Another look into the PS3 hack

When word of the PS3 hack first came out, some were skeptical, some were intrigued, the rest simply waited for events to unfold. Unfold they did – George Hotz, aka Geohotz, has indeed paved the way for hacking the PS3 and subsequently released his PS3 exploit. The hackspeak must be a little too much for the lay-man, but thankfully, Digital Foundry’s Richard Leadbetter provided a more understandable look into the controversial hack.

When word of the PS3 hack first came out, some were skeptical, some were intrigued, the rest simply waited for events to unfold. Unfold they did – George Hotz, aka Geohotz, has indeed paved the way for hacking the PS3 and subsequently released his PS3 exploit. The hackspeak must be a little too much for the lay-man, but thankfully, Digital Foundry’s Richard Leadbetter provided a more understandable look into the controversial hack.

 

It’s no secret that the PlayStation 3 is the most secure gaming system ever created. Staying hack free until now is easy proof of that, something that cannot be said about its two competitors. “Xbox 360 was compromised owing to the unencrypted nature of the firmware on the original DVD drives,” Leadbetter stated. “Wii was hacked because the system itself was so similar to the GameCube that when the old hardware was cracked, the new revision fell with it.”

 

Sony, however, took things to another level. “Not only is the drive software itself encrypted, but it’s widely believed that the mandatory firmware updates can also reflash the Blu-ray drive too – even if the drive was hacked (it never has been) it would be re-secured next time you updated your PS3.”

 

 

“Basically, I used hardware to open a small hole and then used software to make the hole the size of the system to get full read/write access,” Geohotz told The Register. “Right now, although the system is broken, I have great power. I can make the system do whatever I want.”

 

“In older systems, like the PSP, reverse-engineering code contained within that memory map was enough to find the decryption keys to game security and system software updates, and so the concepts of ISO loaders and custom firmware emerged,” as Leadbetter put it.

 

Though he has successfully gained complete access to the entire system memory, Hotz himself has said that the hack is far from complete. The decryption keys are still safely tucked away in of the console’s eight SPUs, guarded by several layers of security.

 

“Making matters difficult is the fact that Sony and IBM’s security protocols were created to anticipate a worst-case scenario, and assumed that at some point someone like Geohot would gain access in this way. So even more layers of security were added to the design,” Leadbetter noted.

 

It’s still not clear if the exploit can produce HEN, or homebrew enabler. There’s also the question of cracking the system to be vulnerable to piracy. One thing’s sure at the moment – the hack still has a long way to go and Sony has taken every step it can to protect the PS3.

 

The full in-depth analysis can be found on Digital Foundry through Eurogamer via the link below.

 

 

 

Thanks whitetop!

[via Eurogamer]