Slashdot Mirror

← Back to Stories (view on slashdot.org)

PS3 Root Key Found

Posted by Soulskill on from the insert-quarter-to-play-again dept.

An anonymous reader writes "The PlayStation 3 'root key' used for code signing has been found by GeoHot. This enables running homebrew without the need for psjailbreak-style USB-devices, and also provides hope for those at firmware version 3.55 that currently cannot be downgraded. The key also cannot be changed without hardware modifications. Oops."

6 of 380 comments (clear)

  1. Re:Peeking under the hood by Anonymous Coward · · Score: 5, Insightful

    Neither. Sony botched their PKI implementation and the 'random number' they were using for their seed was anything but random. In fact it was the same every time! That made it trivial to solve for the key. Oops.

    This went undetected for years until they ... removed Linux.

  2. Dear Sony.... by Lumpy · · Score: 5, Insightful

    Still think revoking the "Other OS" function was a good idea?

    --
    Do not look at laser with remaining good eye.
  3. Re:I wonder... by EdIII · · Score: 5, Insightful

    Yeah, because GeoHot is wrong in what he is doing?

    How should he have released the key to the rest of us? We all have a sacrosanct right to own our property, and I don't give two *$#% if somebody uses it for piracy. I applaud what he has done here, and in fact, it has finally made me consider actually purchasing a PS3.

    If Sony does brick all the consoles, don't blame GeoHot. Blame Sony, because they are the ones that have acted in a morally repugnant fashion for years.

  4. Re:No sympathy for Sony by Mysteray · · Score: 5, Insightful

    Sure, the word "steal" is overloaded. Sony's entertainment industry seems to have a great fascination with the concept of people "stealing", and in that case many disagree with that use of the word.

    But what's your point? Are you arguing some point of US law?

    Normal people (i.e., non-lawyers) understand that the very fabric of commerce is based on "yours", "mine", "not yours", "not mine", "buying", "selling", "vendor", and "customer", etc.

    There's not a lot of subtlety in these terms, because normal people are able to conduct their commerce without concepts like "stealing", "swindling", "crooked dealing", "cheating", or "screwing over your customer" even coming into question 99.9% of the time.

    "Bait-and-switch" doesn't fit, neither does "planned obsolescence". Actually, Sony is breaking new ground here. I don't think normal people ever needed to invent a term for a vendor selling something and then intentionally breaking it by remote control years later.

    So maybe you think it's significant that Sony presented some EULA on the TV and made the user press the green button before they could play the game they just bought.

    But normal people don't. They see it for exactly what it is.

    Nothing particularly subtle or complicated about it at all.

  5. Re:I wonder... by an+unsound+mind · · Score: 5, Insightful

    GeoHot did something Sony didn't like, and therefore Sony punished you.

    Hopefully this teaches you something about buying Sony products.

  6. Re:No sympathy for Sony by Dhalka226 · · Score: 5, Insightful

    The fact that you can separate the two actions--requiring updates to access the Internet and play new media (and indeed, also to continue using applications that have not been updated themselves such as the Netflix App) and "agreeing" to the upgrade--makes me seriously question your logic. It is a tactic a half step removed from "that's a nice car, it would be a shame if anything happened to it." In fact, it may be worse. At least if I pay the nice man in the trenchcoat his protection money he leaves my car alone. Sony promises to break your PS3. The only choice they give you is whether you want to lose features you've already paid for or lose the ability to play new games or utilize any features of your old games that happen to use the Internet, such as multiplayer or, as in my case, a baseball game that provides roster updates throughout the year.

    It's called coercion, and it is grounds to nullify even the most strenuously negotiated contracts much less a click-through EULA that doesn't even specify how they're fucking you, just that they might. They are going to take something from you--your ability to play new games and fully utilize your old purchases--for absolutely no technical reason other than people who probably aren't you are using their machines in a way that Sony disapproves of (homebrew, cheap computing cluster, etc), unless you "agree" to let them take out features you've already paid for. It's nothing but a bargaining chip to force you to do as they tell you to do.

    Frankly even that is too generous; bargaining chip implies there is negotiation and intelligent thought before determining which is the best course of action. Turning down these updates and effectively bricking your PS3 from that point in time forward is no more a choice than not paying the man in the trenchcoat. Do you really think it's any consolation to people who got rid of their old PS2s because they have this lovely new PS3 with backward compatibility that they weren't fucked in the ass until they "agreed" to it? Oh but don't worry dear consumer, we'll slowly start to release them as downloads for $9.99 a pop! Everybody wins!

    The PS3 was the most locked-down piece of consumer hardware in the history of computing. Do you truly believe this update requirement was done as anything other than a way to force you to do what they want and patch any holes that might arise--the exact behavior we have seen from them? No, it's not about an unspoken agreement to produce content; if they stopped making PS3 games tomorrow I would be upset, but I wouldn't have been fucked. They are actively breaking my hardware, for all intents and purposes, unless I let them have their way. At the bottom of every game I buy--on the disc AND the packaging--is a little "PS3" logo. The idea that one disc might work and another might not in my PS3 based on whether I've let them screw me yet is ludicrous, and so is claiming that it is somehow a choice.

    It goes well beyond shady. The fact that it hasn't been absolutely clobbered in civil suits yet is stunning. The idea that any court in the world would see it as anything less than illegal coercion boggles the mind.

    And not that it should matter, but lest you think my outrage is personally motivated: I did buy my machine with the expectation of using OtherOS, but after a while I realized I simply wasn't going to go through the hassle and the update didn't affect me on a personal level. Likewise, I paid $600 at PS3 launch so my PS3 has hardware backward-compatibility and I am not personally affected by their removal of the software backward-compatibility in later updates. That doesn't make either of those decisions any less of an outrage.