Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

use a PS3 device ID and only allow changing the password on the device, but that is also known by the attackers and I'm sure it could be spoofed.

Often, every device in a secure network would benefit by having its own asymmetric encryption key. This way, Sony could have easily implemented a challenge-response that only clients could respond to. The hackers would only have gotten the public keys, which wouldn't do them any good outside of some sort of man in the middle exploit, which would require secret control of a part of the PSN network over an extended period of time.



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: