PS3 News: Rumor: Sony To Combat Hacking With New PS3 Model - PS3 News

Members Login: Register | Why sign up? | Forgot Password?

Rumor: Sony To Combat Hacking With New PS3 Model

As most of you know, many retailers have been offering sale prices for the PlayStation 3, and hacking has become an issue.

The combination of these two facts, along with a supposed inside source, has led to the belief that Sony is currently prepping a new PS3 model. According to EverythingHQ, Sony is looking into a new "hack-proof" machine. An anonymous source claims Sony is "already deep into plans" and the recent Killzone 3 leaks may have helped to spur on the process. The source adds the new PS3 will be a Slim model and hold a 300GB hard drive, with a European price tag of £186.99, which may or may not be true. All those PS3 sales you see is evidence of Sony trying to get rid of the current PS3 models in preparation for the new console, although Sony hasn't said anything official about a revamped machine. Their battle with hacker George Hotz - aka, "GeoHot" - has been well documented, though, and we won't be adding any commentary to the ongoing arguments and discussion. All we'll say is that there are better ways of making a point.

We'll let you know if the new PS3 SKU gets confirmed at some point. If the rumors are true, it shouldn't be too far off.

Tags: ps3, playstation 3, sony, ps3 hack, ps3 security

2/22/2011 4:11:10 PM Ben Dutka

Put this on your webpage or blog:
Email this to a friend
Follow PSX Extreme on Twitter

Share on Twitter Share on Facebook Share on Google Share on MySpace Share on Delicious Share on Digg Share on Google Buzz Share via E-Mail Share via Tumblr Share via Posterous

Comments (95 posts)

Phoelix
Tuesday, February 22, 2011 @ 4:25:47 PM
Reply

An "unhackable" PS3 is a moderately bogus idea. The hackers would just have to start fresh with a new console and come up with a new method.

What I'd really like is for Sony to come up with a PS3 that transmits credit card info encrypted (they may already do this, but that's not what the hackers have said). I am legitimately terrified of this possibility.

Agree with this comment 2 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 4:46:32 PM

Yes and no. Fail0verflow have kind of recognized that without the coding error in the authentication coed in the older PS3 firmware, there was no way that they could have reversed the private signing key. Whether they'd have got to any of the other keys without the original PS3 Jailbreak device (a clone of a stolen service USB dongle) is debatable. I think that they would not have got anywhere without the ability to put a PS3 into an already compromised mode before extracting the software keys.

A new SKU will presumably plug the gaps and fix the errors of the past, as well as modifying the security model and using all new internal keys. That should present quite the challenge - one would hope.

Agree with this comment 2 up, 2 down Disagree with this comment

WorldEndsWithMe
Tuesday, February 22, 2011 @ 5:45:03 PM

Wouldn't all new keys make the games worthless on old consoles?

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 8:55:00 PM

New keys would mean that to play the game you have to update your firmware if you haven't already done so. That's always been the case for the PS3, there are games that won't play without such and such a firmware, for example GT5 required 3.55.

Agree with this comment 0 up, 0 down Disagree with this comment

iPwn_3G
Tuesday, February 22, 2011 @ 4:29:32 PM
Reply

I don't know if a new model is the way to go about it. The people who are just now in the market for a PS3 probably are not the most tech-savy type. That might be stereotyping but I believe that if you know how to hack the PS3, even if it isnt that hard, then you have had the PS3 for awhile and dont care about the warranty. Plus with all the PS3s already out there I dont see how a new PS3 model is going to drastically affect piracy rates. Thats just what I think though. Anyone else have thoughts?

Agree with this comment 2 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 4:55:08 PM

Although hackers were able to open firmware 3.56 because they have all the keys from firmware 3.55. they do not have the private signing key used for firmware 3.56 and later. nor are they able to decrypt or modify the firmware updater. That is what makes downgrading from 3.56 extremely difficult. I'd be speculating if I said that this means that firmware revisions after 3.56 will remain secure, but there is definitely a good chance that future firmware will remain more secure.

That would mean that older PS3s running official firmware would potentially be as secure as the new models. If Sony were able to pull that off (speculation again), they could modify the format for game software for future games so that even with the older firmware (3.55 and below) as well as all the old keys, it would not be possible to simply copy the game and resign it. That would make future games much safer from piracy.

In other words, producing a new SKU isn't a bad idea, especially if you can securely update the firmware in older systems too - which Sony apparently has the capability of doing.

Agree with this comment 7 up, 0 down Disagree with this comment

FatherSun
Tuesday, February 22, 2011 @ 6:53:14 PM

If this is true then Sony has either found a way to eliminate the issue or at least isolate it to current SKUs. Or maybe they have had the ability all along and waited to examine Geonuts data to move forward. We will know soon enough.

I would consider this damage control. For some reason I feel that Sony will be able to create the new SKU without segregating the user base. Online keys for the old systems only or both old and new?. Something we may have to live with. No matter what something must be done. Developers prefer a secure system and Sony will work to provide that at all costs. I think they are going to come through in every way. Or maybe it's just wishful thinking.

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 9:03:09 PM

@Fathasun,

I think that they will be able to do something through firmware, but they need to go through a couple of firmware iterations with an effort each time to obscure more effectively the update mechanism, so that even if the previous firmware becomes compromised - even in some small way, it doesn't impact the next one. Once they can ensure that the firmware is no longer vulnerable, then I think we'll see a fairly major update to the security subsystem in the PS3. But they have to ensure that however that is accomplished, it's not feasible to crack it any time soon.

Agree with this comment 0 up, 0 down Disagree with this comment

Qubex
Wednesday, February 23, 2011 @ 3:10:11 AM

Highlander, I don't know about "firmware revisions", I think if they knew how to properly fix issues they would in one update. Maybe FW3.56 already does so to some extent, however I do agree that they may need iterations if they are trying to pin down holes in the overall security schema.

George Hotz did tease that Sony made Security101 mistakes. Sony may still be struggling to determine what needs to be fixed in its entirety, which then pays into the firmware revision statement. Honestly though, a corporation like Sony should have known better...

Q!

"play.experience.enjoy"

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Wednesday, February 23, 2011 @ 3:43:48 AM

Qubex,

Fail0verflow were the ones that reverse engineered the private signing key and talked of elementary mistakes in the authentication code, even describing it as an epic fail. GeoHot used *their* methodology and tools to extract the metldr key. GeoHot is an egotistical liar. I'm not sure why you are attributing a lot of this stuff to him, I think perhaps you need to do some more digging.

The point though is that 3.56 fixes the authentication code, uses a new signing key and altered the entire firmware updater making downgrading firmware much, much harder for ordinary users, and preventing the introduction of a CFW for 3.56 (thus far).

I talked of iterations because if I was Sony I wouldn't put all my eggs in one basket. I'd start by fixing the primary issues and making it much harder to use the same or similar attack methods as have already been used. Only after the firmware delivery and update process has been secured would I make major changes to the operational security of the system. You want to make sure that the major changes are not so easily compromised, but fixing the walls first.

Agree with this comment 0 up, 0 down Disagree with this comment

AStiffyIffy
Tuesday, February 22, 2011 @ 4:31:29 PM
Reply

What purpose would this serve? The hackers already have a PS3. It's not like something would happen that would destroy all the hacked PS3's and they would be forced to buy the new version.

Agree with this comment 2 up, 1 down Disagree with this comment

FatherSun
Tuesday, February 22, 2011 @ 5:15:00 PM

The purpose would be to ensure developers that they can continue to develop games for the PS3 without the piracy issue become as widespread as possible. Consumers can also be made aware that the issue has been resolved. Older models will of course be sensitive but may be controlled via updates.

Agree with this comment 2 up, 0 down Disagree with this comment

Cavan1
Tuesday, February 22, 2011 @ 5:18:37 PM

also you mise well, its not like theyve stopped making ps3's, you mise well make the current crop of ps3's hack proof, as where only half way through sony's 10 yr cycle so i expect between 80-100 million ps3's to be sold in its full lifetime, so that would still be about half of ps3's that would be "hack proof"

Agree with this comment 1 up, 0 down Disagree with this comment

AStiffyIffy
Tuesday, February 22, 2011 @ 9:03:22 PM

@ FATHASUN

I didn't think about that. It would limit the available "hackable" PS3's in the future. But the hackers already have hacked PS3's. So, it's not like this new console is going to stop them specifically. That's the point I was trying to make in my initial post.

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 9:14:18 PM

I don't know, this new SKU might use a totally different format for the way executables are digitally signed and encrypted. Of course that would pretty much require Sony to somehow retrofit that into the existing PS3 population via a firmware update. So a lot depends on how much Sony can do with future updates to harden the system and change keys that are currently compromised.

Agree with this comment 0 up, 0 down Disagree with this comment

somethingrandom
Tuesday, February 22, 2011 @ 4:51:30 PM
Reply

Well they already are banning hacked PS3's from the PSN...

Agree with this comment 0 up, 0 down Disagree with this comment

AStiffyIffy
Tuesday, February 22, 2011 @ 4:53:42 PM

I have a hacker friend and the hackers are already bypassing this, according to him.

Agree with this comment 1 up, 1 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 4:56:52 PM

Temporarily by using a valid console ID that they have stolen from another PS3. PSN still detects custom firmwares and the new ID get's banned quickly, which makes it pointless. Not to mention the fact that if you do that, the person who's console ID you stole is now the victim of a crime. Yes, doing this would be a crime in most countries under their computer mis-use laws.

Agree with this comment 4 up, 0 down Disagree with this comment

AStiffyIffy
Tuesday, February 22, 2011 @ 5:03:44 PM

Thanks Highlander. I had forgotten about the exact methods in which the hackers bypassed it. But you just jogged my memory. By the way, if I were a victim of this, how would I go about fixing it? By taking it up with Sony?

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 5:08:53 PM

Yeah, you'd have to talk to Sony as there is no other way to remove a console ID from their database of banned systems. I would expect that they will have to come up with some kind of procedure to allow your console to be scanned by their system to check it's running official firmware, and then they could unban it. I also expect that criminal charges could follow if they can trace the person who stole the ID.

Agree with this comment 0 up, 0 down Disagree with this comment

FatherSun
Tuesday, February 22, 2011 @ 5:17:47 PM

It seems if you fall victim in all this many hoops would have to be jumped. This would become class action if a lot of consumers are affected. We will own GEONOT!

Agree with this comment 4 up, 0 down Disagree with this comment

Mamills
Tuesday, February 22, 2011 @ 8:37:44 PM

i heard the only way to get another console id is to get it from a place that refurbish them or if someone is dumb enough to give it out

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 9:00:04 PM

Mamills is correct,

the length of the console ID means that simply guessing a valid one isn't going to work. So you need to know for sure the number is valid. The only way to do that is either to have physical access, or as you say if the system went through a shady refurb or repair place.

Agree with this comment 0 up, 0 down Disagree with this comment

matt99
Tuesday, February 22, 2011 @ 5:23:43 PM
Reply

You know, if these hackers used all the time they devoted to cracking the ps3 to work, they could afford the ps3 games and have money to spare.

Agree with this comment 4 up, 1 down Disagree with this comment

shadowscorpio
Wednesday, February 23, 2011 @ 12:43:42 AM

You know, right? They would do better just working for Sony. They could work for SOny, purposely hacking test PS3 in order to help Sony understand what they would need to do in order to improve security.

I guess they are already kind of doing that. They're just not getting paid for it. I'm trying to understand this, how detrimental could this get, as it pertains to the law abiding PS3 owners, if these hackers continue to be successful in hacking the PS3? Anyone?

Agree with this comment 0 up, 0 down Disagree with this comment

FatherSun
Tuesday, February 22, 2011 @ 5:28:03 PM
Reply

Could it be that since Sony has examined GEONOTs data they have found ways to counter the hacks? I wonder if they could/would manufacture a new SKU in that short amount of time. I was hoping they would find a way to do so without alienating the current user base.

This hacking debacle has me pissed. I would be furious if my ID got stolen and banned. I would gladly give up my PS3 in order for Sony to inspect it for any violation of the TC.

Such a shame this loser does not use his brain for a worthy cause. Hey Goe, You are a wannabe YouTube rap star beggar/Hacker/security specialist. Your Mom must be proud. Now run upstairs from your smelly basement and tell her.

Agree with this comment 9 up, 1 down Disagree with this comment

shadowscorpio
Wednesday, February 23, 2011 @ 12:48:53 AM

This pisses me off too. How many people are theses hacker/hackers going to take down just to be known as the one who could crack the PS3 when Sony said they couldn't. I support Sony all the way. These hackers need to leave us alone already and not corrupt our systems. For the love of all that is sacred.

Agree with this comment 0 up, 0 down Disagree with this comment

thj_1980
Tuesday, February 22, 2011 @ 5:41:55 PM
Reply

If so let me hope for the best ever.
- Card readers once more
- 6 usbs 4 front 2 back
- even a smaller RSX and CELL down to around smaller than 45 so th ylod could almost be impossble to happen again.
- Keep the same price $299.99
- Abit lighter and quiter
- a better cooling system and better stock thermal paste
- includes a standard 250 gb for standalone model bigger for other editions
- some speical editions are different colours and engravings too!!!!

- ps2 combatibily without increasing the price.

if all of thoese are features are goign to be incoorperated consider 1 sold because i would definatly purchase one.

Last edited by thj_1980 on 2/22/2011 5:47:25 PM

Agree with this comment 5 up, 1 down Disagree with this comment

StangMan80
Tuesday, February 22, 2011 @ 5:51:25 PM

I don't see the need for six USB ports but of all those features are coming I;ll be buying another PS3 sooner then later.

Agree with this comment 1 up, 1 down Disagree with this comment

The Doom
Tuesday, February 22, 2011 @ 5:59:39 PM

thats just wishful thinking

Agree with this comment 1 up, 0 down Disagree with this comment

thj_1980
Tuesday, February 22, 2011 @ 6:25:07 PM

the only reaosn why i siad we need 6 is because 2 doesn't cut it anymore. the new xbox lsim got like 6 and also the older ps3 had 4 which is reasonable. I would like to have at least 6 because we get 4 in the front so it will be easier to have multiple devices, 2 in the back so the camera will not need to go as far and easier in genreal. also for thoese who use thier ps3 to power other usb devices from the back that don't want to get wires tangled int he fron it can be very useful. But i bet only 2 of these features will even make max. SOny is a pretty cheap company considering how much money they make alone with the ps3 so they definalty got the moeny.

Agree with this comment 1 up, 1 down Disagree with this comment

WorldEndsWithMe
Tuesday, February 22, 2011 @ 5:47:28 PM
Reply

That would be dumb. People would just use all the old consoles on sale.

Agree with this comment 0 up, 0 down Disagree with this comment

The Doom
Tuesday, February 22, 2011 @ 6:06:17 PM
Reply

Sony really needs to learn the meaning of the word discreet. No hardware on this planet is hack proof and even if they manage to make a hardware more improved than the current, announcing it so even the hackers could hear isn't very smart. Hell, It draws more attention to their newer hardware. All this announcing that they're doing bans shouldnt have been done; just ban the bastards! Dont give hackers a chance if theyre threatening your company.

Agree with this comment 2 up, 2 down Disagree with this comment

Looking Glass
Tuesday, February 22, 2011 @ 6:57:23 PM

I think you might be jumping the gun at least a little bit. As far as I can tell Sony hasn't actually said anything at all about this.

Agree with this comment 2 up, 0 down Disagree with this comment

FatherSun
Tuesday, February 22, 2011 @ 6:18:53 PM
Reply

Hold up!!!..EverythingHQ?????????

I went to that site and it was created it seems only to generate a rumormill and hits for N4G. No archives, no nothing. Hit the about button and also NOTHING! Whats up with that? The writer is Ken? Ken who? Wheres Barbie?

And now the site is reporting that M$ has made a donation to GEONOT. Hmm... if I am not mistaken Sony losing this battle is a negative for M$ as well. Bullshit!!!!

I will investigate further but the man in the Brown Santa suit just delivered my orders to support the ISA on th planet Helghan. Wish me luck guys. I may not survive!

Last edited by FatherSun on 2/22/2011 6:19:30 PM

Agree with this comment 5 up, 0 down Disagree with this comment

thj_1980
Tuesday, February 22, 2011 @ 6:26:07 PM

HUH????

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 8:58:14 PM

Say what now? I found the same story on a few other sites, earlier too. geek.com, for example, but they linked to everythingHQ.

Agree with this comment 0 up, 0 down Disagree with this comment

Lord carlos
Tuesday, February 22, 2011 @ 6:26:47 PM
Reply

I hope they do,i've spent a sh!t load of cash on PS3 stuff & it gets on my t!ts knowing theres pirate scum out there getting awesome playstationess for free :(

Agree with this comment 0 up, 0 down Disagree with this comment

The Doom
Tuesday, February 22, 2011 @ 8:37:54 PM

HUNTER!! ...and it looks Canadian.

Agree with this comment 0 up, 0 down Disagree with this comment

RadioHeader
Tuesday, February 22, 2011 @ 6:33:18 PM
Reply

187 quid? That's way too cheap!

I fear I may be compelled to go out and buy five of em, even though my 3 year old fatty runs like a dream. F*** it, I'll take ten.

Agree with this comment 0 up, 0 down Disagree with this comment

thj_1980
Tuesday, February 22, 2011 @ 6:40:48 PM

HAHAHAHh take 20 for crying out loud!!!!
Still I would like to get another one if any of my mentions above are incoorperated. But keep that old fat one instead for now.

Agree with this comment 0 up, 0 down Disagree with this comment

RadioHeader
Tuesday, February 22, 2011 @ 6:47:05 PM

I'll buy 20, but only if you promise to take some off my hands if I run out of storage space.

Agree with this comment 0 up, 0 down Disagree with this comment

FatherSun
Tuesday, February 22, 2011 @ 6:58:15 PM

Before all this madness I said that with all of the momentum that a price drop would put Sony in a dominant position in the market.

It seems like Sony is on an offensive regarding new ventures into mobile and computing markets but at the same time on the defensive regarding its reputation and security. 2011 is going to be extremely interesting.

Agree with this comment 2 up, 0 down Disagree with this comment

pyrobomber70
Tuesday, February 22, 2011 @ 8:43:17 PM
Reply

To combat the problem, all online users should be forced to download and install any and all current firmware updates before they can play online or visit the store or anything else that would be associated with currency. In other words no online play without current updates already installed. If you don't play online you have nothing to worry about. I think that would solve the many problems the network and store are currently having right now. The hackers would be pissed but who really cares!

Last edited by pyrobomber70 on 2/22/2011 8:45:56 PM

Agree with this comment 0 up, 0 down Disagree with this comment

matt99
Tuesday, February 22, 2011 @ 8:49:30 PM

Don't you already have to install the latest update to use anything online?

Agree with this comment 1 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 8:56:55 PM

Yes, they actually made us all agree to new terms of service this last week or so, and there was an updated version of 3.56 to download as well (it fixed a problem some were having when they installed a new HDD at the same time as upgrading firmware. Frankly, when you're updating the HDD make sure that your firmware is up to date first, don't do both at once, that's asking for trouble.

Agree with this comment 1 up, 0 down Disagree with this comment

AStiffyIffy
Tuesday, February 22, 2011 @ 8:58:39 PM

@ pyrobomber

Umm...it's already like that. You can't do anything online without the latest update. And within a day, the hackers cracked the update and installed it on their CFW PS3's.

Last edited by AStiffyIffy on 2/22/2011 9:00:20 PM

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 10:10:30 PM

No they didn't. Within a day they unpacked the firmware and extracted the public keys within it. What they didn't do was obtain the new private key thanks to Sony fixing the authentication routines. Nor were these hackers able to unpack the encrypted contents of the update. Nor have they been able to find a way to take a PS3 running 3.56 and easily downgrading it to 3.55. There is no 3.56 CFW, and the private key used from 3.56 forwards is unknown. The 3.56 updater will only update to a firmware signed with the new authentication key. So once you are on 3.56, there's essentially no going back short of glitching the flash ROM.

Agree with this comment 1 up, 0 down Disagree with this comment

AStiffyIffy
Tuesday, February 22, 2011 @ 10:34:40 PM

My mistake. I just get the jist of things from my friends. Although he doesn't go into exact details like you do.

Agree with this comment 0 up, 0 down Disagree with this comment

Soultaker
Tuesday, February 22, 2011 @ 11:21:19 PM

Actually highlander they've recently been able to spoof 3.56 and are able to downgrade from 3.56 now :/ no psn access or anything as of yet

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Wednesday, February 23, 2011 @ 12:34:45 AM

I know they can downgrade from 3.56, but to do it you have to glitch the flashROM, you can't make the system downgrade unless it thinks the firmware is corrupted.

Spoofing 3.56 only works for about an hour until PSN asks for something in a way that can't be spoofed.

Agree with this comment 1 up, 0 down Disagree with this comment

Qubex
Wednesday, February 23, 2011 @ 2:59:03 AM

Highlander, I don't think the authentication routine has been fixed, it is just that George Hotz has not released the metlr key which is the main key that allows you to break the authentication chain at boot up.

Geohot is the only one who knows it, I don't failoverflow have it, but apparently it can't be fixed. As Geohot is gagged due to the court case metlr has not been released...

Q!

"play.experience.enjoy"

Agree with this comment 0 up, 1 down Disagree with this comment

Highlander
Wednesday, February 23, 2011 @ 3:37:32 AM

Qubex, I was under the impression that GeoHot has in fact released the metldr key, which is not the root hardware key incidentally. That is what precipitated Sony's court action against him.

The authentication routine has been fixed, and a new private signing key has been implemented. the authentication routine I am referring to is the SELF authentication that verifies that the digital signature is valid. The flaw was that the routine did not use random numbers, that is what allowed the old private signing key o be reverse engineered. That flaw was fixed, and minor alterations were made to the basic algorithm to foil an easy repeat attack. Research this, you'll find this is all in the notes and comments about 3.56 from the various people who hack this system.

Agree with this comment 1 up, 0 down Disagree with this comment

Qubex
Wednesday, February 23, 2011 @ 8:30:47 PM

Yes, after doing some digging again - as it has been some time - you are correct about the metldr key. I guess with the authentication issue fixed in FW3.56 it will be difficult for the hackers to do much more then.

Q!

"play.experience.enjoy"

Agree with this comment 1 up, 0 down Disagree with this comment

Highlander
Wednesday, February 23, 2011 @ 8:59:45 PM

Sorry Qubex, I have been very assertive in my replies to you, probably far more than is entirely civil. I do apologize for that.

Agree with this comment 0 up, 0 down Disagree with this comment

pyrobomber70
Tuesday, February 22, 2011 @ 9:02:04 PM
Reply

TheHighlander-Do you know how you have the option to check for the latest updates for your PS3 in your XMB? They need to remove that and force everyone from now on and have no exception to the rule to use anything on their system. Just my 2 cents. PEACE!

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 9:07:25 PM

Well, this last week, our systems would not sign into PSN without us agreeing to the new terms and conditions, and generally when there is a new firmware, it's immediately clear because the system refuses to go online without it.

You can manually check via the settings menu on the XMB, System Update is the option at the very top of the menu. But, the system automatically detects when a new firmware is required as soon as you switch on, and it won't attach to PSN without it.

Agree with this comment 2 up, 0 down Disagree with this comment

AStiffyIffy
Tuesday, February 22, 2011 @ 9:11:12 PM

I don't think that would be a smart idea. Some updates removed features (Linux for example) and people would be severely pissed if the PS3 automatically updated without any user input.

Agree with this comment 1 up, 0 down Disagree with this comment

Qubex
Wednesday, February 23, 2011 @ 2:51:21 AM

Yes AStiffy... people like myself were and still are upset by the whole episode...

Q!

"play.experience.enjoy"

Agree with this comment 0 up, 0 down Disagree with this comment

PS3addict
Wednesday, February 23, 2011 @ 10:31:18 AM

This actually would help prevent hacking as it is too easy to get a cfw (Custom Firmware) and flash the PS3 with that from a thumb driver. Forcing the system to take in directly from the internet on your PS3 would make it harder to mod.

Agree with this comment 0 up, 0 down Disagree with this comment

pyrobomber70
Tuesday, February 22, 2011 @ 9:07:53 PM
Reply

@TheHighlander-Does it all have to do with the security keys then?

Agree with this comment 0 up, 0 down Disagree with this comment

AStiffyIffy
Tuesday, February 22, 2011 @ 9:12:16 PM

Dude, instead of making new posts, hit the reply button on your first post. It's more structured like that.

Agree with this comment 1 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 9:34:45 PM

Yes, it comes down to the keys. Sony has already changed the signing key for new games. However Geohot published a specific key that would allow a competent programmer to write a new game loader that could essentially ignore the digital signature, making the signing key irrelevant. There was a flaw in the earlier firmware that allowed many of the keys to be reverse engineered. The private signing key, for instance, isn't actually in the firmware. So by fixing the flaw in the firmware, altering the encryption method slightly and using a new private key, Sony has re-secured that key. However, as long as hackers can create a custom loader to ignore the signature on the executable, it's impossible to ignore the threat of piracy.

One way to over come this would be to find a way to ensure that the loaders running are authenticated regularly while they are running, which would allow the system to detect and terminate a custom loader. You'd also want to change the way executables are formatted, use a new signing key for authenitcation, and any number of other options for securing the actual game programs from being played on compromised firmware. The game could - for example authenticate itself while running and self terminate if it finds it's been modified (this is actually far more possible than it sounds).

There are many other tricks and methods that could be used, and I'm certain there are many, many more ways I am not aware of.

But the basic thing is that to prevent the PS3 userbase being segregated, Sony has to 1. secure the firmware update process, 2. secure the game delivery format and 3. modify the load process to overcome the problems caused by compromised keys.

Agree with this comment 2 up, 0 down Disagree with this comment

The Doom
Tuesday, February 22, 2011 @ 10:12:32 PM

@TheHighlander
...why aren't you working for Sony?

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 10:21:36 PM

Because they have people who are better at the details than I am...

;)

Agree with this comment 0 up, 0 down Disagree with this comment

shadowscorpio
Wednesday, February 23, 2011 @ 1:03:15 AM

Nice Highlander.

Agree with this comment 0 up, 0 down Disagree with this comment

pyrobomber70
Tuesday, February 22, 2011 @ 9:10:38 PM
Reply

@TheHighlander-How would you solve the problem then? Is it possible to solve the problem anymore or is it time for a new console completely?

Agree with this comment 0 up, 0 down Disagree with this comment

pyrobomber70
Tuesday, February 22, 2011 @ 9:16:38 PM
Reply

SORRY!

Agree with this comment 0 up, 0 down Disagree with this comment

pyrobomber70
Tuesday, February 22, 2011 @ 9:34:25 PM

Why do people need Linux anyways?

Agree with this comment 0 up, 0 down Disagree with this comment

Qubex
Wednesday, February 23, 2011 @ 2:55:42 AM

Because its free, open source, flexible and gives people freedom to do what they want... I am sure many computer and software innovations would not have occurred at the speed they have done so if Linux (Unix) was not around... it is the fact that the software is free, easy on resources (i.e. it can be run on lighter cheaper hardware), price effective and efficient.

Most of the web runs on Linux/Unix based system... Many scientific, research and educational institutions rely on it to run their labs... and not to mention the US of A's very own air-force that uses a cluster of 3000 odd PS3's all interconnected and running Linux...

Really think about your question again!

Q!

"play.experience.enjoy"

Agree with this comment 0 up, 0 down Disagree with this comment

kraygen
Tuesday, February 22, 2011 @ 9:47:30 PM
Reply

Doesn't matter to me either way. I have a good fatty and I use it the way Sony intended. I will soon be purchasing a slim and whether it's "unhackable" or not won't matter to me, because I'm buying it for the purpose of using it the way sony wanted me to.

I don't know why people do this stuff, I want to play ps3 games, not take my ps3 apart and see what I can break.

Agree with this comment 1 up, 0 down Disagree with this comment

Qubex
Wednesday, February 23, 2011 @ 3:05:36 AM

"I don't know why people do this stuff, I want to play ps3 games, not take my ps3 apart and see what I can break."

Kraygen, I don't think anyone wants to break their PS3's specifically, they would just like to use it they way they want to use it. As it is your equipment you paid for you should have every right to use it legally the way you want to use it... That includes running open source legal software on it if permitted by the hardware manufacturer...

We had this feature once, it was called Linux, before it was removed.

Q!

"play.experience.enjoy"

Last edited by Qubex on 2/23/2011 3:05:57 AM

Agree with this comment 0 up, 0 down Disagree with this comment

kraygen
Wednesday, February 23, 2011 @ 4:54:24 AM

Yes, but to remove the secondary OS option was the users choice. To use the psn, it had to be removed, if you wanted to keep it, that was fine, but you couldn't get on psn.

I know they don't want to break it, but I don't understand why they are even trying to use it this way, it's not like the ps3 is the best computing device on the planet, go put linux on a computer for crying out loud.

Agree with this comment 1 up, 0 down Disagree with this comment

PS3addict
Wednesday, February 23, 2011 @ 10:34:29 AM

No, you could not play any games online either. It was a bogus move by Sony, but yellow dog did not really run as great as I think it should have, but my Sega, NES and SNES emulators are badly missed....

Agree with this comment 0 up, 0 down Disagree with this comment

pyrobomber70
Tuesday, February 22, 2011 @ 9:48:47 PM
Reply

@TheHighlander-Thank you very much for the information. I think this whole thing is completely stupid and shouldn't be happening in the first place. If I was Sony any hacker that I could stop would get 1 year of penitentiary time with no time for good behavior no matter how bad or little the hack was. Maybe some prisoners could hack some ass and they would learn their lesson!

Agree with this comment 1 up, 0 down Disagree with this comment

Highlander
Tuesday, February 22, 2011 @ 10:20:53 PM

The thing is that most of the Linux users were victims of this whole thing too. perhaps 1% of all PS3 systems sold with OtherOS capability actually were used for it. That's about 150,000 systems. Of that number, fewer than 1% were so offended by the unfortunate removal of OtherOS that they felt it necessary to do more than swear silently about it. In other words the vast majority of Linux users found other ways, or made the compromise of not updating. A very, very small number (comparatively) of people are behind the hacking of the PS3. Their 'work' is damaging the experience of millions of gamers. Whether it's cheating or malware or piracy, a hacked console is subject to all of the negative aspects of computers today. So anything that Sony can reasonably do to put an end to it is fine in my book.

There really are some people for whom HomeBrew is simply a hobby and they don't cheat or pirate games, they too are victims of all of this because they are branded along with the pirates and cheats. But in truth, there's nothing anyone can do to avoid that. Custom firmwares are primarily used by people who wish to cheat online or play free games. The truly legitimate use of such firmware is a miniscule fraction of the whole.

So I do have sympathy for the Linux folks negatively affected by this, and even to some extent the homebrew enthusiasts too. But any reasonable person has to acknowledge that because of the risks associated with custom firmware and hacked consoles, Sony can't ignore the threats because of a tiny number of users who would be inconvenienced. It sucks, but it's reality. At the end of the day I blame GeoHot and the PS Jailbreak guys for stealing and copying a USB maintenance dongle. Without those two events much of what has happened would not have.

Agree with this comment 3 up, 0 down Disagree with this comment

Soultaker
Tuesday, February 22, 2011 @ 11:26:26 PM

pyro we actually have a topic about all this non-sense thats going on in the forums if you'd wanna join in on it

http://www.psxextremeforums.com/playstation-3/12757-something-we-should-worry-about.html#post163954

Agree with this comment 0 up, 0 down Disagree with this comment

Qubex
Wednesday, February 23, 2011 @ 2:38:47 AM

Highlander, great to see you acknowledge the genuine homebrewers.

Look, I have to say this when standing back from the whole situation. I feel Sony missed a great opportunity by not going "beyond the console", in some ways homebrewers feel that Sony could have done so much more with the hardware. I would say go as far as Apple and create a multi purpose computing format that computer enthusiasts and gamers could have enjoyed.

Whilst I understand Sony was under pressure after M$ released the xBot 360 a year earlier, I felt they could have spent some more time putting together a real killer package that went beyond the console.

Sony could have, from the outset :-

1] Produced 2 SKU's, one premium model and one basic model

2] Premium SKU could have included all the bells and whistles including a very sleek mini keyboard and mouse - apple style. They could have also included Sony-based distribution of Linux installed including Sony branded applications. They could have actually promoted the Premium SKU as a 64bit home computer come console. Parents could have been sold the idea that John Doe kid could do Word processing and Art on the PS3 under Linux and switch over GameOS to play the console games.

3] Standard SKU could have been the cut down Slim we see today. Purely as a Blu-Ray player, come game console, come online device for the living room.

4] Both should have come with at least 1GB on the motherboard

As of today though, whilst I have enjoyed what Sony have produced now (and in the past), I don't like the big brother direction they are going in. As of today Sony has a very active root-kit installed on our consoles - and the new terms and conditions stipulate that everything that is on your PS3 (inclusing information on all devices connected to your PS3) is scannable and reportable. They will even monitor what websites you are visiting through their browser. To be honest this makes me very uneasy.

I will watch closely what they do, but if I feel my privacy is too compromised I may decide to sell up and go the PC route. I do love my PS3 but as the days go by I do realise more and more that I miss the flexibility of doing what I want on the hardware I own. I would like to emulators so I don't have to keep old hardware around, I want to save space, but Sony being Sony, they are simply taking away all flexibility from the system. Considering I lost Linux and had to get work to donate me an old PC to use it again, it is pretty sad...

I see for example the Neo-Geo emulator is available. I haven't got it yet, but I probably will. My feeling is that Sony can take a long time to come out with stuff people want, and that is why Homebrew works in that enthusiasts release stuff very quickly and are more nimble and flexible than large corporates...

Sadly, its the only console I know that has lost features as it has matured, not really gained any, accept for very specific things.

I understand the grievances of the homebrewers and hackers, I can't really lambaste them for standing up for what they believe in...

Interestingly enough, "Geohot" has just successfully concluded a donation drive to fight Sony for what they believe in, incredible support he seems to be getting... This situation has obviously evoked a lot of emotional reaction with many people on forums saying this console is the last piece of Sony hardware they will ever spend money on. Some I read were going to purchase Bravia TV's but purposefully chose LG or Samsung instead... PR wise I don't know if Sony are doing themselves any favours :(

In conclusion, I think Sony HQ has handled this whole hacking debacle terribly, I think the Linux is very sad - to be taking a feature away I genuinely wanted and paid for, and they continue with scare tactics and big brother moves. I think it will all back fire in the end.

This is the feeling I am getting when I read the interwebs...

Q!

"play.experience.enjoy"

Last edited by Qubex on 2/23/2011 2:46:45 AM

Agree with this comment 1 up, 0 down Disagree with this comment

Highlander
Wednesday, February 23, 2011 @ 3:13:04 AM

Qubex,

There is no rootkit on your console. All there is is the same thing there has always been there, the ability of the console to report it's status to PSN whether you login to PSN or not, and the ability of PSN to interrogate the system to determine what firmware it's running and whether the system has been compromised. The rootkit allegation comes from a single tweet by one of the better PS3 hackers around who has insisted that his comments have been misinterpreted multiple times.

A rootkit is a piece of code that hides from the OS runs at the OS level and does things that the OS doesn't know about.

The closest you could get to that in the PS3 is the SPV which has been in the pS3 since day 1. It's a completely autonomous security subsystem that runs at a privileged level outside of that maintained by the OS on the system. This has been there since day 1, it's nothing new, nor are the terms and conditions we re-accepted much different than the ones that went before, the most notable difference is that the code of conduct section now explains things in much more user friendly terms than it did before.

To be honst, I completely disagree with your assessment of the situation. Geohot has been nothing but a destructive influence. It was his actions that precipitated the removal of OtherOS, it is he that released the metldr key publicly. I'm sorry, but nothing that ego-maniac has done has been anything but self serving. I do acknowledge the homebrew folks and even OtherOS folks. But there is simply no way that you can reasonably expect Sony to sit idly by while their console is hacked to pieces simply to continue supporting a relatively tiny number of Linux users. Yeah, it sucks, but at the end of the day, you have a far, far, far greater number of paying customers using the PS3 for it's primary purpose games and BluRay.

You and I can make all the high minded arguments about the merits of Linux and legitimate Homebrew all we like, but when there are 10,000 online cheats and 10,000 game pirates for every 1 person who only wants to use Linux or program some HomeBrew apps, our discussion will ring awfully hollow.

Either way, the situation as it is thanks to the jailbreak guys, Fail0verflow and GeoHot leaves Sony absolutely no choice but to do as they are doing.

Agree with this comment 3 up, 1 down Disagree with this comment

shadowscorpio
Wednesday, February 23, 2011 @ 1:07:51 AM
Reply

Why haven't these hackers been arrested, yet?

Agree with this comment 1 up, 1 down Disagree with this comment

___________
Wednesday, February 23, 2011 @ 1:42:59 AM

because you cant arrest someone for doing something legal.
well, at least not outside the US.

Agree with this comment 1 up, 2 down Disagree with this comment

Qubex
Wednesday, February 23, 2011 @ 3:03:31 AM

How are you going to arrest people who have no faces across the interwebs... with many of them sitting behind multiple proxies...

Q!

"play.experience.enjoy"

Agree with this comment 0 up, 0 down Disagree with this comment

___________
Wednesday, February 23, 2011 @ 1:42:14 AM
Reply

sure, thats what they said about the ps3!
as the saying goes where theres a will theres a way.
NOTHINGS impossible!

Agree with this comment 0 up, 1 down Disagree with this comment

Qubex
Wednesday, February 23, 2011 @ 2:49:05 AM

The issue is, the more Sony plays big brother and threatens to sue everyone, the more the hackers and pirates will try to break any new system that is released...

The whole thing has been PR nightmare for them. There are hundreds of people already downloading Killzone 3 torrents :( The vast majority, like ourselves, will of course purchase the game, mine is waiting for me my local game shop. Going to pick it up soon...

Q!

"play.experience.enjoy"

Agree with this comment 2 up, 1 down Disagree with this comment

Highlander
Wednesday, February 23, 2011 @ 3:31:15 AM

Qubex,

I was under the impression that you were something of an Open Source proponent. Well, tell me this, the GPL has provisions in it that cover someone taking your code and using it improperly, what are the measures of recourse you have at your disposal? Yes, that's right, you take the offending party to court and fight it out there. That's because the GPL is a software license. Just like the GPL, the firmware and system software and games on the PS3 are covered by a license, and if you break the terms of that license you get taken to court. GeoHot clearly broke the license terms. Sony removed the OtherOS option as a consequence of HIS actions. There was no indication prior to his widely publicized hacking of the Hypervisor, that Sony had any intention of removing the OtherOS option.

Your comments all lean towards blaming Sony for the entire situation, when in fact all they have done is produce an awesome consumer electronics product and support it. They have at each turn responded to action by the hacking community. I'm utterly sick of this myth that Sony is somehow to blame because they removed OtherOS. If you want to blame anyone, blame GeoHot, it was his action that provoked that response.

Sony has not and is not acting in a big brother manner, they aren't suing everyone on the planet or whatever. Their attorneys issued multiple discovery requests in their case against GeoHot, which is a completely normal and routine part of a civil law case in the US court system. Discovery requests are always overly broad because you have to find everything you need at that time, you cannot bring new evidence to the court late in the case. Discovery is about finding out everything. GeoHot placed the information on YouTube and other resources, so it was a natural consequence that the attorneys acting for Sony would request the information about who views what GeoHot published. It's also to be expected that the attorneys ask about his contacts with others in the hacking scene.

Honestly, this is getting truly ridiculous, and please temper your rhetoric about a supposed 'rootkit' on the PS3. Sony owns and writes the firmware and OS on the system, the security subsystem is there's to update as they see fit. There is no rootkit, only the same security elements that have always been there. This whole rootkit thing was put to bed several weeks ago.

If anything, the only true rootkits on the PS3 are actually the custom firmwares created by the hackers. these custom firmwares are little more than hacked up official firmware with security bypassed, and since they actually bypass and disable some of the system security at runtime, the absolutely match the definition of a rootkit. That my friend is what a rootkit does. It's not Sony who's rooting the PS3, it's the hackers. I'll never understand why people will trust custom firmware 3.5x from Bob's basement, but won't trust the real firmware from the equipment's manufacturer. Seems like if anyone was going to sneak in a keylogger or some other nefarious pieces of trojan code, it would be the hacker, not the manufacturer.

Last edited by Highlander on 2/23/2011 3:32:29 AM

Agree with this comment 3 up, 1 down Disagree with this comment

___________
Wednesday, February 23, 2011 @ 8:24:17 AM

i know, there just throwing more fuel on the fire.
instead of trying to cut their fans heads off, they should of secretly created a new SKU and try fix it that way.
throwing law suits like there out of fashion, and serving take down notices to sites you dont have jurisdiction in will win you no friends!
they have completley blown this out of proportion, there like a 8 year old after their mother said no to a new toy!

Agree with this comment 0 up, 2 down Disagree with this comment

STAY3R
Wednesday, February 23, 2011 @ 2:52:43 AM
Reply

tired of these hacking issues, this motherfuckers should die, because of them every year we are missing sequels o some great games, hate them

Agree with this comment 0 up, 1 down Disagree with this comment

Qubex
Wednesday, February 23, 2011 @ 3:00:54 AM

"because of them every year we are missing sequels o some great games"

STAY3R, please quantify your statement, or is that an uneducated guess!

What sequels have we missed because of the hackers???

...and no need for all the hate, its very immature! There is enough hatred in this world as it is.

Q!

"play.experience.enjoy"

Last edited by Qubex on 2/23/2011 3:02:35 AM

Agree with this comment 0 up, 0 down Disagree with this comment

crunchy_nut_kid
Wednesday, February 23, 2011 @ 7:45:24 AM
Reply

mw2 is a monument to how easy the ps3 is hacked. i recently played it and 4/5 lobbys were hacked. i think hacking is fine so long as it doesn't effect anyone else, it just subtracts from the gamers experience.

Agree with this comment 1 up, 0 down Disagree with this comment

Reccaman18
Wednesday, February 23, 2011 @ 8:57:06 AM

That's just the game. Hacking into the PS3 itself is totally different.

Agree with this comment 0 up, 0 down Disagree with this comment

Highlander
Wednesday, February 23, 2011 @ 9:55:22 AM

Since Sony became more assertive regarding hacking, Activision has been similarly more assertive about blocking/banning cheaters and their consoles from the CoD servers. But as Reccaman points out, hacking the game is much less of a challenge than hacking the PS3, and hacking tat particular game is not exactly unique to the PS3 version.

Agree with this comment 0 up, 0 down Disagree with this comment

Zorigo
Wednesday, February 23, 2011 @ 10:45:21 AM
Reply

well then i'd pick up the 250gb slim, the one already out. coz if i trade in my current 40gb, i could get about 100 for that, and then get a new 250gb slim for about 150 (probably). YES!

Agree with this comment 0 up, 0 down Disagree with this comment

thj_1980
Wednesday, February 23, 2011 @ 5:12:41 PM
Reply

Wow Mr. Highlander you sure do have a lot of time in your hands. Your paragraphs make perfect sense. Ever consider a job with SONY? How about participate in the TESTER SEASON 3 if there is one?

Agree with this comment 0 up, 0 down Disagree with this comment

shadowscorpio
Wednesday, February 23, 2011 @ 10:49:01 PM

I can tell you, he's educating me right now. I'm only now begining to understand the technical sides of this issue.

Agree with this comment 0 up, 0 down Disagree with this comment

D1g1tal5torm
Saturday, February 26, 2011 @ 4:55:34 AM
Reply

Devil's Advocate here. If I buy a £20,000 motor - I can do what the hell I like to it.

Why haven't I got the right to do the same with my £250 console?

Last edited by D1g1tal5torm on 2/26/2011 4:55:49 AM

Agree with this comment 0 up, 0 down Disagree with this comment

Leave a Comment

Please login or register to leave a comment.

Our Poll

How do you see Assassin's Creed Unity?
I see an awesome game, period.
I see a good game with a few bugs.
I see a fair game with big problems.
I see a glitchy, crappy mess.

Previous Poll Results