http://evavhost.com/i/press/ps3hack.jpg

The extent of his 'control' over the system has yet to be clarified but George Hotz, the kid who originally cracked the iPhone, claims that with '5% hardware and 95% software' he may have finally opened up the PlayStation 3 to piracy, homebrew and additional backwards compatibility.

George Hotz said the hack, which could allow people to run pirated games or homemade software, took him five weeks.

He said he was still refining the technique but intended to post full details online soon.

The PS3 is the only games console that has not been hacked, despite being on the market for three years.

"It's supposed to be unhackable - but nothing is unhackable," Mr Hotz told BBC News.

Check out BBC News. (http://news.bbc.co.uk/1/hi/technology/8478764.stm)

Cracked it? Looks like he dropped the thing out of a five story window.

:p

I. Am. Shocked. ;)

It was only a matter of time. Any corporate fool who labels their product as "unhackable" is about as deluded as the morons who haughtily proclaimed the Titanic to be "unsinkable". Except with regard to technology (and especially DRM), claiming their system is "fool-proof" just causes the "icebergs" to start actively tracking their ship.

I. Am. Shocked. ;)

You might be if you touched that mess of wires!

It was only a matter of time. Any corporate fool who labels their product as "unhackable" is about as deluded as the morons who haughtily proclaimed the Titanic to be "unsinkable". Except with regard to technology (and especially DRM), claiming their system is "fool-proof" just causes the "icebergs" to start actively tracking their ship.

Took those icebergs a long ass time on this occasion.

The PS3 must have been really hard to crack though.

It has been an icon for hacking for the last 3 years - the first one to hack it would get famous. And the longer the unit stayed un-hacked the more fame one would get for hacking it.

When this console generation came out I thought (as anyone) that they would be hacked within 6 months. Sony did a REALLY good job on protecting their hardware. Choosing Blueray did also contribute to eventual hacks not being mainstream practical as Blueray burners and media are expensive (still).

It has been claimed before that the PS3 was hacked and proof was to be posted, and nothing surfaced. Perhaps this is easily killed by online patches or changes to the Blueray media.

Sony still has a huge advantage of being the only non-hacked console. It is very easy to hack an Xbox360 and play offline without issues.

It was only a matter of time.

Yes. It always is.
But (as DRM) the important thing is how long it is delayed, and how annoying it is to hack.

The annoying thing for Xbox360 users is the Xbox Live ban, but the hacking is easy and came fast. Sony had an unprecedented 3 years of no hacking. That is quite good, and they have surely been gaining more developer support for this single fact.

Took those icebergs a long ass time on this occasion.

Point conceded. :)

and additional backwards compatibility.
Yes please.

Cracked it? Looks like he dropped the thing out of a five story window.

:p

Couldn't have put it better myself.

Took those icebergs a long ass time on this occasion.There wasn't an awful lot of demand for the last couple years.

A corollary to the law of "everything's hackable" is that time-to-root is more a function of demand than technology.

It took this long to hack because every coder with enough cracking skills knew better not to buy this crappy system.

Gimme PS2 backward compat! Please :)

Gimme PS2 backward compat! Please :)

It's dead, Jim. (http://en.wikipedia.org/wiki/Leonard_McCoy#.22He.27s_dead.2C_Jim..22)

Not coming back. After all, Sony never promised it or emphasized it as an important feature, did they?* :D

* Lying scumbags.

There wasn't an awful lot of demand for the last couple years.

A corollary to the law of "everything's hackable" is that time-to-root is more a function of demand than technology.

I call BS on this. If anything, the PS3 should have many more hackers wanting to crack this baby open as they wouldn't want to pay the (overexaggerated) higher cost-of-entry versus the cheaper consoles. And although it's borderline trollish to even speculate on the "real" reason why it took so long for PS3 to be cracked (other than flawless engineering), at least you make a semi-valid point.

Unlike...

It took this long to hack because every coder with enough cracking skills knew better not to buy this crappy system.

Lookit! A rare species of spotted dimwit! You don't get a chance to see these ugly creatures too often, crikey!!

I call BS on this. If anything, the PS3 should have many more hackers wanting to crack this baby open as they wouldn't want to pay the (overexaggerated) higher cost-of-entry versus the cheaper consoles.

That really doesn't make sense. The hackers would've still had to buy it to even try hacking it. So in fact, the opposite would make sense, since it can be assumed that hackers would be more willing to risk trashing a $299 console than a $499 one.

It's dead, Jim.

In addition, he said, the hack would allow people to play older PS2 games on their consoles.

maybe it's not quite dead Jim

says it took him 5 weeks to hack... so he hasn't been trying to crack the ps3 since release has he?

In addition, he said, the hack would allow people to play older PS2 games on their consoles. maybe it's not quite dead Jim

The hack would allow people other than Sony to work on BC, but it's not going to make software-only BC suddenly and magically appear. Sony dumped it because it was too costly to maintain, and they have slightly better resources and expertise than most hackers. It's pretty much dead as long as Sony says so. And they never change their mind about these things, as Johan can tell you.

http://evavhost.com/i/press/ps3hack.jpg





Well, that looks like an easy mod!

I call BS on this. If anything, the PS3 should have many more hackers wanting to crack this baby open as they wouldn't want to pay the (overexaggerated) higher cost-of-entry versus the cheaper consoles. And although it's borderline trollish to even speculate on the "real" reason why it took so long for PS3 to be cracked (other than flawless engineering), at least you make a semi-valid point.

The hardware may have been difficult to hack, but if there isn't a motivation to do the work, the work won't get done. The motivation to hack a console is to enable new features or allow it to run 3rd party or hacked/back up/pirated software. With the PS3, it already has a ton features and many more could be added (up until recently) by installing linux. As for burned games? Until recently there were only a few exclusive titles that were "must have". If you were interested in running bootleg games, it was cheaper to use an xbox.

The PS3 got hacked because people had a reason to do so.

There wasn't an awful lot of demand for the last couple years.

A corollary to the law of "everything's hackable" is that time-to-root is more a function of demand than technology.

Exactly what I was thinking. Its the same when some asshat tells me about how awesome his Mac is because he doesn't have to worry about viruses. Its because no one wants to hack a mac, all you would get is an iTunes libray and some shitty slideshows of Family Reunion '06: Revenge of the son of Family Reunion.

Well, that looks like an easy mod!

Oh yeah I've got one of those in my closet.

The hack would allow people other than Sony to work on BC, but it's not going to make software-only BC suddenly and magically appear. Sony dumped it because it was too costly to maintain, and they have slightly better resources and expertise than most hackers. It's pretty much dead as long as Sony says so.

You're forgetting the rather large emulation community and existing PS2 emulators that will surely be on the first-to-port list.

In any case, the hack is now live.

http://geohotps3.blogspot.com/2010/01/heres-your-silver-platter.html

I know someone who just landed a job with sony.

The annoying thing for Xbox360 users is the Xbox Live ban, but the hacking is easy and came fast.
Don't be surprised to see MS's next console be online only.
It will happen. Believe it.

I tend to agree with the assessment that the PS3 both wasn't an important target and was the most costly as explaining why it wasn't targeted sooner in earnest.

I can't believe Teecakes actually took the FUD/disbeliever position on this thread too, lol.

mac, all you would get is an iTunes libray and some shitty slideshows of Family Reunion '06: Revenge of the son of Family Reunion.

Too funny
:D:D

I have been trying to understand what this hack actually means in practice. Someone posted the following on Slashdot. It seems like a reasonable summary. Have they gotten anything wrong? Or missed anything important?


This is based on a Linux kernel module, so NO SLIM already, okay?
All it does is poke a hole in the hypervisor allowing memory access. This means it's not going to give you homebrew quite yet, but it's going to make it possible for people to start exploring and tinkering further.
It requires hardware that generates a 40ns pulse on some point on some version of the board. Apparently it introduces a hardware glitch that allows the hole to be opened. And it doesn't persist after a reboot.
The top level of security in the PS3 is in that one reserved SPU. Apparently it is given the root key during startup, holds all the other keys, and is responsible for decrypting and checking everything. But it's going to be very hard to get into.
Now that it's possible to get into the hypervisor, people can start poking at that SPU. But Sony's security model was supposed to include the possibility of the hypervisor being compromised in just this way.


http://games.slashdot.org/comments.pl?sid=1526702&cid=30918536

I know someone who just landed a job with sony.

Congratulations to TeeCakes! :D

Even our own government has given up. The unmanned drones send UNENCRYPTED VIDEO of what they observe, so the enemy can just tune in. I couldn't believe it.

However, that brings me to another question... why don't they just encrypt absolutely every bit of data moving anywhere in the system with the strongest encryption available? Is it a cost issue? Or are you saying that homebrew hackers and crack the strongest encryption available in the world?

and = can

Grrr.

Even our own government has given up. The unmanned drones send UNENCRYPTED VIDEO of what they observe, so the enemy can just tune in. I couldn't believe it.

That was pretty surprising.

However, that brings me to another question... why don't they just encrypt absolutely every bit of data moving anywhere in the system with the strongest encryption available? Is it a cost issue? Or are you saying that homebrew hackers and crack the strongest encryption available in the world?

I don't think he has cracked the encryption yet. As I understand it this is usually done by getting access to the keys rather than some other form of attack. There is one isolated SPU that holds the keys and he hasn't been able to access it yet.

I don't fully understand the security measures in the PS3 but in general with executing code I believe it is more important to be able to determine if the code can be trusted than to keep it from prying eyes. If code must be signed to run, it means he won't be able to inject any instructions into the code to change its behaviour. Because he won't be able to produce the correct digital signature. However, if they find any memory bugs that let them inject instructions without modifying the code they could have a useful exploit.

I get the impression that what they have gained is more information about the PS3 system rather than any access to functionality yet. But I could be quite mistaken.

One of these days they will make a console that secretly contacts the FBI as soon as you hook it up to the network after detecting a serious tamper/hack. Or contacts the manufacturer who then sends you an immediate cease and desist.

One of these days they will make a console that secretly contacts the FBI as soon as you hook it up to the network after detecting a serious tamper/hack. Or contacts the manufacturer who then sends you an immediate cease and desist.

Surely Sony could put together a team of ninjas to deal with these situations... quietly.

For those who are interested, eurogamer has an article with some analysis of the hack and what it likely means.

http://www.eurogamer.net/articles/digitalfoundry-ps3hacked-article

Here is the best explaination I've read concerning what the exploit actually does:

http://rdist.root.org/2010/01/27/how-the-ps3-hypervisor-was-hacked/

(warning: requires some very basic knowledge of some memory concepts)

Some interesting comments about this story from Ars Technica forums that I agree with 100%:

Ugh, not the news I wanted to hear. Sony did gamers a favor by getting rid of import locks on games and widening the regions for blu-ray movies. This nullified almost any reason for users who purchase authentic media to mod their system. Geeks who like to dive under the hood can load up linux on the PS3, so that pretty much only leaves pirates desiring a hacked system.

Very true. PSN games can be shared on 5 machines, so even if your PS3 is stolen or destroyed, you can download all the games again on another system, 4 times. They made the hard drive user-replaceable and upgradeable. The media player is excellent, and it's great for streaming media over the network. It has a functional web browser built in. Bluetooth lets you use standard off the shelf components. The USB is usable with external storage or input devices.

It's a terrific machine, and I don't want to see it turn into another piracy cesspool. I don't get what features are missing that people feel they need to have via hacking.

So yes, I guess I do agree with people saying the demand for hacking the PS3 was low, but only because Sony made the PS3 so feature-filled that literally only pirates and thieves would feel the need to make use of said hacks. There's absolutely no other reason anybody needs to hack the PS3 other than piracy-- you don't need hacks to make homebrew games like Everyday Shooter (made by one guy in a month using Visual C++ (http://en.wikipedia.org/wiki/Everyday_Shooter)).

I do expect that the price of older PS3 models (with the required 'Other OS' that allows this exploit to work) will go up in various used-console markets because of this news, though.

Even our own government has given up. The unmanned drones send UNENCRYPTED VIDEO of what they observe, so the enemy can just tune in. I couldn't believe it.


It's a CPU time issue. Since drones are embedded systems and relatively low power, they couldn't get the CPU to encrypt the video and still do all the other stuff it needs to do. This is a common sort of trade off where you don't have the sorts of (essentially) unlimited power that modern desktops and the PS3 do.