Call of Privacy: Modern Spyware By PlayStation Network

Discussion in 'User Submitted News' started by Nujui, Feb 17, 2011.

  1. Nujui
    OP

    Member Nujui I need something to do.

    Joined:
    Aug 12, 2010
    Messages:
    3,933
    Location:
    Dreamland.
    Country:
    United States
    <p align=" " class="none">
    Long time PS3 Dev SKFU posted a link on IRC and his twitter, to quite an interesting article, discussing the security of PSN, the article is written by a group calling itself “The Anonymous Data Protection Officers“, here it is.



    Prologue

    Due our objective research of the SONY PlayStation Network, we decrypted nearly 100% of the traffic transferred over proxies, http and https to and from the PSN. Just out of curiosity, not to harm anyone or anything and not like SONY may want people to see it. As SONY calls the scene hackers “evil”, we surely do not address pirates and skiddies, we wondered how SONY is treating
    the users’ privacy and rights (remember the Music CD/DVD and USB stick rootkits). After we noticed a few badass functions they have built into the PSN/PS3 functionality, we just call it the “Call of Privacy: Modern Spyware” case.

    Below we list and explain a few of the shady PSN functions and data mining stuff. And remember: EVERYONE has a right to know about YOUR OWN PRIVATE data being transferred over the networks !

    Sensitive data

    Even if a connection is SSL encrypted, companies are aware of the big risk behind custom CA files and it’s possibilities. SONY seems not to care about those known vulnerabilities. It is a big company and a HUGE network. With huge we mean a magnitude of hundreds and even thousands: the PSN utilizes thousands of servers, handled by a very small group of administrators and quality assurance people. (Copied from PS3Hax.net) The IP ranges and domains of these servers are retrievable by anyone, cause this is how the Internet works ! It is all public data and information ! An example is the credit card information and the login authentification itself.

    Take a look at the traffic:
    creditCard.paymentMethodId=CC_COMPANY&
    creditCard.holderName=EXAMPLENAME&
    creditCard.cardNumber=1234567890123456&
    creditCard.expireYear=2012&creditCard.expireMonth=2&
    creditCard.securityCode=123&
    creditCard.address.address1=EXAMPLESTREET%2024%20&creditCard.address.city=EXAMPLECITY%20&
    creditCard.address.province=EXAMPLEREGION%20&
    creditCard.address.postalCode=12345%20
    The credit card information should ALWAYS be encrypted. In ANY case. At least the security code. SONY is only relying on it’s https connection. With all those CFWs spreading around, this is not secure anymore. Same goes for the user details:
    serviceid=IV0001-NPXS01001_00&
    loginid=example@mail.com&
    password=examplepassword&
    first=true&
    consoleid=EXAMPLEID123
    Such sensitive data can now be captured by anyone who builds his own custom firmware with custom certificates. There are enough n00b-friendly tools by now. Means, little scriptkiddies can spread their little CFWs and phish user data. As many of these people are using a third party DNS, they are a potential victim of phishing. At the beginning of the PS3 launch, this user data was even transferred over http ! That being said, we continue with…

    Information gathering

    The PlayStation Network agreement states that SONY is allowed to collect nearly any data that is connected with your privacy.It is clear, that SONY won’t tell you WHAT they are collecting in the TOS etc., as many people would never accept that TOS. A few month ago we noticed the TOS silently beeing updated without a new user agreement request. It was about that you have the right to contact a “Data Protection Offier” at SCEE, who can can give you details about what data is collected. So we phoned SCEE. Beeing forwarded to many people, it turned out that there is no so called “Data Protection Officer”. Funny right? Shortly after this call, the clause was removed from the TOS. SONY itself told us, that they do not know, what we are talking about regarding this Officer.(Copied from PS3Hax.net) They told us, that there was never such a position inside SONY, neither a phone number. Even the address was non existing ! Still it is an impudence what huge amounts of data they are collecting. One example is an information list which is transfered everytime you login the PSN as well as at some random time.

    A few short quotes:
    TFT-TV
    This is a string sent to SONY which includes your TV model. The list is long and contains a lot more like information about
    attached USB devices, your home network, your playtime behaviour, installed games, apps, homebrews or their so called
    “circumvention devices” and so on. Details about your Home network, statistics etc.
    Modern user tracking we guess They try to make every PSN user transparent like a glass figurine. It seems that not only
    the governments are going for such plans.

    The BANHammer

    Now SONY is swinging the “mighty” banhammer. Some users are banned, some are only warned. But who warns SONY? Their semi-legal tactics against the enduser are a joke. We again remember their rootkits on Audio Media and USB Sticks.

    Just for your interest, we quote a guy from SONY:
    Thomas Hesse, President of Sony’s Global Digital Business, literally says: “Most people, I think, don’t even know
    what a rootkit is, so why should they care about it?”
    This is not an urban legend -> <a href="http://www.techdirt.com/articles/20051108/0117239_F.shtml" target="_blank">http://www.techdirt.com/articles/20051108/0117239_F.shtml</a>

    So we could take this for an example and say: “Most people inside SONY don’t even know what security is, so why should they care about it?”
    If SONY cares about their customers, why are they treating them like totally douchebags ? Of course the quote does not reflect the view of the company itself, but HELL, this was not from a Jon Doe inside SONY, it was from a Department’s President !

    The PSN is a core feature of the PlayStation3, like OtherOS was. So why do they ban the PSN of users who LEGALLY run homebrew (not backups!) on their consoles? Just because they do not like it? It is a fact that reversing a system is legal in most countries all over the world, and if someone who really only wants to run his own code (no, not backups!), which he legally signed and coded without any SONY libraries or documentation, would sue SONY, they would may lose.
    Reverse engineering is also allowed for analysing purposes. E.g. is a software/hardware implementing/running, rootkits, spyware, malicious code, security flaws, transferring privacy data and so on. Imagine if this wouldn’t be legal, any antivirus software would brake the law ! The companies of antivurus software are reverse engineering virus code, that is NOT copyrighted by them !

    So why are those companies allowed to RE and even PUBLISH their findings to the public but not people like fail0verflow
    etc. ? By studying the PSN since it’s launch we know it’s vulnerabilities pretty good right now and unbanning consoles might be as easy as banning consoles. It is an infinite circle of “who-is-better”. Sony just can not, or just don’t want to, make a clear distinction between pirates&skiddies and hackers, who only want to OWN and UTILISE what they OWN and PAID for. Hackers are responsible for creating stuff like the PC, Unix, Windows, Macs, the Internet, the WWW, AAA games etc. Guess what IBM is calling their Cell/Hypervisor docs ? Make an educated guess: Hackers Guide.

    Research Hypervisor Hackers Guide:
    This document is intended for programmers who wish to discuss the code of the Research Hypervisor Project. It also attempts to introduce the hopes and dreams of the maintainers of the code that, hopefully, will make those dreams a reality.
    <a href="http://www.research.ibm.com/hypervisor/HackersGuide.shtml" target="_blank">http://www.research.ibm.com/hypervisor/HackersGuide.shtml</a>

    One last thing:
    Our research is based on PUBLIC information, Hardware/Software we OWN and PAID for and the right for our PRIVACY to be PROTECTED !
    - The Anonymous Data Protection Officers

    Psx Scene has an update on this.

    A document written by the hackers has clarified what they did and what privacy and security risks they believe the PlayStation 3 poses. The PS3's connection to PSN is protected by SSL. As is common to SSL implementations, the identity of the remote server is verified using a list of certificates stored on each PS3. The credit card and other information is sent over this SSL connection. So far so good; this is all safe, and your web browser depends on the same mechanisms for online purchases.

    The concern raised by the hackers is that custom firmwares could subvert this system. A custom firmware can include custom certificates in its trusted list. It can also use custom DNS servers. This raises the prospect of a malicious entity operating his own proxies to snaffle sensitive data. He would distribute a custom firmware that had a certificate corresponding to his proxy, and that used a DNS server that directed PSN connections to the proxy. His proxy would decrypt the data sent to it, and then re-encrypt it and forward it to the real PSN servers.

    Such a scheme would be transparent to PSN users (except for any potential performance reduction caused by the proxying), and would give the attacker access to all the information that the PS3 sends to Sony. This information is shown to be extensive, but apart from the credit card data, probably not too sensitive or unreasonable.

    As flaws go, the risks here are not substantial. There is no generalized ability for hackers to grab credit cards from PSN users; only those using specially devised custom firmwares would be at risk. Essentially the same risk could be faced by anyone downloading a pirated version of Windows: extra certificates could be added to those normally trusted, along with suitable DNS entries, to allow interception of any traffic destined for, say, amazon.com. In practice, the risk of either of these is slight, and in any case, trivially avoided: don't use custom firmware.
    </p>
    <a href="http://www.ps3hax.net/2011/02/call-of-privacy-modern-spyware-by-playstation-network/#axzz1EFONyFo8" target="_blank">Source</a>
    <a href="http://psx-scene.com/forums/f6/call-privacy-modern-spyware-playstation-network-81141/" target="_blank">Source 2</a>
     


  2. Sterling

    Member Sterling GBAtemp's Silver Hero

    Joined:
    Jan 22, 2009
    Messages:
    4,023
    Location:
    Texas
    Country:
    United States
    Wow. Yet another reason to not care about the online of the PS3.

    >Wonders if Microsoft does the same thing.
     
  3. Schlupi

    Member Schlupi Gbatemp's Official Earthbound Maniac™

    Joined:
    Aug 31, 2007
    Messages:
    3,985
    Location:
    Rozen Queen Co, Chicago Branch
    Country:
    United States
    Wow. that's FUCKED up. Not cool... I used my credit card on PSN. >_>
     
  4. SPH73

    Banned SPH73 Banned

    Joined:
    Sep 2, 2008
    Messages:
    889
    Country:
    United States
    Sony confirmed completely evil.... again.
     
  5. _Chaz_

    Member _Chaz_ GBAtemp's Official Mook™

    Joined:
    Sep 12, 2009
    Messages:
    5,624
    Country:
    United States
    Well... that sucks.
     
  6. soulx

    Member soulx GBAtemp Legend

    Joined:
    Apr 4, 2009
    Messages:
    10,130
    Country:
    Canada
    I am not surprised.
    Companies tend to skimp on the security aspect of their products until it's necessary.
     
  7. Wintrale

    Member Wintrale GBAtemp Advanced Fan

    Joined:
    May 19, 2009
    Messages:
    713
    Location:
    Kent, England
    Country:
    United Kingdom
    Oh lawl... The only way to get this information is to install custom firmware on your PS3, which failoverflow (or whatever their name is) has made possible with their hacking. Yet Sony are the bad guys? Right, nice one guys. If people weren't happily running around hacking their PS3s, I'm pretty sure Sony would've had some sort of repayment plan for people whose information is stolen via the PS3. This just looks to me like another reason to not see Geohot and that other group as the heroes and martyrs some would try to paint them as. But no, of course, this is all Sony's fault. Hackers have nothing to do with it, even if it's only because of hacking that this information is even known.

    Oh, and nice job trying to act like everyone who hacks their PS3 isn't in it for the free games. This whole homebrew crap is just a bad excuse to try to sound altruistic.
     
  8. void03

    Newcomer void03 Advanced Member

    Joined:
    May 17, 2009
    Messages:
    91
    Country:
    United Kingdom
    So.. our card information is not safe and now people know how to extract it or something along those lines?
    Thanks for telling everyone that.

    But yeh..wonder what is gona happen next lol
     
  9. Oveneise

    Member Oveneise GBAtemp Advanced Fan

    Joined:
    Nov 22, 2010
    Messages:
    517
    Location:
    Minnesota
    Country:
    United States
    Sucks for the people who used their credit card on PSN.
     
  10. Nujui
    OP

    Member Nujui I need something to do.

    Joined:
    Aug 12, 2010
    Messages:
    3,933
    Location:
    Dreamland.
    Country:
    United States
    This is on the front page if people are wondering..
     
  11. Joe88

    Member Joe88 [λ]

    Joined:
    Jan 6, 2008
    Messages:
    11,192
    Location:
    NYC
    Country:
    United States
    update from psxscene

     
  12. Nujui
    OP

    Member Nujui I need something to do.

    Joined:
    Aug 12, 2010
    Messages:
    3,933
    Location:
    Dreamland.
    Country:
    United States
    Thanks. I will add to my OP.
     
  13. Joe88

    Member Joe88 [λ]

    Joined:
    Jan 6, 2008
    Messages:
    11,192
    Location:
    NYC
    Country:
    United States
    basically it only affects people with CFW, from what im understanding anyway
    OFW is safe
     
  14. Arithmatics

    Member Arithmatics I'll be holding on to you. ;}

    Joined:
    Jan 29, 2009
    Messages:
    1,050
    Country:
    Malaysia
    Its more along the lines of assuring people sony doesn't care about their customers. hence why cyber-crime is abundant.

    QUIK! CANCEL UR PiSiN' account!
     
  15. elimist

    Member elimist GBAtemp Regular

    Joined:
    Mar 31, 2009
    Messages:
    282
    Country:
    United States
    you would rather not know that your info is being sent to Sony?!?? [​IMG]
     
  16. TehSkull

    Member TehSkull Living the life

    Joined:
    Nov 29, 2009
    Messages:
    2,700
    Location:
    Louisiana
    Country:
    United States
    Eagerly awaiting the Xbox 360 edition.

    And now, if I ever own a PS3, I'm so not getting PSN.
     
  17. Nobunaga

    Member Nobunaga Empty

    Joined:
    Apr 19, 2010
    Messages:
    2,052
    Country:
    Greece
    why i am not surprised sony wants to know everything about the pirates(hackers) hun?
     
  18. JinTrigger

    Member JinTrigger Asentrix Studios

    Joined:
    Jun 25, 2008
    Messages:
    1,550
    Location:
    Lunesta/Mysteria
    Country:
    United States
    So if im not using any hacks or custom firmware im good.....Cause im bout to hope on PSN and take my credit card off REAL quick
     
  19. Arithmatics

    Member Arithmatics I'll be holding on to you. ;}

    Joined:
    Jan 29, 2009
    Messages:
    1,050
    Country:
    Malaysia
    did you just read your update? or did you read the whole thing?

    because it's clear that OFW is still affected. Same shiz is still being sent to Sony but with the exception of CFW, this shiz isn't sent to the CFW maker's servers.
     
  20. JinTrigger

    Member JinTrigger Asentrix Studios

    Joined:
    Jun 25, 2008
    Messages:
    1,550
    Location:
    Lunesta/Mysteria
    Country:
    United States
    HOLY SHIT!!! Im canceling my shit right now
     

Share This Page