16 Dec Gaming the security - The new generation of consoles Christian
04 Jan The Top 10 Security Stories of 2011 Costin Raiu
02 Nov Lab Matters - Inside the Sony Hack Ryan Naraine
17 May Return of the Playstation Network Tim
29 Apr Playstation data for sale? David Jacoby
Join our blog
You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.
With the Xbox One having landed in many countries, it's time to have a closer look at the new console generation. The Xbox One is equipped with two virtualized operating systems, both running on a hypervisor: the core system for gaming and a slimmed down version of Windows 8 for the app landscape. It is also planned to make it compatible with apps originally made for Windows Phone. It will also be interesting to see the level of platform sharing with Windows 8 and therefore the compatibility for malware targeting existing Windows systems. This, however, is still something yet to be explored.
There have already been malware attacks on games consoles in the past. Like Trojans for the Nintendo DS and Sony PSP as well as proof of concept attacks against the Nintendo Wii, in which the console was used as a door opener to breach corporate networks, as shown at BlackHat in 2010. The malware, however, was seldom seen in the wild and needed a -homebrew- firmware first, in order to be able to execute pirated games v this is the way the malware was disguised and it was then spread via torrents and other file sharing networks. This meant high barriers for malware authors and the reason for the low infection rates. However, the high interconnectivity of modern consoles, like apps for Twitter, Facebook, Youtube, chat tools and video conferencing like Skype opens doors and makes them more vulnerable to attacks.
Tim Armstrong looks at the timeline of the Sony breach and pieces together the relevant details at each point in time. He discusses the known facts of the case and the potential future fallout.
Sony has reported that it has had a number of sign-in attempts on accounts belonging to users on its various networks. In a statement on the Sony site it was revealed that “Sony Network Entertainment International LLC and Sony Online Entertainment (SOE) have detected a large amount of unauthorized sign-in attempts on PlayStation®Network (PSN), Sony Entertainment Network (SEN) and Sony Online Entertainment (SOE) services.”
Today is May 17, almost exactly a month after the massive breach of Sony’s PSN network. If you live in North America then you may be pleased to know that the Playstation network has finally come back online. Due to the enormous amount of subscribers to the service, the restart has been a bit shaky, with reports of password reset emails clogging ISP mail servers. Despite the hiccups, it seems that the service is gradually returning.
If you are a customer of the Sony service, you will need to immediately change your password as well as install a firmware update to your system. Sony has pledged a much stronger security environment to its customers and partners, and this appears to be the beginning of many changes. Sony has previously stated that they have rebuilt the entire network from scratch and moved their PSN infrastructure to a new data center in an undisclosed location. I’m not sure why this emphasis on security wasn’t a focus of the original model, but maybe Sony can prevent future mishaps. Perhaps all the additional outside scrutiny will help, but only time will tell.