Sony Confirms PS3 Root Key Hack, But the Problem Is In the Hardware!
By on January 8th, 2011

The FailOverflow hacker team revealed a flaw in the PS3 a few days ago at the 27C3 hackers conference in December 2010. Initially, Sony was not interested in commenting on the hack. However, in a recent reply to the Edge magazine, Sony has confirmed the matter saying,

We are aware of this, and are currently looking into it. We will fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details.

While Sony has confirmed the fix through a network update, FailOver believes that the hardware is compromised and no amount of software fixes can work in this case.

ps3-playstation

Pytey from the FailOver team throws light on the hack saying,

We will fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details. Applied correctly, it would take billions of years to derive the private key from the public key, or to make a signature without knowing the private key, even when you have all the computational power in the world at your disposal. The signing recipe requires that a random number be used as part of the calculation, with the caveat that that number must be truly random and not predictable in any way. However, Sony wrote their own signing software, which used a constant number for each signature.

The hack allows developers to create and sign their own apps to run on the PS3. Sony might be gearing up to fight this in court but FailOver has an upper hand in the matter being an ethical hacker.

Tags: ,
Author: Chinmoy Kanjilal Google Profile for Chinmoy Kanjilal
Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. He rants occasionally at Techarraz.com. You can connect with him on Twitter @ckandroid.

Chinmoy Kanjilal has written and can be contacted at chinmoy@techie-buzz.com.

Leave a Reply

Name (required)

Website (optional)

 
    Warning: call_user_func() expects parameter 1 to be a valid callback, function 'advanced_comment' not found or invalid function name in /home/keith/techie-buzz.com/htdocs/wp-includes/comment-template.php on line 1694
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN