Well it looks like the Play Station 3 is finally and definitively cracked. FailOverflow’s Chaos Communications Congress talk on console security revealed that, thanks to a flaw on Sony’s part, they were able to acquire the private keys for the PS3. These keys can be used to sign your own code, making it every bit as valid (to the machine anyway) as a disk licensed by the media giant. We’ve embedded the three-part video of the talk, which we watched in its entirety with delight. We especially enjoy their reasoning that Sony brought this upon themselves by pulling OtherOS support.
We remember seeing a talk years back about how the original Xbox security was hacked. We looked and looked but couldn’t dig up the link. If you know what we’re talking about, leave the goods with your comment.
Continue reading “PS3 hacking start-to-finish – CCC”
[Arthur] built an IR receiver to use with XBMC. Because it’s software specific he identifies the device on USB as a keyboard, and passes the IR commands as keystrokes used by the popular media platform.
Normally, homebrew IR receivers would use LIRC, the Linux Infrared Remote Control software. But this method doesn’t require you to have that running. In fact, it doesn’t need any setup on the PC end of things. Any remote that uses the Sony SIRC protocol will work off the bat.
[Arthur] chose a PIC 18f2550 for the project. It is a popular microcontroller because it has built-in USB handling. We’re a bit skeptical of the hardware design though. We didn’t see specifically which IR receiver he’s using, but many require some type of filtering so check the suggested layout in the datasheet for your module.
[Brandon Wilson] came up with a way to exploit the Play Station using a TI84 calculator. This uses the same PSGroove open source code that we looked at last week. That package was running on the Teensy, which is currently sold out (we’d guess because people want to run the exploit). There’s a video demonstration of this new trick after the break. The calculator connects via a USB A to USB mini-B cable which comes with the calculator and is also used to charge the PS3 controllers. Once the connection is made, launch the software on the calculator, power cycle the PS3, and turn it on with the familiar power-eject button presses. The only problem with the system is that the calculator needs to be connected every time you boot.
Continue reading “PlayStation 3 exploit using a TI84 calculator”
[Rich] tipped us off about the Half-Byte Loader which lets you run homebrew on late-model Sony PlayStation Portables. Above you can see a PSP Go running Doom (a screenshot from the video after the break), which is a prerequisite for any cracked device. HBL uses an exploit in the game demo of Patapon 2, which is free for download. A crafted game save loaded onto a Memory Stick gets you to the loader when selected from the continue menu of the game. Right now this method works on all know firmware version 5.0 and higher. Who knows when Sony will take action to kill an exploit like this one.
Continue reading “PSP homebrew using the Half-Byte Loader”
[Geohot] came up with a patch that allows OtherOS on 3.21 PS3 firmware. You’ll remember that Sony released version 3.21 specifically to prohibit OtherOS which allows the installation of Linux for which they were subsequently sued. Well, now their “fix” doesn’t work on people willing to flash patched firmware which means they’re only punishing those who play by the rules. Ugh.
Wondering why this is a big deal? Check out this article on the effect Sony’s move has on PS3 clusters used for supercomputing; something we hadn’t even thought of initially.
It turns out that this patch was released more than a month ago. Sorry for the late coverage but it’s new to us. You can see the obligatory proof video of the patched OtherOS after the break.
Continue reading “PS3 patch allows Linux installation”
On April first Sony rolled out new firmware for the PlayStation 3 that removed the ability to install Linux on the system by blocking a feature called OtherOS. Now a class action lawsuit has been filed against the company for its actions. It doesn’t take an attorney to figure out that they removed features that were a major selling point for the system. As mentioned in our previous article, the ability to use an exploit to access the hardware doesn’t mean that every user installing Linux on the system plans to do so. The suit asserts that users had no opportunity to negotiate the System Software Licensing Agreement which is only presented to a purchase after the sale is made. The lawsuit is availble in PDF from from IGN.
Who knows where this one will end up. The suit seeks an injunction against the removal of the OtherOS feature as well as compensatory damages. No matter what happens, we still think the removal was a bad move on Sony’s part.
Sony is rolling out a firmware update for the PS3 on April 1 but we’re pretty sure it’s not a joke. What we’re not sure about is that you can call it an update. It removes features rather than fixing or adding them. In this case, it is removing the “Install Other OS” option that allows you to run Linux on non-slim versions of the PlayStation 3. It is fairly obvious that this is a reaction to the hypervisor exploit that was released back in January that breaks down the machine’s security barriers.
[Geohot], the guy who found and release the exploit, published a post on his blog expressing his disapproval of Sony’s actions. We’d have to agree. It’s pretty cold-hearted to remove functionality that was advertised with a product. We’re sure there are many folks out there using the Linux support who have no interest in exploiting the product. This is gardening with a backhoe and quite frankly it stinks.
This may bring on a torrent of new effort in unlocking and laying bare the PS3. If so, doesn’t Sony deserve it?
[Photos credit: I’m with Stupid]