Anathema sent me a link to a few posts he made to discuss PlayStation 3 hacking. This post is on possible PlayStation 3 exploits and this one is on PlayStation denial of service and memory exhaustion. Why do I care, you ask? Clearly I’m not a hardware guy and I can’t remember the last time I bought a video game. But, I am interested because the PlayStation 3 has an integrated browser (based off the NetFront browser).
The reason this is interesting to me is because more and more devices are becoming web enabled. Whether that means they run webservers or have browsers built into them, the point is the same. They are sitting out there, making or taking requests from who knows where, with unknown protection and with unknown ability to do or perform other actions. Let’s say for a second that PS3 was sitting behind a firewall of someone who worked at supersecurecompany.com and they use a VPN only to connect to their company. Now that I am running my code on that system, I could theoretically break into other machines on the network much easier since I am behind the firewall. This is far more nasty than I think most people realize. It might be a video game console but if it is web enabled and running over a shared internet line it should be just as secure as anything else.