{"id":18577,"date":"2011-02-18T16:22:00","date_gmt":"2011-02-18T14:22:00","guid":{"rendered":""},"modified":"2011-02-18T16:22:00","modified_gmt":"2011-02-18T14:22:00","slug":"jailbreaking-ps3s-is-a-security-risk","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/gaming\/18577-jailbreaking-ps3s-is-a-security-risk.html","title":{"rendered":"Jailbreaking PS3s is a security risk"},"content":{"rendered":"<p>A PS3 hacker has made some as yet unverified claims that Sony is  spying on PS3 users. Apparently they can check all sorts of information  about device usage, including USB attachments and even what kind of TV  you are using. Worse still, is the allegation that Sony is storing  credit card information online as an unencrypted text file.<\/p>\n<p>There are even claims that Sony is monitoring PS3s that haven&rsquo;t  signed into PSN, but are connected to the internet. Apparently a number  of users with hacked firmware are receiving e-mails from the Sony legal  department even though they aren&rsquo;t logged into PSN, prompting fears that  Sony is watching us&hellip;<\/p>\n<p>Now of course all of this is unsubstantiated rumour. The real bit of  information to take away is this fairly obvious warning: custom firmware  (CFW) could pose a security risk.<\/p>\n<p>Downloading and installing CFW packages might enable all sorts of  wonderful Linux possibilities, or piracy if you are that way inclined.  Hypothetically, if one is foolish enough to install a dodgy CFW and then  log into PSN and make a purchase, the sneaky hacker who released the  firmware could intercept and steal credit card information.<\/p>\n<p>The hacking community explains that since connections to PSN are SSL  encrypted, the CFW could contain a fake SSL certificate. This fake  certificate would redirect traffic headed to PSN to a hacker&rsquo;s secret  hideout under a volcano, whereupon they can decrypt and steal credit  card information and other personal information. The hacker then  re-encrypts the data and sends it on to PSN, with parties on either end  unaware of the nefarious deed.<\/p>\n<p>This isn&rsquo;t entirely in the realm of tinfoil hat wearing conspiracy  theory, as similar middle-man data thieving schemes have been used to  good effect on compromised PCs. Similar to CFW hack jobs, these spoof  SSL certificates can be included in pirated versions of operating  systems, most notably Windows.<\/p>\n<p>Legitimate PSN users have nothing to fear, as it is well within  Sony&rsquo;s interest to ensure credit card transactions remain as secure as  possible and private data is protected. Only those brave\/stupid enough  to install dodgy CFW are at risk &ndash; and some might suggest those of the  Jolly Roger persuasion deserve it if they fall victim.<\/p>\n<p><a href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/312703-PS3-Jailbreaking-a-security-risk\"><strong>Would you install CFW on your PS3?<\/strong><\/a> &lt;&lt; Share your thoughts on the MyBroadband forum.<\/p>\n<p><span style=\"font-size: xx-small;\">Source: <a href=\"http:\/\/arstechnica.com\/gaming\/news\/2011\/02\/report-psn-hacked-showing-stunning-lack-of-credit-card-security.ars\" target=\"_blank\" title=\"Ars Technica\">Ars Technica<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers raise fears that jailbroken PS3s can leak personal info to criminals<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_sma_x_autopost_status":"idle","_sma_x_autopost_error":"","_sma_x_post_id":"","_sma_x_attempts":0,"footnotes":""},"categories":[9],"tags":[],"class_list":["post-18577","post","type-post","status-publish","format-standard","hentry","category-gaming"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/18577"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=18577"}],"version-history":[{"count":0,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/18577\/revisions"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=18577"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=18577"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=18577"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}