PlayStation 3 code signing cracked
Hardware hackers claim to have uncovered the private key used by Sony to authorise code to run on PlayStation 3 systems.
The hackers uncovered the hack in order to run Linux or PS3 consoles, irrespective of the version of firmware the games console was running. By knowing the private key used by Sony the hackers are able to sign code so that a console can boot directly into Linux. Previous approaches to running the open source OS on a games console were firmware specific and involved messing around with USB sticks.
The same code signing technique might also be used to run pirated or counterfeit games on a console. That isn't the intention of the hackers even though it might turn out to be the main practical effect of the hack.
The group, fail0verflow, who also run the Wii's Homebrew Channel, gave more information about the crack and a demo during the annual Chaos Communication Conference hacker congress in Berlin. Sony's weak implementation of cryptography was exploited by fail0verflow to pull off the hack, as explained in a video on enthusiast site PSGroove here.
More discussion on the console jailbreaking hack can be found on a PlayStation forum here. ®
Sony will rue the day they removed the OtherOS feature from the PS3. Many many people legitimately used it to run Linux - and even bought the PS3 over the xbox360 due to this extra function/ability.
yes, the bad people want to run pirated games...but all Sony has done is pushed the legitimate people into the underground scene world...and basically accelerated this cracking of the system.
Sony - grow a backbone and give back the OtherOS feature as it was listed as a feature of the system when sold originally...I know you don't care about the 'its a computer!' tax dodgy..as that no longer applies anyway.
Serve them right!!!!
Sony kinda brought it on themselves by removing the ability to run Linux on the PS3 in the first place. It's one thing not to be allowed to run Linux on a console, but to be allowed when you buy it and then to have that arbitrarily revoked???
I'd imagine it'll be impossible to change. They could sign new code with a new key (and obviously pass that to the console as an update) but they'll surely have to honour the compromised key or explain to customers why their older games no longer work (or is it just the OS that needs signing?)
Sucks to be them, but it was largely self inflicted!
Guess that decision to remove the linux option to prevent piracy has kinda backfired.
Egg, meet face.
This is a message to all hardware manufacturers: your customers will not let you get away with restricting the functionality of your products. In an information society, restricting information for profit is immoral and unethical. And as you can plainly see, you aren't even good at it. So quit now while you still have your dignity intact. We do not forgive, we do not forget etc.
Now I might buy a PS3.