Forgot your password?
typodupeerror
Encryption PlayStation (Games) Security Sony Games

PS3 Encryption Keys Leaked 284

Posted by Soulskill
from the andrei,-you've-lost-another-submarine? dept.
An anonymous reader writes "PS3 security has been compromised again. The holy grail of the PS3 security encryption keys — LV0 keys — have been found and leaked into the wild. For the homebrew community, this means deeper access into the PS3: the possibility of custom (or modified) firmware up to the most recent version, the possibility of bypassing PS3 hypervisor for installing GNU/Linux with full hardware access, dual firmware booting, homebrew advanced recovery (on the molds of Bootmii on Wii), and more. It might lead to more rampant piracy too, because the LV0 keys could facilitate the discovering of the newer games' encryption keys, ones that require newer firmware."
This discussion has been archived. No new comments can be posted.

PS3 Encryption Keys Leaked

Comments Filter:
  • It's nice but... (Score:5, Insightful)

    by thetoadwarrior (1268702) on Tuesday October 23, 2012 @07:09PM (#41746351) Homepage
    The PS3 is nearing the end of its life and it's taken 6 years to do it so it's served its purpose.
  • by girlintraining (1395911) on Tuesday October 23, 2012 @07:10PM (#41746357)

    Fundamentally, client-side security doesn't work. You can obscure the hell out of it and bury it deep within the system, but sooner or later, someone's gonna crack it. If they'd just let the damn homebrew people make backups of their games and install their own software, I doubt the mod community would have sprung up like this. They wanted access to the hardware, not pirated games. If they'd just locked up the portion of the system responsible for validating a game disk with some kind of TPM mechanism but left the possibility of running "unsigned" content, I doubt this breakthrough would have happened within the life of the product.

    Sony, like every other big corporation, doesn't understand how hackers think. They don't give a fuck about your games: They want to see the nifty hardware! They want to push it to its limits, make new stuff with it. These are creative people who are endlessly fascinated with how things work. They're bored engineers.

    But management got the idea in their head that the hardware is also theirs, not the person who bought it, and they're the only ones that get to say what it does, how it does it, etc. In so doing, they pissed off about a half million people who have the time, patience, resources, and will to tear the damn thing apart piece by piece until it's theirs again. Guys, why couldn't you just let them have their fucking Linux on PS3?

  • Six years later... (Score:2, Insightful)

    by Anonymous Coward on Tuesday October 23, 2012 @07:16PM (#41746387)

    Say what you will about Sony, but they managed to keep the PS3 almost totally immune to hacking for the entire life of the console up til now. Six years, and only a year or so away from the next hardware iteration. That's pretty much a record for game consoles, a rather impressive achievement.

  • by Anonymous Coward on Tuesday October 23, 2012 @07:18PM (#41746407)

    Does Sony have ANYONE who understands security?

    No, Sony only understands how to fuck its customers.
    Everything else is a secondary consideration.

  • by AbRASiON (589899) * on Tuesday October 23, 2012 @07:30PM (#41746489) Journal

    Honestly if you have any patience you just wait 3 months and the good games are 25$ a pop - that's 2 lunches for me. I'm in my 30's now and I suspect my heavy piracy days are long gone. I also feel slight guilt when I pirate games now, some of these guys bust their asses to make some really good stuff. If ever do pirate anything it's only the gargantuan huge games which are selling a tonne anyhow.

    I'm also really really happy with my PS3. I know Sony is the devil here but the exclusive games for the system, unlike the 360 - don't get ported to PC. There's some genuinely unique and fantastic games on the platform.

    If I didn't own a beast little HTPC now (HP Microserver N40L) then I would however be happy that finally XBMC might come to the PS3. (I can't deny it DID piss me off they closed the loophole the developers were considering on the PS3) They honestly coudl've sold a shitload more if the PS3 supported XBMC out of the box with a basic live boot CD / DVD or something.

  • by OrangeTide (124937) on Tuesday October 23, 2012 @07:34PM (#41746515) Homepage Journal

    Yea, the amount of time it took for this to happen is just too long for pirates to take it seriously.
    But it's nice that this has been hacked so we can repurpose discarded PS3s when a console for this upcoming generation is released.

  • by GigaplexNZ (1233886) on Tuesday October 23, 2012 @07:50PM (#41746617)
    Considering this security failure is occurring towards the end of life of the device, it actually did its job this time.
  • by dgatwood (11270) on Tuesday October 23, 2012 @07:55PM (#41746653) Journal

    Very true. The right solution is to make signing free for homebrew creators, but either:

    • Require server-side signing where you upload the game and get back a signature. That way, they can do various checksum-style tests to see if the signed content is likely pirated before signing it.
    • Require that each homebrew game be signed using a private key that is specific to each device, and design the hardware/OS so that only factory-signed code can use that private key. Add factory-signed tools that perform those various checksum tests locally and ask the servers for permission before signing the binary. The servers could reject requests from out-of-date versions of the signing tools, so you could have the same sort of forced-updating process for the signing tools that you'd have with a server-side solution, but you wouldn't have to push the whole binary across the wire.
    • Charge a small amount of money for the ability to sign homebrew binaries.

    Either way, it's a cat-and-mouse game, but at least with those sorts of schemes, the pirates are on their own when trying to gain hardware access instead of having the homebrew folks working alongside them. Many eyes make all security holes public, and all.

  • by Anonymous Coward on Tuesday October 23, 2012 @08:24PM (#41746843)

    Piracy on XBOX 360 is rampant. Ceva launch updates to racked dvd units firmwares every month.

  • by Kaenneth (82978) on Tuesday October 23, 2012 @08:57PM (#41747039) Homepage Journal

    They (initially) sold hardware at a loss, planning to make up the cost by selling games.

    The homebrewers are not, as stated, interested in the games. Therefore, in Sony's view they are stealing the hardware, just as much as someone downloading Sony brand music is stealing it.

    The only reason PS3s were able to make cheap clusters is because Sony subsidized the consumer hardware; otherwise it would make more sense to buy hardware designed for the purpose without the controller ports, blu-ray drives, etc. etc.

    It's a result of Sony's business decision, and they were losing too much to the people who would never buy a single game or blu-ray movie, so they cut their losses by killing homebrew capabilities, protecting the price points for their profitable target market.

  • by Charliemopps (1157495) on Tuesday October 23, 2012 @09:05PM (#41747089)
    Pirates pirate... period. If they want to play free games, they are going to. If you lock your hardware down so they can't play pirated games on it, they just use someone elses hardware. At least you could have made some cash off the console. Oh wait... You're selling the console for less than it costs to make it so you can lock in customers and then screw them with overpriced games? Well shit... I think you just figured out why people are trying to pirate your software. Get a business model that doesn't involve screwing people over and manipulating teenagers into dumping all their cash into your shitty console and maybe they wont spend half their adult lives trying to screw you back. Piracy is such an easy problem to solve... instead you spend stupendous amounts of money trying to prevent it so that you can keep your 1980s business model. You get what you deserve.
  • by metamatic (202216) on Tuesday October 23, 2012 @09:54PM (#41747461) Homepage Journal

    It's always a little amazing to see how people cheer on the leaks and cracks when they appear in a closed system, yet continue to support these closed systems with their money and attention when open systems are available.

    What open game console has a decent selection of games?

  • by Kjella (173770) on Tuesday October 23, 2012 @10:45PM (#41747907) Homepage

    Pirates pirate... period. If they want to play free games, they are going to. (...) Piracy is such an easy problem to solve...

    What then, give away the games? Sure that'd solve piracy in a sense, just like consenting to sex will prevent you getting raped.

    Oh wait... You're selling the console for less than it costs to make it so you can lock in customers and then screw them with overpriced games? Well shit... I think you just figured out why people are trying to pirate your software.

    Nobody put a gun to their head and told them to get a console instead of a PC. It has been proven time and time again that consumers don't like up front costs, they want cheap printers and expensive ink. Or actually they don't like any costs so they want cheap hardware, free games and a pony. If any of the silly self-justification you make up was true, why is then piracy rampant on platforms that aren't locked down too?

  • A Windows PC? (Score:5, Insightful)

    by Sycraft-fu (314770) on Wednesday October 24, 2012 @12:49AM (#41748643)

    It's not open in the OSS-speak sense but it is in the sense you can install any software you want on it, write code for it with no license to anyone and so on. You can even run other OSes along side it as a dual boot, or in it with an emulator. Has all kinds of the games.

    I do all my gaming (and I do a ton of gaming) on the PC not for any idealistic reasons, but because I like it better. There are very, very few games I don't get to have that consoles do, and a number I get to have that consoles don't. It is a very valid gaming platform, and is open if that matters to you.

  • Re:Why downgrade? (Score:2, Insightful)

    by Anonymous Coward on Wednesday October 24, 2012 @02:36AM (#41749113)

    Sure. So you hack you're Wii, but are ethical about it and don't pirate.

    Pfft. So many bullshitters on this site. Especially when it comes to a Sony article.

  • Re:subject (Score:4, Insightful)

    by Khyber (864651) <techkitsune@gmail.com> on Wednesday October 24, 2012 @07:47AM (#41750463) Homepage Journal

    "The PS3 was not hacker-friendly or technologically superior"

    Oh, but it was technologically superior. Hacker-friendly, no.

    2 TFLOPS vs 360's 1 TFLOP.

    Superior GPU.

"A great many people think they are thinking when they are merely rearranging their prejudices." -- William James

Working...