Jun 7, 2011

Nintendo Servers Hacked, But No Users Accounts Compromised Says Nintendo

Over the weekend Nintendo released an announcement confirming that their US website server had been hacked, but stated that no customer account information had been compromised.
The hacking group responsible for the breach was ‘Lulzsec’ who have also been responsible for a number of attacks on Sony’s server over recent months. The hackers who broke into the Nintendo US website have reportedly not caused any problems or inconvenienced  any customers with the hack, and just obtained a config file from the entry.

Nintendo spokesman Ken Toyoda acknowledged that there has been an unauthorized access to the company’s U.S. server, but stressed that the accessed information didn’t include any information on the company, or any personal data for its customers.
All that seems to have been stolen was a config file according to a tweet from Lulzsec:  “we just got a config file and made it clear that we didn’t mean any harm. Nintendo had already fixed it anyway. <3 them!”


Jun 3, 2011

A hacker group has engineered yet another attack on the computer networks of Sony Corp, a setback to the Japanese company's efforts to move past a security crisis that erupted in April.

The group, which calls itself LulzSec, said on Thursday that it broke into servers that run Sony Pictures Entertainment websites, and then compromised the personal information of more than 1 million Sony customers.

Jun 1, 2011

A Crime-Fighting Armored Glove

A robber is cornered in a dead-end alley. He turns to face the police officer pursuing him, ready to fight. He pauses. The officer’s left forearm is encased in ballistic nylon, and half a million volts arc menacingly between electrodes on his wrist. A green laser target lands on the robber’s chest. He puts his hands up; it’s a fight he can’t win.

May 30, 2011

Windshield of 2020 packs Augmented Reality [Video]

Projecting a head-up display onto your windshield is so passé; Autoglass reckons the future of digital driving is having augmented reality baked into the glass itself. The company has thrown together a video demo of what it believes the windshield of your car will be like in 2020, throwing in intelligent location-based services that can hunt down gas stations, flag up cyclists and pedestrians angling to get run over, and warn you when there’s a speed camera nearby.

There are also some reasonably distracting landmark indicators, along with links to the in-car entertainment system to let you know what music you’re listening to. It can even tell you the meal deals at the restaurants and pubs you’re passing. Since Autoglass specializes in windshield repairs, there’s a hook into your cellphone so that, should damage occur, it can automatically get alert a technician and tell them your location.
Clever stuff, though we’re still waiting for our flying cars controlled by all-knowing AIs. In case you’re wondering – and you don’t recognize London, UK – the video is filmed in the UK, hence the driver being on the left side of the road.

May 26, 2011

Sony drops hint of PlayStation 4 as it reports game profits for fiscal year

Sony dropped a hint today that it is working on a PlayStation 4 video game console even as Nintendo prepares to announce the Wii 2 at the E3 trade show on June 7.

May 24, 2011

Sony Music Japan hacked through SQL injection flaw

Another day, another attack on Sony. I reported yesterday on the SQL injection attack exposing user information on and today attackers have found flaws in
The Hacker News sent us a tip this evening documenting a couple of vulnerable web pages on that allowed hackers to access their contents through SQL injection.

May 23, 2011

College Guys Who Reference Alcohol On Facebook Have More Friends

Undergraduate men who often mention or post photos of alcohol have more Facebook friends than those who don’t, according to a study that will soon be published in the American Journal of Men’s Health.
The study combed through the public profiles of 225 male undergraduate students at one university for references to alcohol, including photos that contained an alcoholic drink — not just a cup — and specific textual references. It found that 85.53% of the profiles contained at least one reference to alcohol. On average, they contained 8.5.

May 20, 2011


This 2010 photo provided by Rob Summers shows Summers, center, receiving intensive physical therapy in Louisville, Ky. Summers was paralyzed below the neck in a 2006 car accident and in 2009, doctors decided to implant an electrical stimulator onto his spinal cord to try waking up his damaged nervous system. Summers is now able to stand and move during therapy sessions with the stimulator turned on. (Courtesy of Rob Summers)
A team of scientists at the University of Louisville, UCLA and the California Institute of Technology has achieved a significant breakthrough in its initial work with a paralyzed male volunteer at Louisville's Frazier Rehab Institute. It is the result of 30 years of research to find potential clinical therapies for paralysis.

May 19, 2011

Google warns agains facial recognition database

Google’s Executive Chairman Eric Schmidt has warned Governments against ‘foolish’ legislation – and said facial recognition is too creepy even for Google

May 18, 2011

Not so fast: Sony’s PlayStation Network hacked again

Less than 2 days after Sony started bringing its PlayStation Network back online reports are coming in that the besieged gaming giant’s platform has been hacked yet again. MCV is reporting that the exploit allows for hackers to change users passwords using only a PSN account email and date of birth, two pieces of user information that were obtained in the original hack. Update below.
MCV says that the hack, which is really an exploit of Sony’s password reset system, was first reported by Nyleveia.comand then corroborated by Eurogamer. Now the PSN login option is unavailable on a number of Sony’s sites. Sony’s login site that is used to reset passwords using the email and date of birth is now down.
According to Nyleveia the exploit was demonstrated to it personally by someone who knew the method.
“It has been proven to me through direct demonstration on a test account, so I am without any shadow of a doubt that this is real. We have provided SCEE with a detailed description of the security hole,” said the Nyleveia poster, “While it’s unclear at this time if they will actually patch the flaw while they have the system taken down, I can also confirm that the system went down approximately 15 minutes after I received a response from SCEE on the matter.”
Note that if you changed your email when you regained access to the PlayStation Network you are most likely safe from this exploit. If you left your account email the same however, you may have been vulnerable. Sony has already been contacted about the breach and are aware of this new exploit.
Sony has commented on it’s takedown of the login site, stating:
“Unfortunately this also means that those who are still trying to change their password via or will be unable to do so for the time being.”
“This is due to essential maintenance and at present it is unclear how long this will take,” Sony said, “In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information.”
The PlayStation Network was originally hacked on April 18th but the news was not released for several days as Sony assessed the nature of what information was stolen. It turned out that millions of user accounts including names, birth dates and encrypted passwords were stolen by the hackers. In addition a database of credit card numbers were stolen but Sony has reported that those were also protected by industry standard encryption.
Sony has announced that it will be providing identity theft insurance for all users as well as a ‘welcome back’ package for PSN users that includes several free games and a month of free PlayStation Plus service. The hack was originally attributed to the hacking group Anonymous by Sony but the group refuted those claims saying that they had no interest in credit card theft.
The investigation into who performed the original hack is ongoing. It seems likely that this newest hack is either the same group or someone that was supplied with the birthdate and email information of users by the original hackers. This whole debacle is a terrible blow for Sony’s PlayStation brand but it also highlights the fact that our networks are not as secure as we think they are.
Update: Nyleveia has updated their posting, adding the following Q&A for those concerned about their account safety.
Q. If I already reset my password am I safe?
A. The exploit was possible on any account the email and date of birth was known for, regardless of if the password was changed or not, or what region the account was tied to.
Q. What if they don’t know my Date of Birth or Email account?
A. Then the average user would not be able to take your account, however due to the database being illegally accessed in April, it’s safe to assume that someone, somewhere, has access to a large number of users details, which include date of birth and email addresses, this alone should be reason enough to change your email.
Q. Are you sure this is real?
A. Yes, it was demonstrated to one of our empty accounts, then we were able to repeat the process ourselves after figuring out the method, this was additionally confirmed when a twitter user provided us with his data and requested that we change his password as proof.
We have since emailed him his new password, and no other data on his account was changed.
Q. Can Sony fix it?
A. Shortly after containing SCEE, the online forms connected to login and password recovery for the PlayStation and other linked networks was shut down and placed in a maintenance mode, I can only assume this is a direct response to our detailed reports to SCEE, with that said, I assume that when services resume the exploit will be patched and everyone’s data once again safe.
Q. If Sony fixes the hole should I worry?
A. I would suggest that everyone, regardless of if they have been affected or not, create a new password and change their account email to one they do not use anywhere else, and will not be sharing with anyone else just for additional security.
Q. Will you give us more details on the exploit?
A. Until we have confirmed that the security hole has been patched we will not release further details on how and why the exploit was possible.