The FailOverflow hacker team revealed a flaw in the PS3 a few days ago at the 27C3 hackers conference in December 2010. Initially, Sony was not interested in commenting on the hack. However, in a recent reply to the Edge magazine, Sony has confirmed the matter saying,
We are aware of this, and are currently looking into it. We will fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details.
While Sony has confirmed the fix through a network update, FailOver believes that the hardware is compromised and no amount of software fixes can work in this case.
Pytey from the FailOver team throws light on the hack saying,
We will fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details. Applied correctly, it would take billions of years to derive the private key from the public key, or to make a signature without knowing the private key, even when you have all the computational power in the world at your disposal. The signing recipe requires that a random number be used as part of the calculation, with the caveat that that number must be truly random and not predictable in any way. However, Sony wrote their own signing software, which used a constant number for each signature.
The hack allows developers to create and sign their own apps to run on the PS3. Sony might be gearing up to fight this in court but FailOver has an upper hand in the matter being an ethical hacker.