Slashdot Mirror
PS3 Hacked via USB Dongle
dlove67 writes "PSX-scene.com reports that the first PS3 modchip has been tested and confirmed to be working. Running off of a USB dongle, it appears to be relatively user friendly and claims to not void your warranty. Online gameplay works (at least for the time being). It's been a long time coming; cheers to the PS Jailbreak Guys." The video is attached below if you're curious. Can't help but point out that this wouldn't have happened if Sony hadn't decided to yank the Boot Other OS option.
Sony will disable all USB ports on the PS3 in the next firmware update.
the recent push to "crack" the PS3 OS was due to the removal of that function, which Sony did to try to prevent the cracking of their OS. Oh, the circular eddies of irony that feed our world :D
The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants.
Sony claimed that they removed the Boot Other OS options to prevent this type of hacking.
~ Mooga
Can't help but point out that this wouldn't have happened if Sony hadn't decided to yank the Boot Other OS option.
why? Can somebody please explain? the linked site seems down so maybe that's what I'm missing.
because nobody uses mod-chips to pirate games, they only use them to boot linux and run homebrew, since computers are so expensive and PS3s are so cheap, this is the only option that some people have. There aren't many pieces of consumer electronics that can run linux, you know.
Most of the pirates don't have the technical abilities to hack a console. The people who do have the technical ability and inclination to hack a console, won't bother if they can tinker with it themselves without bypassing the security, which OtherOS allowed them to do. By removing OtherOS, they were basically asking the people with the skills, ability and inclination to bypass their security so that they could put another OS back on.
The initial heavy lifting to hack the original XBox, 360 and Wii were done by people trying to put Linux on them.
Homebrew scene != Pirate scene
The homebrew guys are generally more motivated and talented then the pirates. Almost all console hacks come from the homebrew guys so that they can run their own stuff (and linux).
The pirates tend to take homebrew code and use it to run pirated games.
The entire time that PS2 had the "Other OS" option it was not cracked, because the homebrew community could already run their stuff. Compare that to XBOX and WII both of which have been broken a long time ago. As soon as Sony closed off the homebrew community, the inevitable would happen.
Of course its not so black and white, there is overlap between homebrew and pirates, but not as much as you might assume. Take a look at TeamTwizzers long campaign against pirates from using their code. They even tried in the beginning to have a dialogue with Nintendo about ways to support homebrew and keep the pirates out.
Going back to PS2; even with the "Other OS" option the advanced graphic features were locked, so homebrew games could never take full advantage of the hardware (neither could Other OS be used for pirate games). Some months ago a way was found for full hardware access, and not long after that Sony reacted by removing the Other OS feature.
The PS3 was secure through obscurity (besides any actual security present), much like the Wii was in its infancy (Wii drivechips notwithstanding, those are a whole different ballgame). Obscurity works a lot better than security for consoles, because they are big, complex systems that inevitably have holes. Obscurity is useful up until the first hack is published, which is when people finally get to poke at dumps of your software and expose your bugs. The more you can delay that from happening, the better. The Wii did a good job of this by encrypting and signing every piece of data on Wii game discs, for example. There were bugs, but nobody could figure them out without access to decrypted binaries.
We don't know if someone involved in PS3 homebrew hacking had anything to do with this, but it's certain that whoever did this at the very least used techniques developed as a result of the Other OS remioval during development. Specifically, until the Other OS fiasco happened, there was no way to dump PS3 software and analyze it for exploits. Now there is.
Both the Wii and the PS3 obscurity-breaking hacks were almost identical: RAM glitching to escalate privileges from an unprivileged mode in order to access secure areas. The Twiizer Attack on the Wii glitched the RAM address lines in order to dump secure software and keys from insecure GameCube mode, and geohot's PS3 exploit used RAM glitching in order to make the hypervisor unwillingly give you read/write access to secure RAM while in insecure Other OS mode. When software is obscure, hardware is the only way to go. This Wii attack paved the way for Wii software exploits, and certainly this PS3 USB device is based upon exploits uncovered by dumping via the memory glitching exploits released earlier this year after Sony pulled Other OS.
So yes, Sony basically asked for this by pulling Other OS and angrying legitimate hackers who used Other OS, and now they got what they asked for. I'm just glad some piracy company did it first instead of repeating the story of the Wii where pirates piggyback on homebrew.
The one sad, sad thing is that this is called "PS3 jailbreak". Jailbreak is a very specific term that describes breaking out of a filesystem jail (e.g. on the iPhone), and it's being used on the PS3 purely for "brand recognition". This will just make people associate jailbreaks with piracy.
I know, thats why this story is surprising, because its exactly the opposite as what you just said.
Otherwise they would have at demoed booting linux at least.
Also, I have not read any text of the official release so I don't know if they mention any of this, but this might very well just be coincidence. Or maybe not..
I think most of you are missing the fact that this is running on a debug unit which already has the capability to run unsigned code and code off of hard drives with no restrictions. The USB dongle has nothing to do with that, until this can be show running on a non-debug unit this is very bogus.
The initial heavy lifting to hack the original XBox, 360 and Wii were done by people trying to put Linux on them.
I'm going to back up AC on this one, at least with respect to the Wii. Team Twiizers, the team of hackers (as in, tinkering, not cheaters) have released multiple tools to not only allow and facilitate non-pirate homebrew software to run, they also actually have made efforts to fix critical flaws in Nintendo's design of the Wii. This includes ways to recover a bricked console, which came into play when Nintendo's own official system updates (designed to block homebrew and piracy indiscriminately) were sloppy to the point of being capable of bricking unmodified Wiis.
Team Twiizers also go out of their way to specifically discourage and hamper piracy, including making their software run upside-down on-screen if you've hacked your Wii so much that you must be using it for piracy. They really want to avoid large-scale piracy, because it'll just give Nintendo the incentive to try and lock the Wii back down, depriving everyone of the non-piracy uses for homebrew. They'll happily help with installing Linux on your Wii, and there are guides for using it as a media center, a ScummVM host, and even a VNC client. You can also emulate pretty much every game console in history up to the PS1, as well as MAME, but finding roms (and whatever trouble that might cause) is up to you. However, they make it clear that discussions of piracy are unwelcome.
The problem is that by declining the update, you were effectively locked out of online game play, including for games you already owned. So, they didn't send killbots to your house, but they did force you to chose other OS xor games. For those that bought the console because it could do both, this really sucks.
I like playing FPS games and they are absolutely ruined as soon as you have to deal with.. gamepads.
Give me Classic Slashdot or give me death!