Buffer Overflow Found in PSP Firmware v2.0

Doomstalk writes "PSP news site PSP Updates is reporting that a buffer overflow flaw has been found in PSP firmware v2.0's photo viewer. So far it's only been used to corrupt the menu display, but it holds great promise for running homebrew code on upgraded PSPs." From the article: "Thanks to the unknown author(s) for this great starting point to have homebrew on 2.0, all that is needed are coders to extend this knowledge for full homebrew usage on the v2.0 firmware. We cannot say when someone will step up to the plate and write the code for users to run homebrew on a 2.0 using this exploit, but we will definitely have our ears (and email boxes) open and be sure to let you know as soon as we do."

Re:Exploit

There is no point in a PSP Virus, If any of them were mass-bricked, It would end up hurting nobody but sony in the long run because they would have no choice but to fix all the bricked psp's...

I'm sure somebody could write somthing to brick a psp using the lua language...even just ruin somthing by possibly clocking up all 3 processors by insane amounts then make it do millions of simple commands over and over till it breaks... But the only way it would really spread would be way of the homebrew, and its not like wifi would spread it because nomatter what to recive somthing via wifi you must:

1: Have the wlan switch on
2: Have an active connection
3: Accept this file

Therefore any worm that would be released would proove useless...

And if anybody is dumb enough to shop on their psp, well then they should have their identity stolen for not having anywhere near enough security!

--PrimalTheory

Maybe I haven't paid enough attention.....

[bartkusa]

...but I don't think I've ever seen a buffer overflow being celebrated before.

Re:Maybe I haven't paid enough attention.....

[ikkonoishi]

Well you see when companies go to great lengths to piss off their most devoted customers. It becomes an event worthy of celebration when said customers manage to use the product in the way they wanted to when they paid for it.

Re:Maybe I haven't paid enough attention.....

[XXIstCenturyBoy]

Yeah... Did you read the forums posts on the so called "psp-dev" sites? People are asking when will the loaders enable them to load UMD images. Thats all they ask. Very little people actually code anything "homebrew" beside porting emulators (and even that is half assed most of the time).
I'm sure Sony read those forums and it does play a big part in not letting people run unsigned code.

"the japs...."?

"...when the japs..."

You lost me there. Try again with a little less insultingly ignorant speech next time.

Re:"the japs...."?

[Haeleth]

How is that any more offensive than "...when the brits..." or "...when the aussies..." exactly?
Stop being so politically correct, it's just an abbreviation, not a sly insult like "yank" or "kraut".

Speaking as a Briton who does not appreciate people using the term "Brit", I would suggest that you would be well advised to accept that different people consider different things acceptable, and that when a large number of people consider a term offensive, it is polite to avoid it.

A useful tool for finding out which words are considered offensive by a large number of people is a dictionary. How do English dictionaries describe "Jap"?

American Heritage: "offensive slang"
Collins: "often derogatory"
Merriam-Webster: "usually disparaging"

And what do the Japanese themselves think of it?

Kenkyusha Eichuu: "zoku, keibetsu" (slang, contemptuous/derogatory)
Sanseido EXCEED: "keibetsu" (contemptuous/derogatory)

Hmm, there seems to be a common theme here. I propose to you that it might just be the case that this word is, in fact, not one that's suitable for use in situations where you don't want people to assume that you're ignorant, boorish, or even racist.

why do people fawn over closed-source systems?

[Myself]

Why throw your money at Sony, who does their best via DRM and everything to keep you out, when open platforms like the Tapwave Zodiac invite developers in?

Of course, this "feed the hand that bites us" behavior among gamers has already forced the Zodiac off the market -- nobody was buying it.

Ditto XBox! Why do geeks, who should oppose every shred of DRM and proprietarism that the green thing embodies, go out and buy the thing only to turn it into a set-top linux box? Hello? You're throwing money AT the evil empire.

I understand there's a certain challenge to "owning" such a closed system. Fine, show Microsoft and Sony you're better than them. But at the end of the day, all this activity does is encourage MORE of exactly the wrong behavior on the megacorps' part.

The Real Emulation Console is Coming

The PSP and this rather lame exploit which only lets you run up to 64kb which to those who dont know isnt enough to run 99% of homebrew and emulators, yes it creates news but its not going anywhere, thank god the new Portable Linux Console that embraces Open Source Coding has arrived, Emulation and Homebrew with out stupid little exploits, yes im talking about the GP2X http://www.gbax.com/main.pl Once it arrives we can say hello to the future of amatuer coding.

Re:The Real Emulation Console is Coming

[cowscows]

Languages are for communicating. Languages have rules. Rules make it understandable. Some rules involve punctuation. Some times you want to denote the end of one phrase. Then you start the next one. There's a piece of punctuation for this. Yes, I'm talking about the period.

.

I hate to pick on someone for their grammar, but there's a difference between having bad grammar and being so incredibly lazy with your writing that a reader has to go over it five times to understand what you're trying to say.

Don't get overexcited

[quaker5567]

So far only binaries smaller than 64KB can be run and only in user mode not kernel mode. NO ACCESS TO KERNEL NO DIRECT ACCESS TO FIRMWARE Still a long way to go before a full exploit.

Re:Don't get overexcited

[quaker5567]

If it were that easy, all the 2.00 owners would be playing mario right now ;)

Code in user mode can't demand that the kernel do anything. It can ask and see what happens. The kernel will decide itself what it wants to do. There's no direct access to the firmware, thread/process manager etc. from user mode.

Re:1.5 Owner

[Elite+Xizer]

Have you guys not heard of the Firmware changer? There will be no need to upgrade from 1.50 to 2.00 when GTA: LCS arrives. Just run this program and it will let you play it on a 1.5 PSP

Because at least I don't give a bleepin' damn

[Moraelin]

Frankly, I own a gaming console, you know, for gaming. You may notice a highlighted word there. Hint, it's: gaming.

I do not buy it to make some political statement about open vs closed software. I buy it to play games on it. If Sony has the games I want to play, and some hypothetical vendor has this super-open GPL-conform Stallman-approved ESR-blessed platform without many games, you can guess whose I'll buy. Hint: it starts with "So" and ends with "ny".

The whole "feeding the hand that bites us" metaphor is emotional and all, but I don't feel bitten at all so far. I gave them some money, I got some games I wanted in return. If anything, I'm "feeding them" to get more games like those in the future. But more pragmatically, I'm not "feeding" anyone. I'm just acting in my own interest as a consumer, and buying the one that's the better product for me right now.

And if DRM is what it takes to get those games, fine by me. I can still plug the cartridge or UMD in and play the game, right? Well then why should I care what technologies went into that UMD or the loader in the BIOS?

You assume too much that all geeks are like this or that, all are on a zealot crusade against the very idea of commercial software, and all bought an XBox or a PSP just to run Linux on it. Which is just false. I for example am a terminal geek all right, but I bought my XBox to actually run XBox games like Fable or Jade Empire. Even those two alone make it well worth every cent MS got from me. I know only two people who've modded their XBox and that was to add some multimedia functionality and IIRC a bigger hard drive, not to run Linux on it.

Basically rest assured that when you read news about someone's uber-l33t port of Linux to some game console, you're really reading about a small minority that gives a damn at all, and mostly just to show that they can do it. It's the geek equivalent of showing that you can tear a phonebook with your bare hands: it's not actually _needed_ (there are easier ways to destroy a phonebook), it's not what everyone buys a phonebook for, and it doesn't make it a better phonebook than it was before being torn. It's just a way to show off. Unlike tearing a phone book with your bare hands, though, pretty much noone else gives a damn about it.

Now lot more people will care about it if it lets them pirate UMD games and play them off the memory card. (That was the main reason people modded their PS1, PS2 and XBox, btw: to be able to play pirated games.) But even then we're talking freeloaders, not people on a holy jihad for the glory of OSS. Rest assured that _all_ they wanted was to let someone else (e.g., the rest of us paying customers whose money keeps those devs in business) pay the tab for their gaming, not to make some "free as in speech" political point.