Fail0verflow Obtains PS3 Cryptography Key

Wednesday during the 27th annual Chaos Communication Conference, the team behind the Wii's Homebrew Channel-- fail0verflow-- revealed that they figured out the PlayStation 3's private cryptography key. This means hackers could have full access to the console without the need for a USB device or actual software/hardware hacking.

Typically the "magic password" is used by Sony to authorize the execution of code on the gaming console. Now Sony's key is revealed, hackers can develop hack-free apps and games-- literally signing their code--to execute on the PlayStation 3 as if they're licensed developers.

"It's not an exploit, it's an Epic Fail by Sony," the team said during a live demo. "The PS3 is fine. They screwed up in HQ. They gave us their private key basically. They leave their private key mathematically, so we don't have to exploit anything, we just sign things."

According to reports, Sony didn't bother to generate random numbers to secure the key's secrecy. With that said, the fail0verflow team plans to release tools next month that will take advantage of the security flaw. However the tools aren't intended to enable PlayStation 3 piracy. Instead, they'll re-enable the installation of Linux on every unit sold no matter the firmware-- even v3.55 and beyond.

"Yes, we'll release all our tools as soon as we cleaned them up in January or so," the group said via Twitter.

To see the live demo, check out the video pasted below:

PS3 Private Key Exposed

Create a new thread in the Streaming Video & TVs forum about this subject
This thread is closed for comments
Comment from the forums
    Your comment
  • nevertell
    I watched the whole thing, it was hilarious actually.

    Probably due to the way they presented it, though.
  • Blessedman
    Hmmm can they not be held liable?
  • hellwig
    BlessedmanHmmm can they not be held liable?

    With the DMCA, simply possessing the private key can probably be considered tampering or illegal in some way. I wouldn't doubt Sony's lawyers are already working overtime getting the cease-and-desist and lawsuits ready. The same thing happened when someone cracked the DVD master key. The DVD association dried to stop the guy from posting it using all sorts of legal claims, of course, its everywhere now.