A collective of hackers recently showed off a method that could force the system to reveal secret keys used to load software on to the machine. Geohot, who gained notoriety for unlocking Apple’s iPhone, has now used a similar method to extract the PS3’s master key and publish it online.
“The complete console is compromised – there is no recovery from this,” said pytey, a member of the fail0verflow group of hackers, who revealed the initial exploit at the Chaos Communication Congress in Berlin in December. “This is as bad as it gets – someone is getting into serious trouble at Sony right now.”
The group, which has previously hacked Nintendo’s Wii and says it is vehemently against games piracy, said that it had developed the hack so that it could install other operating systems and community – written software – known as homebrew – on the powerful machine.
“The details we provided and information and techniques we disclosed would have been enough to install Linux,” he said. “We have no interest in piracy.” Following the presentation, US hacker George Hotz, who has previously hacked parts of the console, used a similar technique to extract the master key. He has now published it on his blog.
“Sony uses a private key, usually stored in a vault at the company’s HQ, to mark firmware as valid and unmodified, and the PS3 only needs a public key to verify that the signature came from Sony. “Applied correctly, it would take billions of years to derive the private key from the public key, or to make a signature without knowing the private key, even when you have all the computational power in the world at your disposal.”
Sony is adamant that it can undo the PlayStation 3 security breach, which enables the installation of third-party firmware on the console. One of the hackers responsible has claimed this is impossible, telling the BBC that “The only way to fix this is to issue new hardware. Sony will have to accept this.”
However, Sony yesterday issued a statement to, maintaining that “We will fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details.”
failOverflow is a group of curious hackers who have been working on a bunch of things over the last 3 years. “There is absolutely no doubt in our mind that the PS3 lasted as much as it did due to OtherOS. The security really is terribly broken.”
We can expect fail0verflow jailbreak tool for PS3 which is a dongle-less jailbreak by overflowing bootup NOR flash after a month. The official website for this exploit is www.fail0verflow.com which will be made available soon.