back to article PlayStation 3 code signing cracked

Hardware hackers claim to have uncovered the private key used by Sony to authorise code to run on PlayStation 3 systems. The hackers uncovered the hack in order to run Linux or PS3 consoles, irrespective of the version of firmware the games console was running. By knowing the private key used by Sony the hackers are able to …

COMMENTS

This topic is closed for new posts.

Page:

  1. Anonymous Coward
    Pint

    What for it....

    ...all the "It's my software/hardware, I can do what the eff I like with it!" people will be out in force now!

    1. Mark 65

      waiting is over

      ...and why not, they did pay for it, or are they just leasing/renting it in your eyes hence if it breaks Sony are liable to replace it? Warranty/support may be a different issue but you can't dictate usage after sale in any other regards.

    2. Sir Runcible Spoon Silver badge

      Sir

      Wait's your point?

    3. Anonymous Coward
      WTF?

      It was easier with software

      Now seeing a license agreement for hardware saying that this hardware is not being sold to you, you just get a license to use it would be a totally different kettle of fish. Rules for renting hardware/physical things/tools are well established. If you rent a car, you must return it at the end of the location contract or buy it and therefore own it. Also, location or renting is limited in time and most of the time there is a contract specifying the details. Sony will have a lot of lobbying to do in order to change a lot of laws here. it will be fun to see what they'll come out with.

    4. Intractable Potsherd Silver badge

      And why not?

      They are correct!

  2. Anonymous Coward
    Alert

    Read more at PsJailBreak.Co.CC

    Read more at PsJailBreak.co.cc

  3. Anonymous Coward
    Anonymous Coward

    Serve them right!!!!

    Sony kinda brought it on themselves by removing the ability to run Linux on the PS3 in the first place. It's one thing not to be allowed to run Linux on a console, but to be allowed when you buy it and then to have that arbitrarily revoked???

    I'd imagine it'll be impossible to change. They could sign new code with a new key (and obviously pass that to the console as an update) but they'll surely have to honour the compromised key or explain to customers why their older games no longer work (or is it just the OS that needs signing?)

    Sucks to be them, but it was largely self inflicted!

    1. lpopman
      FAIL

      titular information

      Actually, the keys are impossible to change, as they are relied upon in certain areas of the boot process, and are irrevokable. Note that the Apploader key (that allows GameOS stuff to be signed)hasn't been found yet, and I don't think that Marcan and co. are in a hurry to do that ;)

      The "exploit", if it can be called that, shows how much fail Sony are made of. The AES encryption in hardware was cool, if only they didn't use the SAME F***ING RANDOM NUMBER to generate the keys. That means that when you have two public keys, you can rearange the terms of the AES equation using basic algebra to get the private key.

      The presentation is worth the watch for technical details, and if you like memes the thing is full of them (Over 9000 PSJailbreak clones, hehe)

      Fail icon, 'cos of Sony's fail

    2. Anonymous Coward
      FAIL

      BS

      This had nothing to do with OtherOS, it's just some spotty teenagers trying to tie the two events together.

      The fact is, before Sony removed OtherOS two things were true:

      1/ Nobody cared about it

      2/Those handful of people that did, were crying about GPU hardware access.

      So lets stop pretending shall we?

    3. This post has been deleted by its author

  4. Antony Riley
    FAIL

    Epic

    Now I might buy a PS3.

  5. Anonymous Coward
    FAIL

    Weak or just not random?

    From watching the presentation the method by which Sony chose to generate a random number for the private key was to pick one and then use it repeatedly. And because the numbers are the same in the first section of the signed excutables you can apply some good old fashioned math and get the key from the SELFs already out there.

    Pretty silly from a company with the highest rate of piracy in the last generation of consoles.

    I bet there is a PKI guy at Sony with a red face and a P45.

    1. Anonymous Coward
      Thumb Up

      Not quite so.

      Generating unique encryption key and embedding them in hardware is unpractical, it defeats the purpose of mass production. It's way much easy to generate a key and use it in thousands of identical chips than to generate unique keys, keep track of them and customize every chip with its unique key. While it is technically feasible, it doesn't scale well for mass production.

      The same thing happened with encryption keys used for HDCP in that once THE key has been leaked the protection (racket) scheme was compromised for good.

      1. Richard 31

        and..

        If every console had a unique key surely the hackers would just publish the code/methodology for finding your key in the same manner they had found theirs? That whole process could be automated i am sure.

        Failing that would we end up with some sort of draconian UbiSoft style copy protection?

        Why not just have a homebrew private key that when used pops up a disclaimer that disavows all knowledge and tells you all problems you encounter are SEP?

  6. Anonymous Coward
    Flame

    stable door..

    Sony will rue the day they removed the OtherOS feature from the PS3. Many many people legitimately used it to run Linux - and even bought the PS3 over the xbox360 due to this extra function/ability.

    yes, the bad people want to run pirated games...but all Sony has done is pushed the legitimate people into the underground scene world...and basically accelerated this cracking of the system.

    Sony - grow a backbone and give back the OtherOS feature as it was listed as a feature of the system when sold originally...I know you don't care about the 'its a computer!' tax dodgy..as that no longer applies anyway.

  7. thecakeis(not)alie

    OtherOS

    Good thing Sony nerfed OtherOS then, eh? Screwing people who legitimately wanted to experiment with the cell processor all in the name of preventing piracy.

    Piracy never /ever/ finds another way, eh?

  8. miknik
    Linux

    Ooops

    Guess that decision to remove the linux option to prevent piracy has kinda backfired.

    Egg, meet face.

    1. DrXym Silver badge

      No it hasn't

      What an utterly absurd suggestion. Crackers / hackers would have used Linux to obtain the same information that they're after now. Removing Linux has "backfired". It was prudent in the circumstances and hackers would probably gotten further on with it being there than from it being absent. So Sony were right to do it even if their other protections contain goofs of their own.

      1. Daniel B.
        Boffin

        @DrXym

        Before the OtherOS removal, the only ones interested in cracking the PS3 were trying to get pirated games to run on the PS3. The "run Linux in my toaster" crowd was uninterested, and incidentally this crowd is usually the one that actually gets the impossible stuff don, like porting Android to the iPhone. While a PS3 crack could have eventually happened, it would've taken far more time if the PS3-Linux crew hadn't been involved, up to the point that the fail0ver team didn't care about cracking PS3s until Sony removed OtherOS.

        It is also interesting to note that when they release these juicy bits of code, it will NOT allow pirated games to run. They don't want pirated games, they want Linux and have enabled a way to run Linux *without* automatically compromising the GameOS at the same time, which was the case with the earlier USB trick. And it will probably remain that way, as a run-Linux/no-piracy jailbreak won't run afoul of the DMCA. :)

        1. DrXym Silver badge

          Bollocks

          Stop rewriting history. The reason OtherOS was removed was precisely because someone was developing a crack on the hypervisor. Do you really think Sony was going to leave OtherOS there and lose potentially billions to pirates?

          And all the exploits after the removal have been nothing to do with making Linux run (expect as a vector to launch further attacks) and all about playing unsigned or cracked games.

          1. sisk

            No

            The crack using hypervisor was to give Linux the ability to fully utilize the hardware. Piracy wasn't a goal there, and would have been a whole lot more work than this will be.

            I called it though. I said as soon as the otherOS option vanished from my PS3 that we'd be seeing an exploit to run Linux again within a year and one that didn't involve a soldering iron in 18 months. I expect to see pirated games running within another couple months.

            Dumb move by Sony. The fact that the Linux crowd could mostly do what they wanted without cracking the system was the only thing keeping pirated games off the PS3 when the Wii and 360 were already cracked.

          2. Anonymous Coward
            FAIL

            Ahh. someone with a brain

            Rather than the rest of the frothy mouthed idiots here...

            Homebrew as we all know it a cutesy name for piracy. If you want to write homebrew, pay $25 and get a Android developer account and write for that...

  9. Shingo Tamai
    FAIL

    Well done Sony!!!

    Removing OtherOS was really the way to go (to involve the only one that was best not to piss off).

  10. Anonymous Coward
    Megaphone

    Good!

    This is a message to all hardware manufacturers: your customers will not let you get away with restricting the functionality of your products. In an information society, restricting information for profit is immoral and unethical. And as you can plainly see, you aren't even good at it. So quit now while you still have your dignity intact. We do not forgive, we do not forget etc.

  11. Bronek Kozicki Silver badge
    Grenade

    what will Sony do?

    Choose one of:

    1. panic

    2. restore ability to run Linux in next firmware version

    3. create and support own signed distribution of Linux

    My bet is on 1.

    1. Anonymous Coward
      FAIL

      Chose all that apply here :

      1 - They will do it anyway in addition of other options

      2 - Too late. This option changes nothing to repair or at least limit the damage they suffered, so why bother.

      3 - Can't do that because they'll be in violation of copyright law. TiVo was doing that but GPL has been improved to close that loophole. Besides that, there's no point since nobody will want their signed/locked Linux distribution instead of running anything they please.

      It is more likely they will try to come up with a way of revoking the key and deploying a new one hoping they will be able to control the much bigger damage this will cause to their reputation. Think of something like return your PS3 in exchange for a shiny new PS4 at no charge.

      1. James Henstridge

        GPL

        While there is a new version of the GPL that requires that code signing keys be made available if needed to load a modified version of the software, Linux is not using that version of the GPL.

  12. Anonymous Coward
    Pirate

    HA!

    they make me laugh...

    I know well from the home brew scene on the Wii that 'officially' they do not approve of any software that is used to play illegal copies of games to the point that while installing one hack to allow you to read and write to a USB hard drive that it asks you if you intend on using this software to play pirated games. if you say yes it then blocks the instalation of the software and refuses to allow you to re-install it untill you prove you have some legal games..

    1. lpopman
      Pirate

      titular agreement

      Never saw that one, but I remember Ceiling Cat flipping the HBC screen upside down if it detected any cIOS, and announcing that he's "watching ur ISOz".

  13. RachelG
    Linux

    Damn, and I just gave away my PS3 to my nephews...

    ... as I never played games on it, got a new bluray player with a new sound system, but thought the path of retiring it to linuxhood was closed to me...

    But it strikes me, it's taken this long since the PS3's introduction for this hack to come about, despite the presumed lure of being able to run counterfeit games from the start - could it be that no-one with sufficient ability was sufficiently motivated to try *until* Sony closed off the ability to put Linux on it?

    Any chance Sony might learn the right lesson from this?

    (falls over laughing)

    1. Anonymous Coward
      FAIL

      OK then...

      What idiot buys the best console and then doesn't play games on it?

      Are you some kind of moron?

  14. Anonymous Coward
    Thumb Up

    No doubt

    there will be cries of "piracy" and Sony will no doubt attempt to fix this in yet another firmware upgrade, but the simple fact is this, Sony brought this onto themselves by removing the ability to use linux on the fat ps3. If this hack allows slim ps3s' to use linux then im all for it.

    About time Sony had a bit of "the other side of the coin" after the root kit fiasco from several years ago.

  15. Anonymous Coward
    Pirate

    Just to clarify?

    This is code signing... the ability to take a binary and sign it in such a way that the console believes that its from Sony, rather than the ability to run unsigned binaries.

    I would think then that this just means effectively an OS/Homebrew market rather than the complete "rip BluRay", Share, burn BluRay, play as I would have to imagine that there is additional security on the disc, much like the way DVDs embed their signing information in the track 0 which isnt writeable on standard DVD +/- Rs but which you need something like a QFlix enabled burner and media to place the keys in the right place for.

    So does knowing the playback key help you remove the protection to resign it to reburn to non-protected media? I'm not sure it does in this case?

    1. Anonymous Coward
      Anonymous Coward

      yes but

      If one can install any piece of software it likes then there is nothing you cant do, DVD/BD security are but wee hurdels, think about it, does software exist on the PC that can do as you ask?

      can Sony change the keys? well yes they could but its doubtful, software "A" made last year would have the key built in to allow it to run on the PS3, by putting out a firmware update removing that key would effectively stop all software from working that uses that key.

    2. lpopman
      Linux

      titular thingy

      There are many keys used for signing different things on the PS3. At the moment, the Apploader key for GameOS hasn't been found, and Marcan and co. aren't in a rush to find it. So no Blu-Ray piracy yet.

      This is not to say that the PS3 isn't completely 0wned, because it is. It's just that you can't pirate games on it.

    3. Anonymous Coward
      Anonymous Coward

      Bluray rips

      > I would think then that this just means effectively an OS/Homebrew market rather than the complete "rip BluRay", Share, burn BluRay, play as I would have to imagine that there is additional security on the disc,

      It is already very easy to rip bluray disks (and has been for years). The combination of slyfox (or dumphd), bdrebuilder and imgburn gives DRM free disks or ISOs (both standard bluray, and BD5 and BD9 which use standard DVD media) that play both on most BD players *and* on media players, such as the hisense 1080p and geexbox. (In fact the ripped disks start quicker and play more reliably on BD players than DRM encumbered disks.)

      So, presuming that these keys would allow live linux CDs to be produced, then all it would need would be a port of these (or similar) tools to be included on a distro. (It would need to support USB burners and mass storage.)

      But all it would do is move the work from a PC to a PS3. This doesn't change the landscape for movies.

      However it does potentially change the situation for games. If someone successfully rips a game, then it can be played on any machine.

  16. sT0rNG b4R3 duRiD

    Har har...

    Sony, you deserve it.

  17. Velv
    Pirate

    Annual Chaos Communication Conference hacker congress?

    Hmmm, there's a great idea.

    Undertake underground illegal activity such as hacking and cracking, things that generally get the authorities and business upset, then once a year all gather for a beer in Berlin.

    Or maybe I'm missing something.

    Is the only way into the conference through a secret backdoor?

    1. amanfromMars 1 Silver badge
      Pint

      Zum Wohl

      And Love Parades offer such perfect cover activities and captivating opportunities for sensitive applications, Velv.

      Proposal seconded and virtually supported.:-)

    2. Loyal Commenter Silver badge
      FAIL

      Sigh.

      One more time:

      Hacking != Cracking

      Yes, cracking is illegal (usually in a civil rather than criminal sense). Hacking is the art of using a computer system for other than its intended purpose, usually in a creative way, and is usually totally legal. For example, making a hairdryer out of a toaster would be akin to hacking, manufacturing and selling knock-off brand name toasters would be akin to cracking.

      As far as I am aware, the Chaos Computer Club (the group holding this conference) are a group of hackers, not crackers, and, quite rightly, look down upon crackers.

      So yes, you are missing something.

      FYI:

      http://en.wikipedia.org/wiki/Chaos_Computer_Club

      http://en.wikipedia.org/wiki/Chaos_Communication_Congress

  18. Red Bren
    Pirate

    Legal question

    Are Sony going to try and use the Computer Misuse act or DCMA to prevent this? Is restoring functionality that was removed after purchase a reasonable defence? The ramifications could be huge - who ultimately has control of a device after purchase?

  19. Grubby

    To be fair to Sony

    It's been out for 4 years, the Xbox was cracked about 20 minutes after release and the same with the Wii.

    Now all the chavs who buy their XBox games from a man in a van can finally afford a PS3, woo to them, made up for you. You can now play all the games that people play after work, only you can do it during the day! Jeremy Kyle will be gutted he's just lost his audience.

  20. Anonymous Coward
    Anonymous Coward

    CyberSub

    Replace or with on, on with of:

    "The hackers uncovered the hack in order to run Linux or PS3 consoles, irrespective on the version of firmware the games console was running."

  21. Anonymous Coward
    Troll

    question

    I've seen many flame wars where people claim that the PC is superior to the console, and in fact, the console is holding the PC back. So why are there so many attempts to open the console to home developers (who already own PCs)? and those attempts are always followed with "we want to program on it, we are not doing it to support piracy!"

    If the PC is superior (and more developer friendly), why are home developers trying to program on an inferior platform? (without an SDK to use)

    note, because I bought it or because I want to, is not the answer I am looking for. There is a better platform to develop on, and there are many pirates in comparison to homebrew developers. So why help enable piracy (even if it just a side effect) when you have a good platform to develop on?

    P.S. I am looking for a honest answer from a homebrew developer, it is not my intention to start a flame war. And for the record, my own answer is: this method will enable me to make an English translation patch for Japanese console games that would, otherwise, never see the light of day in the west!

    1. Anonymous Coward
      Troll

      update

      after reading the details about what have happened, I now realize that this will not enable piracy in any way. It will allow homebrew and nothing else (well, maybe unofficial commercial games?).

      hummm... perhaps we will final get a PS2 emulator for the PS3? and perhaps people will finally get the MKV support that they have been crying for.

    2. Daniel B.
      Boffin

      Cell Processor

      Yes, indeed the PC will usually be superior to most consoles; and on some accounts, it is still the case. The thing is that the PS3 carries a new kind of processor, the CellBE, that has a new kind of architecture suitable for heavy number-crunching. So while the specs on a PS3 are definitely inferior to a standard PC (256MB RAM? Ha!), the processor itself outruns most current-generation x86 crapcessors.

      So while you won't see much interest on Wii Linux or Xbox running Linux; there is a large interest on the PS3 thingy just because of that processor. I don't really care much about homebrew, but I did enjoy tinkering around with the different programming model for the CellBE.

    3. Mephistro

      Answers:

      "If the PC is superior (and more developer friendly), why are home developers trying to program on an inferior platform? (without an SDK to use)"

      1- An impressing media center, including mp3, Internet on your living room and probably streaming content to other devices, and can double as a game console ;)

      2- An inexpensive dedicated p2p client and/or server

      3- The kid's computer. More than enough for websurfing, reading email and running some Office software . Almost no viruses. Small form factor.

      4- Part of a , ahem, Beowulf cluster or similar system, useful for scientists, companies and universities.

      5- ...

      As for the lack of an SDK, my guess is that there will be several Open Source SDKs for this platform before the end of 2011.

  22. junkie
    Happy

    Sony will soon fix this?

    Well, how long will it take for Sony to fix this?? specially when how to hack instructions are public..

    1. Daniel B.

      No fix for this

      The key that was exposed is part of the ROM. The only fix they can do now is changing hardware stuff on the PS3 itself. EPIC FAIL.

  23. amanfromMars 1 Silver badge
    Grenade

    Sony Play Station TV Networking

    Do you think Sony use InterNetworking World Wide Webs as their Prototype Play Station Master Provider of Virtual Machine IntelAIgents and NEUKlearer Intellectual Property?

    A SMART Phormation of Great Phishermen and Glorious Perfume Gardeners ...... and a Heavenly Base for SMARTer Phorms of Programs with Virtually Activating Programming ..... SMART Enablement.

    Or is the fiction too factual and verifiable and thus always in the excitement and danger of unknown secrets being pressed and pressganged into reality?

Page:

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2020