Doubtful. Even then you are running some unauthed code and it could still manually open a connection and send your info out. Same issue with custom firmware on iphone or android. I could easily write code that farms your info locally and pipes it out. When you install custom firmware you are essentially trusting that code with your local information. It is almost as bad as someone watching you type every key on a a keyboard or having direct hardware access to your computer at all time.androvsky said:Nobody with cfw is connecting to PSN to buy anything anyway, so I might as well quote this again just for the hell of it.
MThanded said:this thread title is incorrect!!!
this thread title is incorrect!!!
this thread title is incorrect!!!
They still use https to transmit the data. The issue is if you have a CFW you can be snooped and your info can be stolen. Unless someone man in the middles your https handshake you are fine. Someone should fix the title.
SMFHN.A said:Yeah, my fault. Didn't read the full PDF.
LiquidMetal14 said:LOL so you use CFW and this happens? Or is this for everyone?
So true. I expected better.
By Grabthar's Hammer, you shall be quoted.MThanded said:this thread title is incorrect!!!
this thread title is incorrect!!!
this thread title is incorrect!!!
They still use https to transmit the data. The issue is if you have a CFW you can be snooped and your info can be stolen. Unless someone man in the middles your https handshake you are fine. Someone should fix the title.
Quoted so we aren't running around like hens with out heads chopped off.MThanded said:this thread title is incorrect!!!
this thread title is incorrect!!!
this thread title is incorrect!!!
They still use https to transmit the data. The issue is if you have a CFW you can be snooped and your info can be stolen. Unless someone man in the middles your https handshake you are fine. Someone should fix the title.
I seen it. Don't worry about that pal.Pinko Marx said:;\
look at the post thats been quoted 50 times already.
MThanded said:this thread title is incorrect!!!
this thread title is incorrect!!!
this thread title is incorrect!!!
They still use https to transmit the data. The issue is if you have a CFW you can be snooped and your info can be stolen. Unless someone man in the middles your https handshake you are fine. Someone should fix the title.
Yeah you really jumped the gun on this one. I came in here about to setup some packet capturing and test this out myself. I would not put it past them or any other company. Security is an art not a science. Things are inherently insecure.N.A said:Yeah, my fault. Didn't read the full PDF.
Read the threadherod said:True or false, I could go and buy a second hand PS3 and if the previous owner didn't wipe it, I could dump his cleartext credit card info from the HDD?
MThanded said:this thread title is incorrect!!!
this thread title is incorrect!!!
this thread title is incorrect!!!
They still use https to transmit the data. The issue is if you have a CFW you can be snooped and your info can be stolen. Unless someone man in the middles your https handshake you are fine. Someone should fix the title.
Possibly. But you could just buy shit from their account anyway. If they did not wipe you have free reign on their psn account and associated credit card access.herod said:True or false, I could go and buy a second hand PS3 and if the previous owner didn't wipe it, I could dump his cleartext credit card info from the HDD?
OP didn't read OP?N.A said:Yeah, my fault. Didn't read the full PDF.
That is deep.Starwolf_UK said:OP didn't read OP?
I want that one guy who lives behind the 7-11's firmware. You know, the one who sells crack behind the dumpster at Burgler King at 2am. His is rock solid compared to Sony's!I NEED SCISSORS said:Besides, soon there will be a custom firmware maker released, so you will no longer have to rely on said shady firmwares. Make your own!
N.A said:Yeah, my fault. Didn't read the full PDF.
N.A said:Yeah, my fault. Didn't read the full PDF.
The credit card information should ALWAYS be encrypted. In ANY case. At least the security code. SONY is only relying on
it's https connection. With all those CFWs spreading around, this is not secure anymore.
Pretty sure it's never stored on your HDD in the first place.herod said:True or false, I could go and buy a second hand PS3 and if the previous owner didn't wipe it, I could dump his cleartext credit card info from the HDD?
Hanmik said:this deserves a TAG by the almighty MODS..
Xater said:"Junior Member"
I already suggested thread title: GAF transmits your lulz in plain text.captmcblack said:Lock this thread, make a new one with correct/non-fud info or not at all.
Maybe someone can unjunior me. They rejuniored me like a year ago. He and I can trade places. LOL (i know its not going to happen)Xater said:"Junior Member"
You should be a Member for this.MThanded said:Yeah you really jumped the gun on this one. I came in here about to setup some packet capturing and test this out myself. I would not put it past them or any other company. Security is an art not a science. Things are inherently insecure.
MThanded said:this thread title is incorrect!!!
this thread title is incorrect!!!
this thread title is incorrect!!!
They still use https to transmit the data. The issue is if you have a CFW you can be snooped and your info can be stolen. Unless someone man in the middles your https handshake you are fine. Someone should fix the title.
sounds about rightXater said:"Junior Member"
Ugh, please. The info in that PDF is pretty interesting. Just edit the title, and we're good. Put down those, I SAID PUT DOWN THOSE TORCHES!captmcblack said:Lock this thread, make a new one with correct/non-fud info or not at all.
MThanded said:Doubtful. Even then you are running some unauthed code and it could still manually open a connection and send your info out. Same issue with custom firmware on iphone or android. I could easily write code that farms your info locally and pipes it out. When you install custom firmware you are essentially trusting that code with your local information. It is almost as bad as someone watching you type every key on a a keyboard or having direct hardware access to your computer at all time.
Correct.Valkyr Junkie said:Regardless of the incorrect original OP, CC data is stored on PSN itself and not the console itself correct?
If you have a CFW then the firmware can fake you not being connected and still leak your info. Best to unplug from ethernet and remove all wifi passwords. If you use an OS written by me then all bets are off about what is going on behind the scenes.Foffy said:But couldn't disabling any connection the PS3 has to online connectivity nip this in the behind? I figure nothing but could be transferred if the system is prevented from connecting online.
LiquidMetal14 said:Read the thread
I'm not a high level expert but I was mainly concerning the misinformation in the title.herod said:I did, it's not clear. I'm not talking about the network transmission.
MThanded said:Maybe someone can unjunior me. They rejuniored me like a year ago. He and I can trade places. LOL (i know its not going to happen)
Dreamgazer said:uh. a bit excessive considering N.A.'s overall contribution to this CFW thing.
poweld said:OP will be absolutely furious when he finds out his cracked version of Windows is also vulnerable.