Slashdot Mirror

← Back to Stories (view on slashdot.org)

PS3 Root Key Found

Posted by Soulskill on from the insert-quarter-to-play-again dept.

An anonymous reader writes "The PlayStation 3 'root key' used for code signing has been found by GeoHot. This enables running homebrew without the need for psjailbreak-style USB-devices, and also provides hope for those at firmware version 3.55 that currently cannot be downgraded. The key also cannot be changed without hardware modifications. Oops."

2 of 380 comments (clear)

  1. Re:Dear Sony.... by PhunkySchtuff · · Score: 4, Interesting

    From memory, what happened is that with the OtherOS, Geohot was able to outline a proof of concept to run arbitrary code on the PS3.
    He didn't release much, and nothing he released would have directly facilitated piracy - there were no keys exposed for instance.

    Sony, in a knee-jerk reaction, promptly issued a software update that removed OtherOS support altogether - even though Geohot's work was just a proof of concept.

    This is when the real work then started to get back what was once there - and in the process through discovering these keys, this has now opened the doors to piracy on the system.

    If Sony had have kept OtherOS in there and instead done something like fixed the flaw in the hypervisor that allowed Geohot's exploit to work, or just ignored it and moved on, it's arguable that no one would have bothered to put in the effort they have recently to discover the crypto keys.

    --
    Specialist Mac support for creative pros, Melbourne
  2. Re:Same private key? by anethema · · Score: 4, Interesting

    Explaining can be good, but geohot is from the iPhone world. There, as soon as you released details on your exploit, Apple would patch it if possible. In one case they spun new hardware mid-cycle to patch a bootrom exploit on the 3GS.

    Since geohot was able to release the keys (to the kingdom) without tipping his hand in this case, is it really bad?

    Would it not be possible that Sony patches whatever exploit you guys used and detailed, added a whitelist for games under the current signature, and began using a new one, possibly nullifyng much of the work you guys have (brilliantly) done?

    Is the way geohot did it (using your work again, totally with you guys there for credit) not better for the community in the long run, where now unless Sony finds the vulnerability he got in through he can keep providing these keys no matter what Sony does?

    Hell Sony may even reuse hardware/firmware from the PS3 in the PS4 and geohot may again be able to get in and provide keys, or at least have a jumping off point.

    Again, no knock on you guys, full disclosure is cool for nerds sake, its great to know all that stuff, but the way we do it in iPhone world is always trying to do whats better for the community/users. Not tipping your hand on the exploit used may be the way to go here.

    --


    It's easier to fight for one's principles than to live up to them.