Modders To Blame For PSN Downtime?
Fake credit card numbers, not stolen.
Published: 11:15, 26/04/2011 by Tuffcub.
28On Saturday we posted a few theories as to why the PSN was offline and one story seems to be gaining ground. Modders have discovered that they could access the Sony dev networks using a custom firmware called REBUG and a lovely man called ‘Chesh’ who is an admin on a PS3 hacking/modding site has posted further information.
According to Chesh, the Sony dev network is a bit lax when it comes to checking details – to be specific, credit card numbers. Modders who were on the dev networks were able to type any card number they liked in to the PS Store and it was not checked. As a result they went a bit mad and downloaded everything they could.
Chesh says ‘no one’s personal information was accessible via this hack’ which seems logical – all our credit card details are on the public PSN, not the dev network. Chesh also posted the following,
Mathieulh just mentioned that he has been in contact with someone that has official access to the SCE devnet servers and it was posted to them today that only 3.60+ debug firmwares will be allowed on the dev network anymore. All earlier versions will be cut. If you want to retain your access you need to contact Sony and upgrade to 3.60 debug firmware.
So are modders to blame for the PSN downtime? Possibly. If they are, then the question is why have Sony shut down the entire PSN rather than just the dev network?
Source: Reddit
Most Comments This Week
- Gaikai’s Streaming – Does This Mean No PS4? [65]
- PSN Store Update: 23/05/12 [55]
- First Party Vita Games Drop To £12 On PSN [52]
- PSN Store Hit With 80023163 Errors [51]
- Is Something Big Coming To PlayStation Plus Soon? [50]
- “Leap” Motion Controller Could Revolutionise Gaming [43]
- Ghost Recon: Future Soldier PS3 Install Is Huge [42]
- Australian & New Zealand D3 Players Suffer High Ping Rates [41]
- Sony Files Patent For Game-Interrupting Soda Adverts [40]
- Ghost Recon Future Soldier Review (PS3, Xbox 360) [39]
Latest Reader Comments
- TSA Speculates: Why You Might Not Need To Buy A PS4
-
New Hardware, New Plus: All Eyes On Sony This E3
- 13:28 damoxuk: No thanks. I don;t want to stream games and have worst lag than when I played Atari 2600 games 30 years...
- 12:30 Radiitz: Its 2012. I can’t believe there are still people begging for PS2 compatibility with PS3....
- 12:28 Radiitz: Personally, I would like the PS4 (when/if it releases) to be like the Onlive console. You buy what is...
- Microsoft Job Offer Mentions “Next Generation” Of Xbox
- Meet the Reader: KAMIKAZE-UK
TSAtv: Original Video Content
Batman book review
Kris Dancing, again
Joe Danger interview
Sonic Generations
26/04/2011 at 11:19
Member since: Dec 2008
makes sense the bas*rds hackers not welcome
26/04/2011 at 11:19
Member since: Jun 2009
I wasn’t really bothered at first about PSN being down but it is starting to get a little frustrating now. I’m 2 online trophies away from getting my Bulletstorm plat and I’m itching to get back on it. It would be nice to have some idea as to when it’s coming back online.
26/04/2011 at 11:19
Member since: Jul 2009
Six days and counting, It’s taking quite lot of time to sort this out, it looks like Sony are really going to town on the new ‘Fort Knox’ PSN
26/04/2011 at 11:26
Member since: Dec 2009
And rightly so, the Hackers/Thieves dont realise that there isnt a positive following with this. We hate theft/hacking of any kind. No one supports them, all they are doing is assisting Sony as I am sure many of you out there are completing those single campaigns, getting jobs done round the house, cleaning the car etc.
I havent been indoors once, but now we are back on the daily grind for 3 days I want my PSN back.
26/04/2011 at 11:27
Member since: May 2009
Didn’t realise it was still off. Just got back from a weekend away and thought it would be all sorted by now.
26/04/2011 at 11:21
Member since: Aug 2008
I think Sony would LOVE to blame modders just like they did when they removed OtherOS but I’m sorry, every company in the world is the victim of malicious intrusion attempts and they don’t fall down for this long.
Whatever the cause, this is not acceptable and no amount of spin is going to change that.
26/04/2011 at 11:33
Member since: Forever
Good point. EVERYONE gets attacked, pretty much continuously.
26/04/2011 at 11:50
Member since: Feb 2011
This comment is hidden.
26/04/2011 at 11:59
Member since: Jul 2009
That’s an awesome leap you’ve made there.
26/04/2011 at 12:00
Member since: Aug 2008
Wow clashcityrocker, that is quite a lot of bullshit there. No one is condoning the piracy, don’t be ridiculous.
The point here is that, whatever the cause, Sony are to blame for the outage. Either they had poor security allowing the hacks or they failed to respond quickly/intelligently enough.
I work in computer security so I know that people are trying to infiltrate thousands of company systems, ALL THE TIME. It’s crucial you have a robust infrastructure to withstand that. You can’t simply blame the attackers and expect all your customers to just lie back and accept it.
26/04/2011 at 12:06
Member since: Apr 2010
@Clash
CC says Tomato, you hear peanut butter jelly sandwiches?
26/04/2011 at 12:14
Member since: Dec 2009
That response from clash is hilarious! It makes no sense.
26/04/2011 at 12:37
Member since: Mar 2009
2 + 2 = 4684213218, right?
26/04/2011 at 12:41
Member since: Dec 2010
3shirts
the thing is, PSN has been safe for all this time, so their security was fine, but after all that gehot crap, it’s became unsafe, if it is true that modders are to blame with that fake credit card thing then their only option was to pull the plug.
as someone who works in computer security, you should know that the safest most efficient way to combat an outside attack, is to sever all links, including the ones you think are safe, just to be sure, then try to make sure that it can’t happen again, at least not in the same way.
26/04/2011 at 12:59
Member since: Jan 2010
So the network was safe until all the GeoHot stuff?So how exactly was it safe then, it was just nobody had attempted to hack the system and network in such a way up until that point.This could have been done before GeoHot came along meaning it was never safe from this attack.
26/04/2011 at 14:29
Member since: Forever
WTF?
lol
Me agreeing that most companies are subject to online attacks is tantamount in your words to me condoning piracy, when I’m the most anti-piracy, copyright-infringining person I know online or offline?
26/04/2011 at 14:52
Member since: Dec 2010
cc_star
you might want to put “anti” before “copyright-infringing” too ;)
:D
26/04/2011 at 14:52
Member since: Sep 2010
Well cc_star… with the way you are going on about the network being down, it would not be hard for you to be the most anti-piracy person you know because you are probably just about the only the person you know lol
26/04/2011 at 15:36
Member since: Feb 2010
…that was rather uncalled for
27/04/2011 at 02:45
Member since: Dec 2010
ALL networks are vulnerable. There is nothing that can not be hacked, given time. What is important is HOW a company deals with the problem — and in this case, Sony seems to have done the absolute right thing by shutting down PSN.
Can you imagine the outrage if they thought ‘oh, it’s just this’ and didn’t shut it down, while hackers continued to steal private data?
The only proper response, given that they didn’t know exactly what was going on yet, is to shut everything down and figure it out. That is the best way to protect our private information.
26/04/2011 at 11:23
Member since: Dec 2009
Ah, I see. Hackers are bastards. Simples.
26/04/2011 at 11:25
Member since: Aug 2008
You could say “Hackers are scapegoats”
26/04/2011 at 11:26
Member since: Nov 2009
I don’t think we’ll ever know really.
26/04/2011 at 11:23
Member since: Dec 2008
would you like someone to come into your home and steal all you stuff
26/04/2011 at 11:26
Member since: Aug 2008
No, but I wouldn’t concrete all the doors and windows shut for 5 days after finding out someone had.
26/04/2011 at 11:40
Member since: Feb 2009
Think a better analogy would be a public location where people are regularly going through your property.
Say, a museum.
One day your precious artefacts start going missing, despite your security measures. You keep an eye on them and over time they just keep disapearing.
So, you would probably shut down the museum while you work out how people were stealing things and start pouring over security camera footage desperately trying to capture the people responsible and make sure it never happens again.
26/04/2011 at 11:43
Member since: Jul 2009
Damn it cubehouse, beat me to it (:
I was just about to say, that wasn’t the best analogy, but yeah, basically what cubehouse said. I think shutting down the PSN was the right thing to do, just wish it didn’t take this long getting it back up.
26/04/2011 at 11:50
Member since: Aug 2008
Actually, that’s not a great analogy either. It’s more like your museum gift shop has been losing a few novelty pencils so you shut the whole place down while you find out how. That is not a proportional response which is why I think something bigger is going on.
26/04/2011 at 11:54
Member since: Feb 2009
I think I’m basing it on my opinion that this really isn’t the sole cause of the downtime. They could easily just turn off the credit card system for devs (or even for everyone) if this were the case.
26/04/2011 at 12:02
Member since: Aug 2008
With that, I agree.
It definitely feels that we are (as always with SCE) not getting the full story
26/04/2011 at 12:47
Member since: Apr 2009
Sony dont want the Playstation to go down the road of the PSP. Full credit to them!
26/04/2011 at 11:25
Member since: Forever
Being able to use dummy card numbers on the dev network is actually a feature.
Your last point is the prominent question with this scenario, taking ~30m customers offline is just about the most drastic thing Sony could do, that would (presumably) mean that the action against them was just about the most drastic thing that could happen, wouldn’t it?
Whilst I ‘know’ the dev netork has been access in this way, with free credit being applied to accounts of this particular CFW users, taking the whole network offline and for this amount of time for a few 10′s of people loading their wallets, would suggest to me that something else is afoot.
Looking at the PSN’s profit in their last financial statement and then dividing it per day, Sony is losing £1.5m/per day probably more as there’s now more users this year than last year, not to mention all the devs losing out
26/04/2011 at 13:22
Member since: Mar 2010
Your right about the loading wallets. This seems to be whole lot more.
Sony should have foreseen this when CFW appeared. It was only a matter of time before debug was available and the SDK’s. For Sony not to realise the power of there own hardware they released was pretty dumb.
I think all major review outlets should expect a revised debug unit and maybe we’ll all have new ways to activate our retail PS3.
26/04/2011 at 11:28
Member since: Oct 2008
This couldn’t be better for me and my dissertation. The PS3 hasn’t been on in over week now.
26/04/2011 at 11:30
Member since: Jan 2011
Sony have lost money due to modders, I wonder wether the modders can be found/identified from where the downloads went to….
26/04/2011 at 11:36
Member since: Feb 2009
Don’t think this is everything, surely they would just disable the dev network while they patch it?
Reading the Reddit thing, it seems they use some weird proxy trick to jump to a different url or something, which suggests Sony could have just disabled that location.
Really think there was more to it than just this. Stopping the fake credit card system on the dev network should take minutes, if not hours at most.
26/04/2011 at 11:40
Member since: Apr 2010
While I have no idea how long these things take to fix, I agree that it is somewhat unbelievable that this is the sole cause.
27/04/2011 at 02:42
Member since: Dec 2010
it has been reported/rumored that it was impossible for Sony to take down ‘just’ the dev network w/o affecting all of PSN.