The big concern that they didn't mention is the manner in which all the PS3s in the field seem to trust their back end. In addition, the PS3's hardware root signing keys have been leaked.
Consider that 50 million PS3s sit in perfect position (behind the firewall) to execute a local-LAN man-in-the-middle attack on millions of home PC users.
What would happen if Sony's compromised backend were to push down a malicious software update? Perhaps they already have.
This attacker could instantly have the biggest botnet ever, by a factor of 10x.
This is a huge stretch. So all a hacker has to do is break into Sony's update servers, create a signed hacked boot loader that automatically starts a MiTM attack on home users? Wouldn't it be easier to break into Google servers and install a malicious Chrome update?
So all a hacker has to do is [1] break into Sony's update servers, [2] create a signed hacked boot loader that automatically [3] starts a MiTM attack on home users?
Yup. Sony appears to be saying that 1 has happened with malicious intent. I believe 2 has been done by console hackers with not-necessarily-evil intent, at least as a proof-of-concept. 3 exists as portable C code.
Alternatively, the bad guys might just want to use their PS3s as the world's largest DDoS platform.
*Wouldn't it be easier to break into Google servers and install a malicious Chrome update?
I doubt it, Google's security is usually pretty good. Even still, that's something that would probably be easier to uninstall.
There are lots of tools to make MITM easy. And it's not exactly rocket science, if you want to write one yourself. And the signing keys have already been published, right? So the only difficult part is breaking into PSN dev channel. You wouldn't necessarily have to hack the server that distributes bootloaders, maybe you could just impersonate another dev and submit a few changes to their existing app. When users are playing the "new version" of that game, your code goes to town.
I wrote a comment about this on Reddit and got downvoted to oblivion, don't know why, but here it is:
I have a PS3. Last night I unplugged it to move it from one room to another. Most of the games I have are downloaded from PSN, and I found out today that I can't play them, even single-player.
See, it apparently checks the system clock before it runs things, unplugging it reset the clock, it only trusts the clock if it was able to set it from the network, and with PSN down...
We use the PS3 for Netflix streaming and so we haven't been able to watch Netflix for a week. It always pissed me off that I had to create a Playstation Network account then log in to it just to watch Netflix.
I've thankfully had my TiVo to use for Netflix as a backup, but the TiVo interface for it is extremely limited by comparison. No searching, recommendations, captions, or anything other than the instant queue; anything else has to be done from a PC. Oh, and the normally slow input for TiVo is even worse when using the Netflix interface...
I'm tempted to buy a Roku or Apple TV just to use until PSN is back...
It could be.
Anonymous is stating that they have nothing to do with it, though it could be a more radical offshoot of them.[1]
It could be some massive hardware problem, and they are taking advantage of the ill-will related to geohot to say that it's not their fault, even though it could be.
I've heard - though nothing more substantial than rumor, it seems like it could be true - that some pirates had modified their PS3s to sign in to PSN dev channels, and then hacked the dev channels to pirate games via direct download from PSN. Although not directly related, some of that would have been facilitated by GeoHot's publishing of the signing keys for PS3 binaries.
I have seen tutorials about that method in several forums. People were adding funds to their account for free and downloading tons of paid content. That's plain stealing, and I'm happy that Sony may be fixing that.
It doesn't look like planned downtime to me, so I don't see how it could be directly related.
But that doesn't mean that someone hasn't blown PSN's security wide open after figuring something out on a hacked PS3, or something like that. I get the feeling that Sony doesn't plan to tell us, either.
Once again, I'm glad that I haven't bought any Sony products for ages.
Yes because they believe it was "Anonymous" who hacked the system, as a retaliation to "the geohotz thing" and no because it could very well be something entirely separate.
All we know is they had an intruder, have switched off the network and are now rebuilding.
Consider that 50 million PS3s sit in perfect position (behind the firewall) to execute a local-LAN man-in-the-middle attack on millions of home PC users.
What would happen if Sony's compromised backend were to push down a malicious software update? Perhaps they already have.
This attacker could instantly have the biggest botnet ever, by a factor of 10x.
What's their next move?