New PS3 Firmware Contains Backdoor

Vectormatic noted the rumor floating around that the most recent PS3 patch has a backdoor, and "Sony can now remotely execute code on the PS3 as soon as you connect. This can do whatever Sony wants it to do, such as verifying system files or searching for homebrew. Sony can change the code and add new detection methods without any firmware updates."

IRC

[Ogive17]

Wow, the "source" for this speculation is an IRC conversation.

Not that I respect Sony considering what they've done in the past but I think I'll hold off judgement for a bit longer on this one.

Re:IRC

[ElectricTurtle]

As many have alluded and will allude to in this discussion, they *are* that dumb, as evidenced by the fact that they did it before.

Re:IRC

[ElectricTurtle]

Never did I say rootkit==backdoor. The parent I was replying to was saying that Sony wouldn't do a thing that opened the PS3 to malware writers, and the rootkit, by *your* own example "assisting some viruses in the process" did exactly ... what? The same thing. Before. Do you get it yet?

Re:IRC

[Entropius]

Panasonic, for one.

I used to have a Panasonic digital camera, of the "superzoom" type. The lens (which had the fastest aperture of any superzoom lens available) incorporated anomalous-dispersion glass and was well-designed, and thus had pretty low levels of chromatic aberration; the residual chromatic aberration had been characterized by the lens designer and was cleaned up in software in the camera. For what it was, it took amazing pictures.

Sony made a competing product. It had all sorts of shiny stuff advertised on the box -- lots of megapixels, various gee-whiz modes, "smile shutter", all sorts of stuff that can be marketed -- but the lens was *shit*, with nutty amounts of chromatic aberration, so it didn't matter what you did with it -- you weren't going to take good pictures at the long end of that lens, gee-whiz stuff or no, because the lens sucked.

Not a rootkit

[Lord+Byron+II]

The "article" calls this a rootkit. The summary calls it a backdoor. Neither is strictly true.

Rootkits allow unauthorized users root level access and backdoors allow unauthorized remote users access. In this case, you're installing Sony software and this software allows Sony to autoupdate their software and remove cracks. This isn't much different from Chrome autoupdating or Firefox blacklisting certain extensions. The only real difference is that Sony might not have been all that forthcoming about the fact that this new firmware has this capability. My guess is that if you look at the EULA carefully, it does specify that they are allowed to do this.

I would suggest that if you think they have trampled on your rights, then take them to court. Sony will just keep making their firmware more and more "evil" until a sizable number of users stands up and says "no more".

Re:I'm not so sure this is wrong anymore

[Svartalf]

Actually, the firmware mod opens it up to being further hacked (Do remember that they lost positive control of the ROOT signing key...meaning that ANYONE can MITM their update chain now...) as now hackers can put and remove things at will on their boxes. This means we should see the beginnings of PS3 Botnets all over the place eventually.

And this would make the second wrong move from Sony, with the OtherOS being removed being the first.

Re:AGAIN, Sony?

[Moryath]

Actually, no. The Xbox360 won't execute code without permission.

The worst it currently does is check that your firmware and the game you are wanting to play are both up to date, and then if either check fails, tells you you will be signed out of Live (but still free to play the game in offline or LAN mode).

Could I see MS doing this in in the future? Possibly. But I really don't think they consider it that big a deal. The people who have a hacked Xbox360 are already pretty much staying offline anyways so it wouldn't do them much good to insert this kind of code.