201w ago - A few days ago GeoHot Hacked the PS3 and dumped the PlayStation 3 hypervisor lv0 and lv1, and has now updated his blog with a technical writeup here on how it was done written by Nate Lawson at rdist.root.org.
To quote from the article: "The PS3, like the Xbox360, depends on a hypervisor for security enforcement. Unlike the 360, the PS3 allows users to run ordinary Linux if they wish, but it still runs under management by the hypervisor. The hypervisor does not allow the Linux kernel to access various devices, such as the GPU. If a way was found to compromise the hypervisor, direct access to the hardware is possible, and other less privileged code could be monitored and controlled by the attacker.
Hacking the hypervisor is not the only step required to run pirated games. Each game has an encryption key stored in an area of the disc called ROM Mark. The drive firmware reads this key and supplies it to the hypervisor to use to decrypt the game during loading. The hypervisor would need to be subverted to reveal this...
202w ago - The PS3 is hacked, at least according to George Hotz on his latest blog entry (linked above)!!!
This news comes just under a month after he resumed PlayStation 3 hacking!
To quote: "Hello hypervisor, I'm geohot
I have full read/write access to the entire system memory, and HV level access to the processor.
In other words, I have hacked the PS3. The rest is just software. And reversing. I have a lot of reversing ahead of me.
Took 5 weeks, 3 in Boston, 2 here, very simple hardware cleverly applied, and some not so simple software.
Shout out to George Kharrat from iPhoneMod Brasil for giving me this PS3 a year and a half ago to hack. Sorry it took me so long
As far as the exploit goes, I'm not revealing it yet. The theory isn't really patchable, but they can make implementations much harder. Also, for obvious reasons I can't post dumps. I'm hoping to find the decryption keys and post them, but they may be embedded in hardware. Hopefully keys are setup like the iPhone's KBAG.
297w ago - We have a few PS3 development updates for the new week, including some PS3 KeyVault Project and PS3 Flash news.
To start, resident PS3 Dev subdub has been a bit busy, so he has yet to put the finishing touches on our PS3 KeyVault Server Application. In his absence, both ggparallel and mainman have picked up the slack, and are finishing up the server application. While they are finishing up the app, they are also optimizing the code so it is more versatile as it can auto-update clients, and it will also be able to handle more requests.
Below is a picture of the client application's Web interface that runs on any PS3, including retail consoles via OtherOS. It basically lets you configure the PS3's IP address, check the status of the program, the kernel, and transmitted packets.
Another resident PS3 Dev, who recently received a PS3 TEST unit, is currently awaiting some new hot air rework tools. His PS3 TEST (see HERE) then has an appointment with some solder and wire. We expect to have the flash dumped soon, barring any unforseen circumstances, and then we can analyze the differences in the IPL as well as the mystery detection bits.