Richard Sebire
Osmon Surveillance Caldari State
23
|
Posted - 2013.06.03 17:43:00 -
[1] - Quote
There have been a few requests on my other boards for this, and then too see it happen, the irony. There where actually several groups involved. To do a denial of service attack, you need a large network set up as a bot net. The Denial of Service was an not the attack though, it's more like a smoke screen. The network floods the server so much so that the server can't keep up. Then there would have been an attempt at the network PassPhrase. You know the Security Certificate. If its forced into so much traffic it will let the Pass Phrase be aggregated from several attempts. All the crypto is for a secure connection, which is undetectable. thankfully CCP took the servers down though, so if the crypto was beaten they have got the current crypto key. They probably won't try again. It cost a lot in electricity and they don't have that much money. the PS3 has been compromised on 4.20 and Dust has been copied ready to distribute on hacked PS3's, but the network connection even with an anonomiser but not the correct network security certificated will be flagged strait away and more than likely denied and reported. Sony don't IP ban hacked PS3's, they just accept that they are there and so do CCP have too. A mitigation plan, which they have implemented will probably route you through trace route now(in case your mobile). And save that to your Account. The teams responsible would be Duplex and a few other of the .NFO (PS3 file type) Hackers. If they had just used a KaiLink ect to have there own games and not got greedy, they would have been ok. But who bets the update coming changes the PassPhrase and scans the Dev/flash folder of the PS3 looking at file system changes before it even loads a sys call. If CCP had kept Dust 514 up, it would have been on the Piratebay by now. Kudos for CCP for knowing it was an attempted injection, not just a denial of service attack. Most of the teams such as Duplex all live in America/Brazil/China where Jailbreaking your device is legal though, so you can't really blame them for trying to make a working back up.
I could reprimand them and set them to other projects, but with the PS4 coming we are all looking forward to x86 and nobody in the scene really wants to learn another tool set. Well at least not yet.
Hope this helps. As a long time Programmer, the PSSuite was really easy to exploit, they even have tutorials now. But the move into x86 is going to make things worse again even more. Sony are planning on keeping there DirectX 11.1 Extended Liabary safe. They won't and once that's open, it's Cat and Mouse all over again.
You can still Jailbreak your PS3 now, on the latest Firmware as the Master Key is known. The only Key the developer can really use to keep there product safe from hackers on the PS3 is there own network key. You can see the Xbox One being rooted with Android or a Linux Variant within days of release, but not the PS4. The lengths that Sony have gone since that infamous network hack they had has actually gained them a bit of respect in the scene. They have some sort of Python base and Sun Java node thing in the middle of all there networks now, which would probably take an entire country's network to stall it, let alone fool it.
If CCP has/had been compromised and everyone's credit card details were taken, I'd credit them too tell us. Good on them
|
Richard Sebire
Osmon Surveillance Caldari State
23
|
Posted - 2013.06.03 17:57:00 -
[2] - Quote
Nope. The LV 1 Key is four bytes. Then Lv2 and Lv3 are also four bytes, but then not all the SKU's have LV2 and LV3. The latest SKU has the new and improved LV0 too. and if you get those you need the PassPhrase for the PSN, which is doable, but obviously CCP's tranquility is looking after itself but also having it own PassPhrase, probably to protect Eve, I heard them saying they where going to do something along those lines when they where getting together with SONY. Yes there are around 6 different code languages employed in the system, and you can convert from one to another. But if it ain't hex an C friendly, your not going to be going far. You see why the apS3 was tuff to code for.
|
Richard Sebire
Osmon Surveillance Caldari State
23
|
Posted - 2013.06.03 18:12:00 -
[3] - Quote
Just so everybody is clear with me. I'm not a pirate. It wasn't me. If somebody says it was, it wasn't. I don't even have a computer any more. I got invited into a new BIOS project for SONY, and we got too tinkering, we even had all the Unicode working without micro processor errors, but mine got too over clocked and gave me around a 350W electric shock, so I haven't touched one since. Looking forward to seeing the BIOS come out and actually get updated. The VAIO range have needed it for a while. Sony still even sign them MrBig505.
|