Tamron said:
Yes mr high and mighty.
|
The best part is the "chime in the rile them up further", which was his own intent lol.
And to be back on topic, any publicly accessible server is vulternable to attack, PSN and XBL have both been attacked and user data stolen multiple times, through various vectors, even indirectly at times (thanks, Fifa).
Generally when an exploit is found it's tested and the actual feasible potential is given, not "could soon lead to" with no actual assertainable proof, when I uncovered an XSS vulterability in out of page token emulation back in 2011, i compiled a working script for doing just that and submitted this along with a detailed rundow on what was wrong and what modules would need to be patched to fix it - within one hour of handing this in the web login servers for all playstation a associated networking functions had been taken down and the patches i outlined were applied.
Most sites have vulterabilities, they just vary from severity, if a site had profile data on the same database as login data, an overflow or a step into or out of a table container will get you the goodies, usually salted passwords, but if publicly accessible data is stored on a separate database to sensitive data, no amount of exploitation and dumping will give you access to the sensitive data, which is why I chimed in.
This vulnerability has been doing the rounds with security advisories for the past few days and the best anyone can do with is is dump pubicly pollable data, such as numerical user id, psn id and associated salted email account, all things fairly easy to obtain without an exploit, everything else is on not only a different database, but a completely different server, changes they made in the wake of the 2011 attacks.
And no, it's not likely that the person reporting this actually publicly released what he/she found, however as you should know by now, all it takes is for someone to point in the direction of something vulnerable and the security community and the nice folks over on sites like packetstorm and securityfocus don't really have to search long before they find the same hole.
As things now are, a login request is sent to one server which then queries a private linked server internally, communications between the two isn't sniffable, data is only transmitted through the public server to the client if the auth completes successfully.
Sorry if knowledge prevents me from riding the hate train OP, hopefully the more detailed explanation is understood.