Once impenetrable PS3 cracked wide open
iPhone hacker: 'I have great power'
The first hacker to successfully jailbreak the iPhone says he has pulled off yet another modding marvel, this time penetrating the previously impervious PlayStation 3 gaming console.
The hack by 20-year-old George Hotz, aka geohot, is significant because the PS3 was the only game console that hadn't been hacked, despite being on the market for more than three years. The feat greatly expands the functionality of the box by allowing it to run unrestricted versions of Linux and a wide range of games that are currently forbidden. The hardware and software designer told El Reg it took him five weeks to develop the hack using a combination of modifications to the console's hardware and software.
"Basically, I used hardware to open a small hole and then used software to make the hole the size of the system to get full read/write access," he said in an interview. "Right now, although the system is broken, I have great power. I can make they system do whatever I want."
The first three weeks were spent trying attacks to directly access memory of the console. He eventually settled on his current approach after realizing software approaches alone were insufficient.
A dropout of the Rochester Institute of Technology, geohot said he is declining to provide details to prevent Sony from introducing changes that would stymie the modifications. But a blog post announcing the accomplishment makes clear the hack gives users unprecedented control over their systems.
"I have read/write access to the entire system memory, and HV level access to the processor," geohot wrote. "In other words, I have hacked the PS3."
The hack will allow PS3 users for the first time to run unrestricted versions of Linux that have full access to the system's central processing unit and graphical processing unit. That will greatly expand the kinds of things users can do with the console. For starters, they could use the mod to run emulators that will play PS2 games on the machine, something Sony strictly forbids. It could also allow programs like the VLC media player to run much more robustly. The hack also opens the door to pirated games on the console, although geohot said that's an activity he's not interested in pursuing.
Geohot said he doesn't plan to release the software used to unlock the box until he can make it more reliable. It currently takes about 15 minutes to run and frequently fails to work properly. "If I posted what I have now, people would get fed up with it," he said.
He praised the PS3 as a "pretty secure system," that was harder to hack than many hardware systems he has penetrated.
"One of the main things Sony did right was put all the security on at once," he explained. "From day 1, the PS3 was secure."
By contrast, anti-hacking protections in the iPhone were rolled out over time, allowing him to gain important insights into the overall design that helped him defeat changes that were introduced later.
"If the iPhone right now was released as is, it would be much harder for people to crack," he said. "With the iPhone, when a new version comes out, we can decrypt it right away because we have exploits for the old version."
A native of Glen Rock, New Jersey, geohot rose to prominence in 2007, at the age of 17, when he developed the first hack to allow the iPhone to work on networks other than AT&T's. Even after Apple introduced changes designed to reestablish Apple's iron-fisted grasp of the device, geohot devised ways jailbreak newer versions, unleashing a never-ending cycle of hacks and counterhacks.
While hacks of the Xbox and the iPhone have led to thriving developer communities that release custom applications for the modded devices, geohot said the challenge of overcoming the security overshaddows those more practical outcomes.
"Personally, it's a win for me just to do it," he said. "It's just cool to have it cracked." ®