Sections

Sony “looking into” hacks compromising security features on PS3

Thursday, 6th January 2011 18:19 GMT By Stephany Nunneley

ps3black

Sony has said it is currently “looking into” claims make by hacking group Fail0verflow and GeoHot, a.k.a. George Hotz, regarding compromised security features on PS3.

According to Sony, it plans to “fix the issues through network updates” and due to the matter being a “security issue”, told Develop it was unable to comment further on the matter.

A Fail0verflow member’s comment contrasts with Sony’s, as according to him, the only way to fix the issue is through new hardware, as a firmware update would be futile.

Fail0verFlow apparently reverse engineered PS3′s system, thus gaining control over it.

GeoHot found the console’s root key and published it, thus allowing folks to create homebrew applications and the like.

Both, however, are “staunchly anti-piracy” and have yet to release any tools which would allow the console to play copied games.

Breaking news

28 Comments

Sign in to post a comment.

  1. Crysis

    There’s a reason we have PCs, darn hackers =\
    They’re just hacking for the sake of it, then they show all the pirates their hard work because they’re egomaniacs who thrive on the pirates appraisal, they claim not to do anything wrong, but they leave the gate wide open for anyone else to crawl in.

    #1 3 years ago
  2. theevilaires

    Its Thursday and now they’re just saying something?

    #2 3 years ago
  3. lexph3re

    Maybe they were more concerned with CES. Now that that’s done, they can focus on the actual issue.lol you know good ol’ sony has a one track mind.

    #3 3 years ago
  4. artistadam

    hackers claim sony can’t fix this yet come next week, sony probably will have stopped it… we all knew it was coming, that’s probably why no one really cared to try out their hack… we knew sony was on the case and us honest gamers didn’t want to compromise our system… i am sick of these hacker stories, we need to quit giving these low-life thugs the spotlight…

    i agree with #1… stick to the PC, there’s no place for it in console gaming… well maybe there is but, 90% of us don’t mind playing by the rules at all… tell that 10% to just buy a damn PC…

    @2 – they’re just now saying something because they’ve obviously found a way to cover the loophole up… i am sure they didn’t want to say anything until they knew for sure sometihng could be done about it…

    #4 3 years ago
  5. anuekr

    I hate hackers, like Crysis said they don’t give a rats a$$ that the legal users of the PS3 will get hurt, they just do it because they’re bored, not to mention they are breaking the law…
    The saddest thing is that Sony can’t arrest them at that Berlin show that took place two days ago because the entire thing is published as legit, Jesus, somebody can just throw these assholes into jail?

    #5 3 years ago
  6. Psychotext

    “Jesus, somebody can just throw these assholes into jail?”

    For what, being able to perform mathematics? Things only get illegal when they start releasing things with Sony’s copyrighted SDK, which the original hackers aren’t doing (using the open source SDK instead).

    What you’ve just suggested is akin to being able to arrest someone who calculates that your password is 1234 because you told them that it’s half of 2468.

    #6 3 years ago
  7. Dark

    All i can say this is beginning of a long battle..
    *Puts on sony hat*You can beat the hackers!

    #7 3 years ago
  8. Dr.Ghettoblaster

    Hackers are needed to keep the balance.

    #8 3 years ago
  9. night_tripper

    hackers suck ass all they care about is themselves they can all go to hell @8 keep the balance yeah right bunch of bs

    #9 3 years ago
  10. theevilaires

    ^ Dr.G 100% right and thats why I’m going to make a topic about that in the forum soon.

    #10 3 years ago
  11. night_tripper

    Hackers are trash

    #11 3 years ago
  12. Lloytron

    The interesting thing here really is not that the hackers worked out the keys, but the fact that they were able to. Sony’s security would have been extremely tight if they had handled the signing process correctly.

    This is 100% down to incompetence on Sony’s behalf. These ‘hackers’ didn’t actually hack anything at all to get those keys, they just did some algebra.

    #12 3 years ago
  13. Dr.Ghettoblaster

    Without hackers, our overall security with regards to only everything would not be at it’s current level of sophistication. It’s a check/balance system and they help keep the balance. Yin/yang man. It’s everywhere.

    #13 3 years ago
  14. EscoBlades

    “Gentlemen….start your engines!”

    Its gonna get a bit messy.

    #14 3 years ago
  15. Gekidami

    “Heres the gaping hole in our Security”
    *leans over hole*
    “We’re looking into it”

    #15 3 years ago
  16. Robo_1

    “What you’ve just suggested is akin to being able to arrest someone who calculates that your password is 1234 because you told them that it’s half of 2468.”

    Yes, but where it gets a little trickier, is when said password disables the security on his house, and you then share that password with the entire world, whilst simultaneously letting everyone know that whilst you don’t agree with breaking into peoples houses, you do think people should live in a more open society… without locks.

    Now of course it’s a little more involved than that, but on a fundamental level that is what’s going on. Hackers are of the moral view, that the price of piracy and easy online cheating is worth the benefits/glory of console hacking, and that’s why so many honest gamers are angry about this.

    @13

    Absolutely, but then without hackers, there wouldn’t be the need for so much time, money and investment to be made in security in the first place.

    Still, the world keeps turning I suppose, and at least the launch codes should be a bit safer. :)

    #16 3 years ago
  17. Freek

    You’re angry at the wrong people. Sony first started out by making a terribly flawed security system. They then disabled Linux support.
    The only people interested in Linux also happen to be the same people who can disable the severly flawed security and to then re-enable Linux and run homebrew code. That is there interest.
    Once something like that is discovered it’s impossble to keep secret, the flaw is going to leak out at some point.

    But it isn’t the hackers who then create tools for piracy, that is not their interest. They merely want to run their own code on the machine they bought and own.
    Something Sony and every other technology developer could (and in the past did) support.

    If Sony made a competent security system this would not have happend.
    If Sony continued to support Linux, this would not have happend.
    And if you must lay blame, put it where it belongs: the actual pirates. An entirely different group of people who have no intrest in homebrew coding. They simply want to sell pirated games.

    #17 3 years ago
  18. MushroomStamp

    Hackers have been around since day 1. “Hacks” are what started everything! … They will be around till the end. Nothing anyone or any company can do to stop it. If it’s man-made it can be man-broken.

    The key is giving people incentive NOT to pirate. Some small steps are already in place, such as 1x bonus items on purchase, etc… The hacking/pirating is just forcing the creators and marketers to keep being creative and trying things… hmmmm.. sounds a bit like how the free market and competition work.

    There is no 100% answer… the best however is NOT telling people they are bad for doing it, but giving them a reason not to do it.

    #18 3 years ago
  19. Lloytron

    @16 if you tell people the pin code to your house, then more fool you!

    Sony made a fundamental mistake. Basically if the PS3 was their Fort Knox, they left a spare key under a rock out the back and someone found it.

    Not meaning to sound harsh but somebody should get fired at Sony HQ for spectacularly failing here.

    #19 3 years ago
  20. anuekr

    Psychotext, the second they enter the PS3′s defenses they are criminals, you can give me 400 reasons why they are heroes, why they are right (NOT) or why they don’t deserve to go to jail, bu the facts remain, if Sony will find them Sony will sew their a$$e$ and the police will most probably throw them into jail, the facts remain that if Sony won’t stop them the prices of PS3 games will get higher, there will be less games in development, overall multiplayer experience will fall off the stairs and your console will be open for hackers to do whatever they want to.
    now honestly, do you really want the PS3 to end up like the PSP?

    #20 3 years ago
  21. Lloytron

    @20 Sony know the names of the people responsible for working out the keys but they won’t get prison sentences, because they haven’t done anything illegal. The worst they have done is potentially break an EULA.

    #21 3 years ago
  22. Psychotext

    “Psychotext, the second they enter the PS3’s defenses they are criminals”

    Not in the eyes of the law they’re not. They’ve not infringed copyright, trademarks, intellectual property or any other law you’d care to mention. In fact, due to recent test cases, opening up a system for reasons of interoperability is actually protected under law (depends on your country of course). Wishing it was illegal doesn’t make it so.

    Now the people who copy the games… that’s a whole different ballpark. Doing it specifically to facilitate copyright infringement would also be illegal, which is why you’ve seen the hacking groups distance themselves from piracy, and why none of them have included this functionality by default. Though eventually someone will (as it was with previous hacks).

    Pirates deserve everything they get though, and there’s certainly no excuse of ignorance these days.

    #22 3 years ago
  23. lexph3re

    Or sony can go medieval on they asses.

    Sony: oh, so you wanna break into our fortress huh?
    Hacker: We’re just trying to prove a point. That if we wanted to we could infiltrate your weak defenses!
    Sony: oooooohhhhhh…… is that so?
    Hacker: D@mn right! And we’re gonna let everyone know we can!
    Sony:*picks up a sword*
    Hacker:*deep glare of awe*
    Sony:*glare of intent*
    Hacker:*turns tail to flee*
    Kevin Butler: HaHa! Have at thee!!!! *sword thrust*

    #23 3 years ago
  24. Robo_1

    @17

    Well I tell you what, you tell me how the hackers have benefitted legitimate games developers with this, and then you can tell me who to be angry with.

    You’re portraying the hackers as a gang of thugs, demanding that platform holders run their business in a certain way, otherwise they’ll come back and burn your business down. Maybe they have the power to do that, but it doesn’t mean they’re right to. If you say something on your website which I personally don’t agree with, am I justified in hacking it? Let alone damaging you financially?

    As I’ve said before, I’m sure it’s not the aim of most hackers to enable piracy, but the fact that it does never seems to dissuade them from their endeavours, and that puts them slap bang on the wrong side of the moral argument.

    The Linux issue seems to be the moral fig leaf which many pro-hackers are hiding behind regards all this, and they would have a point if it hadn’t been removed in the first place due to it being used as an avenue of attack to hack the console.

    The minute that happened, Sony must have been under considerable pressure from both publishing partners and investors to kill the problem then and there. Sure, in retrospect pulling the functionality may actually have cost them the mess they’re in now, but then hindsight is a wonderful thing, and who knows, maybe next time a more secure implementation of Linux will be installed on the console, specifically to appease these hacking groups. Lets hope they do more with it next time.

    @19

    Oh no question, somebody certainly deserves to have their arse hung out to dry over this. The fact that it wasn’t picked up during code review is nothing short of astonishing. The actual security system in place is technically sound though, which makes it all the more tragic that such a basic error in its implementation has screwed everything up.

    Hopefully lessons will be learned, and their next products (such as PSP2, which will likely have a huge bullseye painted on it from day one) will be all the more secure because of this.

    #24 3 years ago
  25. Quak0r

    Haven’t you all got the memo. Everything Sony does not want you to do is illegal. If it is then a change in the law is under way. If you resist the corporate overlords you are a pirate, a criminal and a terrorist. And should probably be in jail.

    Seriously though: IIRC it was stated over and over again that the only stuff the involved parties care about is running their own code on the PS3.

    Now I see that the argument is popular right now that the ability to sign the code Sony style enables piracy. But legally speaking one who will write the actual code to run on the PS3 is responsible for it not the one giving him the ability to do so.

    No one is will sue a gun manufacturer for murder.

    #25 3 years ago
  26. Dr.Ghettoblaster

    HAHAHA@15!!

    #26 3 years ago
  27. Callum

    Lol @ 15. Also, Lex, genius sketch.

    I thought this ‘hack’ was of the permanent kind because the code was embedded in the hardware beyond what firmware updates can change?

    #27 3 years ago
  28. jnms

    I can’t believe people are getting this upset about hackers!!

    Talk about capitalist mentality run amock!!

    #28 3 years ago