Feeds

Once impenetrable PS3 cracked wide open

iPhone hacker: 'I have great power'

Top three mobile application threats

The first hacker to successfully jailbreak the iPhone says he has pulled off yet another modding marvel, this time penetrating the previously impervious PlayStation 3 gaming console.

The hack by 20-year-old George Hotz, aka geohot, is significant because the PS3 was the only game console that hadn't been hacked, despite being on the market for more than three years. The feat greatly expands the functionality of the box by allowing it to run unrestricted versions of Linux and a wide range of games that are currently forbidden. The hardware and software designer told El Reg it took him five weeks to develop the hack using a combination of modifications to the console's hardware and software.

"Basically, I used hardware to open a small hole and then used software to make the hole the size of the system to get full read/write access," he said in an interview. "Right now, although the system is broken, I have great power. I can make they system do whatever I want."

The first three weeks were spent trying attacks to directly access memory of the console. He eventually settled on his current approach after realizing software approaches alone were insufficient.

A dropout of the Rochester Institute of Technology, geohot said he is declining to provide details to prevent Sony from introducing changes that would stymie the modifications. But a blog post announcing the accomplishment makes clear the hack gives users unprecedented control over their systems.

"I have read/write access to the entire system memory, and HV level access to the processor," geohot wrote. "In other words, I have hacked the PS3."

The hack will allow PS3 users for the first time to run unrestricted versions of Linux that have full access to the system's central processing unit and graphical processing unit. That will greatly expand the kinds of things users can do with the console. For starters, they could use the mod to run emulators that will play PS2 games on the machine, something Sony strictly forbids. It could also allow programs like the VLC media player to run much more robustly. The hack also opens the door to pirated games on the console, although geohot said that's an activity he's not interested in pursuing.

Geohot said he doesn't plan to release the software used to unlock the box until he can make it more reliable. It currently takes about 15 minutes to run and frequently fails to work properly. "If I posted what I have now, people would get fed up with it," he said.

He praised the PS3 as a "pretty secure system," that was harder to hack than many hardware systems he has penetrated.

"One of the main things Sony did right was put all the security on at once," he explained. "From day 1, the PS3 was secure."

By contrast, anti-hacking protections in the iPhone were rolled out over time, allowing him to gain important insights into the overall design that helped him defeat changes that were introduced later.

"If the iPhone right now was released as is, it would be much harder for people to crack," he said. "With the iPhone, when a new version comes out, we can decrypt it right away because we have exploits for the old version."

A native of Glen Rock, New Jersey, geohot rose to prominence in 2007, at the age of 17, when he developed the first hack to allow the iPhone to work on networks other than AT&T's. Even after Apple introduced changes designed to reestablish Apple's iron-fisted grasp of the device, geohot devised ways jailbreak newer versions, unleashing a never-ending cycle of hacks and counterhacks.

While hacks of the Xbox and the iPhone have led to thriving developer communities that release custom applications for the modded devices, geohot said the challenge of overcoming the security overshaddows those more practical outcomes.

"Personally, it's a win for me just to do it," he said. "It's just cool to have it cracked." ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Feast your PUNY eyes on highest resolution phone display EVER
Too much pixel dust for your strained eyeballs to handle
Report: Apple seeking to raise iPhone 6 price by a HUNDRED BUCKS
'Well, that 5c experiment didn't go so well – let's try the other direction'
US mobile firms cave on kill switch, agree to install anti-theft code
Slow and kludgy rollout will protect corporate profits
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Sony battery recall as VAIO goes out with a bang, not a whimper
The perils of having Panasonic as a partner
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.