Deixo aqui links sobre este caso, que continua a afectar imensas pessoas. Esta mesmo muita coisa à mão dos hackers, veremos as palavras e acções da Sony, etc etc...
PlayStation Network outage to last indefinitely
- Postado a 26 de Abril em Bit-techPaul Goodhead Escreveu:The PlayStation Network has been out of order since late last Wednesday due to what Sony calls an ‘external intrusion,’ and the outage is showing no signs of being fixed any time soon.
In an announcement yesterday, Sony stated that the outage will last for an indefinite amount of time as the company has to entirely rebuild the system, which is a 'time intensive process.'
As if PlayStation owners haven't suffered enough, Sony also says that it's yet to determine whether or not any personal details were stolen by the outside intruder. These details could be anything from names and addresses to credit card information used to pay for products or services on the network.
Although some PlayStation owners view the outage as simply an inconvenience, its wider effect is already being felt. It has already affected the launch of Valve’s Portal 2, with PS3 gamers unable to connect to each other to play the game’s excellent co-op mode. The outage also has the potential to play merry hell with games that require online authentication, such as Capcom’s Bionic Commando: Rearmed 2, as you may not be able to reach the online servers to verify that your copy of the game is genuine.
Are you a part of the 75 million regular users of the PlayStation network that’s been affected? Have you had any problems playing older games that require online authentication?
PSN user details, credit cards compromised
Postado a 27 de Abril em Bit-techJoe Martin Escreveu:Sony has revealed that the group responsible for the recent attack on the PlayStation Network, which has resulted in the service being down for the last week, gained access to the personal details of PSN users - possibly including credit card and financial details.
'Although we are still investigating the details of this incident, we believe that an unauthorised person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID,' reads Sony's official statement.
'It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.'
'If you have authorised a sub-account for your dependent, the same data with respect to your dependent may have been obtained.'
Sony has clarified that, while no evidence currently proves financial information may have been taken, they have not yet ruled out the possibility.
Sony has encouraged users to remain vigilant of their account details while it continues to investigate and repair the intrusion. Sony has confirmed that independent security firms have been brought in to help solve the issues.
Earlier this month hacking group Anonymous launched an attack on Sony's PSN as part of a protest against Sony's prosecution of hacker George 'Geohot' Hotz. Anonymous then warned Sony it would launch an even bigger attack, though clarified it would not attack PSN again.
PSN may stay offline until May 31
Postado a 9 de Maio em Bit-techJoe Martin Escreveu:A spokesperson for Sony Japan has said that the PlayStation Network may not return to full functionality until the end of the month following repeated attacks on Sony's online services.
Sony first took PSN offline on April 20th, shortly after it found out that the system had been compromised by an unknown party. Later attacks have bought the matter to Sony Online Entertainment's other services too.
PSN was originally supposed to have been restored on 3rd May, but that plan went out the window when the second SOE attacks were discovered.
Talking to Bloomberg today, a Sony spokesperson said that the company was still in the process of adopting improved security systems and was planning to restore PSN to full functionality by 31st May.
If Sony holds to that new date then PSN will have been offline for a total of 41 days.
PSN password reset vulnerability uncovered
Postado a 18 de Maio em Bit-techJoe Martin Escreveu:Sony's password reset system for the restored PlayStation Network, which was taken down by hackers last month and has only recently returned to full functionality, has been revealed to have further vulnerabilities of its own.
Sony has been forced to take down some websites in order to fix the vulnerability, which could allow hackers to change users' passwords and gain access to their accounts.
The vulnerability is based around the password reset system, which requires the email address the PSN account is linked to and the date of birth for the user - information which was compromised in the initial attacks and was not encrypted.
Eurogamer claims to have seen video evidence of the vulnerability being exploited.
'Unfortunately this means that those who are still trying to change their password via Playstation.com or Qriocity.com will be unable to do so for the time being,' Sony said in an official statement.
'In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information.'
Users are advised to change the passwords associated with their email accounts, to be on the safe side.
Sony: "We can't guarantee security"
Joe Martin Escreveu:Sony has admitted that it can't guarantee the security of the PlayStation Network and has warned of a 'bad new world of cybercrime'.
Speaking to the Wall Street Journal Sony CEO Howard Stringer said that maintaining a secure system is a 'never-ending process...[but I don't know] if anyone is 100 per cent secure.'
Addressing accusations that the protections in place around the now-restored PlayStation Network, Stringer said: 'We had no reason to believe that our security was not good and still no reason to believe it because we have plenty of people looking at it.''We've learned that we just have to keep improving our security.'
Sony also defended itself over it's percieved slowness to publicly react or to alert users about the extent to which the PSN had been compromised.'We were trying to find out in a very volatile situation what had happened and when we did we relayed it...If your house has been burglarized, you find out if you've lost something before you call the police.''We have to earn back the trust and loyalty we may have lost in this circumstance. That's our goal and that's one we have to reach,'Stringer said.'Our case, unfortunately, is so large and the scale of the PlayStation Network so big that it's forced a lot of attention to be paid. In the long run, that'll be good for everybody.'
Postado a 18 de Maio em Bit-tech
PSN com falha de segurança
Postado a 18 de Maio em My gamesBruno Sirgado Escreveu:O sistema de recuperação de passwords da PSN poderá ter sido atacado.
Aparentemente, o sistema de recuperação de passwords possui um exploit que permite a mudança de password da PSN apenas com o email e data de nascimento.
Devido a este fai... exploit é impossível fazer login no Playstation.com, fóruns da Playstation, Playstation Blog, Qriocity.com, Music Unlimited e todos os jogos da Sony que possuem site oficial.
No entanto, a Sony esclarece a situação ao dizer que o problema apenas está a afectar websites, sendo possível entrar na PSN e jogar online.
O site Nyleveia.com, que deu conta do exploit, avisa os utilizadores para criarem um novo endereço de email, substituindo o anteriormente utilizado.
"Arriscam-se a que a vossa conta seja roubada, quando este hack tiver uma maior visibilidade, se vocês não se certificarem que a vossa conta da PSN possui um email que não possa ser associado a vocês", disse o site Nyleveia.com.
È que está aqui uma açorda hem? Já andam nos media a apontar o dedo e bem, sobre o sistema de segurança e a má encriptação