ZeroPaid.com » sony

7 Emulators That Can Play Classic Video Games

Drew Wilson — Wed, 31 Aug 2011 21:55:22 +0000

We've been testing, prodding and, well, having a perfectly good excuse to play some video games for the last two weeks. If you wondered how to play some of those oldschool video games on a computer, you've come to the right article. We've compiled a list of 6 emulators that can allow you to play some of the older video games of yesteryear including emulators for the Atari2600, NES, SNES, Sega consoles and even the original Playstation.

There is something about old video games. Maybe it's the two dimensional layout, maybe it's the story-line, maybe it's the simplified graphics or maybe it's just overall nostalgia of playing something that blew your mind years ago. In any event, many gamers might have that urge to just pull out that set of decade old games, shut the door and play with a buddy or two all the way to 6AM in the morning the next day doing things like trying to frag each other. In any event, it is technically possible to play those old games again and one way to do so is through emulation software. We've reviewed a number of these emulators as thoroughly as we could to, you know, ensure emulation consistency for several hours at a time. We want to warn you ahead of time, these pieces of software may distract you for long periods of time. Stella (Stella emulating BurgerTime) This emulator emulates the really old Atari 2600. You can grab the emulator on their Source Forge page. The emulator is nice and small and there's minimal configuring (mapping your keys and browsing to a ROM directory that you'll use regularly is about all you need to do) If you're wondering what those weird blocks are in our screen capture. Yes, we verified that that is what those bad guys really looked like in the original hardware. We didn't really run in to any emulation issues when taking this emulator out for a spin. FCEUX (FCEUX emulating Cobra Triangle - which looks easier than it really is) This is one of numerous emulators that can emulate old Nintendo Entertainment System (NES) video games. While some might know of NESter, the development of that particular emulator ended a long time ago and the FCEUX had some development done to it since then. Presumably, there's better video game compatibility with this particular emulator, but we don't really have the time to sit down and test the over 1,000 games that were available on this particular gaming system. Can be found on the official home page. Minimal to no installation. Key mapping can be found under Config > Input. Plenty of emulation features and still in active development (last release made June 4, 2011). No emulation problems that we found. Game Genie downloaded separately. SNES9X (SNES9X emulating Dirt Trax FX) Now, before you start complaining, we've selected this particular emulator for a very good reason as our Super Nintendo Entertainment System (SNES) emulator. We chose not to recommend zSNES because, while it has a unique and easy-to-use interface, game compatibility was an issue for some of the games we tested. First example: Super Mario RPG. Some of the sounds were not accurate. While that might not sound like much to complain about, one enemy attack gave a high pitch sinewave sound which can be a little annoying after a while. In a more serious example, Dirt Trax FX doesn't play past the title screen. On the other hand, we chose not to recommend bSNES for a rather different reason. Most ROMs available today are in the .SMC format. bSNES does not support this format and, instead, supports the .SFC format. This format is substantially more rare than the .SMC format for numerous games. SNES9X seems to better emulate some of the games we tested and supports the popular .SMC format. Current version (1.53) can be found on the SNES9X forums. Should a newer version appear, it'll probably be in an updated announcement on this particular board of the SNES9X forums. For whatever reason, the main home page for SNES9X doesn't have download links. Right after installation, we encountered a DLL error. Apparently, you need DirectX 9 in order to run this emulator. So if you get a missing DLL file error, download and install DirectX 9 to see if that clears up the problem (it did for us). Map keys through Alt+F7 and hot keys via Alt+F9 if that needs configuring too (or if you just need to look them up). Great emulator overall during our tests. Visual Boy Advance (Visual Boy Advance emulating Duke Nukem Advance) Small emulator that can emulate both GameBoy and GameBoy Advance titles. Emulator can be found on the VisualBoy Advance downloads page. When running (with a ROM loaded), we noticed that Windows has to change the overall color scheme just to compensate for the emulators limited colors (We tested this with Windows 7). Saving states caused the whole screen (not just what was in the emulator) to flicker briefly, but it passes. These were really our only complaints about the emulator though. No bugs were found in the emulation itself that we found. Key mapping can be found via Options > Joypad > Configure > 1... Besides some of the weird graphical things that happen to the screen (which stops after you exit the emulator), this was a joy to test. Kega Fusion (Kega Fusion emulating 32X game Doom) Another emulator that emulates numerous different systems including Genesis, Gamegear, 32X, CD and other Sega systems. Emulator can be found on their home page (scroll down a little) Key mapping can be found via Options > Set Config > Controllers (tab) > Define (button) We really didn't run in to any issues while testing. Interface might be a bit confusing (it can run multiple systems after all) at first compared to the other emulators we've tested, but it is manageable. Project 64 (Project 64 emulating Destruction Derby 64) When it comes to Nintendo 64 emulators, there doesn't seem to be much of a contest here. Project 64 seemed to have the fewest graphical issues and highest game compatibility out of all the emulators that we've tested. version 1.6 can be found on this page of the Project 64 website (note: This page will ask you if you'd like to save the emulator which is an .exe file). Puzzlingly, the developers decided to disallow the general public to use 1.7 and only allowed those that pay money to use the latest version (something I personally disagree with for a number of reasons). This has generally meant that, as far as the general public are officially concerned, development has stopped completely for years now. Some games have a "high system requirement" which means you need plenty of RAM and other system resources to play some of these games. Sometimes, older systems means games have more graphical and timing issues than what is to be expected. By today's standards, you don't have to have a super computer to run this properly, but it is, at times, resource demanding. Several games have graphical issues including black boxes around effects, whited out polygons, corrupted textures, slow game play, and bad sound (not all at once for the most part). So emulation is far from perfect (yes, this was also the emulator that was the most thoroughly tested here). Still, a number of games do work through this emulator with minimal problems and most games are playable. Key mapping through Options > Configure Controller Plugin. This emulator seems to continue to be your best bet when it comes to emulating the N64. ePSXe (ePSXe emulating Driver - "Hey man, OK, OK, OK!!!") A decent emulator that, unfortunately, is a case of some assembly required. You can download the emulator off of the ePSXe downloads page. Downloading the emulator won't be enough though. If you run the configuration wizard, you'll find out that you'll need a BIOS and a GPU. While we technically can't link to a BIOS (which actually isn't all that hard to find), we can save you some trouble and point to Pete's GPU downloads page (since we are using Windows 7, the first link ("OpenGL2 PSX GPU") is what we used for a GPU. In our limited testing, we did encounter graphical glitches in the emulation which leads us to believe that you'll probably encounter similar problems to that of N64 emulation issues with some games. Unlike all of our previous emulators, the ePSXe uses CD images instead of ROMs (naturally, because all the other emulators are emulating games in cartridge format while this requires emulating the CD images). The emulator will recognize several formats of CD images, but if you run in to ECM formats, you'll need to decompress the image first before you can run the image. This can be accomplished through PakkISO which can be found on the EmuParadise website. Since there is no interface on this particular piece of software, you'll have to open the ECM file you want to decompress with the correct EXE file found in the PakkISO installation folder (might be the unecm.exe or the unpakkiso.exe file - you'll know if the DOS prompt window says that it's decoding either way) Each CD image can be half a gigabyte each and up, so having a number of games can take up a lot of space. Another issue is that some of the "X" buttons in the windows don't work for some reason, so you'll have to hit buttons like "OK" or "Cancel" buttons instead if you go poking around in the system. Key mapping can be found via Config > Game Pad > Port 1 > Pad 1. While this emulator has a learning curve compared to other emulators, there wasn't much that couldn't be overcome that we found outside of whatever in-game emulation problems and errors that might crop up. Final Thoughts We'll say this right off the bat before you ask, no, we will not provide links to ROMs and/or CD images. Don't bother asking, you'll have to find those on your own. This was probably one of the most distracting things to test. It was next to impossible at times to tell the difference between simply testing the emulator and just playing the game (not that we're complaining too loudly here) Also, we can't totally test every single game that exists to figure out which emulator is ideal for sure as that would require an astronomical amount of man hours (there are thousands of games that could be tested that these emulators can run in total after all) so we welcome any additional feedback on these emulators and other emulators that might not have been mentioned - and, of course, general discussion about games. Have fun! Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

There’s a Reason Why They Called it ‘Sownage’

Drew Wilson — Wed, 06 Jul 2011 11:56:31 +0000

May and June of 2011 may be two months Sony would rather forget. It's pretty much next to impossible to really track just how many times the multinational company was hacked. Still, that doesn't mean there are efforts out there to show just how much the company got hacked.

We've offered very detailed coverage of the hacking of Sony. One of our reports was simply titled, "Lulzsec Hacks Sony for 6th Time, Uploads Data to Pirate Bay". That one article alone is just the tip of the iceberg with regards to the millions of user accounts that were compromised and the countless times a Sony website was defaced. Recently, datalossdb.org pointed to an interesting posting on attrition.org which offers a condensed history of the hacking activities of Sony. Scrolling down a little, you can see a table which shows some of the compromises that occurred between April 4th to June 28 of this year. In that time span alone, the table documents exactly 20 times Sony had been compromised. Even the table is just the tip of the iceberg if you were to look at the notes: "This table does not count any Denial of Service (DoS) attacks against Sony as an incident." We do note that the entry before the 16th hack shows the confusion the media had over whether or not a high ranking member of LulzSec was arrested (our sources would indicate that it was a chatroom operative and barely even considered a member of LulzSec) To add insult to injury, the posting also offers "legacy" Sony hacks which were prior to the more recent incidences that date back as far as 1999. The legacy hacks appear to be little more than website defaces, but it does show the security problems one company has had over the years. The author notes the newly coined term "Sownage" which is the ownage of Sony. What I also like about this is that it shows just how difficult it was to keep track of the hacking on Sony. Even DatalossDB, a website devoted to specific kinds of compromised data, admits, "We thought keeping track of entities involved in the Epsilon breach was tough, but the recent spate of attacks on Sony networks has us working overtime trying to update the database." I can fully attest to how keeping track of the Sony breaches and hacking was at least a part time commitment and I'm sure my colleague Jared Moya would agree that the Sony data breaches was certainly an eventful moment. We should point out, in all fairness, that Sony did at least attempt to do some damage control. For example, Sony did offer a welcome back package for the PSN outage to it's PSN users which included free giveaways of services. In addition, they created a new employee position to watch over the security of Sony. For some users, this was enough, for others, the damage was already done as they bid farewell to being a Sony Playstation customer. For a number of people that have Sony as a part of their lives, life seems to be returning to normal. According to DatalossDB, the last Sony data breach occurred on June 19th, when Sony Pictures France had 177,000 accounts compromised. For Sony, I would imagine the hacking has wreaked absolute havoc on the PR front if anything else. I can also see that it would require a complete overhaul in security measures and policy - maybe even a whole new attitude toward security - between before these latest breaches occurred and now in order to prevent such a catastrophic occurrence from ever happening again. There's little doubt that no company wants to go through what Sony did, but to ensure it never happens, other companies should take any necessary steps to stop something like this from ever happening in the first place. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

LulzSec Says “Bon Voyage” to “Anti-Security Movement”

Jared Moya — Sat, 25 Jun 2011 16:09:45 +0000

Says that its "planned 50 day cruise has expired"; leaves behind a string of embarrassing attacks on the CIA, FBI, PBS, Sony, FOX, the Arizona Police dept, and more.

It appears as though LulzSec, aka the Lulz Boat, has decided to sail off into the sunset and end its 50 day anti-security campaign. "We are Lulz Security, and this is our final release, as today marks something meaningful to us. 50 days ago, we set sail with our humble ship on an uneasy and brutal ocean: the Internet," it says on The Pirate Bay. "The hate machine, the love machine, the machine powered by many machines. We are all part of it, helping it grow, and helping it grow on us." In the span of 50 days it's managed to hack Sony (6 times no less), the FBI, CIA, Fox, PBS, and more recently, the Arizona Police Dept, among others. LulzSec continues:

For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others - vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It's what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.

LulzSec says that it hopes the anti-security movement continues on without it, that the "movement manifests itself into a revolution." If there was one area it did cause a bit of a revolution it was with ISP filtering. Australian ISP Telstra recently cited LulzSec and fellow hactivist group Anonymous as reasons why it had misgivings about the proposal. It said it feared reprisals from these "internet vigilantes." After Sony suffered devastating consequences in the hundreds of millions of dollars for a backlash over its lawsuit against George Hotz for publishing the PS3 root key on his blog late last year. "So with those last thoughts, it's time to say bon voyage," says LulzSec. "Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind - we hope - inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere." They've certainly had an impact, and hopefully somebody continues on with their anti-sec "revolution." Stay tuned. jared@zeropaid.com

Sony Launches Qriocity App for Android

Jared Moya — Thu, 16 Jun 2011 18:25:35 +0000

Music Unlimited powered Qriocity service gives you access to over 7 million songs anytime, anywhere for as little as $3.99 a month.

With Sony finally having resolved the PlayStation Network hacking fiasco it's moved forward with expanding it's Music Unlimited powered Qriocity service with the release of a new Android app. Already available via the PS3, PSP, and desktop PC the Qriocity Android app now truly allows you to listen to over 7 million songs "anytime, anywhere" as Sony boasts. "The cloud-based, digital music service gives music lovers streaming, commercial-free access at anytime and anywhere to an ever expanding catalogue of currently over seven million licensed tracks from major labels including Universal Music Group, Sony Music Entertainment, Warner Music Group and EMI Music as well as leading independent labels and major publishers worldwide," it says in a press release. Several key features:

・Create your own personalized channels ・Sync your songs on a PC and access from your phone ・Easily access your music using Android Home Widget Player

The Basic service costs $3.99 per month and the Premium service costs $9.99 per month. The Premium plan boasts additional features like on-demand playback. New customers are currently able to get 30 days of the Premium Plan for free, and PSN subsribers caught up in the hacking quagmire are treated to 30 days of free Premium Plan service as well as part of its "Welcome Back" package. Sony also says that eligible PlayStation 3 owners can get a free 180-day Basic subscription. To be eligible you must be a new subscriber. Download Music Unlimited from the Android Market. Stay tuned. jared@zeropaid.com ____________________________

Editorial: Should We Thank the Hackers for These Security Breaches?

Drew Wilson — Wed, 15 Jun 2011 04:52:47 +0000

For the past few months or so, there have been numerous stories about security breaches. Earlier in the saga of security breaches, Sony wound up becoming the centre of attention for people breaking in to whatever system Sony had some control over whether it be their network, their website or a host of other hacks. More recently, Sony has found itself in good company with other organizations who had their security breached. Drew Wilson argues that we should really be thanking some of these hackers who bring to attention security vulnerabilities and pay more attention to online security.

Let's set a very stripped down scene here. A person with malicious intentions decides they want to break in to a website, steal people's identities and sell those identities on the black market for a huge profit without a care of what happens to countless innocent victims. So, this person invests some time in figuring out how to break in to a large organization. The person breaks in successfully, steals hundreds of thousands of identities. By the time the organization knows about the breach, let alone the public, the crime has already taken place and the sale of this sensitive information has already happened. Who gets the blame here: the person that broke in to organization in the first place to commit the crime or the organization for failing to keep their organization secure enough from such intrusions? Chances are, such a question will garner a wide variety of opinions ranging from "how awful it is that someone would sell peoples identities?" to "what was the organization thinking allowing for such a thing to take place?". The real question that should be asked, in my view, is what are the details of that incident? Did this hacker go to the extreme lengths of corporate espionage? Like, did this person take a job offering, got hired on and did some sort of sophisticated inside job? Did this person simply rip open a paper door and picked up an insecure, unattended laptop off of someones table? Such details, in my view, alter who is more responsible for the security breach. Some of these security breaches that have happened lately, for me, really places the blame on some of the organizations that got hacked. First, what should be expected of someone who works as a security arm of an organization? If someone's job is to monitor the security of a website for a large organization, what should they be doing? For me, I would expect them to at least know a thing or two about internet security and how to secure a website. Next, be aware of how people are breaking in to websites in the first place and asking, "OK, this is how this person did that on x website, how could this affect our website and how are we guarded against such an attack if we are?" Finally, assess the likelihood of different attacks and build or fix the website accordingly. I would argue that one could go a step further and deliberately find ways of hacking in to your own website for security purposes and patch up the website accordingly. Heck, why not hire a skilled independent hacker and monitor that person as they try and hack in to the website and figure out how to patch the site accordingly? Other things I might expect would be encrypting personal information. If personal information is on server y, then it better have security as tight and strict as US copyright laws. Ideally, not all of the information would be stored on a single server if you are a large company. So, really these are just some of the expectations that first come to mind for me (someone who wouldn't know everything there is to know about securing a website of a large organization) when it comes to web security of a large organization. So, when reports came in on a regular basis that Sony was getting hacked, it really seemed like these sorts of attacks were exclusive to Sony. This is just one organization that may have stored passwords and personal information in plain text (not encrypted). Some might think, "This is clearly an isolated case and it was one company that decided to be negligent about security. Other organizations are smarter then that." Really, for weeks, the stories you'd read about security in some places would suggest that this sort of activity was exclusive to Sony. In the last few weeks, there are reports circulating that suggest that security issues are simply not exclusive to Sony. The National Health Services of the UK (NHS) had their administration passwords obtained by LulzSec a while ago and only reported last week when they offered some security advice. The Canadian Conservative Party of Canada had their website hacked and a donor list was subsequently leaked. The United States Senate was recently hacked as well roughly two weeks after the US government declared that a cyber-attack was an "act of war". I could go on all day about who has been recently hacked like Bethesda, servers for EVE Online, Minecraft, The Escapist League of Legends. The point is that it really is starting to sound like hacking these sites are actually really easy. A lot of these hacks were done by LulzSec, one hacking group. I really wonder how easy it really wound up being to hack these places in the first place because people like LulzSec make it sound like it's really easy. That, in and of itself, is a little freaky in my mind. How easy could it be to hack a large organizations website? Well, a recently disclosed hack really sets off alarm bells in my mind. According to the Daily Mail, Citigoup, a major banking institution was hacked and 200,000 accounts were compromised. How was the hack accomplished? the simple act of changing numbers in a URL. No special DOS commands, no hacking utilities, not even very much skill at all. Just a browser and an internet connection. All the intruder had to do was log in to their account, then change some numbers in the URL to obtain someone else's banking details. The scary part above that? The response of one of their investigators:

One expert, who is part of the investigation and wants to remain anonymous because the inquiry is at an early stage, told The New York Times he wondered how the hackers could have known to breach security by focusing on the vulnerability in the browser. He said: 'It would have been hard to prepare for this type of vulnerability.'

In what world is changing a URL in a browser to obtain other account holders information considered so sophisticated that security can't stop it? You don't have to take it from just me that this sounds ridiculous, just read some of the comments on Slashdot:

this quote is the single stupidest and most frightening things I have ever read on the internet.

this is NOT a hard vulnerability to prepare for. If the only method of user authentication you are doing is based off a string of characters received from the URL your not even qualified to build an ecommerce site for some mom-and-pop 2-sales-a-week company, let alone a bank.

any session allows them to go digging around willy nilly is so unbelievably stupid, I can't even find the words.

Some other reaction to this story on Slashdot:

I don't understand how this could happen to a bank [...]. It's ridiculous.

Heads need to roll for this one... Amazing. Words escape me.

It was a pretty similar reaction on Fark:

The fark are those IT people doing all day?

If you're working for a financial institution and you're passing account information in through the address bar, your whole department needs to be laid off.

On ZeroPaid, we've already have a response:

You gotta be f***ing sh****ing me, that is what they pass off as security?

So, I think I'm in pretty good company when I say this revelation is both frightening and outrageous. At what point does a security breach move form a malicious attack to simple negligence on the organizations part? It's the kind of security that is the equivalent to being able to, with minimal effort, remove a heavy stone wall, by hand, with a crowbar in ten minutes. It shouldn't be possible at all - just like it shouldn't be possible to breach security at an online banking institute by changing numbers in a URL. If security measures are this easy to bi-pass at other banks, it's no wonder whatsoever that credit card information or banking information is being passed around like trading cards in certain private IRC chatrooms. Many people do know what can potentially happen when certain bits of personal information is out in the wild. This is where you hear stories of people suddenly finding out that they owe thousands of dollars thanks to purchases they never made in countries they don't even live in. Other stories like how some poor woman, for instance, having hundreds of thousands of dollars put on a loan against a house she thought was paid off and a bank tapping their feet at her doorstep asking where their money is at. How about stories like some guy finally getting a handle on life only to find out his bank account was completely cleaned out because of a wire transfer he didn't authorize. God help them if the bank in question won't believe them when they say they were fraudulently charged. Bottom line, innocent people are being screwed here likely because there was some form of incompetence somewhere along the line in some of these organizations. Where is the accountability in all of this? Where does it say that if you are negligent in protecting people's private information, that could be financially detrimental to people if put in the wrong hands, you are going to face some serious consequences beyond a typical wrap on the wrist? How often are people even prosecuted for data breaches of this magnitude when they do happen anyway? How can we trust organizations with out money, sometimes our life savings, if security seems so lax with some of them? So where's the hackers in all of this? No doubt some of them will misuse private information because hacking can be financially motivated. Some of the hacking done by LulzSec, I think, should be thanked because it really puts to the forefront the importance of security online. One commentator had an nice rant about LulzSec saying that security professionals are getting a kick out of what LulzSec is doing:

So for the last ten years I've been working in media, trying to raise awareness of the idea that maybe, just maybe, using insecure computers to hold your secrets, conduct your commerce and run your infrastructure is a sh***y idea. No one who mattered listened. Executives think it's FUD. They honestly think that if they keep paying their annual AV subscriptions they'll be shielded by Mr. Norton's magic cloak. Security types like LulzSec because they're proving what a mess we're in. They're pointing at the elephant in the room and saying "LOOK AT THE GIGANTIC F***ING ELEPHANT IN THE ROOM ZOMG WHY CAN'T YOU SEE IT??? ITS TRUNK IS IN YR COFFEE FFS!!!" There is no security, there will be no security. The horse has bolted, and it's not going to be the infrastructure that's going to change, it's going to be us.

I certainly agree to that. If, in large organizations, there's a culture surrounding web security that allows what we've seen happen in the last few weeks, then something about that culture needs to change before these kinds of security breaches gets any more out of hand than it already has. For the hackers that simply expose the security flaws and don't misuse the information they obtain, I think they should be thanked because a lot of them are really bringing to light how shoddy security can be. Just because an organization has an internationally recognized name doesn't mean its invulnerable to any threat that exists today. To those that misuse the information, I have no hesitation in saying that they should be ashamed of themselves - especially if people are severely affected by the misuse of that information. I think all of this serves as a wake-up call that organizations need to ensure that there is sufficient funding and/or resources devoted to security - especially those who have financial information. Sure, times are tough, but security of personal information shouldn't be something to skimp out on - especially after what we are seeing in these kinds of reports these days. So, to those who hack ethically, I say you should be thanked because this is an excellent way to start some kind of change. If change does happen, let's hope it's for the better. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Lulzsec Hacks Sony for 6th Time, Uploads Data to Pirate Bay

Jared Moya — Thu, 09 Jun 2011 17:28:29 +0000

Releases 54MB collection of Sony Developer source code and maps of Sony BMG's internal network.

LulzSec, aka the Lulz Boat, is at it again hacking Sony for the sixth time in as many days, this time releasing 54MB of Sony Computer Entertainment Developer Network source code and maps of Sony BMG's internal network. Dubbed "Sowngae 2" in a bit of tongue in cheek, Lulzsec uploaded the data to Swedish BitTorrent tracker site The Pirate Bay just as it did the previous data (Sownage 1) it obtained from Sony less than a week prior. Earlier this month Lulzsec hacked Sony Pictures.com and compromised over 1,000,000 users’ personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. From The Pirate Bay posting:

Konichiwa from LulzSec, Sony bastards! We've recently bought a copy of this great new game called 'Hackers vs Sony', but we're unable to play it online due to PSN being obliterated. So we decided to play offline mode for a while and got quite a few trophies. Our latest goal is "Hack Sony 5 Times", so please find enclosed our 5th Sony hack. Enjoy this 54MB collection of SVN Sony Developer source code," it said in a press release. Enjoy this 54MB collection of SVN Sony Developer source code. That's hackers 16, Sony 0. Your move! ACHIEVEMENT UNLOCKED: HACK SONY 6 TIMES! Oh damn, we just did it again, please also find enclosed internal network maps of Sony BMG. Lulz Security Lulz Security.

Lulzsec is the same outfit that stole The X-Factor’s contestant database from Fox.com early last month, and the more recent hacking of PBS in retaliation for a Frontline WikiLeaks Documentary it believed maligned the infamous “whistleblower” site. The news is the latest headache for Sony as it continues to battle with network security issues after April's shutdown of its PlayStation Network following an network intrusion by unidentified individuals reportedly associated with the Anonymous hacktivist group. Stay tuned. jared@zeropaid.com

Sony Hacked Again, Account Data Posted to the Pirate Bay

Jared Moya — Fri, 03 Jun 2011 16:41:55 +0000

LulzSec, aka the Lulz Boat, compromised the personal data of over 1 million users and posted all their "personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts" on the Swedish BitTorrent tracker site for the world to see.

Sony is sure taking a beating these days with yet another security breach to add to the laundry list of woes it's faced since hackers compromised its PlayStation Network last month. Yesterday, Sony finally managed to fully restore the PSN, but now another group of hackers under the guise of Lulzsec, aka the Lulz Boat, broke into Sony Pictures.com and compromised over 1,000,000 users' personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. "Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 "music codes" and 3.5 million 'music coupons," said the group. Lulzsec is the same outfit that stole The X-Factor's contestant database from Fox.com early last month, and the more recent hacking of PBS in retaliation for a Frontline WikiLeaks Documentary it believed maligned the infamous "whistleblower" site. In the case of the X Factor imbroglio, and now with Sony, Lulzsec uploaded the compromised data on Swedish BitTorrent tracker site The Pirate Bay. File contents for the Sony data include:

## Sony_Pictures_International_AUTOTRADER_USERS.txt ## -- In this file you will find just under 12,500 customers of Sony; this includes dates of birth, addresses, emails, full names, passwords, user IDs, and personal phone numbers. ## Sony_Pictures_International_BEAUTY_USERS.txt ## -- In this file you will find just under 21,000 customers of Sony; this is a simple email/password drop. Enjoy your account stealing. ## Sony_Pictures_International_COUPONS.txt ## -- In this file you will find just under 20,000 Sony music coupons; please note that there are 3.5 million coupons to take - get 'em. ## Sony_Pictures_International_DELBOCA_USERS.txt ## -- In this file you will find just under 18,000 customers of Sony; this is a simple email/password drop. Again, enjoy your stealing. ## Sony_Pictures_International_MUSIC_CODES.txt ## -- In this file you will find just under 67,000 Sony music codes; they're like magnets, we simply have no idea how they work. ## Sony_Pictures_International_TABLE_LAYOUT.txt ## -- In this file you will find the layout of the database; that means you can easily see where to steal things from. Note that the database contains far more user information/coupons than we took. The point is that we had control of them; all of them. We leave the rest up to you - steal as much as you want, go forth! ADDITIONAL OWNAGE: ## Sony_BMG_Music_Entertainment_NETHERLANDS ## -- This file contains the user database of BMG Netherlands; it's around 600 usernames, emails, and passwords. Enjoy. ## Sony_BMG_Music_Entertainment_BELGIUM ## -- This file contains the Sony admin database of BMG Belgium; also lots of barcodes, release dates, and other juicy shit.

Lulzsec claims the Sony hack was the product of a simple SQL injection, the "most primitive and common vulnerability" that allowed it to access "everything." "What's worse is that every bit of data we took wasn't encrypted," it adds. "Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it." The Lulz security site is currently down thanks to a DDoS attack, but a Goggle cache can be found here. Stay tuned. jared@zeropaid.com

Sony Begins Restoring PlayStation Network!

Jared Moya — Sun, 15 May 2011 03:27:59 +0000

Company finally begins restoring PlayStation Network service after it was shut down following security breach by hackers. Sony says that in "several hours" PSN service should be available "throughout the entire country."

After 24 long days Sony has finally begun restoring the PlayStation Network. It was back on April 20th that Sony shut down its PlayStation Network after it was discovered that hackers had breached the network’s security. Sony said that over 70 million accounts may have been comprised in the breach and a number of class-action lawsuits have filed over its failure to properly secure customer data. Sony said on May 1st that a "phased rollout by region” of the PSN services would begin “shortly," but it never materialized. A little over a week later the company gave a firm May 31st deadline for a full restoration of service. In any event, Sony has now announced that a restoration of PlayStation Network service has already begun. So far it's limited to California, and much of the Northeast region of the US, but says that in "several hours" PSN service should be available "throughout the entire country."

PSN users will first have to install a new PS3 system software update that requires all PSN users to change their password once the PlayStation network is restored. "If using a PS3, your password can only be changed on your own PS3 (or a PS3 on which your PSN account was activated), as an added layer of security. If you have never downloaded any content using your account on the system, an email will be sent to the registered sign-in ID (email address) associated with your account when you first attempt to sign-in to PSN," it said. "This e-mail will contain a link that will enable you to change your password. In this email, click on the link and follow the instructions to change your password. Once you have changed your password you can sign-in to your account using your new password." Sony has said that it will offer a "Welcome Back" program to try and heal the rift caused by the affair. It includes a combination of free entertainment and service offerings as well as 30 days of free PlayStation Plus premium service for existing PlayStation Network customers. It’s also offered a year’s worth of identity theft protection. You can check the status of your region PSN restoration here. Stay tuned. jared@zeropaid.com

Sony: PlayStation Network to Resume May 31st

Jared Moya — Mon, 09 May 2011 17:16:47 +0000

Spokesperson Shigenori Yoshida said it plans to fully restore service by the end of the month. Company wants to ensure complete integrity of the system.

The Sony PlayStation Network has been down for almost 3 weeks now, and according to a report it appears that users will have to wait three weeks more.

The PSN network was shuttered April 20th after it was discovered that hackers had breached the network's security, and that over 70 million accounts may have been comprised – including credit card information.

Sony said a week ago that some services would soon be available, but it decided to delay the move in order to ensure system security which it says is "vital for the process of restoration."

"Additional comprehensive system checks and testing are still required, and we must complete that process before bringing the systems online," it says.

According to spokesperson Shigenori Yoshida, it now plans to fully restore PSN services by May 31st.

Sony has already announced a "Welcome Back" program for affected users to ”thank its customers for their patience and loyalty.” It includes a combination of free entertainment and service offerings as well as 30 days of free PlayStation Plus premium service for existing PlayStation Network customers. It's also offered a year's worth of identity theft protection.

In the meantime, Sony so far faces at least three class-action lawsuits. The first two, both filed in California courtrooms, accuse Sony of negligence for allowing a breach to occur in the first place, and for falling to inform users in a timely manner after it occurred. The third alleges breach of privacy.

Stay tuned.

jared@zeropaid.com

Sony: 25 Million Sony Online Entertainment Accounts Compromised

Jared Moya — Wed, 04 May 2011 01:27:18 +0000

Says personal information from approximately 24.6 million subscribers to its PC games network may have been stolen, as well as "certain information from an outdated database from 2007."

As if hacker intrusion into Sony's PlayStation network wasn't enough, the company announced yesterday that the Sony Online Entertainment PC games network was also compromised. Today Sony said the hackers may have stolen customer information on 24.6 million subscribers. "This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007," says the company in a press release. "The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain." So what kind of info have the hackers obtained? It includes:

name
address
e-mail address
birthdate
gender
phone number
login name
hashed password.

However, those "unlucky" enough to reside in Austria, Germany, Netherlands and Spain, the 10,700 direct debit records also detail:

bank account number
customer name
account name
customer address.

SOE says it plans to give affected customers 30 days of free additional time on their subscriptions as well as one free additional day for each day the system is down. Sony said yesterday that some of its PlayStation network services will go back online sometime this week, and that it plans to implement a "Welcome Back" program to try and heal the rift caused by allowing hackers to compromise the credit card information of 70-77 million PSN network customers. Stay tuned. jared@zeropaid.com