back to article Did PlayStation Network hackers plan supercomputer botnet?

The dearth of details from Sony about a criminal intrusion into its PlayStation Network is fomenting plenty of speculation about the methods and motives behind the attackers, and some of it isn't pretty. The most dire scenario is that attackers gained, or tried to gain, control of the part of Sony's network that issues updates …

COMMENTS

This topic is closed for new posts.
  1. asdf
    Flame

    Sony loathes its customers

    Boy am I glad I gave my Xbox 360 away to family and bought a PS3. Nine days without being able to play online (including totally being unable to play online only game MAG) is a small price to pay for Sony thinking of new ways to punish and monetize me for leasing their PS3 from them. What a fail. Guess it explains why Sony can't even push more hardware than the crap, me too home of the Zune and Kin M$. This is what happens when your CEO comes from the media content side where making dribble for sheep is in the job description.

    1. Anonymous Coward
      Thumb Down

      Punishing customers...

      Too right. I only found out yesterday from sony that my details had been stolen. Of course, I knew a week ago through third parties.

      I only ever bought one or two "classics", non sony games. Glad I've put CFW on my PSP, no chance I'll ever by another sony product, let alone game for their consoles.

      1. DrXym

        @AC

        Yeah you're a hero for pirating games. We salute your moral stand.

        1. Chris Thomas Alpha
          Grenade

          idiot

          custom firmware doesnt mean you pirate games you knuckle dragging imbecile

          1. schnide
            Headmaster

            No, not necessarily..

            ..but usually, or at the least, very often.

            The namecalling didn't legitimise your argument much either.

  2. This post has been deleted by its author

  3. Anonymous Coward
    Big Brother

    9 day outage speaks for itself

    It sounds to me as if Sony don't yet have a clue how far this hack goes. The fact they haven't published a timetable for getting their network back online also suggests they don't yet know what they need to do to fix the problem.

    This doesn't make the very heavy handed approach they took to the geohot disclosure look very sensible from a business point of view. Instead of using contemptible and discredited corporate-purchased law (DMCA) which attempts to override basic US first amendment constitutional rights in trying to gag him, they should have offered him a contract offering fair recompense for the application of his undoubted knowledge and skills to help them to sort out the mess they were clearly in yet didn't seem to understand they were in.

    Sony appear to have made some very knowledgeable and determined enemies with the approach they have taken and now it's payback time. Sony had this coming to them and they deserve all they are going to get.

    Hopefully anyone else thinking of using DMCA to try to shortcut proper security at the expense of user's fundamental rights will be made to think again concerning what this approach is likely to cost them.

    1. Hungry Sean
      Unhappy

      I hear where you're coming from

      Sony are certainly not lovable and, while I can sympathize with the temptation to see this as act of nemesis, it seems likely that for all the bad press, lawsuits, and loss of revenue, the individual users who've had their CCNs and personal details compromised are probably going to be screwed by this much more than Sony. The downside to Sony will be loss of profit, reduction in share price, and some heads rolling. By contrast, the bystanders who just wanted to play games will likely go through hell with identity theft, having their credit cards and potentially bank accounts frozen, troubles paying rent, etc.

      As much as Sony have acted like playground bullies, I don't think we should be celebrating their antagonists as heroes.

  4. Anonymous Coward
    FAIL

    LOL

    Chat LOGS on IRC are news now?

    El-Reg sinks to a new low. What next? Man down the pub said?????

    Whatever happened to reporting factual news? Even the BBC are struggling with that one, just copy and pasting what they read elsewhere.

  5. Plausible Deniability
    Big Brother

    Bad = Allowing untrusted devices on your production network

    I control the devices on my core network. Appliances like PS2, PS3, WII, Cell Phones, all run in a 2nd separate network. This removes most of the pain, windows still remains though :(

  6. Anonymous Coward
    FAIL

    wow

    thats pretty damn scary! the possibilities with that amount of access are endless. If the hacker purely had a problem with sony then they could potentially load a corrupted firmware and just brick every ps3 out there - that'd probably be enough to bankrupt sony what with lawsuites and replacing almost every single console etcf.

    If the hacker had grander plans and wanted maybe take a country out then with the processing power of that many PS3's that'd be pretty easy as well.

  7. Mystic Megabyte
    Welcome

    Priceless!

    I for one welcome our PS3 botnet overlords etc.

    Popcorn icon needed.

    1. Arnie
      Go

      LMAO

      +1

      All your consoles are belong to us

  8. Anonymous Coward
    Terminator

    Skynet

    I question the "official" explanation as a potential PS3 botnet, as this is obviously Skynet attempting to control the PS3 network as part of its plans for world domination.

    AC because you just never know...

    1. Anonymous Coward
      Black Helicopters

      @AC because you just never know...

      we know who you are

  9. Anonymous Coward
    Anonymous Coward

    Hi Sony

    That's what it feels like to get shafted with a rootkit.

    Nasty, innit?

    1. John Brown (no body) Silver badge
      Coffee/keyboard

      Re: Hi Sony

      See icon.

      1. Dave 62
        Coffee/keyboard

        Re: Re: Hi Sony

        As above.

        Welp, stocks down at least 8% since this happened, I think Sony might just wake up, fire most of their upper-management and start again.

        1. Wayland Sothcott 1

          reformat hard drive

          and start again with a fresh copy of the OS.

    2. Anonymous Coward
      Megaphone

      If I were Sony, I'd be a little ... startled...

      They've stirred up a hornet's nest the likes of which probably hasn't been seen before...

      (oh wait.. maybe not... HBGary)....

      Just did a quick google and found this page:

      http://vgn365.com/2011/04/18/anonymous-sony-well-be-launching-largest-protest-ever-we-really-mean-it/?replytocom=162

      What is this "The Month of May will bring Sony Dismay" they speak of? Did they hack PSN?

      I suspect we will never know.

      I only hope that whomever hacked Sony will respect Joe Q Public and not misuse any information they have gleaned to defraud them.

      Just thinking aloud.

      The most responsible thing these hackers could do (which I suspect would still *REALLY* hurt Sony) I suspect is to inform the credit card companies that they actually own the numbers, and let them know which ones numbers are compromised to confirm this. This possibly may protect those at risk.

  10. Anonymous Coward
    Black Helicopters

    Rough calculation

    If these people were just to use 6 Cell SPE's per PS3 (as is/was normal for clustered PS3 with OtherOS and there's a lot of information and software for it available almost off the shelf), they would get around 6* 25.6 GigaFLOPS per console. Assuming one is able to push the code to 10 million ps 3s (out of 77 million), one gets 10000000* 6 * 25.6 GigaFLOPS which is 1.536 exaflops.

    that is around 500 times more than the total processing power of all top 500 supercomputers in the world (see http://www.top500.org/stats/list/35/procclass ).

    Even if IO reduced the overall effectiveness to just 1% of that, these guys would still be holding the strongest supercomputer on Earth.

    If they manage to control it for some time, they can definitely break RSA-1024, very very likely RSA-2048, possibly RSA-3072 and maybe even longer. Hmmm... Could the guy that hacked Comodo be behind this? He made breaking PKI sort of a crusade for himself...

    1. Anonymous Coward
      Grenade

      I'm too lazy to look it up, but

      There was an article (either here or on /.) describing a US Military cluster of PS2/3 consoles. Maybe this was them trying to increase their performance by a factor of a googol.

      Fucking scary, but the real question is: Will it play Crysis???

      1. Destroy All Monsters Silver badge
        Pint

        Back in the PS/2 days [AD2000] ....

        It was rumored that Saddam was buying PS/2 in order to [insert preferred Mwahahaha action here]

        http://www.theregister.co.uk/2000/12/19/iraq_buys_4000_playstation_2s/

        There was as much truth to this as Iraqis throwing Kuwaiti babies out of incubators, Serbs ultrakilling Kosovars or the more recent Gaddafi handing out Viagra to enable Gang Rape Horror stories -- but at least it was funny.

    2. mike panero

      Ok I don't know...

      Let us assume your superduper computer figures are correct, going forward the PS4 etc will have at least 4x times the power of the PS3 & the internet will be an IP6 based gigabit to the home vonder land

      Further all encryption must decrypt as that is the point (send it thru unknown pipes in a safe fashion) but given enough CPU all encryption must fail, even quantum, because at some point you need to decrypt the bloody thing

      At the moment I can only see a usage model as supplying the nes. security; Just as with limiting emails from one mailbox by what one human could reasonably send, we now need "electronic money" that weighs too much for you to carry that much around and spend

      But if the market needs to be regulated like that then QED Capitalism must fail, for it can only exist in a market with no regulations e.g. cocaine

      If every transaction must ultimately backtrack to some central point to verify the plausibility that someone somewhere might want to d/l a game in Poland and buy a tank of petrol in Peru (at the same time , keep up) that would mean a level of surveillance which would exclude any and all newcomers thus creating a closed market almost as it were "too big to start "

      I ask you is there any evidence, any at all, that the world would stand back whilst a few rich and powerful people would control all trade like this? is there?

      1. Wayland Sothcott 1

        That plan is called the NWO

        We may not be standing back whilst this happens but they are doing it anyway. I expect it will fail, as with cloud computing. As soon as you centralize too much then your system become vulnerable. The level of control Microsoft has via Windows Updates is cause for concern, except there are plenty of people who can rebuild a Windows computer when it's screwed. The PS3 is deliberately made hard to hack.

        The success of the Internet is that it is P2P with millions of possible centres. Millions of people able to do their own thing. Soon after you become the monopoly you stifle development, then you die and the people do their own thing.

    3. Wayland Sothcott 1
      Black Helicopters

      stealth botnet

      If the botnet herders were to introduce a virus that instead of killing the PS3 introduced some bugfixes and performance improvements then who would realize it was there? If they only draw a small percentage of the CPU power then no one would be seeking to remove the intrusion.

      What's to say they have not already succeeded in this?

  11. Anonymous Coward
    Anonymous Coward

    "They could lose control of their whole PS3 network."

    A figure of speech? Or do Sony really treat all the connected PS3s as parts of their own network? One hell of a target, if so.

    1. Anonymous Coward
      Anonymous Coward

      They probably do, you know.

      After all, they treated your home PC as their own and installed additional software into the deepest guts of your operating system without consent.

  12. Anonymous Coward
    Anonymous Coward

    An old fashioned theft?

    Sony have said:

    "There was an external intrusion"

    and also:

    "We are initiating several measures that will significantly enhance all aspects of PlayStation Network’s security and your personal data, including moving our network infrastructure and data center to a new, more secure location, which is already underway."

    Maybe someone physically walked in the data centre and just took it? If not why move centres, and say that it is one of "several measures that will significantly enhance all aspects of PlayStation Network’s security and your personal data"?

    1. Anonymous Coward
      Pint

      Maybe

      They've got problems finding appropriately skilled people after the geohot incident?

  13. John Savard

    The Ideal Solution

    Some flaws in Sony's methodology for securing the PS3 were disclosed at the same time the vulnerability was disclosed.

    There may be other ones. Ideally, Sony would come up with a security patch for the PS3 that would not only close those vulnerabilities, but also re-open the ability to run Linux on a PS3. That would earn Sony renewed respect and applause, but it would take the wind out of any sympathy there might be in some quarters for these hackers - as well as helping to ensure that anyone seeking to overcome PS3 security in the future wouldn't get unintended help from legitimate quarters of the hacking community.

    1. Charles 9

      Not likely.

      See, Linux ITSELF proved to be a vulnerability. Or rather, the ability to run unvetted user-level code proved to be a vulnerability. GeoHotz's earliest work on hacking the PS3 involved steering the Cell into a race condition that allowed him to elevate his access all the way up to ring -1 (the hypervisor level). That sounds like a hardware fault to me, and at such a basic level, it'll be hard to work around it apart from locking out all unvetted code (which is the path Sony has taken).

      1. Anonymous Coward
        Anonymous Coward

        ring -1 ???

        Where did you come up with that? The hypervisor still only runs in ring 0 (thats assuming that the hardware supports rings) and the guest's version of ring 0 (again assuming that the hardware supports it) won't be actually running in ring 0.

        btw, does anyone have a PL/1 compiler for x86 hardware?

        1. Anonymous Coward
          Headmaster

          Yes, ring -1.

          It's a feature of some recent x86 descendents.

          http://en.wikipedia.org/wiki/Ring_(computer_security)#Hypervisor_mode

          There is more than one type of hypervisor; the kind that runs in the machine's real ring 0 as an OS kernel-mode device driver and offers a simulated ring 0 to the guest is known as a Type II hypervisor, one running on the machine's hardware virtualisation support (ring -1) under which all OSs run as guests is known as a Type I (you could also implement a Type I solely at ring 0 if you wanted but the hardware support is more efficient.)

          http://en.wikipedia.org/wiki/Hypervisor

          http://en.wikipedia.org/wiki/X86_virtualization

          As to your other question, http://pl1gcc.sourceforge.net/ might be able to help.

  14. Carol Orlowski
    FAIL

    Scaremongering BS

    dear o dear....

    People running scared about a what if "article" written based of chat logs based of speculation of data that may have been taken from a unknown number of people...

    1. Anonymous Coward
      Grenade

      @Carol: bit more to it than that

      'People running scared about a what if "article" written based of chat logs based of speculation of data that may have been taken ...'

      Having such a large network down for 9 days with no recovery plan published seems to be a bit more than speculation to those affected. You haven't really been following the increasing conflict between Sony and some of their games console users unrolling over the last several months have you ? If you had, you might understand some of the motivations of those behind this outage, and also the fact that the keys to this kingdom were out there waiting to be used.

  15. Highlander

    Ah, yet more spin from TheRegister.

    Got nothing better to do that speculate?

    1. DavCrav

      Sony won't say what's actually happening

      "Got nothing better to do that speculate?"

      This is the problem with not telling people what's going on: they have to speculate.

      1. Destroy All Monsters Silver badge
        Flame

        There is also a difference between "spin" and "speculation"

        The former is enhancing the truth, the latter trying to discern the truth.

  16. Anonymous Coward
    Megaphone

    Power to the people!

    The internet is ours. The consumers are right. Big corporations are evil. Etc, etc etc. I love seeing arrogance being punished that hard. I wish MS and Apple could get a beating like that too.

  17. Anonymous Coward
    Coffee/keyboard

    Sony 'incompetence' undermines arrogance...

    It's the usual corporate idiot-think: decreased spending on IT must lead to increased profit.

  18. Anonymous Coward
    Anonymous Coward

    Glad I missed out

    Several years ago I purchased a PS2 for the children and tried to get the darned thing to go on line. It steadfastly refused to get the Sony network to respond and no one bothered about it.

    I now thin that perhaps I was one of the lucky ones?

  19. Col

    I speculate! I speculate!

    </Dalek>

    I reckon the reason it's still offline is that PSN was so poorly designed form the start they can't figure out a way of closing the gaping security holes without borking every PS3 out there.

  20. Furbian
    Thumb Up

    Schadenfreude galore....

    Sony do appear to be putting their foot in it, repeatedly, disabling the install other OS feature after advertising it, taking action against geohot and even obtaining a list of anyone who had visited his site. Incredibly mean and despicable acts which will have many thinking, they got their comeuppance.

    Fortunately for me, I barely used my PSN account, and never bought anything because for some odd reason it would reject my password when I tried to check my account on a PC, but worked fine on a PS3 with the same password. I asked Sony about this, they ignored it, so did I.. and that was years ago.

  21. Arctic fox
    Coat

    The only thing I can suggest is that you.........

    ....pick up an xbox on the way home!

  22. Anonymous Coward
    Anonymous Coward

    Just like everyone else El Reg sigh!

    Lol love articles made from chat logs or forum comments! what is this Kotaku???

  23. TonyHoyle

    Turns out the hackers are already using the data

    Just got a third 'warning' email from Sony.. sent directly to an email I *only* used for the ps3.

    1. It's not from sony, or a domain registered to sony. Indeed it appears to be from a spammer.

    2. It states rather boldly at the top 'Add PlayStation_Network@playstation-email.com to your address book' - first part of a 2 stage phish? (Since in some mailservers email addresses in the address book are more trusted which supresses the phishing warnings)

    3. It was sent from a *third* mailserver, of similar dubious origin.

    As a phish it was so borderline (containing no dodgy links to russian websites etc.) that it took some discussion to work out what was going on.

    If somehow it's not a phish then Sonly just failed epically *again* by training their users to accept emails from random untrusted domains.

    1. Anonymous Coward
      Anonymous Coward

      Not a phish, don't panic.

      Try putting http://playstation-email.com/ into your browser. You'll see it's a domain and server belonging to a direct marketing contractor called Innovyx, Inc., who apparently Sony outsource their marketing emails to.

  24. Paul 135
    Stop

    this actually in many ways puts Sony in the right

    All these hacking incidents actually vindicate Sony in wanting to sue the ass off GeoHotz. Tthese sanctimonious anti-Sony hax0rs have much of the responsibility for this.

    1. Destroy All Monsters Silver badge
      Alert

      Please refrain from forgetting to enable the use of sarcasm tags.

      It confuses the heck out of people.

    2. Ian Stephenson
      WTF?

      @Paul 135 - WTF?

      Are you naturally this stupid or did you have to work at it?

      Security by obscurity is once again proven no security.

      If Sony had treat their users with a little respect and folks like GeoHot with a little bit of trust, Sony could have been informed of the holes and patched them before they were exploited like this.

      You know, the security model used for open source?

      If you were being sarcastic my apologies, however I don't think you were.

  25. AB
    FAIL

    @Paul 125

    "All these hacking incidents actually vindicate Sony in wanting to sue the ass off GeoHotz"

    Oh yes. That's abundantly clear.

    Wait... what?!

    Care to explain your PoV, ideally using a combination of facts and logic?

  26. Sly
    Coat

    Problem with PSN?

    What? PSN hacked? Problem?

    http://chzragecomics.files.wordpress.com/2011/04/rage-comics-problem-console-fanboys.jpg

    Nah... no problem here! ;-)

  27. Anonymous Coward
    Anonymous Coward

    With any luck more hackers will go to prison

    Why anyone would support hacking is beyond me. It's a crime and hopefully the folks who hacked Sony will all end up in prison. Unfortunately those who's details were stolen are likely to sufffer from this hack.

  28. Anonymous Coward
    Anonymous Coward

    Wow, what a lot of unfounded ramblings!

    Chesh's assertions about rebug were always suspect, and have been shown to be nonsense now. Yes, it did enable people to download pretty much anything from the PSN with fake CC numbers. No, this is not the reason the PSN was down, nor does it seem to have been the attack vector.

    The SSL 'crack' you're talking about was not used. There was no modified version of sslsniff, nobody was using wildcarded, null-stringed or any other clever certificate hacking methods to get online.

    You don't need to do that when you have full access to the client, you simply drop in your own new Certificate Authority and hey-presto, you can MITM the connection really easily with a variety of pieces of software, including several custom ones (which is what happened). Then you simply rewrite bits of the version information in-flight. This has been possible since the first write-enabling homebrew emerged for cracked PS3 systems around last October but didn't really take off until around February this year as a way to get back online with custom firmware.

    However with Rebug I don't think even this was necessary as the dev PSN did not do anything like the number of version checks that the retail PSN did.

    All of which is now beside the point as we know that the attack took place using known vulnerabilities in unpatched web servers.

    Oh, and the theory about a botnet - also very unlikely. Since the 3.56 update the CFW community has been unable to create custom firmwares that will get past the enhanced FW integrity checks.

  29. solaries
    Big Brother

    Sony has been Ultraed

    Sony like the Germany thought during WW2 their Ultra could not be broken unfortunately this proven to be a false idea time and again all they did prepare the way for their fall by daring hackers to break into their Playstation network and we have at lest 77 million members who's accounts have been compromise god knows what the hackers are doing with that information. Sony better get it's act together fast if it hopes to the confidence of it's customers.

  30. Anonymous Coward
    Anonymous Coward

    Lockpicking

    Strange how this occurred AFTER the RSA incident ,possibly related .http://www.theregister.co.uk/Design/graphics/icons/comment/grenade_32.png

  31. Anonymous Coward
    Anonymous Coward

    Driving Miss Daisy

    Did they find who they where locking (sic) for ?,apparently this was done to locate a somebody ,and it succeeded .http://www.theregister.co.uk/Design/graphics/icons/comment/pirate_32.png

  32. John 62

    Customers suing? what about the banks?

    The banks will likely have as much to complain about to Sony as the customers. They're the ones who have to cover the costs of fraud. On Sony's scale of transaction processing there must be some requirement for them to keep credit card details adequately secure.

This topic is closed for new posts.

Other stories you might like