bandit
December 29th, 2010, 19:34
http://i202.photobucket.com/albums/aa112/dcemureviews/epicfail.jpg
This morning was the big unveil at the Chaos Communication Congress in Berlin, and it did not disappoint. Here is a brief synopsis for those that missed it.
The first few minutes of the conference were spent explaining the state of security on other consoles (Wii, 360, etc). Following this, the group went on to explain the current state of affairs on the PS3. First, explaining Geohot's memory line glitching exploit from earlier this year. The team then went on to explain the current PS3 security bypasses, such as jailbreaking and service mode/downgrading.
Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs Following this, the team declared Sony's security to be EPIC FAIL!
The recent advent of these new exploits means current firmware is vulnerable, v3.55 and possibly beyond. It will be very difficult for Sony to fix the described exploits.
The team then displayed the website http://fail0verflow.com/ were we assume will host examples of the new exploits and further details. They stated that easy to use tools would be coming next month.
Update via http://twitter.com/fail0verflow
# fail0verflow is the name of our 'group'. We are a bunch of curious hackers who have been working on a bunch of things over the last 3 years.
# our goal is to have linux running on all existing PS3 consoles, whatever their firmware versions.
# Our current PS3 goal: AsbestOS.pup
# For all those out there that think fail0verflow.com has been hacked - it hasn't. We're just busy working on a demo for tomorrow. Patience!
We have uploaded the full video for those who missed it.
4loZGYqaZ7I
Live Demo will be available tomorrow during the CCC's Lighting Talks and possible tools for developers to be released within a month.
**UPDATE 12/30/10**
The Lightning Talk is done and over with and the video is up for those who missed it. Thanks to PSGroove for uploading the video:
lGI0EnNQ5GE
Team fail0verflow also released their presentation slides and we have attached it below.
Source: PSGroove (http://psgroove.com/content.php?581-Sony-s-PS3-Security-is-Epic-Fail)
This morning was the big unveil at the Chaos Communication Congress in Berlin, and it did not disappoint. Here is a brief synopsis for those that missed it.
The first few minutes of the conference were spent explaining the state of security on other consoles (Wii, 360, etc). Following this, the group went on to explain the current state of affairs on the PS3. First, explaining Geohot's memory line glitching exploit from earlier this year. The team then went on to explain the current PS3 security bypasses, such as jailbreaking and service mode/downgrading.
Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs Following this, the team declared Sony's security to be EPIC FAIL!
The recent advent of these new exploits means current firmware is vulnerable, v3.55 and possibly beyond. It will be very difficult for Sony to fix the described exploits.
The team then displayed the website http://fail0verflow.com/ were we assume will host examples of the new exploits and further details. They stated that easy to use tools would be coming next month.
Update via http://twitter.com/fail0verflow
# fail0verflow is the name of our 'group'. We are a bunch of curious hackers who have been working on a bunch of things over the last 3 years.
# our goal is to have linux running on all existing PS3 consoles, whatever their firmware versions.
# Our current PS3 goal: AsbestOS.pup
# For all those out there that think fail0verflow.com has been hacked - it hasn't. We're just busy working on a demo for tomorrow. Patience!
We have uploaded the full video for those who missed it.
4loZGYqaZ7I
Live Demo will be available tomorrow during the CCC's Lighting Talks and possible tools for developers to be released within a month.
**UPDATE 12/30/10**
The Lightning Talk is done and over with and the video is up for those who missed it. Thanks to PSGroove for uploading the video:
lGI0EnNQ5GE
Team fail0verflow also released their presentation slides and we have attached it below.
Source: PSGroove (http://psgroove.com/content.php?581-Sony-s-PS3-Security-is-Epic-Fail)