws and for that reason the xbox people are wrong for teasing PSNers. Infact, back in 08 Live was down for 2 weeks for a lot of the users. Not trying to sound like a fanboy but when one band of gamers mess with another band of gamers, its almost like we are in a gang you kno? (P.S: One game store has a sign up to turn in your ps3 and trade it for the 360 because of the outage, http://i52.tinypic.com/30wmu8m.jpg
the nerve of some people :/)

Agree with this comment 0 up, 0 down Disagree with this comment

Jawknee
Monday, April 25, 2011 @ 10:14:43 PM

No you're absolutely right. I think it just shows the lack of maturity on their part.

Agree with this comment 3 up, 1 down Disagree with this comment

Highlander
Monday, April 25, 2011 @ 10:35:30 PM

You could remind them that XBL - a paid service - endured a two week long outage about two years or so ago....

Agree with this comment 4 up, 3 down Disagree with this comment

main_event05
Tuesday, April 26, 2011 @ 2:26:28 AM

I'd sooner trade my PS3 for a pet rock. At least you know from the start that you'll be getting a brick.

Agree with this comment 7 up, 0 down Disagree with this comment

BikerSaint
Monday, April 25, 2011 @ 9:54:43 PM
Reply

Oh, I just thought of something that maybe very important here.......

This whole Sony fiasco could very well be tied in to that major "email database breach" hack against the "Epsilon Company" that was discovered 3 weeks ago.

FYI, Epsilon is a major business vendor to a slew of well known brand-name companies, and they do "ALL" of the email marketing services & communications for those companies.

I know for a fact that Verizon(USA) & Abe-Books(Canada) uses them just because I have accounts with both companies & I wound up receiving warning letters from both company's that I happened to one of those 4+ million customer accounts who had our email info breached.
And if I remember correctly, I believe that Barnes & Noble, Best Buy & a slew of other company's databases were all compromised in that Epsilon hack too.

Epsilon stated that only their email database was hacked & nothing more, but how do we know it didn't get hacked even deeper, or that Epsilon didn't also include all the other pertinent account info on their email database pages too????

Now, I don't know if Sony also uses Epsilon, but if so, this could very well be at least one reason for Sony shutting down, just so they can further investigate how deep into the PSN accounts it went, if they were breached too.

And come to think about it, even though I've been doing numerous virus, spyware, & malware scans, since the Epsilon hacking episode, and nothing's shown up, I've recently been hearing my hard drive start up by itself & running sporadically ever since. And every time it does, either my computer bogs down & freezes up or Netflix interrupts my movie while downgrading my signal bars to almost nothing, till my HD stops making it's sounds. And I never had those problems before this April.

Soooo I'd advise everyone to "Watch your accounts and your Netflix movie signal bars, & listen for your H'D coming on by itself, or any other strange sh*t going" that only started happening since the beginning of April. before the Epsilon was first discovered


FYI, I'm including both warning letters from Verizon & Abe-books below.

***********
Dear Verizon Customer,

We have been informed by Epsilon, a provider of Verizon's email marketing services, that your email address was exposed due to unauthorized access to its systems. Verizon uses Epsilon to send marketing communications on our behalf.

Epsilon has assured us that the information exposed was limited to email addresses, and that no other information about you or your account was exposed.

As always, you should be cautious when opening email links or attachments from unknown or suspicious parties, or emails purporting to be from Verizon and asking for financial or account password information. It is our policy to never ask for this information in emails. If you receive such emails, do not reply to them. You can report suspect or unwanted emails to Verizon at abuse@verizon.net and can obtain more information on how to protect against spam and phishing attacks on Verizon's Privacy Policy page by clicking on "Tips for Guarding Your Information" located at the top right hand corner of the page. Our privacy policy can be found at Verizon.com/privacy.

We regret any inconvenience this may cause you. Please be assured that we take the privacy of your information very seriously.

Sincerely,

Verizon

****************

Epsilon Informs AbeBooks of E-mail Database Breach

We have been informed by Epsilon, a third-party vendor we use to send e-mails, that an unauthorized person outside their company accessed files that included e-mail addresses of some AbeBooks customers. Epsilon has advised us that the files that were accessed did not include any customer information other than email addresses.

As a reminder, AbeBooks will never ask customers for personal or account information in an e-mail. Please exercise caution if you get any emails that ask for personal information or direct you to a site where you are asked to provide personal information.

AbeBooks Newsletter. Copyright © 2011 AbeBooks Inc. Suite 500 - 655 Tyee Road, Victoria, BC, V9A 6X5, Canada. All rights reserved.



Agree with this comment 0 up, 1 down Disagree with this comment

mid10smaradoarg
Tuesday, April 26, 2011 @ 1:06:18 AM

biker read this it may help you

http://www.techmonkeys.co.uk/Thread-suspected-virus

SCROLL DOWN

Agree with this comment 0 up, 0 down Disagree with this comment

Russell Burrows
Monday, April 25, 2011 @ 10:35:34 PM
Reply

Sony looking for the hackers:

Sick Puppies - You're going down from their album Tri Polar

http://www.youtube.com/watch?v=O0M5D5OA-d4

Agree with this comment 1 up, 1 down Disagree with this comment

BikerSaint
Tuesday, April 26, 2011 @ 12:30:23 AM

I love that song.

And "Lil Demon Dog" says he's "paws-up" for all SickPuppies!

Agree with this comment 0 up, 1 down Disagree with this comment

Russell Burrows
Monday, April 25, 2011 @ 10:46:56 PM
Reply

@BikerSaint

I use Ubuntu on all my laptops, servers and netbooks since I said finito!! to any Windows Operating systems or software due to malware, viruses and crapware/spyware.

Why Ubuntu?
Its free, low RAM usage, far faster than Windows, safer since its virus free, customizable to the max.

Oh and for those windows programs that I run like winrar, Mkv2vob, Office, etc. I use WINE on my Ubuntu machines.

Its very fun to see folks reaction to windows programs running on Linux:

But, but, but those are Windows programs! on Linux???

I tell them its Wine, just drag the windows .exe program into a wine window and press install and from there the windows program thinks its running on windows when in reality its running on Linux faster, better, cheaper, SAFER and more stable than any Microsoft product.

LOL!

Agree with this comment 0 up, 0 down Disagree with this comment

BikerSaint
Monday, April 25, 2011 @ 11:40:30 PM

Russell Burrows,
Well, for me, I don't have a single tech-savvy bone in my body, so I'll eff' up almost anything I attempt.

I was having a lot of problems with my browser, so the Verizon call center remote-switched me over to Mozilla's Firefox last year & I had no problems afterwards till right at the time my Email info was hacked at Epsilon.

Oh, and another damned symptoms I've developed at the very same time is that I keep getting tons of this new pop-up that says "Your Virtual Memory is too low"(whatever that means?), whether I have something open or not.
And another symptom I'm now getting a lot since the Epsilon breach too, is that when I try to open my first site, I'm now getting another pop-up, & this one says "Mozilla is already running, please close that tab before continuing".
WTF, I have no tabs, or anything else open for that matter. And once this pop-up starts showing, then I have to shut my computer down & restart it to get it to stop it.

And like I said before, I've been constantly running these 4 anti bullsh*t programs in the hopes of catching whatever has gone wrong, AVG anti-Virus, Ad-Aware anti-spyware, Spyware Blaster, & Malware Byte's.
But they keep coming up empty.

Maybe Highlander can give me some insight as to whether he thinks all these recent symptoms are leaning towards being email breach related, or just more towards "ghost in the machine"

Agree with this comment 1 up, 2 down Disagree with this comment

ZettaiSeigi
Monday, April 25, 2011 @ 10:52:03 PM
Reply

This is exactly why CFW has no place in consoles. Whatever honest intentions they are intended for, there's always someone who would use that to cheat. Always!! Now we run into cheaters in online matches and, if proven true, people are trying to steal stuff from the PSN. Who suffers in the end? Everyone!!

Damn, I really wish I could go all Kratos on those idiots that are trying to hack the PSN. They say they have the consumers' rights in mind? I'd say that's a load of bollocks!!!

Agree with this comment 8 up, 0 down Disagree with this comment

Highlander
Monday, April 25, 2011 @ 11:52:31 PM

Indeed! 110% agreed.

Agree with this comment 3 up, 0 down Disagree with this comment

Excelsior1
Monday, April 25, 2011 @ 11:56:41 PM
Reply

anybody that complains about this outage is whining? that's just ridiculous. people have the right to be upset and many are. i don't care if another network was down in 2008. that had no impact on me but i assure if it did i'd been right there whining about that too.

Last edited by Excelsior1 on 4/25/2011 11:59:36 PM

Agree with this comment 2 up, 4 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 2:06:06 AM

I agree with you. They do have a reason to complain. Of course they do.

We all love Sony, we are on their team, sort of. But this whole issue gets uglier every day. We can be Sony supporters and still be unsatisfied with the current situation. That is possible.

Last edited by Beamboom on 4/26/2011 2:08:39 AM

Agree with this comment 3 up, 2 down Disagree with this comment

Jawknee
Tuesday, April 26, 2011 @ 2:59:35 AM

Yes. It's whining. Especially when it's done every single freaking day. What's done is done. All the bickering, complaining and whining isn't going to make PSN return any faster.

Agree with this comment 4 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 3:18:49 AM

I hear you Jawk, and I partially agree. however, part of the problem here is that as days go by and new info emerges, new *reasons* for complaining appear too.

In the beginning of this whole psn network being down I was pretty much fine with it all, thinking that this could happen to anyone and that the downtime was fully understandable. It was an estimated downtime of about 2-3 days.

But as it turns out, it was not a question of 2-3 days. And the hack was not just an attack knocking down the network, something was leeched from it too. And now this info about rebug and how it worked. And it all has evolved from just being an attack that perhaps could be avoided, to something much more serious that *should* be avoided.

It will not make psn return faster, no. But I believe their paying customers have every reason to voice their concern.

Last edited by Beamboom on 4/26/2011 3:20:40 AM

Agree with this comment 1 up, 0 down Disagree with this comment

Jawknee
Tuesday, April 26, 2011 @ 3:55:52 AM

I agree. Though it's the predictable complaining coming from the same broken records that's getting really old. People have every right to be concerned, worried, annoyed, etc. But they really need to just man up and deal with it. This affects all of us and some are acting like it's the end of the world. It's embarrassing to witness in some cases. It only video games. People are getting mowed down in Syria while ungrateful westerners are whining about PSN. People need perspective and to realise their lucky to even have a free network to play games on.

Agree with this comment 2 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 4:19:25 AM

*buzzz* - it's not free - there's no such thing as a free lunch :)

But sure, it's all about perspective, that's stating the obvious. However it is allowed to both be concerned about international politics and at the same time feel a bit grumpy for STILL not being able to coop Portal2. And I am. Cause I received that game in the post today. It's right here, in front of me, in all it's glory. Quite possibly the coop highlight of the YEAR.
And what do I do??? Spam PSXE with posts instead! Something that in turn should make you all grumpy too! :D


Last edited by Beamboom on 4/26/2011 4:38:43 AM

Agree with this comment 2 up, 0 down Disagree with this comment

Clamedeus
Tuesday, April 26, 2011 @ 8:36:02 AM

No free lunch? I can get free lunches. :P

Agree with this comment 0 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 9:14:36 AM

Where? Can I get some, too? :)

Agree with this comment 0 up, 0 down Disagree with this comment

Clamedeus
Tuesday, April 26, 2011 @ 10:01:39 AM

Someone my mom knows, he works at a place that sells meats. He also makes sandwiches for free once in awhile. I don't know if he's still in business anymore though. This was somewhere in Attleboro.

Edit: there was also a deli where i live that also did that, but the economy got rough and he lost his business.

Last edited by Clamedeus on 4/26/2011 10:04:35 AM

Agree with this comment 0 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 10:48:23 AM

I guess they learnt it the hard way then. :)

There are freebies out there, but the intentions are never just to hand out freebies. Most of them has a goal of making you a regular customer.

Agree with this comment 0 up, 0 down Disagree with this comment

Clamedeus
Tuesday, April 26, 2011 @ 10:50:56 AM

He worked with my dad, so he gives us free stuff, not just because we are customers as you put it though.

Agree with this comment 0 up, 0 down Disagree with this comment

Jawknee
Tuesday, April 26, 2011 @ 12:44:29 PM

It is free. I could buy an Xbox for $300, then a game to play online for $60, then I have to pay another $60 for LIVE just to play that game online. With a PS3 I just buy the PS3 and the game and I get to play online for free.

Agree with this comment 1 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 3:20:13 PM

Im turning annoyingly pedantic on you now Jawk but bear with me please: The psn is founded by Sony through the licencing of the games, each time we buy a game for the ps3 there is some cash in the pocket to Sony. Part of that is spent to keep psn running. We can not access psn without buying Sonys hardware and Sonys (licenced) games.
So to say this is a "free" service is wrong. It's just paid for through other means.

Agree with this comment 0 up, 0 down Disagree with this comment

Gabriel013
Tuesday, April 26, 2011 @ 1:06:31 AM
Reply

My main issue is not being able to sync trophies so if my PS3 cooks itself again, I'll lose the last week of progress.

At least I can still play my dlc and other PSN items I've bought.

I can see how Plus account owners might be a bit peeved as their paying for a service they don't have access too.

Agree with this comment 2 up, 0 down Disagree with this comment

Russell Burrows
Tuesday, April 26, 2011 @ 1:40:21 AM
Reply

@BikerSaint

I started using Ubuntu when I purchased a brand new Toshiba laptop in 2008 and after trying Vista for twenty minutes I said F!!! no! and so I said well XP ran ok but the computer shop wanted the equivalent of seventy dollars to install XP.

I used Google and after haveing it search for "alternatives to vista" I found the Ubuntu download page.

I went hmmm and then I said well Ubuntu is free and I am going to delete Vista anyway so for kicks lets try Ubuntu??

I downloaded the Ubuntu .iso and burned it to a CD and tried it with out installing and I had fun customizing my desktop to the point where I said eh?? lets try and see how a full Ubuntu install works since I was still thinking of paying the computer shop for an XP install.



I was amazed at all the fun options I had and had plenty of LOLs! when folks were visiting and they said dude how are you editing H264 video content on only 3 gigs on your Toshiba laptop?

I said well system OS is only using 235 MB of RAM so that leaves me plenty of cpu juice for video edits.


Its refreshing to be free of the need to run/update daily anti virus scans/etc.

I recommend Linux Mint since its close to how windows works only Linux Mint is simpler, faster, lighter on system resources.

You can try a dualboot system with Linux Mint on a USB thumb drive

One of my laptops that I have at my business gives me LOLs as I see customers trying to use a USB to transfer programs from their usb onto my laptop without my permission.

They try right clicking and nothing since in Ubuntu its system>administration>disk utility to mount a USB drive for security reasons.

With Ubuntu I have a single folder icon(i.e. Joy> subfolders movies/music/music videos/ebooks/vacation videos/business videos) on my desktop since I like things in order and my upper and lower panel bars are customized to full integration with my desktop wallpaper.

I.e I used to use google to find cool wallpapers for my desktop until I discovered its real easy to start playing a movie, hit pause, select take snapshot and save and presto! I just created a cool HD 1080p wallpaper.

And I sometimes further customize by creating wallpapers with moving visual elements.

Eh what can I say since I LOL every single time when someone tries to sell me an ""antivirus"" and I tell them I have the best and i.e. the sales folk at Best Buy say huh? Kaspersky, Norton or Avast still do not get every virus so you ""need"" our pc protection plan.

I say nope!! Ubuntu is the best antivirus there is!

Then the folks at Best Buy say yeah but,but thats Linux and we sell Windows stuff and then they look at me like a dog that just had its favorite bone stolen.

I love clueless sales ""help"".

Agree with this comment 0 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 2:02:25 AM

Ah - another Linux user! Love your post, fun to see how you were introduced to Linux. And yeah, Linux is an OS to fall in love with. An amazing os.

Plus, as time goes by you'll get to know your PC and how it really works to a *much* higher degree than through regular use of Windows. And when you get to that level you can start tweaking your system and do some really wonderful stuff.


Last edited by Beamboom on 4/26/2011 2:05:02 AM

Agree with this comment 1 up, 2 down Disagree with this comment

Excelsior1
Tuesday, April 26, 2011 @ 1:57:55 AM
Reply

as the days go buy i'm more convinced sony could be doing a better job. also if this is a custom firmware exploit that falls on sony for screwing up the encryption on their service keys thus allowing this to happen in the first place. that blunder basically handed over the keys to ps3 to begin with. sony has known the hackers had those keys and the ability to put the ps3 in debug mode for months.

Agree with this comment 2 up, 4 down Disagree with this comment

Jawknee
Tuesday, April 26, 2011 @ 2:57:47 AM

Ugh..................

Agree with this comment 2 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 4:39:26 AM

You're sweet when you are grumpy, Jawk. Like a kitten. :)

Last edited by Beamboom on 4/26/2011 4:39:49 AM

Agree with this comment 1 up, 0 down Disagree with this comment

Jawknee
Tuesday, April 26, 2011 @ 12:45:19 PM

Reading the same whiny comments from the same broken records tends to do that. ;)

Agree with this comment 3 up, 0 down Disagree with this comment

Qubex
Tuesday, April 26, 2011 @ 2:04:17 AM
Reply

I have seen the Rebug CFW in action on YouTube. Have to say it is incredible the options the developers have; your PS3 really is unrestricted. Sad to see it used in this way though :(

Sony will get things right, it is just taking time and lots of money to do it.

Just a quick note Highlander - if you are reading this comment. I was reading an interest article on Bloomberg today about comparative profit erosion they clocked in this year compared to last year - understandable of course. But was interesting in the same article was the comments about Apple's big big push into the gaming space.

They see a gap and they see they can commoditise gaming at a lower price point even further. You may remember how I was predicting this more than 2 years ago when we were initially discussing it. I think you yourself must be rather surprised at how quickly the gaming landscape has changed and continues changing rapidly.

Within the same article, Nintendo's head actually states this as a real threat down the road, and how they have to work harder today than ever before to get people to buy full priced games, especially beyond the hardcore. Let's not forget Android and the fact there will be more Android devices sold by the end of 2011 than iOS devices. Gaming on both OS's will be quite big in casual terms anyways.

Here is another, and probably quite an obvious prediction. Watch, in the not too distant future... enters an Android powered console with its whole game/app ecosystem to boot.

This will put further pressure on the likes of Sony and Microsoft; and of course, Nintendo for that matter - as the article admits.

Will be a very interesting time now - by 2014 I wonder who will be out on top?

Any further thoughts?

Q!

"play.experience.enjoy"

Agree with this comment 0 up, 0 down Disagree with this comment

Qubex
Tuesday, April 26, 2011 @ 3:58:55 AM

Ops - "I was reading an interest article on Bloomberg today about comparative profit erosion they clocked in this year compared to last year" - "they" meaning "Nintendo" in this case...

Q!

"play.experience.enjoy"

Agree with this comment 0 up, 0 down Disagree with this comment

Excelsior1
Tuesday, April 26, 2011 @ 4:10:46 AM

exactly, that crap has been on youtube for months. i really hope this rumour is false, and the hackers used something far more exotic than a hacked ps3 in debug mode. sony had a secure system for years until they blew the encryption on those service keys. a simple google or youtube search basically could tell sony exactly how the system was being exploited.

i agree with a lot of what BEAMBOOM said. we can still be sony fans and be upset with the current situation. i also agree with his sentiments that this is looking more and more like something that could have been avoided.

Last edited by Excelsior1 on 4/26/2011 4:29:33 AM

Agree with this comment 1 up, 1 down Disagree with this comment

Highlander
Tuesday, April 26, 2011 @ 9:24:55 AM

I'm reading Qubex. I remember the discussion. I still don't see apple moving into the mainstream gaming space. iOS devices are part of the casual mobile gamin space for suer. But as you point out, Android is fast outselling them, and Android is shortly to have PlayStation Suite - which takes PlayStation beyond Sony hardware and into the cross-platform realm on mobiles. So I see Sony responding to the potential threat from Apple by expanding their gaming brand into that same space as iOS. Nintendo seems to be content to push out an updated DS with a 3D feature. I'm not sure that will really do it much good in the casual mobile gaming arena. I'm not saying that Sony's response will necessarily work, or that it's all they need to do, but between the Xperia Play and PlayStation Suite for Android, Sony has surprised me with their response. I never thought I'd see them take the PlayStation cross platform.

I don't think that an Android console is a threat to mainstream consoles until the average price per game sold on Android platforms reaches the kind of price point that can finance truly AAA titles. One thing that we might want to watch out for though, is in fact Sony and their next console. The NGP will be PlayStation Suite compatible, so in a sense that is already a flavor of what you are suggesting. However, a future PS4 would be more than powerful enough to run Android inside a virtual machine. Now, there are clearly security implications to it, just as there were with OtherOS and I still don't think we'll ever see anything like OtherOS from Sony again. However, running Android in a completely virtual environment would certainly allow a future PS4 to keep up with the Jones' should an Android console ever materialize.

Definitely interesting things to come, but with Sony and MS apparently waiting for 2014, we can't really rule anything out as far as either of them are concerned. As much as I respect what Nintendo accomplished with the Wii (huge cash mountain). The Wii2 or HD Wii, is I think too little too late, and when Sony and MS come back to the market in 2014, we may see Nintendo in real trouble outside it's own ecosystem.

I don't see Apple being a long term player outside of the casual/mobile gaming space because they are already faltering in their handling of their app stores on iOS devices, and although Apple makes a lot of money selling very well designed, but average hardware at inflated prices; they don't make high end gaming hardware, nor do they make high end games.

@Excelsior,

The encryption key issue in the PS3 firmware had existed since day 1. That was not a new bug introduced later on. They didn't suddenly blow it on the encryption keys. It was a piece of code that was believed to have been thoroughly tested and approved, so no one was looking. The fact is that it took nearly 4 years for that to be found and exploited. The horrible truth is that without the PS Jailbreak USB keys that were essentially cloned copies of an authentic service key obtained somehow from within Sony, the encryption keys were unlikely to have been compromised - even now. The Jailbreak software that accompanied the service token was made possible by the work of other hackers such as GeoHot compromising the Hypervisor and analyzing the firmware. It's a chain of events that required each link in the chain to happen.

Rebug was a nuisance to Sony before, but the hacking of Admin account(s) created a crisis, and Sony responded. Personally, if I was sony, I'd have dealt with rebug long ago. Perhaps they were in the long term, but this happened before they could execute their plan? I don't think we'll ever know for sure. I am pretty sure that they won't tolerate that kind of thing again though.

Last edited by Highlander on 4/26/2011 9:32:38 AM

Agree with this comment 1 up, 0 down Disagree with this comment

gray_eagle
Tuesday, April 26, 2011 @ 2:38:03 AM
Reply

my ps3 is almost dead :(
i'd like to sync my trophies before it does dies and i have to send it away for service.
until than, i'll continue playing the one game that still works on my ps3, RDR.
than i'll fire up my sbox360 :p

Agree with this comment 0 up, 2 down Disagree with this comment

BikerSaint
Tuesday, April 26, 2011 @ 6:33:16 PM

gray_eagle,

Just be glad you don't live in the US & ship it through our US Postal Service.

Unfortunately, I did so with my sweet phat60 princess to get her blinking red light repaired a few weeks ago, but one of their Post Office package-handling gorilla's smashed it beyond any repair before it even got to the shop.

I should be getting it back sometime this week so I can start my $500 insurance claim against them for a new 60 gig refurb

Last edited by BikerSaint on 4/26/2011 6:37:31 PM

Agree with this comment 0 up, 0 down Disagree with this comment

___________
Tuesday, April 26, 2011 @ 2:49:14 AM
Reply

ahhhhh yous do realize this has been out for months right?
if it is why the PSNs down, then why leave them rabid having months of fun before cutting the cord?
if someone breaks in and is eating your candy you kick them out now, not in 2 weeks time once all your candys gone!

Agree with this comment 1 up, 2 down Disagree with this comment

Highlander
Tuesday, April 26, 2011 @ 9:12:27 AM

It wasn't simply the use of rebug to fake debug units. Someone broke into at least one admin account on the Dev PSN, that is what triggered this, not simply the use of Rebug. Sony was prepared to tolerate that as long as it was simply petty cheating and theft - though I'd suspect that they would ultimately have blocked Rebug via firmware. However hacking one or more Admin level accounts is pretty much going nuclear - so to speak, and Sony reacted in the only way you can to that level of intrusion - take the system down and manually purge it.

Agree with this comment 2 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 9:21:00 AM

... But why exactly do this take so much time, High? Do you have a theory about that? That's very unclear to me.
Cause removing a user - admin or not - should not take this much time to accomplish?
What *would* take time would be to recreate the design of this network service from ground up, but that would not be necessary if all they wanted was to get rid of one admin access (unless, of course, the design of psn is so fundamentally weak that once the hole was found it is wide open)?


Last edited by Beamboom on 4/26/2011 9:28:13 AM

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, April 26, 2011 @ 9:51:47 AM

I've been a sys admin many times before on medium and large scale networks. I've worked in Internet security and content security. I've had to test system security and hacked systems as part of my job before. I have lived some of this from the inside. If my network was compromised at the Admin level, here are some of the things I would *have* to presume.

1) The intruder could have disabled audit trails and logging.
2) The intruder could have placed additional software on my system to provide a back door
3) the intruder could have created multiple backdoor accounts or modified other accounts to provide a backdoor.
4) the intruder could have placed a logic bomb in the system designed to disable my system in a nasty way if I attempt to disable the intruder's account(s).
5) the intruder could simply be attempting vandalism and may have left Trojan or viral code behind.
6) the intruder may have been after sensitive data, I need to determine as far as possible whether that data was accessed.

Based on those 6 things - and about 1000 other smaller concerns and questions, I would kill the systems and boot them into an offline diagnostic mode. I'd remove all data from the systems and reformat them. Then I would recreate all my admin accounts, but only the ones I really needed. I would use new usernames and passwords. I'd change the IP addresses and host names of the systems if they were externally visible. I'd change the perimeter security on the network. Using the logs at my disposal I would identify how the intruder accessed the system and directly block that route. If they used a spoofing attack where they spoof an authentic client, I would make alterations to the access protocol and client configuration to ensure that the old method either did not work. Once I was sure that my systems were clean of any potential left over code, and all the accounts had been changed, I would begin the long process of restoring the data to the systems ensuring that no executable objects were restored from the backup. At the same time I would have a team looking over the audit trails and logs for the databases to determine whether there was any suspicious activity, and if so when, and where, and what was affected. Any affected data or backups would be treated with extreme caution. Once I had restored the data backups, I would also have to inspect the transaction logs for the time period during which the intrusion happened so that I could roll forward the restored databases to as close to the state as they were in when service was terminated.

One other thing I would consider doing is laying honey pots in the network. The network has been hacked once, it could obviously happen again, so I might place seemingly juicy targets on the network designed to lure an attacker while silently alerting network admins to the intrusion. That said, perhaps that is how Sony detected the intrusion in the first place?

That's a lot of work on a simple departmental or even an enterprise network. you're basically talking about every system administrator, network admin, system and network engineer in the organization working continuously for days to accomplish a complete rebuild. The PSN is far larger than any conventional enterprise network, even a corporation with 100,000s of employees doesn't have such a large and complex network as the global PSN.

Now, perhaps that sound like a lot to go through, but if an intruder gains access at the admin level on a network, you cannot just assume that all they did was hack the password to the account and log in. You have to determine what was done and how, and you have to take a pessimistic point of view to ensure that you do not miss something.

Additionally, Sony appears to be taking the opportunity to make some upgrades and enhancements to PSN that they could perhaps not make without this kind of extended downtime. After more than 4 years of operation, I'm certain that there are areas that Sony is aware can be and need to be improved. They are taking this time to do that as well.

I understand the frustration of gamers, I am frustrated too. But at the same time, this is an incredibly high stakes move. If Sony does not take the time to fully re-secure PSN and it's subsequently hacked in short order again, it would be a total catastrophe for the PS3/PSN brand. they have to take their time, they cannot hurry because the price of failure is so incredibly high.

If this kind of intrusion happened on XBL, Microsoft would do no different, I guarantee it. Microsoft isn't stupid, and believe me when I say that they are right now conducting a major survey and diagnostic analysis of their own network because they know that they too are vulnerable and that if this attack had befallen them, they would be in the same boat.

In short, there are no easy solutions, a huge amount of work is necessary to restore service properly, and it will take the time it takes, no more, no less. And yes, it's frustrating.

Last edited by Highlander on 4/26/2011 10:19:25 AM

Agree with this comment 4 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 10:36:34 AM

I follow you completely, but do you believe this would have to take a *week* of downtime, or maybe even longer? I mean it's not like it's one man working on this case, I would assume? And while this was done, do the entire service have to be shut down?
I am pretty sure I have nowhere near your experience in this, so I am merely asking.

At work we had one server that got seriously hacked a while ago, and software were installed (an irc bot, would you believe). However, we were able to transfer the hosted sites (this was a web server) to a different server and the web services themselves were back online just hours after this was discovered. There were some backend services that had to be temporary disabled on those sites, but my point is that for 99% of all users of the sites it was business as usual *while* we were investigating the breached server further. And this is where I am so puzzled by this downtime. That they have to take down the entire thing for such an extended period of time.
I do of course realize that this is not a case of *one* server but clusters of servers, but that's only a matter of scale.

Last edited by Beamboom on 4/26/2011 10:44:33 AM

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, April 26, 2011 @ 10:56:40 AM

Obviously it's a large team of people working, but it's also a *lot* of servers. The servers are organized in a particular architecture and must be brought back up and synchronized correctly to function coherently for PSN to actually work. You're talking about thousands of servers potentially, and it's not like they can just pop in a backup take and hit a button, a rebuild is a custom job every time. I wouldn't like to hazard a guess at how long it would take a typical corporate to rebuild their corporate network after a total network outage. Most disaster recovery plans assume a simple restore from backup and switch to hot stand-by systems, and yet that is usually anticipated to result in disruptions to some services lasting days. If you cannot simply restore from backups and switch to hot stand-by systems, it's a whole order of magnitude more difficult and more work.

Agree with this comment 1 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 11:38:08 AM

There just is something that's wrong in this picture, I can't put my finger on it, but something is not right here. How is it even possible for anyone to get *this* deep into the system from the outside, so they have to manually rebuild the whole damn thing! I would have expected layers upon layers with security/admittance, not just one admin access and *bang* there goes the network! It should not be possible for anyone to install anything from outside a given network topology.

I'll let the subject be cause we can't get any further anyways, thanks for the replies High. I just have to say, there is something here that just "do not rhyme", as we say in Norway.


Last edited by Beamboom on 4/26/2011 11:44:09 AM

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, April 26, 2011 @ 11:58:06 AM

Well, if the intrusion happened on the dev PSN, not the live PSN as it seems, I can kind of see why it might be possible. the Dev PSN is normally only accessed by Dev systems in Debug mode, which is a privileged mode for the PS3 already. That would allow an intruder running a custom firmware that emulates a debug mode console to potentially gain access to things they should not - like DLC. However, if an Admin password was leaked, or guessed, or was obtained via a dictionary attack - or however else it was accessed (sidejacking?), that admin account would allow a high level access to the Dev PSN. It could provide a steppingstone to the live customer facing PSN. We don't know how far the intrusion went, whether it got beyond the Dev network or anything like that. Even so, the Dev PSN is supposed to operate like the live PSN, so if the Dev PSN is vulnerable in a particular way, that knowledge could be used to attack the live PSN. I understand what you're saying, but a strict and perhaps pessimistic point of view on the attack would result in taking the whole of PSN down because whatever is done to the dev network will have to be done to the live one as well.

However, with such limited information, a lot of this remains educated guesses and speculation. I'm basing my thoughts in my own experience in security, as well as an advisedly pessimistic point of view - an optimist in security is not really a good idea. A pessimist assumes the worst can happen and plans for it, an optimist assumes the best case and plans for that. The optimist may be right, but the costs of being wrong are huge.

Still, until we know more, there may be a continued lack of rhyme...

Agree with this comment 3 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 12:34:28 PM

The dev psn yes, but apparently thats the same psn as press/privileged users are admitted access to, ergo it's not a dedicated closed developer network. Again, from the little I know it screams "sloppy work" all over, I have to admit. Still, that's hard to believe from someone like Sony.

But true, too many unknowns to really say much for sure. I *hope* we one day will get the full story though, it's a darn interesting topic!


Last edited by Beamboom on 4/26/2011 12:36:59 PM

Agree with this comment 0 up, 0 down Disagree with this comment

Epimetheus
Tuesday, April 26, 2011 @ 9:35:26 AM
Reply

I still think it's SkyNet becoming self-aware. Judgment Day is coming, friends ...

Agree with this comment 1 up, 0 down Disagree with this comment

jimmyhandsome
Tuesday, April 26, 2011 @ 10:32:46 AM

4/20/2011

Agree with this comment 1 up, 0 down Disagree with this comment

Excelsior1
Tuesday, April 26, 2011 @ 9:48:44 AM
Reply

statement incoming from sony says the bbc. i'm hoping for good news.

Agree with this comment 0 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 10:49:09 AM

What channel? Or bbc news?

Agree with this comment 0 up, 0 down Disagree with this comment

Snorge
Tuesday, April 26, 2011 @ 11:01:47 AM
Reply

Um....is it me or is this the BEST time to go ahead an implement Cross Game Chat!? The network is down and being completely rebuilt, Valve just implemented Steam (Thats a start)

Home already has an in-game Cross Party Chat with the group chat...GIVE IT TO US! Here's to wishing Sony would compensate us in a big way! Again, I can dream cant I?

**For those against XGC please dont reply to this, Im tired of the "use a phone" or "skype" BS...Its not the same, and once you get that through your thick-ass skull then MAYBE we can have some progress**

Agree with this comment 0 up, 1 down Disagree with this comment

Highlander
Tuesday, April 26, 2011 @ 11:10:55 AM

I don't think they will take the opportunity to introduce cross game chat at the same time as this because I think their attention is already fully occupied. I have a sneaky feeling that cross game chat - if it ever arrives - will be PS Plus feature and will be accompanied by a recommendation regarding network bandwidth.

Agree with this comment 3 up, 0 down Disagree with this comment

Snorge
Tuesday, April 26, 2011 @ 11:18:43 AM

@TheHighlander

Yeah Im pretty sure your right man, but I'm just saying this would be the best time to do it. Yet I do understand their attention is elsewhere...I dont care if it does end up being a PS plus feature, Im a member and I want it, LoL!

I do appreciate you providing a more "inside" look as to what might be going on behind the scenes.

Im not freaking out that PSN is down, they can take their time for all I care, and I do understand people want more info about whats REALLY going on instead of these somewhat vague responses but it doesnt matter what they tell us right now, long as its taken care of and they bring a little more info to light when this is all said and done. *Sorry for the run on sentence*

Last edited by Snorge on 4/26/2011 11:22:22 AM

Agree with this comment 0 up, 0 down Disagree with this comment

Robochic
Tuesday, April 26, 2011 @ 11:18:41 AM
Reply

Wow this is ridiculous, I really hate when people reuin things for other people cause they just want to save a few bucks. Stilling is not the answer what the heck is wrong with society?
Sony will get it fixed and they'll have a better wall up :)

Agree with this comment 0 up, 0 down Disagree with this comment

parasitic
Tuesday, April 26, 2011 @ 12:34:51 PM
Reply

Wait... is this Rebug/debug PS3 similar to a PS3 devkit if not the same thing but different name? My university has 10 of these that we can send our c++ code directly to the ps3 and debug on it... Now no one told me I could just start downloading stuff from PSN from it? Seems to0 good to be true... As developers debug their own games not other already published one... Maybe it's not the same thing... :/

Nonetheless I just want the psn to be back on track and healthy even if its downtime is due to more than one reason.

Last edited by parasitic on 4/26/2011 12:35:27 PM

Agree with this comment 0 up, 0 down Disagree with this comment

Beamboom
Tuesday, April 26, 2011 @ 3:20:38 PM

Man I'd love one of those kits.

Agree with this comment 0 up, 0 down Disagree with this comment

Excelsior1
Tuesday, April 26, 2011 @ 3:34:30 PM

sony just put out a statement that our personel details and even credit card info may have been compromised. service is hoped to be restored within a week, they have phone numbers to the credit buruea so this does not look good. the article is at the sixth axis.

Agree with this comment 0 up, 1 down Disagree with this comment

Snorge
Tuesday, April 26, 2011 @ 3:51:04 PM

@Excelsior1
Can you post a link?

Agree with this comment 0 up, 0 down Disagree with this comment

Leave a Comment

Please login or register to leave a comment.

Our Poll

If you don't have a PS4 yet, why?
Not enough games I want.
I don't have the money right now.
I'm happy with other platforms.
I just plain don't want it.

Previous Poll Results