PS3 Encryption Keys Leaked 284
An anonymous reader writes "PS3 security has been compromised again. The holy grail of the PS3 security encryption keys — LV0 keys — have been found and leaked into the wild. For the homebrew community, this means deeper access into the PS3: the possibility of custom (or modified) firmware up to the most recent version, the possibility of bypassing PS3 hypervisor for installing GNU/Linux with full hardware access, dual firmware booting, homebrew advanced recovery (on the molds of Bootmii on Wii), and more. It might lead to more rampant piracy too, because the LV0 keys could facilitate the discovering of the newer games' encryption keys, ones that require newer firmware."
Re:Sony did this to themselves (Score:3, Interesting)
GPU programming killed off Cell's value (Score:2, Interesting)
GPU programming, while more difficult, offers higher performance vector computing, on common hardware, unlike the cell processor. The G80 was not released until late 2006, and CUDA took until about 2008. Until then, the Cell processor had mindshare.
The trend is towards closed computing. (Score:5, Interesting)
It's always a little amazing to see how people cheer on the leaks and cracks when they appear in a closed system, yet continue to support these closed systems with their money and attention when open systems are available.
It's just this very weird disconnect in consumer psychology. You don't have to crack a PC (yet) to do what you want with it. But you make a computer small and flat and suddenly you find yourself having to pay $1+ for every little program, from a collection of programs that somebody else has decided you shall have access to. You don't see the "fuck the man" attitude at the store, you only see it when a Scandinavian high schooler comes up with a crack for your game console and the manufacturer tells you you can't have it.
I just don't get it. How many years past DeCSS are we and banging our heads against the same wall?
Re:Sony did this to themselves (Score:5, Interesting)
Fundamentally, client-side security doesn't work. You can obscure the hell out of it and bury it deep within the system, but sooner or later, someone's gonna crack it.
It lasted six years. The PS3 doesn't have much life left as a flagship console. Better security would have been a waste of money.
Re:It's nice but... (Score:5, Interesting)
Served its purpose? It's still a powerful machine. Would be a brilliant media center with better software. Homebrew, emulators. Sounds like a purpose is just starting to me.
The only disappointing part is this is coming about not through Sony coming to their senses or the courts forcing them to restore Linux functionality to the PS3, but through the tenacity of hacktivists. But such is the world we live in.
Comment removed (Score:5, Interesting)
Re:subject (Score:4, Interesting)
Re:subject (Score:5, Interesting)
I would not be at all surprised to find out that the leak came from Sony, and was deliberate.
Making the PSX/PS1 easy to hack was the smartest thing that Sony ever did, intentionally or not. Chipping the PlayStation was simple for geeks, who got excited about exclusive games like Gran Turismo, Metal Gear Solid and Final Fantasy 7, and spread the word to their non-chipping friends.
The original PlayStation was so overwhelmingly popular that they mortally wounded Sega, and ensured that the N64 was only a modest success.
That set the stage for the PS2 to be the best-selling console in history, despite the efforts of the (deeply-subsidized) Xbox, which was an excellent console in its own right.
The PS3 was not hacker-friendly or technologically superior. Worst of all, it was very expensive. The reasonable success that Sony has had with the PS3 is largely due to the momentum from the PS1 and PS2 - the PS4 will have no such advantage.
In its last years, the PS3 is still unable to compete on price. The basic specs cannot be improved without destroying backwards compatibility. That only left Sony with one option - make the PS3 easy to hack.
Re:subject (Score:5, Interesting)
Oh, one more thing. I'm assuming that these keys actually should be called the bootldr keys (as in the keys that bootldr uses to verify lv0), and that the name "lv0" is just a misnomer (because lv0 is, itself, signed using these keys).
If this keyset is just what Sony introduced in lv0 after the original hack, and they are used to sign everything *under* lv0 and that is loaded *by* lv0, then this whole thing is not newsworthy and none of what I said applies. It just means that all firmwares *to date* can be decrypted. Sony will replace this keyset and update lv0 and everything will be back at step 1 again. lv0 is updatable, unlike bootldr, and is most definitely not a fixed root of trust (unlike metldr, which was, until the architecture hack/change wrapped everything in lv0). If this is the case, color me unimpressed.
Re:subject (Score:4, Interesting)
If you acquire any free games you haven't paid for and are supposed to, that is theft.
Legal Dictionary on "Theft" :
the generic term for all crimes in which a person intentionally and fraudulently takes personal property of another without permission or consent and with the intent to convert it to the taker's use
In a broad sense it would seem to fit, but I'm not sure about the "takes personal property" : it's not really taken, the original owner still has it.
If I were to develop my own game, based on the an existing game ( just from experience with the game ), I would be creating a free game, and some people might decide to play my free game instead of buying the original. But would it be theft ?
The way you describe it, it would be, because I copied something : I copied the idea .
If so, then a whole lot of free games would be illegal.
Tax Breaks (Score:4, Interesting)
Re:It's nice but... (Score:4, Interesting)
The techniques developed could help crack the next generation console though. It is hard to see how you can possibly defend against things like memory bus glitching, which was the initial attack vector.