Joystiq http://www.joystiq.com Joystiq http://www.blogsmithmedia.com/http://www.joystiq.com/media/feedlogo.gif Joystiq http://www.joystiq.com en-us Copyright 2013 Weblogs, Inc. The contents of this feed are available for non-commercial use only. Blogsmith http://www.blogsmith.com/<![CDATA[Four Lulzsec hackers convicted in Britain]]>http://www.joystiq.com/2013/05/17/four-lulzsec-hackers-convicted-in-britain/http://www.joystiq.com/2013/05/17/four-lulzsec-hackers-convicted-in-britain/http://www.joystiq.com/2013/05/17/four-lulzsec-hackers-convicted-in-britain/#comments Confirmed Lulzsec members Ryan Cleary, Jake Davis, Mustafa al-Bassam and Ryan Ackroyd have been sentenced for their part in the great hack of 2011, which saw Lulzsec targeting notable companies such as Sony, EA and Nintendo.

The four were initially charged nearly a year ago. Davis, as leader, was sentenced with two years jailtime, while Cleary was sentenced to 32 months for producing malicious software, Ackroyd for 30 months for his role as press secretary of the group and Al Bassam, who posted the stolen data online, was given a 20-month suspended sentence.

"The harm they caused was foreseeable, extensive and intended," Andrew Hadik, lawyer for the Crown Prosecution Service told BBC. "Indeed, they boasted of how clever they were with a complete disregard for the impact their actions had on real people's lives. This case should serve as a warning to other cybercriminals that they are not invincible."

Lulzsec carried out many high-profile hacks in 2011, starting with the Sony Pictures hack that eventually led to a lengthy PSN outage. Lulzsec also attacked Nintendo, EVE Online, Minecraft, The Escapist and Battlefield Heroes before calling it quits.

JoystiqFour Lulzsec hackers convicted in Britain originally appeared on Joystiq on Fri, 17 May 2013 16:45:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackhackershackingjake-davislulzsecmustaffa-al-bassamryan-ackroydryan-clearyFri, 17 May 2013 16:45:00 EST<![CDATA[PSN hacking suspect sentenced to house arrest for destroying evidence]]>http://www.joystiq.com/2013/05/15/psn-hacking-suspect-sentenced-to-house-arrest-for-destroying-evi/http://www.joystiq.com/2013/05/15/psn-hacking-suspect-sentenced-to-house-arrest-for-destroying-evi/http://www.joystiq.com/2013/05/15/psn-hacking-suspect-sentenced-to-house-arrest-for-destroying-evi/#comments2008 PSN hacking suspect sentenced to house arrest for destroying evidence This week, 23-year-old Ohio resident Todd M. Miller was sentenced to a year of house arrest for destruction of evidence and obstructing a federal investigation into a 2008 hacker-led PlayStation Network breach.

The Columbus Dispatch reports that US District Judge Peter C. Economus said Miller was a member of the KCUF hacking clan in 2008 when the group organized an attack on the PlayStation Network, potentially compromising user data.

The FBI contacted Miller while investigating another hack in 2011 that resulted in an extended PSN outage. After obtaining a search warrant, the FBI entered Miller's home to find that his computers were smashed and his hard drives were missing. Lacking evidence to bring up Miller and another suspect on hacking charges, the FBI instead charged Miller with obstructing the investigation.

While Miller faced up to 20 years in prison and a $250,000 fine, he was sentenced to three years of probation and a year of house arrest for obstruction of justice. The judge additionally ordered Miller to obtain a high-school equivalence certificate, as part of his sentencing.

JoystiqPSN hacking suspect sentenced to house arrest for destroying evidence originally appeared on Joystiq on Wed, 15 May 2013 18:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackoutageplaystationplaystation-networkps3psn-hackpsn-outage-2011Wed, 15 May 2013 18:00:00 EST<![CDATA[The War Z forums and databases hacked, taken offline for investigation]]>http://www.joystiq.com/2013/04/03/the-war-z-forums-and-databases-hacked-taken-offline-for-investi/http://www.joystiq.com/2013/04/03/the-war-z-forums-and-databases-hacked-taken-offline-for-investi/http://www.joystiq.com/2013/04/03/the-war-z-forums-and-databases-hacked-taken-offline-for-investi/#comments The War Z has been taken offline due to the compromise of its databases and official forums, publisher OP Productions has announced. "We have discovered that hackers gained access to our forum and game databases and the player data in those databases," the statement reads. "We have launched a thorough investigation covering our entire system to determine the scope of the intrusion. This investigation is ongoing and is our top priority."

The user information obtained during the break in includes log-in e-mail addresses for the official forums and the game itself, along with the encrypted passwords associated with those addresses. No user payment information was compromised, however, as payments are handled by a third party company that operates outside of OP Production's ecosystem.

Despite the fact that "there was absolutely no exposure of your payment or billing information of any kind," according to the statement, the possibility still exists for the stolen encrypted passwords to be decrypted, which could obviously be an issue for anyone that used the same email address and password for The War Z as they did for other, more vital internet accounts. As such, OP Productions recommends that its users change up their passwords.

Beyond the promise of future updates, no further timeline was given with respect to when the game may come back online.

JoystiqThe War Z forums and databases hacked, taken offline for investigation originally appeared on Joystiq on Wed, 03 Apr 2013 03:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>compromisedforumshackhackedhammerpoint-interactiveofflineOP-Productionspcthe-war-zWed, 03 Apr 2013 03:00:00 EST<![CDATA['High profile' Microsoft employees' XBL accounts hacked through social engineering]]>http://www.joystiq.com/2013/03/20/high-profile-microsoft-employees-xbl-accounts-hacked-through/http://www.joystiq.com/2013/03/20/high-profile-microsoft-employees-xbl-accounts-hacked-through/http://www.joystiq.com/2013/03/20/high-profile-microsoft-employees-xbl-accounts-hacked-through/#comments 'High profile' Microsoft employees' XBL accounts hacked through social engineeringCertain unnamed Microsoft employees have been targeted by Xbox Live hackers, The Verge reports. The exact methodology is unclear (for good reason!) but it involves obtaining the targets' Social Security numbers - which are not used by Xbox Live - and using that information to get information out of another company, which is then used to gain access to the XBL account.

"We are actively working with law enforcement and other affected companies to disable this current method of attack and prevent its further use," a Microsoft rep told The Verge. "Security is of critical importance to us and we are working every day to bring new forms of protection to our members." Especially the members who work there.

Xbox Live hacking of employees is not a new phenomenon. Former XBL director of policy and enforcement Stephen Toulouse found his account hacked in 2011, followed by a number of insulting calls and voicemails from the hacker.
[Image: David Evison via Shutterstock]

Joystiq'High profile' Microsoft employees' XBL accounts hacked through social engineering originally appeared on Joystiq on Wed, 20 Mar 2013 10:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackhackingmicrosoftsocial-engineeringxboxxbox-liveWed, 20 Mar 2013 10:30:00 EST<![CDATA[Origin exploit uses hyperlinks to run malicious code remotely]]>http://www.joystiq.com/2013/03/19/origin-exploit-uses-hyperlinks-to-run-malicious-code-remotely/http://www.joystiq.com/2013/03/19/origin-exploit-uses-hyperlinks-to-run-malicious-code-remotely/http://www.joystiq.com/2013/03/19/origin-exploit-uses-hyperlinks-to-run-malicious-code-remotely/#comments Origin exploit uses hyperlinks to run malicious code remotelySecurity research firm ReVuln has discovered a fairly simple way (in theory, at least) for unscrupulous folks and their hacking machines to execute malicious code on your computer, by way of EA's Origin platform.

The exploit takes advantage of Origin's uniform resource identifier -- the protocol through which hyperlinks and shortcuts launch Origin itself and execute commands. Typically, a URI is clicked on by the user, either in the form of a link in a web browser or as a shortcut on a desktop, at which point the URI launches Origin and tells it what game to load, and how.

As it happens, certain Origin-exclusive games are vulnerable to having their execution commands subverted by precisely formatted URIs. As seen in the graph above, this can be used by bad dudes to piggyback instructions onto the URI, which can instruct Origin to load and run malicious software, rather than Crysis 3.

Avoiding this exploit is thankfully simple, however: Open Origin first, and launch games from there. The exploitative instructions are contained within the URI hyperlink -- take that out of the equation, and you should be fine.

"Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure," an EA representative told us. Uniform resource identifiers aren't unique to Origin, of course, and are widely used in everything from iTunes to Steam, the latter of which has an extremely similar vulnerability [PDF] that was discovered by ReVuln last year.

JoystiqOrigin exploit uses hyperlinks to run malicious code remotely originally appeared on Joystiq on Tue, 19 Mar 2013 15:45:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>crysis-3EAElectronic-ArtsexploithackhackingmacOriginpcphishingspoofingURITue, 19 Mar 2013 15:45:00 EST<![CDATA[Rumor: SimCity modded to disable disconnection timer, open debug mode]]>http://www.joystiq.com/2013/03/14/rumor-simcity-modded-to-disable-disconnection-timer-open-debug/http://www.joystiq.com/2013/03/14/rumor-simcity-modded-to-disable-disconnection-timer-open-debug/http://www.joystiq.com/2013/03/14/rumor-simcity-modded-to-disable-disconnection-timer-open-debug/#comments
Reddit user AzzerUK claims to have enabled SimCity's debug mode and to have disabled its disconnection timer, both of which imply that there is more to the game's inner workings than EA and Maxis originally stated.

Currently, a user that loses their connection to the server during gameplay will be logged out of the game after 20 minutes. This is supposedly because the client must sync simulation data back to the server on a regular basis, in order to ease the computational load on the user's machine and to ensure the simulation as a whole runs smoothly.

Though not demonstrated in the video above, AzzerUK claims to have disabled that disconnection timer, and that playing an offline city for extended periods of time resulted in no issues with the simulation itself. Since SimCity does not support local saves in any way, it is not possible for AzzerUK to actually save anything that happens in his offline city, but the important thing is that the simulation reportedly did not come to a screeching halt after being unable to sync with the server.

The modder/hacker also claims to have enabled SimCity's debug mode, which allows for cities to be edited beyond their typically imposed borders. Though clipping and texture mapping issues are easily visible in the above clip, the traditionally impossible highways created at least appear to function properly. This supposes that, at least theoretically, the game is capable of supporting city sizes that are larger than what is currently available.

JoystiqRumor: SimCity modded to disable disconnection timer, open debug mode originally appeared on Joystiq on Thu, 14 Mar 2013 20:15:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>city-sizedebugEAElectronic-ArtshackhackedMaxismodmoddedofflinepcsimcity-2013simcity-5Thu, 14 Mar 2013 20:15:00 EST<![CDATA[Wii U user stumbles into 'mock up' debug menu, Nintendo removes access]]>http://www.joystiq.com/2012/11/19/wii-u-user-hacks-mock-up-debug-menu-nintendo-removes-access/http://www.joystiq.com/2012/11/19/wii-u-user-hacks-mock-up-debug-menu-nintendo-removes-access/http://www.joystiq.com/2012/11/19/wii-u-user-hacks-mock-up-debug-menu-nintendo-removes-access/#comments Wii U user hacks 'mockup' debug menu, Nintendo removes accessNintendo is playing down reports of a Wii U owner accidentally hacking into Miiverse's debug interface, the company saying he only accessed a prototype. Nintendo released a statement to GamesIndustry International which says what the user found was "a mock up menu," and that it is now removed and inaccessible.

NeoGAF user Trike claimed to accidentally hack into a debug menu for Miiverse, simply by hitting X over the network's exit button. The user gained access to what Nintendo claims are mock-ups of the system's back-end. Among the things Trike stumbled upon were administrator lists and forum posts from developers. However, the info within his photos does resemble that of a mock menu, with repeated email addresses and messages.

Nintendo's official statement reads: "It has come to our attention that some people were able to access a mock up menu on Miiverse following the launch of Wii U in the US. Please note that this was only a mock up menu and has now been removed and is not accessible."

Interestingly, one of the user's photos shows a list of game-based subforums, with 'Yoshi's Land Wii U' and 'metal gear solid' among them. Of course, if the subforums are part of a prototype menu - one of them is for 'resident evils' - we can't draw anything from it.

JoystiqWii U user stumbles into 'mock up' debug menu, Nintendo removes access originally appeared on Joystiq on Mon, 19 Nov 2012 09:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackhackingmiiversenintendowii-uwii-u-launchMon, 19 Nov 2012 09:30:00 EST<![CDATA[Super Mario 64 mod adds cooperative multiplayer]]>http://www.joystiq.com/2012/10/28/super-mario-64-mod-adds-cooperative-multiplayer/http://www.joystiq.com/2012/10/28/super-mario-64-mod-adds-cooperative-multiplayer/http://www.joystiq.com/2012/10/28/super-mario-64-mod-adds-cooperative-multiplayer/#comments

The hack seen in the above video delivers multiplayer options to Super Mario 64. Thanks to YouTube user Skelux, players that follow the given instructions to patch the Nintendo 64 game can enjoy local and online co-op throughout the entire classic adventure.

For those disturbed by the obvious snubbing of Luigi in this hack, we're certain that the inclusion of Mario's long-lost cousin Blario isn't considered canon by Nintendo.

JoystiqSuper Mario 64 mod adds cooperative multiplayer originally appeared on Joystiq on Sun, 28 Oct 2012 22:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>co-ophackmario-64modmultiplayernintendosuper-mario-64Sun, 28 Oct 2012 22:30:00 EST<![CDATA[Borderlands 2 hack can 'sabotage' characters through Xbox Live, Gearbox warns [Update: patch incoming]]]>http://www.joystiq.com/2012/10/26/borderlands-2-hack-can-sabotage-characters-through-xbox-live/http://www.joystiq.com/2012/10/26/borderlands-2-hack-can-sabotage-characters-through-xbox-live/http://www.joystiq.com/2012/10/26/borderlands-2-hack-can-sabotage-characters-through-xbox-live/#comments While PS3 and PC owners can sleep soundly at night knowing that their Borderlands 2 characters are safe from the nefarious plots of evil men, Xbox 360 owners are not afforded such a luxury.

"Users have begun violating the Xbox Live Code of Conduct by using an external application to maliciously disrupt the experience and sabotage characters of legitimate Borderlands 2 players on Xbox 360," Gearbox Studios community manager Chris Faylor said in a post on the developer's official forums.

While Gearbox and its "partners" work to resolve the Xbox-specific issue, it recommends avoiding public games with unknown players for the time being. Additionally, players should always Save & Quit before returning to the dashboard or powering down their Xbox, and if you find yourself kicked back to the main menu after death, select "Continue" immediately.

What destruction is actually involved in the exploit's sabotage is uncertain - anecdotal accounts on the forum report everything from wiped character progress to entirely deleted characters. We've reached out to Gearbox for clarification and will update with any new information we receive.

Update: Gearbox has informed us that a patch to exterminate the exploit has been submitted to Microsoft for approval and will be released "as soon as possible."

[Thanks, Justin!]

JoystiqBorderlands 2 hack can 'sabotage' characters through Xbox Live, Gearbox warns [Update: patch incoming] originally appeared on Joystiq on Fri, 26 Oct 2012 16:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>2K-Gamesborderlands-2character-deletioncheatexploitgearbox-softwarehackmicrosoftxboxxbox-liveFri, 26 Oct 2012 16:00:00 EST<![CDATA[Rumor: PS3 hacked yet again, this time it might be for keeps]]>http://www.joystiq.com/2012/10/23/rumor-ps3-hacked-yet-again-this-time-it-might-be-for-keeps/http://www.joystiq.com/2012/10/23/rumor-ps3-hacked-yet-again-this-time-it-might-be-for-keeps/http://www.joystiq.com/2012/10/23/rumor-ps3-hacked-yet-again-this-time-it-might-be-for-keeps/#comments PS3 hacked yet again, this time it might be for keepsYesterday a new, PSN-enabled custom firmware for hacked PlayStation 3 consoles launched, compatible with the official firmware 4.25 release. This type of hack isn't new, and previously Sony has been able to update its firmware to sufficiently quell the hackers' reach. Following the custom firmware launch yesterday, however, was the release of the PlayStation 3's LV0 keys.

In theory, the LV0 decryption keys make is easy to decode any system update to the PlayStation 3, Eurogamer writes. The LV0 keys allow PS3 firmware to be decrypted on PC, and then re-encrypted with firmware 3.55 keys to run on hacked consoles.

A group called "The Three Muskateers" takes responsibility for the LV0 keys, but not the leak itself. That's all thanks to a new Chinese hacking group, "BlueDiskCFW," who planned to release and charge for custom firmware updates using The Three Muskateers' LV0 keys. To stop BlueDiskCFW from profiting off the keys, the Muskateers released them.

"You can be sure that if it wouldn't have been for this leak, this key would never have seen the light of day," The Three Muskateers write in a statement. "Only the fear of our work being used by others to make money out of it has forced us to release this now."

Read the complete statement from The Three Muskateers, with the keys edited out, below.

Continue reading Rumor: PS3 hacked yet again, this time it might be for keeps

JoystiqRumor: PS3 hacked yet again, this time it might be for keeps originally appeared on Joystiq on Tue, 23 Oct 2012 21:15:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>bluediskcfwfirmwarehackhackslv0lv0-keysplaystationps3ps3-hackingsystem-updatethe-three-musketeersTue, 23 Oct 2012 21:15:00 EST<![CDATA[Class action lawsuit from PlayStation Network hack mostly dismissed]]>http://www.joystiq.com/2012/10/23/class-action-lawsuit-from-playstation-network-hack-mostly-dismis/http://www.joystiq.com/2012/10/23/class-action-lawsuit-from-playstation-network-hack-mostly-dismis/http://www.joystiq.com/2012/10/23/class-action-lawsuit-from-playstation-network-hack-mostly-dismis/#comments Federal Judge Anthony Battaglia dismissed several key claims of a class action lawsuit leveled against Sony after 2011's PSN hack. Battaglia's order dismissed such claims as negligence, restitution, unjust enrichment, bailment and violations of California consumer protection statutes, Courthouse News reported.

Battaglia found that Sony didn't violate consumer protection laws because "none of the named plaintiffs subscribed to premium PSN services, and thus received the PSN services free of cost." Additionally, the privacy policy that all subscribers signed included "clear admonitory language that Sony's security was not 'perfect,'" and "no reasonable consumer could have been deceived."

The bailment charge was dropped because "plaintiffs freely admit, plaintiffs' personal information was stolen as a result of a criminal intrusion of Sony's Network," Battaglia wrote. "Plaintiffs do not allege that Sony was in any way involved with the Data Breach."

Battaglia offered the class an option to amend its claims for injunctive relief and violation of consumer protection law.

JoystiqClass action lawsuit from PlayStation Network hack mostly dismissed originally appeared on Joystiq on Tue, 23 Oct 2012 20:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>class-actionclass-action-lawsuithacklawsuitplaystationps3psn-hackpsn-outage-2011SONYsony-hackTue, 23 Oct 2012 20:00:00 EST<![CDATA[Hackaday's custom Portal gun levitates a Companion Cube]]>http://www.joystiq.com/2012/10/12/hackadays-custom-portal-gun-levitates-a-companion-cube/http://www.joystiq.com/2012/10/12/hackadays-custom-portal-gun-levitates-a-companion-cube/http://www.joystiq.com/2012/10/12/hackadays-custom-portal-gun-levitates-a-companion-cube/#comments
Sure, everyone and their mother has made a custom Portal gun at this point, but the fine folks at Hackaday have raised the bar into the stratosphere. The floating Companion Cube effect was accomplished by ripping out the magnets in a floating globe, and the cube itself was created to proper size and weight specifications.

The gun itself is not custom, however - it's store bought. The process of creating the Companion Cube and applying the magnetic housing to the Portal gun itself is pretty interesting, all of which you can check out in the video above and through the source link below.

JoystiqHackaday's custom Portal gun levitates a Companion Cube originally appeared on Joystiq on Fri, 12 Oct 2012 16:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>companion-cubehackmacmicrosoftmodpcplaystationportal-2portal-gunps3valvexboxFri, 12 Oct 2012 16:00:00 EST<![CDATA[World of Warcraft cities become insta-deathtraps, hacker suspected]]>http://www.joystiq.com/2012/10/07/world-of-warcraft-cities-become-insta-deathtraps-hacker-suspect/http://www.joystiq.com/2012/10/07/world-of-warcraft-cities-become-insta-deathtraps-hacker-suspect/http://www.joystiq.com/2012/10/07/world-of-warcraft-cities-become-insta-deathtraps-hacker-suspect/#comments

Entire cities of players and NPCs in World of Warcraft are being wiped out in a solitary blow, WoW Insider reports. The death traps began on European servers, in the cities of Ogrimmar and Stormwind, and have since spread to Tarren Mill, Ragnaros, Draenor, Twisting Nether and other realms, and include US servers, according to player reports.

A few videos document the phenomenon, showing level one characters insta-killing everyone in the area and the subsequent graveyards. The above video shows a level one Priest as he takes out everyone around him in Stormwind (the YouTube description reads, "The guy laughing is not the hacker!").

Blizzard has yet to comment officially.

JoystiqWorld of Warcraft cities become insta-deathtraps, hacker suspected originally appeared on Joystiq on Sun, 07 Oct 2012 16:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>Blizzarddeathhackinsta-deathmacpcWorld-of-WarcraftWoWSun, 07 Oct 2012 16:30:00 EST<![CDATA[Tekken Tag Tournament 2 DLC characters found on Xbox 360 disc]]>http://www.joystiq.com/2012/09/10/tekken-tag-tournament-2-dlc-characters-found-on-xbox-360-disc/http://www.joystiq.com/2012/09/10/tekken-tag-tournament-2-dlc-characters-found-on-xbox-360-disc/http://www.joystiq.com/2012/09/10/tekken-tag-tournament-2-dlc-characters-found-on-xbox-360-disc/#comments Tekken Tag Tournament 2's hidden characters discoveredSome dataminers have apparently discovered extra hidden characters on the Xbox 360 game disc for Tekken Tag Tournament 2. Sorry, still no Gon to be seen, but discovered fighters include that old coot Dr. Bosconovitch, original Tekken Tag Tournament boss character Unknown, a skinny version of Bob, Xiaoyu's classmate Miharu, Emilie "Lilli" de Rochefort's butler Sebastian and Lee's alter-ego, Violet.

While these characters have been found on the disc, it appears they aren't hidden characters players will unlock in the retail version of the game. Instead, the full playable characters appear to be future DLC to join the already proposed DLC characters. Namco has said that it plans to offer all character DLC free of charge, so we don't expect anyone will have to pay out of pocket to play as Dr. B when these fighters are officially unveiled.

JoystiqTekken Tag Tournament 2 DLC characters found on Xbox 360 disc originally appeared on Joystiq on Mon, 10 Sep 2012 21:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackmicrosoftnamco-bandaiplaystationps3Tekken-Tag-Tournament-2xboxMon, 10 Sep 2012 21:00:00 EST<![CDATA[Vita homebrew hack under way, won't allow users to pirate retail games]]>http://www.joystiq.com/2012/09/08/vita-homebrew-hack-underway-wont-allow-users-to-pirate-retail/http://www.joystiq.com/2012/09/08/vita-homebrew-hack-underway-wont-allow-users-to-pirate-retail/http://www.joystiq.com/2012/09/08/vita-homebrew-hack-underway-wont-allow-users-to-pirate-retail/#comments Homebrew developers without access to a PlayStation Vita development kit may have something to look forward to, as independent developer Yifan Lu has purportedly found an exploit that allows retail systems to run native, homebrewed Vita code. Lu is seeking other developers to help with the project, though neither an expected release date nor information regarding how the exploit functions have been made public.

What we do know, however, is that Lu's exploit is being developed for the sole benefit of the homebrewing community, as opposed to purposes more suited to blacker hats. "No tool I will make will benefit piracy," Lu told PlayStation Lifestyle. "This tool, in fact, cannot be used for loading backups/pirated content even if I want to because of the physical limitations of the exploit."

Specifically, the exploit is "userland" and is incapable of decrypting or running retail games, Lu says. Though Lu is aware that releasing his exploit could lead to deeper analysis of the system and subsequently a more nefarious full-kernel hack, he would feel guilty if he "found something that could benefit the community (running homebrews and letting developers who can't pay the license to develop/test games)" and kept it under wraps.

JoystiqVita homebrew hack under way, won't allow users to pirate retail games originally appeared on Joystiq on Sat, 08 Sep 2012 16:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>exploithackhomebrewplaystationplaystation-vitavitaYifan-LuSat, 08 Sep 2012 16:30:00 EST<![CDATA[Anonymous: PSN hacked again, 10 million accounts at risk [update: Perhaps not]]]>http://www.joystiq.com/2012/08/15/anonymous-psn-hacked-again-10-million-accounts-at-risk/http://www.joystiq.com/2012/08/15/anonymous-psn-hacked-again-10-million-accounts-at-risk/http://www.joystiq.com/2012/08/15/anonymous-psn-hacked-again-10-million-accounts-at-risk/#comments A tweet by hacker group Anonymous links out to a document titled "Sony Hacked (LEAK) Playstation Network Pwned," containing a list of email addresses and what appears to be hashed passwords.

The hacker claims to have about 50 gigabytes of information beyond what's in the document, and about 10 million accounts are "at risk." "Yes, if you play PlayStation Network, you're included <3." So yeah, change your passwords, remove your credit card info from your account. Unfortunately, you know the drill by now.

Update: Kotaku reports that the list in the Pastebin doc is a copy of a seemingly unrelated list of email addresses from March 2012, called "Email accs! // universe security sucks." The PSN hack, in other words, appears to be a rumor that didn't turn out to be true. We're checking with Sony regardless.

Still, when was the last time you changed your password?

JoystiqAnonymous: PSN hacked again, 10 million accounts at risk [update: Perhaps not] originally appeared on Joystiq on Wed, 15 Aug 2012 14:20:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>anonymoushackplaystationplaystation-vitaps3psn-hackpspsonyvitaWed, 15 Aug 2012 14:20:00 EST<![CDATA[The best way to play Angry Birds is with this custom USB controller]]>http://www.joystiq.com/2012/08/09/the-best-way-to-play-angry-birds-is-with-this-custom-usb-control/http://www.joystiq.com/2012/08/09/the-best-way-to-play-angry-birds-is-with-this-custom-usb-control/http://www.joystiq.com/2012/08/09/the-best-way-to-play-angry-birds-is-with-this-custom-usb-control/#comments The best way to play Angry Birds is with this custom USB controller
While Angry Birds is mostly "been there, done that" at this point in time, we've got to give it up to the setup seen above. The custom "Super Angry Birds" controller above is a complicated USB mod using wood and gyros. Hacks were definitely involved.

You adjust trajectory using the wooden sling, then pull back on the plastic bird to adjust power and let 'er rip. Simple. And if you're wondering how this setup handles those birds with special abilities, you only need watch the above video for 20 seconds or so. That neat little TNT box gets the job done!

JoystiqThe best way to play Angry Birds is with this custom USB controller originally appeared on Joystiq on Thu, 09 Aug 2012 04:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>angry-birdsangry-birds-spacehackmacmodsuper-angry-birdsThu, 09 Aug 2012 04:00:00 EST<![CDATA[Dual-analog N64 controller hacked together for Star Wars Episode I: Racer, GoldenEye]]>http://www.joystiq.com/2012/08/08/dual-analog-n64-controller-hacked-together-for-star-wars-episode/http://www.joystiq.com/2012/08/08/dual-analog-n64-controller-hacked-together-for-star-wars-episode/http://www.joystiq.com/2012/08/08/dual-analog-n64-controller-hacked-together-for-star-wars-episode/#comments Dualanalog N64 controller hacked together for Star Wars Episode I Racer, GoldenEye
If you're like YouTube user "2010clarky," you probably wish you had two analog sticks for some Nintendo 64 games. Well unlike you, 2010clarky modded a slick N64 controller that features two analog sticks in order to play Star Wars Episode I Racer and GoldenEye 007. The result is pretty excellent.

JoystiqDual-analog N64 controller hacked together for Star Wars Episode I: Racer, GoldenEye originally appeared on Joystiq on Wed, 08 Aug 2012 21:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackmodn64n64-controllerWed, 08 Aug 2012 21:30:00 EST<![CDATA[Modded Sega Genesis does what Nintendon't: administers electric shocks]]>http://www.joystiq.com/2012/08/04/modded-sega-genesis-does-what-nintendont-administers-electric/http://www.joystiq.com/2012/08/04/modded-sega-genesis-does-what-nintendont-administers-electric/http://www.joystiq.com/2012/08/04/modded-sega-genesis-does-what-nintendont-administers-electric/#comments Modded Sega Genesis does what Nintendon't administers electric shocks
Dyak and Furrtek, for reasons unknown, decided to mod a Sega Genesis with parts of a shock collar meant for dogs. The result is the Genezap, which delivers an electric charge of a modifiable intensity whenever the player takes damage in Sonic, Mega Bomberman, or other games.

They did this on purpose.

JoystiqModded Sega Genesis does what Nintendon't: administers electric shocks originally appeared on Joystiq on Sat, 04 Aug 2012 21:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>genezaphackmoddingsegasega-genesisSat, 04 Aug 2012 21:00:00 EST<![CDATA[Microsoft: Xbox Live security strengthened, sneakily started with spring update]]>http://www.joystiq.com/2012/07/19/microsoft-xbox-live-security-strengthened-sneakily-started-wit/http://www.joystiq.com/2012/07/19/microsoft-xbox-live-security-strengthened-sneakily-started-wit/http://www.joystiq.com/2012/07/19/microsoft-xbox-live-security-strengthened-sneakily-started-wit/#comments Despite Microsoft working to ensure the security of its Xbox Live network, the company has encouraged users to check their security information and update their passwords in a community blog post today. It's a cruel (virtual) world out there, folks.

It's all part of new security measures that Microsoft is employing, measures that began with the spring update issued last month. The update helped Microsoft "build on security enhancements for the near future," says Xbox Live general manager Alex Garden.

Xbox Live took its share of security lumps this year, including claims of a FIFA hack and purported Windows Live ID problems. In the community post, Microsoft also provides some general internet security tips - in case you didn't know it was a bad idea to use the same password for every site you've ever logged onto.

JoystiqMicrosoft: Xbox Live security strengthened, sneakily started with spring update originally appeared on Joystiq on Thu, 19 Jul 2012 05:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>fifa-hackhackkinectmicrosoftsecurityspring-updatexboxxbox-liveThu, 19 Jul 2012 05:00:00 EST<![CDATA[Today's old car junk is tomorrow's video game controller]]>http://www.joystiq.com/2012/06/26/todays-old-car-junk-is-tomorrows-video-game-controller/http://www.joystiq.com/2012/06/26/todays-old-car-junk-is-tomorrows-video-game-controller/http://www.joystiq.com/2012/06/26/todays-old-car-junk-is-tomorrows-video-game-controller/#comments Today's old car junk is tomorrow's video game controllerEvery unused car part you have is basically living in your place, rent free. Did you know that? How do we keep letting this junk get away with that?

Well, here's an idea: turn that lazy junk into working video game hardware. Jason Torchinsky did just that, using an old power seat controller from an Oldsmobile to play some Ms. Pac-Man. You can check out the whole how-to over on Jalopnik - or, if you're anything like us, you can just call your dad, tell him to come over and make him do it.

JoystiqToday's old car junk is tomorrow's video game controller originally appeared on Joystiq on Tue, 26 Jun 2012 04:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>controllerdiyhackjoystickmodms-pac-manoldsmobilePac-ManTue, 26 Jun 2012 04:00:00 EST<![CDATA[League of Legends EU accounts hacked, no billing info at risk]]>http://www.joystiq.com/2012/06/10/league-of-legends-eu-accounts-hacked-no-billing-info-at-risk/http://www.joystiq.com/2012/06/10/league-of-legends-eu-accounts-hacked-no-billing-info-at-risk/http://www.joystiq.com/2012/06/10/league-of-legends-eu-accounts-hacked-no-billing-info-at-risk/#comments League of Legends EU accounts hacked, no billing information at riskLeague of Legends accounts in certain European regions have been hacked, Riot Games notified players yesterday. The EU West and EU Nordic and East databases were breached, with hackers accessing email addresses, encrypted account passwords, summoner names, dates of birth and, for a small number of players, full names and security questions and responses.

"Absolutely no" billing or payment information was breached, Riot said. Riot stores passwords in encrypted form, but more than half of the passwords at risk were simple enough to fall victim to simple cracking.

Riot has fixed the security exploit and is emailing all players in the affected region, and will be updating this post. Security experts and the appropriate authorities have been notified, Riot said.

For now, League of Legends players would do well to change their passwords, and make sure they're something more complex than "password."

"Brandon and I want to sincerely and personally apologize to you for this situation," Riot's Marc Merrill concludes his post. "We take your privacy and security seriously, and we're working diligently to improve it for the better."

JoystiqLeague of Legends EU accounts hacked, no billing info at risk originally appeared on Joystiq on Sun, 10 Jun 2012 15:45:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackleague-of-legendspasswordpcriot-gamessecuritySun, 10 Jun 2012 15:45:00 EST<![CDATA[Blizzard: Diablo 3 account compromises historically in line with WoW expansions]]>http://www.joystiq.com/2012/05/22/blizzard-diablo-3-account-compromises-historically-in-line-with/http://www.joystiq.com/2012/05/22/blizzard-diablo-3-account-compromises-historically-in-line-with/http://www.joystiq.com/2012/05/22/blizzard-diablo-3-account-compromises-historically-in-line-with/#comments ImageThe Blizzard forums are bursting with stories of Diablo 3 players' gold and items magically disappearing from their accounts, and while we bemoan the losses they're not entirely surprising.

"Historically, the release of a new game -- such as a World of Warcraft expansion -- will result in an increase in reports of individual account compromises, and that's exactly what we're seeing now with Diablo 3," Blizzards told Joystiq this evening. "We know how frustrating it can be to become the victim of account theft, and as always, we're dedicated to doing everything we can to help our players keep their Battle.net accounts safe -- and we appreciate everyone who's doing their part to help protect their accounts as well."

Continue reading Blizzard: Diablo 3 account compromises historically in line with WoW expansions

JoystiqBlizzard: Diablo 3 account compromises historically in line with WoW expansions originally appeared on Joystiq on Tue, 22 May 2012 01:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>accountauthenticatorbattle.netBlizzardDiablo-3hackkeyloggerpcTue, 22 May 2012 01:00:00 EST<![CDATA[How GeoHot went from winning science fairs to instigating the hacker war]]>http://www.joystiq.com/2012/04/30/how-geohot-went-from-winning-science-fairs-to-instigating-the-ha/http://www.joystiq.com/2012/04/30/how-geohot-went-from-winning-science-fairs-to-instigating-the-ha/http://www.joystiq.com/2012/04/30/how-geohot-went-from-winning-science-fairs-to-instigating-the-ha/#commentsImageHackers built the Internet. Throughout the 1970s and '80s hackers altered the Internet from a strictly business communications system for the defense department and librarians into a robust online community for anyone with a computer to use as they pleased. The Internet and computer technology is still evolving, perhaps at a a faster, more public rate today, and hackers are still at the forefront of its design. Hackers such as Geohot, the guy who rooted Sony's PS3 early last year.

George Hotz posted the PS3 root key online with a statement reading "I don't condone piracy" in January 2011 and it spread online. Geohot became an unsuspecting martyr in the hacker community when Sony sued him and won an injunction barring him from ever tampering with a Sony product again. Thus began the hacker wars, The New Yorker suggests in a biographical run-down of 2011's events.

Hotz was brilliant in science and technology fields throughout middle and high school, winning $15,000 at the Intel International Science and Engineering Fair in 2007 and appearing in Forbes and on The Today Show for his technological achievements.

He hacked the PS3 master key while he was high on OxyContin and Vicodin. He didn't condone or participate in any of Anonymous' hacks into Sony's servers, and since his online spotlight has faded he's worked for Facebook, quit and run amok in Panama, and met with Sony engineers curious about his methodology. He has reminders to "Call therapist" on his whiteboard. Geohotz is human, The New Yorker makes sure to point out.

The full story is available here, or we figure you can just watch this eerily similar dramatic recreation of an antisocial programmer's rise to fame. They're both human, after all.

JoystiqHow GeoHot went from winning science fairs to instigating the hacker war originally appeared on Joystiq on Mon, 30 Apr 2012 21:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>anonymousGeohotGeorge-HotzhackhackerLulzSecplaystationps3psn-outage-2011sony-hackMon, 30 Apr 2012 21:30:00 EST<![CDATA[Sony restores PSN games that allowed Vita hack (but there's another one)]]>http://www.joystiq.com/2012/04/20/sony-restores-psn-games-that-allowed-vita-hack-but-theres-anot/http://www.joystiq.com/2012/04/20/sony-restores-psn-games-that-allowed-vita-hack-but-theres-anot/http://www.joystiq.com/2012/04/20/sony-restores-psn-games-that-allowed-vita-hack-but-theres-anot/#comments
Image
Sony pulled two PSP titles, Hot Shots Tennis and MotorStorm Arctic Rift, from the PlayStation Network in March when they were found to be open portals to Vita hacking heaven, allowing people to use homebrew programming through the Vita's PSP emulator. Both of these titles are currently back on the Vita and the hack scare is gone forever and ev - er, maybe not.

Vita version 1.67 closed off the ability for hackers to run the VHBL program in Hot Shot Tennis and MotorStorm Arctic Rift, but the folks at Wololo.net have found another game that runs the same program even after the update. The above video shows Wololo's Doom running on a Vita. It hasn't yet disclosed which game allows the hack.

JoystiqSony restores PSN games that allowed Vita hack (but there's another one) originally appeared on Joystiq on Fri, 20 Apr 2012 21:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>doomemulatorhackhomebrewplaystationplaystation-vitaSONYvitavita-hackFri, 20 Apr 2012 21:00:00 EST<![CDATA[Microsoft responds to claims of Xbox 360 hard drives storing old credit card info]]>http://www.joystiq.com/2012/03/30/microsoft-responds-to-xbox-360-hard-drives-storing-credit-card-i/http://www.joystiq.com/2012/03/30/microsoft-responds-to-xbox-360-hard-drives-storing-credit-card-i/http://www.joystiq.com/2012/03/30/microsoft-responds-to-xbox-360-hard-drives-storing-credit-card-i/#comments Yesterday, we reported on a research group at Drexel University who claimed Xbox 360 hard drives retained the credit card info of past users. Today, Microsoft issued a statement in response to the claim.

Jim Alkove, general manager of Microsoft's security of interactive entertainment business, responded to Joystiq today, offering the following statement:
We are conducting a thorough investigation into the researchers' claims. We have requested information that will allow us to investigate the console in question and have still not received the information needed to replicate the researchers' claims.

Xbox is not designed to store credit card data locally on the console, and as such seems unlikely credit card data was recovered by the method described. Additionally, when Microsoft refurbishes used consoles we have processes in place to wipe the local hard drives of any other user data. We can assure Xbox owners we take the privacy and security of their personal data very seriously.

In summary, Microsoft is looking into the claim, and suggests it's not possible to strip previous users' credit card data from a refurbished console. But best to hold onto that old Xbox 360 for now, until this whole thing is figured out.

JoystiqMicrosoft responds to claims of Xbox 360 hard drives storing old credit card info originally appeared on Joystiq on Fri, 30 Mar 2012 13:43:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>credit-card-infohackjim-alkovemicrosoftxboxFri, 30 Mar 2012 13:43:00 EST<![CDATA[Report: Hackers can pull credit card info from old Xbox 360 hard drives]]>http://www.joystiq.com/2012/03/29/report-hackers-can-pull-credit-card-info-from-old-xbox-360-hard/http://www.joystiq.com/2012/03/29/report-hackers-can-pull-credit-card-info-from-old-xbox-360-hard/http://www.joystiq.com/2012/03/29/report-hackers-can-pull-credit-card-info-from-old-xbox-360-hard/#comments Update: Microsoft has responded to the claim that Xbox 360 hard drives store credit card data of past users. You can read the statement here.

A new report suggests uncouth citizens can retrieve credit card data and other personal information from an old Xbox 360 hard drive -- even if it was re-formatted and the console restored back to factory settings.

The report comes from an ongoing study at Drexel University. Researcher Ashley Podhradsky told Kotaku that Microsoft does a good job protecting its own proprietary information on the console, but doesn't take any steps to protect user data. As part of the study, the group purchased one used Xbox 360 console, installed some hacking tools and started to root around. Soon enough they were able to retrieve some files and folders, eventually extracting the original owner's credit card information.

We've contacted Microsoft to try and find out if this is the case on all hard drives and even USB drives that have had profiles transferred onto them, and if there are any possible steps users may take to protect their data (other than chucking their devices into a volcano). With several gaming platforms and company websites falling prey to hackers over the last year, and the continual rise of digital distribution, safe online infrastructures are more important than ever to gamers today.

JoystiqReport: Hackers can pull credit card info from old Xbox 360 hard drives originally appeared on Joystiq on Thu, 29 Mar 2012 21:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>drexel-universityhackmicrosoftreportxboxxbox-360-hard-driveThu, 29 Mar 2012 21:30:00 EST<![CDATA[Gabe Newell on the Steam hack: 'Probable' that user information obtained]]>http://www.joystiq.com/2012/02/10/gabe-newell-updates-users-on-the-steam-hack/http://www.joystiq.com/2012/02/10/gabe-newell-updates-users-on-the-steam-hack/http://www.joystiq.com/2012/02/10/gabe-newell-updates-users-on-the-steam-hack/#comments The Steam forums and database was hacked in November, and Valve is still investigating the breach. In a new note to Steam users, Valve head Gabe Newell announced that "it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008." The file contained user names and email addresses, and encrypted billing addresses and credit-card information, but it did not include passwords, Newell said.

So far there has been no evidence that credit cards or billing addresses have been compromised from the attack, but Steam users should pay close attention to their accounts and keep Steam Guard on, Newell said. Read Gabe's full update below, which has been sent to all Steam gamers as well.

Update: The headline previously included the phrases "credit card info" and "at risk," which seemed alarmist to some readers. It has been updated and glasses of warm milk passed around to everyone. Enjoy.

Continue reading Gabe Newell on the Steam hack: 'Probable' that user information obtained

JoystiqGabe Newell on the Steam hack: 'Probable' that user information obtained originally appeared on Joystiq on Fri, 10 Feb 2012 14:45:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>billingcredit-cardgabe-newellhackhackersmacpcSTEAMFri, 10 Feb 2012 14:45:00 EST<![CDATA[Vita gets more Remote Play titles with hacked PS3 firmware]]>http://www.joystiq.com/2012/01/23/vita-gets-more-remote-play-titles-with-hacked-ps3-firmware/http://www.joystiq.com/2012/01/23/vita-gets-more-remote-play-titles-with-hacked-ps3-firmware/http://www.joystiq.com/2012/01/23/vita-gets-more-remote-play-titles-with-hacked-ps3-firmware/#comments
Several YouTube videos have popped up, showcasing PlayStation 3 titles being played via the PlayStation Vita's Remote Play function -- titles usually not supported by the feature. Officially, the Vita is currently restricted to a handful of titles, but a hacked version of PS3 firmware 3.55 (reportedly susceptible to the infamous PS3 "jailbreak" hack) allows users to play many more titles.

The Vita appears as a "mobile phone" in this configuration, and offers up a wider variety of choices than the normal Vita Remote Play. The videos in question, uploaded by YouTube users homer49, feature Batman: Arkham Asylum, Battlefield 3 (shown above), Alice: Madness Returns, Mortal Kombat and Red Dead Redemption. The games display a hefty amount of input lag.

Sony still plans to expand the official Remote Play library going forward. The company previously showed Killzone 3 running via Remote Play at the Tokyo Game Show and stated that developers would soon receive tools to help implement Remote Play on upcoming and previously released titles.

JoystiqVita gets more Remote Play titles with hacked PS3 firmware originally appeared on Joystiq on Mon, 23 Jan 2012 18:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackhacksplaystationplaystation-vitaps3PS3-Firmware-3.55vitaMon, 23 Jan 2012 18:00:00 EST<![CDATA[VideoGamesPlus.ca investigating 'security issue,' recommends password change]]>http://www.joystiq.com/2012/01/18/videogamesplus-ca-investigating-security-issue-recommends-pas/http://www.joystiq.com/2012/01/18/videogamesplus-ca-investigating-security-issue-recommends-pas/http://www.joystiq.com/2012/01/18/videogamesplus-ca-investigating-security-issue-recommends-pas/#comments Earlier today it was reported that VideoGamesPlus.ca had been hacked and 21,000 customers' account details were posted for all to see. Eurogamer obtained an email from the company to customers saying the site is "currently investigating a security issue" and is recommending folks to change their passwords.

The problems started when a hacker claimed he had the account details and posted them (since removed) on a file-sharing site. The details included customer names, dates of birth, email addresses, phone numbers and encrypted passwords.

Short version: If you're a VGP customer, change the password for any accounts that shared the same password.

[Pavel Ignatov via Shutterstock]

JoystiqVideoGamesPlus.ca investigating 'security issue,' recommends password change originally appeared on Joystiq on Wed, 18 Jan 2012 23:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackmicrosoftnintendopcplaystationps3vgpVideoGamesPlus.cawiixboxWed, 18 Jan 2012 23:00:00 EST<![CDATA[Report: UK retailer GAME's customer database breached]]>http://www.joystiq.com/2012/01/16/report-uk-retailer-games-customer-database-breached/http://www.joystiq.com/2012/01/16/report-uk-retailer-games-customer-database-breached/http://www.joystiq.com/2012/01/16/report-uk-retailer-games-customer-database-breached/#commentsA customer database belonging to UK retailer GAME has been breached, as has one belonging to Australian website Catalyst-Gaming, MCV reports. A list of over 2000 customer usernames, email addresses, and hashed passwords has been released.

GAME denied that it's been hacked. "The published email addresses are not registered users of GAME.co.uk, and there has been no breach of our database security." That leaves catalyst-gaming as a potential source of email addresses. Regardless, if you've used either site recently, a password change wouldn't hurt.

JoystiqReport: UK retailer GAME's customer database breached originally appeared on Joystiq on Mon, 16 Jan 2012 12:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>breachcatalyst-gaminggamehacksecurityukMon, 16 Jan 2012 12:30:00 EST<![CDATA[Windows Live login suggested as Xbox Live security flaw]]>http://www.joystiq.com/2012/01/13/windows-live-login-suggested-as-xbox-live-security-flaw/http://www.joystiq.com/2012/01/13/windows-live-login-suggested-as-xbox-live-security-flaw/http://www.joystiq.com/2012/01/13/windows-live-login-suggested-as-xbox-live-security-flaw/#comments Since reporting on the "FIFA hack" and related security concerns with Xbox Live and the Windows Live ID system, we've received stories, documentation and theories on how this is happening from dozens of victims. As we continue to follow up on several leads, Analoghype posits an interesting theory on how some of these breaches may be occurring.

AH suspects that the hackers grab gamertags from a game of Halo or Call of Duty, then Google the tags to find associated emails on social networking sites. They now have a potential list of Windows Live IDs. Going to Xbox.com, the hacker can now test if the email is a valid ID by attempting to sign in. An error message of "account is invalid" has them moving on to another email; "password is incorrect" means they've got a real account, but a bad password.

Continue reading Windows Live login suggested as Xbox Live security flaw

JoystiqWindows Live login suggested as Xbox Live security flaw originally appeared on Joystiq on Fri, 13 Jan 2012 11:50:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>fifa-hackhackmicrosoftsecuritywindows-live-idxboxxbox-liveFri, 13 Jan 2012 11:50:00 EST<![CDATA[Ben Heck turns an iCade into an iPhone gamepad before iCade can]]>http://www.joystiq.com/2012/01/12/ben-heck-turns-an-icade-into-an-iphone-gamepad-before-icade-can/http://www.joystiq.com/2012/01/12/ben-heck-turns-an-icade-into-an-iphone-gamepad-before-icade-can/http://www.joystiq.com/2012/01/12/ben-heck-turns-an-icade-into-an-iphone-gamepad-before-icade-can/#comments
Not to be confused with iCade's recently announced official controller, Ben Heck's preemptive strike against iCade's $80 enclosure is made possible through reverse-engineering the original iCade unit. We suppose Heck's version isn't a more prudent alternative, but that doesn't make a magician's work any less interesting.

Heck's game pad features eight face buttons, a pair of triggers on the top and a d-pad on the left side. It's more function than form but, as you can see, it gets the job done.

JoystiqBen Heck turns an iCade into an iPhone gamepad before iCade can originally appeared on Joystiq on Thu, 12 Jan 2012 01:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>ben-heckgamepadhackiosipadiphonemobilemodThu, 12 Jan 2012 01:00:00 EST<![CDATA[The Envision: A portable Gamecube sans disc drive]]>http://www.joystiq.com/2012/01/08/the-envision-a-portable-gamecube-sans-disc-drive/http://www.joystiq.com/2012/01/08/the-envision-a-portable-gamecube-sans-disc-drive/http://www.joystiq.com/2012/01/08/the-envision-a-portable-gamecube-sans-disc-drive/#comments
One of the main problems faced by hackers and modders creating portable versions of home consoles is, well, portability. Making something you can hold in your hands isn't exactly an easy task, but creating something that also fits in your messenger bag is a tall order, especially when hacking together a handheld version of something with a disc drive.

ModRetro member Jonathan Shine's solution to this problem is as ingenious as it is simple: If the disc drive is too thick, don't use it. The Envision, Shine's homemade portable Gamecube, kicks spinning media to the curb in favor of an SD card loaded with what we're sure are completely legal and legitimate backups of games he already owns. The device measures approximately 1.375 by 6.5 by 4.125 inches and will run for 2 to 3 hours on a single charge. Check out this thread at ModRetro for complete build specs and more pictures of the finished product.

[Thanks, Mason!]

JoystiqThe Envision: A portable Gamecube sans disc drive originally appeared on Joystiq on Sun, 08 Jan 2012 16:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>customgamecubehackhackerhandheldhomemademodmoddernintendoprotableSun, 08 Jan 2012 16:30:00 EST<![CDATA[Xbox Live 'FIFA hack' concerns continue to escalate, Microsoft states Windows Live ID not compromised]]>http://www.joystiq.com/2012/01/04/xbox-live-fifa-hack-concerns-continue-to-escalate-microsoft-s/http://www.joystiq.com/2012/01/04/xbox-live-fifa-hack-concerns-continue-to-escalate-microsoft-s/http://www.joystiq.com/2012/01/04/xbox-live-fifa-hack-concerns-continue-to-escalate-microsoft-s/#comments Additional reporting provided by Xav de Matos, Senior Editor for Shacknews.
Following an increasing occurrence of Xbox Live account hack reports, we are growing concerned over Microsoft's Windows Live ID system, the only layer of protection between a hacker gaining access to a person's Xbox Live account and their information. In our research, the only consistency we saw across users who were hacked was the general inconsistency of what email and payment method was used on their account. Hotmail, Gmail and school emails were used for their Windows Live ID, while payment methods used were credit cards and PayPal. Other than a compromised Windows Live ID, there wasn't a common thread we could identify.

It's been several months since we started following the "FIFA hack," a rather blunt scam that saw Xbox Live accounts drained so thieves could purchase in-game FIFA 12 'Ultimate Team' cards for use and sale. We have been tracking the FIFA issue and following up on other tips that weren't necessarily rooted in the FIFA hack, but related in that users saw exploitation of payment methods tied to their account. A recent Shacknews editorial detailed accounts compromised by the FIFA exploit.

Continue reading Xbox Live 'FIFA hack' concerns continue to escalate, Microsoft states Windows Live ID not compromised

JoystiqXbox Live 'FIFA hack' concerns continue to escalate, Microsoft states Windows Live ID not compromised originally appeared on Joystiq on Wed, 04 Jan 2012 12:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>fifa-12fifa-hackfifa-soccer-12hackmicrosoftsecuritywindows-live-idxboxXbox-Livexbox-live-hackWed, 04 Jan 2012 12:00:00 EST<![CDATA[Engineer makes cat companion out of robot using Kinect and Wiimotes]]>http://www.joystiq.com/2012/01/04/engineer-makes-cat-companion-out-of-robot-using-kinect-and-wiimo/http://www.joystiq.com/2012/01/04/engineer-makes-cat-companion-out-of-robot-using-kinect-and-wiimo/http://www.joystiq.com/2012/01/04/engineer-makes-cat-companion-out-of-robot-using-kinect-and-wiimo/#comments
Until the robots rise up and destroy us all, software engineer Taylor Veltrop is fine with using our future usurpers as feline babysitters.

Veltrop has hacked together a Kinect, two Wiimotes, head-mounted display, treadmill and a Nao robot to remotely pet a cat. It may have taken him about a year to get this far, but in the end it's worth it: we get a video showing an amount of human-robot relations not seen since Sarah and her son befriended a T-800 ... and Veltrop gets to pet a cat. Win-win situation, if you ask us.

JoystiqEngineer makes cat companion out of robot using Kinect and Wiimotes originally appeared on Joystiq on Wed, 04 Jan 2012 07:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackkinectmicrosoftnaonintendopctaylor-veltropwiixboxWed, 04 Jan 2012 07:00:00 EST<![CDATA[Report: Anonymous after Sony execs, not PSN]]>http://www.joystiq.com/2012/01/02/report-anonymous-after-sony-execs-not-psn/http://www.joystiq.com/2012/01/02/report-anonymous-after-sony-execs-not-psn/http://www.joystiq.com/2012/01/02/report-anonymous-after-sony-execs-not-psn/#comments PlayStation Lifestyle reports that Anonymous has clarified its position regarding attacks on Sony over the abhorrent SOPA law -- keeping in mind that Anonymous isn't a strongly cohesive "group," and so it's not entirely possible to ascribe a single point of view to it.

The opening message on the group's "#OpSony" IRC room was reportedly changed to "NO SOPA! NO ATTACK ON PSN!" In an area for planning "ops," the group suggested that "Doxing [posting personal documents] will occur on Sony executives." Other avenues of attack included hacking Sony websites to place anti-SOPA material.

This attitude is consistent with statements previously attributed to the group, expressing a desire not to inconvenience Sony customers while carrying out protests against Sony.

JoystiqReport: Anonymous after Sony execs, not PSN originally appeared on Joystiq on Mon, 02 Jan 2012 20:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>anonymoushackopsonyplaystationplaystation-vitaps3pspsonysopavitaMon, 02 Jan 2012 20:00:00 EST<![CDATA[cTrix's gATARI2600 chiptune "guitar"]]>http://www.joystiq.com/2012/01/01/ctrixs-gatari2600-chiptune-guitar/http://www.joystiq.com/2012/01/01/ctrixs-gatari2600-chiptune-guitar/http://www.joystiq.com/2012/01/01/ctrixs-gatari2600-chiptune-guitar/#comments
The chiptune music scene is known for its creative use of antiquated gaming hardware, and you'd be hard pressed to find a better example of "antiquated" than 1977's Atari 2600. Through a clever mix of custom software, handmade cartridges and three Boss stomp boxes, chiptune artist/modder cTrix has created the gATARI2600, an instrument as massive as it is massively impressive.

Check out the video above for cTrix's explanation of the device's components, as well as footage of the monstrosity (the instrument, not cTrix) in action at Blip Fest 2011. Personally, we're still holding out for an Intellivision viola.

JoystiqcTrix's gATARI2600 chiptune "guitar" originally appeared on Joystiq on Sun, 01 Jan 2012 11:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>atariatari-2600chiptunecTrixgatarigATARI2600hackmodSun, 01 Jan 2012 11:00:00 EST<![CDATA[Square Enix: No personal information accessed from SE Members server]]>http://www.joystiq.com/2011/12/20/square-enix-no-personal-information-accessed-from-se-members-se/http://www.joystiq.com/2011/12/20/square-enix-no-personal-information-accessed-from-se-members-se/http://www.joystiq.com/2011/12/20/square-enix-no-personal-information-accessed-from-se-members-se/#comments Last week, Square Enix told us it had yet to find any evidence of personal information being compromised as a result of the intrusion into its Square Enix Members server. The company has since posted a most welcome update on the Members site.

"As a result of our continuing investigation, we have now confirmed that the database in which we store personal information was NOT accessed during the recent server intrusion," Square Enix said, capitals and all. "Therefore, your personal information was NOT compromised by an unknown third party."

The Members service will be reactivated, presumably with more security in place, "by the end of December."

JoystiqSquare Enix: No personal information accessed from SE Members server originally appeared on Joystiq on Tue, 20 Dec 2011 17:31:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hacksecuritysquare-enixsquare-enix-membersTue, 20 Dec 2011 17:31:00 EST<![CDATA[Square Enix: 'no evidence' that personal info was lost in Members hack]]>http://www.joystiq.com/2011/12/15/square-enix-weve-found-no-evidence-that-personal-info-was-lo/http://www.joystiq.com/2011/12/15/square-enix-weve-found-no-evidence-that-personal-info-was-lo/http://www.joystiq.com/2011/12/15/square-enix-weve-found-no-evidence-that-personal-info-was-lo/#comments A report went up on the NHK (via Andriasang) claiming that Square Enix suspected the scope of the intrusion into its Square Enix Members servers to be around 1.8 million people. And seemingly simultaneously, a press release came out of Square claiming that "we have not found evidence that the individual was able to access any personal information at all."

We contacted Square to, well, square these seemingly contradictory stories. A representative told Joystiq that the 1.8 million number refers only to the total number of Square Enix Members users in the US and Japan -- the theoretical maximum number of people that could be affected by the hack. That's not the number of people who were affected; Square maintains that there's been no evidence of any data theft.

And again, since no credit card information was stored on the server suspected of being hacked, that info is not in danger.

JoystiqSquare Enix: 'no evidence' that personal info was lost in Members hack originally appeared on Joystiq on Thu, 15 Dec 2011 20:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hacksquare-enixsquare-enix-membersThu, 15 Dec 2011 20:30:00 EST