Looks like the PS3 has been hacked then (no evidence yet)

KeRbDoG

http://geohotps3.blogspot.com/2010/01/hello-hypervisor-im-geohot.html

Stuxnet

http://www.boards.ie/vbulletin/showthread.php?t=2055780057

TouchingVirus

kerbdog wrote: »

http://geohotps3.blogspot.com/2010/01/hello-hypervisor-im-geohot.html

Looks like it really has been hacked ...fair play to him

Myrddin

TouchingVirus wrote: »

Looks like it really has been hacked ...fair play to him

Mind boggling :eek:

Im not sure if Im happy or not though...somehow I dont wanna see the ps3 being turned into just another console where piracy is rife.

If this lad is worth his salt, Id like to see him tightly control this exploit. Id like it if we seen homebrew code with hypervisor level access, but nothing that can boot games. The machine has huge computing potential, and would fall nicely into certain homebrew categories...but piracy should be a serious no-no.

witnessmenow

Would be hard to have one without the other though.....

Its large d/ls will be a pretty big deterant!

TouchingVirus

witnessmenow wrote: »

Would be hard to have one without the other though.....

Its large d/ls will be a pretty big deterant!

Completely agree with both statements. Blu-Ray downloads - 25gig a pop, or 50 for a double? I honestly can't see who'd bother - even on a HEAnet connection that'd take a while and send up a pretty big red flag to any decent system admin.

The guy has some serious talent, no doubt about it. He is a bit of an arrogant knob though :P

Kimbot

Also Blueray disks and drives are currently still a bit pricey.

TouchingVirus

jonny24ie wrote: »

Also Blueray disks and drives are currently still a bit pricey.

Yeah, but r/w access to memory and what appears to be access to the hypervisor could mean apps that access BR images on the PS3 hard drive from a loader (like the Wii and even XBR for the 360) are around the corner, then you've no need for a BluRay burner or blanks, just a few TB of hard drives.

Myrddin

witnessmenow wrote: »

Would be hard to have one without the other though.....

Its large d/ls will be a pretty big deterant!

The huge sizes will certainly rule out downloading, well for mainstream users anyway. What concerns me though is the inevitable release of a HDLoader type app. It will/would become common place for people to "rent" games, dump them to the ps3 hdd and there you go. Especially with the introduction now of the companies who post out the game to you, and you send it back and get another one...fairly cheap method of building ones ps3 games library. That is unless you still need the disc in the drive (a la 360)...but its all hypothetical for now...

TouchingVirus wrote: »

Completely agree with both statements. Blu-Ray downloads - 25gig a pop, or 50 for a double? I honestly can't see who'd bother - even on a HEAnet connection that'd take a while and send up a pretty big red flag to any system admin worth their salt.

The guy has some serious talent, no doubt about it. He is a bit of an arrogant knob though :P

Ridiculously talented I might add....but it doesnt be long before these guys are whipped up by propritery developers, and their talents are then put to work developing security, as opposed to breaking it (the guy who hacked Nagra1 was an example).

As wittnessmenow pointed out...its nigh impossible to have homebrew code with bootloaders/hdloaders etc being developed...but if it were me, Id rather be remembered as the man who SAVED the ps3...not destroyed it. Maybe he shouldnt release the exploit, its enough to have proved you have the ability to hack a system that NOBODY else can...why destroy the console & hurt the industry into the bargain?

TouchingVirus

EnterNow wrote: »

Ridiculously talented I might add....but it doesnt be long before these guys are whipped up by propritery developers, and their talents are then put to work developing security, as opposed to breaking it (the guy who hacked Nagra1 was an example).

I don't think Sony will make the mistake of not hiring him if his exploit is real. Mark Russinovich is also a prime example of a great reverse engineer who was snapped up by the company who's product he RE'd (Microsoft ).

Maybe he shouldnt release the exploit, its enough to have proved you have the ability to hack a system that NOBODY else can...why destroy the console & hurt the industry into the bargain?

That's a good point, but his track record doesn't really suggest he's going to keep quiet. He suggests his flaw is a native flaw that can't really be patched too, so if it's out it could be out to stay...

He's been talking to the BBC, so it definitely appears to be legit..

A US hacker who gained notoriety for unlocking Apple's iPhone as a teenager has told BBC News that he has now hacked Sony's PlayStation 3 (PS3).

George Hotz said the hack, which could allow people to run pirated games or homemade software, took him five weeks.

He said he was still refining the technique but intended to post full details online soon.

The PS3 is the only games console that has not been hacked, despite being on the market for three years.

"It's supposed to be unhackable - but nothing is unhackable," Mr Hotz told BBC News.

"I can now do whatever I want with the system. It's like I've got an awesome new power - I'm just not sure how to wield it."

Sony said it was "investigating the report" and would "clarify the situation" when it had more information.

'Open curiosity'

Mr Hotz said that he had begun the hack last summer when he had spent three weeks analysing the hardware.

After a long break, he spent a further two weeks cracking the console, which he described as a "very secure system".

He said that he was not yet ready to reveal the full details of the hack but said that it was "5% hardware and 95% software".
Playstation 3 (Sony)
The hack could allow gamers to play pirated games

"You can use hardware to inject an insecurity and then you can build on that," he said.

He admitted that he had not managed to hack the whole system, including the protected memory, but had worked out ways to trick the console into doing what he wanted.

Mr Hotz said that he was continuing to work on the hack and, once finished, would publish details online in a similar way to his previous iPhone exploits.

In particular, he said, he would publish details of the console's "root key", a master code that once known would make it easier for others to decipher and hack other security features on the console.

He said his motivation was "curiosity" and "opening up the platform".

"To tell you the truth, I've never really played a PS3," he said. "I have one game, but I've never really played it."

Opening the system could allow people to install other operating systems on their console and play homemade games, he said.

In addition, he said, the hack would allow people to play older PS2 games on their consoles.

Recent versions of the PS3 do not have the ability to play PS2 games after Sony controversially removed a piece of hardware.

He admitted that it could also allow people to run pirated games.

"I'm not going to personally have anything to do with that," he told BBC News.

Gaming firms do not take the issue of game piracy and console modification lightly. Recently, Microsoft disconnected thousands of gamers from its online gaming service Xbox Live for modifying their consoles to play pirated games.

Mr Hotz said that the nature of his PS3 hack means that Sony may have difficulty patching the exploit.

"We are investigating the report and will clarify the situation once we have more information," said a Sony spokesman.

Mr Hotz rose to fame in 2007 at the age of 17 when he unlocked the iPhone, which could only be used on the AT&T network in the US at launch.

The hack allowed the popular handset to be used on any network.

He has since released various other hacks, allowing people to unlock later versions of the popular handset.

http://news.bbc.co.uk/2/hi/technology/8478764.stm

Myrddin

Very interesting interview. It would appear that he morally doesnt give a sh*t what people do with the hack.....shows his immaturity really.

"He admitted that he had not managed to hack the whole system, including the protected memory, but had worked out ways to trick the console into doing what he wanted." - this part is interesting, he is obviously using an exploit to hardware inject code into the ps3, but if he hasnt got access to protected memory, how can he make the console "do what he wants"?

Id say right now Sony are very concerned. Wouldn surprise me if they offered him dollars to keep his big mouth shut I also find it interesting that he reckons his exploit is unfixable. This would indicate that he is exploiting a very LARGE hole in the system, and you would think this would have been discovered sooner.

Well folks I dont think anybody is gonna stop this now judging by his manner...prepare yourselves for an invasion of pirates/probable bannings from PSN/a boom in game rentals/BDR's finally being sold/HDD sales increasing etc etc

TouchingVirus

EnterNow wrote: »

Very interesting interview. It would appear that he morally doesnt give a sh*t what people do with the hack.....shows his immaturity really.

"He admitted that he had not managed to hack the whole system, including the protected memory, but had worked out ways to trick the console into doing what he wanted." - this part is interesting, he is obviously using an exploit to hardware inject code into the ps3, but if he hasnt got access to protected memory, how can he make the console "do what he wants"?

I don't know the PS3 architecture well enough to comment on this, but it's a curious statement all right. Perhaps it's only a matter of time until he gets the keys and figures a way to get into the protected memory too. And then it's pretty much game over afaik.

Id say right now Sony are very concerned. Wouldn surprise me if they offered him dollars to keep his big mouth shut I also find it interesting that he reckons his exploit is unfixable. This would indicate that he is exploiting a very LARGE hole in the system, and you would think this would have been discovered sooner.

It's not really possible to think of every attack vector when designing a system. And he did say that Sony can make it much harder to implement this exploit in the future, probably with other software/hardware revisions. His comment suggests that it is indeed a native flaw in the architecture of the PS3 that he's gone and exploited.

Well folks I dont think anybody is gonna stop this now judging by his manner...prepare yourselves for an invasion of pirates/probable bannings from PSN/a boom in game rentals/BDR's finally being sold/HDD sales increasing etc etc

BDR manufacturers, BR blank manfacturers, and Xtravision are collectively wetting themselves :P

Myrddin

TouchingVirus wrote: »

BDR manufacturers, BR blank manfacturers, and Xtravision are collectively wetting themselves :P

A classic :pac::pac::pac:

Inquitus

TouchingVirus wrote: »

Completely agree with both statements. Blu-Ray downloads - 25gig a pop, or 50 for a double? I honestly can't see who'd bother - even on a HEAnet connection that'd take a while and send up a pretty big red flag to any decent system admin.

The guy has some serious talent, no doubt about it. He is a bit of an arrogant knob though :P

UPC 30Mb BB is now common, with a 250GB Monthly fairuse cap.

Thats up to 10 games a month and each 25GB can be dl in just under 2 hours. Thats not much of a deterent really.

TouchingVirus

Inquitus wrote: »

UPC 30Mb BB is now common, with a 250GB Monthly fairuse cap.

Thats up to 10 games a month and each 25GB can be dl in just under 2 hours. Thats not much of a deterent really.

The average broadband speed across Europe is ~3.5Mbit/sec.

UPC 30Mb broadband isn't common just yet, their switchover isn't supposed to happen until February. Similarly uncommon would be the idea that somebody getting 30Mb of broadband would only get it for PS3 games, the same people probably have a few other activites to concern themselves with that'll eat up a fair chunk of their bandwidth before delving into the illegalities of PS3 game piracy.

You are also assuming that any download will be reaching the maximum speed at all times which is rarely the case with any broadband connection without a 1:1 contention ratio. And let's not forget there are other factors to bring into the equation like hoster speed, location, routes etc.

Suffice to say that our point was that PS3 piracy still has a number of deterrents over other forms of console piracy, and that situation isn't going to change any time soon. I'm not going to discuss other issues pertaining to this here, I like this forum and won't put it at risk.

From reading comments it would appear that currently George is 'bigging up' his success, and PS3 backups are still not quite there yet.

docentore

Inquitus wrote: »

UPC 30Mb BB is now common, with a 250GB Monthly fairuse cap.

Thats up to 10 games a month and each 25GB can be dl in just under 2 hours. Thats not much of a deterent really.

hell with pirating, homebrew that the main target. it is very powerful computing machine for small price.

And I don't think games are 25 or 50gb. There are probably ~5gb each, the rest is dummy file, like in xbox360 isos - each is ~7gb but games vary from 1-7gb.

Myrddin

docentore wrote: »

And I don't think games are 25 or 50gb. There are probably ~5gb each, the rest is dummy file, like in xbox360 isos - each is ~7gb but games vary from 1-7gb.

You know your stuff Docentore so Im not going to question that statement at all....I find it very interesting. From a purely technical standpoint, we all know there are360 games being pirated every day of the week ok. Why is it the case then that the full 7gb will have to be downloaded? Can the dummy file not be artificially created and added to the game files? Or is the dummy file heavily integrated into the game files and each one varies?

Regards the UPC30 package that was mentioned, have a look in the Broadband forum Inquitus...you'll see people having issues with the 20mb pack and the average d/l speeds they can attain. 30mb, as touchingvirus said, will have its own contention issues to deal with. Not to mention the fluctuating speeds peak/offpeak....but thats all for another forum.

As Docentore stated, the PS3 is a powerful computing machine, and to unleash that onto the homebrew scene should yield some fantastic stuff. I think everyone here has enough respect for the system/industry though, to not want to see pirating on the PS3....albeit, its probably imminent.

TouchingVirus

docentore wrote: »

hell with pirating, homebrew that the main target. it is very powerful computing machine for small price.

And I don't think games are 25 or 50gb. There are probably ~5gb each, the rest is dummy file, like in xbox360 isos - each is ~7gb but games vary from 1-7gb.

You're right, just like Wii games - Super Mario Bros Wii is only 370MB after scrubbing it and putting it onto a HDD Loader but when you copy it it's 4.7GB. It's empty padding at the end of the CD to fill up the space and can easily be scrubbed out or put back in if required. Perhaps it's different for the PS3 though and it needs the empty data somehow, like a CRC or whatever and that'd prevent stripping out the data

Piracy isn't imminment on the platform, but it might be looking more likely. GeoHot is still a fair bit away from slapping in a backup and playing it after reading comments from other PS3 hackers and people with intricate knowledge of the system.

Myrddin

TouchingVirus wrote: »

You're right, just like Wii games - Super Mario Bros Wii is only 370MB after scrubbing it and putting it onto a HDD Loader but when you copy it it's 4.7GB. It's empty padding at the end of the CD to fill up the space and can easily be scrubbed out or put back in if required. Perhaps it's different for the PS3 though and it needs the empty data somehow, like a CRC or whatever and that'd prevent stripping out the data

Piracy isn't imminment on the platform, but it might be looking more likely. GeoHot is still a fair bit away from slapping in a backup and playing it after reading comments from other PS3 hackers and people with intricate knowledge of the system.

He himself may be far away from it...but as soon as his exploit is released, there will be literally coders all over the world taking a "peek under the hood". I can almost say with certainty, that a loader/bd drive f/w will be developed in the not too distant future.

TouchingVirus

EnterNow wrote: »

He himself may be far away from it...but as soon as his exploit is released, there will be literally coders all over the world taking a "peek under the hood". I can almost say with certainty, that a loader/bd drive f/w will be developed in the not too distant future.

Have a read of this great article from Eurogamer, it'll put things into perspective

http://www.eurogamer.net/articles/digitalfoundry-ps3hacked-article

Myrddin

TouchingVirus wrote: »

Have a read of this great article from Eurogamer, it'll put things into perspective

http://www.eurogamer.net/articles/digitalfoundry-ps3hacked-article

Great read cheers. I stand by my comments though, and directly from the article:

It is safe to say however that Geohot's hack will open the door to piracy by offering low-level access to any one technically minded to do with as they will

What the article did mention though, was the completely seperate security in place on the BD drive, the missing decryption keys on any burnt PS3 disc, FW updates reflashing the drive, encrypted FW....but havnt these points all got one assumption...the BD drive. This will NOT be the primary target for piracy. He has complete low level access and can manipulate Hypervisor calls. He can Peek and Poke code...Im telling you, with that low level authority, access the the Hard Drive is going to be the primary target.

He has not opned the SPU which is responsible for key decryption, but he has already said he doesnt need to. He can emulate its responses, and switch on/off the hypervisor decryption calls...which is all he needs. His main target is the Root Key now, which once discovered, will make further PS3 hacking a piece of cake for coders. And as the article also says, the PSP's root codes arnt known to this day...and look at what has been accomplished on that. If he does indeed access the master code, then BD Drive or Decryption SPU hacking will be plain sailing.

There wont be a hacker on the planet not dying to get his/her teeth into this.

TouchingVirus

EnterNow wrote: »

What the article did mention though, was the completely seperate security in place on the BD drive, the missing decryption keys on any burnt PS3 disc, FW updates reflashing the drive, encrypted FW....but havnt these points all got one assumption...the BD drive. This will NOT be the primary target for piracy. He has complete low level access and can manipulate Hypervisor calls. He can Peek and Poke code...Im telling you, with that low level authority, access the the Hard Drive is going to be the primary target.

He has not opned the SPU which is responsible for key decryption, but he has already said he doesnt need to. He can emulate its responses, and switch on/off the hypervisor decryption calls...which is all he needs. His main target is the Root Key now, which once discovered, will make further PS3 hacking a piece of cake for coders. And as the article also says, the PSP's root codes arnt known to this day...and look at what has been accomplished on that. If he does indeed access the master code, then BD Drive or Decryption SPU hacking will be plain sailing.

Excellent points, gave me food for thought.

AntiRip

exploit released

http://geohotps3.blogspot.com/2010/01/heres-your-silver-platter.html

ongarite

Looks like GeoHot has been found out already and has not fully hacked the PS3 at all.

http://streetskaterfu.blogspot.com/2010/01/ps3-is-hacked-urban-legend-continues.html

Altough it's nice to capture all these HV calls and stuff from a plain (not encrypted) lv1 binary, but this will never lead to a hacked PS3.

TouchingVirus

ongarite wrote: »

Looks like GeoHot has been found out already and has not fully hacked the PS3 at all.

http://streetskaterfu.blogspot.com/2010/01/ps3-is-hacked-urban-legend-continues.html

I read that earlier, just after GeoHot posted his exploit.

I've no experience in any of this, but let's say there are definitely problems with GeoHot's claims. It's also a bit funny how he's appears to be just leaving it at where he's got...

the_syco

TouchingVirus wrote: »

I've no experience in any of this, but let's say there are definitely problems with GeoHot's claims. It's also a bit funny how he's appears to be just leaving it at where he's got...

I'm reading " I have a life to get back to and can't keep working on this all day and night" as either
a) I got paid to shut up
b) I think I'm been sued, bbl

TouchingVirus

the_syco wrote: »

I'm reading " I have a life to get back to and can't keep working on this all day and night" as either
a) I got paid to shut up
b) I think I'm been sued, bbl

Or..

c) Wow, I seriously underestimated this system, bbl.

Myrddin

TouchingVirus wrote: »

Or..

c) Wow, I seriously underestimated this system, bbl.

Gets my vote! Im glad now

Inquitus

EnterNow wrote: »

Regards the UPC30 package that was mentioned, have a look in the Broadband forum Inquitus...you'll see people having issues with the 20mb pack and the average d/l speeds they can attain. 30mb, as touchingvirus said, will have its own contention issues to deal with. Not to mention the fluctuating speeds peak/offpeak....but thats all for another forum.

I have UPC 30Mb just updated from 20Mb and I have always without exception got the full dl speed off of it.

I use sabtab2, newzbin, a usenet account and http://sabnzbd.org/ for all my legal download needs. I can bookmark stuff to dl whilst at work or use logmein to access my home PC directly.

I guess my point is anyone with BB that delivers 10Mb or more consistently could dl a PS Game each day whilst at work/school. I certainly dont buy into the fact that the 25GB size is a major deterent. A PS3 game will deliver many days of playtime, so 1 a week would be plenty.

I would just note that I buy all my games on all platforms as I wish to support the gaming industry. Just got demon souls off of videogamesplus.ca and it's awesome

enfant terrible

TouchingVirus wrote: »

The average broadband speed across Europe is ~3.5Mbit/sec.

A friend of mine regularly downloads BR rips of 15G+ on a 3mb connection, he just leaves then on overnight.

One of them Braveheart was 24GB.

TouchingVirus

enfant terrible wrote: »

A friend of mine regularly downloads BR rips of 15G+ on a 3mb connection, he just leaves then on overnight.

One of them Braveheart was 24GB.

Good for your 'friend' ..that's 24GB of an allowance gone on something that isn't a PS3 game - which was my point.