Open Source PS3 Jailbreak Released

tlhIngan writes "Despite all the lawsuits and injunctions by Sony to keep the PS3 Jailbreak out of modder's hands, it appears that a third party has made a clone. The best part is, it only requires a cheap (approximately $40) development board by Atmel, and the requisite software is open-source. Get the Atmel code from GitHub and apply a small patch which will enable backup play (the code by itself only lets you run unsigned code, the patch allows for BD backups). The code is GPLv3. It would be highly ironic if someone ported this to Linux USB Gadgets, then you could use a Linux device to jailbreak your PS3, to which Sony removed Linux functionality. An Android phone would be suitable."

Hehehe

[Jorl17]

"It would be highly ironic if someone ported this to Linux USB Gadgets, then you could use a Linux device to jailbreak your PS3"

Nice way to ask an entire community of nerds to do that for you!
Now, let's get working!

Re:Hehehe

[dch24]

That's a great idea.

The required ATmega device is so cheap, I'd just buy one of those if I ever needed it.

How long until psnews.com and github.com receive DMCA takedowns?

Re:Hehehe

[Serenissima]

I can't understand why any of you own a PS3 in the first place.

Really? I mean.......really? You can't think of a single reason why anyone would want one?

Re:Hehehe

[nebaz]

Because it runs Linux?...oh wait.

Re:Hehehe

[jpapon]

Really? I mean.......really? You can't think of a single reason why anyone would want one?

Seriously... I mean, it does EVERYTHING. Or so I've been told.

Re:Hehehe

[xtracto]

Because we like the games?
And the other alternative charge to play online?
And the other alternative has not the games we like?
And the other alternative is buying a computer? (which also may not have the games we like)

I own only a Wii but I have a PS3 in my wallet's sight :)

I have been thinking between buying an Xbox or a ps3... but after xbox live price increment, the PS3 has more and more points (free netplay, blueray, better graphics... and soon homebrew)

Re:Hehehe

[amolapacificapaloma]

I can't understand why any of you own a PS3 in the first place.

Really? I mean.......really? You can't think of a single reason why anyone would want one?

Well, the single reason I can think of is hating Microsoft more than Sony. It's tough call though.

Who do you hate more, the guy that killed mommy or the guy that killed daddy? (Think of this as a lyrical exaggeration, of course)

Re:Hehehe

[ThoughtMonster]

Now, let's get working!

http://kakaroto.homelinux.net/2010/08/psjailbreak-usb-gadget-kernel-driver/

There you go. Still not released, but well underway (check the blog for updates).

Re:Hehehe

[hardburn]

False dichotomy. Why can't I also hate Nintendo?

Re:Hehehe

[MikeFM]

My Dell came with Windows on it. Doesn't that count as a root attack?

Re:Hehehe

[erroneus]

I more or less agree with you on this, but the slashdot demographic is still quite diverse in many ways. We have Apple fanbois, Windows fanbois (AKA trolls) and others. We have people who practice what they preach and others who preach but fail to practice.

Personally, my boycott of Sony is for reasons of quality that goes back a very long way. The only Sony device I ever owned that was any good was my camcorder... I still have it but haven't used it in a very long time. All other things ended up failing just after the warranty expired. And they are just JUNK. My Clie's battery stopped working rendering it useless. I was given one Sony laptop and later bought one of more modern hardware components which then introduced me to the compatibility and performance hell that is "neomagic" or something like that... a really crappy video chip set that, if I recall, is related to the GMA500 video chipset that Intel will never and can never fully support under Linux. That was quite some time ago and I started hating Sony for that back then and since that time, nothing has shown me that they have done anything to improve their image ... quite the contrary, the rootkit incident was icing on the crap-cake. This "removed linux support" matter was just another "I told you so" thing as far as I am concerned.

I will never buy a Sony anything.

Everyone who sets aside their good senses so that they can play some games are doing themselves no service at all. I'm anti-microsoft, but I still have XBox360... actually, two and an original XBox... all that so I can play with my sons. I can't bring myself to own a Wii... it feels stupid. And if I want exercise, I'll ride my bicycle -- it's more fun.

Anyway, most people here are pretty weak when it comes to character and standing by their positions. I say this because of all the "types" of people I see here on Slashdot, I can't say that I have noticed many Sony fans or even Sony apologists. So either they choose not to speak up or there are a lot of people who prioritize games over good character or good sense. (This, by the way, partially describes addiction and other mental inconsistencies like religion... seriously, how can you have a rational and logical mind and still leap to answer life's questions with "god magic"?)

Re:Hehehe

[Yetihehe]

Nintendo is the uncle who smells funny.

Re:Hehehe

[ArhcAngel]

I think you forgot to use your sarcasm (~S) flag there. At least looking at the replies and your being modded Flamebait and all.

Re:Hehehe

[aztracker1]

Honestly, I hate Sony a lot more... mainly because I have friends in IT who had to spend a lot of time removing the rootkit. MS, while making some really annoying calls, and more than a few questionable ones, hasn't really harmed me, or anyone I know nearly as much as Sony. People can still replace parts of windows, or install another OS on their PC... Sony controls the hardware side, they also control a lot of the content, I think it's more a conflict of interest than most of what MS does (though they're in a similar position on the consoles). My son has an XBox 360, and a PS/2... the PS/2 was before my personal boycott on Sony though. Sony has lost a lot more money from me on the hardware (TVs, AVRs etc) than they ever would have made on the media from me.

Re:Hehehe

[aztracker1]

I'd call myself more of a .Net fanboi than a windows fan myself... I dabble in Linux and my laptop is a Macbook. I tend to use/buy whatever is best for an expressed purpose... I've avoided, as much as possible, all things Sony. Though there are a couple of TV shows that I watch that has their media division behind it :( ... I've voted with my wallet. I also tend to avoid buying anything with an olympic logo on it. I've actually avoided, so far, getting a Blu Ray player, though I may give in (I want HD content damn it), I won't be buying a Sony branded one at least.

Re:Hehehe

[Shadis]

Yeah but he is the RICH uncle that smells funny!

Re:Hehehe

IBM made the PS/2, Sony makes the PS2.

Re:Hehehe

[TheCRAIGGERS]

Just as long as you realize you're supporting a conglomerate that is actively trying to remove all your rights concerning copyright, among others.

To put it more bluntly, you're giving money to a lobbyist group so they can screw you with it.

Re:Hehehe

[mcgrew]

Well, the single reason I can think of is hating Microsoft more than Sony.

Hmmm, I'm no MS fan for sure; I hate the way they design and write programs. But none of their evil has been directed towards me, whereas Sony rooted my PC and really fucked it up. My daughter bought a CD at the now-defunct record store she worked at, and trusting that a big company like Sony wouldn't deliberately put malware on their products, ran the programs.

ALL of my music recording/burning/ripping software was trashed; my P2P apps were trashed, my CD burner was rendered read-only. None of this software would uninstall or reinstall. Sony pwned me good.

And I am not a pirate! Fercrissake, she fucking BOUGHT the CD from a music store. This is Evil with a capital E. Maybe two or three Es. Those bastards should have gone to fucking prison; if I did that to their computers you can bet your mom's ass I'd be in prison.

When I reinstalled Windows (running '98 back then) I discovered that I'd lost my CDs holding my audio and video drivers. The audio driver wasn't available over the internet (that I could find viewing at the 640x480 not having a video driver limited me to) forced me to "upgrade" to XP (and I never saw much functional difference between XP and 98 except they moved everything around), costing me a hundred bucks, and I had to buy a USB sound box. And spend all afternoon installing XP and all my apps, some of which wouldn't run in XP.

As much as I dislike Microsoft, as evil as they may be they've NEVER gone to those depths of evilness, at me anyway.

These days, I do hardly any gaming so as soon as I can get Linux installed on my netbook I'll pretty much be MS-free. If MS came up with an app I felt I really wanted or needed, I'd buy it in a heartbeat, but no way could I ever trust Sony again. Shit, I trust Evil-X more than I do Sony, and that's saying a lot! If Sony sold cookies I'd suspect they'd tainted them with rat poison just in case I was a pirate.

And, for a game box, there's always Nintendo if you hate both MS and Sony.

Re:Hehehe

[mcgrew]

I can't say that I have noticed many Sony fans or even Sony apologists.

Um, look at the score on my original anti-Sony comment. There are at least two Sony fanbois here with mod points, as it's sitting at -1 flamebait. And it happens every time I mention Sony's evilness.

Re:Hehehe

There really is no company that you can expect quality from across the board. I've never bought Sony products, but that's simply because I don't believe in buying brand name products at inflated prices, not because I have some personal vendetta. I have not heard of any reason to doubt the quality of Sony's PS3 and it is priced competitively (ignoring the Wii of course), so if I were in the market for that sort of thing the sheer fact that it was made by Sony wouldn't stop me from purchasing it. I question that it's a sign of character to choose not to support quality products simply because it's made by a brand who has burned you in the past. I have yet to see a brand that hasn't flopped, and flopped bad. So basically your just choosing to support another brand based on the sheer fact that you were lucky enough to not get burned by them. I've known a lot more people who have gotten burned by MS's gaming consoles than by Sony's. I've had numerous students come up to me asking for advice about their overheating, and eventually broken, Xbox's. If your example of "character" just sets you up to be bent over by a second company, your eventually going to run out of options. I believe it would be a much better show of character to actually research your options and choose the best one regardless of company.

Re:Hehehe

No one was affected by that silly rootkit, whereas billions of dollars and millions or hours are wasted each year fighting spam, virii, trojans, worms and malware. All because Microsoft refuse to fix their never ending stream of shitty insecure OSes and applications. It your "friend in IT" is real, he's spent 99% more time fighting this crap than someone that inserted a particular music CD into their PC.

Re:Hehehe

[mcgrew]

No sarcasm, I'm serious. Looks like Sony fanbois (or employees) have mod points today. No matter, it won't hurt my karma; every anti-Sony comment I post gets modded like that.

Re:Hehehe

[mcgrew]

Bah, it's easy to get rid of that. Pop in the Linux install CD and half an hour later (most of which you can spend reading a book) your PC is MS-free. Now, if I'd had Linux on that PC instead of Windows Sony couldn't have hurt me.

Re:Hehehe

[StuartHankins]

+1 Agree Sony is evil. Same thing happened to me.

What would have been helpful -- and I'm really not trying to start a flame war here, just giving food for thought -- is if Windows could be upgraded easily without trashing the apps and user settings. If there were some sort of migration possible, I know I'd be more likely to get excited about trying Windows 7 instead of sticking with XP in my VM.

Recently I upgraded to Snow Leopard from Tiger. That's 2 versions away. I installed a second hard drive in my laptop because the original drive was only 160GB, and did a clean install of Snow Leopard to that drive. When the install was complete, it asked me if I wanted to import settings, documents, applications, etc (all had checkboxes, but all-or-nothing from each category, for instance all documents not just certain ones). It asked me where the data was (on the network, connected via FireWire, on another drive etc). I told it which drive had the data and let it do its thing.

When it finished I had the same icons on my desktop, all my apps (including Parallels, which is virtualization software), all my VM's, all my system passwords, my location-specific network settings, printers, preferences, user dictionary, screen resolution settings (including my second monitor settings), documents, custom pass-through printers, crontab settings, shell scripts etc etc were there. If some of the icons hadn't been different I would have sworn no upgrade was performed.

And yes, some printers weren't connected at the time and required me to download drivers later (Ricoh and Canon network printers) but really it went FAR easier than I could have ever expected.

Microsoft would make a KILLING if it were that simple to upgrade their consumer OS's. Surely this is within their grasp, and it's just a matter of time before it's considered archaic to have to import and re-install applications and settings. The closest I've seen to this holy grail on the Windows side is Acronis TrueImage, which allows installation to another machine even of differing hardware. Its limitation is primarily in the extra cruft you have to remove after said image is applied -- for instance HP drivers aren't needed on a Dell system.

Re:Hehehe

[geminidomino]

Nintendo is no saint at all, but I don't think it has reached the same Evil Overlord status as MS and Sony.

Apparently you don't remember the late 80's/early 90's.

They made Microsoft and Sony look like Google. (Okay, a little tongue-in-cheek simile, but the point is sincere).

Re:Hehehe

[Mordok-DestroyerOfWo]

I'll be honest, I popped in the latest incarnation of Metroid last night and was pretty much blown away by the graphics. While it still may not be on par with what Sony or Microsoft is capable of, it sure is more than I had come to expect from Nintendo.

Re:Hehehe

[Doc+Ruby]

The thing about Microsoft's monopoly is that it's been around so long, and its backroom influence is so subtly orchestrated (as proven in the monopoly court) that you just don't know what life in IT would be like without the monopoly in action. Microsoft is a lot more than just the XBox.

Re:Hehehe

[Pentium100]

I will never buy a Sony anything.

I have a Sony WM-D6C - works quite well, sound quality is great. Though probably it was made when SOny meant quality.

Oh, and I also have a Sony Handycam DCR-HC-90E - I got it really cheap but with a broken LCD which I replaced, also works well.

Re:Hehehe

[xtracto]

Sony founded: May 7, 1946
Microsoft Founded: April 4, 1975

So mmm... Sony's closed proprietary business tactics have been quite a long time before Microsoft

Re:Hehehe

[Doc+Ruby]

So? Sony isn't a monopoly. The question isn't which has been around longer. The question is which has a bigger effect on IT. Microsoft's monopoly undeniably has a bigger effect on IT than does Sony's business practices.

Re:Hehehe

[Sancho]

MS, while making some really annoying calls, and more than a few questionable ones, hasn't really harmed me, or anyone I know nearly as much as Sony.

I think it's more a conflict of interest than most of what MS does

I think this is only because Microsoft has become a de facto standard on the desktop, and because people have short memories. Had Microsoft behaved ethically in the 90s, the PC landscape would look very different (and would likely be better.)

Re:Hehehe

[Sancho]

If you're a consumer you're almost certainly doing this. Unless you bought your home outright, only shop at local farmer's markets, sew your own clothes, and don't purchase any entertainment to speak of.

Re:Hehehe

[bsdaemonaut]

Maybe .. but it was worth every minute.

Re:Hehehe

[Dreadrik]

I can't say that I have noticed many Sony fans or even Sony apologists. So either they choose not to speak up or there are a lot of people who prioritize games over good character or good sense.

I like their TV's and the PS3, but I'm not exactly a fanboy. I don't think their business practices are much different than any of the giants'. I thought the rootkit scandal was embarrasing, but I don't get why MS got out of that mess so easily, while Sony became marked for life.
I tried to question an anti-sony rant here one time before, but got modded to hell (even though it turned out I was right), so at least I am very careful when trying to defend Sony.

Re:Hehehe

[shentino]

Thing is, Sony doesn't like homebrew.

From the POV of the game vendors, homebrew and piracy are the same thing...competition.

Sony's incentive to stop piracy comes from pressure by game vendors.

Re:Hehehe

[wilgibson]

Agreed, Metroid: Other M is pretty stunning graphically. Makes you wonder why a lot of the games on the Wii look like shit when you can pick up a beautiful first/second party game without having to worry about your eyes bleeding! Now, if only they could have taken out the pixel hunt portions of the game...

Re:Hehehe

[jonwil]

Microsoft's problem is that unlike OSX where apps generally put things in one place (documents in a documents folder, settings in settings files etc), on Windows, its impossible to know where apps may have put things.

Some apps put their settings in the registry under HKEY_CURRENT_USER
Some apps put their settings in the registry under HKEY_LOCAL_MACHINE
Some apps put their settings in a config file in the windows or my documents folders.
Some apps put their settings in a config file in their own folder.
Some do all of the above.
Not to mention all the apps that do things like register COM objects, install system services and who knows what else.

Re:Hehehe

[aztracker1]

*cough* Blu Ray *bough*

Re:Hehehe

[aztracker1]

I don't know, the DR-DOS stuff was pretty f'd up, but IE was way better than what Netscape had when v4-6 of IE were new... I have a Macbook, a Win7 desktop, and tend to do a lot in my linux VMs, I don't know that it would be much better today without MS... MS is a target to compete against.. it's the IT industry's Goliath...

Re:Hehehe

[StuartHankins]

Yes I agree, it's a mess, but certainly Microsoft can change this. It wouldn't be the first time that API's or direction has changed, and if it's for the better good...

I'm just thinking as technology continues to advance so quickly, why not improve the process? It would result in more machine sales; I think most people are concerned about migrating their data and programs which right now is a royal PIA. Moving a profile is relatively simple but the rest, not so much.

How does Apple accomplish this? I know on Linux you have package managers such as RPM which help identify components, give CRC's and install info. I know OS X uses "receipts" of some sort to do similar things. It just seems like if others can do portions of the task, the process should also be adaptable to Windows.

And yes for simplicity's sake I'm ignoring crazy apps (looking at YOU Adobe) who write to unpartitioned space for some DRM.

How does Apple get publishers to fall in line? Better system or better stick (to beat up the ones who don't do as told)? If there's something to be gleaned / copied from this, I hope somebody sees it and acts on it.

Re:Hehehe

[Doc+Ruby]

Blu-Ray is not a monopoly any more than "Sun's" Java is. There are other vendors than Sony to buy Blu-Ray from.

And even if it were, Blu-Ray doesn't exert anywhere near the influence over IT as Microsoft does - if any at all.

Re:Hehehe

[Nursie]

Nice way to condone piracy idiot... let's not pretend anyone wants to use for the things like Homebrew.

Fsck off, troll.

Some of us DO want to use it to keep our legitimate games libraries on hard disk. There's zero technical or legal reason that the machine shouldn't do this, it's just an annoying DRM measure. I know defeating DRM is itself now illegal, but that's a travesty of justice IMHO and not a law I will respect.

So you can go on about condoning piracy all you like (and I know that a lot of people will pirate whatever they can get their hands on) but it's not everyone that's interested in this mod. I can do this with the PS2, I could (if I had more than 1 game) do it on the Wii (where it an also do things like bypass annoying region codes).

Frankly a PSN ban wouldn't be too much hassle. I never play online multiplayer and new games that require firmware updates usually come with them on disk, or they can be downloaded from a PC. So long as Sony don't actually brick these jailbroken PS3 consoles, which they may, then I don't actually care that much.

Re:Hehehe

[Andorin]

How did you get modded up with a comment like "No one was affected by that silly rootkit?" Apparently enough people were affected that the Texas Attorney General sued, class action suits were filed in New York and California, and even even Italy, the EFF, and the FTC investigated Sony over the rootkit scandal. Dismissively saying that nobody was affected by it is just ignorance or trolling.

And it wasn't just "a particular CD"; it was a nice list of titles; 102 different albums in total according to Wikipedia. Millions of CDs. MediaMax alone went out on 20 million discs.

Your point that other IT concerns outweigh the problems with Sony's rootkit is valid, but you're comparing apples and oranges here. And the way you dismissed the seriousness of the rootkit makes you look like a fool or someone with an agenda.

Re:Hehehe

[GrumblyStuff]

Any support to a company that shows... oh, let's say 'immoral' attitudes toward their customers, suppliers, the environment, or people in general says that you are ok with that. That, not only do you condone their actions, you are supporting their continued existence and harmful actions.

Sometimes it's all about the product. Sometimes it's about what went into the product.

Re:Hehehe

[aiht]

Or is Nintendo the guy who killed the uncle who smells funny?

Re:Hehehe

[riT-k0MA]

Can it make me a cup of coffee?

Re:Hehehe

[TheCRAIGGERS]

Some companies are worse than others. Perhaps it's my own ignorance, but I can't recall any instances of Levi trying to erode my rights, nor the local market I shop at.

I understand the point you were trying to make, but either I'm too naive or you're too paranoid. While most companies would surely try to erode our rights if they could to further their own business, not too many have the means.

Re:Hehehe

[Yfrwlf]

That's why they join together to pay lobbyist groups. There is no paranoia here. Companies trying their hardest to screw you over as a consumer is as obvious as a pink elephant pulling an ice cream truck playing jingles. Everyone knows corporations run the government, what rock have you been living under? All laws are written by the lawyers of the corporations and corporate lobbyist groups who want to see themselves take a bigger piece of your pie, further eroding the economy and making your quality of life suck as they get more money for contributing less. I'm glad Obama at least asked the right questions like "why is it your parents could afford a big house, only one of them had to work, they could buy several cars, afford college educations for all their children" etc, but of course since he is a corporate puppet he didn't try too hard to answer that question other than "corrupt politics", and certainly has not tried addressing the actual reasons for all of it.

Re:Hehehe

[damien_kane]

Can it make me a cup of coffee?

With a few simple mods (remove the case, find something metal inside that heats up), sure, you could boil water and dissolve instant-coffee crystals with a PS3.

Oh, you meant a good cup of coffee?

Re:Hehehe

[badkarmadayaccount]

Are you alright man? Sony is way worse than M$, IMNSHO.

Re:Hehehe

[llamapater]

I'm confused as to what your saying? rpm is to msi not rpm is to config file or user/home directory, and linux has some of that setting janglry too main repositories clean it up. However, if you install third party debs or rpms or install from source it will tell you were it will go, but it'll basically go wherever it wants. I guess the telling were thing is a step up. I never liked that registry thing they could at least clean it up to make sense then people might not put there keys in what looks like random places.

Re:Hehehe

[mr_mischief]

Well, you completely skipped over OS/2 and the intentional screwing of IBM on OS/2 and Windows 95 incompatibility. You didn't mention Microsoft dropping or threatening to drop reseller licensing for white box shops that installed any OS other than DOS or Windows. You didn't mention MS charging a license fee for every white box system sold by resellers, forcing them to charge for both Windows and some other OS if they preinstalled some other OS.

You didn't Microsoft funding SCO in their FUD campaign against Linux or Microsoft's own FUD against Linux. You didn't mention the almost 300 patents Microsoft claims are infringed by open source software -- patents it refuses to name and alleged infringements it refuses to cite.

You didn't Microsoft basically saving Apple by buying stock and putting out Office on Mac.

You didn't mention trying to subvert the Unix market by claiming POSIX compliance for NT even though it was a horrible hack of a compatibility layer that separated programs into "Windows programs" and "POSIX subsystem programs" that couldn't really interoperate through the OS.

You didn't mention Microsoft putting out office software that is tied to a multitude of undocumented OS calls it wouldn't give the competition the chance to use.

There's no mention in your post of stealing the Stacker technology for DoubleSpace disk compression.

Where's the information about Microsoft creating frameworks for their own OS that are targeted by their development tools but not documented well enough for Watcom, Borland, Portland Compiler Group, and others to target?

Do you really think Word, Excel, Access, and Outlook pushed out WordStar, WordPerfect. Lotus 1-2-3, dBase, Groupwise, Notes, and all the other competitive software on merit alone?

Re:Hehehe

[mr_mischief]

I miss playing Tetris during the installation on the system getting the installation done. It's a real shame Caldera went evil.

Re:Hehehe

[PopeRatzo]

I have no interest in their stuff. In the end the PS3 is still the most consumer friendly of the current batch of consoles (even after their evil removing linux support stunt).

No, PS3 happens to be the platform you own, so you're rationalizing your decision by saying they're more "consumer friendly" (I notice you don't say "user friendly").

I'm just glad the PS3 is one step closer to being so thoroughly hacked that some energy is put back into real computer gaming where everything isn't clumsy third-person-on-rails and your character can't decide whether to jump over that box or use it for cover.

It would be wonderful if the playing field was leveled once again and not every game for the PC had to be a horrible port from a much inferior system. Every so often, I'll play a game that was actually designed for a real computer (via Steam. Yes, I pay for the games that don't suck). It's always amazing how much more fluid and connected you can feel to a game when you're not playing marionette characters and A,A,B,A,Up,Down button combos and the game is designed around possibilities instead of designed around limitations.

And please don't try to tell me that piracy is what's killing PC gaming. There are PC games for which piracy is minimal, and there are PC games that are easy to pirate that still made a lot of money for the developer. The people who love gaming will pay for games, but when you're charging $60 for 5 hours of gameplay, I want to know the game's not a piece of shit before I plunk down my credit card for a "no returns" purchase. COD4 MW2 was pirated within hours of release, yet it still made money on the PC platform. If it had not been available on consoles, it still would have been a big money maker just on PC.

The best situation would be if consoles were as "un-secure" as the PC, so the platforms could really be compared properly. I have no doubt that there would still be great games for every platform even if they were all "jailbroken".

Re:Hehehe

[msoftsucks]

Actually, Microsoft has a similar thing. It's called Windows Easy Transfer . I recently upgraded a network of 30 XP computers to new Windows 7 machines in under a day, with all the files moved to their right places after the upgrade. You install this software on the old machine and save files and settings to a network share or external device. Install a new machine or upgrade the old and then use the same software to restore your files and settings. The one failure of this sofware is that it doesn't handle version changes of software very well. The old machines had Office XP while the new ones had Office 2010. Not all of the Office XP settings came through, but I took care of that with a couple of group policies.

Coming soon!

[Kenja]

The closed source patch that fixes the exploit used by the open source project.

simple solution

[shentino]

All Sony has to do is sign their firmware, and make it so that the hardware won't accept anything other than Sony approved updates.

Do they do that already?

Oh, and another solution: Mark updates with an expiration date such that the unit will refuse to run if its firmware is too stale.

Re:simple solution

Not only is it too late to have that happen on PS3s, but they do used signed firmware, look into how the exploit (and firmware singing, and even the intial hypervisor jailbreak that lead to Other OS being removed) before you start discussing what Sony should do.

Do you think it would have taken this long if all someone had to do was just modify the firmware and reupload it?

Re:simple solution

[Ironhandx]

Please, please don't give them ideas.

This is like the Net Neutrality folks yelling for net neutrality and the big wigs at the telecoms going "Shit, we can do that? Why aren't we doing that? We need to do that!"

Sony has enough bad ideas already.

Also that other solution would probably have a bug included that bricked the PS3 if there was a power outage or something knowing Sony.

Re:simple solution

[fattmatt]

But will they bother? Clearly they are going to sell several million PS3 units on the back of this exploit.

They may bother if they still lose money on console sales ... they may be breaking even by now. If so this hack destroys their true revenue stream.

Re:simple solution

[LingNoi]

Actually all Sony really has to do is give people a way to run home brew on their own systems without letting pirates in and none of this would have ever happened.

Since they screwed that up now the cats out the bag. People aren't going to stop hacking it until they can run their homebrew and linux again.

Re:simple solution

[hardburn]

Oh, and another solution: Mark updates with an expiration date such that the unit will refuse to run if its firmware is too stale.

If they ever do that, I will have to kill somebody. Besides the obvious reason, I have a driving wheel that won't work unless the system date is set before 12-22-08. The bug has been there for well over a year and there's no sign its getting fixed.

Consider that the one and only reason I bought a PS3 over a 360 is to play GT5. See how well that decision worked for me?

Re:simple solution

[mzs]

This is exactly the truth. I am upset with every place linking to the patch to allow 'backups' when I just want OtherOS and homebrew back.

Re:simple solution

[Animaether]

I never quite understood that "If only they'd allowed homebrew, none of this* would have happened!" reasoning.

After all, you can certainly run homebrew on a PC, but this* still happens.

In addition, you -could- run homebrew on the PS3. You didn't get access to the BD, you didn't get full access to the graphics bits and pieces, but you could run homebrew. Apparently that wasn't enough for some, somebody decided to poke at the hypervisor to gain access to these resources, and once they started succeeding a bit, OtherOS was nixed on the older models as well, citing 'security concerns'.

*"this"?

Get the Atmel code from GitHub [which] by itself [...] lets you run unsigned code

Seems like homebrew and linux were possible right there and then...

and apply a small patch which will enable backup play

Right. Backups. I guess that's really what "this" is.

Sounds rather threatening. Open your platform to homebrew, without restriction, or else we'll open it for you - and make it stupid-simple for this* to happen as a(n un)fortunate 'side-effect'.

That out of the way.. I'm looking forward to an actual thriving homebrew scene for the PS3, with lots of indie developers making the games for PS3 they always wanted to but never had the funds to become a licensed developer, and didn't have the access they needed to develop their envisioned games.

Re:simple solution

[RyuuzakiTetsuya]

You mean to say that if Sony let people run arbitrary code pirates wouldn't want to try to exploit the system to play ISO dumps?

Do you understand how ridiculous that is?

Do you still believe in Santa Claus?

Do you want this 20 acres of swampland in Arizona I've got?

Re:simple solution

[RyuuzakiTetsuya]

By people you mean, Geohot.

Are you sure people haven't been at this since the PS3 came out?

Re:simple solution

[LingNoi]

You seem to be confused with yourself..

In addition, you -could- run homebrew on the PS3.

You claim here that you can run homebrew, even though you go on to state there is no graphics access which makes your whole statement pointless with regards to games.

I'm looking forward to an actual thriving homebrew scene for the PS3, with lots of indie developers making the games for PS3 ..*snip*... and didn't have the access they needed to develop their envisioned games.

and here you say it prevents them from running homebrew. You can't even agree with yourself which is pretty funny.

Sounds rather threatening. Open your platform to homebrew, without restriction, or else we'll open it for you - and make it stupid-simple for this* to happen as a(n un)fortunate 'side-effect'.

What's threatening about pointing out that if Sony had not simply disabled certain features these hacks never would have been made.

Pirates aren't an issue here at all which you seem to think is so important. I'm in asia and can simply walk into the shopping mall and come out with a modded PS3. People here have two consoles if they want to play online. One chipped and one non-chipped for the games they really care about.

Homebrew wouldn't have any effect on how things run and very few people have a legit console here.

Re:simple solution

[LingNoi]

It's really simple what I mean. Stop typing and RTFA.

Re:simple solution

[RyuuzakiTetsuya]

I did read the fucking article.

No where in the article was OtherOS mentioned, nor was it ever mentioned why, just how. There have been efforts since the damn thing came out to hack the console and they haven't been very successful until about now. I'm not even sure if Geohot's work lead up to this, to be honest.

Re:simple solution

[tomz16]

Oh, and another solution: Mark updates with an expiration date such that the unit will refuse to run if its firmware is too stale.

The xbox360 already does this with e-fuses (e.g. certain updates blow an e-fuse which prevents older firmware from running)

Re:simple solution

[Sir_Lewk]

a reasonably priced upgrade

For a bug like that, any price is unreasonable.

Re:simple solution

[Sancho]

Right. Backups. I guess that's really what "this" is.

Well, I do want to play backups. And I have the legal right to make them, and to use them instead of my regular media.

Re:simple solution

[DrXym]

Actually all Sony really has to do is give people a way to run home brew on their own systems without letting pirates in and none of this would have ever happened.

Bollocks. The PS3 had Other OS support precisely until someone started hacking it to gain unauthorised access to the hypervisor including potentially the ability to run pirated games.

Re:simple solution

[smallfries]

Right. Backups. I guess that's really what "this" is.

I own a PS3 and I'll be looking into specifically for this feature. Fuck backups. And fuck piracy too. I don't mind paying for games, but after paying for a console with a harddisk in it, and waiting ten minutes for each game to "install" itself I seriously resent having to get my ass off of the couch to switch games.

Come on Sony. I've paid for the system, I've paid for the game. Stop being such fuckwits and let me use what I've already paid for.

Re:simple solution

If you allow the homebrew crowd to do what they want, they arent motivated to make jailbreak tools that pirates then use to run ISO dumps.

Most pirates arent motivated to do the jailbreaking part, which is why they wait for the homebrew crowd to do it for them.

Re:simple solution

[shentino]

That's because OtherOS was crippleware.

Homebrew in that sense had to run without the aid of the Cell that the hypervisor blocked access to.

Native, Sony approved games still had full access.

Re:simple solution

[Animaether]

You claim here that you can run homebrew, even though you go on to state there is no graphics access which makes your whole statement pointless with regards to games.

Because you need access to all the juicy parts of the graphics processor in order to write games? How did people on an ATARI ever get by?

and here you say it prevents them from running homebrew. You can't even agree with yourself which is pretty funny.

Maybe you could re-read what I wrote. They couldn't write their envisioned games they couldn't write because of the limited access. E.g. high quality 3D graphics games. That didn't prevent them from writing simpler games.

There is no contradiction in my statements *unless* you generalize 'homebrew development' to require full access to everything; which is simply not true. There's plenty of homebrew apps in the iPhone app store - despite the fact that those apps don't exactly get to do whatever they want, access every single chipset in the device, or even run as root.

As far as piracy goes, I wouldn't know the situation in Asia - I'll take your word for it. But I guess if everybody's got a chipped PS3 anyway, then that patch to allow 'backups' is superfluous. In the U.S. and Europe, it's not exactly like you can just waltz into a BestBuy or MediaMarkt/Saturn and walk out with a modded -anything-, though. But to draw an analogy.. don't count on the R2 and equivalent cards being primarily or even moderately used for 'backups' in e.g. The Netherlands.. except if you count 'backups' found on download sites.

Re:simple solution

[DrXym]

OtherOS was a fully functional Linux operating system, capable of running emulators, games, development, browsers, tapping the Cell processor, multimedia players etc. etc. I ran it for quite some time and liked it. Yes it ran on a hypervisor, yes the GPU access wasn't all that it was cracked up to be but it was a massively better platform for homebrew than any console has ever offered out of the box. Things like GPU and video could also have been markedly improved simply contributing patches to Mesa / x264 etc. that made use of the 6 free SPUs that were sitting there doing nothing by default. Also, significant progress was being made on the real GPU front and Sony wasn't acting particularly concerned about it.

It was only when someone tried to "root" the hypervisor that Sony canned it. It's shit that Other OS went and completely understandable why it had to go. You can lay the removal firmly and squarely at the feet of people motivated to crack the box, not Sony.

As for Sony approved games, what do you expect. It's a console. It's priced, sold and purchased by people on those terms. Sony can and will lay the smackdown on anyone they detect who mods their PS3 which I expect will include anyone stupid enough to log into PSN with a mod.

The claim that people mod to run homebrew or "backups" is horseshit. It's overwhelmingly for piracy. Genuine homebrewers should be the people getting most angry here since they had an OS until others took it away.

Re:simple solution

[shentino]

In which case I'm going to poo poo on Sony for imposing collective punishment on everyone else.

Re:simple solution

[DrXym]

Yes perhaps Sony overreacted but given the stakes I am not surprised by what they did. If removing Other OS nipped a viable attack in the bud before it could be refined then it was the right thing from their point of view to do. On the one hand they risk pissing off a relatively small number of homebrewers, on the other they potentially averted their platform collapsing under the weight of piracy. It's obvious which way it would go.

Anyway I don't see their reaction as absolving the people who caused it. It was the people trying to root / crack the platform who shat in the pool everyone else was enjoying. They're the people to blame when the pool gets closed.

Re:simple solution

[shentino]

To extend the analogy, Sony, after closing the pool, should have given everyone they booted out a discount on their admission for having their swim session cut short.

I think Amazon chose to refund for OtherOS removal, considering it a defect. Sony, however, chose not to reimburse and told Amazon to go fuck itself.

And now they're being sued because they decided to play hardball.

Re:simple solution

[DrXym]

I expect even if a class action suit were to win, that the payout would be miniscule vs the loss of confidence and lost revenue that piracy would have happened.

Re:simple solution

[RyuuzakiTetsuya]

You mean PARADOX, and other release groups aren't talented or motivated enough to try putting out an exploit? Then why have they been advertising an exploit's around the corner since early 2007?

Re:simple solution

[Walter+Carver]

Sounds rather threatening. Open your platform to homebrew, without restriction, or else we'll open it for you - and make it stupid-simple for this* to happen as a(n un)fortunate 'side-effect'.

Damn right.

Blocking

[Rik+Sweeney]

From the looks of things, the entire jailbreak is reliant on the PS3 being cold booted and the user having to press eject as the PS3 powers on to make it read the code from the USB key. If Sony can block this through a firmware update then that's the end of the jailbreak isn't it?

Obviously the user simply doesn't update their PS3...

Just how does this exploit work?

[Terminaldogma]

I've been at work every time I've seen an article come up about the jailbreak, so I haven't had time to go digging for details (including the links off this article; I don't want to push my work's internet filter). Does anyone have an explanation as to how this jailbreak actually works? Every article I've seen doesn't go into the details other than saying it's a magic USB dongle you plug in. Can Sony even patch this hole?

Re:Just how does this exploit work?

The USB dongle is a microcontroller that emulates a 6-port USB hub. It works by attaching a sequence of fake USB devices with large configuration descriptors, one of which contains the exploit payload. The sequence of USB connections and disconnections results in a heap overflow that eventually results in the exploit code being executed with root privileges. Sony can indeed patch the hole and surely will in the next firmware update. I believe that the open-source version disables automatic firmware updates, but I might be wrong.

Re:Just how does this exploit work?

[leuk_he]

http://www.google.nl/search?q=ps3+jailbreak+reverse+engineered

Patch 3.43. bye bye USB.

[leuk_he]

HOT FROM SONY SITE:

Downloading and installing the PlayStation®3 system software update will update your PS3 system's operating system to include the latest security patches, settings, features and other items. We encourage you to check this page from time to time for system software updates and to always maintain your system to use the latest version of the system software.

An update to the PS3 system software will be was released on September 27, 2010. You can use this update to upgrade your system software to version 3.43.
English EspañolFrançais

Notices

        * Do not download or install updates using data other than official update data provided online or on disc media by Sony Computer Entertainment, and do not download or install updates by methods other than those described in the system documentation or on this website. If you download or install update data from another source, by another method, or with a PS3 system that has been altered or modified in any way, the PS3 system may not operate properly and may not be able to install the official update data. Any of these actions may void the PS3 system warranty and affect your ability to obtain warranty services and repair services from Sony Computer Entertainment.
        * This update is for PS3 systems purchased in North America. DO NOT update your PS3 system through this website if you purchased your system outside North America. There is no guarantee of proper operation with models sold outside North America.
        * The system software and system software updates installed on your system are subject to a limited license from Sony Computer Entertainment Inc. Visit http://www.scei.co.jp/ps3-eula for details.
        * If your PS3 system software version is 3.43 (or later), you do not need to perform this update. To check the version of your system software, go to > (Settings) > (System Settings) > [System Information]. The information is shown in the [System Software] field.
        * The [Install Other OS] and [Default System] features have been deleted in system software versions 3.21 and later. You will not be able to use [Install Other OS] or [Default System] under (Settings) > (System Settings). See the Consumer Alerts page for more details.
        * To play some software or use some features, you may first need to update the system software.
        * Depending on your PS3 system software version, the screen images and icons that are used on this website may differ from those that appear on your system.
        * This version will disable USB ports due to security issues. If you have to USB peripherals you will have to to replace them with wireless versions. See the Consumer Alerts page for more details.

Re:Patch 3.43. bye bye USB.

[MachDelta]

[citation needed]

I call shenanigans.

Re:Patch 3.43. bye bye USB.

[smussman]

An update to the PS3 system software will be was released on September 27 , 2010

*brain explodes*

Re:Patch 3.43. bye bye USB.

[Theoboley]

Sony's Wireless controllers have to be charged somehow, also, disabling USB would render Games that use peripherals such as Rockband/Guitar Hero Utterly Useless. This post is complete FUD.

Re:Patch 3.43. bye bye USB.

[canajin56]

There's nothing wrong with the Past-Perfect-In-Future tense ;) (Except perhaps that I just made the term up and there might not be such a thing?)

Re:Patch 3.43. bye bye USB.

[Hodr]

Wow, not even a good attempt. No other place in the verbiage do thay make reference to "this version" rather than specific version numbers. You left out a word, had a rudundant "to", and you fail at basic IT (unless you expect Sony to produce "wireless" thumbdrives, etc. and share the radio used for the controllers to communicate with them).

Re:Patch 3.43. bye bye USB.

[leuk_he]

Just read the sony website. Don't trust a post on a forum. They did disable other-os security is everything on a ps3.

Re:Patch 3.43. bye bye USB.

[MikeDaSpike]

FUD are emotions. A post can't be a emotion.
I think you mean BS.

Re:Patch 3.43. bye bye USB.

[IndustrialComplex]

By the Once and Future King!

Re:Patch 3.43. bye bye USB.

[Theoboley]

Provide an ACTUAL link to the "official announcement" and I'll retract my statement. Until the, I call Bullshit.

Sony wouldn't take away USB due to the simple fact of Move coming out in a short while. What does the Eyetoy use to connect? USB. that is all.

Re:Patch 3.43. bye bye USB.

[TJamieson]

I'm unsure why you're modded troll; I thought it was very funny.

Seriously though, while they won't remove USB, isn't it likely they'll remove the ability to use USB hubs?

Re:Patch 3.43. bye bye USB.

[zeropointburn]

First, parent is not a troll. Sabotaging advertised features in hardware that has already been sold is bad. That includes the 'other OS' option too, not just the semi-humorous suggestion of USB ports. The state AG (attorney general) is responsible for acting on customer complaints from people in their state, and they do act if enough complaints are received. Parent's advice is quite rational and should be acted upon by victims of corporate stupidity. If several state AGs are considering lawsuits, you can bet the federal government will take a long look at the situation as well. It's not some horribly complicated software EULA, it's my hardware that I bought that is being broken by Sony. That's destruction of private property, criminal not civil, and their copyright lawyers can go shit off a cliff.

Re:Patch 3.43. bye bye USB.

[shentino]

They *are* shitting off a cliff.

Why do you think the crap keeps landing on us way down here at the bottom?

Re:Patch 3.43. bye bye USB.

[Dreadrik]

Later PS3's only ship with two usb ports, and the wireless adapters for the instruments that come with games like Guitar Hero, has hubs in them so that you can daisychain them for up to four(?) instruments.
I'll guess they will make a lot of people (and game publishers) angry if they take that functionality away.

My guess is that they will just fix the heap overflow vulnerability in the next update and then start the detect/ban race that usually happens.

Re:Patch 3.43. bye bye USB.

[hedwards]

Attorney General, they're the highest public attorney in the state, they represent the state in all matters, as well as being the one that wades in against industry that violates state law when it's a matter of general state interest.

Re:Patch 3.43. bye bye USB.

[leuk_he]

I stick to my advise to check it out yourself. Even if i had a link i would not give it to you because you call "Bullshit". Besides that i still advise it to check yourself instead of relying on a post on a forum.

Besides that, I think you can still charge from a USB port that has no functional OS behind it.

Re:Patch 3.43. bye bye USB.

[franki.macha]

Actually, that's "will have been".

So the logical next step is...

[wandazulu]

...to sue everybody who buys an Atmel development board. Wasn't it some satellite that went down the list of people who had bought mag card writers and threatened to sue them, regardless of what the mag card writer was being used for?

After the knee-jerk reaction of removing Linux support from the PS3 (which I actually used), I can really imagine Sony contemplating such stupidity.

F them, I'm going to play Nethack; still better than most of the games available on the PS3 anyway.

Re:So the logical next step is...

[hedwards]

I doubt that they'll reconsider. They were stupid enough to think that there wouldn't be a backlash when they removed hardware from later releases of the PS3 without properly stating it on the packaging and then they removed features from previous versions which had them. Only an extremely arrogant and or delusional individual would think that there wouldn't be some sort of comeuppance coming at some point.

Re:So the logical next step is...

[RyuuzakiTetsuya]

Or fix the USB bug that allows this exploit to work.

Which is more reasonable and cheaper?

Re:So the logical next step is...

[Mister_Stoopid]

F them,

As long as you're Fing them, you might as well pirate some PS3 games in the mean time, right?

I'm going to play Nethack;

If you handn't just sworn off PS3 games, I'd recommend Demon's Souls to you in a heartbeat. It's not a roguelike (combat is real time), but it does have the brutal unforgiving-ness and fair, player-skill-based difficulty that makes nethack great. One of the few games that makes the PS3 a must-have system in my mind.

Sweet

[otis+wildflower]

I had been holding off on the PS3 firmware update until the first jailbreak came out, presumably the USAF/DARPA can use this to 'unlock' any supercomputing PS3s they have?

Re:Sweet

[Lunix+Nutcase]

presumably the USAF/DARPA can use this to 'unlock' any supercomputing PS3s they have?

Because they would have updated at all? I'm sure being able to keep playing on PSN and playing the latest Blu-Rays is on the mind of the people running those clusters.

I assume new hardware will come out soon

[ub3r+n3u7r4l1st]

much like the PSP Slim TA088v3 motherboard which til current day still unhackable. Dark Alex has retired so.....

Re:I assume new hardware will come out soon

[canajin56]

Doesn't need new hardware. It's a trivial fix. This works by exploiting a heap overflow bug in their USB drivers. All they have to do is fix the drivers and it's patched.

This exploit is beautiful

[DeadCatX2]

http://www.ps3news.com/PS3-Dev/ps-jailbreak-ps3-exploit-reverse-engineering-is-detailed/

It emulates a six-port hub and connects/disconnects devices with corrupted descriptors (that have their size changed on-the-fly!) in a particular order to smash the Heap so you can use a corrupted malloc boundary tag to overwrite the call to free() so that after the failed Jig authentication tries to release the memory allocated for the cryptographic response it will launch the shell code that was dropped into memory using a USB descriptor.

It brings a tear to my eye. Truly, one of the most beautiful things I ever had the privilege of understanding.

Re:This exploit is beautiful

[Chad+Birch]

I always wonder how someone even ends up attempting an exploit through something like this. How did they figure out in the first place that it might be a possible approach? It just seems so obscure compared to a lot of other exploit methods for other systems/programs (not that I know much about the topic).

Re:This exploit is beautiful

[DeadCatX2]

I have blue screened my development workstation before because I had a bad descriptor that the Windows Audio driver tried to parse and it brought down the kernel. So I knew this sort of thing would be possible. I think attacking the USB host controller driver is going to become a much more common method of infection in the next few years.

But to get that far...you need dedication. You need to love the hardware. When you see it, it's like the matrix...behind the 1s and 0s and circuit board traces, there is a setting, characters, and a plot.

From there, that's how you can see the attack on the heap. That's actually the most complicated part, in my opinion. You are trying to fool the kernel into handing you a certain portion of memory. It's like social engineering...and that's what makes it hard. The kernel is interrogating you, and you have to give the right answers. Not only the right answers, but the answers must be corrupted in just the right way.

Everything from this point can be built on the work of someone before you. Pretty much all exploits eventually launch shellcode somewhere. They all need some way to launch the shellcode, and hooking a system call (in this case, free()) is a favored way to go about that. Then you need some way to do the hook, which in this case was the smashing the Heap.

So you sit there and think...how do I drop shellcode in? What function do I hook? How do I hook it? Dots appear...and then you connect them, and you annotate the connections, and you go back and you start from scratch again because you see a better way, and then finally...it all comes together.

Re:This exploit is beautiful

[I'm+not+god+any+more]

I see the future:

1. Sony release a new PS3 super slim that won't have any USB ports.
2. Sony release a statement that they have no intention to remove USB support on the older PS3 models.
3. Shortly thereafter, update 3.XX with have a nice EULA mentioning that to protect us they'll be disabling the USB ports on the older PS3s.

Re:This exploit is beautiful

[Myoukochou]

You'd be amazed what a bounty for getting OtherOS working again gets you.

Re:This exploit is beautiful

[elrous0]

My cat's name is Mittens.

Re:This exploit is beautiful

[saboola]

I heard they used magnets.

Re:This exploit is beautiful

It brings a tear to my eye too, but not for the same reason. Sure, I'm glad the thing is jail-broken, but for fuck's sake... a buffer overflow? These kinds of bugs were completely solved in principle in the 90s*, so every time I see one of these I die a little inside. It also means that the exploit relies on a bug in the platform, which is philosophically inelegant, since that means that it cannot really be used as a data point to corroborate the "if it exists it will be hacked" attitude; additionally it means that the next firmware update this won't work any longer.
* VB (to name just one example) only used counted strings and checked arrays.

Re:This exploit is beautiful

[DeadCatX2]

This isn't really a buffer overflow in the sense of smashing the stack. There's no strcmp or anything that the programmer forgot to do a bounds check on. It relies on corrupting the malloc boundary tag.

In fact, USB descriptors have a size field built into them. One of the elegant aspects of the exploit is that the descriptors are read *twice* by the PS3, and the size is being changed in between the two reads.

Re:This exploit is beautiful

[Myoukochou]

(clarification) At least, that's my speculation. (Darn it, mixing up preview and submit.)

You'll note no significant movement was ever made on a working modchip. PS3 remained pretty much hack-free... until Sony disabled OtherOS.

geohot's glitch - for it was a glitch attack, requiring hardware intervention, and a fair pile of luck for things not to crash - was specifically targeted at the OtherOS hypervisor, only worked in OtherOS, and was simply trying to get more hardware access, but it would never have gotten you complete access (for a start, by the time you're in OtherOS, the SPU in security mode is latched off the bus, I understand, although I never got the opportunity to check personally).

Sony (characteristically, some might say) totally overreacted in the worst possible way - geohot's glitch was really not a useful exploit! - but by taking everyone's toys away, and specifically by causing a problem to a lot of security researchers who used PS3 clusters for all kinds of research (including cryptographic research, for example the MD5/SHA-1 collisions) and who could now only get replacements from eBay praying they're not updated... they made a lot of people suddenly very interested and determined to crack it, and maybe those with clusters would be equally interested in something like this, perhaps even willing to fund research? *shrug* Merely idle speculation...

So, yeah. A fairly tight architecture it is, but start annoying security researchers with the resources to decap or fab chips, let alone dump firmware and look for bugs, and you've got to expect some kind of robust response - although where it really came from originally, we may never know, and what else they have in store for the future, it's hard to tell.

It's a cute little heap overflow in the USB controller; a nice little puppy-pile of (it appears, uncleanly nested) USB hellos and goodbyes to fill the heap, and a shellcode dump for the last one. Fixable in a firmware update, yes - and PSN-bannable (even brickable, if Sony are that hardcore) if used as is, as PS3s log what applications/games you run and send that info to Sony as part of DNAS authentication (at least, they do in unmodified DNAS; it's no longer foolproof) - but this is the tip of the iceberg I'm sure - when Sony fix this, I don't doubt another bug will be found in short order, maybe a software-only one (the PS3 parses enough formats that there's basically got to be something). The arms race has officially begun.

It's correctly named, too; this is really a 'jailbreak' in exactly the same sense as used on the iPhone for example, not some modchip to let people play copied games or anything (in fact, I don't believe it can... yet).

Re:This exploit is beautiful

[beanpoppa]

My cat's breath smells like cat food.

Re:This exploit is beautiful

[kurokame]

All I see is blonde, brunette, redhead...

Re:This exploit is beautiful

[alexo]

What happens when Sony patches the code that allows that to happen and all new games and online access will require the new firmware?

Re:This exploit is beautiful

[DeadCatX2]

Personally, I don't really care. I'm not about pirating games. I don't even own a PS3, nor do I want once since any games I might want are probably on the 360 anyway. I'm way more interested in how the hardware works.

Re:This exploit is beautiful

[alexo]

Personally, I don't really care. I'm not about pirating games.

Or running Linux.
Or homebrew apps.
Or having back-ups of legally-purchased-but-easily-scratchable-by-the-kids disks.

But you're right, it's not about pirating games, it's about sticking it to a conglomerate that installed root-kits on your PCs.

Re:This exploit is beautiful

[DeadCatX2]

Are you even reading what I wrote? I said it's about the hardware. I'm a geek. I like to know how things work.

It's not about sticking it to anyone.

Re:This exploit is beautiful

[alexo]

Are you even reading what I wrote?

Yes, I do.
I just don't think much of your assumption that this exploit is only useful to those that want to pirate games.
I also like to direct my post to the /. readership as a whole which, at my last count, had more than one member.

It's not about sticking it to anyone.

For you, it isn't; for some others it is.

Re:This exploit is beautiful

[C.]

> Truly, one of the most beautiful things I ever had the privilege of understanding.

The sequence is ugly as hell, I feel pain for you if that's the most beautiful thing you ever understood. ;)

In all fairness, that hack is pure genius. Hats off.

Re:This exploit is beautiful

[vegiVamp]

Sure, buffer overflows are "solved" if you have the luxury of being able to swallow the overhead associated with higher-level languages. If you want to drag out the last bit of performance, you don't have that - but I guess your using VB as an example says enough.

Also, what would you have exploits rely on, if not oversights in the platform ? The willingness of Sony to let you install a rootkit ? There will always be bugs, and the best exploits are all about the high art of being able to both find and use them.

Re:This exploit is beautiful

[DeadCatX2]

Actually, their device fails the jig authentication. By design.

When the PS3 initiates the cryptographic challenge, it calls malloc to allocate space for the jig's reply. The exploit depends on this call to malloc allocating space the fake jig reply. The previous attach/detach process created a corrupted heap that ensures that the fake jig reply will be placed over top of the system call free(). The fake jig reply is actually the shellcode that launches the exploit.

The fact that they use the jig's VID/PID is already enough to get them into hot water.

Re:This exploit is beautiful

[youn]

I believe you have to place one next to the other... on one side it attracts, on another it repels... you should try it, it's a lot of fun :p

Atmel are used for meny other things and pinball g

[Joe+The+Dragon]

Atmel boards are used for meny other things and stern pinball use them in there pinball games.

If they are used in pinball game and many other ticket games as well other embed systems you can just do mass suing.

What about the PSP?

[slapout]

It would be interesting if this thing was ported to the PSP and the PSP could be used to unlock the PS3

Re:What about the PSP?

[Nursie]

There is an effort underway to do that right now, but they're going about it weirdly IMHO, by first trying to write an emulator for the USB key, then flash it with the unlocking firmware.

Maybe it's the best way, but to me it seems really convoluted.

but steeling sat tv is not the same as running you

[Joe+The+Dragon]

but steeling sat tv is not the same as running your own code / Linux on a box that you own and it not like you can useing and they just get games for free by just hookinh the hacked box up like how it was with sat tv hack the card hook up the dish and get free HBO.

Re:Console are all about control

[KovaaK]

I have been a PC gamer for years, but that doesn't mean that some games and genres don't work better on consoles. When was the last time you played a good party game on the PC (Worms would be my most recent, and that feels like ages ago)? How about a 2d fighting game?

I just ordered a PS3 yesterday for the purpose of playing Blazblue with friends. Sure, there is an arcade version of the game that I can torrent and play on my PC, but the input feels like shit (even with a PS3 or XBOX360 controller) and it has no online play.

Of course, when it comes to first person shooters, nothing can beat a good duel in almost any of the Quake series on PC.

Re:Sony

[RyuuzakiTetsuya]

Piracy, online cheating, support hassles? These don't ring like a reason why a company would care?

Re:Console are all about control

[RyuuzakiTetsuya]

Because PCs suck for gaming.

Inconsistent rigs, inconsistent play experiences, having to chase an upgrade path every 2 or 3 years versus 5 to 6 to play games(Seriously, you take 250 bucks and buy a computer that'll do Call of Duty Modern Warfare 2 at 1080p and act as a slick BluRay player.

You fools!

[zmollusc]

You foolish fools! Defeating DRM will let the terrorists win! Already another oil platform has exploded due to evil hackers playing unsigned content on the PS3!

Re:Let's make this easier for everyone...

[Yvan256]

If it's one of the usual Atmel parts, you can probably use Digi-Key.ca

Extremely fast shipping, no customs fees.

Re:Jailbreak?

[bsdaemonaut]

Actually jailbreak is about breaking free of the restrictions of any locked down system. The term "jail" is an old one that has been used in Unix-like operating systems for a long time. The iPhone, to my understanding uses a unix-like directory tree and limits your access to that tree by making a jail not terribly dissimilar to those in other unix-like operating systems.. therefore the usage of the term "jail" and "jailbreaking."

Re:Sony

[RyuuzakiTetsuya]

It is, but it's also on Sony if they want to make it as difficult as humanly possible, because in order to accomplish what you want, you're opening the system to being exploited for cheating, piracy, and other problems. do you not see how this is mutually exclusive to what you want? They can't leave the door open and say, "No pirates please." and expect that wish to be granted.

Jailbroken RSX?

[Doc+Ruby]

Does this jailbreak HW let programmers access the RSX videochip that the PS3 hypervisor kept locked out from Linux apps? If only for the extra 256MB (V)RAM that lets real sized apps run under Linux, but especially to get to the 1.8TFLOPS RSX, the real powerhouse of the platform. Otherwise all the graphics/video has to be rendered directly by the Cell CPU. Since there isn't a video driver that uses the Cell's SPUs, all that has to be done by the 3.2GHz PPC at the core of the Cell, which is also handling all the other app processing. Offloading graphics to the RSX graphics chip would finally unleash this beast.

Write PS3 games without paying $100K to Sony for their "development kit". Run all your Linux desktop and dev stuff. Much more likely that developers will code for the SPUs, and finally tap the potential of that "game supercomputer".

OTOH, if the jailbreak is only for pirating PS3 games, then Sony has done nothing but shoot itself in the foot by locking legit Linux developers out of the platform. And in that case, I've got two original fat PS3s for sale.

Re:Jailbroken RSX?

[TeknoHog]

Since there isn't a video driver that uses the Cell's SPUs,

http://www.mesa3d.org/cell.html

Re:Jailbroken RSX?

[Doc+Ruby]

By all accounts, Mesa3d on Cell still doesn't really work.

Which is why I'm also still waiting for a hack that lets me use some revision of an nVidia driver on the PS3 RSX, the video chip that I bought inside the PS3s I bought.

Re:Sony

[RyuuzakiTetsuya]

The PS3Jailbreak device is selling a circumvention device that's advertised for piracy purposes.

Cry me a god damned river. If Dark aleX were in jail, sure, let's talk, but, he wasn't charging $150 for his services.

You don't even need the hardware

[Khyber]

Just get the Atmel AVC software, emulate the chip, and use a USB interface from a laptop.

I've already tested it out, and using the JTAGICE in combo with it means you can use your computer to 'unlock' your PS3 and the 360.

Re:You don't even need the hardware

[GizmoToy]

I assume the JTAGICE you refer to is a USB debugger device for these dev kits? So you do need some hardware, just not the actual AT90USBKEY or whatever you've chosen.

Re:You don't even need the hardware

[Khyber]

JTAGICE is an emulator that can interface with other chips, but by itself you only need a computer and USB cord with that software.

Oblig. Adams

[MrFurious5150]

The major problem is quite simply one of grammar, and the main work to consult in this matter is Dr Dan Streetmentioner's Time Traveller's Handbook of 1001 Tense Formations. It will tell you for instance how to describe something that was about to happen to you in the past before you avoided it by time-jumping forward two days in order to avoid it. ... Most readers get as far as the Future Semi-Conditionally Modified Subinverted Plagal Past Subjunctive Intentional before giving up: and in fact in later editions of the book all the pages beyond this point have been left blank to save on printing costs.

Re:Sony

[RyuuzakiTetsuya]

It's been five fucking years! Dark Alex hasn't put out firmware in at least a year!

If they were going to get him, they'd have gotten him already. Is it sue happy when someone's PROFITING off of pirating your software or circumventing your copy control? Would it be any different if Nintendo started suing everyone who sold the BannerBomb exploit?

Re:Lawsuit?

[aaron552]

Additionally if the new games only care about the version field, but not any new functions or what have you in the latest version of the firmware then all you need to do is hack your version tag to spit back what the game is looking for and problem solved, game runs, because they used to assume that the version number could only be changed by sony. Since that's no longer true, you can tell the game whatever you want and simply ignore updating the firmware until such time as a game actually breaks while looking for functionality that's only in newer firmware.

I believe this is similar to what users of the Homebrew Channel on the Wii do. It's a little more complicated because games don't check the Home Channel version, instead looking for a particular iOS, which is only installed, in normal circumstances, by the Wii System Update. Of course, Homebrew users (and pirates, I assume) just download and install the required iOS images manually (in fact, there's a Homebrew app that automates the process)

Additional functionality is required...

[The-Th!ng]

for the jailbreak software to send off an anonymous "Fuck You, Sony" email from the machine in question back to Sony HQ.

I totally called it.

[John+Pfeiffer]

About a week ago, I said on IRC that if the legal quagmire around the PSJailbreak drags on, they should just opensource the whole thing. Sure, there'd be less money to be made for their effort (Not that they're able to sell the things right now anyway) but Sony would be pretty hard-pressed to completely suppress the device.

I was impressed by the gesture they made in removing the bootleg playing capability from the version of the code they released, even if the community ultimately turned it into a rather hollow gesture. (But they gained full deniability, way to go!) Their reference design is ugly as sin though. When I make an EagleCAD schematic/board from the design they released, I'll be sure to design a nice, compact, all-SMT version too. :3 Maybe even one that doesn't need the USB port, like it has 'gold fingers' on the end and just slips into the port.

I don't even own a PS3 and I want to make one just for the hell of it. I already have a couple AT90USB chips I haven't used yet.

btw, the Atmel devboard can be had for $30, and the 'Teensy' microcontroller boards can be had for as little as $17. Of course, they're all out of stock now, heh. If you have the know-how to make the board, the components hardly add up to $10.

Maybe I should have a couple-few PCBs churned out the next time I order some prototypes from Gold Phoenix. Strictly for my friends, of course. :D

If someone wanted to start selling these things, the smart thing to do would be to just more or less sell a 'general purpose' board, like the Teensy, and leave it up to the end user to find and install the code. Zero liability, really. Just don't call the thing 'ZOMGPS3HAX2.0' or be all *wink wink* *nudge nudge* in the product description.

(I'm totally getting sued, aren't I?)

When will companies learn?

[Red_Chaos1]

If we buy something, we own it. We will do with it whatever we please, as is our right. Any and all attempts to tell us what to do with something we own will only ensure that we break whatever controls you try to use.

Re:When will companies learn?

[judeancodersfront]

It actually wouldn't have been broken if they didn't offer the otherOS option. That's how the hypervisor was bypassed.
So if they had offered less options it would have lasted longer.
Sorry if this reality conflicts with any rights you have declared in your mind.

Re:*sigh*

[Andorin]

Yes. Let's feel bad for poor Sony, the little company who's being bullied by those evil pirates into simply trying to protect their property. Obviously they have no choice of how to respond to hobbyist tinkering except to continue to push anti-consumer restrictions after the fact. Let's point the blame at those who see Sony boasting about their unbreakable system and think "O rly?", then work on hacking it. They're all just pirates anyway, pirates holding a gun to Sony's head.

we need a hypervisor under the sony hypervisor

[swframe]

I would imagine that sony will be able to fix this eventually and we'll back to the wall garden. We need hypervisor under sony's hypervisor so that future system updates can't remove the backdoor.

Re:Jailbreak?

[Nursie]

Where did you get that idea?

The SIM card is already "Unlocked" in as much as you can put it in any phone you like. The locked part of an iPhone is the iOS itself, which will only run approved binaries until it's jailbroken.

Cool but..

[Yfrwlf]

Cool and all, but the PS3 has always been pretty worthless due to the hypervisor. Unless that is bypassed really well at some point, it will continue to be a very sub-par desktop. I had a Linux HTPC/server replace it long ago and I've never looked back. Much rather have room on the PS3 hard drive for games anyway. Not that this isn't an important project for those who have PS3s but no HTPCs, or don't want both, but with how cheaply you can get a more-than-decent HTPC for there isn't much reason not to.

Re:Sony

[RyuuzakiTetsuya]

Right, because it's not douche bag material to suggest that Sony open their console to piracy, hacks and cheats just to make %1 of it's userbase happy.

Re:Console are all about control

[StayFrosty]

Seriously, you take 250 bucks and buy a computer that'll do Call of Duty Modern Warfare 2 at 1080p and act as a slick BluRay player.

I'm assuming that since you are posting on Slashdot you own a PC. I would be willing to bet that if you added an additional $250 worth of parts to your existing computer (or added that $250 to your budget for the next one) you would have a machine that is more than capable of both of those requirements.

having to chase an upgrade path every 2 to 3 years versus 5 to 6 to play games

I have to admit you are a little closer to correct than most console advocates (I've seen people say upgrades were required every 6 months to a year) but you are still a bit off. I was recently browsing my newegg purchase history and I accidentally discovered that it's been a full two years since I built my current gaming rig. I was shocked to discover it's been that long. I can still play any modern game pretty much maxed out so I have no desire to upgrade any time soon. If I really wanted to I could probably stretch the life of that machine another 3 years or so but I wouldn't be playing anything maxed out. On the other hand, every console fanboy I know will readily admit that CODMW2 looks better at 1080p on the PC than it does on a console due to better/more flexible hardware. In 2 years when the xbox 360 is EOL even the newest games will look like crap compared to their PC counterparts. With a PC you could easily spend $150 half way through the 5 year life cycle for a video card upgrade and still have beautiful graphics if you want. Of course you could still run the game on lower settings and it will be comparable to the console's.

Re:Console are all about control

[damien_kane]

Worms would be my most recent, and that feels like ages ago

What, last week?

Re:Jailbreak?

[BLKMGK]

It mostly has come to mean breaking free of the signature required code found on iPhone. It most certainly is NOT something involving SIM cards - that would be "unlocking".