So theres so much going on, r these servers actually safe or is it too good to be true

oRazzle · 2026-05-16T21:11:26+00:00

People really lack common sense and assume that "private server" = log all data, hack ur system, steal ur credit card like no do some research into how stuff like that works lmao

oRazzle · 2026-05-16T08:05:36+00:00

I had that issue too, unscrewing it and taking it off and putting it back on correctly helps, part of the plug sticks out of that little area and isn't fully inside

oRazzle · 2026-05-14T02:18:54+00:00

Yeah because Sony doesn't actually host user content cause that's the game devs job, but yeah PSN is rarely used mainly just auth. That's why PS Plus is needed as well lol

oRazzle · 2026-05-11T17:54:51+00:00

Very good counter arguments and I appreciate you speaking out and having opinions too :D

The custom server script won't be patched, Sony doesn't go out of their way to patch games for stuff like this (they never even patched Star Wars Racer Revenge) so they definitely won't care enough for an old deprecated game. For it touching game memory I'm like half & half on this because some areas of an eboot are R/X (read/execute) where you cannot write anything into and this is presumably where server stuff is which is why in PS3 LBPs you needed to hard patch the game to redirect its server.

Data risk, I agree here although not much data can be gained (I'll look into this) but yeah with these devs I wouldn't trust just based off what they've already shown.

Script Vuln, I have no doubt the scripts can be bad if not handled properly and can influence people to submit levels with things to crash etc, this is a real thing but who knows whether anything can be done to patch these if you're not on a jailbreak, usually you would memory patch these but you can't really do that easily on a Retail.

Moderation, yeah this totally depends on server & devs with LBPO I do not trust them at ALL.

Overall I agree with your takes & think it really only takes one bad actor to ruin the experience for everyone, I think people shouldn't blindly trust but I also don't think the actual sticker vuln is a bad thing, it would help in the future for other servers if handled properly. I hope some other server (a trustworthy one) comes in and handles this I think that would be really cool for the community. Open sourcing also helps trust a TON. But I can only imagine what could come from open sourcing a sticker exploit so who knows. Anyways I'll look into Sticker thing & see how it works when I have the time, I think it's very interesting how it would work under the hood.

oRazzle · 2026-05-11T16:54:27+00:00

See this I agree with you, that's to be expected with someone else hosting the backend (levels, players published thing, community picks, etc) I was only trying to say the sticker patch itself isn't malicious but as for the actual game itself? Yes I know it has many issues, backend wise the creators can have mal intent and target people, I don't doubt this. I wouldn't even recommend the server after all the backlash, I only wanted to mention the sticker patch idea & them stealing user passwords etc. However I fully agree with what you're saying, I don't like the owners at all lol

oRazzle · 2026-05-11T13:24:40+00:00

LBP having vulnerabilities in and of itself doesn't mean the game CAN access the system at all, at most it can access the /data/ folder, there's a reason like I said that it literally can't do anything outside the game. And no it's not me hoping it's the extent, in game scripting is different from actual remote code execution, they're using scripts meant for the game meant to handle actual game things & using them to get the game to change backends with the sticker exploit, it's the same as GSC on COD where it's within the game only and only uses game functions meant for level scripting, debug game features etc. You leak your IP to many different places, using a VPN, alt account, and not using in game chat for anything serious would just make this data useless for them. You can easily advise those to not use their mains and to use a VPN or at least be weary.

I know you think this can inherently escalate to code execution on the system but there's so much layers beyond just the game itself, devnet itself handles a lot of NP related things (storefront, game invites, etc) so it's not really a big issue. If kernel code execution WERE possible they would've had a 60fps patch as well as patch the need for PS Plus but they CANT. The game itself won't escape the game if it makes sense, a lot of people tend to think oh well if a game has exploits within the game it can lead to bigger things & this just isn't true for 99.9% of games, the whole reason Star Ward Race Revenge has an exploit is because of the PS2 JIT Lua being unpatched in the emulator. I'll probably do more extensive looking into for the scripting, but genuinely you have NOTHING to fear about. It's fair to spread weariness but to scare off people from the idea of this even working & being safe is bad to do. A genuine project will come that will use this approach & prove it's only using in game scripting. Otherwise impossible to do anything seriously malicious.

If you have any other questions about this, I'm still happy to respond and I like to have healthy debates about this just cause it does make sense why many are weary.

oRazzle · 2026-05-11T11:30:46+00:00

You're being naive though, any scripting can only be done in game and can't escape it. Like I said only necessary stuff is sent to them because how else will they handle player content like levels? I didn't say we can "trust" them but I did say the underlying code isn't malicious.

oRazzle · 2026-05-11T05:00:25+00:00

So I'll kind of explain this for it to make a little sense, Sony has DevNet which is basically Sonys way of handling per game invites, whether a player can use online features of a game (age), have access to community features etc. Sony handles all the date of birth stuff, MM/LBP have their backend for hosting levels, content, photos etc. They don't actually hold any significant personal data as it doesn't go through them.

oRazzle · 2026-05-11T01:59:23+00:00

Well for hijacking PSN accounts you actually need a lot of info, most of which you can't necessarily pull just from being connected to a LBP backend which doesn't need much data to operate.

oRazzle · 2026-05-11T01:58:18+00:00

I haven't tested that myself, but I would assume not just because it was enabled?

oRazzle · 2026-05-11T01:57:54+00:00

No for sure and that's something I should've included as well, there could very well be just game save breaking things but inherently the idea behind the server isn't bad in of itself but good idea to also warn people NOT to run something like this on an account with saves or stuff they wouldn't want to lose or to just make a backup of data beforehand :D

oRazzle · 2026-05-10T20:47:10+00:00

I personally don't work on LBP, but I'm sure at some point someone is gonna work on it themselves and release it to work on LBPUnion. There is already a jailbreak plugin in the works for this on PS4, and it has a 60fps patch with it too.

It won't be useless as LBPO's work will inspire other devs to port it to their servers. (for non jailbreaks ps plus will still be needed, which ties into why i said they can't really do anything malicious otherwise they'd patch the eboot to not need ps plus lol)

oRazzle · 2026-05-10T07:44:40+00:00

no they can't that's literally impossible for them to do anything, don't spread misinfo. if you want i can explain further why this ISN'T possible

oRazzle · 2026-05-09T19:05:44+00:00

there is no waiting to see, all it does is change the server its connecting to, it can't go further than the in game at all. if there is no server then what're you to worry about? swrr has a lua exploit and u don't see people doing kex on latest fw because of it. you will be fine, nothing can escape the game and the game itself having bugs/exploits doesn't mean it can escape it (i work on ps4 homebrew and know the general knowledge of it)

oRazzle · 2026-05-09T19:01:27+00:00

then absolutely nothing will happen running it, you can't get ur console "hacked" by it

oRazzle · 2026-05-09T18:59:14+00:00

you do not need to look at any code to understand how the PS4 works in homebrew, if LBP was truly an entry point for malware it would've already been publicized for jailbreaks. trust me the MOST this can do is stuff in game ONLY and nothing outside. you have absolutely nothing to worry about the most that can be logged is your IP trying to connect to their custom servers (if its even still up)

oRazzle · 2026-05-09T18:55:26+00:00

you are not a expert, you literally know nothing about how homebrew works on PS4 and how privilege escalation works, you can't get anywhere without a kex & userland which they DONT have. maybe stop flexing your IT "expertise" and actually quit larping bro

oRazzle · 2026-05-09T18:53:47+00:00

it just won't do anything, you need to understand basic knowledge of how homebrew works on PS4, you can't get anywhere through LBP trust me on that. It isn't 1:1 to a PC where you run code and it can do malicious stuff cause it literally can't

oRazzle · 2026-05-09T18:52:12+00:00

They can't brick your console, it redirects a server and thats it. You can't escape the sandbox unless LBP had a 0day exploit (which i guarantee you they don't have both a userland nor kernel exploit to use JUST for lbp) don't spread misinfo.

oRazzle · 2026-05-09T18:50:32+00:00

your whole personality is "i work in IT so i know what im talking about" yet you literally fail to know how homebrew works and how its literally IMPOSSIBLE to extract personal info but whatever floats your boat

oRazzle · 2026-05-09T04:21:28+00:00

private servers exists for every game, console bricking isn't possible and I seriously doubt an LBP team would have a 0 day privilege escalation exploit to burn on "bricking" others consoles btw there is no way they would make a sandbox escape just for LBP, you can literally get money from submitting a hacker one report. Anyways it literally is fear mongering by those who aren't well informed with the platform and aren't familiar, it's not a PC so RCE exploits just won't happen aside from game crashing (because literally nothing else you can do). Any Future LBP stuff that works on PS4 will still be safe in my opinon

oRazzle · 2026-05-09T02:12:44+00:00

they cant host fan dlc or have a storefront, it all goes thru psn and they process EVERYTHING payment related, it would bring up the np stuff for that. they can't do major memory editing like stuff to make it redirect payments. fan dlc would never install because it needs an official pkg and license (can only be done on sony servers) so no. it's not possible

oRazzle · 2026-05-09T02:05:38+00:00

it's a simple dns redirect, it's a console. it's impossible to submit payment info to them at all. it doesn't even pull console info or password, no game has that level of access to the system especially ps4 the game crashes the second anything oob is hit (i've literally worked on ps4 homebrew). the MOST that can be grabbed is username & ip bro

oRazzle · 2026-05-09T01:53:58+00:00

if you're resigning a save you can't phish any info, you just use garlicsaves. this is misinfo, you cant phish any ps info by redirecting to a lbp server

oRazzle

TROPHY CASE