James Delahunty
22 Jan 2010 20:26
I don't generally like to post articles on claims about console hacking. Over the past few years, the PS3 and Xbox 360 have been subject to numerous hoaxes. In the Xbox 360 case, there were several that turned out to be true (esp. of late), but so many others that didn't. For the PlayStation 3, there has been a lot of claims made and not a lot that has come from them (that's just good security, over three years now).
So I have been following a blog from George Hotz (geohot), who is responsible for several iPhone hacks, on PlayStation 3 (PS3) hacking, and just today I came across a blog entry dated as the 22nd January, 2010 with an immediately intriguing title: "Hello hypervisor, I'm geohot". So while I (and most of us) generally ignore things like this that are submitted to us by users, in this case I'm willing to make an exception, even just for the sake of discussion, and out of respect.
Hello hypervisor, I'm geohotSource: http://geohotps3.blogspot.com/2010/01/hello-hypervisor-im-geohot.html
I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3. The rest is just software. And reversing. I have a lot of reversing ahead of me, as I now have dumps of LV0 and LV1.
3 years, 2 months, 11 days...thats a pretty secure system
Took 5 weeks, 3 in Boston, 2 here, very simple hardware cleverly applied, and some not so simple software.
Shout out to George Kharrat from iPhoneMod Brasil for giving me this PS3 a year and a half ago to hack. Sorry it took me so long :)
As far as the exploit goes, I'm not revealing it yet. The theory isn't really patchable, but they can make implementations much harder. Also, for obvious reasons I can't post dumps. I'm hoping to find the decryption keys and post them, but they may be embedded in hardware. Hopefully keys are setup like the iPhone's KBAG.
A lot more to come...