Kodewerx
http://www.kodewerx.org/forum/

PS3 hacked?
http://www.kodewerx.org/forum/viewtopic.php?f=11&t=7167
Page 1 of 1

Author:  dlevere [ Mon Jan 25, 2010 10:27 am ]
Post subject:  PS3 hacked?

It has finally be done, or someone has reported it finally being done. Hacker George Hotz is claiming that he has finally hacked into a PS3.

The system has been notoriously hard to get into, and until now no one has been able to do it. The reason this isn't confirmed yet is because Hotz isn't releasing how he hacked the system, stating that,

"As far as the exploit goes, I'm not revealing it yet. The theory isn't really patchable, but they can make implementations much harder. Also, for obvious reasons I can't post dumps. I'm hoping to find the decryption keys and post them, but they may be embedded in hardware."

Author:  Parasyte [ Mon Jan 25, 2010 4:40 pm ]
Post subject:  Re: PS3 hacked?

I read about this a few days ago, and it sounds like a good announcement.

If it were me (and it would be, should I received my MCUs sooner than later) I would wire to the hardware in such a way that any attack couldn't be prevented without additional hardware that would also serve as a system performance bottleneck. Some might argue that it would be in Sony's interest to apply such a bottleneck if it will prevent hacking, but then they lose to Microsoft over who has the better "AWSUM HIDEF GRAFX". In other words, they can't prevent the kind of attack I envision.

Now where to get a low-power, high-speed FPGA...

Author:  dlevere [ Mon Jan 25, 2010 10:28 pm ]
Post subject:  Re: PS3 hacked?

These links go into greater detail:

http://news.bbc.co.uk/2/hi/technology/8478764.stm

http://www.psu.com/American-hacks-PlayS ... 562-p0.php

Author:  Parasyte [ Wed Jan 27, 2010 8:18 pm ]
Post subject:  Re: PS3 hacked?

It seems like the exploit *is* patchable according to geohotz. (Emphasis my own.)

Quote:
geohot: well actually it's pretty simple
geohot: i allocate a piece of memory
geohot: using map_htab and write_htab, you can figure out the real address of the memory
geohot: which is a big win, and something the hv shouldn't allow
geohot: i fill the htab with tons of entries pointing to that piece of memory
geohot: and since i allocated it, i can map it read/write
geohot: then, i deallocate the memory
geohot: all those entries are set to invalid
geohot: well while it's setting entries invalid, i glitch the memory control bus
geohot: the cache writeback misses the memory :)
geohot: and i have entries allowing r/w to a piece of memory the hypervisor thinks is deallocated
geohot: then i create a virtual segment with the htab overlapping that piece of memory i have
geohot: write an entry into the virtual segment htab allowing r/w to the main segment htab
geohot: switch to virtual segment
geohot: write to main segment htab a r/w mapping of itself
geohot: switch back
geohot: PWNED
geohot: and would work if memory were encrypted or had ECC
geohot: the way i actually glitch the memory bus is really funny
geohot: i have a button on my FPGA board
geohot: that pulses low for 40ns
geohot: i set up the htab with the tons of entries
geohot: and spam press the button
geohot: right after i send the deallocate call


Sounds like the weak link, right there. In any case, that's a pretty good idea... Far different to what I had in mind. Sadly, I haven't been able to install Linux on my PS3 at all. But I did get all of the Silent Hill games and Ico/Shadow of the Colossus from eBay recently. So my PS3 isn't totally useless. Just mostly useless.

Relevant link

Author:  dlevere [ Fri Jan 29, 2010 5:47 am ]
Post subject:  Re: PS3 hacked?

Posted by Soulskill on Wednesday January 27, at 10:57AM
from the let-the-games-begin dept.

itwbennett writes "On Friday, George Hotz, best known for cracking Apple's iPhone, said he had managed to hack the PlayStation 3 after five weeks of work with 'very simple hardware cleverly applied, and some not so simple software.'

Days later, he has now released the exploit, saying in a blog post that he wanted to see what others could do with it.

'Hopefully, this will ignite the PS3 scene, and you will organize and figure out how to use this to do practical things, like the iPhone when jailbreaks were first released,' he wrote. 'I have a life to get back to and can't keep working on this all day and night.'"

Reader MBCook points out an article written by Nate Lawson "explaining how the hack bypasses the hypervisor to gain unrestricted access to memory. It seems the trick is to use a pulse to glitch the hypervisor while it's unmapping memory, leaving a favorable page table entry."

Author:  HyperHacker [ Wed Feb 17, 2010 12:06 am ]
Post subject:  Re: PS3 hacked?

I always figured the PS3 took so long to get into because nobody cared. :p Those that did want emulators had Linux, until Sony went and pulled that too. Good going Sony, you generated more interest in hacking your system. (They already had some by preventing access to the GPU, and of course some from pirates, but I guess that wasn't enough? :p)

Author:  dlevere [ Mon Mar 29, 2010 2:27 pm ]
Post subject:  Re: PS3 hacked?

The next system software update for the PlayStation 3 (PS3) system will be released on April 1, 2010 (JST), and will disable the 'Install Other OS' feature that was available on the PS3 systems prior to the current slimmer models, launched in September 2009.

This feature enabled users to install an operating system, but due to security concerns, Sony Computer Entertainment will remove the functionality through the 3.21 system software update."

This comes as something of a surprise. Particularly because only a month ago Sony Computer Entertainment management seemed committed to the continued support of the Other OS option on the PS3.

Author:  dlevere [ Mon Mar 29, 2010 2:28 pm ]
Post subject:  Re: PS3 hacked?

PS3 hacker criticizes Sony's removal of OtherOS Support

Posted by George Hotz at 1:09 PM

Monday, March 29, 2010

Wait, you are removing a feature?

First off, I want to apologize to all the people who use Linux on their PS3. Before releasing, I weighed the pros and cons, and considered the possibility of an impact on OtherOS support. My logic was this. OtherOS support had already been removed from the Slim(not for technical reasons; I believe it only existed in the first place to promote the Cell for IBM) The builders had apparently no intention of including it in future products. So for the purposes of openness why not release? Not like anything else has(or probably will be) done on the PS3.

Now you go and remove a feature that people expected to be included with the expensive device they purchased, citing "security concerns". What security concerns? It's not like the exploit can be run even close to without the users knowledge. You have to open the fucking thing up. How could this harm users? Your blog post doesn't list positive reasons for upgrading like I think most users expect. Instead it lists things you will lose if you don't upgrade. Seriously?

The PlayStation 3 is the only product I know that loses features throughout it's life cycle. Software PS2 emulation, SACD playback, and OtherOS support are all just software switches you can flip. It's unbelievable you would go and flip one, not just on new boxes you are shipping, but on tens of millions already in the field.

Again I'm sorry users. Sony, I expected more from you.

Author:  HyperHacker [ Mon Mar 29, 2010 6:14 pm ]
Post subject:  Re: PS3 hacked?

That's Sony. Let's just go remove a feature that was a selling point and drew interest away from hacking the system, to plug the easiest method of accessing a hole that could lead to actually making this thing useful.

From Sony, "security" and "stability" have always (look at PSP) referred to plugging exploits in their own interest, not in the users', but I didn't think even they would do something this silly.

Author:  dlevere [ Thu Apr 08, 2010 1:56 am ]
Post subject:  Re: PS3 hacked?

Sony Update Bricks Playstations

A controversial update which was seeded by Sony in order to remove the ability to run Linux on the Playstation 3 games console has caused a storm of complaints.

The 3.21 firmware upgrade, which removes the security hole provided by the 'Install Other OS' widget used by lots of educational institutions and hackers alike, also removes the console's ability to play games... turning it into a very expensive doorstop.

Author:  dlevere [ Sat Apr 10, 2010 3:28 pm ]
Post subject:  Re: PS3 hacked?

Hacker Geohot is following through on his promise to fight Sony's removal of the "Install Other OS" feature on the PS3. He posted a video of the work he's done so far that shows a PS3 console booting into Linux.

Quoting Engadget: "While it's not available to the public just yet, Geohot's 3.21OO custom firmware will apparently be simple to install and, as you can see in the video after the break, it works just as you'd expect and simply restores the 'other OS' option to its previous place. Geohot even says that the custom firmware might actually enable the other OS feature on the PS3 Slim, but he hasn't yet had a chance to try it out."

Amazon has given a European PS3 owner a 20% refund for removal of the PS3's OtherOS feature.

Page 1 of 1 All times are UTC - 8 hours [ DST ]
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/