Slashdot Mirror

← Back to Stories (view on slashdot.org)

Playstation 3 Code Signing Cracked For Good

Posted by samzenpus on from the forever-is-a-long-time dept.

ReportedlyWorking writes "It appears that Sony's PS3 has been fatally compromised. At the Chaos Communication Congress in Berlin, a team named 'fail0verflow' revealed that they had calculated the Private Keys, which would let them or anyone else generate signed software for the PS3. Additionally, they also claim to have a method of jailbreaking the PS3 without the use of a Dongle, which is the current method. If all these statements are true, this opens the door to custom firmware, and homebrew software. Assuming that Sony doesn't take radical action and invalidate their private keys, this could mean that Jailbreaking is viable on all PS3, regardless of their firmware! From the article: 'Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs. Following this, the team declared Sony's security to be EPIC FAIL!'"

3 of 534 comments (clear)

  1. Re:Sigh by Raineer · · Score: 5, Interesting

    "Following this, the team declared Sony's security to be EPIC FAIL!"

    Is it really necessary for everybody to talk like complete dicks nowadays?

    To be honest I'm not sure how you can call Sony security a failure. As far as popular consumer devices go, the PS3 lasted for eons. I am both a Sony and Apple fanboy (somewhat), and have to laugh at the hours (literally) it takes any Apple product to be cracked while Sony (as dysfunctional as any company there is) makes a product that lasts for years. Cracking the keys was inevitable, but Sony should be recognized for making it more difficult than anyone else :) I still sit on the side of the fence where the damn thing should have been open from the get-go...but meh

  2. Re:Sigh by MoonBuggy · · Score: 5, Interesting

    Having followed the finest Slashdot tradition and only read TFA after posting, it appears that there was truth in my speculation. Fail0verflow, the group that found the keys, posted on twitter that "we only started looking at the ps3 after otheros was killed.". That means they did this in nine months.

  3. Re:Epic Fail? WTF? by marcansoft · · Score: 5, Interesting

    The "epic" part really came about due to the completely inexcusable ECDSA signature screwup. We were left speechless by that one. However, as a whole, the entire PS3 architecture is terrible. Especially after breaking it open and properly analyzing it and finding a ton of screwups (many critical), there is absolutely no doubt in our mind that the sole reason why the PS3 lasted this far is because OtherOS kept all the competent people happy enough not to try to break into the system (that, and maybe hype around their hypervisor and isolated SPE security, both of which turned out to be terribly bad). If you watch the talk you'll actually see that we make this point clear and address the time-to-hack of the PS3. Given our experience and what we've learned from people who work on console hacks, almost nobody tried until OtherOS was removed, so the only valid measurement for "time to hack", as a strength-of-security measure, is the time since OtherOS was removed (9-12 months or so).

    OtherOS was Sony's single best security feature.