Recent Tweets by Zeaun

Posting tweet...

Security

Sony – They Haven’t Learned!

I don’t believe this.  After getting absolutely destroyed in the press, in court of public opinion, and almost dragged into the real courts themselves, Sony has the (ahem) audacity to not encrypt the logon to the PlayStation Store website.

 

Don’t believe me, here’s the HTML of the Iframe that loads when you click, “Login”.

<iframe width=”350″ height=”410″ scrolling=”no” frameborder=”no” id=”signin-iframe” name=”signin-iframe” style=”height: 510px; margin-top: 0px; width: 954px; ” src=”https://store.playstation.com/external/index.vm?returnURL=http://us.playstation.com/uwps/PSNTicketRetrievalGenericServlet”></iframe>

Note the lack of an HTTPS prefix.

Want more proof?

What does this mean to you?  It means that whenever you visit Sony’s PlayStation Store website and you login,… Continue reading

Posted in Gaming, ramblings, Security | Tagged , , , , , , , , , , , , , , , , , | 2 Comments

This is the personal blog of Zeaun Zarrieff & the comments, suggestions, & perspectives mentioned herein may differ from those of companies, organizations, and other individuals with whom Zeaun may be involved.