Essentially what it does is modify the PS3's hypervisor adding two calls for reading/writing to all of the system memory.
To quote: "In the interest of openness, I've decided to release the exploit. Hopefully, this will ignite the PS3 scene, and you will organize and figure out how to use this to do practical things, like the iPhone when jailbreaks were first released. I have a life to get back to and can't keep working on this all day and night.
Please document your findings on the psDevWiki. They have been a great resource so far, and with the power this exploit gives, opens tons of new stuff to document. I'd like to see the missing HV calls filled in, nice memory maps, the boot chain better documented, and progress on a 3D GPU driver. And of course, the search for a software exploit.
This is the coveted PS3 exploit, gives full memory access and therefore ring 0 access from OtherOS. Enjoy your hypervisor...
202w ago - Just before the weekend iPhone 2G hacker GeoHotannounced that he has hacked the PS3 entertainment system, and today IncGamers.com (linked above) has confirmed from their Rep that Sony is launching an investigation into it.
This comes as no surprise, considering a public PlayStation 3 hack would cost Sony Corporation and developers millions in lost revenue due to piracy as a result of reverse-engineering their intellectual property.
GeoHot has also told the BBC that, "I can now do whatever I want with the system. It's like I've got an awesome new power - I'm just not sure how to wield it."
To quote: "We contacted Sony and a spokesperson confirmed that the company is looking into the issue.
"We are investigating the report and will clarify the situation once we have more information," said the statement."
Time will tell if Sony gets tough or goes in the direction as Apple did, simply sending out DMCA notices and not attempting to hold George Hotz personally accountable for his actions.
Unfortunately, unless Sony makes an example of Hotz it may encourage other hackers to continue defeating...
203w ago - Just before the weekend dr_frankenfusion of PS3T-Fusion.com (linked above) shared both a video and GameSave file for a FUEL PS3 Trophies hack which allows you to obtain all but four PlayStation 3 Trophies to save countless hours driving around a deserted map.
To quote: If you're like me and don't want to spend 80 hours at a crap game but don't want that game to go to waste then how does a quick and easy platinum sound... You will get all but four trophies for just loading up the game.
For this to work you need to follow these steps exactly, don't rush ahead:
1- Plug your usb memory stick into ps3 first with no current ps3 saves on the memory stick.
2- Go to saved data utility on a psn account with a previous saved file of the game your getting a save for.
3- Copy your current save to the memory stick then delete the save of the ps3 only after saving it to the memory stick and unplug it from the ps3 and put it into pc/laptop.
4- Ok drag and drop your folder file called ps3 from your memory stick onto your pc so you have a backup of your original save.
5- Ok now download the rar file and save it to your desktop. Now go...
205w ago - Today MysticHades has posted a video on YouTube of a MotorStorm PS3 hack that has once again surfaced (it originally hit Elotrolado.net and PS3News.com this past November), demonstrating an exploit used to run PS3 backups.
206w ago - This weekend GeoHot, the hacker responsible for several Apple iPhone hacks, has returned to Sony PS3 hacking after his initial announcement a few months back and has opened a PS3 hacks blog (linked above).
"I just pulled everything from the USB bus... http://pastie.org/757313 the Cell processor SPI bus, PS3 is going down :-)"
These are the latest posts on his new PS3 hacks blog:
The Cell processor has an SPI port which is used to configure the chip on startup. Well documented here. It also allows hypervisor level MMIO registers to be accessed. In the PS3, the south bridge sets up the cell, and the traces connecting them are on the bottom layer of the board. Cut them and stick an FPGA between.
Quick theoretical attack. Set an SPU's user memory region to overlap with the current HTAB. Change the HTAB to allow read/write to the hypervisor! If that works it's full compromise...