Tweet
The PS3's private cryptography key may have been cracked, leading to the console to be cracked forever, with no firmware updates capable of stopping the exploit.
Due to poor design in the PS3's security control systems, where a randomized variable was made a constant instead, the hack means that any code can now be signed to made to look like officially sanctioned code, and there's not a thing Sony can do about it.
In other words, the PS3 can no longer tell legal, authorized software apart from pirated ones that have been signed using the leaked key.
The group responsible for the hack, fail0verflow, says their intentions behind the hack was to re-enable the running of Linux on the PS3. The "Other OS" function on the PS3, which Sony once promoted as an unique selling point for the game console, was used by many to run custom versions of Linux on the PS3 to allow the console to do much more than what is was designed to do. Last year, Sony removed the "Other OS" function on the PS3, ironically due to fears of piracy, and it was this move that ultimately led fail0verflow to begin work on cracking the PS3, and the result could be more piracy for the console than Sony had ever imagined.
This follow the release of the separate PSJailbreak device, its origins was also inspired by Sony's removal of Other OS.
It appears Sony's two major mistakes, one of using a constant instead of a random variable, and two, pissing off the hacker community by removing Other OS.
Here's a video of fail0verflow presenting their hack to the world at the Chaos Computer Club Congress:
More:
Due to poor design in the PS3's security control systems, where a randomized variable was made a constant instead, the hack means that any code can now be signed to made to look like officially sanctioned code, and there's not a thing Sony can do about it.
In other words, the PS3 can no longer tell legal, authorized software apart from pirated ones that have been signed using the leaked key.
The group responsible for the hack, fail0verflow, says their intentions behind the hack was to re-enable the running of Linux on the PS3. The "Other OS" function on the PS3, which Sony once promoted as an unique selling point for the game console, was used by many to run custom versions of Linux on the PS3 to allow the console to do much more than what is was designed to do. Last year, Sony removed the "Other OS" function on the PS3, ironically due to fears of piracy, and it was this move that ultimately led fail0verflow to begin work on cracking the PS3, and the result could be more piracy for the console than Sony had ever imagined.
This follow the release of the separate PSJailbreak device, its origins was also inspired by Sony's removal of Other OS.
It appears Sony's two major mistakes, one of using a constant instead of a random variable, and two, pissing off the hacker community by removing Other OS.
Here's a video of fail0verflow presenting their hack to the world at the Chaos Computer Club Congress:
More:
Comment