PlayStation 3 code signing cracked Hardware hackers claim to have uncovered the private key used by Sony to authorise code to run on PlayStation 3 systems. The hackers uncovered the hack in order to run Linux or PS3 consoles, irrespective of the version of firmware the games console was running. By knowing the private key used by Sony the hackers are able to …
Now seeing a license agreement for hardware saying that this hardware is not being sold to you, you just get a license to use it would be a totally different kettle of fish. Rules for renting hardware/physical things/tools are well established. If you rent a car, you must return it at the end of the location contract or buy it and therefore own it. Also, location or renting is limited in time and most of the time there is a contract specifying the details. Sony will have a lot of lobbying to do in order to change a lot of laws here. it will be fun to see what they'll come out with.
This post has been deleted by its author
Sony kinda brought it on themselves by removing the ability to run Linux on the PS3 in the first place. It's one thing not to be allowed to run Linux on a console, but to be allowed when you buy it and then to have that arbitrarily revoked???
I'd imagine it'll be impossible to change. They could sign new code with a new key (and obviously pass that to the console as an update) but they'll surely have to honour the compromised key or explain to customers why their older games no longer work (or is it just the OS that needs signing?)
Sucks to be them, but it was largely self inflicted!
Actually, the keys are impossible to change, as they are relied upon in certain areas of the boot process, and are irrevokable. Note that the Apploader key (that allows GameOS stuff to be signed)hasn't been found yet, and I don't think that Marcan and co. are in a hurry to do that ;)
The "exploit", if it can be called that, shows how much fail Sony are made of. The AES encryption in hardware was cool, if only they didn't use the SAME F***ING RANDOM NUMBER to generate the keys. That means that when you have two public keys, you can rearange the terms of the AES equation using basic algebra to get the private key.
The presentation is worth the watch for technical details, and if you like memes the thing is full of them (Over 9000 PSJailbreak clones, hehe)
Fail icon, 'cos of Sony's fail
This had nothing to do with OtherOS, it's just some spotty teenagers trying to tie the two events together.
The fact is, before Sony removed OtherOS two things were true:
1/ Nobody cared about it
2/Those handful of people that did, were crying about GPU hardware access.
So lets stop pretending shall we?
This post has been deleted by its author
From watching the presentation the method by which Sony chose to generate a random number for the private key was to pick one and then use it repeatedly. And because the numbers are the same in the first section of the signed excutables you can apply some good old fashioned math and get the key from the SELFs already out there.
Pretty silly from a company with the highest rate of piracy in the last generation of consoles.
I bet there is a PKI guy at Sony with a red face and a P45.
Generating unique encryption key and embedding them in hardware is unpractical, it defeats the purpose of mass production. It's way much easy to generate a key and use it in thousands of identical chips than to generate unique keys, keep track of them and customize every chip with its unique key. While it is technically feasible, it doesn't scale well for mass production.
The same thing happened with encryption keys used for HDCP in that once THE key has been leaked the protection (racket) scheme was compromised for good.
If every console had a unique key surely the hackers would just publish the code/methodology for finding your key in the same manner they had found theirs? That whole process could be automated i am sure.
Failing that would we end up with some sort of draconian UbiSoft style copy protection?
Why not just have a homebrew private key that when used pops up a disclaimer that disavows all knowledge and tells you all problems you encounter are SEP?
Sony will rue the day they removed the OtherOS feature from the PS3. Many many people legitimately used it to run Linux - and even bought the PS3 over the xbox360 due to this extra function/ability.
yes, the bad people want to run pirated games...but all Sony has done is pushed the legitimate people into the underground scene world...and basically accelerated this cracking of the system.
Sony - grow a backbone and give back the OtherOS feature as it was listed as a feature of the system when sold originally...I know you don't care about the 'its a computer!' tax dodgy..as that no longer applies anyway.
What an utterly absurd suggestion. Crackers / hackers would have used Linux to obtain the same information that they're after now. Removing Linux has "backfired". It was prudent in the circumstances and hackers would probably gotten further on with it being there than from it being absent. So Sony were right to do it even if their other protections contain goofs of their own.
Before the OtherOS removal, the only ones interested in cracking the PS3 were trying to get pirated games to run on the PS3. The "run Linux in my toaster" crowd was uninterested, and incidentally this crowd is usually the one that actually gets the impossible stuff don, like porting Android to the iPhone. While a PS3 crack could have eventually happened, it would've taken far more time if the PS3-Linux crew hadn't been involved, up to the point that the fail0ver team didn't care about cracking PS3s until Sony removed OtherOS.
It is also interesting to note that when they release these juicy bits of code, it will NOT allow pirated games to run. They don't want pirated games, they want Linux and have enabled a way to run Linux *without* automatically compromising the GameOS at the same time, which was the case with the earlier USB trick. And it will probably remain that way, as a run-Linux/no-piracy jailbreak won't run afoul of the DMCA. :)
Stop rewriting history. The reason OtherOS was removed was precisely because someone was developing a crack on the hypervisor. Do you really think Sony was going to leave OtherOS there and lose potentially billions to pirates?
And all the exploits after the removal have been nothing to do with making Linux run (expect as a vector to launch further attacks) and all about playing unsigned or cracked games.
The crack using hypervisor was to give Linux the ability to fully utilize the hardware. Piracy wasn't a goal there, and would have been a whole lot more work than this will be.
I called it though. I said as soon as the otherOS option vanished from my PS3 that we'd be seeing an exploit to run Linux again within a year and one that didn't involve a soldering iron in 18 months. I expect to see pirated games running within another couple months.
Dumb move by Sony. The fact that the Linux crowd could mostly do what they wanted without cracking the system was the only thing keeping pirated games off the PS3 when the Wii and 360 were already cracked.
This is a message to all hardware manufacturers: your customers will not let you get away with restricting the functionality of your products. In an information society, restricting information for profit is immoral and unethical. And as you can plainly see, you aren't even good at it. So quit now while you still have your dignity intact. We do not forgive, we do not forget etc.
1 - They will do it anyway in addition of other options
2 - Too late. This option changes nothing to repair or at least limit the damage they suffered, so why bother.
3 - Can't do that because they'll be in violation of copyright law. TiVo was doing that but GPL has been improved to close that loophole. Besides that, there's no point since nobody will want their signed/locked Linux distribution instead of running anything they please.
It is more likely they will try to come up with a way of revoking the key and deploying a new one hoping they will be able to control the much bigger damage this will cause to their reputation. Think of something like return your PS3 in exchange for a shiny new PS4 at no charge.
they make me laugh...
I know well from the home brew scene on the Wii that 'officially' they do not approve of any software that is used to play illegal copies of games to the point that while installing one hack to allow you to read and write to a USB hard drive that it asks you if you intend on using this software to play pirated games. if you say yes it then blocks the instalation of the software and refuses to allow you to re-install it untill you prove you have some legal games..
... as I never played games on it, got a new bluray player with a new sound system, but thought the path of retiring it to linuxhood was closed to me...
But it strikes me, it's taken this long since the PS3's introduction for this hack to come about, despite the presumed lure of being able to run counterfeit games from the start - could it be that no-one with sufficient ability was sufficiently motivated to try *until* Sony closed off the ability to put Linux on it?
Any chance Sony might learn the right lesson from this?
(falls over laughing)
there will be cries of "piracy" and Sony will no doubt attempt to fix this in yet another firmware upgrade, but the simple fact is this, Sony brought this onto themselves by removing the ability to use linux on the fat ps3. If this hack allows slim ps3s' to use linux then im all for it.
About time Sony had a bit of "the other side of the coin" after the root kit fiasco from several years ago.
This is code signing... the ability to take a binary and sign it in such a way that the console believes that its from Sony, rather than the ability to run unsigned binaries.
I would think then that this just means effectively an OS/Homebrew market rather than the complete "rip BluRay", Share, burn BluRay, play as I would have to imagine that there is additional security on the disc, much like the way DVDs embed their signing information in the track 0 which isnt writeable on standard DVD +/- Rs but which you need something like a QFlix enabled burner and media to place the keys in the right place for.
So does knowing the playback key help you remove the protection to resign it to reburn to non-protected media? I'm not sure it does in this case?
If one can install any piece of software it likes then there is nothing you cant do, DVD/BD security are but wee hurdels, think about it, does software exist on the PC that can do as you ask?
can Sony change the keys? well yes they could but its doubtful, software "A" made last year would have the key built in to allow it to run on the PS3, by putting out a firmware update removing that key would effectively stop all software from working that uses that key.
There are many keys used for signing different things on the PS3. At the moment, the Apploader key for GameOS hasn't been found, and Marcan and co. aren't in a rush to find it. So no Blu-Ray piracy yet.
This is not to say that the PS3 isn't completely 0wned, because it is. It's just that you can't pirate games on it.
> I would think then that this just means effectively an OS/Homebrew market rather than the complete "rip BluRay", Share, burn BluRay, play as I would have to imagine that there is additional security on the disc,
It is already very easy to rip bluray disks (and has been for years). The combination of slyfox (or dumphd), bdrebuilder and imgburn gives DRM free disks or ISOs (both standard bluray, and BD5 and BD9 which use standard DVD media) that play both on most BD players *and* on media players, such as the hisense 1080p and geexbox. (In fact the ripped disks start quicker and play more reliably on BD players than DRM encumbered disks.)
So, presuming that these keys would allow live linux CDs to be produced, then all it would need would be a port of these (or similar) tools to be included on a distro. (It would need to support USB burners and mass storage.)
But all it would do is move the work from a PC to a PS3. This doesn't change the landscape for movies.
However it does potentially change the situation for games. If someone successfully rips a game, then it can be played on any machine.
Hmmm, there's a great idea.
Undertake underground illegal activity such as hacking and cracking, things that generally get the authorities and business upset, then once a year all gather for a beer in Berlin.
Or maybe I'm missing something.
Is the only way into the conference through a secret backdoor?
One more time:
Hacking != Cracking
Yes, cracking is illegal (usually in a civil rather than criminal sense). Hacking is the art of using a computer system for other than its intended purpose, usually in a creative way, and is usually totally legal. For example, making a hairdryer out of a toaster would be akin to hacking, manufacturing and selling knock-off brand name toasters would be akin to cracking.
As far as I am aware, the Chaos Computer Club (the group holding this conference) are a group of hackers, not crackers, and, quite rightly, look down upon crackers.
So yes, you are missing something.
FYI:
http://en.wikipedia.org/wiki/Chaos_Computer_Club
http://en.wikipedia.org/wiki/Chaos_Communication_Congress
It's been out for 4 years, the Xbox was cracked about 20 minutes after release and the same with the Wii.
Now all the chavs who buy their XBox games from a man in a van can finally afford a PS3, woo to them, made up for you. You can now play all the games that people play after work, only you can do it during the day! Jeremy Kyle will be gutted he's just lost his audience.
I've seen many flame wars where people claim that the PC is superior to the console, and in fact, the console is holding the PC back. So why are there so many attempts to open the console to home developers (who already own PCs)? and those attempts are always followed with "we want to program on it, we are not doing it to support piracy!"
If the PC is superior (and more developer friendly), why are home developers trying to program on an inferior platform? (without an SDK to use)
note, because I bought it or because I want to, is not the answer I am looking for. There is a better platform to develop on, and there are many pirates in comparison to homebrew developers. So why help enable piracy (even if it just a side effect) when you have a good platform to develop on?
P.S. I am looking for a honest answer from a homebrew developer, it is not my intention to start a flame war. And for the record, my own answer is: this method will enable me to make an English translation patch for Japanese console games that would, otherwise, never see the light of day in the west!
after reading the details about what have happened, I now realize that this will not enable piracy in any way. It will allow homebrew and nothing else (well, maybe unofficial commercial games?).
hummm... perhaps we will final get a PS2 emulator for the PS3? and perhaps people will finally get the MKV support that they have been crying for.
Yes, indeed the PC will usually be superior to most consoles; and on some accounts, it is still the case. The thing is that the PS3 carries a new kind of processor, the CellBE, that has a new kind of architecture suitable for heavy number-crunching. So while the specs on a PS3 are definitely inferior to a standard PC (256MB RAM? Ha!), the processor itself outruns most current-generation x86 crapcessors.
So while you won't see much interest on Wii Linux or Xbox running Linux; there is a large interest on the PS3 thingy just because of that processor. I don't really care much about homebrew, but I did enjoy tinkering around with the different programming model for the CellBE.
"If the PC is superior (and more developer friendly), why are home developers trying to program on an inferior platform? (without an SDK to use)"
1- An impressing media center, including mp3, Internet on your living room and probably streaming content to other devices, and can double as a game console ;)
2- An inexpensive dedicated p2p client and/or server
3- The kid's computer. More than enough for websurfing, reading email and running some Office software . Almost no viruses. Small form factor.
4- Part of a , ahem, Beowulf cluster or similar system, useful for scientists, companies and universities.
5- ...
As for the lack of an SDK, my guess is that there will be several Open Source SDKs for this platform before the end of 2011.
Do you think Sony use InterNetworking World Wide Webs as their Prototype Play Station Master Provider of Virtual Machine IntelAIgents and NEUKlearer Intellectual Property?
A SMART Phormation of Great Phishermen and Glorious Perfume Gardeners ...... and a Heavenly Base for SMARTer Phorms of Programs with Virtually Activating Programming ..... SMART Enablement.
Or is the fiction too factual and verifiable and thus always in the excitement and danger of unknown secrets being pressed and pressganged into reality?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
