# Sony hacked again; Sony Pictures this time



## Sarath (Jun 3, 2011)

Source: Engadget

Looks like Sony is having a tough time and 2011 does'nt seem to be the best of times for them. Around 10,00,000 passwords are reportedly stolen this time.

*www.blogcdn.com/www.engadget.com/media/2011/06/lulzsecurity.jpg

The following is the article:


> Oh, Sony -- not again. We've just received numerous tips that Lulz Security has broken into SonyPictures.com, where it claims to have stolen the personal information of over 1,000,000 users -- all stored (disgracefully) in plain text format. Lulz claims the heist was performed with a simple SQL injection -- just like we saw the last time around. A portion of the group's exploit is posted online in a RAR file, which contains over 50,000 email / password combos of unfortunate users. We've downloaded this file (at our own risk, mind you) and can verify these sensitive bits are now in the wild, though it remains unclear if what's published matches reality. In addition to user information, the group has blurted out over 20,000 Sony music coupons, and the admin database (including email addresses and passwords) for BMG Belgium employees. Fresh off the heels of the PlayStation Network restoration, we're guessing the fine folks in Sony's IT department are now surviving solely on adrenaline shots.


----------



## Vyom (Jun 3, 2011)

Ok... now these Sony attacks is started to bore.
Don't HaC|<3RS have some pity on them! I feel sad for Sony.


----------



## thetechfreak (Jun 3, 2011)

Starting to feel bad for song 
But are they getting themselves hacked to gain attention  ?

Naahhh


----------



## hellknight (Jun 3, 2011)

I don't feel sad.. they deserve it.. first they advertise a product with a certain feature (OtherOS).. then they send a update and remove it (3.21).. thirdly, they sue a hacker who was trying to bring back that feature (geohot)... they deserve it.. 

Moreover, PS3 is the only product in the history of tech which has lost feature with every firmware update.. for instance, SACD playback, PS3 emulation, OtherOS etc.. Tomorrow, they'll release an update which will disable the playback of Blu-Ray movies on it coz their standalone Blu-Ray players aren't selling well..

Payback's a *****, ain't it Sony.. 

God, I feel so happy when something wrong happens to either Sony or Apple..


----------



## TheMost (Jun 3, 2011)

Nice Job , LulzSec

U Rock !!


----------



## xtremevicky (Jun 3, 2011)

Unfortunate to see Sony being the victim again . 

Why dont they try out Nokia for a change


----------



## Anorion (Jun 3, 2011)

hmm chronology of events for clarification

GeoHot cracks PS3
Sony sues geohot
Anon DDoS PSN
Hacker infects PSN employee with a targeted trojan
Hacker gains PSN info
....
Sony announces PSN info breach
Sony points finger at Anon, reports printed all over net
Anon denies hack against gamers
Sony apologizes, says Internet is a "bad place" 
Internet jokes about sub-standard protection for user information
...
PSN struggles back into action. somewhat. 
Lulz Security SQL inject their way into Sony Pictures database
Sony caught saving user data in plaintext


----------



## TheMost (Jun 3, 2011)

xtremevicky709 said:


> Unfortunate to see Sony being the victim again .
> 
> Why dont they try out Nokia for a change



I think Sony would be better ...


----------



## lalam (Jun 3, 2011)

Why in the world would they save user data in plain text? Thought they learned the hard way with PSN! They were asking for it!
Hmm wonder if i can still get a hold of the music coupon lol


----------



## furious_gamer (Jun 3, 2011)

lalam said:


> Why in the world would they save user data in plain text? Thought they learned the hard way with PSN! They were asking for it!
> Hmm wonder if i can still get a hold of the music coupon lol



Well, companies storing passwords and secure information in plain text, is complete bullsh1t. Few months before, the famous PG, ccAvenue caught with their pants down. *sigh* 

BTW Sony deserves this. After all the inconvenience it caused to it's customers with PS3...


----------



## ssk_the_gr8 (Jun 3, 2011)

xtremevicky709 said:


> Unfortunate to see Sony being the victim again .
> 
> Why dont they try out Nokia for a change



sony's evil... nokia's not 

btw, sony has seriously been caught with it's pants down.. this is pathetic!


----------



## nims11 (Jun 3, 2011)

sony PSP is also not spared. everytime SONY releases a new PSP firmware, it blocks all the previously working exploits and hacks. two days later, a hacker gets a new way to use the previous hacks on the new firmware or a way to downgrade it!!


----------



## Liverpool_fan (Jun 3, 2011)

xtremevicky709 said:


> Unfortunate to see Sony being the victim again .
> 
> Why dont they try out Nokia Apple for a change


----------



## ico (Jun 3, 2011)

I had plans of buying PS3, but then they removed Linux support.


----------



## ssk_the_gr8 (Jun 3, 2011)

@lfc 
good idea man.. all those apple n00bs .. what would they do if suddenly jobs mob gets screwed ! just love the idea


----------



## Liverpool_fan (Jun 3, 2011)

ssk_the_gr8 said:


> @lfc
> good idea man.. all those apple n00bs .. what would they do if suddenly jobs mob gets screwed ! just love the idea



QDB: Quote #877038877038

*<Fyad>* When I bought siemens cellphone, siemens sold its cellular section. When I bought yakumo screen, yakumo got bunkrupt. When I bought fujitsu-siemens laptop, siemens sold its share.
*<Fyad>* Just curious what to buy next...
*<r_heart>* apple
*<hoobsta>* Apple
*<sailo>* apple


----------



## Sarath (Jun 3, 2011)

People are still crying over linux support. We know that was to evade tax in the EU which failed.

But later PS3 was hacked. Yes long back. So they blocked other OS. I mean seriously why else would they do that. "Hey we like screwing up our customers lets put up an update which is a hidden downgrade". Seriously. No. Geohotz case has been settled in court. Which is law. Are you saying that you can actually scrutinize about justice meted out to him. He hacked the PS3. Hack=Piracy. Sony said we dont want piracy. Is that wrong?
Ofcource 0.00067% of the users were genuinly going to use the exploit to install Linux. I dont fall in that but I would still rant? Yes. Am I justified? No 
I still have that crack file sitting in my PC. I never installed it in my PS3. 

I say all this coz I dont want the PS3 to die coz of piracy the way PC gaming is dying.

Sony screws up in one and only one department: *Pricing*

I dont know how many of you lost your CC details to that hack but I didnt. So I dont care much about it. All that bothers me is that PSN is down. Crap!


----------



## sparx (Jun 3, 2011)

Someon is very much after kicking Sony's a**


----------



## sygeek (Jun 3, 2011)

People like these are defaming the entire Hacker community. Hacker is to computers is like Plumbers is to pipe. As long as they keep their hacking to themselves, it is great but once they start messing with others pipes, it is invading other's piracy. 

I totally support GeoHot, he kept his hacking to himself instead of going on and messing with others..but these guys, they are just ar$3h0l3s. The media will never get used to the term cracking, so it's worthless going on to differentiate between both of the terms, so as to keeping our name away from the dirt.

What Sony did to GeoHot was wrong, what these so-called hackers are doing to Sony proves the same unfair treatment. Does it make them any different from Sony?


----------



## Liverpool_fan (Jun 3, 2011)

SyGeek said:


> People like these are defaming the entire Hacker community. Hacker is to computers is like Plumbers is to pipe. As long as they keep their hacking to themselves, it is great but once they start messing with others pipes, it is invading other's piracy. I totally support GeoHot, he kept his hacking to himself instead of going on and messing with others..but these guys, they are just ar$3h0l3s. The media will never get used to the term cracking, so it's worthless going on to differentiate between both of the terms, so as to keeping our name away from the dirt.



Er Sony stored their customer data like credit card details in PLAIN TEXT for crying out loud. A CC detail among other important data as PLAIN TEXT. This from the same company who locks out its own customers and goes on and on with their irritating DRM schemes. The very same company can't even bother to encrypt critical customer details. Jesus wept.
If anyone who deserves being hacked it's Sony.
Sony has all the blame here. Will you blame thiefs if you go out of town leaving the main door of your house wide open?


----------



## sygeek (Jun 3, 2011)

I never said Sony is not wrong, did I? Let's take this example:
There is an annoying bloody neighbor who gives a damn for any of his people. Now one day just for the sake of it, he makes a cake and distributes it round the entire neighborhood. People find it very good and one cook in the community starts to mess with it's recipe to produce something better. Once the annoying neighbor gets a hold of this and he barges into his house and tries to sue the guy who messed with his recipe and somehow he successfully sues him with the bloody amount of money he got (and then demands more money from the sued guy).
Now the sued guy has got a large social network which finally reaches to a psycho-cook. The serial killer beats the crap of the bloody neighbor to an extent that he would never be able to stand-up. Was that fair, atleast to the psychopaths it was but in the end it was the cook who got defamed more because of this incident.
What the psychopath did was no less than what the bloody neighbor did.

Sony is the same, ignorant bloody company who doesn't give a damn about others. Sony never cared about others, neither their privacy nor their security.


----------



## Liverpool_fan (Jun 3, 2011)

SyGeek said:


> I never said Sony is not wrong, did I?



Yeah but let's face it you can't blame the thiefs either if you leave the door open 

EDIT: Can't believe I spelt thieves as thiefs.


----------



## Sarath (Jun 3, 2011)

GeoHot put up the crack file online for download. Even I have it in my PC. At the time of downloading it I could have easily cracked my PS3 and game ROMs had already started showing up online. Piracy was the only likely use of that crack [and custom OS which umm I and many of my friends have no idea about or are not interested in]. If he wanted Linux then he should have kept it to himself. Posting it online opens the loophole to exploitation which is what happened.

However even I support George Francis Hotz when it comes out to how he was handled. I think he isnt allowed to code any more for a a defined period of time. I hope he lands up like Frank Abagnale with a good life.

Plain text well thats downright stupid. I must admit. 

Leave your door open> A dog comes in poops on your couch> you are stupid

Leave your door open> Thief comes in> Steals everything> You are stupid but the thief is not right


----------



## sygeek (Jun 3, 2011)

Liverpool_fan said:


> Yeah but let's face it you can't blame the thiefs either if you leave the door open


Of course you can. People don't have a right to thievery..but yeah.."Precaution is better than cure".
Sony's security vulnerability lied in their stupid security which was cracked with a simple SQL injection, adding to it storing the password database in PLAINTEXT!.


----------



## hellknight (Jun 3, 2011)

@sarath do you even know what a hacker is? There's a difference between hackers and crackers.. moreover, the CFW that geohot uploaded didn't support piracy.. keeping it on your PC wouldn't help dude.. install it and then see.. I installed it on my PS3, it was just to run homebrew apps..

Secondly, how would you feel if you send your car like Honda Civic etc for servicing and they remove ABS or something in the name of security.. that's what one felt when OtherOS feature was removed not to mention SACD playback etc etc.. Sony sucks, Period!


----------



## coderunknown (Jun 3, 2011)

a few weeks ago sony canada was hacked. maybe some store or their official site. now this. long time before 2011 comes to an end. sony, good luck.


----------



## Sarath (Jun 3, 2011)

How did you manage to run it on your PS3 and not get banned in PSN? I thought the next update banned online play in broken systems. 
If you circumvent the DRM then installing homebrew apps or game roms both are possible. You took a moral stand. How many are going to do the same?

If you attribute virtual loses to physical ones things start to look bad. I dont use my PS3 for anything apart from playing games so it doesnt bother me as much. 

I dont know the difference? I thought hacking+illegal=cracking??? No idea. or simply put hack- legal & crack- illegal.

If you wanted other OS why did you update your PS3?

Also I dont love Sony as much as you hate them. They are just fine if you ask me. They have a knack for screwing themselves though.


----------



## hellknight (Jun 3, 2011)

Who gives a damn about PSN.. I don't.. waise bhi Airtel & other ISPs offering pathetic speeds along with FUP makes online gaming almost impossible.. 

Regarding circumventing DRM, DMCA isn't applicable in India & India's Fair Use policy states that you can break the DRM for your personal use, not commercial.. secondly, a recent amendment in DMCA legalized breaking DRM & Jailbreaking devices, so it's not illegal even in US.. 

I updated my PS3 because Sony pressurizes game devs to make games that run on latest firmware or not run at all....


----------



## Sarath (Jun 3, 2011)

Are you sure about the last line. I have got a friend who never ever connected his PS3 online. Only recently did he do in on my consistent perusal. But he was playing all along fine. Its either that the game goes online and checks for the latest patch [which i think is the case] or may have some features which are needed in the newer patch that it needs to play. I think its the former as he never once complained about the games not running on his phat PS3 [offline for its entire life].

I dont care much about the DMCA and all that law. I am not even going to read into it. I just dont want gaming to die. I want this industry to live. That is all I am saying. I dont want Santa Monica saying that a day has come when it is more profitable to develop "Farmville" than make the next greek god holocaust saga.

I am on an airtel 4mbps 25GB FUP @1600 pm. It does me well. I think I dont play as much as you guys but the pings are fine. You should try it bro. I feared it would hit the FUP but it seems online gaming doesnt really go into 10s of GBs. [With my experience of playing NFS: Hot Pursuit online on european servers 4hrs/day for a month]
Also I play Dota on my PC for about 5hrs every 3rd day and its doing well. 

But if you were using Linux and then it was taken off with the patch I think that is pretty unfair and outright sucked. But if you dont like online play you should have left the system offline. Were you prompted for a patch when you loaded a new game?


----------



## asingh (Jun 3, 2011)

It is extremely easy to sit here and be holier-than-thou and bad mouth organizations and take side with turds who sit all day at home and circumvent security.

Yes, it was bad on Sony's part to store data in methods which are easy to circumvent and by-pass, but I feel it is even worse to justify it. 

Remember, it is always the hand holding the knife. Not the other way round.

Someone quoted above, I will reply: Yes, I will blame thieves, if they enter my open door house. Honesty. It is the crux of society and humans leaving together, vs. animals out in the wild. Though there is not much of this left.


----------



## sygeek (Jun 4, 2011)

Lulz? Sony hackers deny responsibility for misuse of leaked data

Who do you see wrong here? Sony's ignorance about their vulnerable site OR Lulzsec's carelessness to leak thousands of data of user's login information online and blaming it on Sony all the way (lol)


----------



## hellknight (Jun 4, 2011)

@sarath Yeah, when I was playing Killzone 2 & Uncharted 2, to unlock new achievements it repeatedly asked me to install updates.. moreover, I had to manually disconnect the LAN cable (wifi router of BSNL sucks ) to stop it from auto-updating..


----------



## Sarath (Jun 4, 2011)

Well thats pretty sad. So you are using those work arounds now to play the latest games. 
Maybe thats the reason my friend decided to update too. 

You should try playing online. Its is fun. I used to play online on a previous BSNL connection without any hassle. Plus it was on wifi on their stupid router. But it worked so I had no reason to complain. Shifted to airtel when I shifted home.


----------



## sygeek (Jun 5, 2011)

LulzSec hacks FBI affiliate, Infragard

Sony Music Brazil hacked (yet another sony defacement) | Sucuri


----------



## tejaslok (Jun 5, 2011)

apparently this is worst year for Sony >?

no remorse for them !


----------



## Anorion (Jun 6, 2011)

same group. is this new? Sony Pictures Russia - Pastebin.com


----------



## bharat_14101991 (Jun 6, 2011)

come on guyz... i paid 10000 for a psp 3004, and what do i get, pay 1000rs more for each n every single game i want to play. this is pathetic, not everyone in that rich in our country.

either sony should lower the price to 100-200 rs else they wont be able to stop the piracy at any cost.

in market you can get your psp hacked for just 300 rs... so 300+ 700(14gamesx50 rs)= 1000 rs... so for the official cost of 1 game you can play 14 games unofficially.. i dont think it's a bad deal.

and about the gaming scene getting destroyed by this piracy, sony can easily handle this if they decrease the royalty for each n every game. game devs are leaving psp/ps3 cause they have to pay alot to the sony for their game and after that everyone gets a pirated copy cause of the outrageous pricing of the games.


----------



## furious_gamer (Jun 6, 2011)

bharat_14101991 said:


> come on guyz... i paid 10000 for a psp 3004, and what do i get, pay 1000rs more for each n every single game i want to play. this is pathetic, not everyone in that rich in our country.
> 
> either sony should lower the price to 100-200 rs else they wont be able to stop the piracy at any cost.
> 
> ...



Any source to prove that point?

Also this topic is not about p1rating games and to defend for that. 

BTW It's like most often stated reasons for pirating a game in this forum and we really get fed up with that. So please stop discussing about that here.


----------



## sygeek (Jun 6, 2011)

^He didn't discuss "how to". He just mentioned the price and his opinion. There is nothing wrong with that, let him keep his opinion, you may stay with yours.


----------



## furious_gamer (Jun 6, 2011)

SyGeek said:


> ^He didn't discuss "how to". He just mentioned the price and his opinion. There is nothing wrong with that, let him keep his opinion, you may stay with yours.



^^



> in market you can get your psp hacked for just 300 rs... so 300+ 700(14gamesx50 rs)= 1000 rs... so for the official cost of 1 game you can play 14 games unofficially.. i dont think it's a bad deal.



This is what i am talking about. 

I am not sure whether it's relevant to topic or not, but i don't want to go off-topic or someone get banned unnecessarily.


----------



## sygeek (Jun 6, 2011)

^It may not be off-topic, because it relates to Sony in a way, which is the topic. Anyways, if this is off-topic, the mods will naturally delete it.


----------



## asingh (Jun 6, 2011)

hellknight said:


> @sarath Yeah, when I was playing Killzone 2 & Uncharted 2, to unlock new achievements it repeatedly asked me to install updates.. moreover, I had to manually disconnect the LAN cable (wifi router of BSNL sucks ) to stop it from auto-updating..



I edited your link, cause it had a hack technique within.

Also, this auto-update, you were speaking about. Does it happen even when you are playing SP..?

**********************
@Rest:
Let us not discuss piracy or circumvention of hardware security protocols.

*Not deleting any ones posts, but think before posting about "market hacks" and so forth along with price points for the same.*


----------



## Sarath (Jun 6, 2011)

Auto updating is a feature only seen in PS Plus.

For the rest of us (like me) it has to be manually done.
However you will find the option to auto update in the menu but that will only prompt you to get the PS Plus subscription

The PS3 connects to the Sony? servers in the background however it will not download any patch or update. It shares some system information etc etc. I read this in a official statement a few months ago on engadget.com. However if you are found with a custom patch like the on by geohotz then it blocks your IP (console) number and hence disqualifies your PSN account. As a result you can not play online.


----------



## asingh (Jun 6, 2011)

^^
Thanks for the nice reply.

So, if I am JUST playing SPs, and have my Wi-Fi on (doing something else) -- MY PS3 will NEVER update..? Talking about the FW.?


----------



## bharat_14101991 (Jun 6, 2011)

furious_gamer said:


> Any source to prove that point?



sir, i'm sorry if my opinion was a problem to you, never meant to.

as you might be knowing that psp2 aka ngp is gonna release soon, so when that will come to surface, itz very obvious that game devs will turn their attention fully towards it, killing the psp1 gaming scene cause they know everyone has got a hacked psp. and if you check some psp sites you will know that this has even started, i guess itz 1-2 months back that ngp was announced, but after that many game devs have announced their games on ngp. what about psp now?

now for the same if sony dropped the price, it will surely boost the sales and that can revive the psp gaming scene.

about the source, i myself belong to a very popular psp site, and a very reputed member there. so i need not to state now that i know the basics of psp.




> Also this topic is not about p1rating games and to defend for that.


sir i'm not defending piracy i'm just providing possible solutions, i love sony too, after all they provided us with the awesome gaming consoles. no offence



> BTW It's like* most often stated reasons* for pirating a game in this forum and we really get fed up with that. So please stop discussing about that here.


thatz what i wanna say, most people say that the prices are too high for normal mans reach.

NOTE: this is not war between anyone, this is just a friendly argument about some topic, so guyz dont take it as something else.
*peace*



asingh said:


> ^^
> Thanks for the nice reply.
> 
> So, if I am JUST playing SPs, and have my Wi-Fi on (doing something else) -- MY PS3 will NEVER update..? Talking about the FW.?



it will ask you before updating if you  have disabled auto-update option

also i'm not talking about hacking, i'm talking about the possible wayz sony should opt to save consoles from hacking. take me as a sony guy.


----------



## Sarath (Jun 6, 2011)

You're welcome 

The PS3 never ever updates on its own (unless ofcourse you are a PS plus user). It always has to be manually done. Infact every update has a end user agreement to be signed and okayed. 
Even the game patches need to be manually updated. (frustratingly, since everytime you pop in a game you most likely have to update[game patch] and wait for 15mins or so)

As I said when the wifi is on and if SP=Single player then it wont update. But it does communicate with the servers. Also to play online you need to have the latest update always. But your PS3 will know if there is a system update or a new game patch if it is connected to wifi. It always checks for the latest update in the background but never updates it automatically. Only prompts while logging into PSN and not while booting. So offline gaming is fine.

Simply put. If your PS3 is offline. No online gaming ofcourse but no prompts made for game patches either.

But if it is connected then it knows there is a new patch. You cant play the game w/o DLing it since there is no "NO" option. Same goes for online.

What is FW?

---------------------------------------------------------------------------------------------------------------------------------

Piracy is affecting the gaming industry more than any other. I hope you know the development costs of a modern game. 
Already we have fewer shorter games coming in. 

If everyone cracked the PSP then no more games will come out for it.
Hence the PSP Go and online game DLs.
Now the NGP has a propriety game card slot+ SD card slot + online DL(able) games.

--------------------------------------------------------------------------------------------------------------------------------
@bharat do you think the PSP is actually worth just 10k? If you paid the actual price then the games would be cheaper but then you would have never bought the PSP in the first place.

Same with my PS3. Modern consoles are basically just assembled PC parts now (ofcource propriety). Can you build a full blown gaming rig for 20k now (5years after its debut despite cheaper faster parts available). You pay for the subsidy in the form of overpriced games. I too however hate paying 2.5k for a game. But 1.5k is bearable which is what I am doing. 
A movie ticket costs Rs.200 for 3 hours. You can definitely pay 1k for a game that gives many times more entertainment.

No offence bro. Not taking a dig at you either. Even I have come back from the PSone days to finally buying legal copies on my PS3.
Back then I though we had to pay 1k for PS2/PS1 games just to get a booklet and a fancy box. I was not even aware of it being original or not.


----------



## asingh (Jun 6, 2011)

^^
Thank you. Appreciate it.


----------



## bharat_14101991 (Jun 6, 2011)

Sarath said:


> What is FW?
> 
> ---------------------------------------------------------------------------------------------------------------------------------
> 
> ...



FW is firmware

also you can say that i'm at my evolving stage, but really man, when i take a look at my pocket money and then at the prices of games, i prefer the other way. may be i'm wrong.

and i agree psp is not worth for 10k, but the thing that hurts me most is that i paid 10k for something that is of no use if i dont pay everytime i want to enjoy it.

also the point that game developing is too costly these dayz, but the royalty charged by sony makes it more costly. i'm just saying, why not sony just drop itz share so that prices become more affordable.

you might be knowing about total_noob releasing his lcfw of 6.20, soon after it was released there was a boost in sales of psp go. this is what proves my point.

drop the price and everyone will buy original, well not everyone, but it will give a big boost to the sales certainly. i would prefer originals myself.


----------



## sygeek (Jun 6, 2011)

This reminds me of my cousin. He couldn't decide whether to go for PS3/XBox 360. He was a PS3 fanboy but was confused if he should buy it just because it hadn't been cracked at that time. He didn't want to spend damnloads of money on the games.

_Just so if you're wondering, he finally bought PS3 and is now using ebay to buy games._


----------



## bharat_14101991 (Jun 6, 2011)

^^^^^
nice event...


----------



## Sarath (Jun 7, 2011)

There is only one cure to that. Borrow from friends and buy used games. I have friends who have hardly bought any games as he mostly just borrows from friends. 

Sony doesnt make a good profit selling the consoles. So they want more game sales. This was reflected in their new statement that "No new technology will be developed exclusively for the NGP as they have learnt from the PS3. They would now stick to making it more economical by using available parts." Which means no Cell2 proc.

I understand what you are saying. Gaming on consoles is just too expensive. I bought a lot of them during the holidays. After that I will borrow and trade with my friends. Easy simple economical.

Almost every PSP i have seen with my friends has custom firmware.

@Sygeek: I reckon thats the reason the xbox is so famous now. I resisted the temptation somehow. Or maybe I was dating someone then 

P.S. Too lazy to correct typos up there


----------



## bharat_14101991 (Jun 7, 2011)

i guess in my friends i'm the only one with a psp,   so no sharing or borrowing.

n do you mean that sony has refrained from installing that quad core proc. in ngp? i didnt hear that from anyone.
but then too, ngp's games wont be compatible with the psp/ psp go... so that will automatically be a red sign for psp game development, everyone will focus on ngp.

eagerly waiting for ngp to release  but i'm sad for my psp


----------



## furious_gamer (Jun 7, 2011)

bharat_14101991 said:


> i guess in my friends i'm the only one with a psp,   so no sharing or borrowing.
> 
> n do you mean that sony has refrained from installing that quad core proc. in ngp? i didnt hear that from anyone.
> but then too, ngp's games wont be compatible with the psp/ psp go... so that will automatically be a red sign for psp game development, everyone will focus on ngp.
> ...



probably give it to me for free.... I'll use that PSP and play some classic titles..... 

@Sarath
If no Cell2 proc in NGP, then what it will be?


----------



## bharat_14101991 (Jun 7, 2011)

Sony just announced at their E3 conference that the NGP (PS Vita) will be sold 250$ in the US… but of course there’s a trick

The NGP will be 250 euros in Europe, that’s 370$, 25’000 yen in Japan, that’s 310$, screw those marketing techniques, seriously…. That’s for the Wifi only version, while the Wifi+3G version will be sold 300$ in the US, 30’000 yen in Japan, that’s 375$, and 300 euros in Europe, that’s 440$.



furious_gamer said:


> probably give it to me for free.... I'll use that PSP and play some classic titles.....



no sir i still love my psp and love to play god of wars and mgs peacewalker on it...


----------



## Sarath (Jun 7, 2011)

I know we all heard rumours that the quad core cell proc will be seen in the NGP but that is well a rumour and I have no idea about its credibility.

However Sony has said that the NGP will be more powerful(or same as) than the PS3. Which is possible since in the 5years since the PS3 launched proc speeds and efficiency have definitely improved.

Also the fact that the NGP and PS3 will have the same game running on both platforms shows that the experience should be more or less similar. The game saves can be shared between the two and you will be able to pick up the game and play on the NGP from where you stopped in the PS3.

Must be an ARM proc. Anything else will eat up the battery. GPU? well no idea.


----------



## bharat_14101991 (Jun 7, 2011)

*img835.imageshack.us/img835/2439/ngpspecs685x441.jpg

it has a quad core... itz official

also i doubt that the games will be same for ps3 and ngp.. coz ngp have a touch pad unlike ps3 and motion sensors too...

yeah ps3's games can be played in ngp but ngp's games in ps3.. nahhhh...


----------



## furious_gamer (Jun 7, 2011)

^^ Nice man, So will it be priced around 20k?


----------



## bharat_14101991 (Jun 7, 2011)

bharat_14101991 said:


> Sony just announced at their E3 conference that the NGP (PS Vita) will be sold *250$ in the US*… but of course there’s a trick
> 
> The NGP will be 250 euros in Europe, that’s 370$, 25’000 yen in Japan, that’s 310$, screw those marketing techniques, seriously…. That’s for the Wifi only version, while the Wifi+3G version will be sold 300$ in the US, 30’000 yen in Japan, that’s 375$, and 300 euros in Europe, that’s 440$.
> 
> ...



no it will be priced below 15000... 250x50=12500 in us.. so in india it will be below 15000


----------



## Sarath (Jun 7, 2011)

I am talking about the upcoming UC3. Ofcourse the NGP will have its share of exclusive games.

A 15000 price point is most likely. INR 10000 would be sweet.

The PS3 retails for 18000 INR so its unlikely that the NGP would retail at 20k making Sony look stupid.

They would anyways make money on overpriced games.


----------



## bharat_14101991 (Jun 7, 2011)

Sarath said:


> I am talking about the upcoming UC3. Ofcourse the NGP will have its share of exclusive games.
> 
> A 15000 price point is most likely. INR 10000 would be sweet.
> 
> ...



see, you too agree my point


----------



## Sarath (Jun 7, 2011)

haha maybe


----------



## bharat_14101991 (Jun 7, 2011)

sony's games are over priced, just like the apple products.. thatz what make people feel a negative point for sony... i mean what are they losing.. they earn a lot for the consoles, then sell VERY overpriced accessories and finally they sell over priced games.... it was a win win situation for sony in every respect.. until these hackers came into the scene.


----------



## Sarath (Jun 8, 2011)

I dont know I am unable to get through to you friend.

The consoles are sold at a loss so that they can make a profit on the games.

There are 2 possible ways:

Consoles at a profit (45-50k)+ Cheap Games (500? max 1000 like PC)

OR

Consoles at a loss (20k) + Expensive games (2.5k upwards)

Apple is horribly overpriced. But they come with a lot of wow factor and thats what people pay for.


----------



## bharat_14101991 (Jun 8, 2011)

are you sure they loose in consoles? i dont think so. manufacturing cost is far low i guess, things that eat money are marketing n transportation.


----------



## Sarath (Jun 8, 2011)

Ok include that also. Its a well known fact that both of them Sony and Microsoft lose money on their console.
However sony lost more money due to new hardware (read Cell processor)

I think only the Wii makes a profit but I am not sure.

Try making a PC which plays HiDef games for 20k. 1080p at moderate fps and throw in the latest games. Its not possible.

Sony has stated that its either making a marginal profit, making no loss or making very little loss with the latest PS3. So they had to wait 5years to stop making the console hurt so much.

Also are you aware that the US military bought truck loads of PS3 and used them for various simulation (non gaming) purposes. Sony contested against this as they were making a huge loss. Why would they do that?


----------



## bharat_14101991 (Jun 8, 2011)

dont know about that.. i alwayz felt that manufacturing cost is low...


----------



## Sarath (Jun 8, 2011)

I can see all this while you have been cursing those poor (not so poor) chaps at Sony.

I can give you an example of a game I was looking for:
Need For Speed: Hot Pursuit

PC: 999 INR
PS3: 2499 INR
Xbox 360: 2499 INR

The royalties are the same for sony and xbox. However sony is on blue ray which is obviously much more expensive than a DVD or even 4-5 DVDs. So they actually profit less from games than Microsoft.
Infact Xbox can have its price lower but then why should they. They are a majority and always pace its price in accordance with sony's games, thus minting more.

The PS3 is the most expensive and the least profitable console for Sony.


----------



## furious_gamer (Jun 9, 2011)

^^ Sony fanboi....


----------



## Sarath (Jun 9, 2011)

Play station fanboy. But not an insane one.

However anyone who would like to use the Kinect should buy an Xbox360. But the PS is better at everything else.

I used to hate sony products due to their propriety Memory Stick in all their products.


----------



## bharat_14101991 (Jun 10, 2011)

did you ever use kinect? i dream of but none is available here in my city


----------



## Vyom (Jun 10, 2011)

^^ I tried Kinect in a showroom. Was an awesome experience, when I hold the balling ball (virtually) and the Avatar on screen followed my every moment. I even did a dance number, until the staff of showroom got agitated, and decided to make me stop


----------



## bharat_14101991 (Jun 10, 2011)

^^^ rofl... thatz embarrassing


----------



## Vyom (Jun 10, 2011)

^^ Well actually, that showed how immersive Kinect can be! When you are given a chance to interact with the virtual world!
I have to agree on the fact, that, Microsoft have truly created something marvelous!


----------



## bharat_14101991 (Jun 10, 2011)

yea yea.. i want one too..


----------



## asingh (Jun 10, 2011)

furious_gamer said:


> ^^ Sony fanboi....



I am one....!


----------



## Sarath (Jun 10, 2011)

I saw some kids playing on the kinect [everytime I spot one] so I just watched them, Shoving them away and grabbing the erm...controller kinect? was not such a good idea.
I didnt want to scar those toddlers for life so I am always just a spectator. But it sure is interesting. 

Too bad Microsoft wins this round. Sony you've let me down.


----------



## tkin (Jun 11, 2011)

This is starting to turn into a joke, did the hackers ran away wit the entire database or what?


----------



## bharat_14101991 (Jun 11, 2011)

Sarath said:


> I saw some kids playing on the kinect [everytime I spot one] so I just watched them, Shoving them away and grabbing the erm...controller kinect? was not such a good idea.
> I didnt want to scar those toddlers for life so I am always just a spectator. But it sure is interesting.
> 
> Too bad Microsoft wins this round. Sony you've let me down.



now i must say SONY FANBOI


----------



## tkin (Jun 11, 2011)

Sony is suffering the wrath of Shoni(hindu god)


----------



## Ishu Gupta (Jun 11, 2011)

tkin said:


> This is starting to turn into a joke, did the hackers ran away wit the entire database or what?


and they posted it on a torrent.
Lots of passwords were stored in plaintext. 



Spoiler



So the Sony saga continues. As if the whole thing about 77 million breached PlayStation Network accounts wasn’t bad enough, numerous other security breaches in other Sony services have followed in the ensuing weeks, most recently with SonyPictures.com.

As bad guys often like to do, the culprits quickly stood up and put their handiwork on show. This time around it was a group going by the name of LulzSec. Here’s the interesting bit:

Well actually, the really interesting bit is that they created a torrent of some of the breached accounts so that anyone could go and grab a copy. Ouch. Remember these are innocent customers’ usernames and passwords so we’re talking pretty serious data here. There’s no need to delve into everything Sony did wrong here, that’s both mostly obvious and not the objective of this post.

I thought it would be interesting to take a look at password practices from a real data source. I spend a bit of time writing about how people and software manage passwords and often talk about thing like entropy and reuse, but are these really discussion worthy topics? I mean do people generally get passwords right anyway and regularly use long, random, unique strings? We’ve got the data – let’s find out.

*What’s in the torrent*

The Sony Pictures torrent contains a number of text files with breached information and a few instructions:

*lh6.ggpht.com/-Bo5l9_fNC90/TexdzKmZqOI/AAAAAAAACYk/mShCiBSlEpk/image_thumb.png?imgmax=800​
The interesting bits are in the “Sony Pictures” folder and in particular, three files with a whole bunch of accounts in them:

*lh6.ggpht.com/-fM0aHTivJk8/Texd08reoFI/AAAAAAAACYs/IjfkQoqXjss/image_thumb111.png?imgmax=800​
After a little bit of cleansing, de-duping and an import into SQL Server for analysis, we end up with a total of 37,608 accounts. The LulzSec post earlier on did mention this was only a subset of the million they managed to obtain but it should be sufficient for our purposes here today.

*Analysis*

Here’s what I’m really interested in:

Length
Variety of character types
Randomness
Uniqueness
These are pretty well accepted measures for password entropy and the more you have of each, the better. Preferably heaps of all of them.

*Length*

Firstly there’s length; the accepted principle is that as length increases, as does entropy. Longer password = stronger password (all things else being equal). How long is long enough? Well, part of the problem is that there’s no consensus and you end up with all sorts of opinions on the subject. Considering the usability versus security balance, around eight characters plus is a pretty generally accepted yardstick. Let’s see the Sony breakdown:

*lh5.ggpht.com/-PNeDWGT6mHI/Texd2lbC4MI/AAAAAAAACY0/uSdy2Ma1Wqg/image_thumb11.png?imgmax=800​
We end up with 93% of accounts being between 6 and 10 characters long which is pretty predictable. Bang on 50% of these are less than eight characters. It’s interesting that seven character long passwords are a bit of an outlier – odd number discrimination, perhaps?

I ended up grouping the instances of 20 or more characters together – there are literally only a small handful of them. In fact there’s really only a handful from the teens onwards so what we’d consider is a relatively secure length really just doesn’t feature.

*Character types*

Length only gives us so much, what’s really important is the diversity within that length. Let’s take a look at character types and we’ll categorise them as follows:

Numbers
Uppercase
Lowercase
Everything else
Again, we’ve got this issue of usability and security to consider but good practice would normally be considered as having three or more character types. Let’s see what we’ve got:

*lh6.ggpht.com/-OvhoPbUJzxY/Texd4IMZ4bI/AAAAAAAACY8/Dr1WYT8PHa8/image_thumb12.png?imgmax=800​
Or put another way, _*only 4% of passwords had three or more character types*_. But it’s the spread of character types which is also interesting, particularly when only a single type is used:

*lh6.ggpht.com/-Q9XjOBI2YnY/Texd5sin7VI/AAAAAAAACZE/KytDoUohbO4/image_thumb6.png?imgmax=800​
In short, half of the passwords had only one character type and nine out of ten of those where all lowercase. But the really startling bit is the use of non-alphanumeric or characters:

*lh6.ggpht.com/-HxuKtkyaoN4/Texd7XUwdJI/AAAAAAAACZM/jExbkushio8/image_thumb8.png?imgmax=800​
Yep, less than _*1% of passwords contained a non-alphanumeric character*_. Interestingly, this also reconciles with the analysis done on the Gawker database a little while back.

*Randomness*

So how about randomness? Well, one way to look at this is how many of the passwords are identical. The top 25 were:
_
seinfeld, password, winner, 123456, purple, sweeps, contest, princess, maggie, 9452, peanut, shadow, ginger, michael, buster, sunshine, tigger, cookie, george, summer, taylor, bosco, abc123, ashley, bailey_

Many of the usual culprits are in there; “password”, “123456” and “abc123”. We saw all these back in the top 25 from the Gawker breach. We also see lots of passwords related to the fact this database was apparently related to a competition: “winner”, “sweeps” and “contest”. A few of these look very specific (9452, for example), but there may have been context to this in the signup process which lead multiple people to choose the same password.

However in the grand scheme of things, there weren’t a whole lot of instances of multiple people choosing the same password, in fact the 25 above boiled down to only 2.5%. Furthermore, 80% of passwords actually only occurred once so whilst poor password entropy is looking rampant, most people are making these poor choices independently and achieving different results.

Another way of assessing the randomness is to compare the passwords to a password dictionary. Now this doesn’t necessarily mean an English dictionary in the way we know it, rather it’s a collection of words which may be used as passwords so you’ll get things like obfuscated characters and letter / number combinations. I’ll use this one which has about 1.7 million entries. Let’s see how many of the Sony passwords are in there:

*lh6.ggpht.com/-3wchrCUz4GQ/Texd837O7qI/AAAAAAAACZU/Juu-vNq4JkY/image_thumb1.png?imgmax=800​
So more than one third of passwords conform to a relatively predictable pattern. That’s not to say they’re not long enough or don’t contain sufficient character types, in fact the passwords “1qazZAQ!” and “dallascowboys” were both matched so you’ve got four character types (even with a special character) and then a 13 character long password respectively. The thing is that they’re simply not random – they’ve obviously made appearances in password databases before.

*Uniqueness*

This is the one that gets really interesting as it asks the question “are people creating unique passwords across multiple accounts?” The thing about this latest Sony exploit is that it included data from multiple apparently independent locations within the organisation and as we saw earlier on, the dump LulzSec provided consists of several different data sources.

Of particular interest in those data sources are the “Beauty” and “Delboca” files as they contain almost all the accounts with a pretty even split between them. They also contain well over 2,000 accounts with the same email address, i.e. someone has registered on both databases.

So how rampant is password reuse between these two systems? Let’s take a look:

*lh6.ggpht.com/-MYktDCqCc7w/Texd-n8jdmI/AAAAAAAACZc/8rRAITVF8W8/image_thumb9.png?imgmax=800​
_*92% of passwords were reused across both systems*_. That’s a pretty damning indictment of the whole “unique password” mantra. Is the situation really this bad? Or are the figures skewed by folks perhaps thinking “Sony is Sony” and being a little relaxed with their reuse?

Let’s make it really interesting and compare accounts against Gawker. The internet being what it is there will always be the full Gawker database floating around out there and a quick Google search easily discovers live torrents. Gnosis (the group behind the Gawker breach) was a bit more generous than LulzSec and provided over 188,000 accounts for us to take a look at.

Although there were only 88 email addresses found in common with Sony (I had thought it might be a bit higher but then again, they’re pretty independent fields), the results are still very interesting:

*lh5.ggpht.com/-XzTtZsDqzXA/Texd_-fJyJI/AAAAAAAACZk/ZFTe3KtKrm0/image_thumb10.png?imgmax=800​
_*Two thirds of people with accounts at both Sony and Gawker reused their passwords*_. Now I’m not sure how much crossover there was timeframe wise in terms of when the Gawker accounts were created versus when the Sony ones were. It’s quite possible the Sony accounts came after the Gawker breach (remember this was six months ago now), and people got a little wise to the non-unique risk. But whichever way you look at it, there’s an awful lot of reuse going on here.

What really strikes me in this case is that between these two systems we have a couple of hundred thousand email addresses, usernames (the Gawker dump included these) and passwords. Based on the finding above, there’s a statistically good chance that the majority of them will work with other websites. How many Gmail or eBay or Facebook accounts are we holding the keys to here? And of course “we” is a bit misleading because anyone can grab these off the net right now. Scary stuff.

*Putting it in a exploit context
*
When an entire database is compromised and all the passwords are just sitting there in plain text, the only thing saving customers of the service is their password uniqueness. Forget about rainbow tables and brute force – we’ll come back to that – the one thing which stops the problem becoming any worse for them is that it’s the only place those credentials appear. Of course we know that both from the findings above and many other online examples, password reuse is the norm rather than the exception.

But what if the passwords in the database were hashed? Not even salted, just hashed? How vulnerable would the passwords have been to a garden variety rainbow attack? It’s pretty easy to get your hands on a rainbow table of hashed passwords containing between one and nine lowercase and numeric characters (RainbowCrack is a good place to start), so how many of the Sony passwords would easily fall?

*lh4.ggpht.com/-0VKd9U9h2qE/TexeBVOyngI/AAAAAAAACZs/cURhma9e-mQ/image_thumb11%25255B1%25255D.png?imgmax=800​
*82% of passwords would easily fall to a basic rainbow table attack*. Not good, but you can see why the rainbow table approach can be so effective, not so much because of its ability to make smart use of the time-memory trade-off scenario, but simply because it only needs to work against a narrow character set of very limited length to achieve a high success rate.

And if the passwords were salted before the hash is applied? Well, more than a third of the passwords were easily found in a common dictionary so it’s just a matter of having the compute power to brute force them and repeat the salt plus hash process. It may not be a trivial exercise, but there’s a very high probability of a significant portion of the passwords being exposed.

*Summary*

None of this is overly surprising, although it remains alarming. We know passwords are too short, too simple, too predictable and too much like the other ones the individual has created in other locations. The bit which did take me back a bit was the extent to which passwords conformed to very predictable patterns, namely only using alphanumeric character, being 10 characters or less and having a much better than average chance of being the same as other passwords the user has created on totally independent systems.

Sony has clearly screwed up big time here, no doubt. The usual process with these exploits is to berate the responsible organisation for only using MD5 or because they didn’t salt the password before hashing, but to not even attempt to obfuscate passwords and simply store them in the clear? Wow.

But the bigger story here, at least to my eye, is that users continue to apply lousy password practices. Sony’s breach is Sony’s fault, no doubt, but a whole bunch of people have made the situation far worse than it needs to be through reuse. Next week when another Sony database is exposed (it’s a pretty safe bet based on recent form), even if an attempt has been made to secure passwords, there’s a damn good chance a significant portion of them will be exposed anyway. And that is simply the fault of the end users.

Conclusion? Well, I’ll simply draw back to a previous post and say it again: The only secure password is the one you can’t remember.


----------



## tkin (Jun 11, 2011)

^^ nice find dude, makes me remember about entropy and huffman's coding all over again(totally unrelated)


----------



## bharat_14101991 (Jun 11, 2011)

Ishu Gupta said:


> and they posted it on a torrent.
> Lots of passwords were stored in plaintext.
> 
> 
> ...



nice find man.. + rep


----------



## asingh (Jun 11, 2011)

Ishu Gupta said:


> and they posted it on a torrent.
> Lots of passwords were stored in plaintext.




Also read the spoiler. What the heck.....


Ideally ANYONE who subscribed to PSN should immediately change passwords, or get new plastic issued.


----------



## ico (Jun 11, 2011)

*i.imgur.com/TFiFW.jpg
*i.imgur.com/MKlXN.jpg
*i.imgur.com/vJ22x.jpg

winnar


----------



## asingh (Jun 11, 2011)

^^
Kewl.

How you have 4 lifes in Contra 1 right on the first map - JUNGLE.

Applied the keypad cheat...?


----------



## ico (Jun 11, 2011)

asingh said:


> ^^
> Kewl.
> 
> How you have 4 lifes in Contra 1 right on the first map - JUNGLE.
> ...


well, I have two game options: Contra and Contra 30p. 

The gamepad is rusty. doesn't work properly.


----------



## asingh (Jun 11, 2011)

^
A cheat option is part of the game choices...! 
Which other NES games you have..?


----------



## ico (Jun 11, 2011)

You name it and I'll be most probably having it. 
Contra, Mario, Panda Mario (mod), Galaxian, Galaga, Urban Champion, Popeye, Duck Hunt, Clay Shooting, Hitman, Adventure Island, Tennis, Spiderman, Batman, Kung Fu, Lode Runner, Ice Climber, Pinball, Summer Carnival, Mach Rider, Macros, Bomberman etc. etc.

Once I had over 200 different games but gave few cartridges to cousins.

My NES-clone is over 12 years old.


----------



## Ishu Gupta (Jun 11, 2011)

Double Dragon (II)?


----------



## ico (Jun 11, 2011)

Ishu Gupta said:


> Double Dragon (II)?


had it once..!


----------



## Ishu Gupta (Jun 11, 2011)

Snow Bros?
Baseball/Soccer/Brian Lara Cricket99?


----------



## ico (Jun 11, 2011)

Ishu Gupta said:


> Snow Bros?
> Baseball/Soccer/Brian Lara Cricket99?


yes.


----------



## Sarath (Jun 11, 2011)

ico said:


> You name it and I'll be most probably having it.
> Contra, Mario, Panda Mario (mod), Galaxian, Galaga, Urban Champion, Popeye, Duck Hunt, Clay Shooting, Hitman, Adventure Island, Tennis, Spiderman, Batman, Kung Fu, Lode Runner, Ice Climber, Pinball, Summer Carnival, Mach Rider, Macros, Bomberman etc. etc.
> 
> Once I had over 200 different games but gave few cartridges to cousins.
> ...



You have SUMMER CARNIVAL!!! I searched for that every where. Like a mad man. I wish I had it.


----------



## sygeek (Jun 14, 2011)

LulzSec versus Bethesda & Senate.gov - Pastebin.com


----------

