66% or better

LV0 encryption key cracks current and future PlayStation 3 firmware

It looks like the security of the PlayStation 3 has been cracked wide open. But then again we’ve thought the same thing in the past and Sony managed to patch those exploits. The latest in the cat and mouse game is the release of the LV0 encryption codes for the PS3 console. The guys who discovered the magic strings of characters supposedly intended to keep them a secret, but have gone public after there was a leak and some black-hats now intend to use them for profit.

The keys are the bottom layer of security when pushing firmware updates to the PS3. With keys in hand, current and future upgrades can be unencrypted, altered, and repackaged without the gaming rig putting up a fuss. Our only real beef with the tight security came when Sony removed the ability to install Linux on systems marketed with this option. The availability of these keys should let you install just about whatever you want on your hardware.

[Thanks Kris via Phys]

Comments

  1. jay says:

    this is good cuz the ps3 has yet to be fully utelized. more power i say and with the option of a posibul pc mod again yey for full out gaming on a power house console. lets make it just as good as our hacky friend the dreamcast

  2. moo says:

    Nice!

  3. b says:

    PS3 is damn near EOL.
    I would say that Sony accomplished what they wanted to do with the ps3 security.

  4. xobmo says:

    How about MOL running in YDL on the PPC chip in there? ML on the PS3 – Now that’s a port…

  5. jack says:

    I guess if you look at PS3 hardware, ya for the most part they did a pretty good job keeping the console like they wanted.

    But remember the whole ps3 security fallout? I know that was more to do with the servers that ran the accounts but still a part of ps3 security.

  6. Joe says:

    NEVER buy Sony products. Ever. Not even headsets.
    After what they did to Geohot?
    Why would the hacking community even speak about this company?

  7. we’ve got a geohot 2.0

  8. xorpunk says:

    1.Geohot glitched HTAB before otheros removal

    2.bootldr isn’t compromised/can be fixed

    • Notn4 says:

      Geohot didn’t release anything before the OtherOS removal, he just showed that it was possible to crack the security in some way on the console, sony got scared and removed OtherOS in hopes that it would take away most points of attack. That made everyone pissed and more and more devs started to look into the security of the PS3, thats when those darn piracy dongles showed up and after that Fail0verflow found the signature keys.

      Funny thing is that OtherOS had nothing to do with 1. Enabling piracy
      2. The signature keys getting released

      Those happened only because Sony wasn’t implementing their security well enough. I believe that team fail0verflow even said that they wouldn’t have looked for security flaws in the system if OtherOS wasn’t removed, as they only wanted to crack the console so they could get back their beloved linux

      • Simbo says:

        I agree with some points made above but the main reason Sony decided to remove the OtherOS feature was to prevent mass sales of the hardware to businesses & institutes looking to create an extremely cheap Cell CPU cluster with no intention of buying games, media etc from their services where they make the real money and attract game designers to create and license for their hardware.

        Also the GPU was restricted within the OtherOS feature crippling it for anything other than trivial / computational tasks.

        I know it annoyed a lot of people, me included

    • johny says:

      xorhack

      bootldr can only be updated in newer skus as they did starting in factory and with 3.60fw

      However for everybory else they cannot update and since they need to maintain compatibility to lower skus and the last place they could encapsulate the loaders is owned…

      The PS3 in terms of hacking kind of lost its interest (everything can be decrypted now)…

      Only those that have the newer bootldr can’t do anything…

  9. Does this means I can load win7 on a ps3? that would be pretty killer.

    Or better yet load it up to work like a modded xbx would be some funny looks at lans.

  10. Decius says:

    You can buy things such as the Progskeet flasher or the E3 Flasher which is a NAND/NOR flasher and can replace a “bricked” Ps3 regardless of which firmware it is on, as long as you made a backup of the original image installed on that hardware. You either soulder it up to the memory on the motherboard and if you ever screw up the firmware you can reflash back to which ever backup you created. The best firmware to be on right now is 3.55 Official firmware as it can be exploited with Kmeaw/Rogero firmwares.

    The hardware in Slim PS3′s shipped from factory with OFW 3.55 and down have the same hardware keys as every single PS3 so it’s technically possible to downgrade even more PS3′s that are on OFW 4.30+. The problem is getting a software exploit in an official firmware on these “cracked” machines is hard as of yet.

    The new Slim Ps3′s CHECH3x+ (500GB Top loading disc Drives) have all new hardware keys and can’t be hacked as of yet. Since future updates have to apply to existing Ps3 hardware types it’s easier to exploit further firmwares for future hardware revisons.

  11. LolCat5 says:

    Isn’t this old news? Firstly, geohot published his hack an age ago, in response to sony removing other os support, which was in response to his comments on the flaws in ps3 security.

    Secondly, did nobody see that talk 2 years ago where they completely dissected ps3 security at every level? http://www.youtube.com/watch?v=PR9tFXz4Quc. In this talk they showed you how to extract the private keys in every level of ps3 security due to flaws in the implementation of the encryption layers.

    • SFRH says:

      Neither geohot nor fail0verflow broke the lv0 encryption, and in fact if you had even bothered to watch the video that you linked everyone to – or were smart enough to understand it, which you obviously aren’t – you would have seen as much. Geohot and the fail0verflow guys only managed to find keys down to lv1, not lv0. Idiot.

  12. shadowing says:

    Updated on 25.10.2012, 17:20: Apparently Sony delivers the slim version of the PS3 from CECH-30xx and the super-slim with lv0.2 that checks a second signature. This would mean that these newer models can not crack on the manner described above.

  13. shadowing says:
  14. ABar says:

    does this mean someone will be releasing new CFW soon? Or will people be a little scared of doing it after the geohot fiasco?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s