Fail0verflow Obtains PS3 Cryptography Key
Fail0verflow has discovered the PlayStation 3's private cryptography key.
Wednesday during the 27th annual Chaos Communication Conference, the team behind the Wii's Homebrew Channel-- fail0verflow-- revealed that they figured out the PlayStation 3's private cryptography key. This means hackers could have full access to the console without the need for a USB device or actual software/hardware hacking.
Typically the "magic password" is used by Sony to authorize the execution of code on the gaming console. Now Sony's key is revealed, hackers can develop hack-free apps and games-- literally signing their code--to execute on the PlayStation 3 as if they're licensed developers.
"It's not an exploit, it's an Epic Fail by Sony," the team said during a live demo. "The PS3 is fine. They screwed up in HQ. They gave us their private key basically. They leave their private key mathematically, so we don't have to exploit anything, we just sign things."
According to reports, Sony didn't bother to generate random numbers to secure the key's secrecy. With that said, the fail0verflow team plans to release tools next month that will take advantage of the security flaw. However the tools aren't intended to enable PlayStation 3 piracy. Instead, they'll re-enable the installation of Linux on every unit sold no matter the firmware-- even v3.55 and beyond.
"Yes, we'll release all our tools as soon as we cleaned them up in January or so," the group said via Twitter.
To see the live demo, check out the video pasted below:
- Report: iPad 2 Will Have a USB Port
- Skype iOS App Gets Video Calling... on 3G Too!
- No Nintendo 3DS For Your Children
- Mozilla Exposed 44,000 Passwords
- DivX, Roxio Go To Rovi For $720 Million
- Angry Birds: No Money In Android Market
- Those Chromebooks Shipped Where, Exactly?
- IBM Predicts Holographic Phone Calls For 2015
- Eyeris Bionic Goggles Work Like Human Eye
- Motorola to USITC: Halt Xbox 360 Sales Please
- TWC Won't Fully Reveal Names of Porn Pirates
- RUMOR: Next iPad May Have CDMA Model
- Nintendo Revealing These 3DS Games in January
- The 3DS Virtual Girlfriend Who Stays Faithful
- Man Tried to Rob Restaurant With iPhone (Fails)
- Boys Hurt Themselves More Often Playing With Wii
- Know Video Games? Name All These Consoles!
- Restored Retro Supercar Made of Wood
- Phosphor's e-Ink Watch
I watched the whole thing, it was hilarious actually.
Probably due to the way they presented it, though.
Hmmm can they not be held liable?
Hmmm can they not be held liable?
With the DMCA, simply possessing the private key can probably be considered tampering or illegal in some way. I wouldn't doubt Sony's lawyers are already working overtime getting the cease-and-desist and lawsuits ready. The same thing happened when someone cracked the DVD master key. The DVD association dried to stop the guy from posting it using all sorts of legal claims, of course, its everywhere now.
I only play PC games now, and use my PS3 as a media centre. With Steam summer and winter sales, it's easier to just buy them.
Custom firmware on the other hand, I like. Hopefully with full GPU access.
March on men.
will some one of Tom's delete this dude with the name dsdfsdfdsf . The Spam is getting old and I am going to have to fire up the LOIC on the linecheckout site.
will some one of Tom's delete this dude with the name dsdfsdfdsf . The Spam is getting old and I am going to have to fire up the LOIC on the linecheckout site.
Please do this the spammer websites.
wow
Does this mean Linux without Sony's Hypervisor???
Sometimes I feel that this stuff is more like excuses to run pirated games. Maybe the developer didn't intend to use it that way, but many others are.
should they not tell sony about this? lol next firmware
should they not tell sony about this? lol next firmware
Thats not going to work. That would revoke the license of every current and past PS3 title. Sony might be fuct this time.
This is actually good news to give us the linux capability again. However, it won't be long for Sony to update the firmware with a new key that will disable the hacks. If you really want to run linux stuff you're better off doing it on a regular PC and avoid the hassle.
This is actually good news to give us the linux capability again. However, it won't be long for Sony to update the firmware with a new key that will disable the hacks. If you really want to run linux stuff you're better off doing it on a regular PC and avoid the hassle.
Actually this isn't entirely true. If they used the same scheme as DVDs it means they use multiple encryption keys. So if one gets broken other keys will work.
Dang it..I quoted the wrong comment. Ah well...where is my edit button!!
No random number generator, it is static, so it would be trivial to calculate the new keys exactly the same way as they calculated this key. Sony screwed up!
Hmm now I might have a reason to buy a PS3. Sweet!
leak key again, its not just Sony, it happens all over the place.
I guess humans can design the most secured lock, but they always just leave the keys under the front carpet with a sign next to it that saids "No spare key underneath"
Im curious to what the key actually is... Also I think it would be hard for sony to just change the key, since by changing it wouldn't all the games that are currently out no longer work? Unless the games/ps3 have multiple codes and you could remove just one and still have it work; but I'm not really sure if it works that way?
This does seem like a plus for the fact that anyone could develop a game for the ps3, on the other hand some people will probably use it to try make some kind of virus... but only time will tell.
Im curious to what the key actually is... Also I think it would be hard for sony to just change the key, since by changing it wouldn't all the games that are currently out no longer work? Unless the games/ps3 have multiple codes and you could remove just one and still have it work; but I'm not really sure if it works that way?This does seem like a plus for the fact that anyone could develop a game for the ps3, on the other hand some people will probably use it to try make some kind of virus... but only time will tell.
That's right. Changing the key would kill every game out there. However signing stuff with someone's private key is a criminal offense in most of the world so I wouldn't count on any commercial gain from this.
Linux with a unlocked gpu. I was bitter when Sony took away Linux support so I guess they deserve this
Earlier release for PS4?
Not really an EPIC fail on their part. Did pretty well till now.
I've been wanting to see something as bad as this happen ever since the rootkit DRM scandal many years ago involving Sony BMG and malicious audio CDs. It just proves that treacherous computing just doesn't work.
I cannot wait to see my lil penguin friends again
Will you please install an automated spam blocker?
These ads by "sdfdsfds" and "others" (the same guy) are easily scrolled by, but they are somewhat annoying. Not to mention the shame I feel for the sorry son-of-a-b****h who writes those awkward "ads". Get a life.
What I DON'T GET is why do they still feel like locking the PS3 systems.... as far as I know they are now making a profit with each console sold, they are not losing money when selling a console, so why not just unlock it and make everybody buy one.????
The most exciting thing about this is the prospect of the PS3 being able to function like a TRUE media box (one that doesn't require a server to transcode unsupported formats) imagine being able to load an xbmc style interface, capable of using the entire system resources including the rsx, with full codec support for various media files!
I could see this development possibly being a bad thing for Sony, but it might actually end up being a boon to their sales depending on how the community makes use of their new access to the system.
Sony employees verbally promised everyone, in recorded media, that Linux would be installable on the PlayStation® 3 console during its release.
In firmware updates, and modern units, they revoked this promise.
Any consumer can lean on this, the videos are on YouTube (and elsewhere). Kept highly duplicated for a reason.
SONY= EPIC FAIL
I supposed if I bitch about the spam the sights recieving we'll get another 20 "new users"...
Sony's little temper tantrum is finally biting them in the ass again. And I for one am happy as hell this is happening again. I WANT this to happen because I would REALLY LIKE to have my PS3 run double duty as a nice gaming system, and a media server.
So I suppose this means the PS3 is finally cracked?