Archean
Posts: 5,652 +103
The dearth of details from Sony about a criminal intrusion into its PlayStation Network is fomenting plenty of speculation about the methods and motives behind the attackers, and some of it isn't pretty.
In 2008, researchers effectively created their own rogue certificate authority by harnessing the massive computing power of just 200 PS3s to find so-called collisions in MD5, a cryptographic hash algorithm with known weaknesses. With an army of literally millions of zombie PS3s under their control, hackers would own a supercomputer at par or superior to those possessed by most nation states, and they wouldn't even have to foot the power bill.
There is some talk about Sony loosing control over PSN, due to weaknesses in authentication; even if it turns out this can't be done as easily as they are thinking, probably it is a wakeup call for Sony.
In 2008, researchers effectively created their own rogue certificate authority by harnessing the massive computing power of just 200 PS3s to find so-called collisions in MD5, a cryptographic hash algorithm with known weaknesses. With an army of literally millions of zombie PS3s under their control, hackers would own a supercomputer at par or superior to those possessed by most nation states, and they wouldn't even have to foot the power bill.
There is some talk about Sony loosing control over PSN, due to weaknesses in authentication; even if it turns out this can't be done as easily as they are thinking, probably it is a wakeup call for Sony.
