There has been a lot of discussion around the internet lately about the recent hacking of the PS3. It has been mentioned on countless PS3 podcasts, news websites, and it is even mentioned on episode 3 of the Drop Bear Gaming podcast. This article is a compilation and summary of the news to come out about it so far including what it is, some of the fallout, and Sony’s retaliation.
This is a long article so if you would like to skip to a specific section you can do so here:
- What is the hack?
- The fallout & Modern Warfare 2
- Sony’s Legal Retaliation
- What can Sony do?
What is the hack?
I’ll start by describing in layman terms how the PS3’s security system is designed to work. Every PS3 game has a ‘public key’ (like a signature) encoded in it, and the PS3 has a ‘private key’ encoded into its hardware. When you put a game into your PS3, the system checks the public key signature to make sure it is correct against the private key. It’s quite a bit more complicated, but that is the general idea.
At the end of December during the hacker conference 27th Chaos Communication Congress (27C3), the group responsible for hacking the Wii came out calling themselves fail0verflow and made a presentation they called “PS3 Epic Fail”. During this presentation they laid out how they had worked out (with a lot of math) the “private key” that PS3s use. They claim their goal was to allow the installation of Linux onto PS3 units, following the removal of the OtherOS feature by Sony in April last year, and that they do not encourage piracy. The key was subsequently released on the internet by the iPhone jailbreaker George “GeoHot” Hotz, along with his disclaimer that he also does “not condone piracy”.
The release of this key to the public however, completely blows open the security of the PS3, providing the means for people to sign their own software in such a way that the PS3 will believe it is legitimate. Unfortunately because the private key is encoded into the hardware there is no way to patch this to stop the hackers, apart from releasing a new model of PS3. The problem with that is that if they change the private key on subsequent models, it will render all games signed for the old key unusable on the new systems.
Apart from the obvious use of the hack, which is being able to play “backup copies” aka pirated copies of games, a number of other exploits are possible for the system. We have already seen some of the initial results of the release of this key, and on the next page I will describe them.
Learning how to hack video games? Check out this IDA Pro Disassembler.
On this site, you’re learn how to use IDA Pro tutorials and hack with IDA.