2

2

1

Approvals 16/3 ▼

Christopher (10) - 3455d ago Cancel

Iltapalanyymi (2) - 3456d ago Cancel

plsburydoughboy (2) - 3455d ago Cancel

Kribwalker (1) - 3455d ago Cancel

nicksetzer1 (1) - 3455d ago Cancel

380°

SQL Vulnerability allows access to Sony's customer data

diefor|3455d ago |Rumor|88|

A serious security flaw that could be used to attack PSN and accessing user data, was discovered in the Sony site by a security expert, says the German tech site Golem.

PS Vita PS3 PS4 translate.google.com

Read Full Story >>

translate.google.com

Credit url:https://translate.google.pt...

Alernative sources (1)

PlayStation Network Has Open Vulnerability, Warns Tech Security Expertgameranx.complsburydoughboy

Create Report !

Reports

✔ Fixed

Bad Editing

Run the link through a translator

Kayant3455d ago WhoDisagree(0)Agree(1)

✔ Fixed

Wrong story type

Should be Rumor

Abriael3455d ago WhoDisagree(1)Agree(0)

✔ Fixed

Add/remove tag

Remove Sony tag

Kayant3455d ago WhoDisagree(0)Agree(0)

✔ Fixed

Wrong source

swap the credit and source

jackanderson19853455d ago WhoDisagree(0)Agree(1)

Updates

Changed from Pending to Approved

Community3455d ago

Changed: title

Christopher3455d ago

Changed: title, url

Christopher3455d ago

Changed: url, credit url

diefor3455d ago

- Comments (88)

Expand all

Mikelarry3455d ago

Oh boy, if this is true I hope their silence on this is because they are avoiding it not hitting mainstream media and trying to patch it as quickly as possible. Sony cant afford another one of these hacks not now

Reply Agree 24 Disagree 22

SPAM Inappropriate

Mulando3455d ago

The problem with those hacks is, if they don't make it public, the company does nothing until something happens. That's why magazines (or whoever does this professional) contacts the company and make it public after a while. If it is not in the public companies (not only Sony) tend to not react at all until it is to late. Some things only work with a bit of public pressure.

Reply Agree 22 Disagree 6

SPAM Inappropriate

decrypt3455d ago

PSN security is run by a bunch of monkeys. Problems are here to stay and are not going away.

Agree 37 Disagree 41

SPAM Inappropriate

Gority3455d ago

Not saying there isn't a security vulnerability especially given the information from the article, but companies like these look for issues, contact the company in order to get the company to pay them to "fix" said vulnerability, and if they don't they then go public. Sony is an easy target obviously given the past PSN hack but this company's motives are not simply to help customers.

Agree 23 Disagree 6

SPAM Inappropriate

nicksetzer13455d ago

@gority Yes, this iasue was found simply because he make money by charging ____ company to fix the issue. However, that doesn't changw the severity of the issue nor the fact that Sony is ignoring it. Both MS and nintendo surely have as many (maybe more) issues, however they proactively fix them.

A great example is a random 5 year old sent an email (to the wrong place may I add) to MS about a security flaw and they not only listened and repaired it within days of recieving the email. Sony is ignoring a MAJOR security firm telling them they have a problem, it's not good.

Agree 11 Disagree 15

SPAM Inappropriate

Gority3455d ago

@nicksetzer1

Man, you are really reaching. Major security firm? No. Random dude, telling them they have a security issue, yes. Your biased towards Sony is evident, and I guess I can't fault you too much based on their security history but don't just make stuff up.

Here is a credit from the same individual, not firm, regarding a different vulnerability. The credit links to his facebook page.

http://www.telekom.com/secu...

Agree 12 Disagree 11

SPAM Inappropriate

nicksetzer13455d ago (Edited 3455d ago )

@gority you do realize that he is linked to security issues being resolved for google, tmobile, ebay, etc.
http://ebay.com/securitycen...
http://www.telekom.com/secu...

Security companies tend to remain low brow, they don't just publicly advertise, are you expecting to know the individuals they hire like they are some superstar? And does that fantasy world you live in somehow make it impossible for it to be a major firm if he is not? Most likely firms hire him as an independent contractor ... as most do, hence almost all those in the link use their personal contact info. Regardless let's say it is just a random person, does that make it resonable to ignore a security flaw on Sony's behalf?

The only one reaching is you for trying to find any reason you can to justify Sony ignoring security issues consistently.

Agree 10 Disagree 9

SPAM Inappropriate

donthate3455d ago (Edited 3455d ago )

SQL injection the oldest trick in the book is a vulnerability on PSN?

Wow! Just wow!

The kicker, notified 2 weeks ago and no response!

Parametrized queries will fix this in no time and can be done by 10-year old programmers. In fact, this is the sort of thing you prevent easily by having a policy of only using parametrized queries. All major websites do this, let alone a paid network serving 100's of millions of people.

Sony do you have such incompetent programmers or do you not care?

I guess it is your customer data and not Sonys'.

Last time this happened in 2011 when Sony got hacked, all Sony got was a slap on the wrist after again ignoring customer information safety and neglected to patch their server software. Again something they should do as routine maintenaince.

There is one thing that mistakes happen and completely another to willfully ignoring blatant security issues:

http://www.vg247.com/2011/0...

This is quite amazing really!

Agree 2 Disagree 3

SPAM Inappropriate

Christopher3455d ago (Edited 3455d ago )

***SQL injection the oldest trick in the book is a vulnerability on PSN? ***

You lost me there.

As far as Web-based vulnerabilities, SQL Injections are far form the oldest or most common forms of vulnerabilities. XSS is way more common as well as many other JavaScript vulnerabilities.

***Parametrized queries will fix this in no time and can be done by 10-year old programmers. ***

Your hyperbole aside (10-year old programmer? Really? I know professional Web developers who still don't do it all over the place), your are right that they should be doing this as well as stored procedures.

***All major websites do this, let alone a paid network serving 100's of millions of people***

Actually, they don't. There are still massive security flaws on Yahoo! and there have been various other security flaws of this type on Google sites, Microsoft sites, and more. Heck, MS had to do some major updates to SharePoint due to SQL Injection issues even.

The difference I will give them is that they respond almost immediately to these things. Sony? Not sure what the heck they're doing.

Agree 2 Disagree 1

SPAM Inappropriate

donthate3454d ago

d0x3603454d ago

@nick by this point I doubt Microsoft has many security issues at all with live. User data has never been stolen via a hack and while the bug that kid found was awful it only had existed for a couple weeks after an update and redesign to the site took place. Even still no user data was compromised.

Sony on the other hand has had user data stolen from psn, they also had the root not fiasco, psn constantly being down and now a security advisory from a firm of which they haven't commented on and now that information is in the wild that it exists you can safely bet your very last dollar there are currently multiple people groups and trying to actively exploit it. They watch the watch dogs waiting for news like this and race to get in before something can be patched and Sony has proven they have a very bad track record with patching.

They should take psn offline and investigate immediately whether the threat is credible or not.

Agree 1 Disagree 2

SPAM Inappropriate

mechlord3454d ago

Thats not exactly how these things go.
When someone on the white side of things finds a vulnerability they first alert the offending party, in this case SONY, They give them enough time to patch the problem and most times only publish the vulnerability after it has been patched. Thats the etiquette white hats use and thats the standard professional procedure.

It has nothing to do with public pressure.

Agree 0 Disagree 0

SPAM Inappropriate

Christopher3454d ago

***
"SQL injection (SQLI) is considered one of the top 10 web application vulnerabilities of 2007 and 2010 by the Open Web Application Security ***

Now, look at the quote I was talking to. Tell me, does "the top 10" equate to "oldest vulnerability in the book"?

So, rant on as you please, but at least acknowledge the quote I am speaking towards.

XSS is also in the top 10... and it's also older than SQL Injection...

***Something else more common doesn't make something else less common! ***

I didn't say it did! Again, you need to read the quote I am talking towards, not just my words without any reference point. That's why I take the time to quote the parts that I am replying to.

***Don't excuse that simply because it is your favorite company! ***

Show me where I excused it?

***I hope the mod gods doesn't ban me though for speaking my opinion against their goal.***

The sad thing is... you were okay up until you called me a troll and made this remark.

Too bad you don't know how to read my comment as it's intended and instead insinuate that I'm somehow supporting Sony in this.

Agree 0 Disagree 2

SPAM Inappropriate

+ Show (8) more repliesLast reply 3454d ago

nicksetzer13455d ago

Sounds very familiar....

http://www.vg247.com/2011/0...

Reply Agree 15 Disagree 14

SPAM Inappropriate

Foehammer3455d ago

deja vu?

Agree 6 Disagree 10

SPAM Inappropriate

oODEADPOOLOo3455d ago (Edited 3455d ago )

Dosent help they made user info including credit cards mandatory and not user-removable. I'm gonna have to double check if card on my account has protection. Dumb move on Sony to require CC on account instead of making it an option at time of purchase, guess people gonna have to learn the hard way.

@ lil and Bibty

It did require credit info for trial when I first got PS4 and It wouldnt let me remove it later on. I can only substitute the card for another.

Reply Agree 3 Disagree 27

SPAM Inappropriate

lilbrat233455d ago

You can remove your credit card info and you are not forced to put in your CC info.

Agree 19 Disagree 6

SPAM Inappropriate

BitbyDeath3455d ago

Credit cards aren't mandatory, why do you think this?

Agree 11 Disagree 5

SPAM Inappropriate

thereapersson3455d ago

@bitbydeath @ lilbrat23

Why let facts stand in the way of sensationalist hyperbole?

Agree 12 Disagree 3

SPAM Inappropriate

XabiDaChosenOne3455d ago

Excuse but you are a liar, I put in than removed my credit card information last night thank you very much.

Agree 9 Disagree 4

SPAM Inappropriate

oODEADPOOLOo3455d ago

+ Show (2) more repliesLast reply 3455d ago

rainslacker3455d ago (Edited 3455d ago )

Well...the severity of the threat isn't really known from this article, and the author of the article doesn't say exactly other than to say it's serious. Some broad claim that it may lead to attackers getting data doesn't say much as to what kind of data they would receive.

SQL injections are extremely common, and I guarantee you almost every site that uses SQL has at least one somewhere within it's code which may or may not be discovered. Sometimes they can be quite serious(one mentioned in the article), and sometimes they can be quite banal.

For those that don't know, SQL is a database server/program that is used for holding information in most organizations, and it makes up a pretty big chunk of data driven websites, and is used to hold most data within organizations as well.

Basically an SQL injection just allows for an unchecked SQL command to be used when accessing a website, so the attacker can change the data that is retrieved from that command. If that command happens to be tied to sensitive user data, then it could lead to personal information being leaked.

I"m glad the person who found this contacted Sony though instead of just making it public. As far as why Sony hasn't fixed it, it's either because they don't feel it will lead to the loss of sensitive information, or they haven't found a way to fix it yet. Given Sony's history in server hacks, I'd say it's probably the former...I highly doubt they'd want a repeat of that.

It's also possible that the information received from using this attack would only return encrypted data which would be useless to the attacker, so as of now there isn't much need for concern. But it's worth finding out if Sony has plans to fix it, or if they've already fixed it. Since this article didn't bother to contact Sony for an answer, we'll just have to take their word for it for now.

Reply Agree 4 Disagree 5

SPAM Inappropriate

troylazlow3455d ago

this sucks!

Reply Agree 2 Disagree 3

SPAM Inappropriate

+ Show (2) more repliesLast reply 3454d ago

TheLyonKing3455d ago

There is no way to fully know unless it happens but they will have contacted sony about the issue I assume rather than tell magazines and websites first.

Its a simple thing to stop and I imagine the sql would only affect a small part of PSN rather than the whole thing. The key word is could its not been proven it can and sony might have prevented it by some other means.

Reply Agree 5 Disagree 13

SPAM Inappropriate

GameDev13455d ago

"its not been proven it"

Exactly, people will eat up anything on the internet these days

Considering Sony's past breach, I could easily write a blog up myself on how I hacked Sony's website and people will believe me yet I have no security or hacking skills

They didnt even contact Sony the right way as they should have donw it through tech support

There is no evidence or proof from them and they said they wanted to release the information, and this was reported to Sony on 9th of October, if they have any evidence at all of the information they hacked and Sony still hasnt done anything, from the 9th till now they would have released the information

Very fishy imo

Reply Agree 13 Disagree 23

SPAM Inappropriate

Mulando3455d ago (Edited 3455d ago )

Golem is a professional online magazine and not someones blog. They should be trustworthy.
And if they say they contacted the support, I don't think they mean the normal customer support.

Agree 25 Disagree 4

SPAM Inappropriate

GameDev13455d ago

@ Mulando

professional online magazine or blog. Not the point I am making, on both opinions and news are written and this one has no evidence of any vulnerability, it is just some saying they did an SQL injection and acquired data showing no proof at all

Then for a professional security team not being able to contact the right support, they are meant to ccontact tech and security support

Again with Sony's previous breach, anyone can claim they hacked Sony and people will believe them, with no evidence especially after two weeks of telling Sony.

This is just a claim with no evidence and nothing more

Agree 9 Disagree 15

SPAM Inappropriate

Th4Freak3455d ago (Edited 3455d ago )

@GameDev1 and what the hell do you want them do to? Release a PoC so we all get out accounts information dumped? I'm not sure if you're really that dumb or just a blind fanboy, perhaps both...

Agree 7 Disagree 3

SPAM Inappropriate

Christopher3455d ago

Yeah. I highly doubt their SQL Injection gives them any true access to anything more than public info and not actual passwords or the like (which are stored in hash form and not cleartext).

But, regardless, SQL Injections are easy to fix in the overall scheme of things. So, Sony should be able to fix this.

The fact that they have a SQL Injection vulnerability, even on basic, public info, is kind of worrisome. It's one of the key things a Web programmer should be testing against at every step of development.

Reply Agree 9 Disagree 7

SPAM Inappropriate

Bladesfist3455d ago

I am always surprised when I look at how incompetent the web development teams for some of these big companies are. Hopefully the SQL User that they are using for this has only got the permissions that it needs but I would not bank on it.

Agree 1 Disagree 0

SPAM Inappropriate

Christopher3455d ago

Sadly, Bladesfist, I'm not surprised. 9/10 Web programmers I've worked with do least amount possible and don't keep in mind security until they get tested for it. And, even then, they typically just fix the issues that the analyzer found, not all of them.

Agree 2 Disagree 0

SPAM Inappropriate

rainslacker3455d ago (Edited 3455d ago )

Nothing said what kind of information could be retrieved from this. For all we know all it could retrieve is what time a particular user logged in, if a person knew a particular users screen name...although with SQL injection a more broad search could be used.

Certainly not devastating.

I like that the person who found this did contact Sony, but I wonder why the article didn't bother to ask Sony for comment. Apparently it's just taking the attackers word for the fact that it isn't fixed. it also doesn't say if the injection could be rejected server side, which is a definite possibility since checks can't be seen on the server itself without performing an injection...so it makes me wonder if the person who found it actually tried to retrieve information using an attack.

Too many unknowns from this article to make a big deal about it. Hopefully some website will use it to get a comment from Sony though. If it's an issue, it should be addressed, but no need to fear monger when a bit of prudence in reporting can make a much clearer picture.

Reply Agree 3 Disagree 3

SPAM Inappropriate

Volkama3455d ago

Well... hopefully these guys are the first and only ones to find the vulnerability.

I wonder if they openly share the details with Sony, or if they say "we've found something... you'd best pay us to tell you"? Companies can't operate on good will.

Reply Agree 4 Disagree 2

SPAM Inappropriate

whoyouwit043455d ago

ShowReplies(3)

Alex_Boro3455d ago

Sony needs to step up their security game

Reply Agree 19 Disagree 2

SPAM Inappropriate

SinisterKieran3455d ago

good job posting it here to inform the whole of the internet.

Reply Agree 5 Disagree 2

SPAM Inappropriate

1stPersonHuman3455d ago

Sony needs to really put a focus on revamping the PSN. It is my largest concern with PlayStation consoles, and many people avoid the console for the service alone. Sony needs to deal with the troubles of the service

Reply Agree 6 Disagree 7

SPAM Inappropriate

jrshankill3455d ago

100% agreed. I ask again.. why am I paying for this service? Hacks, downtime, maintenance. It's actually shocking how bad PSN has been.

Reply Agree 1 Disagree 4

SPAM Inappropriate

Imalwaysright3455d ago (Edited 3455d ago )

If this is true then it means that Sony learned nothing of the 2011 PSN hack.

Reply Agree 12 Disagree 7

SPAM Inappropriate

ginsunuva3455d ago

That's not how it works.

Reply Agree 4 Disagree 4

SPAM Inappropriate

mark3214uk3455d ago

when your on top of your game theres always ppl that want to bring you back down

Reply Agree 9 Disagree 6

SPAM Inappropriate

ChickenOfTheCaveMan3455d ago

All I need now is to understand their tables and then change my gamer name ;)

Reply Agree 1 Disagree 2

SPAM Inappropriate

Dewitt3455d ago

Really they are using a SQL database with low encryption to host customer data. SQL is fine if it is local, but it is not meant for WLAN or Datacenters. Use an oracle base or sharepoint with 256 bit encryption at least.

Reply Agree 4 Disagree 5

SPAM Inappropriate

rainslacker3455d ago

You make a lot of assumptions from a very incomplete article.

SQL has encryption, and Oracle is just as vulnerable to SQL injections as any other form of SQL is. Nowhere does it say that Sony is using SQL, and they may very well be using Oracle or some other alternative. The level of encryption has nothing to do with the commands being used to access data in this case.

SQL is the most commonly used database for storing and hosting customer and company data. It wouldn't get that way if it didn't have the security it needs.

Also, this article didn't say if the data was encrypted or not, or what kind of data could be retrieved with this attack. For all you know, any data retrieved could be completely useless. It also didn't say how far an SQL injection could actually go into the servers, and for all you know, the injection could be checked server side, and thus rejected.

Reply Agree 6 Disagree 5

SPAM Inappropriate

Dewitt3455d ago

I use SQL everyday, I know the limitations and the infrastructure is not built to host millions of records. It is built for small companies that want a way to store DBs locally or through VPN. We host in the cloud as well, but again it is built for individuals and small companies. It is NOT built for datacenters. SQL also uses a light encryption through their backup system, but anyone can download Management studio or a third party utility and check the tables for info.

Reply Agree 2 Disagree 7

SPAM Inappropriate

jamstorr863455d ago (Edited 3455d ago )

I am an sql dba, and what you have just said is the biggest pile of bull I have seen on here. Sql can hold over 500,000 tb data consisting of hundreds of millions of rows, even billions. The issue with SQL injection is to do with the website designers and the way they are writing the code to access the data. Instead of forcing paramiterisation of a query they are allowing an ambigious input that can alter the syntax of the query thus pulling additional data. I support databases for numerous customers that hold huge amounts of data that are updated thousands of time each hour. I know the capabilities of sql, you clearly don't.

Btw, SQL doesn't just encrypt through backups. It encrypts via the use of encryption keys, Ya idiot. Also not everyone can access the data just by downloading management studio. You need a verified security logon principle with an associated user principle that has the required permission to Access the data. If you work in IT I suggest you find a new job.

Agree 4 Disagree 3

SPAM Inappropriate

joeorc3455d ago (Edited 3455d ago )

@Dewitt? Really ? Wtf, your blowing freaking smoke or trying to that is..that is complete fabrication of the truth, who are you trying too fool? About SQL? Not made for large companies data centers?
LMAO

http://www.tripwire.com/sta...

Agree 5 Disagree 3

SPAM Inappropriate

Bladesfist3455d ago

What, SQL Injection has nothing to do with encryption. It is the result of not properly sanitizing user input.

Reply Agree 0 Disagree 0

SPAM Inappropriate

vikingland13455d ago

If it's true should I trust that it will be addressed?

Reply Agree 0 Disagree 2

SPAM Inappropriate

TheEternalGamer3455d ago

HentaiMasterRace3455d ago

2 things Sony needs to work on and then they'll be the best video game company:
1. PSN
2. The PS Vita

Reply Agree 2 Disagree 5

SPAM Inappropriate

uth113455d ago

Wasn't there a PSN outage announced for tonight? Could they be patching this?

Reply Agree 2 Disagree 4

SPAM Inappropriate

Funantic13455d ago

PSN will always have security issues. They haven't fixed it since the PS3 first released. I'll make sure I spread the news on the internet about this situation. This is something more people should know about tho everyone knows that PSN is unsecure. I got my credit card info on my X1 but I would never ever do that on my PS4. PSN name BKaca.

Reply Agree 5 Disagree 14

SPAM Inappropriate

Yetter3455d ago

Pretty sure thats because PSN was designed with their eyes closed, I mean how else could you explain not being able to change your PSN ID?

Reply Agree 2 Disagree 8

SPAM Inappropriate

Gority3455d ago

I don't know about spreading this info.... See my comments near the top about the source.

Reply Agree 0 Disagree 3

SPAM Inappropriate

joeorc3455d ago

IWentBrokeForGaming3455d ago

To a hacker eventually the challenge is the rush of a "harder" job... Xbox fans I bet are more cozie than they really should be!

Reply Agree 5 Disagree 3

SPAM Inappropriate

mark3214uk3455d ago

ShowReplies(1)

kingmushroom3455d ago

why pay with credit card ? just go with psn prepaid cards.

Reply Agree 3 Disagree 3

SPAM Inappropriate

Yetter3455d ago

And this is why prepaid PSN cards are always on Amazons best sellers list.

Reply Agree 2 Disagree 2

SPAM Inappropriate

qwerty6763455d ago

lol everytime i go on n4g now theres always at least one article about psn

either the service is really that bad or these journalists are just over blowing every little outage for a few clicks.

Reply Agree 4 Disagree 5

SPAM Inappropriate

ownag33455d ago

once_a_jedi3455d ago (Edited 3455d ago )

To all the people saying Microsoft is invulnerable,nobody built a fake PS4 with hacked specs. : http://arstechnica.com/tech...

Reply Agree 6 Disagree 3

SPAM Inappropriate

joeorc3455d ago

The four men also allegedly turned to Epic Games and used SQL injection attacks “and other incidents of unauthorized access” like stolen passwords to pilfer “unreleased software, source code, and middleware” from the upcoming Gears of War 3 title.

yup, only Sony security falls prey to SQL attacks...

Bubble up for court case reference IE: yes even Microsoft people

Reply Agree 4 Disagree 2

SPAM Inappropriate

Ryan7413455d ago

Being saying this months now, they need new hamsters.

Reply Agree 2 Disagree 4

SPAM Inappropriate

rajman3455d ago

aaaaaand now PSN is down :(

Reply Agree 4 Disagree 3

SPAM Inappropriate

xkvcq3455d ago

Yep PSN is down for me too; in Burbank, CA

Reply Agree 3 Disagree 0

SPAM Inappropriate

x_RadicalAura_x3455d ago (Edited 3455d ago )

Hire me, Sony I can fix it!! How? Client-side white list input validation (through the usage of regular expressions and conditional statements) + stored procedure with strict parameters on backend SQL database + parameterized queries. Boom. Problem solved, potential SQL injection crisis averted.

/nerdy CIS major rant

As a long-time PS fan though, this is troubling if it's actually exploitable (I'm not going to try, nor should you unless you're an idiot). If so though, as a 21 year old college n00b, I apparently know more than the "seasoned" security professionals at Sony. Neat.

Reply Agree 1 Disagree 3

SPAM Inappropriate

Angerfist3455d ago

Where does all that PS+ Money go??
It's really a joke, you can love Sony all you want but they don't seem to learn.
If stuff like this turns into another month downtime like back then it will bite them in the Ass this time.

Reply Agree 2 Disagree 4

SPAM Inappropriate

x_RadicalAura_x3455d ago (Edited 3455d ago )

*Good* free PS+ games, duh. Lol enjoy your Viva Pinata next month!!

Reply Agree 3 Disagree 3

SPAM Inappropriate

Angerfist3453d ago

Enjoy your next Downtime.

Agree 0 Disagree 1

SPAM Inappropriate

mokkeyrg23455d ago

really again this could cripple them if true...

Reply Agree 1 Disagree 4

SPAM Inappropriate

joeorc3455d ago (Edited 3455d ago )

It is being tried even if its not true, there is no down side to websites running this type of release, because even if its not true it still does PR damage to said company.

why do you think its used in Astroturfing?
already in this and other forums its a vs
thread by default.

which only benefits Microsoft and Hurts the perception of Sony and its network regardless if its true or not.
ever since the hacking
fiasco of 2011 its a free negative PR against Sony even if its not true every time there is maintance on PSN there is tons of these types of articles implying or questions about the security of PSN. Its pretty much a free Negative to levy against Sony with out any repercussion.

Some could very well say, because its all true..every negative, but they are going to say that reguardless even if its found out not to be true at all the trust in PSN security is an issue no matter how much Sony would invest into it. And its being used in a media as a way to generate a story even if the story is not true. To Many consumers it will be true reguardless.

what many gamers and you can tell which preference they have ask why is it that PSN still is getting more users to sign up for the service with how poor the security is..they are sheep, why is it people cannot see how better Microsoft's network is over Sony. That's really the core blunt truth of the matter, if Microsoft was not this far behind in sales and it was Sony in Microsoft's Place and Microsoft would be in Sony's place/right now how would these talking points go than..hay look not only is our sales massive but also look at how secure our network is..look at last generation of the xbox360 vs PS3 in forum posts on gamer forums.

the fact is despite the perception of or lack there of Sony's online security more consumers right now are still buying into playstation.
The Argument that is being framed is why choose Sony over Microsoft or Nintendo.

They do not have out right say it, its already implied.
there are many gamers feel that other gamers are not giving Microsoft a fair chance and bought into the PS4 Hype.

If Microsoft was in the lead would we really be having these/stories also..yes you could count on it.

Reply Agree 0 Disagree 0

SPAM Inappropriate

WMANUW3455d ago

that pious soul, that good man, all free then made ..Beh actually yesterday I have entered the server area 51, and I've found things you people would not even imagine, so incredible that I can not even tell you what I seen (because it does not tell the details?). That is, each morning he gets up and comes up with one, then just happened to Sony was warned of it and do nothing, prefers another Shitstorm and spend twice as much in repayments ...... But let's stop, has become a fashion .the success creates too many enemies and owls ... Very curious to hear the response from Sony ...

P. S. because this person did not sell information?

Reply Agree 0 Disagree 1

SPAM Inappropriate

IGiveHugs2NakedWomen3455d ago

Did anyone notice that the PS4 is still selling like hotcakes in spite of all the trolling and negative talk about a network that has more than 10 million users connected to it?

13.5 million consoles as of October...

18.5 to 19.2 million by the end of the year...

Troll that...

Reply Agree 1 Disagree 1

SPAM Inappropriate

LogicStomper3455d ago

You might want to hit up the definitions if you think that pointing out a security flaw is considered 'trolling'.

Reply Agree 1 Disagree 1

SPAM Inappropriate

IGiveHugs2NakedWomen3455d ago (Edited 3455d ago )

This story is a shadow, an innuendo, a guess, a blatant extortion attempt, and a rumor...

Now if you were the person who actually discovered this "door" and you were able to explain how it works in layman's terms, then this story might have some semblance of credibility. As of right now, this story reeks of bullsh*t.

Agree 2 Disagree 1

SPAM Inappropriate

NeoGamer2323454d ago

SQL Server injection vulnerabilities are simply inexcusable in this era on a large public network like PSN.

Reply Agree 1 Disagree 3

SPAM Inappropriate

Bebedora3454d ago

NeoGamer232 no one ever use that port.

Reply Agree 0 Disagree 0

SPAM Inappropriate

NeoGamer2323454d ago

WTF?

The article specifically says it is a SQL Injection Vulnerability...

A SQL injection vulnerability is when you insert SQL commands into data that is coming in to the server.

The fact that Sony's services do not look for and weed this stuff out is ridiculous. This is web application 101 type stuff.

For all those disagreeing, you have no f'ing clue what you are talking about. Even an article on Wikipedia helps people understand it...

http://en.wikipedia.org/wik...

Agree 0 Disagree 1

SPAM Inappropriate

Bebedora3454d ago (Edited 3454d ago )

If that is your incentive, be prepared. An "injection" is always possible. Or are you just that good?

If you had said: "Sony did it again" or "Sony has a bad RDBM staff" I would have bought it.

But "SQL Server injection vulnerabilities are simply inexcusable" makes it a completely different game

Agree 1 Disagree 0

SPAM Inappropriate

RG_Dubz3454d ago (Edited 3454d ago )

Why do you think the entire PSN had maintenance last night?

Needless to say, the exploit has been fixed.. Nothing to see here.

Reply Agree 2 Disagree 0

SPAM Inappropriate

Bebedora3454d ago

http://www.google.com/url?s...

Reply Agree 0 Disagree 0

SPAM Inappropriate

Show all comments (88)

230°

Insomniac Games updates Ratchet and Clank 2016 for its 8th Anniversary

purple101|13h ago|News|12|

Bounce back to Ratchet & Clank (2016) for its 8th anniversary! To celebrate, the Bouncer is now available to download at no additional cost.

PS4 Ratchet And Clank (2016) playstationlifestyle.net

Read Full Story >>

playstationlifestyle.net

Create Report !

Reports

Updates

Changed from Pending to Approved

Community13h ago

Changed: title

purple1011d 17h ago

- Comments (13)

Cacabunga11h ago

They should update Rift Apart on PS5 it is broken we cannot finish it lost all weapons and even the ratchet...

Reply Agree 0 Disagree 30

SPAM Inappropriate

Profchaos9h ago

I've got a platinum and done everything on two playthroughs have not encountered a bug like that

Reply Agree 10 Disagree 0

SPAM Inappropriate

Cacabunga8m ago

Well congrats but it happened to me.. this bug is common.

Agree 0 Disagree 0

SPAM Inappropriate

Ephoenix79h ago

Contact the developer

Reply Agree 5 Disagree 0

SPAM Inappropriate

S2Killinit8h ago

Never heard of anyone with that complaint.

Reply Agree 8 Disagree 0

SPAM Inappropriate

Cacabunga6m ago(Edited 5m ago)

Will it happened to me.. and if you search people are experiencing it as well. Some suggest fix but didn’t work out for me ..
People disagree like i insulted their mother.. kids in here

Agree 0 Disagree 0

SPAM Inappropriate

Good-Smurf1h ago

"We?" Let's change to just "You" first before I can even take your comment seriously.

Reply Agree 0 Disagree 0

SPAM Inappropriate

Cacabunga4m ago

At home “we did” experience this.. i don’t care about you to include you in “we”..

Agree 0 Disagree 0

SPAM Inappropriate

+ Show (1) more replyLast reply 4m ago

DivineHand12510h ago(Edited 10h ago)

I wish we got dlc for Ratchet and Clank Rift apart. I want more content for that masterpiece of a game.

Reply Agree 8 Disagree 2

SPAM Inappropriate

yeah, would be great to have a story expansion or something for Rift Apart. with the Rift and multi-dimensional travel, there is so much potential left on the table. but I guess with the Spidey games doing bonkers and next, Wolverine, it will be some times before we see another R&C. oh...and RIP Resistance!

Reply Agree 0 Disagree 0

SPAM Inappropriate

Knightofelemia8h ago

Meanwhile Wild Arms is forgotten about.

Reply Agree 0 Disagree 2

SPAM Inappropriate

Good-Smurf1h ago

That had nothing to do with Insomniac at all lol.

Reply Agree 0 Disagree 1

SPAM Inappropriate

Knightofelemia59m ago

I know I just wish Sony would recognize and remember such a great JRPG franchise.

Agree 0 Disagree 0

SPAM Inappropriate

80°

What's In Overwatch 2 Season 10? New Hero Venture Details

bfrye26|14h ago|News|0|

Overwatch 2 Season 10 is bringing the new hero Venture, new limited-time game mode Mirrorwatch, Clash Trial and more.

Nintendo Switch Overwatch 2 PC PS4 PS5 Xbox One Xbox Series X cgmagonline.com

Read Full Story >>

cgmagonline.com

Create Report !

Reports

Updates

Changed from Pending to Approved

Community14h ago

70°

“NARAKA: BLADEPOINT” Season 12 ("Tenacity Treasure Scroll") is now live for PC and consoles

TGG_overlord|15h ago|News|0|

"The Guangzhou-based (China) indie games publisher and developer NetEase Games and Hangzhou-based (China) indie games developer 24 Entertainment, are today very happy and excited to announce that they have just kicked-off Season 12 ("Tenacity Treasure Scroll") for their F2P action battle royale game "Naraka: Bladepoint" (Season 12 is live right now for PC and consoles worldwide)." - Jonas Ek, TGG.

Naraka: Bladepoint PC PS4 PS5 Xbox Series X thegg.net

Read Full Story >>

thegg.net

Create Report !

Reports

Updates

Changed from Pending to Approved

Community15h ago