Hackers destroy PS3 security in response to OtherOS removal
Machine now thought to be most vulnerable of the three consoles as internal secrets are laid bare
Hacking team Fail0verflow has released information on how to completely circumvent the security measures of the PlayStation 3, citing the removal of the machine's ability to run a Linux operating system out of the box as its motivation.
The process was revealed by the team at the 27th Chaos Communication Conference (27c3) and marks the end of a four year period of impenetrability for Sony's machine – far longer than most consoles manage in the face of concerted efforts from hacking teams. The Xbox 360 was cracked within a year of release, whilst the Wii lasted just one month.
The key factor in the circumvention, described in detail on Eurogamer's Digital Foundry channel, seems to be the use of a single random number in important encryption equations, rather than the generation of separate numbers each time the equation is run.
The result of this is that the team's methodology has laid the internal architecture of the machine completely bare, allowing external agencies to run any code without security verification and even to program custom firmware for the machine.
Because of the nature of the PS3's security, the hack also means that it will be almost impossible for Sony to rectify the situation, as the massive overhaul the system would need to become secure again would render previous software unplayable. Even if this were overcome by Sony creating a 'whitelist' of accepted software which could bypass these measures – itself an inordinately massive job – hackers would be able to edit these lists to include new code.
Fail0verflow has denied that it intends the process to open the floodgates of piracy, however, instead pointing out that the security of the PS3 has stood inviolate for so long only because it allowed users leeway to run Linux, a compromise which suited both parties.
This feature, the OtherOS option, was removed from the PS3 Slim at production and disabled in older PS3s by Sony – prompting uproar by advanced users who made the point that it had been an advertised feature of the machine at purchase.
Some users even went as far as to instigate a class-action lawsuit against Sony in the US over the removal of the feature, whilst Amazon were reported to have issued some partial refunds to PS3 purchasers.
Only last August, a hack was released for the PS3 which used a dongle to circumvent security measures and allow copied discs to be run on the machine. However, the so-called PSJailbreak hack was soon countered by Sony with firmware update 3.50. This update would appear to be powerless in the face of the new methods unveiled by Fail0verflow's presentation.
Sony has been approached for a response but is currently unwilling to offer comment.