It appears that Sony's PS3 has been fatally compromised. At the Chaos Communication Congress in Berlin, a team named 'fail0verflow' revealed that they had calculated the Private Keys, which would let them or anyone else, generate signed software for the PS3. Additionally, they also claim to have a method of jailbreaking the PS3 without the use of a Dongle, which is the current method. If all these statements are true, this opens the door to custom firmware, and homebrew software. Assuming that Sony doesn't take radical action and invalidate their private keys, this could mean that Jailbreaking is viable on all PS3, regardless of their firmware! From the article: 'Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs Following this, the team declared Sony's security to be EPIC FAIL!'

http://games.slashdot.org/story/10/12/29/204253/Playstation-3-Code-Signing-Cracked-For-Good

This is serious

One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system.


This annoys me - just quoting an article that the fail0verflow team have already stated is inaccurate.

I guess this is the trouble with News being copied from site-to-site with no actual research.


Whoever originally wrote something about "overflowing the bootup NOR flash" needs to be shot (after watching the talk and paying attention)


also, the team are not claiming to be able to "sign any software". If you listen to the Q&A they quite clearly state that doesnt include game-signing, but (iirc) update files and the like.

They can sign pkg files, which is all we need it for.

To my understanding, they cannot sign game/application pkg files, just those within a update pup file.

Ha Ha Hah... And what stage do you think Ps3 hacking would be in if Sony just left OtherOS? I'm guessing still chipping away at Ps3 Linux with no piracy yet, and now it looks like Sony has completely lost the battle when they provoked this to happen.

To my understanding, they cannot sign game/application pkg files, just those within a update pup file.

at least somebody was listening!

To my understanding, they cannot sign game/application pkg files, just those within a update pup file.

ok folks, you can now decrypt and sign anything on the playstation 3 system. Congrats geohot !
http://geohot.com/

Well, nobody ever said they wouldn't progress today. ;)

This is going to be interesting. :)

Of course, the logical course of action is to invalidate all existing keys in a FW update, push updates and patches of all existing software to use the new keys, then brutally banhammer and possibly invoke legal action on anyone seen on PSN running 'oldsigned' anything.

The problem with that is that they cannot invalidate the metldr key, if I recall correctly. The metldr key is known now, and with just that you can load any other loader and extract the keys from it using the fail0verflow method. Now, they could in theory update all the loaders that they can update with new keys and fix the overflow problem and bad "random" value, which might prevent people from getting any new keys... That doesn't fix the whole problem as it stands though, since metldr will still be vulnerable. (This is all to my understanding... I'm no expert on PS3 stuff, so I may be wrong)

They'd not only have to replace all software, they'd have to replace the hardware as well (to fix the fact that the metldr key is out). Somehow I don't think they'll be doing that.