Can PlayStation 3 hackers now unban themselves and ban innocent gamers?

It seems that some hackers may not only have managed to get around Sony’s new PlayStation 3 banning system, they could even manage to turn it around and get innocent gamers banned for doing nothing wrong.

A post on the SKFU blog states that bans are currently based just on user accounts and the PlayStation 3 console IDs. The way around this is that hackers can modify the information that is sent and received by the PlayStation 3, thus they could not only get themselves unbanned, they could in theory, cause innocent users to get a ban.

The theory even goes on to suggest that a simple Windows application could be created that would go through all PlayStation console IDs and get the world's consoles banned in around 24 hours.

All of this is currently hypothetical; although there has been some forum talk that users have already managed to unban themselves with some newly released tools that allow them to spoof their hardware and account ID’s. Website PlayStation Network at Home even managed to read a few forum posts of users doing just that before the posts were removed.

If innocent users do start to be banned by hackers, then something will need to be done quickly by Sony, but will the kind of hacking that is happening on the console at the moment mean that the company has very little else to fight back with?

Image Source: SKFU

Report a problem with article
Previous Story

Google's Reader app for Android is updated - new features abound

Next Story

Apple admits workers exposed to n-hexane

114 Comments

Commenting is disabled on this article.

Its better that Playstation provides a way to stop this hacking because users cant keep on creating new user accounts all the time just because their old ones have been hacked.

Only reason this has escalated so much is due to Sony's grave error in their security that left the system wide open. If they had implemented a good security algorithm, hackers would have to settle with some form of hardware hacks that are easy to detect. Sony basically screwed up their security and then gave the middle finger to the Linux users on PS3, and now it's biting them on the back.

Ok, I've read the whole discussion thread and didn't find anyone blaming "Fony" for their poor security measures.

First of all, PS3 keeps sending personal unencrypted data over unencrypted protocol, upon boot, or randomly. Data, not only including console ID's, contains information such as Credit Card numbers, as-well as other personal information ever entered on PSN - and all that accessible/available without reversing a single code, or connectin the "Non-Licensed Peripherals" to console itself, which corresponds to Sony TOS/EULA. You cannot blame someone for being able to see something that is publicly available - blame the Sony for making it possible. For instance, if I find a way to circumvent Win 7 trial period into infinite 30-day loop by copying (!!!) few files from one folder to another, which does not violate MS EULA, or any known civil law for that matter, I cannot be accused of hacking or reverse-engineering the OS code. I cannot be accused of "over-using" my knowledge of Win OS architecture (which I gain, not by hacking, but reading official MS documentation), and misusing it. You get the picture. But don't get me wrong - I do not support someone in its goal to steal personal data being sent to Sony, or faking someone's PS3 ID in order not to get banned from PSN. In first place I blame Sony for making it, not only possible, but extremely-possible (even obvious) for someone to do that.

Also, regarding the PSN cheating, MW2 and CoD:BO were hacked long before JB was even introduced (flash drive and offline mod bug) - the JB made it just a lot easier. Save games and game profiles aren't encrypted, game is packed inside a ZIP based package, server-side software has no cheating check what so ever, all of that is screaming to be misused, sooner or later.

Small digression at the end. Have you ever read the Sony PS3 TOS? Don't you find it questionable that the owner of legit bought console is Sony, and not you?! That you cannot connect any "Non-Licensed Peripheral" to your console (even USB Flash Drives, controllers, keyboards, mice, you name it) that is not "blessed" by Sony?!

The problem is that pandora's box is now open. Hackers can change the console ID so sony will have to do something else, then another...and so on....
I say, forget all the hack-based bannings and put all the effort into cheat-detection. Hackers that hack for the joy of gaining access to a closed system is not what I am worried about; its ONLY the hackers or script kiddies who use these tools to cheat. I, for one, would enjoy the ability to copy all my purchased games onto the PS3 HDD for the 'jukebox' effect and welcome the concept of an entire 'new' market created for making applications for the PS3 (Think Cydia for the PS3).

In a nutshell you can nip the cheaters in the butt by tracking most variables on the server, putting up a red flag when things are out of scope. You can nip (online) pirates by implementing some sort of CD-KEY that uniquely unlocks online play/trophies for a particular game when registered to a particular PlayStation ID and have the ability to 'deactivate' the key so the game can be borrowed/resold in the future for the resale/used market. None of this stops offline pirating but there is absolutely nothing that any vendor can do about that.

All I want to do is come home from work and relax with a couple rounds of Black Ops. Why do people have to try and ruin this for me? I don't care what you do with your own console, but leave me out of it.

hotdog963al said,
Stop banning, implement better cheat detection in MP games, like on the PC

VAC and Punkbuster as far as I know are easily bypassed with simple apps though most of them are private and need to pay. Many just pay to cheat cause they need to pay to have skills they don't currently possess. Why I say leaderboards are so useless as it just gives reason for hackers to show pen*s size.

Crucify said,
Wohooo, we can only hope this is the beginning of the death of consoles.

I seen you make this same stupid comment in another post on Neowin. What is your deal with hating consoles? What do you care if they exist or not? Don't care for them? Don't purchase one. Simple.

Crucify said,
Wohooo, we can only hope this is the beginning of the death of consoles.

Right, that way you can take revenge on that console which killed your puppy. Obviously that must have been what happened, else you wouldn't be affected in any way by them.

Charge $30-40 per game, let people play MP for free, make the platform open for people to recreate stories and maps to increase longevity, forget about profit.

Joker. said,
Charge $30-40 per game, let people play MP for free, make the platform open for people to recreate stories and maps to increase longevity, forget about profit.

It's called a PC. You want one, you buy one.

Joker. said,

I have one, and it doesn't fit the vision I'm contemplating.

No, it soudns about right for today's modern PC gamer. They want cheap games, free DLC, no online costs (not that there usually are) and they want sandbox tools to make mods. That's what a PC game is for, if you want it, go get it.

lflashl said,
would cloud gaming fix all of this?

For those who have access to a cloud.
Next gaming systems will be of cloud design. Privacy will NOT exist online. Used Games will NOT exist. Game prices however will NOT drop, but rather increase due to the lack of physical labour required to manufacturer & distribute.

Ruciz said,

For those who have access to a cloud.
Next gaming systems will be of cloud design. Privacy will NOT exist online. Used Games will NOT exist. Game prices however will NOT drop, but rather increase due to the lack of physical labour required to manufacturer & distribute.

lol and i wonder why

Microsoft was only successful with banning as the core security of the system was only briefly compromised. Even if rouge players were online the code was 100% in-tact, signed, and verified. Sony on the other hand has absolutely no console security now, any code will run, and any unit's 'consoleID' can be extracted and used to/from any system easily.

Sony also has a much weaker online gaming service with less security - likely cause its a free service - I mean the PS2 was not secure in the least, and the PSP was even worse, I don't know where they are getting the idea that the PSN for PS3 WILL be secure? they have continually failed to provide a secure online gaming platform.

Least with the bans the server loads will drop and sony will spend less $. In canada a GB of data is valued at $2.50!

and once more sony its proving that only legit customer will be victim of their bannings and the hackers still run free.

Its a war that they cant win they should focus in provide the best experience for those who are paying and supporting them, deal with the cheater with ways that dont come up with DRM, restricting and removing features for legit users.

I wondered why I had to agree to the EULA again the other day. The problem is this is a case of closing the barn door long after the horses have fled. I mean, my nephew for instance, was jb'd and running a 3.55 CFW, was able to copy/ftp on totally hacked MP savegames and so now even though he's legit through careful downgrading and repatching - he's running around with chars so completely out of whack that it could never be fair - ever. He just got a used PS3 fat to get around the COD:BO console ban and now I think even his original console is okay with BO again.

They have to do something about this stuff I suppose and I enjoy watching the struggle as this huge corporation tries to wrap it's collective head around what to do with a handful of geeks who seem to pwnface them at every turn.

sounds like alot of scaremongering to me . Whenever someone gets beat in a game they like to blame it on a cheat and not someone better.

gingerbill said,
sounds like alot of scaremongering to me . Whenever someone gets beat in a game they like to blame it on a cheat and not someone better.
There's a bit of a clue when the killcam shows someone randomly firing a shotgun and getting a headshot every time through walls and across the map.
T8

blackwit said,
Well at least now Sony learns that corporate totalitarianism doesn't work when it comes to private property.

I think they should ban the entire PSN for 24 hours, then unban the users. Just to make a statement. Sometimes I worry that Sony has become way too much like Apple, and they too need put in their place. I just hope somebody out there has both, the tech skills and the courage, to serve them some justice.

blackwit said,
Well at least now Sony learns that corporate totalitarianism doesn't work when it comes to private property.

If only they were reasonable with their customers

This is scary and surprise that some of you are okay with this It not fair to the legit players who do obey the playstation rules. But because of this I wouldn't be surprise if Sony put more security or etc in the PS4 to make sure hackers aren't allow to ban innocent people.In my opinion I think there should be a fingerprint id or etc like that type of security. I wouldn't mind doing a fingerprint to turn my system on so it know who I am and I wouldn't be surprise if Microsoft or Sony does go down that route soon in the future.

As i have been saying all along I am fine with people modifying the console however, the second they start making innocent people suffer is where I draw the straw. I can no longer play MW2 because of them (online anyway) if they start making to where I cannot use my PS3 at all online then I give up lol.

littleneutrino said,
As i have been saying all along I am fine with people modifying the console however, the second they start making innocent people suffer is where I draw the straw. I can no longer play MW2 because of them (online anyway) if they start making to where I cannot use my PS3 at all online then I give up lol.

That's fine. This will be good for you in the end.

/s

NeoTrunks said,

That's fine. This will be good for you in the end.

/s

I would actually say it without the /s.

Hey, maybe some of you could play the free Tribes 2. Almost no hacking, and pretty fun server mods.

LaserWraith said,

I would actually say it without the /s.

Hey, maybe some of you could play the free Tribes 2. Almost no hacking, and pretty fun server mods.

You can't compare the two man. An old game like that is going to have a small dedicated player base. What do you do when you find someone cheating? You kick and ban that player from that server. With the millions playing on PSN, are you suggesting that it would be feasible for Sony to monitor every single game being played?

I'm trying to get through the fact that by playing games like smackdown vs raw 2011 i get hacked , frozen and cheated in a match cant they do anything about these things?

It's things like this that makes me dislike PS3 modding. That, and it opens the doors for cheaters. PC gaming is already ruined by cheaters - I hope that consoles don't end up the same way!

Tha Bloo Monkee said,
It's things like this that makes me dislike PS3 modding. That, and it opens the doors for cheaters. PC gaming is already ruined by cheaters - I hope that consoles don't end up the same way!

Why I moved to the PS3 in the first place. Low and behold, I guess I brought bad luck to everyone lol. Soon after I get it, all this breaks out

shakey said,

Why I moved to the PS3 in the first place. Low and behold, I guess I brought bad luck to everyone lol. Soon after I get it, all this breaks out

Another reason to move to XBOX...

presence06 said,

Another reason to move to XBOX...

Naa, I can't do MS or Xbox anymore. After working for them for a couple years, I'm done with that system and their setups lol. I'd prefer to get screwed in new/unfamiliar ways

presence06 said,

Another reason to move to XBOX...

Provided you have the money to buy a brand new console along with the games you enjoy for it, sure. For me, that's not an amount I'm willing to just dump at random.

Metodi Mitov said,

Provided you have the money to buy a brand new console along with the games you enjoy for it, sure. For me, that's not an amount I'm willing to just dump at random.


I'm not in a boat either to just drop $300 (maybe when Tax money comes in). I'll stick with my PS3 for now. I was just saying, it's things like this that might* shun people away from PS3 in fear that the MP games they love will be destroy by punks who cheat.

presence06 said,

Another reason to move to XBOX...

Are you kidding me?? The Xbox is easy to mod too from what I hear, and I've heard of cheaters there too.
PS: Have fun paying $60 a year for online.

Tha Bloo Monkee said,

Are you kidding me?? The Xbox is easy to mod too from what I hear, and I've heard of cheaters there too.
PS: Have fun paying $60 a year for online.

Ok? Maybe I will then.

Tha Bloo Monkee said,

Are you kidding me?? The Xbox is easy to mod too from what I hear, and I've heard of cheaters there too.
PS: Have fun paying $60 a year for online.

Easy to mod, maybe, easier to get banned permanently? Oh yeaah..

Why not pay the $60 a year? You only pay it once a year and it's the cost of a brand new game. It's also ironically the solution behind this free PSN account BS.

$60 a year? If you pay for 5 years that's $300. You can buy a new console for that price.
You can get banned off of Xbox if it's modded, so don't even act like you can't. This article is all hypothetical anyways, so when it actually becomes a problem then let me know.

Tha Bloo Monkee said,
$60 a year? If you pay for 5 years that's $300. You can buy a new console for that price.
You can get banned off of Xbox if it's modded, so don't even act like you can't. This article is all hypothetical anyways, so when it actually becomes a problem then let me know.

...in five years do you think you'll still be owning a 360? You'll spend around that for games anyway, or for controllers, or whatever it is you'd be spending on if it wasn't Live.

A) You can get it as cheap as $40.
B) It puts a stop to the weakness a free online system like PSN has, because the console gets banned from ever connecting again, not the account. You get the security that you paid for.
C) I never said you couldn't get banned off an Xbox, I said the opposite; yes, it's easy enough to mod, but YES, it's even easier and far more permanent to ban those who do, and getting unbanned usually only means getting a new xbox.

Yeesh.

Tha Bloo Monkee said,
$60 a year? If you pay for 5 years that's $300. You can buy a new console for that price.
You can get banned off of Xbox if it's modded, so don't even act like you can't. This article is all hypothetical anyways, so when it actually becomes a problem then let me know.


I don't want to be mean, but you're...stupid.

All I have to say is: the 360 has been out for nearly 6 years so I have no idea why you're babbling on about how nobody will have a 360 in 5 years.

Anyways, there's no point in arguing this stuff with you fanboys. You can call me stupid but at the end of the day, you're wrong. That's all there is to it - end of story.

Tha Bloo Monkee said,
All I have to say is: the 360 has been out for nearly 6 years so I have no idea why you're babbling on about how nobody will have a 360 in 5 years.

Anyways, there's no point in arguing this stuff with you fanboys. You can call me stupid but at the end of the day, you're wrong. That's all there is to it - end of story.

We have our opinions about things. We're not mindless zombies. I have a ps3, had a 360 and switched. IF I had the money, I'd go back to Xbox but keep my ps3.

Fanboys.. keep your day job buddy and keep thinking your right.

Tha Bloo Monkee said,
All I have to say is: the 360 has been out for nearly 6 years so I have no idea why you're babbling on about how nobody will have a 360 in 5 years.

Anyways, there's no point in arguing this stuff with you fanboys. You can call me stupid but at the end of the day, you're wrong. That's all there is to it - end of story.

*sigh* You're totally self-secure, aren't you? within the next 5 years, we will have next generation consoles, it's the way it works. The computer you're using now will be obsolete within 5 years as well, and although these current gen consoles have had a long run, their time is coming to an end.

And it makes sense that that's all you have to say (ignoring the rest of my reply), because I've stated fact, and that's that. You get what you pay for.

Tha Bloo Monkee said,
All I have to say is: the 360 has been out for nearly 6 years so I have no idea why you're babbling on about how nobody will have a 360 in 5 years.

Anyways, there's no point in arguing this stuff with you fanboys. You can call me stupid but at the end of the day, you're wrong. That's all there is to it - end of story.

*sigh* You're totally self-secure, aren't you? within the next 5 years, we will have next generation consoles, it's the way it works. The computer you're using now will be obsolete within 5 years as well, and although these current gen consoles have had a long run, their time is coming to an end.

And it makes sense that that's all you have to say (ignoring the rest of my reply), because I've stated fact, and that's that. You get what you pay for.

What? This sounds way too easy, then again, the entire security of the PS3 has been compromised, more so than the Xbox 360. If I recall, and someone can correct me, the 360 is a little more involved, and you would need two consoles to unban yourself with the CPU key/hardware keys. So the PS3 just trusts the Hypervisor with data like that, or am I mistaken?

timster said,
this could be fun to have ... maybe do some playing on April 1

If fun for you is hurting or causing trouble for other people, you are a messed up and sad person. Normal people do not go and try to cause trouble for others.

shakey said,

If fun for you is hurting or causing trouble for other people, you are a messed up and sad person. Normal people do not go and try to cause trouble for others.

Sad reality is most people have too much time on their hands with nothing better to do so we see this sort of thing. Lives must be really boring to a whole lot this day and age seeing how majority who aren't actually working just sit at home touching themselves and doing the latter.

Sraf said,

FTFY

ya, because we all know the hackers would have just ignored everything if they could only have run linux on a subpar machine instead of using a real computer..... kids need to stop being so ignorant of the truth.

NeoTrunks said,

Why? My PS3 was fine then.

It's called sarcasm. Yes people would have hacked the PS3 before, that is my point. The fact that Sony removed the ability to install Linux (which I know people who like that ability) and locked down many other aspects of the console hasn't affected the hackers AT ALL, hell it gave them a reason (as if they needed one) to go a step further. My point is that no matter how hard you lock something down, the only people who ever get hurt are the legit users. This is the same with music, video, software and more. The more you DRM things, the same (not more, not less) you hurt the copyright infringers, which is to say not at all

Sraf said,

It's called sarcasm. Yes people would have hacked the PS3 before, that is my point. The fact that Sony removed the ability to install Linux (which I know people who like that ability) and locked down many other aspects of the console hasn't affected the hackers AT ALL, hell it gave them a reason (as if they needed one) to go a step further. My point is that no matter how hard you lock something down, the only people who ever get hurt are the legit users. This is the same with music, video, software and more. The more you DRM things, the same (not more, not less) you hurt the copyright infringers, which is to say not at all

If it was entirely open from the get go, most game publishers wouldn't have touched it with a 20 foot pole and you would have had a real fun time trying to play a legit game with a bunch of cheaters around.

NeoTrunks said,

If it was entirely open from the get go, most game publishers wouldn't have touched it with a 20 foot pole and you would have had a real fun time trying to play a legit game with a bunch of cheaters around.

Oh absolutely. The trick is to find a happy medium, where you can ensure enjoyment for the many, and profits for the companies. But when you start wasting money on a very ineffective wild goose chase to lock down a system, you are doing it wrong, and it will do nothing but come back and hurt you

Sraf said,

Oh absolutely. The trick is to find a happy medium, where you can ensure enjoyment for the many, and profits for the companies. But when you start wasting money on a very ineffective wild goose chase to lock down a system, you are doing it wrong, and it will do nothing but come back and hurt you

Do you think they'll ever have or find that Medium?

Byron_Hinson said,
Remember this is still in theory, we're awaiting the proof from a couple of sites later.

It's very possible. Using a proxy, you can intercept the Console ID, then replace it with another one very easily. The only hard part is generating ID's that work. PS3 Console ID's are whitelisted. So just any random ID won't work. The ID has to be of a console that's manufactured and sold.

And it is also possible to wreak havoc and ban all Console ID's. Also using a proxy, use an active Console ID and send information to PSN that meets the criteria for a ban. Again, the hard part is generating valid Console IDs.

Even if that does happen, every console getting banned. Sony would be forced to unban every ID and stop banning Consoles. End to the bans. So it might be a good thing.

Would PS3 sales really be as high if there was never a way to hack them to get free games ? The PSP got a huge amount of sales due to this, I bought my psp on launch day, got bored of it after around 2 months then started to use it again once I could get free games and that lasted about another two months.

Gaffney said,
Would PS3 sales really be as high if there was never a way to hack them to get free games ? The PSP got a huge amount of sales due to this, I bought my psp on launch day, got bored of it after around 2 months then started to use it again once I could get free games and that lasted about another two months.


They were selling just as fine before that - so yes they would still be good sales without hacks.

Gaffney said,
Would PS3 sales really be as high if there was never a way to hack them to get free games ? The PSP got a huge amount of sales due to this, I bought my psp on launch day, got bored of it after around 2 months then started to use it again once I could get free games and that lasted about another two months.

The PS3 and indeed consoles in general are sold at a loss (though there are exceptions). The idea is that what the manufacturer loses on the console sale they make up for in the licensing fees for the games. So when you buy a PS3 Sony losses money but as you buy games, licensed accessories, etc. Sony makes back what they lost and eventually turns a profit. If you buy the console to play free content then Sony never recoups that initial loss. So Sony would rather you not buy a console at all if you aren't going to purchase the licensed content. Having a ton of of PS3 purchases for free content just causes them to lose money.

Not entertaining for those of us with the console who don't want to see stupid troubles like this appear though.
This is just easy proof to show why they need to close their system. No one really cared about Linux on PS3, they just want to break the rules and be able to do anything they can, no matter who might get caught in the crossfire.

Kevola said,
Sony is fighting the impossible fight. Oh well, at least it's entertaining for everyone.

Not going to be entertaining for those whose consoles get banned because some hacker spoofs their console id.

Hackersoft MS MVP said,

Not going to be entertaining for those whose consoles get banned because some hacker spoofs their console id.

Still sounds pretty entertaining to me

Kevola said,

Still sounds pretty entertaining to me

Let me know how it sounds when you get banned. Heck, if you don't have a PS3, but have an Xbox, how would you like it if your console got banned from Xbox live just because someone used your ID?

While I'm sure Sony would fix the issue at some point, legitimate users will certainly be peeved at being unable to use their own console for on-line gaming due to the actions of someone else, not to mention the time spent on the phone with customer support in an attempt to prove that you didn't modify your console.

neo158 said,

+over 9000

Should be entertaining for us though since he says its entertaining and if he gets his account suspended himself

Looks like Sony is going to have to find a new way to ban people... Otherwise modified consoles will eventually use up all the IDs lol

Rudy said,
Looks like Sony is going to have to find a new way to ban people... Otherwise modified consoles will eventually use up all the IDs lol

Mind you, that's only a GUI right now. No one has confirmed it to be legit.

So even though Sony mentioned they ban accounts, they were really banning the console, and not the PSN account? (Same method as Microsoft).

etempest said,
So even though Sony mentioned they ban accounts, they were really banning the console, and not the PSN account? (Same method as Microsoft).

Because you don't pay any money for the account, banning it wouldn't really do much.

dagamer34 said,

Because you don't pay any money for the account, banning it wouldn't really do much.

Exactly, what's the point. The user would just re-create an account and be online again anyways.

dagamer34 said,

Because you don't pay any money for the account, banning it wouldn't really do much.

If you have purchased PSN products, then you could have paid quite a bit for the account. Banning the account, an the console used would really hit home.

dagamer34 said,

Because you don't pay any money for the account, banning it wouldn't really do much.

Sure it would. All that money you paid for DLC/PSN downloads? Poof. Gone.

Granted the hackers aren't going to be using their own personal accounts if they're smart. But if innocent accounts start getting banned...

Silverskull said,
Sure it would. All that money you paid for DLC/PSN downloads? Poof. Gone.

Granted the hackers aren't going to be using their own personal accounts if they're smart. But if innocent accounts start getting banned...

Cept the reason they are getting banned is because they hacked their ps3 and downloaded all the games and dlc for free... so what is it really gonna do.

Houtei said,

Cept the reason they are getting banned is because they hacked their ps3 and downloaded all the games and dlc for free... so what is it really gonna do.

Source?

NeoandGeo said,

If you have purchased PSN products, then you could have paid quite a bit for the account. Banning the account, an the console used would really hit home.


Nope, that doesn't matter to someone who only wants to play...

RangerLG said,

Source?


You need a source link to see that the only people using JB PS3's right now are using it for piracy? lmao.

vette said,

You need a source link to see that the only people using JB PS3's right now are using it for piracy? lmao.

Of course. You're claiming that all of them are using it for piracy. Such a bold claim requires a source. You can laugh about that all you wish, but without a source you're just making assumptions.

woboola said,

Of course. You're claiming that all of them are using it for piracy. Such a bold claim requires a source. You can laugh about that all you wish, but without a source you're just making assumptions.


Someone wants to argue, cute. Here: psx-scene.com. Every app made so far is pro-piracy, **** no homebrew has actually been made yet besides like 1 NES emulator.