As the PS3 Turns..

February 2, 2011 -

A number of happenings related to the PS3 have occurred since the last time we wrote the story about Sony's court action against George Hotz - what follows is a brief rundown of events.

The Examiner and Ars Technica reported that the recently released firmware may have - at least temporarily - broken some stuff. The report points to a problem with the original and the Slim models of the PS3 not being able to upgrade to a new hard drive. According to several users on NeoGAF and HighDef Forum, the 3.56 firmware prevents the newer PlayStation 3 models with 16 MB flash from being upgradeable to a new hard disk drive.

The models include the Original PlayStation 3 Models - CECHH, CECHJ, CECHK, CECHL, CECHM, CECHP, and CECHQ. Slim PlayStation 3 models having trouble include CECH-20..A, CECH-20..B, CECH-21..A, CECH-21..B, CECH-250.A, CECH-250.B, CECH-250.A, CECH-250.B, CECH-251.A, and CECH-251.B. This is apparently an old bug that was eventually fixed, but accidently reintroduced by Sony. Other reports indicate that this problem has already been fixed.

Both CV&G and Gamasutra reported earlier this week that code sharing site Github was forced to take down seven custom firmware files shared by three different users. This was done at the behest of Sony who sent the web site a DMCA takedown notice. The takedown of these files took place a day before a California judge granted Sony a temporary restraining order against PS3 jailbreaker George Hotz.

A Neograf thread, fueled by an IRC conversation from developer and hacker "Mathieulh" (found on JailBreakScene), speculated that firmware 3.56 contained a rootkit that allowed Sony to scan specific files on any PS3 connecting to PlayStation Network. With the ability to scan for specific files, Sony could use this "back door" approach to detect and then ban users who have customized firmware on their consoles. This is a method similar to the one used by Microsoft to detect compromised Xbox 360s.

The Register reported that hackers had already managed to compromise the latest firmware release. On the same day 3.56 was released game console hacker Youness Alaoui (aka KaKaRoToKS) claimed via twitter that he was releasing tools to unpack the files,. These tools allowed him to uncover the new version's signing keys. Alaoui only released the signing keys for 3.56, which were hosted at Github. Naturally these files can be found somewhere on the internet if someone looks hard enough. A customized version of firmware 3.56 has not been released yet.

Finally, Edge reports that homebrew developer Mathieu Hervais calls Sony's efforts to plug the security hole created by hackers "too little, too late."

"3.56 was more of a patch to save what's left to be saved," Hervais told Edge. "Indeed Sony fixed everything that could have been fixed. The reality though is that this is only a minor drawback."

"New keys were introduced in the 3.56 Firmware and code that is not whitelisted is now forced to use those keys. However, since the boot chain integrity is compromised it's always possible to reprogram externally the NAND/NOR chips (where the firmware code is written to) to run unsigned code again."

"No matter what they do, a 3.56 (and onward) custom firmware is possible on all PlayStation 3 consoles manufactured so far. The people Sony hired made several kindergarten mistakes while implementing their security."


Comments

Re: As the PS3 Turns..

 I F'n Hate you hackers. Seriously, you're like a plague. Completely pointless, but always making life miserable for the rest of us.

Re: As the PS3 Turns..

Yeah those hackers are huge assholes! Especially since they use their high-priced lawyers to sue everyone into oblivion! Oh wait... that's Sony.

-Greevar

-Greevar

"Paste superficially profound, but utterly meaningless quotation here."

Re: As the PS3 Turns..

Right... That made sense.

How dare people use hardware they have purchased in a legal manner other than which is dictated by it's creator. How dare we!

Re: As the PS3 Turns..

The people Sony hired made several kindergarten mistakes while implementing their security...

LOL. Instead of suing them, maybe Sony should consider to hiring them.

 

------------------------------------------------------------ My DeviantArt Page (aka DeviantCensorship): http://www.darkknightstrikes.deviantart.com

Re: As the PS3 Turns..

Sony is a huge company and large companies tend to not think very clearly.  Dying companies tend to dumb things like sue first instead of doing smart things like negotiating and firing lousy programmers to replace them with good programmers.

- Left4Dead

Why are zombies always eating brains? I want to see zombies that eat toes for a living. Undead-related pun intended.

- Left4Dead Why are zombies always eating brains? I want to see zombies that eat toes for a living. Undead-related pun intended.

Re: As the PS3 Turns..

"Sony" and "rootkit" in the same article.

This can only end well.

Re: As the PS3 Turns..

This only means they can detect and ban people on PSN like MS does with XBL.  Even so, custom firmware could be written to send back the proper response to the PSN server with enough investigation.  The entire thing is compromised.  This isn't going back in the bottle, Sony.  :P

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
Matthew WilsonWOW is copping EVE. http://us.battle.net/wow/en/blog/18141101/introducing-the-wow-token-3-2-2015 I think its a smart move to deal with gold farmers in this way.03/02/2015 - 1:16pm
Matthew WilsonI guess epic is tired of having their lunch eaten by unity. https://www.unrealengine.com/blog/ue4-is-free03/02/2015 - 12:50pm
Andrew EisenNot much to follow. Kern is being silly and... nothing much else is happening.03/02/2015 - 11:40am
Papa MidnightI ask because, having only just heard of it, I have not, and I was hoping for some insight.03/02/2015 - 11:39am
Papa MidnightHas anyone been following this petition by Mark Kern regarding Kotaku, Polygon, and VG247? https://www.change.org/p/kotaku-lead-the-way-in-healing-the-rift-in-video-games03/02/2015 - 11:38am
ZippyDSMleePaypal shuts down Mega's payment system. https://torrentfreak.com/under-u-s-pressure-paypal-nukes-mega-for-encrypting-files-150227/03/01/2015 - 3:25pm
Matthew Wilsonvalvle planning to release a vr headset this year wtf http://www.pcgamer.com/valves-vr-headset-is-named-vive-and-htc-are-making-it/03/01/2015 - 1:05pm
ZippyDSMleeuuuhhhggg in other news been sick since last night.....uuhggg.....I iwsh it did not hurt so much when my tummy wants to leave my body..02/28/2015 - 11:39pm
ZippyDSMleeBrings me to the Q why alt costumes would be needed in competition anyway... http://www.eventhubs.com/news/2015/feb/28/dead-or-alive-community-aims-ban-over-120-overly-sexualized-costumes-dead-or-alive-5-last-round/02/28/2015 - 11:36pm
MonteThough from a business side, i would agree with the article. While it would be smarter for developers to slow down, you can't expect EA, Activision or ubisoft to do something like that. Nintnedo's gotta get the third party back.02/28/2015 - 4:36pm
MonteThough it does also help that nintendo's more colorful style is a lot less reliant on graphics than more realistic games. Wind Waker is over 10 years old and still looks good for its age.02/28/2015 - 4:33pm
MonteWith the Wii, nintnedo had the right idea. Hold back on shiny graphics and focus on the gameplay experience. Unfortunatly everyone else keeps pushing for newer graphics and it matters less and less each generation. I can barely notice the difference02/28/2015 - 4:29pm
MonteON third party developers; i kinda think they should slow down to nintendo's pace. They bemoan the rising costs of AAA gaming, but then constantly push for the best graphics which is makes up a lot of those costs. Be easier to afford if they held back02/28/2015 - 4:27pm
Matthew Wilsonhttp://www.forbes.com/sites/insertcoin/2015/02/28/the-world-is-nintendos-if-only-theyd-take-it/ I think this is a interesting op-ed, but yeah it kind of is stating the obvious.02/28/2015 - 2:52pm
prh99The government probably doesn't need an app, but I was think more along the lines of a company that was going to sell the collected info. “If you're not paying for the product, you are the product” sometimes even if you pay.02/28/2015 - 1:50pm
E. Zachary KnightWhat better way for the government to keep track of you than to get you to install an app that lets you insult the government.02/28/2015 - 11:03am
prh99No, but I looked it up and it's basically spyware. Their privacy policy says their apps tracks among other things your location and browsing habits via cookies.02/28/2015 - 8:20am
Ryan RardinHas anyone here heard of an app called iCitizen? It's basically Yelp for politicians.02/28/2015 - 5:16am
Andrew EisenAh, not linked in the way you (and everyone else) want and expect. That's true.02/27/2015 - 10:06pm
Matthew Wilsonthey are not linked in a way that tracks purchases though. the fact that they have to send a code for the other system shows that they are not linked in the way it counts.02/27/2015 - 9:39pm
 

Be Heard - Contact Your Politician