Sony Claims It Can Fix PS3 Security Problems

 Pages 1 2 NEXT
 

Sony Claims It Can Fix PS3 Security Problems

image

There's more network updates in store for PS3 owners as Sony's battle against hackers and pirates rages on.

Despite a proverbial double tap of bad news over the last few days, Sony has denied claims that the security for the PS3 is irrevocably compromised. In a short statement, the company said it was aware of the issues on the console, and was working on a solution.

At the very tail end of last year, a hacking group called Fail0verflow gave a presentation which explained in great detail the various security measures that Sony had implemented on the PS3, and how the group had been able to circumvent them all. Just days later, iPhone cracker George Hotz posted the root key for the console online, meaning that people could sign their homebrew software - or pirated games - and convince the PS3 that it was all authentic and official.

Speaking to the BBC, Fail0verflow said that there was nothing that Sony could do about the PS3 security leaks except release new hardware. Sony, on the other hand, had a very different take on the situation, claiming that it could fix the problems with network updates. The company said it was unable to provide any further details, however, as it didn't want to discuss security issues.

Some hackers are actively trying to prevent anyone using their tools to pirate games, but others aren't quite so conscientious. While you can't blame Sony for wanting to get the holes in its security patched up, it's a shame that it's going to be the everyday users - those who didn't do anything wrong - who suffer.

Source: Edge

Permalink

Even if its patched, hackers are just going to continue hacking it. Never ending battle here.

Go Sony, even if you can never make a permanent fix to hackers, I'm glad your putting an effort in.

Yeah I'm pretty glad as well. I might not understand the full scope of the situation here but as long as we (the guys who buy non-pirated games for the PS3) don't suffer, everything will be ok.

I know how to fix it all as well.

Put back in the "other OS" feature. Since, you know, thats what all the hackers were playing with in the first place.

Again, all this is happening because Sony removed the Other OS feature.

Hilarious.

Just remember its not the hackers that are puting the restrictive security and higherprices in play. Its Sony and its lack of creative problem solving.
I am not saying I have any bright ideas on the subject. But I don't think hitting an entire user base with a really big stick is a good plan. Sure most of those users will take it but over time, and with many sticks, I think it would be a issue.

Let's unpack:

Logan Westbrook:
There {is} more network updates in store for PS3 owners as Sony's battle against hackers and pirates rages on.

Twitch.

On topic:

If this plays out like homebrew on the PSP, access to full cpu/gpu access will (eventually) be crippled by a combination of the community and Sony updates, but there is still enough there to play with to give budding programmers some fun and fairly easy to access to a platform they wouldn't normally have. If that comes to pass, I'm plan to turn one of my PS3s into a homebrew machine. Wagic on my TV in HD? YES PLEASE!

I hope this doesn't turn out like Critcal Miss predicted it would, as hilarious as that would be.

EcksTeaSea:
Even if its patched, hackers are just going to continue hacking it. Never ending battle here.

To paraphrase someone earlier on the subject;

"That doesn't mean they should bend over and get fucked."

Croaker42:
Just remember its not the hackers that are puting the restrictive security and higherprices in play. Its Sony and its lack of creative problem solving.
I am not saying I have any bright ideas on the subject. But I don't think hitting an entire user base with a really big stick is a good plan. Sure most of those users will take it but over time, and with many sticks, I think it would be a issue.

That's the problem, it's a circular paradox where nobody wins in the end. You've got the pirates that Sony is worried about, so they put out a simple update to stop them in their tracks. Then the pirates circumvent that, and Sony have to respond, then the pirates find a way around that, and Sony have to respond again, etc... etc... And in the middle of all this are the legitimate buyers that get screwed either way when Sony overreacts to preventing pirates, and when pirates continue screwing with Sony.

In short, this all sucks.

Irridium:
I know how to fix it all as well.

Put back in the "other OS" feature. Since, you know, thats what all the hackers were playing with in the first place.

Again, all this is happening because Sony removed the Other OS feature.

Hilarious.

I knew they'd pay from ripping a feature off of already sold consoles

If Sony sneaks in some goodies for everyone like cross game chat and the ability to play music while in game I'll let them update my system all day.

Translation: "We learned nothing from the PSP and we have just brought in a shiny new brick wall for us to bang our heads against."

Also, so much for any thoughts people had about Sony working with the hackers. Of course they won't, they're Sony.

Jumplion:

EcksTeaSea:
Even if its patched, hackers are just going to continue hacking it. Never ending battle here.

To paraphrase someone earlier on the subject;

"That doesn't mean they should bend over and get fucked."

True, but all they are really doing is hanging a sign on their ass that says "Pretty please don't fuck me, I'm delicate." Seriously, Sony's failure here is mind boggling. They had the tools in place to keep the system free and clear of this stuff. Then one day they decide "You know what would make things more secure? Removing the one thing that lets hackers play around with the hardware without having to crack our platform." So they do it and surprise surprise, they get cracked. And the solution to fix it is staring them right in the face (put "Install Other OS" back in), so what does Sony do? Why the same stupid thing that didn't protect the PSP at all, constantly try to patch holes with firmware updates. And these firmware updates don't even add anything new, it's just a quick plaster job and nothing more, which means no PS3 owner who wants a cracked console for any reason (be it piracy or homebrew) has an incentive to update. Throw in a feature or two people want and suddenly they have to decide if waiting for the homebrew community to make said new features is worth it. But nope, right now they just say "Yeah I'm not going to download this update."

I take back what I said earlier: The sign Sony hung on their ass says "INSERT DICK HERE" with a giant arrow pointing at their bunghole.

Can we at least ensure that people don't cheat in online multiplayer? Used to piss me off when people would cheat and give themselves nothing but unblockable finishing moves in wrestling games.

Hackers will keep hacking, but that's what keeps anti-piracy people employed. At least Sony has been cracking down on piracy. I'm looking at you Nintendo.

Well, I'm going to assume that, if Fail0verflow is correct, Sony is screwed. One down, two to go.

Just give up. They will keep doing it anyways.

All you do is piss off early adopters who get their features literally raped away.

mjc0961:
True, but all they are really doing is hanging a sign on their ass that says "Pretty please don't fuck me, I'm delicate." Seriously, Sony's failure here is mind boggling. They had the tools in place to keep the system free and clear of this stuff. Then one day they decide "You know what would make things more secure? Removing the one thing that lets hackers play around with the hardware without having to crack our platform." So they do it and surprise surprise, they get cracked.

Um...wouldn't it? I mean, that's already assuming that the PS3 wasn't clear from that stuff, so I'd understand their thinking that removing a feature that makes it easy for them to go around doing that stuff

And the solution to fix it is staring them right in the face (put "Install Other OS" back in), so what does Sony do? Why the same stupid thing that didn't protect the PSP at all, constantly try to patch holes with firmware updates.

I highly, highly doubt that this would all be fixed just by putting the "Install Other OS" feature back simply because pirates (because, let's face it, that's who we're talking about here) will just pirate regardless.

Also, on the PSP, I remember hearing that Sony had actually fixed the issue with it and now only a really early firmware version of the PSP will allow homebrew. Take that with a grain of salt as I have no idea if that's true.

So, in short, this still sucks. It's a lose-lose situation for everybody.

Irridium:
I know how to fix it all as well.

Put back in the "other OS" feature. Since, you know, thats what all the hackers were playing with in the first place.

Again, all this is happening because Sony removed the Other OS feature.

Hilarious.

This is all happening because people want free games.

Stupid hackers.

DrunkWithPower:
If Sony sneaks in some goodies for everyone like cross game chat and the ability to play music while in game I'll let them update my system all day.

How the hell are you gonna enjoy those features if Sony is updating your system 24/7 :P

Sniper Team 4:
Stupid hackers.

Well a group of people were able to crack security on a 'uncrackable' piece of hardware. Seems like they're pretty smart to me.

LeonLethality:

Irridium:
I know how to fix it all as well.

Put back in the "other OS" feature. Since, you know, thats what all the hackers were playing with in the first place.

Again, all this is happening because Sony removed the Other OS feature.

Hilarious.

This is all happening because people want free games.

http://www.escapistmagazine.com/news/view/106511-Hacker-Group-Gives-Video-Tour-of-PS3-Security-System

Before they removed the feature, nobody had hacked the PS3. They were all happy to just tinker with Linux.

Irridium:

LeonLethality:

Irridium:
I know how to fix it all as well.

Put back in the "other OS" feature. Since, you know, thats what all the hackers were playing with in the first place.

Again, all this is happening because Sony removed the Other OS feature.

Hilarious.

This is all happening because people want free games.

http://www.escapistmagazine.com/news/view/106511-Hacker-Group-Gives-Video-Tour-of-PS3-Security-System

Before they removed the feature, nobody had hacked the PS3. They were all happy to just tinker with Linux.

You say that as if nobody was trying to do this in the first place.

And Microsoft can solve the Red Ring problem.
Woah-ho!

Good on sony to be actively fixing it.

The xbox360 was hacked a while back, the wii has been hacked(for some reason) and the kinect was smashed open in hours, the ps3? 3 damned years before people can start doing anything serious. its a fort knox of a console, not impregnable, but your damn well gonna take as long as possible to do it :P

VanityGirl:
And Microsoft can solve the Red Ring problem.
Woah-ho!

apparently the kinect causes the red ring of death....

biggles1:

VanityGirl:
And Microsoft can solve the Red Ring problem.
Woah-ho!

apparently the kinect causes the red ring of death....

...Yes, I read the article. But that still doesn't mean Microsoft has FIXED anything. I don't expect Sony to be able to fix their security problems either.

Hmm, let's break this down. First, PS3 is successful, famous for being unhackable, then an exploit appears (again). Unlike before where they block it with an update, they take out OtherOS altogether. That's where things begin - the people who actually used it want to get it back, so they start using their skills and talents to break the security. Few months later, after many outcries and threats to sue (with some actually attempted - I can't remember how it went), someone finally finds a way in and tries to make money off it (Jailbreak). Clones spread like wildfire and Sony try to get them banned in every country (and fail in Spain to my amusement). The PS3 scene really gets everybody's attention then and things take off. Not that long later, PS3 gets broken wide open.

To fix things, they need to learn their lessons from the experience. Firstly, putting OtherOS back will not do a thing - it became too late for that the moment Jailbreak got announced. Secondly, with a 40 minute tour through the PS3 hierarchy and how it broke down, they should take that to heart and rebuild from the ground up. As Sony announced, that means updates. It means a major update, probably to v4.0, and if they don't find some way to completely rebuild the entire PS3 system (considering that they keys to the system are public), it'll happen again. If they do rebuild the entire system, and fill up the holes in their security, they'll probably be successful in recovering. All they can do then is hope that their new games that require the new version to run will be awesome enough to make people want to update to it. It could happen... but probably not. Either way, I hope Sony succeed. I'd rather give my money to Sony than Microsoft (even if I may take this opportunity to try all the small older PS3 games that no shop seems to sell anymore).

LeonLethality:

Irridium:

LeonLethality:

This is all happening because people want free games.

http://www.escapistmagazine.com/news/view/106511-Hacker-Group-Gives-Video-Tour-of-PS3-Security-System

Before they removed the feature, nobody had hacked the PS3. They were all happy to just tinker with Linux.

You say that as if nobody was trying to do this in the first place.

If people were doing it in the first place, it wouldn't have taken this long to crack.

Irridium:

LeonLethality:

Irridium:

http://www.escapistmagazine.com/news/view/106511-Hacker-Group-Gives-Video-Tour-of-PS3-Security-System

Before they removed the feature, nobody had hacked the PS3. They were all happy to just tinker with Linux.

You say that as if nobody was trying to do this in the first place.

If people were doing it in the first place, it wouldn't have taken this long to crack.

Or rather, all the ones who could do it were tinkering with otherOS the entire time.

Jumplion:

Also, on the PSP, I remember hearing that Sony had actually fixed the issue with it and now only a really early firmware version of the PSP will allow homebrew. Take that with a grain of salt as I have no idea if that's true.

From what I've been reading up on, the main, foolproof exploit to replace the firmware on a PSP was 'patched' by the release of the 3000 model, which had a new motherboard that broke itself if you tried (clever bit of design, no?) Nowadays on the 3000 and Go models there are releases for Homebrew enablers and the like, and these are the ones getting patched out by subsequent updates and the like.

Anyway reading Sony's response to this has given me the giggles to be honest, since you would hardly expect a major corp like Sony to just shrug and state 'Yeah, we're boned.' to the public. I am interested in seeing how this story goes from here on.

Logan Westbrook:
Despite a proverbial double tap of bad news over the last few days, Sony has denied claims that the security for the PS3 is irrevocably compromised. In a short statement, the company said it was aware of the issues on the console, and was working on a solution.

At the very tail end of last year, a hacking group called Fail0verflow gave a presentation which explained in great detail the various security measures that Sony had implemented on the PS3, and how the group had been able to circumvent them all. Just days later, iPhone cracker George Hotz posted the root key for the console online, meaning that people could sign their homebrew software - or pirated games - and convince the PS3 that it was all authentic and official.

Sony is full of shit. The console can only use one key at a time, so in order for them to change the key they would have to invalidate every game currently in circulation. Moreover, GeoHot did not release the key to the system itself, he released the key to the gameloader, a completely different key which will allow burned copies and third party software unlicensed by Sony to run.

LeonLethality:

Irridium:

LeonLethality:

This is all happening because people want free games.

http://www.escapistmagazine.com/news/view/106511-Hacker-Group-Gives-Video-Tour-of-PS3-Security-System

Before they removed the feature, nobody had hacked the PS3. They were all happy to just tinker with Linux.

You say that as if nobody was trying to do this in the first place.

Nobody competent was trying to do this in the first place. GeoHot didn't start until they released the news about removing OtherOS.

There are various things they could do, more or less onerous. But there's nothing they can do to prevent current consoles from being 'fixed' (ie further crippled) unless you accept a mandatory firmware update.

Perhaps they can issue new keys and whitelist old games? I've seen that one bandied about. That would mean that pirates would need to hack new games to use old keys, and then you're back to the days of every new game needing to be cracked.

They can just keep adding more layers of protection, like Ubisoft's 'always on' internet connection. New calls into new copy protection checks that only exist in newer firmware. Again, that'd only work with new games but new games would have to be cracked before they got pirated.

Without hardware changes, none of this stops anything, it just makes makes it more annoying. Like the PSP.

Would Sony do something that would stop all old games from working? I'd say no, that would be absolutely ridiculous; but then I remember how far they went to cripple the USB ports to keep Linux off, and I wonder.

LeonLethality:

This is all happening because people want free games.

I love the people who act like they are on a crusade, passed down from on high, to crush the pirate heathens.

You know what Sony did? They went and slapped every customer who bought a PS3 so they could game and run linux in an interesting environment. Sure that wasn't what the fanboi's, such as yourself, bought it for, but that doesn't make their purchase any less legitimate.

Honestly the game's up. The root key is out. That is BIG news. Someone getting a root key on a closed system like the PS3 is huge news. The hardware is configured to only accept software signed with XYZ key. To update, you have to push a new key, which COULD BE READ since it has to be signed by XYZ key to be accepted by the current console. Even then you have to let software signed with XYZ key work since if it didn't everyone's games purchased before the switch wouldn't work.

The best part is that the key matches the PSP's root key. Security epic fail (TM Sony).

Tron Paul:
Sure that wasn't what the fanboi's, such as yourself

And there goes me giving any shit about reading your argument. That's just childish of you to say something like that.

Besides, I would at least like to be called a Nintendo fanboy if any.

Tron Paul:

LeonLethality:

This is all happening because people want free games.

I love the people who act like they are on a crusade, passed down from on high, to crush the pirate heathens.

You know what Sony did? They went and slapped every customer who bought a PS3 so they could game and run linux in an interesting environment. Sure that wasn't what the fanboi's, such as yourself...

And your argument just went out the window the moment you said "fanboi"

biggles1:
Good on sony to be actively fixing it.

The xbox360 was hacked a while back, the wii has been hacked(for some reason) and the kinect was smashed open in hours, the ps3? 3 damned years before people can start doing anything serious. its a fort knox of a console, not impregnable, but your damn well gonna take as long as possible to do it :P

Originality:
Hmm, let's break this down. First, PS3 is successful, famous for being unhackable, then an exploit appears (again).

Fail on not reading other articles. Not many people were trying to crack the PS3 because it had otheros once they removed that people tried, and it cracked within the same amount of time as the xbox360. It was never some super non hackable console people just didn't want to hack it because they got what they wanted out of it, using linux.

 Pages 1 2 NEXT

Reply to Thread

Your account does not have posting rights. If you feel this is in error, please contact an administrator. (ID# 72787)