Security Software Moves to Consoles – Web Filtering for PS3

Ah it seems some companies are having the same idea as me, consoles might well be the next infection vector for zombie style botnets, they have good processing power, the current generation has ample hard-drive space and they are network connected.

The difference with consoles is they tend to be turned off when not in use unlike PCs which are quite often left on.

Still infecting a few million PS3s could be a great attack mechanism – so the latest update for the PS3 is web filtering, the first step towards security software for consoles.

Sony has integrated a website filter into its latest PlayStation 3 firmware. But while use of the utility is optional and, for now, free, neither the console giant nor its security partner, Trend Micro, are saying how much they’ll demand from user whene the free-use period ends next April.

Trend claimed the site blocker, which is part of PS3 firmware version 2.0, posted last week, is the world’s first global internet security service games console.

It’ll be interesting to see how much it costs when it stops being free, and what the uptake is like percentage wise. I have a feeling it’ll be very low.

If users choose to activate the filtering service, which is accessed through the PS3’s internet browser, they must select a password. If a blocked website is then accessed, users can enter their password to view the site.

Trend’s service is free to use until April 2008, it said. Bizarrely, however, it was unable to say how much it will demand PS3 owners cough up after that date if they want to carry on using the service, perhaps to keep inappropriate content away from their kids.

Apparently the pricing structure hasn’t even been worked out yet, but then I guess they just want to get it out there as the ‘first’ security software for a console and increase the branding strength.

Source: The Register

Posted in: Hardware Hacking, Malware

, ,

Latest Posts:

Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.

14 Responses to Security Software Moves to Consoles – Web Filtering for PS3

  1. Pantagruel November 29, 2007 at 10:39 am #

    Darknet’s comments are getting predictive values ;)

    Look like a good idea to get some webfiltering into the latest gen consoles. Many reviews and websites have shown them to have quite some potential ( some companies are even selling cluster options
    But just webfiltering won’t be enough, it will only be a matter of time before PS3/XboX online services suffer from a hack and serve as a distribution point for a PS3/XboX driven botnet.
    When in need of an filtering update you’d have to flash in new firmware (I smell rogue firmware opportunities). This update option would allow for other hacks (no region fix, used alternate media,etc..) enlarging the change of a user installing rogue firmware from not so sound sources.

    Again there is no patch for human stupidity and this webfiltering, to me, appears to be a hurdle easily taken.

  2. dirty November 29, 2007 at 5:18 pm #

    All this sounds like is websense for PS3…and you have to ability to still view the site by entering your password…what sites will be blocked? how often will they be updated?

    I agree with Pantagruel, I dont think this will be enough…

  3. Darknet November 30, 2007 at 7:58 am #

    Well it’s just a start, it shows the paradigm is shifting and companies are going to start developing security software for consoles. Who knows, it might be the next big market.

  4. Goodpeople November 30, 2007 at 10:34 am #

    About time they started looking at game consoles. I agree with all of the above. It’s not much.. yet.

    But it is a start. I suppose this is just the beginning. What bothers me however is that it won’t stay free. Part of the firmware. If you buy the box, doesn’t the firmware come with the machine?

    We don’t pay for BIOS updates for our computers either… And isn’t that the same Trend Micro?

  5. Mitchel Ashley December 1, 2007 at 12:16 am #

    I was contemplating porting the Cobia security convergence platform to Playstation 3 or Xbox360 before I was abruptly terminated last month.

    I see it being important for 2 reasons. First, Cobia’s up take is very slow, much slower than we had planned on and part of it is the hardware requirements. Second, the more hardware that security platforms run on, the more ubiquitous Real Security will be.

    Just imagine for a second your playstation 3 acting as a home gateway, complete with Stratguard Cobia IPS protecting the packets that flow in and out. It’s compelling and once it grows to have a few hundred users, think of the partners that will start developing 3rd party applications for it.

  6. Nobody_Holme December 1, 2007 at 10:21 am #

    Sounds like an attempt to fix flagging sales to me… PS3s suck hard, imho… and that of everyone I know. Also lets thinks… charged for security on your console? I see everyone paying for that one, honest…

  7. dirty December 3, 2007 at 12:48 am #

    Yah I dont fore see people shelling out extra cash for those services when the consoles cost so much in the first place. The last thing a kid or parent is worrying about is security for their console…at least the average player not ones on this site.

  8. Goodpeople December 3, 2007 at 3:42 pm #

    and let’s not forget that most people connect to the internet with a dsl modem. Those things all have a built in firewall.

    I wouldn’t spend a dime on additional security software. I’d fix it some other way.

  9. dirty December 3, 2007 at 5:16 pm #

    IDK about the DSL modem firewall…if that secured everything we wouldn’t have such huge botnets out there.

  10. Pantagruel December 3, 2007 at 8:48 pm #

    @ Dirty
    The big problem is DSL providers supplying their modem/router in ‘bridged mode’ instead of using the firewalling capabilities of the router. Eventhough the majority of consumer router/modems is quite restricted in terms of firewalling/etc they are by far more difficult to get past than a Windows XP box littered with holes and bugs. Biggest problem however is the user switching of the firewall to allow for easy internet for aall attached internet appliances effectively turning the firewall into a ‘bridge’ like mentioned before.

  11. dirty December 3, 2007 at 9:14 pm #

    That was my pretty much my point…my comments above just trying to reflect that end users are ultimately responsible and most are apt to not use security for ease of functionality…….

  12. Goodpeople December 4, 2007 at 8:31 pm #

    @ dirty,

    I agree with you that the end user is ultimately responsible and that most users trade off security for ease of use. But that’s another discussion.

    This discussion is about securing game consoles. My statement is that I would probably not spend money on additional software for a game console, if I can secure the damn thing better in another way.

  13. dirty December 4, 2007 at 8:35 pm #

    I think it is the same discussion….i dont think most users will secure their game consoles…

  14. Sir Henry December 14, 2007 at 5:47 pm #

    I agree with the sentiment that people are not going to initially see security for consoles as a matter of importance. I think, however, that as soon as the console can be compromised and used as a conduit into the rest of the network, the importance of console security will be the latest buzz in the media.