Prolific hacker releases PlayStation exploit
Some memory-bus corruption required
On Monday, when we reported that the prolific hacker geohot had successfully penetrated the previously impervious PlayStation 3 gaming console, readers were understandably skeptical.
After all, the 20-year-old readily admitted his hack wasn't reliable, and he provided no evidence he was able to do some of the things modders love to do most, such as run arbitrary code or peel open the device's synergistic processing elements to take a peak at its most prized internal elements.
On Tuesday afternoon, geohot finally released his exploit so the world could see for itself exactly what the hack does and doesn't accomplish.
According to the instructions, it involves compiling and running the kernel module and then pulsing a memory bus on the PS3's motherboard.
"Try this multiple times," his instructions state. "I rigged an FPGA button to send the pulse. Sometimes it kernel panics, sometimes it lv1 panics, but sometimes you get the exploit!! If the module exits, you are now exploited."
While the idea is sound, this hack is clearly not for the faint of heart.
From there, PS3 users get full memory access, including ring 0 access from OtherOS, geohot, whose real name is George Hotz, said here. He's now turning follow-on work to the PS3 community, directing members to report their findings to the psDevWiki.
His instructions conclude: "The PS3 is hacked, its your job to figure out something useful to do with it." ®
Bootnote
Cryptographer Nate Lawson provides an excellent technical analysis of the hack here.
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
COMMENTS
accoarding to the bbc
Accoarding to the bbc R1 newsbeat It now means you can play pirate games and blu-rays, and also a number of Radio1 listeners have been playing pirated games on the ps3 since it came out. Both made me laugh as neither is remotely true. In the old days Journalists used to check their facts before running stories.
re: "Your(sic) an Idiot!"
Impressive bit of self-pwning there, kid.
Right here
He hasn't "hacked it wide open".
Using a hardware interface he can spam a few memory allocation calls behind the veil of the HyperVisor, while in Linux on an old PS3.
Actually, he has hacked, in the very old skool sense, and in the best way, using hardware to see how something works and make it do something it shouldn't.
But from his blog it looks like he's given up now, probably realised that no amount of poking will get the decryption keys out of the locked down SPU, anymore than shouting at a safe will unlock it.
IT infrastructure monitoring strategies
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
Cloud based data management
Enabling efficient data center monitoring
Agentless Backup is Not a Myth
