PS3 Hacked via USB Dongle 337
dlove67 writes "PSX-scene.com reports that the first PS3 modchip has been tested and confirmed to be working. Running off of a USB dongle, it appears to be relatively user friendly and claims to not void your warranty. Online gameplay works (at least for the time being). It's been a long time coming; cheers to the PS Jailbreak Guys." The video is attached below if you're curious. Can't help but point out that this wouldn't have happened if Sony hadn't decided to yank the Boot Other OS option.
What does this mean for cheats/aimbots? (Score:5, Interesting)
The whole reason I bought a PS3 was because it was a closed platform, and because it was a closed platform, it was harder to hack the games. I like playing FPS games and they are absolutely ruined as soon as you have to deal with wallhacks and aimbots. Will this new hack open the door to programs like that?
What has this to do with sony yanking linux? (Score:1, Interesting)
Can't help but point out that this wouldn't have happened if Sony hadn't decided to yank the Boot Other OS option.
why? Can somebody please explain? the linked site seems down so maybe that's what I'm missing.
Re:What does this mean for cheats/aimbots? (Score:3, Interesting)
Re:What has this to do with sony yanking linux? (Score:3, Interesting)
OK, that might very well be so, and it would make sense. The irony would just be unbearable. At least we can laugh at sony now.
Although this "news" does not even mention if booting linux is possible at this point, this just highlights how it is possible to pirate games - which is somewhat confusing.
Of course if they can boot games its possible they have enough control that they can boot other OS... but no details are mentioned.
How? (Score:4, Interesting)
I thought that pretty much everyone who's looked at the PS3 security has found it to be pretty ironclad. The hypervisor was supposed to be obscenely difficult to get around, even if you did find an exploit.
Re:What has this to do with sony yanking linux? (Score:5, Interesting)
The PS3 was secure through obscurity (besides any actual security present), much like the Wii was in its infancy (Wii drivechips notwithstanding, those are a whole different ballgame). Obscurity works a lot better than security for consoles, because they are big, complex systems that inevitably have holes. Obscurity is useful up until the first hack is published, which is when people finally get to poke at dumps of your software and expose your bugs. The more you can delay that from happening, the better. The Wii did a good job of this by encrypting and signing every piece of data on Wii game discs, for example. There were bugs, but nobody could figure them out without access to decrypted binaries.
We don't know if someone involved in PS3 homebrew hacking had anything to do with this, but it's certain that whoever did this at the very least used techniques developed as a result of the Other OS remioval during development. Specifically, until the Other OS fiasco happened, there was no way to dump PS3 software and analyze it for exploits. Now there is.
Both the Wii and the PS3 obscurity-breaking hacks were almost identical: RAM glitching to escalate privileges from an unprivileged mode in order to access secure areas. The Twiizer Attack on the Wii glitched the RAM address lines in order to dump secure software and keys from insecure GameCube mode, and geohot's PS3 exploit used RAM glitching in order to make the hypervisor unwillingly give you read/write access to secure RAM while in insecure Other OS mode. When software is obscure, hardware is the only way to go. This Wii attack paved the way for Wii software exploits, and certainly this PS3 USB device is based upon exploits uncovered by dumping via the memory glitching exploits released earlier this year after Sony pulled Other OS.
So yes, Sony basically asked for this by pulling Other OS and angrying legitimate hackers who used Other OS, and now they got what they asked for. I'm just glad some piracy company did it first instead of repeating the story of the Wii where pirates piggyback on homebrew.
The one sad, sad thing is that this is called "PS3 jailbreak". Jailbreak is a very specific term that describes breaking out of a filesystem jail (e.g. on the iPhone), and it's being used on the PS3 purely for "brand recognition". This will just make people associate jailbreaks with piracy.
If it sounds too good to be true... (Score:5, Interesting)
Re:What has this to do with sony yanking linux? (Score:5, Interesting)
I agree with all you have said but one thing: if it were the hackers who have enabled this hack they would have demoed booting OtherOS, downgrading or whatever.
But clearly it is the pirates here who have done the hack from start to finish. Unless they borrowed it from other "homebrew" guys who were keeping it in private..
Re:What has this to do with sony yanking linux? (Score:5, Interesting)
The initial heavy lifting to hack the original XBox, 360 and Wii were done by people trying to put Linux on them.
I'm going to back up AC on this one, at least with respect to the Wii. Team Twiizers [wiibrew.org], the team of hackers (as in, tinkering, not cheaters) have released multiple tools to not only allow and facilitate non-pirate homebrew software to run, they also actually have made efforts to fix critical flaws in Nintendo's design of the Wii. This includes ways to recover a bricked console, which came into play when Nintendo's own official system updates (designed to block homebrew and piracy indiscriminately) were sloppy to the point of being capable of bricking unmodified Wiis.
Team Twiizers also go out of their way to specifically discourage and hamper piracy, including making their software run upside-down on-screen if you've hacked your Wii so much that you must be using it for piracy. They really want to avoid large-scale piracy, because it'll just give Nintendo the incentive to try and lock the Wii back down, depriving everyone of the non-piracy uses for homebrew. They'll happily help with installing Linux on your Wii, and there are guides for using it as a media center, a ScummVM host, and even a VNC client. You can also emulate pretty much every game console in history up to the PS1, as well as MAME, but finding roms (and whatever trouble that might cause) is up to you. However, they make it clear that discussions of piracy are unwelcome.
Re:What does this mean for cheats/aimbots? (Score:2, Interesting)
Re:What does this mean for cheats/aimbots? (Score:5, Interesting)
Re:What does this mean for cheats/aimbots? (Score:3, Interesting)
Depends what was defeated. For example, on the Xbox360, you can pirate games with a hacked DVD drive, but you canot mod the games because you can't run unsigned code in the main OS. You can hack your Xbox360 to run Linux, but that pretty much eliminates any option in playing Xbox360 games. So you don't really worry about cheating in Xbox360 games, other than social cheating that the Xbox can't really defend itself again ("standbying", "rage quitting", etc). Or against proxy-bots (where a proxy aimbot intercepts Xbox Live network packets).
If the PS3 is hacked similarly - i.e., it can't run unsigned code, nothing bad will happen. If it can, oh well.
And this could be the thing that gets the PS3 selling well again - with few exceptions, it's trailed behind the Xbox360 (which has trailed behind Nintendo).
And yeah, Microsoft learned with the original Xbox that not listening to indie/homebrew devs leads to easy piracy as the groups will work together on a solution. It's what happened on the Wii this generation. The Xbox360 has the XNA stuff, which certainly limits what you can do, and the PS3 had OtheroS, which also had its limits, but it calmed the homebrew waters and had the pirates working alone. Now Sony removed OtherOS, and the homebrew crowd pretty much ends up working with the piracy crowd because their work is complementary.
And hey, it's a use for that 500GB drive you tossed in your PS3 - rather than use the dog-gone-sluggish Blu-Ray drive. (Hell, the Xbox360 had the feature to copy games to hard drive...).
Re:The obvious fix from Sony... (Score:4, Interesting)
They already told me they won't do this when I complained about "Other OS" removal.
Quote from Playstation Consumer Services:
"There would not be able reason to remove the features of your PS3 System that you have mention, card readers USB ports or backwards compatibility. They are physical attributes that your PS3 System possesses and do not present a security threat as the option that Install other OS does in this case does."
Re:Tag article slashvertisement (Score:3, Interesting)
"even the great Geohot ripped off other people's work and failed to make a dent"
FTFY. Trace over-current spiking was my idea.
I'm betting the USB stick does the same thing but with some other automated software, because the data line on the USB ports runs down that same trace. That trace is the direct vulnerability past the hypervisor.
Re:Tag article slashvertisement (Score:3, Interesting)
Re:Tag parent fail (Score:3, Interesting)
Care to explain what PCB traces are shared between D+/D- on the USB and the RAM? And what this has to do with your TomTom?
You're also confusing the service mode jig used in Sony repair centers on retail consoles with debug consoles used for development. The two are unrelated.
Re:What does this mean for cheats/aimbots? (Score:3, Interesting)
So if you had an iphone and apple said 'we are removing the application functionality in the next update, however it's optional so you can retain the application functionality, but you won't be able to make calls.' you would see that as acceptable?
Well that example is a little different. Apple has no right to kick people off of AT&T's network. but...
Sure, I would see that as acceptable. I don't see anything wrong with Apple/At&T making decisions about what devices and software packages can access their network. I would imagine that would let me out of whatever service contract I had with AT&T though.
Sony's situation is different. They cut off access to a free non-contractual service, and they had always reserved the right to change or modify their Terms of Use. Granted it was an advertised feature and the majority of users purchased their PS3's for that reason, but Sony still must have the right to say who can and can't access their networks. Right?
This move makes me not trust Sony. It will make me hesitant to buy a similar "hardware with FREE internet services" device from them in the future. But there was nothing wrong with what they did. They pissed people off to be sure. But that was their business decision to make. They've got a long history of being dicks to their customer base, but people keep buying their stuff.