At the 27th Chaos Communication Congress held in Berlin, Germany a small group of hackers named fail0verflow stunned the PS3 hacking community world with a massive revelation – they have eradicated a major security barrier in the console. This hack is different than the infamous PS3Jailbreak and is based on ineffective security coding within the PS3. fail0verflow explained during the conference that they have figured out how to calculate the keys needed to sign off on everything, essentially making those private keys public.
So what does this really mean?
With an exploit of this magnitude, people could sign (and therefore run) any program coded for the PS3 and the system will run it as if it were a PS3 game without issue regardless of firmware. This same method, in theory, can be used to sign PS3 ISOs (full copies of games) and play them on the console off burned Blu-ray discs. This basically paves the way for easier piracy for the PS3, and also will greatly encourage homebrew software authors.
The full 44-minute presentation is very long-winded, and goes over many aspects of console hacking in general (Wii, XBOX, etc), various holes found in the PS3 software architecture, and finally a full explanation of the upcoming exploit. The video clip above is from that presentation, and is a pivotal moment where the hackers show how easy it is to generate those private keys.
fail0verflow’s goal for releasing this exploit is to have Linux funning on all existing PS3 consoles, regardless of the firmware version. The group’s primary motivation for cracking the main security on the PS3 is based on Sony removing the ability for gamers to install an alternative operating system on the console several months ago. Sony infamously removed that feature, known as “Install Other OS,” in the PS3 Slim which originally inspired iPhone hacker Geohot to taunt Sony with a PS3 exploit.
fail0verflow will not release a custom firmware, but will offer proof-of-concept and tools that should bust the door wide open for custom-authored modifications, firmwares, homebrew apps, and other programs.
A fellow named SwordOfWar at the PSX-Scene forums has summarized the fail0verflow PS3 hack (and AbestOS.pup) quite well:
First, Linux is a valid reason for hacking the PS3 and nobody can prove if that is their true motive or not, you can only speculate.
AsbestOS has an advantage over the built-in OtherOS feature by Sony, because AsbestOS will most likely have more control over the PS3 hardware and have better performance than the limited OtherOS feature.
So really, AsbestOS could perform much better than Sony’s OtherOS ever did, because AsbestOS won’t cut you off from the RSX (Graphic Chip) and try to keep you in a sandbox for security reasons, which has the side-effect of reduced performance.
Next, for those of you who don’t understand yet, being able to sign our own files with Sony’s encryption will allow us to create our own software/homebrew and load it without even needing to jailbreak the PS3, because it will look like a legit piece of software from Sony.
Imagine being able to run all the Homebrew apps you run now, but being able to run them on an official v3.55+ firmware without even needing to hack the system. They just need to be updated with Sony’s keys so that the PS3 will accept them without needing to be hacked.
Basically we will have the ability to create our own custom updates that will work on a normal PS3 to update it directly from an official/normal firmware to a custom one without needing any modchips or dongles to do it, because the PS3 will accept the update that is signed using sony’s keys (which we now have).
Give it a few minutes for that to sink into your brain. You could probably program the PS3 to make you some toast bread using this new exploit.
So just sit back, enjoy the ride, and wait for the exploit work to be released and used to make magic stuff for us all to use.
Sounds exciting. What do you think this will mean for the future of the PlayStation 3?