PlayStation 3’s Code Signing Cracked

It seems that things just got worse on the PlayStation 3 front for Sony, if reports are to be believed. At the Chaos Communication Congress held in Berlin, a group that goes by the name of “fail0verflow” gave proof of an exploit that gives full access to the PS3’s hardware, enabling custom firmware to be used, and of course home-brewed and pirated games.

The group accomplished this by figuring out how Sony calculated its private keys. This is the “key” factor into generating signed software for the PS3, and as a result, once exploited with hacked firmware, the PS3 could technically play pirated games even without the use of a dongle, which is currently the only way.

The team ended its presentation stating that Sony’s private key security was an “EPIC FAIL”, but I’m not sure I’d go that far. After all, it didn’t take too long after Microsoft launched its Xbox 360 for it to be hacked, and the same could be said for Nintendo’s Wii.

Where the PlayStation 3 is concerned though, it wasn’t until just earlier this year that hackers finally penetrated the top layer of security. That, to me, is far from being an epic fail. I’m sure both Microsoft and Nintendo would have loved to have had equal-level security on their own consoles.

Assuming that Sony doesn’t take radical action and invalidate their private keys, this could mean that Jailbreaking is viable on all PS3, regardless of their firmware! From the article: ‘Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs Following this, the team declared Sony’s security to be EPIC FAIL!