# Call of Privacy: Modern Spyware By PlayStation Network



## Nujui (Feb 17, 2011)

<p align=" " class="none">
Long time PS3 Dev SKFU posted a link on IRC and his twitter, to quite an interesting article, discussing the security of PSN, the article is written by a group calling itself “The Anonymous Data Protection Officers“, here it is.



Prologue

Due our objective research of the SONY PlayStation Network, we decrypted nearly 100% of the traffic transferred over proxies, http and https to and from the PSN. Just out of curiosity, not to harm anyone or anything and not like SONY may want people to see it. As SONY calls the scene hackers “evil”, we surely do not address pirates and skiddies, we wondered how SONY is treating
the users’ privacy and rights (remember the Music CD/DVD and USB stick rootkits). After we noticed a few badass functions they have built into the PSN/PS3 functionality, we just call it the “Call of Privacy: Modern Spyware” case.

Below we list and explain a few of the shady PSN functions and data mining stuff. And remember: EVERYONE has a right to know about YOUR OWN PRIVATE data being transferred over the networks !

Sensitive data

Even if a connection is SSL encrypted, companies are aware of the big risk behind custom CA files and it’s possibilities. SONY seems not to care about those known vulnerabilities. It is a big company and a HUGE network. With huge we mean a magnitude of hundreds and even thousands: the PSN utilizes thousands of servers, handled by a very small group of administrators and quality assurance people. (Copied from PS3Hax.net) The IP ranges and domains of these servers are retrievable by anyone, cause this is how the Internet works ! It is all public data and information ! An example is the credit card information and the login authentification itself.

Take a look at the traffic:
creditCard.paymentMethodId=CC_COMPANY&
creditCard.holderName=EXAMPLENAME&
creditCard.cardNumber=1234567890123456&
creditCard.expireYear=2012&creditCard.expireMonth=2&
creditCard.securityCode=123&
creditCard.address.address1=EXAMPLESTREET%2024%20&creditCard.address.city=EXAMPLECITY%20&
creditCard.address.province=EXAMPLEREGION%20&
creditCard.address.postalCode=12345%20
The credit card information should ALWAYS be encrypted. In ANY case. At least the security code. SONY is only relying on it’s https connection. With all those CFWs spreading around, this is not secure anymore. Same goes for the user details:
serviceid=IV0001-NPXS01001_00&
[email protected]&
password=examplepassword&
first=true&
consoleid=EXAMPLEID123
Such sensitive data can now be captured by anyone who builds his own custom firmware with custom certificates. There are enough n00b-friendly tools by now. Means, little scriptkiddies can spread their little CFWs and phish user data. As many of these people are using a third party DNS, they are a potential victim of phishing. At the beginning of the PS3 launch, this user data was even transferred over http ! That being said, we continue with…

Information gathering

The PlayStation Network agreement states that SONY is allowed to collect nearly any data that is connected with your privacy.It is clear, that SONY won’t tell you WHAT they are collecting in the TOS etc., as many people would never accept that TOS. A few month ago we noticed the TOS silently beeing updated without a new user agreement request. It was about that you have the right to contact a “Data Protection Offier” at SCEE, who can can give you details about what data is collected. So we phoned SCEE. Beeing forwarded to many people, it turned out that there is no so called “Data Protection Officer”. Funny right? Shortly after this call, the clause was removed from the TOS. SONY itself told us, that they do not know, what we are talking about regarding this Officer.(Copied from PS3Hax.net) They told us, that there was never such a position inside SONY, neither a phone number. Even the address was non existing ! Still it is an impudence what huge amounts of data they are collecting. One example is an information list which is transfered everytime you login the PSN as well as at some random time.

A few short quotes:
TFT-TV
This is a string sent to SONY which includes your TV model. The list is long and contains a lot more like information about
attached USB devices, your home network, your playtime behaviour, installed games, apps, homebrews or their so called
“circumvention devices” and so on. Details about your Home network, statistics etc.
Modern user tracking we guess  They try to make every PSN user transparent like a glass figurine. It seems that not only
the governments are going for such plans.

The BANHammer

Now SONY is swinging the “mighty” banhammer. Some users are banned, some are only warned. But who warns SONY? Their semi-legal tactics against the enduser are a joke. We again remember their rootkits on Audio Media and USB Sticks.

Just for your interest, we quote a guy from SONY:
Thomas Hesse, President of Sony’s Global Digital Business, literally says: “Most people, I think, don’t even know
what a rootkit is, so why should they care about it?”
This is not an urban legend -> <a href="http://www.techdirt.com/articles/20051108/0117239_F.shtml" target="_blank">http://www.techdirt.com/articles/20051108/0117239_F.shtml</a>

So we could take this for an example and say: “Most people inside SONY don’t even know what security is, so why should they care about it?”
If SONY cares about their customers, why are they treating them like totally douchebags ? Of course the quote does not reflect the view of the company itself, but HELL, this was not from a Jon Doe inside SONY, it was from a Department’s President !

The PSN is a core feature of the PlayStation3, like OtherOS was. So why do they ban the PSN of users who LEGALLY run homebrew (not backups!) on their consoles? Just because they do not like it? It is a fact that reversing a system is legal in most countries all over the world, and if someone who really only wants to run his own code (no, not backups!), which he legally signed and coded without any SONY libraries or documentation, would sue SONY, they would may lose.
Reverse engineering is also allowed for analysing purposes. E.g. is a software/hardware implementing/running, rootkits, spyware, malicious code, security flaws, transferring privacy data and so on. Imagine if this wouldn’t be legal, any antivirus software would brake the law ! The companies of antivurus software are reverse engineering virus code, that is NOT copyrighted by them !

So why are those companies allowed to RE and even PUBLISH their findings to the public but not people like fail0verflow
etc. ? By studying the PSN since it’s launch we know it’s vulnerabilities pretty good right now and unbanning consoles might be as easy as banning consoles. It is an infinite circle of “who-is-better”. Sony just can not, or just don’t want to, make a clear distinction between pirates&skiddies and hackers, who only want to OWN and UTILISE what they OWN and PAID for. Hackers are responsible for creating stuff like the PC, Unix, Windows, Macs, the Internet, the WWW, AAA games etc. Guess what IBM is calling their Cell/Hypervisor docs ? Make an educated guess: Hackers Guide.

Research Hypervisor Hackers Guide:
This document is intended for programmers who wish to discuss the code of the Research Hypervisor Project. It also attempts to introduce the hopes and dreams of the maintainers of the code that, hopefully, will make those dreams a reality.
<a href="http://www.research.ibm.com/hypervisor/HackersGuide.shtml" target="_blank">http://www.research.ibm.com/hypervisor/HackersGuide.shtml</a>

One last thing:
Our research is based on PUBLIC information, Hardware/Software we OWN and PAID for and the right for our PRIVACY to be PROTECTED !
- The Anonymous Data Protection Officers

Psx Scene has an update on this.

A document written by the hackers has clarified what they did and what privacy and security risks they believe the PlayStation 3 poses. The PS3's connection to PSN is protected by SSL. As is common to SSL implementations, the identity of the remote server is verified using a list of certificates stored on each PS3. The credit card and other information is sent over this SSL connection. So far so good; this is all safe, and your web browser depends on the same mechanisms for online purchases.

The concern raised by the hackers is that custom firmwares could subvert this system. A custom firmware can include custom certificates in its trusted list. It can also use custom DNS servers. This raises the prospect of a malicious entity operating his own proxies to snaffle sensitive data. He would distribute a custom firmware that had a certificate corresponding to his proxy, and that used a DNS server that directed PSN connections to the proxy. His proxy would decrypt the data sent to it, and then re-encrypt it and forward it to the real PSN servers.

Such a scheme would be transparent to PSN users (except for any potential performance reduction caused by the proxying), and would give the attacker access to all the information that the PS3 sends to Sony. This information is shown to be extensive, but apart from the credit card data, probably not too sensitive or unreasonable.

As flaws go, the risks here are not substantial. There is no generalized ability for hackers to grab credit cards from PSN users; only those using specially devised custom firmwares would be at risk. Essentially the same risk could be faced by anyone downloading a pirated version of Windows: extra certificates could be added to those normally trusted, along with suitable DNS entries, to allow interception of any traffic destined for, say, amazon.com. In practice, the risk of either of these is slight, and in any case, trivially avoided: don't use custom firmware.
</p>
<a href="http://www.ps3hax.net/2011/02/call-of-privacy-modern-spyware-by-playstation-network/#axzz1EFONyFo8" target="_blank">Source</a>
<a href="http://psx-scene.com/forums/f6/call-privacy-modern-spyware-playstation-network-81141/" target="_blank">Source 2</a>


----------



## Sterling (Feb 17, 2011)

Wow. Yet another reason to not care about the online of the PS3.

>Wonders if Microsoft does the same thing.


----------



## Schlupi (Feb 17, 2011)

Wow. that's FUCKED up. Not cool... I used my credit card on PSN. >_>


----------



## SPH73 (Feb 17, 2011)

Sony confirmed completely evil.... again.


----------



## _Chaz_ (Feb 17, 2011)

Well... that sucks.


----------



## Deleted_171835 (Feb 17, 2011)

I am not surprised.
Companies tend to skimp on the security aspect of their products until it's necessary.


----------



## Wintrale (Feb 17, 2011)

Oh lawl... The only way to get this information is to install custom firmware on your PS3, which failoverflow (or whatever their name is) has made possible with their hacking. Yet Sony are the bad guys? Right, nice one guys. If people weren't happily running around hacking their PS3s, I'm pretty sure Sony would've had some sort of repayment plan for people whose information is stolen via the PS3. This just looks to me like another reason to not see Geohot and that other group as the heroes and martyrs some would try to paint them as. But no, of course, this is all Sony's fault. Hackers have nothing to do with it, even if it's only because of hacking that this information is even known.

Oh, and nice job trying to act like everyone who hacks their PS3 isn't in it for the free games. This whole homebrew crap is just a bad excuse to try to sound altruistic.


----------



## void03 (Feb 17, 2011)

So.. our card information is not safe and now people know how to extract it or something along those lines?
Thanks for telling everyone that.

But yeh..wonder what is gona happen next lol


----------



## Oveneise (Feb 17, 2011)

Sucks for the people who used their credit card on PSN.


----------



## Nujui (Feb 17, 2011)

This is on the front page if people are wondering..


----------



## Joe88 (Feb 17, 2011)

update from psxscene



			
				QUOTE said:
			
		

> A document written by the hackers has clarified what they did and what privacy and security risks they believe the PlayStation 3 poses. The PS3's connection to PSN is protected by SSL. As is common to SSL implementations, the identity of the remote server is verified using a list of certificates stored on each PS3. The credit card and other information is sent over this SSL connection. So far so good; this is all safe, and your web browser depends on the same mechanisms for online purchases.
> 
> The concern raised by the hackers is that custom firmwares could subvert this system. A custom firmware can include custom certificates in its trusted list. It can also use custom DNS servers. This raises the prospect of a malicious entity operating his own proxies to snaffle sensitive data. He would distribute a custom firmware that had a certificate corresponding to his proxy, and that used a DNS server that directed PSN connections to the proxy. His proxy would decrypt the data sent to it, and then re-encrypt it and forward it to the real PSN servers.
> 
> ...


----------



## Nujui (Feb 17, 2011)

Joe88 said:
			
		

> update from psxscene
> 
> 
> 
> ...


Thanks. I  will add to my OP.


----------



## Joe88 (Feb 17, 2011)

basically it only affects people with CFW, from what im understanding anyway
OFW is safe


----------



## Arithmatics (Feb 17, 2011)

void03 said:
			
		

> So.. our card information is not safe and now people know how to extract it or something along those lines?
> Thanks for telling everyone that.
> 
> But yeh..wonder what is gona happen next lol



Its more along the lines of assuring people sony doesn't care about their customers. hence why cyber-crime is abundant. 

QUIK! CANCEL UR PiSiN' account!


----------



## elimist (Feb 17, 2011)

Wintrale said:
			
		

> Oh lawl... The only way to get this information is to install custom firmware on your PS3, which failoverflow (or whatever their name is) has made possible with their hacking.
> because Sony does not want you to know?
> 
> QUOTE(Wintrale @ Feb 17 2011, 02:42 PM) But no, of course, this is all Sony's fault. Hackers have nothing to do with it, even if it's only because of hacking that this information is even known.


you would rather not know that your info is being sent to Sony?!??


----------



## notmeanymore (Feb 17, 2011)

Eagerly awaiting the Xbox 360 edition.

And now, if I ever own a PS3, I'm so not getting PSN.


----------



## Nobunaga (Feb 17, 2011)

why i am not surprised  sony wants to know everything about the pirates(hackers) hun?


----------



## KingAsix (Feb 17, 2011)

So if im not using any hacks or custom firmware im good.....Cause im bout to hope on PSN and take my credit card off REAL quick


----------



## Arithmatics (Feb 17, 2011)

Joe88 said:
			
		

> basically it only affects people with CFW, from what im understanding anyway
> OFW is safe



did you just read your update? or did you read the whole thing?

because it's clear that OFW is still affected. Same shiz is still being sent to Sony but with the exception of CFW, this shiz isn't sent to the CFW maker's servers.


----------



## KingAsix (Feb 17, 2011)

HOLY SHIT!!! Im canceling my shit right now


----------



## Rydian (Feb 17, 2011)

It's not just CFW users, but also custom DNS users (say, those that were on 3.15 a while back and still wanted PSN access).  FAST did a post about how using DNS servers you find online for bypassing stuff isn't safe, and this information is a great example.


----------



## ThePowerOutage (Feb 17, 2011)

Wintrale said:
			
		

> Oh lawl... The only way to get this information is to install custom firmware on your PS3, which failoverflow (or whatever their name is) has made possible with their hacking. Yet Sony are the bad guys? Right, nice one guys. If people weren't happily running around hacking their PS3s, I'm pretty sure Sony would've had some sort of repayment plan for people whose information is stolen via the PS3. This just looks to me like another reason to not see Geohot and that other group as the heroes and martyrs some would try to paint them as. But no, of course, this is all Sony's fault. Hackers have nothing to do with it, even if it's only because of hacking that this information is even known.
> 
> Oh, and nice job trying to act like everyone who hacks their PS3 isn't in it for the free games. This whole homebrew crap is just a bad excuse to try to sound altruistic.


So many things wrong:

SONY sent UNENCRYPTED credit card information over the internet, their only protection been https

People do hack their PS3s for reasons other than piracy. Just because it's the only reason you would do it doesn't mean its the only reason everyone else would do it.


----------



## Arithmatics (Feb 17, 2011)

TehSkull said:
			
		

> Eagerly awaiting the Xbox 360 edition.
> 
> Fat chance. Microsoft gave up on their console ages ago. Sony is just feeling threatened because they want to make sure their NGP is 110% free or hacks
> 
> ...



+1

its like jailbreaking your iPhone/iPod/Apple product.

Why else would YOU do it if your main goal was to get free full version apps?


----------



## elimist (Feb 17, 2011)

Elza said:
			
		

> why i am not surprised  sony wants to know everything about *everyone*?


fixed


----------



## baramos (Feb 17, 2011)

I'm not seeing the big deal here SSL is secure if used right so if your on OFW your safe. On CFW there's a chance a cert maybe was added and an ip changed so its your risk. That other info being sent is pretty much what you would expect I can only imagine Microsoft is doing the same with the 360.

Also someone said SONY sent UNENCRYPTED credit card information over the internet, their only protection been https which is an oxymoron because that S in https basically means it's encrypted via SSL.


----------



## Jamstruth (Feb 17, 2011)

Wintrale said:
			
		

> Oh lawl... The only way to get this information is to install custom firmware on your PS3, which failoverflow (or whatever their name is) has made possible with their hacking. Yet Sony are the bad guys? Right, nice one guys. If people weren't happily running around hacking their PS3s, I'm pretty sure Sony would've had some sort of repayment plan for people whose information is stolen via the PS3. This just looks to me like another reason to not see Geohot and that other group as the heroes and martyrs some would try to paint them as. But no, of course, this is all Sony's fault. Hackers have nothing to do with it, even if it's only because of hacking that this information is even known.
> 
> Oh, and nice job trying to act like everyone who hacks their PS3 isn't in it for the free games. This whole homebrew crap is just a bad excuse to try to sound altruistic.
> Sony's security was so broken it was going to get discovered eventually. The dudes were sending UNENCRYPTED credit card info. Depending only on an https connection to keep data safe. This is a big flaw that Sony needs to rectify right now. Fail0verflow highlighted the security flaws and fiddled with them to get their own, un-copyrighted code run they did not have anything to do with the hackers though they are indirectly responsible for that.
> ...


Clearly this isn't enough. The system is insecure enough the fail0verflow sniffed the traffic. They make a point of saying that most companies use an extra layer of encryption i.e. send already encrypted data in an encrypted stream. Only the 2 ends have the keys so only those ends can unlock the data gained from the stream.

Edit2: Re-read that bit. I think what it is is that Sony are storing the files on their servers in an unencrypted form. Basically only the stream is encrypted. Guess what? We can get to that stream now so we can get directly to their servers. Even if we couldn't the data should be stored in an encrypted filesystem so even if you got past its firewalls the normal way it would need to be decoded.


----------



## baramos (Feb 17, 2011)

Jamstruth said:
			
		

> Wintrale said:
> 
> 
> 
> ...


There is no way to prove how Sony is storing the data on there side for sure without first hand knowledge or hacking into them, but that's the same for every other place you ever give your credit card info. Needless to say SSL is fine and the PS3 OFW is fine, the main point of that article seemed to be what data they transferred and the chance for a man in the middle attack via a CFW.


----------



## EpicJungle (Feb 17, 2011)

Whoa. Thanks goodness i hesitated to buy a game on the PSN...
Hope something will stop this


----------



## Slyakin (Feb 17, 2011)

Goddamit. PSN has some really good downloadable games.

Maybe I should just limit myself to those download card at Gamestop... Eww.


----------



## Yuan (Feb 17, 2011)

Wintrale said:
			
		

> Oh lawl... The only way to get this information is to install custom firmware on your PS3, which failoverflow (or whatever their name is) has made possible with their hacking. Yet Sony are the bad guys? Right, nice one guys. If people weren't happily running around hacking their PS3s, I'm pretty sure Sony would've had some sort of repayment plan for people whose information is stolen via the PS3. This just looks to me like another reason to not see Geohot and that other group as the heroes and martyrs some would try to paint them as. But no, of course, this is all Sony's fault. Hackers have nothing to do with it, even if it's only because of hacking that this information is even known.
> 
> Oh, and nice job trying to act like everyone who hacks their PS3 isn't in it for the free games. This whole homebrew crap is just a bad excuse to try to sound altruistic.



Some common sense. People don't even care to read the topic and say Sony is evil blablabla.


----------



## ShadowSoldier (Feb 17, 2011)

Wintrale said:
			
		

> Oh lawl... The only way to get this information is to install custom firmware on your PS3, which failoverflow (or whatever their name is) has made possible with their hacking. Yet Sony are the bad guys? Right, nice one guys. If people weren't happily running around hacking their PS3s, I'm pretty sure Sony would've had some sort of repayment plan for people whose information is stolen via the PS3. This just looks to me like another reason to not see Geohot and that other group as the heroes and martyrs some would try to paint them as. But no, of course, this is all Sony's fault. Hackers have nothing to do with it, even if it's only because of hacking that this information is even known.
> 
> *Oh, and nice job trying to act like everyone who hacks their PS3 isn't in it for the free games. This whole homebrew crap is just a bad excuse to try to sound altruistic.*



Yes, god forbid there are actual genuine people out there such as my friend and my older sisters boyfriend, who hacked their PS3 to allow homebrew only and loading off of HDD's with games ripped themselves. Yes, EVERYBODY is a pirate. There's no innocent people right? Jackass.


----------



## Maedhros (Feb 17, 2011)

SPH73 said:
			
		

> Sony confirmed completely evil.... again.


Again you post shit without reading it right.
Only affects CFW and users using tricks to access PSN.

Nothing to be alarmed, AGAIN. =)

EDIT:
@ShadowSoldier
It's the price the legit homebrews users have to pay because of the pirates doing what they want on PSN.

These guys are getting desperate... it's always like this. First they say they don't need it (PSN), then they start to try make Sony look like "THE EVIL". And the idiots buy all this shit.


----------



## Yuan (Feb 17, 2011)

Maedhros said:
			
		

> SPH73 said:
> 
> 
> 
> ...



You are missing the point. Sony is evil even if scammers make CFW to steal your data.


----------



## ShadowSoldier (Feb 17, 2011)

Maedhros said:
			
		

> SPH73 said:
> 
> 
> 
> ...



So what, PSN is a broken service anyways. Even before all the fuss with GeoHot and the hacks came out, it was still broken. Instead of Sony doing anything, they leave it up to the developers themselves, such was the case with....Modern Warfare 2? I forget, I don't play the games, but I remember reading about it, someone doing all the hacking, and Sony said "You have to talk to Infinity Ward" about it. While the same hacks were going on with the Xbox, Microsoft just flat out banned them themselves.


----------



## Stevetry (Feb 17, 2011)

sweet tittle for the tread 


anyway this really worries me anyway to delete a psn account ?


----------



## Maedhros (Feb 17, 2011)

ShadowSoldier said:
			
		

> Maedhros said:
> 
> 
> 
> ...


The fuck you're talking about?

Of course before the PSN being full of hackers, if you actually saw one hacker/cheater on the game, it's because the GAME ITSELF (that's exactly the case with MW2, which some people could use God Mod even before the jailbreaks started, if I'm not mistaken) was flawed, not the PSN. It obvious Sony would say that.

Why does someone blame SONY for Infinity Ward making the use of God Mode possible on the game?

@Stevitry

Think about Amazon... it's the same here. It uses SSL, so there's no problem at all.


----------



## GreatZimkogway (Feb 18, 2011)

Wintrale said:
			
		

> Oh lawl... The only way to get this information is to install custom firmware on your PS3, which failoverflow (or whatever their name is) has made possible with their hacking. Yet Sony are the bad guys? Right, nice one guys. If people weren't happily running around hacking their PS3s, I'm pretty sure Sony would've had some sort of repayment plan for people whose information is stolen via the PS3. This just looks to me like another reason to not see Geohot and that other group as the heroes and martyrs some would try to paint them as. But no, of course, this is all Sony's fault. Hackers have nothing to do with it, even if it's only because of hacking that this information is even known.
> 
> *Oh, and nice job trying to act like everyone who hacks their PS3 isn't in it for the free games. This whole homebrew crap is just a bad excuse to try to sound altruistic.*



I have my PS3 hacked.  Why?  I don't have the connection speed OR the want to download free games.  Not worth it.  No.  I want to be able to put whatever the fuck on there I want to.  I hacked it so I could play video file types that aren't natively supported by it eventually.  

You're right that the majority of users are, but you saying that the "homebrew" reason is crap is being a fucking dipshit yourself.  That's like saying anyone who jailbreaks an iProduct or roots an Android phone wants nothing more then free apps.  Get your head out of your ass.


----------



## jalaneme (Feb 18, 2011)

SPH73 said:
			
		

> Sony confirmed completely evil.... again.


----------



## ShadowSoldier (Feb 18, 2011)

jalaneme said:
			
		

> SPH73 said:
> 
> 
> 
> > Sony confirmed completely evil.... again.


----------



## RPG_Lover (Feb 18, 2011)

shinkukage09 said:
			
		

> Wintrale said:
> 
> 
> 
> ...



I don't have a PS3 yet, but I'd *love *to see a XBMC port to the PS3. That would definitely encourage me to save the cash to get one.


----------



## Mylar (Feb 18, 2011)

QUOTE said:
			
		

> Oh, and nice job trying to act like everyone who hacks their PS3 isn't in it for the free games. This whole homebrew crap is just a bad excuse to try to sound altruistic.



I have my Wii hacked to use it as a media device, it mostly gets used to watch old cartoons.

I have DS flashcarts, guess what the very first thing I played on my flashcart was.... Nethack.

The PS3 hack is still pretty new, give it time, the homebrew will show up.


----------



## MelodieOctavia (Feb 18, 2011)

I came in here completely expecting someone (once again) saying that people who purely use homebrew are bullshitting everyone and/or they do not exist. I wasn't disappointed.


----------



## BedtimeGuy (Feb 18, 2011)

really not that big of a deal as long as you trust your CFW or aren't on a CFW. but seriously, was i the only one VERY disturbed by the OTHER data they were gathering?? this seems to be a bigger point in the article! i don't want Sony knowing how much i play which games, what kind of TV i have, and what kinds of devices i plug in! that's bullshit! there's no way they should be allowed to do that...

so yeah, this DOES add the the perceived level of evil that Sony has, because they are unnecessarily gathering data about each specific console, not even just anonymously, but they know that YOUR PSN account corresponds to that set of data... scary, right? and you also seemed to have missed the bit where the hacker complained about their shaky legal grounds...  furthermore, there ARE people who hack and refuse to pirate, a friend of mine is one of those, and he enjoys being VERY high and mighty about it :\


----------



## Maedhros (Feb 18, 2011)

Where the hell did you see they actually use this data?

Do you know that, if you buy something online, the same type of information is sended? What's the big deal, people do that everyday.

And again with this "CFW and refuse to pirate"? Say to your friend for him to blame the other cheaters and the pirates, everyone pay because of these type of people.


----------



## shakirmoledina (Feb 18, 2011)

then this is another thing besides the hacked piece of coding that sony doesnt seem to have worked on perfectly. maybe ppl are trying to find faults in every part of the console...


----------



## TheDarkSeed (Feb 18, 2011)

Then privacy was probably one of the "features" they removed to keep the cost of the ps3 down. I hope they don't do the same with the NGP.

Although I think something like that should've been a necessity rather than a feature...


----------



## Sterling (Feb 18, 2011)

baffle-boy said:
			
		

> really not that big of a deal as long as you trust your CFW or aren't on a CFW. but seriously, was i the only one VERY disturbed by the OTHER data they were gathering?? this seems to be a bigger point in the article! i don't want Sony knowing how much i play which games, what kind of TV i have, and what kinds of devices i plug in! that's bullshit! there's no way they should be allowed to do that...
> 
> so yeah, this DOES add the the perceived level of evil that Sony has, because they are unnecessarily gathering data about each specific console, not even just anonymously, but they know that YOUR PSN account corresponds to that set of data... scary, right? and you also seemed to have missed the bit where the hacker complained about their shaky legal grounds...  furthermore, there ARE people who hack and refuse to pirate, a friend of mine is one of those, and he enjoys being VERY high and mighty about it :\
> Honestly it could extend beyond all that, and if they wanted to (See the bit below), I bet they could prevent certain TVs from working with the PS3. Not only would this piss me off, but I would just say fuck it, and move on to console that would matter to me at that point in time.
> ...



Man, if they can get your TV model, they can also see what you have been viewing, and when, whether or not you know or care. Some internet connections are also home and office networks. If they want to, they could also sniff the other parts of the network (I hope I am correct. Where's Rydian when you need him).


----------



## Rydian (Feb 18, 2011)

Pretty sure they can't get what you've been watching on TV.

But yes, if they really wanted to they could sniff whatever else is going on with your home network if it's unsecured, but even Sony's not THAT retarded, that's like cocksmacking a landmine which is holding back a flow of radioactive lava which is holding back the antichrist.



That said, I have never seen evidence that PSN game hacking/cheating is related to the PS3 being hacked.  Everybody thinks it because they need an outlet for their anger, but it's just glitchers.  I mean this has been happening since years before the PS3 got hacked...


----------



## Cuelhu (Feb 18, 2011)

TheDarkSeed said:
			
		

> Then privacy was probably one of the "features" they removed to keep the cost of the ps3 down. I hope they don't do the same with the NGP.
> 
> Although I think something like that should've been a necessity rather than a feature...


with GPS on NGP they'll now track you down wherever you go.


----------



## Hop2089 (Feb 18, 2011)

Sony=Nanny Network

They are the ultimate form of big brother snooping on you at anytime and anywhere.  If you log in to the PS forums then you may also know that you can find out your previous IP you logged in from, it's in the control panel in plain sight not hidden at all.


----------



## Rydian (Feb 18, 2011)

Hop2089 said:
			
		

> Sony=Nanny Network
> 
> They are the ultimate form of big brother snooping on you at anytime and anywhere.  If you log in to the PS forums then you may also know that you can find out your previous IP you logged in from, it's in the control panel in plain sight not hidden at all.


Most large forums log IPs, and many MMO games for the PC do as well.  Hell, runescape displays it to you on login so you can know really quickly if something's wrong.

It's so if somebody else hacks your account they can see that it's not actually you, that there was unusual activity.


----------



## Arras (Feb 18, 2011)

Rydian said:
			
		

> Hop2089 said:
> 
> 
> 
> ...


GMail does it as well, just not in plain sight. For the same reason: Knowing if someone else if messing with your account.


----------



## Maedhros (Feb 18, 2011)

God... people are so fuck'n retarded, I'm getting sick...


----------



## Sterling (Feb 18, 2011)

Maedhros said:
			
		

> God... people are so fuck'n retarded, I'm getting sick...


I'm getting sick of you man. For one, you're not very good at debating. Sometimes, I can barely understand the point you're trying to prove, and most of the time, said point is not only a generalization, but wrong. Not saying I'm much better, but if you got sick, maybe it would keep you away long enough for more productive discussions. (Also, calling people retarded doesn't help you or anyone else's case. Just because they don't agree with you, doesn't mean they're retarded. Its offensive man.)

@Rydian: I don't know about that. Sony not only has experience in the illegal (rootkits, etc), but also cover ups too. If they wanted to sniff your network, and delete stuff, then they could. This was before CFW users could sniff what the PS3 is sniffing. I wasn't talking about TV either, I was talking about movies and DVDs, and blu-rays you play in you PS3.


----------



## Rydian (Feb 18, 2011)

The PSN agreement (at least this latest) says they can record the data of what you play on the PS3, yeah.


----------



## Maedhros (Feb 18, 2011)

Argentum Vir said:
			
		

> Maedhros said:
> 
> 
> 
> ...


I'm not talking about anyone here.

You can always use this forum option (Ignore posts from this user) to not read what I post. I don't care if you don't like what I post or not.

Only crazy people believe that Sony will invade everyone privacy, when google does THE SAME everyday and with EVERYONE who uses the internet.


----------



## Sterling (Feb 18, 2011)

Maedhros said:
			
		

> I'm not talking about anyone here.
> 
> You can always use this forum option (Ignore posts from this user) to not read what I post. I don't care if you don't like what I post or not.
> 
> Only crazy people believe that Sony will invade everyone privacy, when google does THE SAME everyday and with EVERYONE who uses the internet.


That isn't the first time you've commented on the iq level of forum users...

What would I get from ignoring you? The only that would come out of that is not being able to prove you wrong when needed.

Only naive people and sheep will believe they won't and haven't. The unneeded data they take isn't necessary, and the only use it is for them is to spy on you. I'm glad that CFW has the power to do this. Now I know I won't be getting another Sony console for use on their network. I have no quarrel with Google. They have so many things to analyze and use data its not even funny. They need this data, but Sony doesn't.


----------



## Sausage Head (Feb 18, 2011)

the ps3 with psn is basically a fucked up mess right now.

lolwut?


----------



## Maedhros (Feb 18, 2011)

Argentum Vir said:
			
		

> Maedhros said:
> 
> 
> 
> ...


Study "Data Mining". All the biggest companies/banks/government in the world knows what you do, what you eat, your interests, etc. Sony isn't alone on this.
And you really believe Google don't analyze the data they receive?? You're as naive as me (as you're saying) if you believe that... =)

I'm not very good with conspiracy theories. I'll leave you to believe the hell you want.


----------



## SylvWolf (Feb 19, 2011)

So, okay, yeah, Sony bashing. Please explain a few points:

1. How is it Sony's fault if a CFW takes your credit card info? You decided to install it, against their warnings. They offer no protection here, and shouldn't. SSL is also fairly standard. I don't see the issue.

2. Data mining. Gonna break this one down:
--a. TV model: I use a couple different Sylvania TVs (SD and HD). Whoop-de-doo.
--b. USB Devices: I've used a few flash drives, my PSP, my controller charger. Again, not sure what the problem is.
--c. Playtime: Steam does the same thing and no one complains. Why is this a big deal again?
--d. Don't a lot of companies do very similar things? GMail ads always seem to relate to my emails, but they're not an evil empire. Why is Sony?

I guess my main point is that this isn't that bad. It might not bode well for the future or something, but right now, how is Sony equivalent to the devil, as so many people claim? The information they're collecting isn't that invasive, and I don't see how it affects legitimate users (if this changed in the future, it'd be a big deal). Most of the problems contained in the post come from using a hacked PS3 online (CFW sending CC info somewhere, collecting info about hacks, etc.). The fact that people are upset about this baffles me. If you want your PS3 hacked (for homebrew, piracy, unicorns, whatever, it's not relevant), DO NOT take it online. Where are you getting the notion that you can do something Sony doesn't want you to do to their console and still use their services? I've pirated a bit on the PC,  but I've never taken any of those games online at all. There are ways to do this, but they're about using private servers and such, not about using official game servers.

Now if the argument is gonna boil down to that the PS3 is like a computer, and hacking should free it up, then that's another discussion entirely. Something like that might happen in a future console generation, but for now, a certain line has been drawn, and there are limitations on what you can do with a PS3/XBOX.

Keep in mind that I have pirated a fair share myself. However, I don't have any delusions of grandeur about it, and don't expect to be treated like a legitimate customer. I don't know if people here are spoiled by the DS/Wii or something, but game companies are always going to fight back against piracy, and restriction of online services is a prime way of doing so.

*TL;DR* - I'm sick of people demonizing Sony over everything, and of sensationalist titles like in this thread. Maybe I'm just tired of the rampant Nintendo fanboyism here or something.

Well that was a mouthful. Get your flamethrowers boys, I've got my shield.


----------



## Maverick_z (Feb 19, 2011)

this is like reading a godamn novel jesus fucking christ


----------



## Maedhros (Feb 19, 2011)

SylvWolf said:
			
		

> So, okay, yeah, Sony bashing. Please explain a few points:
> 
> 1. How is it Sony's fault if a CFW takes your credit card info? You decided to install it, against their warnings. They offer no protection here, and shouldn't. SSL is also fairly standard. I don't see the issue.
> 
> ...


Thanks man, great post.


----------



## Yuan (Feb 19, 2011)

Maedhros said:
			
		

> Spoiler
> 
> 
> 
> ...



Indeed, more common sense on this nest of haters.


----------

