Well the protocol turns out to look a lot like HTTP talking to Apache over SSL. This is no surprise, it's easy to develop with and is the most likely to make through proxies and firewalls outbound.
Nevertheless, Sony seemed to assume that it guaranteed they would only receive valid messages from actual hardware they controlled. This is not a security feature of SSL/TLS which depends on the client doing its part to prevent the absence of a man-in-the-middle.
When the client was hacked, many of their assumptions were violated. We hear rumors of hackers "mapping" their systems onto some internal development networks. What this means exactly I don't know.
But if Sony's primary network defenses were the Maginot line, their dev network probably looked a lot like Belgium.
Nevertheless, Sony seemed to assume that it guaranteed they would only receive valid messages from actual hardware they controlled. This is not a security feature of SSL/TLS which depends on the client doing its part to prevent the absence of a man-in-the-middle.
When the client was hacked, many of their assumptions were violated. We hear rumors of hackers "mapping" their systems onto some internal development networks. What this means exactly I don't know.
But if Sony's primary network defenses were the Maginot line, their dev network probably looked a lot like Belgium.