Ever wondered how your Pip-boy app worked with your copy of Fallout 4? A fan with the technical knowledge to figure it out actually tinkered on the back end. The results seem scarily vulnerable.
As you may have noted, our source, and said hacker, works in cloud computing company Rackspace, selling a managed cluster service called Carina. Getting around the jargon, this is what our enterprising fan did:
He figured out the running servers for Fallout 4 on his PlayStation 4. When he figured this out, he also realized his Pip-boy didn’t know his console’s IP address, and so the Pip-boy and his game were communicating in a different way. He eventually learned that Pip-boy creates a sophisticated little miracle; it makes servers of its own using two ports to interact with your copy of the game.
Our source then played with the servers some more, figuring out how to ‘spoof’a Fallout 4 server, or in plain English, make a fake Fallout 4 server that can pass for the real thing. This fake server does such a good job at impersonating a real one that the Pip-boy finds and connects to it like it’s the real thing. Finally, he figured out how to get the data from the communication between the Pip-boy and the game and dump it, AKA make a copy of the raw data.
Does this discovery make the Pip-boy vulnerable security-wise? This Redditor argues no, but chances are if you’re reading this, you wouldn’t know enough to make a call yourself. For what it’s worth, our source is thinking of benign, fun applications of his exploits, such as mapping out where he and his friends are on the Fallout 4 map at any one time.
How does this make you feel about the Fallout 4 Pip-boy? Share your thoughts with us in the comments.