PS3 Cluster Attacks: Shall We Play a Game?

Thursday, April 28, 2011

J. Oquendo


While 70 million people or so are complaining about not getting their Modern Warfare fix and failing to read between the lines [1], an interesting e-mail made its way into my inbox.

The e-mail touched on an altogether bigger problem that Sony may have on their hands. In fact, that the entire world for that matter may have on their hands.

This little tidbit all sprouts up from what happened three years ago:

"Using computing power from a cluster of 200 PS3 game consoles and about $700 in test digital certificates, a group of hackers in the U.S. and Europe have found a way to target a known weakness in the MD5 algorithm to create a rogue Certification Authority (CA), a breakthrough that allows the forging of certificates that are fully trusted by all modern Web browsers." [2]

Sony's PlayStation is a powerful little supercomputer and eleven years ago, Saddam Hussein was under watchful eye for purchasing 4,000 less powerful PlayStation 2 systems, and those weren't even as powerful as the PS3.

"According to a WorldNetDaily report, US customs, the FBI and military intelligence - a contradiction in terms if we ever heard one - are investigating shipments of Sony's next-generation games machine to Baghdad. Some 4000 consoles have made their way to Iraq, those agencies reckon." [3]

For the pure techies here, imagine for a moment the ability to cluster 70 million PlayStation 3s.

At .001% of 70,000,000 potential accounts, there would be the potential of a 700,000 cluster of PlayStation 3s at the disposal of an attacker.

And those numbers collectively would eclipse a dozen or so of IBMs fastest supercomputers.  Hey Sony... Are you auditing your PS firmware? I would if I were you.





Possibly Related Articles:
Information Security
Digital Certificates Sony hackers PS3 PlayStation PSN Clusters
Post Rating I Like this!
Rod MacPherson I would not be surprised to see more clusters like this popping up soon.
PS3 hardware must be getting cheap on e-bay these days. If PSN doesn't come back soon, there will be less holding people back from installing custom firmware, what's to stop someone slipping a little RAT into a CFW this week and p0wning a whole bunch of newly "hacked" PS3s?

I would imagine that there are a lot of PS3 owners who've gotten frustrated with Sony and said screwit, PSN is the only thing I have to lose and it doesn't work now anyway...
Rod MacPherson It was no surprise to see an attack on the PSN in early April.
Sony kind of set themselves up for it. They started a "new company" (SNEA) which I assume came with new servers, they announced well in advance that this new change was coming. (far enough for someone to think hey new company probably means new servers anyway) I'm not saying that was a bad move, but I wonder if they rushed getting a new PSN network set up and left themselves vulnerable somewhere in their rush to meet the opening day deadline they had set with 70 million customers?

I know from the little exposure I've had to pentesting that a good place to look for weakness is in newly deployed/changed services. Sometimes things get opened up to the public before they are really ready.
shawn merdinger Great post, J. and fwiw this risk makes more and more sense to me in the light of the long outage.
Brian Ford Good post. What's not clear is exactly how many accounts at PSN have credit cards associated with the account. PSN supports the creation of a Master / Network account that would be created by someone over 18 and then sub accounts for gamers under the age of consent. Those accounts do not require credit card. While there may have been 70,000,000 accounts how many were Masters? Next factor in how a PSN user goes about changing their online ID. They often don't. They create a new sub account. Then factor in how many accounts may have been inactive or even retired or deleted. There are likely millions of accounts on PSN but not all have the same value.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.