PlayStation 'Home' gets hacked multiple times
Sony's new service has been hacked already. It appears that modern development methods have been replaced with time-to-market issues.
It didn't take very long for Sony's new PlayStation Home to fall prey to hackers, with multiple developers already exploiting different areas of the service.
One hack uses Apache and DNS redirection to let you display your own version of PS Home to display movies, text and music of your choosing.
Another hack allows for the downloading of any file you want, like someone's user profile or avatar, and the final near-term vulnerabilities include uploading any file to the Home server or deleting any file from the Home server.
It's not clear to me that there won't be APIs or other mechanisms to interact with PlayStation Home in the ways that the hacks have determined, but I would assume open APIs would make hacking a lot less interesting. Besides the obvious business reasons to release open APIs (increase adoption, ecosystem, etc.) it would give people the option to do more creative and less risky hacks around the core and accessories.
A quote from StreetskaterFU:
SONY f*%&d it really up! First they delay HOME for more than a year, then they delay it a few times again and again till finally we have a HOME beta on a technical standard from 2005 with crappy graphics, a few boring areas and many many many many many many many many bugs.
It's a bit surprising just how weak the security is, especially considering the competitive pressures and the existing knowledge of how to build secure client/server applications. So far it sounds like basic enterprise development techniques would have removed these risks.