Prolific hacker releases PlayStation exploit
Some memory-bus corruption required
On Monday, when we reported that the prolific hacker geohot had successfully penetrated the previously impervious PlayStation 3 gaming console, readers were understandably skeptical.
After all, the 20-year-old readily admitted his hack wasn't reliable, and he provided no evidence he was able to do some of the things modders love to do most, such as run arbitrary code or peel open the device's synergistic processing elements to take a peak at its most prized internal elements.
On Tuesday afternoon, geohot finally released his exploit so the world could see for itself exactly what the hack does and doesn't accomplish.
According to the instructions, it involves compiling and running the kernel module and then pulsing a memory bus on the PS3's motherboard.
"Try this multiple times," his instructions state. "I rigged an FPGA button to send the pulse. Sometimes it kernel panics, sometimes it lv1 panics, but sometimes you get the exploit!! If the module exits, you are now exploited."
While the idea is sound, this hack is clearly not for the faint of heart.
From there, PS3 users get full memory access, including ring 0 access from OtherOS, geohot, whose real name is George Hotz, said here. He's now turning follow-on work to the PS3 community, directing members to report their findings to the psDevWiki.
His instructions conclude: "The PS3 is hacked, its your job to figure out something useful to do with it." ®
Bootnote
Cryptographer Nate Lawson provides an excellent technical analysis of the hack here.
COMMENTS
accoarding to the bbc
Accoarding to the bbc R1 newsbeat It now means you can play pirate games and blu-rays, and also a number of Radio1 listeners have been playing pirated games on the ps3 since it came out. Both made me laugh as neither is remotely true. In the old days Journalists used to check their facts before running stories.
re: "Your(sic) an Idiot!"
Impressive bit of self-pwning there, kid.
Right here
He hasn't "hacked it wide open".
Using a hardware interface he can spam a few memory allocation calls behind the veil of the HyperVisor, while in Linux on an old PS3.
Actually, he has hacked, in the very old skool sense, and in the best way, using hardware to see how something works and make it do something it shouldn't.
But from his blog it looks like he's given up now, probably realised that no amount of poking will get the decryption keys out of the locked down SPU, anymore than shouting at a safe will unlock it.
What is the BBCs problem with Sony?
The Beeb seems to have a real passion for disinformation about the PS3. What's their problem? Does someone high up in the corporation own a chunk of Microsoft?
Not likely..
Only a small minority are interested in anything other than copying games.
What can't the PS3 currently do, anyway? It can already play Blu-ray and DVD, iPlayer, youtube and other flash based content. I don't have one but it looks like it can also stream some Internet radio, and there's a load of Linux options.
OK, so perhaps everything isn't always available simultaneously, but I'm not seeing a huge lack of features.
