193w ago - As scheduled, today the PS3 Firmware 3.21 update is available for download and as Sony previously confirmed it disables the OtherOS functionality in an effort to make the PlayStation 3 entertainment system more secure.
More details to come as they are available, including a full PS3 Firmware version 3.21 changelog. At the moment, all that is available from the PlayStation Japan site according to TheSixthAxis.com is the following, to quote: "Firstly it appears the quality of of PlayStation format software from the Store has been improved, presumably referring to the PS1 functionality (FFIX?).
Secondly, it appears that the security of MP4 video playback has been boosted too, removing some vulnerabilities."
• The [Install Other OS] and [Default System] features have been deleted.
• The playback quality of some PlayStation¬® format software that is downloaded (as a purchase or for free) from PlayStation¬®Store has been improved.
• A security patch was added to address security vulnerabilities that may occur when playing MP4 format video files.
Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!
I've been looking everywhere for a way to setup my own PS3 firmware bypass site because I really don't trust the one that everyone has been saying to use. I'd rather be sure my passwords, etc. are safe. Thanks!
Yeah, I am looking at it from another angle, and did not intend to following up on your point. It seems that hardware attacks in general challenge the very fundamentals of current generation consoles, and provide the last ingrediant in the "vulnerability cocktail" needed for a practical exploit. Therefore I am interested in how Sony decides to fix the underlying issues.
It should be no surprise if 3.21 is just a "quick fix". I only can imagine the QA people pulling their hair when the security people want to update the hypervisor and other relevant components to prevent glitching attacks. That sounds like a pretty complex task with a high risk for stability issues, compared to simply stripping out or just disabling OtherOS. It will be interesting to find out...
i understand what your saying but i think you missed my point.. if there is no more OtherOS in 3.21.. then did they remove the functions of the HV function that pertain solely to otherOS? Or worse.. cant be hard to write a few lines of code to make the HV panic if say some particular linux bootloader code is found in memory stopping you from even booting into linux to exploit it.. I dunno.. many thoughts.. i'm just interested to see his method when/if it arrives.. i hope it is a cfw and not a workaround to getting to linux (custom bootloader.. etc)
Did they in 3.21 also update the way the HV deallocates memory? (Which is a key weakness exploited by the PoC exploit) And what would be the performance hit of doing that as suggested in the tutorials? (extra verification)