Forgot your password?
typodupeerror
Sony PlayStation (Games) Security Games

Playstation 3 Code Signing Cracked For Good 534

Posted by samzenpus
from the forever-is-a-long-time dept.
ReportedlyWorking writes "It appears that Sony's PS3 has been fatally compromised. At the Chaos Communication Congress in Berlin, a team named 'fail0verflow' revealed that they had calculated the Private Keys, which would let them or anyone else generate signed software for the PS3. Additionally, they also claim to have a method of jailbreaking the PS3 without the use of a Dongle, which is the current method. If all these statements are true, this opens the door to custom firmware, and homebrew software. Assuming that Sony doesn't take radical action and invalidate their private keys, this could mean that Jailbreaking is viable on all PS3, regardless of their firmware! From the article: 'Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs. Following this, the team declared Sony's security to be EPIC FAIL!'"
This discussion has been archived. No new comments can be posted.

Playstation 3 Code Signing Cracked For Good

Comments Filter:
  • Sigh (Score:4, Insightful)

    by Anonymous Coward on Wednesday December 29, 2010 @05:21PM (#34703434)

    "Following this, the team declared Sony's security to be EPIC FAIL!"

    Is it really necessary for everybody to talk like complete dicks nowadays?

    • by Nadaka (224565)

      No. Only people who announce their 733t #@xor 5k177s or those who p0wn newbs.

    • Re:Sigh (Score:5, Interesting)

      by Raineer (1002750) on Wednesday December 29, 2010 @05:40PM (#34703668)

      "Following this, the team declared Sony's security to be EPIC FAIL!"

      Is it really necessary for everybody to talk like complete dicks nowadays?

      To be honest I'm not sure how you can call Sony security a failure. As far as popular consumer devices go, the PS3 lasted for eons. I am both a Sony and Apple fanboy (somewhat), and have to laugh at the hours (literally) it takes any Apple product to be cracked while Sony (as dysfunctional as any company there is) makes a product that lasts for years. Cracking the keys was inevitable, but Sony should be recognized for making it more difficult than anyone else :) I still sit on the side of the fence where the damn thing should have been open from the get-go...but meh

      • Re:Sigh (Score:5, Insightful)

        by MoonBuggy (611105) on Wednesday December 29, 2010 @05:45PM (#34703734) Journal

        I get the impression that the moderate openness of the PS3 at release was exactly what did preserve its uncracked status for so long. As soon as they locked out the 'Other OS' option, they pissed off the precise segment of the userbase who also have the skill to crack any subsequent security improvements.

        • Re:Sigh (Score:5, Interesting)

          by MoonBuggy (611105) on Wednesday December 29, 2010 @05:56PM (#34703846) Journal

          Having followed the finest Slashdot tradition and only read TFA after posting, it appears that there was truth in my speculation. Fail0verflow [fail0verflow.com], the group that found the keys, posted on twitter [twitter.com] that "we only started looking at the ps3 after otheros was killed.". That means they did this in nine months.

          • Re:Sigh (Score:5, Insightful)

            by Derekloffin (741455) on Wednesday December 29, 2010 @06:11PM (#34703984)
            Only if they completely ignored all knowledge of the PS3 discovered before 9 months ago, which I highly doubt. Granted, it probably wouldn't have taken them the 4 years to crack it if they had interest from the start, but to complete ignore the 3 intervening years, you have to assume they gained nothing from those 3 years at all on any front. It is a disingenuous claim.
            • Re:Sigh (Score:4, Insightful)

              by kurokame (1764228) on Wednesday December 29, 2010 @07:11PM (#34704754)

              Okay, I'll give you 12 months. The difference is negligible. The techniques used to root the PS3 are so fundamental and well-known that it was largely a matter of trying them out. There was nothing revolutionary here, it was just a matter of people with sufficient expertise and resources becoming motivated to spend the time to do the necessary work.

              The point remains: working with your users diminishes their motivation to work against you. Minimizing the artificial constraints placed on what users can do with the device they purchased means that huge swaths of people who might be motivated to reverse engineer your safeguards won't need to. The community relationship will be improved, new uses for the hardware that you didn't anticipate will be found.

              When you can improve sales and customer relations while simultaneously lengthening the lifetime of your product as a DRM device, well, it seems like it would be a relatively simple decision. The net effect is to attract and retain customers both at a consumer and industry level. Consumers get a more versatile device - and equally important, respect. Developers get stronger and longer-lasting DRM and a larger and more robust consumer base. Everybody wins.

              • Re:Sigh (Score:4, Insightful)

                by causality (777677) on Wednesday December 29, 2010 @07:37PM (#34705094)

                Everybody wins.

                And that's the problem. I'll describe the mentality with which you are dealing when you speak of corporations that want to control what can be done with a device post-sale: "it is not enough for me to win -- someone else must also lose." They are not interested in finding the balance of which you speak.

                The corporations own most of our legal system and media. I'm glad for these cracker groups. They're just about the only remaining check against them that seems to actually work.

  • I feel a bit more comfortable jailbreaking a game system with a dongle or some other easily removable device, if I would like to resell it, etc. I guess I'm just that paranoid.
  • Epic Fail? WTF? (Score:4, Insightful)

    by scum-e-bag (211846) on Wednesday December 29, 2010 @05:23PM (#34703450) Homepage Journal

    Epic Fail? WTF?

    How many years has it taken to crack the PS3?

    I'd say that Sony has done a remarkable job.

    • by nedlohs (1335013)

      That's right, how long when otherOS was available did it last without such a crack?

      And once it was removed, how long?

    • by fuzzyfuzzyfungus (1223518) on Wednesday December 29, 2010 @05:36PM (#34703616) Journal
      I think that the "epic fail" part isn't the overall security of the PS3(which has generally been a pretty good sinister representative of the dystopian "trusted computing" future); but the fact that they somehow managed to build a code-signing verification mechanism that allowed their private key to be computed by an outside party.

      Assymetric key crypto is supposed to be(barring serious implementation failures or incredible algorithmic/technological breakthroughs) such that you should be able to verify that a private key was used to sign something with nothing more than the public key, from which the private key should be computable only in a time longer than the lifespan of the universe's remaining protons. That is the part that they apparently managed to fuck up. In terms of generally being a tough nut to crack, Sony did a pretty decent job. However, if TFA is true and not misleading, they failed to implement an absolutely foundational part of practical cryptography properly...
      • by marcansoft (727665) <hector@marcan s o f t . c om> on Wednesday December 29, 2010 @09:04PM (#34705884) Homepage

        The "epic" part really came about due to the completely inexcusable ECDSA signature screwup. We were left speechless by that one. However, as a whole, the entire PS3 architecture is terrible. Especially after breaking it open and properly analyzing it and finding a ton of screwups (many critical), there is absolutely no doubt in our mind that the sole reason why the PS3 lasted this far is because OtherOS kept all the competent people happy enough not to try to break into the system (that, and maybe hype around their hypervisor and isolated SPE security, both of which turned out to be terribly bad). If you watch the talk you'll actually see that we make this point clear and address the time-to-hack of the PS3. Given our experience and what we've learned from people who work on console hacks, almost nobody tried until OtherOS was removed, so the only valid measurement for "time to hack", as a strength-of-security measure, is the time since OtherOS was removed (9-12 months or so).

        OtherOS was Sony's single best security feature.

        • by RyuuzakiTetsuya (195424) <taiki&cox,net> on Thursday December 30, 2010 @03:06AM (#34707934)

          why the PS3 lasted this far is because OtherOS kept all the competent people happy enough not to try to break into the system

          Really? people haven't been trying to get to accelerated video in linux on the ps3? Or access to the GameOS FS just to tinker with it? Or piracy(Piracy was a big BIG motivator on Xbox, 360, PS2 and Wii; also Dreamcast but, the DC's security was even bigger epic fail than Sony's).

          So I think that's complete bollocks.

          The PS3 only went down because the first few lines of defense were pretty good... But not much else. In game save exploits like the famous GTA:LCS PSP, the Mechassault Xbox or the Twilight Princess Wii attacks weren't possible because the PS3(and 360 IIRC), unlike a Wintel system, actually properly implement the NX bit(According to Mathieulh at least, it also explains why TIFF exploits weren't being examined as well). So, bye bye that attack vector. The PS3 didn't rely on making sure that the optical drive was secure, so bye bye with that exploit(this was popular on the 360 and Wii). The PS3 also didn't expose the CPU to debug pins like the Xbox(with Pogo pins) or the Xbox 360(thanks to it's handy dandy JTAG connector).

          It wasn't until we saw the big weakness with the PSJailbreak did we see the other major flaws.

          Yes, I've gone to bat for Sony for locking down the PS3, but I don't think that it's wrong to fight back.

          • Really? people haven't been trying to get to accelerated video in linux on the ps3? Or access to the GameOS FS just to tinker with it? Or piracy(Piracy was a big BIG motivator on Xbox, 360, PS2 and Wii; also Dreamcast but, the DC's security was even bigger epic fail than Sony's).

            The people who want pirates are most often not the same people who have the skills, knowledge and hankering to do hacking. Pirates usually just ride with whatever tools those hackers have created, and hackers on the other hand most

    • by sqlrob (173498)

      A flaw that exposes private keys? That's an epic fail and far from remarkable.

      A regular jailbreak? Yeah, understandable and a fail, but not epic.

    • I think it should be taken into consideration that the people that worked on this were most likely (I haven't confirmed this but is usually the case) amateurs working on this stuff in their free time. I am sure that a professional crew could have accomplished this in a few days.
  • by VGPowerlord (621254) on Wednesday December 29, 2010 @05:24PM (#34703466)

    It's a bit late to invalidate private keys.

    My understanding is that every PS3 game is signed with those keys. Therefore, invalidating them through a firmware update would mean that every PS3 game to date will no longer work.

    While I wouldn't put it past Sony to try this, this would result in not only massive lawsuits, but also would be a massive PR blunder.

    Having said that, there could in theory be some sort of additional key telling what date a disc was signed, but even if that were true, it would be trivial to work around.

    • They won't. But they might hasten the release of the PS4.
      • by afidel (530433)
        Why? They are now making money on the console so they don't really care if it has a lower attach rate and it won the war vs HD-DVD which for Sony was half the point of releasing it.
    • by igreaterthanu (1942456) * on Wednesday December 29, 2010 @05:42PM (#34703690)

      My understanding is that every PS3 game is signed with those keys. Therefore, invalidating them through a firmware update would mean that every PS3 game to date will no longer work.

      They already have a list of all genuine games signed by the now compromised keys. They could potentially release an update that used new keys but also accepted the old keys provided it had signed something on the already known genuine list of games.

      • Which is trivially broken by the jailbreak simply telling the firmware that it's one of the "genuine" games.

      • by hedwards (940851)
        I don't think so. That would be prohibitively difficult to the point that I don't think they could do it. With the signing key somebody could create a new list and allow people to flash that into their system with the appropriate boot strap necessary to play new games as well.
        • by BLKMGK (34057)

          Ding! Ding! Winnah! - the revocation list is one of the things owned by this, in fact I think it is part of the exploit used to grab the keys (lol). Go watch the vids - the last of them is the most revealing at just about the 4min mark where they use a LARGE revocation list to overwrite a buffer. http://www.youtube.com/watch?v=84WI-jSgNMQ&feature=player_detailpage#t=187s [youtube.com]

          Custom firmware is coming I suspect. Pirated games will take longer, these guys did NOT get the key required to sign a game and get it

    • Via a firmware update, they could invalidate the keys for any new titles, while still allowing old titles to work via a whitelist. Thus anything new signed with the old key would be rejected.

      Of course then you just create a loader that has a matching checksum to a legitimate title and the cat and mouse game continues.

    • by fuzzyfuzzyfungus (1223518) on Wednesday December 29, 2010 @05:44PM (#34703718) Journal
      Not that I want them to succeed; but they could always do something like: "Consider private key X revoked, and trust nothing signed with it, unless that something has SHA1 hash equal to one of the hashes on the following list..."

      The number of existing PS3 games, DLCs, etc., while not small, is finite and pretty well characterized. It would be a pain in the ass; but not fundamentally difficult, to compute the hash of each one that is tainted by the compromised key and hardcode trust of it into the same patch that otherwise nukes that key and anything signed by it.

      Now, since the private keys presumably also control verification of patches, it is likely that some number of PS3s will permanently leave their control, with hacked patches applied that spoof acceptance of future patches, thus leaving them in control of their owners; but regaining control of all unsophisticated updaters and all PS3s leaving the factory from now on doesn't seem fundamentally impractical...
  • Please, the Dreamcast was epic fail it shipped with accessible debug mode.
  • Epic Fail? Hardly. (Score:5, Informative)

    by Weaselmancer (533834) on Wednesday December 29, 2010 @05:25PM (#34703474)

    From the blurb:

    'Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system.

    Ok, the PS3 was launched on November 11, 2006. [wikipedia.org] Today's date is December 29, 2010. That means that it took over four years to be broken.

    Compared to DVD and Blu-Ray, that is actually pretty darn good.

    • by SuricouRaven (1897204) on Wednesday December 29, 2010 @05:28PM (#34703506)
      It is impressive indeed. Though I do note that it didn't completly resist attack for four years. It just took for years to be completly, irrepairably and conveniently broken. There have been wayst o break the PS3s DRM for years, but their complexity put the beyond the ability of all but the most technologically capable users. With the code-signing cracked, it's as simple as burning an ISO.
    • by jchillerup (1140775) on Wednesday December 29, 2010 @05:36PM (#34703600)

      Ok, the PS3 was launched on November 11, 2006. [wikipedia.org] Today's date is December 29, 2010. That means that it took over four years to be broken.

      Compared to DVD and Blu-Ray, that is actually pretty darn good.

      I was at the presentation in Berlin today. They did bring up this exact point.

      Their counter argument was that people don't take into consideration that the console did support homebrew until Sony declared they'd drop that. The argument for that action was they'd save money not having to support it for their then-new PS3 Slim models, which turned out to be bullshit after hackers discovered that the Slim (with some hacking) could actually run the same Linux distros as the PS3 Fat. They then disabled OtherOS on the PS3 Fat, too.

      This was 12 months ago (can't cite a source other than the slides), making it take only 12 months of actual effort for it to get cracked, as opposed to other (closed) platforms where the homebrew hacking efforts begin at day 0.

      • by hardburn (141468)

        In other words, Sony has just gone and proved that the only DRM that remains unhacked is the kind that nobody cares to hack. See also: SACD.

        • In other words, Sony has just gone and proved that the only DRM that remains unhacked is the kind that nobody cares to hack. See also: SACD.

          SACD is cracked. Or at least worked around enough so that it doesn't matter.
          There are two hacks for SACD:

          1) Physical modification of various players to extract the PCM audio after conversion from DSD, this approach is a few years old now.
          2) The widespread crack of HDCP enabled extraction of the original DSD audio from any HDMI equipped SACD player.

          There are plenty of SACD rips floating around the net

    • by Terrasque (796014) on Wednesday December 29, 2010 @05:37PM (#34703618) Homepage Journal

      That's true. And Sony have been boasting of having the toughest DRM of all consoles.

      However, it only took half a year [joystiq.com] from removing Linux support, and in that short period have had many partially successful attacks against it. Before, while they had the Linux support, such stories were remarkably rarer.

      Many critics meant that the continued security of the console was partially because they allowed linux to run on it, and so many of the talented people had no reason to look closer at it. Since PS3, after four year of "DRM cracking almost never heard of" have now gone to "Completely broken" in just over half a year's time, I think they have a point there.

      It's not that it was that much more secure, it's just that most of the really talented people had no reason to look into it.

    • by F-3582 (996772)
      Yeah, but during the first three of those four years the only reason was piracy why people would want to break it. Which is clearly not the intention of those guys. So, technically it was only twelve months since SONY removed the OtherOS mode.
    • by Fireye (415617)

      The people that did this exploit/hack/whatever reportedly only chose this method of action after Sony decided to remove OtherOS support from PS3's. Their stated goal is to get Linux up and running on retail PS3s. Maybe this would've occured a lot quicker if OtherOS never existed.

    • Ah, but users have been able to run Linux for most of that time. Jailbreaks started being introduced only AFTER Sony removed Linux... I don't recall hearing about attempts before then.
    • Ok, the PS3 was launched on November 11, 2006. Today's date is December 29, 2010. That means that it took over four years to be broken.

      Another way to look at is that on April 1st, 2010 the "other OS" option was retroactively removed from all PS3s with current firmware.
      That makes it 5 months from pissing off the wrong people to the first widespread jailbreak and 9 months to a permanent crack.

  • by Simmeh (1320813)
    Thousands of commentards said this couldn't happen. How can people on the Internet be wrong?!
  • Wow... (Score:5, Insightful)

    by fuzzyfuzzyfungus (1223518) on Wednesday December 29, 2010 @05:31PM (#34703536) Journal
    How did Sony fuck that one up?

    It was my(admittedly layman's) understanding that a public/private key crypto implementation, assuming it isn't deeply flawed, using key lengths suited to the computational capacities of PDP-8s, or otherwise totally fucked, was mathematically secure against anything other than a profound breakthrough in prime factorization algorithms, an unbelievable advance in computational power, or an insider leaking your private key.

    With stuffy like HDCP, it was understood that serious tradeoffs were made in order to make the crypto cheap and fast enough that any POS $200 monitor should be able to decode an encrypted bitstream fast enough to handle the demands of uncompressed digital monitor connections. The weaknesses just came with the territory.

    With something like the PS3, though, they have serious computing power available, and were dealing with a straightforward case of "verify that the code signed with private key X has indeed been thus signed, and not modified since, using public key Y, from which private key X is essentially not computable". Virtually every real-world use of cryptography depends on the ability to do that without disclosing your private key(save by malicious insider/hacker attack).

    What did Sony do wrong? Obviously, they could do nothing about a suitably well-equipped hacker physically modifying a PS3 to stop it from verifying at all, or to always return "yup, all good" regardless of the verification outcome; similarly, a firmware bug could allow the same outcome without the expense of physical modification; but how could it be that they would have to put anything in their client(no matter how well hidden by hardware obfuscation/TPMs/smarcards/whatever) that could be used to compute their private key? Isn't a public key, which is a totally safe piece of data to disclose, all you need to verify whether or not something has been signed with the matching private key?

    I admit that I don't have a deep understanding of this stuff; but it seems like this is the equivalent of "Hey, possession of the list of trusted CAs and their public keys has allowed a hacker with a copy of firefox to compute Verisign's root signing keys!".

    How did Sony fuck up such that this story is not the biggest breakthrough in cryptoanalysis since frequency analysis?
    • Re:Wow... (Score:5, Informative)

      by Fireye (415617) on Wednesday December 29, 2010 @05:47PM (#34703764)

      What did Sony do wrong? Obviously, they could do nothing about a suitably well-equipped hacker physically modifying a PS3 to stop it from verifying at all, or to always return "yup, all good" regardless of the verification outcome; similarly, a firmware bug could allow the same outcome without the expense of physical modification; but how could it be that they would have to put anything in their client(no matter how well hidden by hardware obfuscation/TPMs/smarcards/whatever) that could be used to compute their private key? Isn't a public key, which is a totally safe piece of data to disclose, all you need to verify whether or not something has been signed with the matching private key?
       

      From my layman's understanding of what they did (View the actual conference footage here: http://www.youtube.com/watch?v=GPjd6gHY6A4 [youtube.com] ), they don't HAVE the private key. Sony made a big mistake in their key generation method, where they were supposed to use a random value for one variable, they used a static value. Because of that, you're able to generate valid signed packages without the private key.

      • People seem to be saying "big whoop - they just invalidate the private key for use with anything but list of titles which which they know it was signed". But did I hear him say in that video that it's possible also to calculate more private keys that are totally indistinguishable from original? Meaning that would do nothing at all to resolve that problem?

      • Re: (Score:3, Informative)

        by Anonymous Coward

        Actually, the bug wasn't in key generation, but in *signature* generation.

        They were supposed to salt each signature with a different random salt (number "m"), but they didn't, they used a constant number every time.

        That made the equations for computing the signatures, R and S, easily exploitable, making it possible to simply solve them and obtain the private key. Now, this isn't a computationally expensive operation, since the equations are rather simple, hence the EPIC fail: as soon as anyone realizes Sony

    • by hardburn (141468)

      It was my(admittedly layman's) understanding that a public/private key crypto implementation, assuming it isn't deeply flawed . . .

      That last bit right there is the hard part. Making algorithms was a hard task, to be sure. It took eons before humanity had the right mathematics to make RSA possible, but that work is all done now. There isn't all that much work being done in making new crypto algorithms, because we're pretty sure the ones we have will stand up. Even a breakthrough in Quantum Computing or Complexity Theory wouldn't completely destroy everything out there. There is some work to do in hash algorithms (MD5/SHA1), but that's t

    • Re:Wow... (Score:4, Interesting)

      by Rich0 (548339) on Wednesday December 29, 2010 @06:04PM (#34703914) Homepage

      Dunno, but I can make a comment regarding HDCP.

      HDCP isn't really doing the same thing as Sony's code-signing, and it suffers from the DRM problem where Bob and Eve are the same person.

      As you say, Sony's use case is just traditional public-key digital signatures, and should be completely immune to attack barring major advances, or compromise of the signing key. So, they are without excuse.

      HDCP accomplishes a different mission. HDCP needs to allow any two random and unrelated pieces of AV equipment to talk to each other without anything in-between intercepting the communication. That means that each device must contain a keypair, and not a single key, which means that private keys are inside every HD TV sold today. If you can extract the keypair from any one of those TVs you can fully impersonate that TV which is all you need to crack the system barring key revocation, since HDCP dictates that any device trust any other device with full-quality streams unless it has a revoked key.

      If you crack one TV set you break HDCP somewhat. The manufacturer can of course revoke the key and recall all TVs containing that key at considerable expense, and then re-secure the rest of the system (once the revocation fully propagates, which of course involves a lag).

      The next problem with HDCP is that all the device keys are related to a master key (which is how devices can figure out if any particular keypair is a good one or not without having any prior relationship). The nature of that relationship allows the master key to be brute-forced once a sufficient number of device keys are obtained. Over time a sufficient number of device keys were obtained, and thus the master key was obtained. That makes revocation of individual devices no longer an option, and the only solution at this point is to invalidate every HDMI-sporting device out there.

      The protection on BluRay had similar issues. Again, this is all DRM and it is theoretically insecure since the threat model is an attacker who has physical possession of the keys, which of course there is no mathematical defense against.

      None of this applied to the PS3 - at least not regarding code authentication. Code encryption is a different story - if discs are encrypted then if you extract a private key from any valid console you can decrypt every disc out there, but you can't modify and run them without having the signing key or jailbreaking individual devices.

      I'm curious as to how they did it as well. If they didn't provide details I'd be suspicious that the key wasn't simply leaked. Key management is the achilles heel of public key crypto.

      • Re:Wow... (Score:5, Informative)

        by dch24 (904899) on Wednesday December 29, 2010 @06:28PM (#34704158) Journal
        I'm a little uncertain what you're asking at the end of your comment, but the key they obtained was the Isolation-mode SPU AES key.

        They say at the end of their talk they do not have the LV1 OS keys, and they aren't going to work on them -- those are used to sign & verify games.

        The Isolation-mode SPU AES key is used to verify loaders, and it was broken because the encrypted block is stored at a lower address than the decryption code -- and the size parameter is not verified. So the encrypted block can be overflowed to overwrite the current instruction and then the isolated SPU is under user control.
    • by bushing (20804)

      How did Sony fuck that one up? It was my(admittedly layman's) understanding that a public/private key crypto implementation, assuming it isn't deeply flawed, using key lengths suited to the computational capacities of PDP-8s, or otherwise totally fucked, was mathematically secure against anything other than a profound breakthrough in prime factorization algorithms, an unbelievable advance in computational power, or an insider leaking your private key.

      Close. These algorithms only work correctly if implemented correctly. There are various known pitfalls with each of these algorithms; for example, the original iPhone was unlocked using an RSA implementation error (Bleichenbacher attack against an RSA implementation that does not correctly validate padding and uses exponent 3). ECDSA happens to have a "pitfall" that leaks information inside the signatures it makes.

      This doesn't make it a bad algorithm -- it can achieve the same security of RSA using small

      • The "pitfall" isn't a pitfall because it doesn't apply to correctly implemented ECDSA. As long as you use a random m for every sig, you're safe. If you reuse m just once (or you somehow let the attacker guess m, or even an incomplete part of it), you leak the private key. If anything, the only con is that ECDSA requires a random number source for signing.

        This is basically just a superficially subtle screwup that turns out to have massive consequences for the security of the cryptosystem.

  • Yipee, replacement parts for the Beowulf cluster!

  • I wanted to commit a PS3 to biomedical research on a project of MY choosing, as well as play LEGIT games but that was taken because ... well it doesn't matter as it's too late now.
  • by W. Justice Black (11445) on Wednesday December 29, 2010 @05:39PM (#34703650) Homepage

    Folks toss about the phrase "Epic Fail" far too loosely. Here's what a real Epic Fail looks like:

    The DRM code has a bug that, when a certain condition happens (time passes, specially-formulated packet received, etc.), it overclocks the CPU to the point that it catches on fire. Within minutes of the event, most of the millions of PS3s in the wild have set peoples' homes ablaze.

    As a result, thousands die and the insurance industry collapses. Anarchy reigns, so there's nobody to enforce copyright anymore and the original DRM is rendered irrelevant.

    THAT is an epic fail.

    • Re: (Score:3, Funny)

      by NitroWolf (72977)

      Folks toss about the phrase "Epic Fail" far too loosely. Here's what a real Epic Fail looks like:

      The DRM code has a bug that, when a certain condition happens (time passes, specially-formulated packet received, etc.), it overclocks the CPU to the point that it catches on fire. Within minutes of the event, most of the millions of PS3s in the wild have set peoples' homes ablaze.

      As a result, thousands die and the insurance industry collapses. Anarchy reigns, so there's nobody to enforce copyright anymore and the original DRM is rendered irrelevant.

      THAT is an epic fail.

      While I tend to agree that it's not exactly an Epic Fail on Sony's part, your description goes far beyond Epic Fail... that would probably be the most Awesome Fail in the history of electronics.

    • by Eric Smith (4379)
      That would be way beyond "epic". I'm not sure that a suitable adjective for that level of fail has even been invented.
  • OtherOS (Score:5, Insightful)

    by Anonymous Coward on Wednesday December 29, 2010 @05:40PM (#34703672)

    From @fail0verflow:

    "we only started looking at the ps3 after otheros was killed."

    and

    "our goal is to have linux running on all existing PS3 consoles, whatever their firmware versions."

    If Sony would have left OtherOS alone, they wouldn't be in this predicament.

  • Do they really have Sony's signing key?

    Of course, the real win would be to get the Windows Update private key. That, and a BGP exploit, and you can rule the Windows world. I still consider Windows Update an unacceptable backdoor. Someday, that's going to backfire.

  • What does this mean for hacks and other programs that modify program code or execute and stay resident alongside game code? Does the cracking of the keys allow custom boot loaders that will open the doors for hacking?

    If so, this is a sad day. The primary reason I bought a PS3 was to play in a hack free environment.

  • "dongle-less jailbreaking by overflowing the bootup NOR flash"

    Awesome. I expect to hear this line in a sci-fi movie someday.

  • by Joe Snipe (224958) on Wednesday December 29, 2010 @05:50PM (#34703786) Homepage Journal

    So does this mean a hypervisor free linux is around the corner? I may change my stance on buying a PS3.

  • by Flammon (4726) on Wednesday December 29, 2010 @06:18PM (#34704052) Homepage Journal
    I hope XBMC will be ported to it now.
  • by AbRASiON (589899) * on Wednesday December 29, 2010 @06:42PM (#34704340) Journal

    That's all I want, badly, very badly.
    It's half the reason I got the PS3 when I did, XBMC was in the early stages of PS3 support, however the idiots at Sony blocked the GPU acceleration for the video so the team abandoned it once the 3D loophole was closed in linux. I don't know the full term, something along the lines of a hypervisor.
    Then they closed off linux all together.

    I love it as a gaming machine but I wish it could match my Xbox1. The Ps3 hardware is amazing, XBMC would be brilliant on it.

  • by metalmaster (1005171) on Wednesday December 29, 2010 @06:46PM (#34704414)

    The PS3 was being attacked well before OtherOS removal. When linux was available the graphics on the machine were limited to virtualization. The race was on too crack the 7 locked down SPUs. Were people successful? Mostly no, but that doesnt mean attempts havent been made. If i remember correctly, Geohot's intention was to gain access to the cores. They just happened to find an exploit to give them keys to the kingdom

    Removing linux definitely brought the talent out of the woodwork, but it did not start a war

  • by Jafafa Hots (580169) on Thursday December 30, 2010 @12:23AM (#34707182) Homepage Journal

    Now all they have to do is crack the "having to buy an overpriced piece of proprietary hardware that merely replicates what the PC I own can already do" part of the equation.

    Crack that, and I'll be all set. Otherwise I'm not spending several hundred dollars to buy a box to take up more space simply to play software that my PC would be able to play if it weren't for someone's desire to complete control and every last dollar.

    Change from a hardware/software company to a software company, and I'll use your product.

How many hardware guys does it take to change a light bulb? "Well the diagnostics say it's fine buddy, so it's a software problem."

Working...