Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature currently requires accessing the site using the built-in Safari browser.
I have a Dreamcast and had it since 2000 but only played 1 game and that's it. I never knew it could be hacked. Too late now I guess
Has the update of 3.56 allowed Sony to look into peoples consoles?
First up, what does Sony know about what's going on with your console? It is true that when the PS3 boots up - whether you have a PSN account or now - the machine itself communicates with a string of Sony servers, as recently posted on NeoGAF, and a log of applications run on the system is almost certainly transmitted. Similarly, the game you're running at any given point also shows up on your PSN profile, and the chances are that if you run a game from within a "backup manager", then the manager - not the game - will be displayed attached to your PSN account.
According to the terms and conditions of the PlayStation Network, this effectively makes you fair game for a PSN ban of which many variations exist - a timed suspension or even a lifelong ban. The amount of access Sony has to your machine is greater than you probably suspect: the company even has the means to irrevocably disable your console should it so wish, and if that happens, it will remain non-functional whether you're online or offline.
However, despite the options Sony has available, to date there have been no ban waves that we've been aware of, despite Jailbroken consoles being easily detectable. Sony's approach has been very responsible - issuing security updates via new firmwares that automatically lock Jailbreakers out of the PlayStation Network as opposed to issuing outright bans. Sony effectively offers PS3 jailbreakers the opportunity to "go legit" in order to preserve their PSN access.
http://www.ps3hax.net/2011/02/e-uae-amiga-emulator-port-for-ps3/#axzz1DB7pvHiN
Amiga emulator released!
Installed that yesterday. Been playing loads of SWOS!
Installed that yesterday. Been playing loads of SWOS!
Deleted the hack now and updated to 3.56. Good timing especially after Sony's statement today.
finally sony is doing the right thing.
Banning you? I agree.
You may not use, make, or distribute unauthorized software or hardware, including Non-Licensed Peripherals, in conjunction with Sony Online Services, or take or use any data from Sony Online Services to design, develop or update unauthorized software or hardware, including cheat code software or devices that circumvent any security features or limitations included on any software or devices.
Unless otherwise required by applicable law, there is no requirement or expectation that SCEA will monitor or record any activity on Sony Online Services, including communications, although SCEA reserves the right to do so and you hereby give SCEA your express consent to monitor and record your activities and communications. SCEA reserves the right to remove any content and communication from Sony Online Services at SCEA's sole discretion without notice. SCEA may use any data it collects, including the content of your communications, the time and location of your activities, your Online ID and IP address and any other collectable data, to enforce this Agreement or protect the interests of SCEA, Sony Online Services users or SCEA's licensors. Such information may be disclosed to appropriate authorities or agencies. Any other use is subject to the terms of the Privacy Policy. SCEA has no liability for any violation of this Agreement by you or by any other Sony Online Services user.
Read about the credit card details being so easily accessible, my PS3 is going to be disconnected from the internet full stop now. Complete joke of a company are Sony.
Update: A document written by the hackers has clarified what they did and what privacy and security risks they believe the PlayStation 3 poses. The PS3's connection to PSN is protected by SSL. As is common to SSL implementations, the identity of the remote server is verified using a list of certificates stored on each PS3. The credit card and other information is sent over this SSL connection. So far so good; this is all safe, and your web browser depends on the same mechanisms for online purchases.
The concern raised by the hackers is that custom firmwares could subvert this system. A custom firmware can include custom certificates in its trusted list. It can also use custom DNS servers. This raises the prospect of a malicious entity operating his own proxies to snaffle sensitive data. He would distribute a custom firmware that had a certificate corresponding to his proxy, and that used a DNS server that directed PSN connections to the proxy. His proxy would decrypt the data sent to it, and then re-encrypt it and forward it to the real PSN servers.
Such a scheme would be transparent to PSN users (except for any potential performance reduction caused by the proxying), and would give the attacker access to all the information that the PS3 sends to Sony. This information is shown to be extensive, but apart from the credit card data, probably not too sensitive or unreasonable.
As flaws go, the risks here are not substantial. There is no generalized ability for hackers to grab credit cards from PSN users; only those using specially devised custom firmwares would be at risk. Essentially the same risk could be faced by anyone downloading a pirated version of Windows: extra certificates could be added to those normally trusted, along with suitable DNS entries, to allow interception of any traffic destined for, say, amazon.com. In practice, the risk of either of these is slight, and in any case, trivially avoided: don't use custom firmware.
The original story is below, but note that the claims originally made by the hacker quoted in the article are unsubstantiated.
Original story: Sony has officially stated that anyone using hacked firmware or any sort of circumvention technology will have their console banned for life from the PlayStation Network, but how does the company know when such a console logs in? One person claims to have broken into the PlayStation Network, and what he has found is rather shocking. If his findings are accurate, your credit card information is being sent to Sony as an unencrypted text file, and Sony is watching every single thing you do with your system, keeping detailed records all the while.
"Sony is the biggest spy ever... they collect so much data. All connected devices return values sent to Sony's servers," the hacker said. He claims that Sony knows what controllers you're using, what USB devices are plugged in, what sort of television you're using—everything. Here's another section of the chat log:
* user2: another funny function i found is regarding psn downloads
* user2: its when a pkg game is requested from the store
* user2: in the url itself you can define if you get the game free or not. requires some modification in hashes and so on tho
* user3: ..
* user2: is like
* user8:
* user3: my god
* user2: drm:off
That's not all: your credit card information is apparently being sent as an unencrypted text file. This is how the code is being sent to Sony:
creditCard.paymentMethodId=VISA&creditCard.holderName=Max&creditCard.cardNumber=45581234567812345678&creditCard.expireYear=2012&creditCard.expireMonth=2&creditCard.securityCode=214&creditCard.address.address1=example street%2024%20&creditCard.address.city=city1%20&creditCard.address.province=abc%20&creditCard.address.postalCode=12345%20
This information is allegedly being stored online and is updated every time you turn on your system. We've been receiving reports from various sources that e-mails are being sent to those with hacked firmware even before they log back into the PlayStation Network, which is even more evidence that Sony is grabbing information from your system just from being connected to your wireless network.
The ability to enable free downloads is likewise unsurprising, as there may be a way for some users, such as press and developers, to access the PlayStation Network without needing to pay for content. While other console manufacturers may keep free, pre-review content in a separate, closed-off network, it's possible Sony keeps everything in one place, and controls who pays and who doesn't via a simple toggle. That would be unsafe from a security standpoint, but when has that stopped anyone from stupid mistakes in the past?
It's also very possible this is all fake, but much of what the unnamed hacker is saying links up with what we know from other sources about the behavior of the PlayStation Network. It's worth treating this as a very real threat: use PSN cards instead of credit cards on the PlayStation Network, and make sure you don't share any passwords or login information between your PSN account and other accounts.
We've contacted Sony for comment, but have not received a reply at time of publication. The hackers joked that the next update will remove the PlayStation Network, just as Sony removed the Other OS feature when it became compromised.
They should concentrate on fixing their security and going after the designers of such a poor security system rather than look like idiots going after people who had the nouse to actually work out how to break it.
It's their own fault for having such a poor security system but they're desperate to make others take the fall for it. Lost a lot of respect for their actions.
I agree. Why don't Sony employ the likes of Geohot et al? They're obviously more talented than their own security people and in my opinion it's better to have them on board than against you.