Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Open Source PS3 Jailbreak Released

CmdrTaco posted about 4 years ago | from the out-of-the-bag dept.

Open Source 226

tlhIngan writes "Despite all the lawsuits and injunctions by Sony to keep the PS3 Jailbreak out of modder's hands, it appears that a third party has made a clone. The best part is, it only requires a cheap (approximately $40) development board by Atmel, and the requisite software is open-source. Get the Atmel code from GitHub and apply a small patch which will enable backup play (the code by itself only lets you run unsigned code, the patch allows for BD backups). The code is GPLv3. It would be highly ironic if someone ported this to Linux USB Gadgets, then you could use a Linux device to jailbreak your PS3, to which Sony removed Linux functionality. An Android phone would be suitable."

cancel ×

226 comments

Sorry! There are no comments related to the filter you selected.

Hehehe (4, Funny)

Jorl17 (1716772) | about 4 years ago | (#33452104)

"It would be highly ironic if someone ported this to Linux USB Gadgets, then you could use a Linux device to jailbreak your PS3"

Nice way to ask an entire community of nerds to do that for you!
Now, let's get working!

Re:Hehehe (1)

dch24 (904899) | about 4 years ago | (#33452196)

That's a great idea.

The required ATmega device is so cheap, I'd just buy one of those if I ever needed it.

How long until psnews.com and github.com receive DMCA takedowns?

Re:Hehehe (0, Flamebait)

mcgrew (92797) | about 4 years ago | (#33452230)

Not me. I'll NEVER buy computer gear from a company with a history of rooting their paying customers' computer gear. How stupid would I have to be to do that?

I can't understand why any of you own a PS3 in the first place.

Re:Hehehe (2, Informative)

Serenissima (1210562) | about 4 years ago | (#33452326)

I can't understand why any of you own a PS3 in the first place.

Really? I mean.......really? You can't think of a single reason why anyone would want one?

Re:Hehehe (5, Funny)

nebaz (453974) | about 4 years ago | (#33452392)

Because it runs Linux?...oh wait.

Re:Hehehe (2, Funny)

jpapon (1877296) | about 4 years ago | (#33452396)

Really? I mean.......really? You can't think of a single reason why anyone would want one?

Seriously... I mean, it does EVERYTHING. Or so I've been told.

Re:Hehehe (2, Informative)

amolapacificapaloma (1000830) | about 4 years ago | (#33452476)

I can't understand why any of you own a PS3 in the first place.

Really? I mean.......really? You can't think of a single reason why anyone would want one?

Well, the single reason I can think of is hating Microsoft more than Sony. It's tough call though.

Who do you hate more, the guy that killed mommy or the guy that killed daddy? (Think of this as a lyrical exaggeration, of course)

Re:Hehehe (2, Interesting)

hardburn (141468) | about 4 years ago | (#33452772)

False dichotomy. Why can't I also hate Nintendo?

Re:Hehehe (2, Funny)

Yetihehe (971185) | about 4 years ago | (#33453048)

Nintendo is the uncle who smells funny.

Re:Hehehe (1)

Shadis (934448) | about 4 years ago | (#33453972)

Yeah but he is the RICH uncle that smells funny!

Re:Hehehe (0)

amolapacificapaloma (1000830) | about 4 years ago | (#33453382)

Well, I guess you can, but I've been told the games on the Wii aren't on par in the graphics are with the PS3 and the 360. I'm also guessing that there are a lot of people that own one of them plus a Wii. Nintendo is no saint at all, but I don't think it has reached the same Evil Overlord status as MS and Sony.

Re:Hehehe (1)

aztracker1 (702135) | about 4 years ago | (#33453396)

Honestly, I hate Sony a lot more... mainly because I have friends in IT who had to spend a lot of time removing the rootkit. MS, while making some really annoying calls, and more than a few questionable ones, hasn't really harmed me, or anyone I know nearly as much as Sony. People can still replace parts of windows, or install another OS on their PC... Sony controls the hardware side, they also control a lot of the content, I think it's more a conflict of interest than most of what MS does (though they're in a similar position on the consoles). My son has an XBox 360, and a PS/2... the PS/2 was before my personal boycott on Sony though. Sony has lost a lot more money from me on the hardware (TVs, AVRs etc) than they ever would have made on the media from me.

Re:Hehehe (1, Informative)

Anonymous Coward | about 4 years ago | (#33454010)

IBM made the PS/2, Sony makes the PS2.

Re:Hehehe (1, Insightful)

Anonymous Coward | about 4 years ago | (#33454328)

No one was affected by that silly rootkit, whereas billions of dollars and millions or hours are wasted each year fighting spam, virii, trojans, worms and malware. All because Microsoft refuse to fix their never ending stream of shitty insecure OSes and applications. It your "friend in IT" is real, he's spent 99% more time fighting this crap than someone that inserted a particular music CD into their PC.

Re:Hehehe (2, Interesting)

mcgrew (92797) | about 4 years ago | (#33454104)

Well, the single reason I can think of is hating Microsoft more than Sony.

Hmmm, I'm no MS fan for sure; I hate the way they design and write programs. But none of their evil has been directed towards me, whereas Sony rooted my PC and really fucked it up. My daughter bought a CD at the now-defunct record store she worked at, and trusting that a big company like Sony wouldn't deliberately put malware on their products, ran the programs.

ALL of my music recording/burning/ripping software was trashed; my P2P apps were trashed, my CD burner was rendered read-only. None of this software would uninstall or reinstall. Sony pwned me good.

And I am not a pirate! Fercrissake, she fucking BOUGHT the CD from a music store. This is Evil with a capital E. Maybe two or three Es. Those bastards should have gone to fucking prison; if I did that to their computers you can bet your mom's ass I'd be in prison.

When I reinstalled Windows (running '98 back then) I discovered that I'd lost my CDs holding my audio and video drivers. The audio driver wasn't available over the internet (that I could find viewing at the 640x480 not having a video driver limited me to) forced me to "upgrade" to XP (and I never saw much functional difference between XP and 98 except they moved everything around), costing me a hundred bucks, and I had to buy a USB sound box. And spend all afternoon installing XP and all my apps, some of which wouldn't run in XP.

As much as I dislike Microsoft, as evil as they may be they've NEVER gone to those depths of evilness, at me anyway.

These days, I do hardly any gaming so as soon as I can get Linux installed on my netbook I'll pretty much be MS-free. If MS came up with an app I felt I really wanted or needed, I'd buy it in a heartbeat, but no way could I ever trust Sony again. Shit, I trust Evil-X more than I do Sony, and that's saying a lot! If Sony sold cookies I'd suspect they'd tainted them with rat poison just in case I was a pirate.

And, for a game box, there's always Nintendo if you hate both MS and Sony.

Re:Hehehe (0)

Anonymous Coward | about 4 years ago | (#33454466)

Well, Sony have shown several times that they don't care about their customers. And they don't seem very fond of following standards.

I don't think I will pay for a Sony product and I will think more than twice before I connect a Sony product to anything else in my home.

Re:Hehehe (2, Informative)

xtracto (837672) | about 4 years ago | (#33452400)

Because we like the games?
And the other alternative charge to play online?
And the other alternative has not the games we like?
And the other alternative is buying a computer? (which also may not have the games we like)

I own only a Wii but I have a PS3 in my wallet's sight :)

I have been thinking between buying an Xbox or a ps3... but after xbox live price increment, the PS3 has more and more points (free netplay, blueray, better graphics... and soon homebrew)

Re:Hehehe (2, Informative)

TheCRAIGGERS (909877) | about 4 years ago | (#33454096)

Just as long as you realize you're supporting a conglomerate that is actively trying to remove all your rights concerning copyright, among others.

To put it more bluntly, you're giving money to a lobbyist group so they can screw you with it.

Re:Hehehe (1)

MikeFM (12491) | about 4 years ago | (#33452898)

My Dell came with Windows on it. Doesn't that count as a root attack?

Re:Hehehe (2, Interesting)

erroneus (253617) | about 4 years ago | (#33453036)

I more or less agree with you on this, but the slashdot demographic is still quite diverse in many ways. We have Apple fanbois, Windows fanbois (AKA trolls) and others. We have people who practice what they preach and others who preach but fail to practice.

Personally, my boycott of Sony is for reasons of quality that goes back a very long way. The only Sony device I ever owned that was any good was my camcorder... I still have it but haven't used it in a very long time. All other things ended up failing just after the warranty expired. And they are just JUNK. My Clie's battery stopped working rendering it useless. I was given one Sony laptop and later bought one of more modern hardware components which then introduced me to the compatibility and performance hell that is "neomagic" or something like that... a really crappy video chip set that, if I recall, is related to the GMA500 video chipset that Intel will never and can never fully support under Linux. That was quite some time ago and I started hating Sony for that back then and since that time, nothing has shown me that they have done anything to improve their image ... quite the contrary, the rootkit incident was icing on the crap-cake. This "removed linux support" matter was just another "I told you so" thing as far as I am concerned.

I will never buy a Sony anything.

Everyone who sets aside their good senses so that they can play some games are doing themselves no service at all. I'm anti-microsoft, but I still have XBox360... actually, two and an original XBox... all that so I can play with my sons. I can't bring myself to own a Wii... it feels stupid. And if I want exercise, I'll ride my bicycle -- it's more fun.

Anyway, most people here are pretty weak when it comes to character and standing by their positions. I say this because of all the "types" of people I see here on Slashdot, I can't say that I have noticed many Sony fans or even Sony apologists. So either they choose not to speak up or there are a lot of people who prioritize games over good character or good sense. (This, by the way, partially describes addiction and other mental inconsistencies like religion... seriously, how can you have a rational and logical mind and still leap to answer life's questions with "god magic"?)

Re:Hehehe (1)

aztracker1 (702135) | about 4 years ago | (#33453524)

I'd call myself more of a .Net fanboi than a windows fan myself... I dabble in Linux and my laptop is a Macbook. I tend to use/buy whatever is best for an expressed purpose... I've avoided, as much as possible, all things Sony. Though there are a couple of TV shows that I watch that has their media division behind it :( ... I've voted with my wallet. I also tend to avoid buying anything with an olympic logo on it. I've actually avoided, so far, getting a Blu Ray player, though I may give in (I want HD content damn it), I won't be buying a Sony branded one at least.

Re:Hehehe (1)

mcgrew (92797) | about 4 years ago | (#33454244)

I can't say that I have noticed many Sony fans or even Sony apologists.

Um, look at the score on my original anti-Sony comment. There are at least two Sony fanbois here with mod points, as it's sitting at -1 flamebait. And it happens every time I mention Sony's evilness.

Re:Hehehe (1, Interesting)

Anonymous Coward | about 4 years ago | (#33454252)

There really is no company that you can expect quality from across the board. I've never bought Sony products, but that's simply because I don't believe in buying brand name products at inflated prices, not because I have some personal vendetta. I have not heard of any reason to doubt the quality of Sony's PS3 and it is priced competitively (ignoring the Wii of course), so if I were in the market for that sort of thing the sheer fact that it was made by Sony wouldn't stop me from purchasing it. I question that it's a sign of character to choose not to support quality products simply because it's made by a brand who has burned you in the past. I have yet to see a brand that hasn't flopped, and flopped bad. So basically your just choosing to support another brand based on the sheer fact that you were lucky enough to not get burned by them. I've known a lot more people who have gotten burned by MS's gaming consoles than by Sony's. I've had numerous students come up to me asking for advice about their overheating, and eventually broken, Xbox's. If your example of "character" just sets you up to be bent over by a second company, your eventually going to run out of options. I believe it would be a much better show of character to actually research your options and choose the best one regardless of company.

Re:Hehehe (1)

ArhcAngel (247594) | about 4 years ago | (#33453266)

I think you forgot to use your sarcasm (~S) flag there. At least looking at the replies and your being modded Flamebait and all.

Re:Hehehe (1, Flamebait)

mcgrew (92797) | about 4 years ago | (#33454582)

No sarcasm, I'm serious. Looks like Sony fanbois (or employees) have mod points today. No matter, it won't hurt my karma; every anti-Sony comment I post gets modded like that.

Re:Hehehe (-1, Redundant)

Anonymous Coward | about 4 years ago | (#33453134)

You can get the link for precompiled code here: http://www.ps3exploits.com/ [ps3exploits.com]

Coming soon! (2, Insightful)

Kenja (541830) | about 4 years ago | (#33452130)

The closed source patch that fixes the exploit used by the open source project.

Patch 3.43. bye bye USB. (3, Funny)

leuk_he (194174) | about 4 years ago | (#33452316)

HOT FROM SONY SITE:

Downloading and installing the PlayStation®3 system software update will update your PS3 system's operating system to include the latest security patches, settings, features and other items. We encourage you to check this page from time to time for system software updates and to always maintain your system to use the latest version of the system software.

An update to the PS3 system software will be was released on September 27, 2010. You can use this update to upgrade your system software to version 3.43.
English EspañolFrançais

Notices

        * Do not download or install updates using data other than official update data provided online or on disc media by Sony Computer Entertainment, and do not download or install updates by methods other than those described in the system documentation or on this website. If you download or install update data from another source, by another method, or with a PS3 system that has been altered or modified in any way, the PS3 system may not operate properly and may not be able to install the official update data. Any of these actions may void the PS3 system warranty and affect your ability to obtain warranty services and repair services from Sony Computer Entertainment.
        * This update is for PS3 systems purchased in North America. DO NOT update your PS3 system through this website if you purchased your system outside North America. There is no guarantee of proper operation with models sold outside North America.
        * The system software and system software updates installed on your system are subject to a limited license from Sony Computer Entertainment Inc. Visit http://www.scei.co.jp/ps3-eula [scei.co.jp] for details.
        * If your PS3 system software version is 3.43 (or later), you do not need to perform this update. To check the version of your system software, go to > (Settings) > (System Settings) > [System Information]. The information is shown in the [System Software] field.
        * The [Install Other OS] and [Default System] features have been deleted in system software versions 3.21 and later. You will not be able to use [Install Other OS] or [Default System] under (Settings) > (System Settings). See the Consumer Alerts page for more details.
        * To play some software or use some features, you may first need to update the system software.
        * Depending on your PS3 system software version, the screen images and icons that are used on this website may differ from those that appear on your system.
        * This version will disable USB ports due to security issues. If you have to USB peripherals you will have to to replace them with wireless versions. See the Consumer Alerts page for more details.

Re:Patch 3.43. bye bye USB. (1)

MachDelta (704883) | about 4 years ago | (#33452490)

[citation needed]

I call shenanigans.

Re:Patch 3.43. bye bye USB. (0, Troll)

hedwards (940851) | about 4 years ago | (#33452504)

Then I'll be notifying them that I want my money back. And complaining to the local AG that their engaging in questionable business practices by damaging hardware that they've already sold me on the basis of having features that they're now removing. Given enough complaints to enough AGs, you better believe that somebody's going to put the smack down on their illegal trade practices.

Re:Patch 3.43. bye bye USB. (3, Funny)

smussman (1160103) | about 4 years ago | (#33452726)

An update to the PS3 system software will be was released on September 27 , 2010

*brain explodes*

Re:Patch 3.43. bye bye USB. (1)

canajin56 (660655) | about 4 years ago | (#33453030)

There's nothing wrong with the Past-Perfect-In-Future tense ;) (Except perhaps that I just made the term up and there might not be such a thing?)

Re:Patch 3.43. bye bye USB. (1)

scuzzlebutt (517123) | about 4 years ago | (#33453220)

I guess "will be was" is the future perfect tense of "to be".

Re:Patch 3.43. bye bye USB. (1)

IndustrialComplex (975015) | about 4 years ago | (#33453880)

By the Once and Future King!

Re:Patch 3.43. bye bye USB. (1)

Theoboley (1226542) | about 4 years ago | (#33452828)

Sony's Wireless controllers have to be charged somehow, also, disabling USB would render Games that use peripherals such as Rockband/Guitar Hero Utterly Useless. This post is complete FUD.

Re:Patch 3.43. bye bye USB. (1)

leuk_he (194174) | about 4 years ago | (#33453114)

Just read the sony website [playstation.com] . Don't trust a post on a forum. They did disable other-os security is everything on a ps3.

Re:Patch 3.43. bye bye USB. (1)

Theoboley (1226542) | about 4 years ago | (#33454352)

Provide an ACTUAL link to the "official announcement" and I'll retract my statement. Until the, I call Bullshit.

Sony wouldn't take away USB due to the simple fact of Move coming out in a short while. What does the Eyetoy use to connect? USB. that is all.

Re:Patch 3.43. bye bye USB. (1)

MikeDaSpike (1196169) | about 4 years ago | (#33453528)

FUD are emotions. A post can't be a emotion.
I think you mean BS.

Re:Patch 3.43. bye bye USB. (0)

Anonymous Coward | about 4 years ago | (#33453024)

way to troll dude:

http://us.playstation.com/support/systemupdates/ps3/index.htm

Re:Patch 3.43. bye bye USB. (1)

Hodr (219920) | about 4 years ago | (#33453108)

Wow, not even a good attempt. No other place in the verbiage do thay make reference to "this version" rather than specific version numbers. You left out a word, had a rudundant "to", and you fail at basic IT (unless you expect Sony to produce "wireless" thumbdrives, etc. and share the radio used for the controllers to communicate with them).

Re:Patch 3.43. bye bye USB. (-1, Troll)

Anonymous Coward | about 4 years ago | (#33453686)

And you fail humor, so STFU, fanboy.

simple solution (1)

shentino (1139071) | about 4 years ago | (#33452218)

All Sony has to do is sign their firmware, and make it so that the hardware won't accept anything other than Sony approved updates.

Do they do that already?

Oh, and another solution: Mark updates with an expiration date such that the unit will refuse to run if its firmware is too stale.

Re:simple solution (1, Informative)

Anonymous Coward | about 4 years ago | (#33452282)

Not only is it too late to have that happen on PS3s, but they do used signed firmware, look into how the exploit (and firmware singing, and even the intial hypervisor jailbreak that lead to Other OS being removed) before you start discussing what Sony should do.

Do you think it would have taken this long if all someone had to do was just modify the firmware and reupload it?

Re:simple solution (0)

Anonymous Coward | about 4 years ago | (#33452332)

Try reading how the exploit works, it gets control of the machine long before the OS gets going. Sony may have to issue revised hardware to prevent this particular attack. But will they bother? Clearly they are going to sell several million PS3 units on the back of this exploit.

Re:simple solution (1)

fattmatt (1042156) | about 4 years ago | (#33452584)

But will they bother? Clearly they are going to sell several million PS3 units on the back of this exploit.

They may bother if they still lose money on console sales ... they may be breaking even by now. If so this hack destroys their true revenue stream.

Re:simple solution (1)

Ironhandx (1762146) | about 4 years ago | (#33452362)

Please, please don't give them ideas.

This is like the Net Neutrality folks yelling for net neutrality and the big wigs at the telecoms going "Shit, we can do that? Why aren't we doing that? We need to do that!"

Sony has enough bad ideas already.

Also that other solution would probably have a bug included that bricked the PS3 if there was a power outage or something knowing Sony.

Re:simple solution (4, Insightful)

LingNoi (1066278) | about 4 years ago | (#33452612)

Actually all Sony really has to do is give people a way to run home brew on their own systems without letting pirates in and none of this would have ever happened.

Since they screwed that up now the cats out the bag. People aren't going to stop hacking it until they can run their homebrew and linux again.

Re:simple solution (1)

mzs (595629) | about 4 years ago | (#33453224)

This is exactly the truth. I am upset with every place linking to the patch to allow 'backups' when I just want OtherOS and homebrew back.

Re:simple solution (3, Insightful)

Animaether (411575) | about 4 years ago | (#33453682)

I never quite understood that "If only they'd allowed homebrew, none of this* would have happened!" reasoning.

After all, you can certainly run homebrew on a PC, but this* still happens.

In addition, you -could- run homebrew on the PS3. You didn't get access to the BD, you didn't get full access to the graphics bits and pieces, but you could run homebrew. Apparently that wasn't enough for some, somebody decided to poke at the hypervisor to gain access to these resources, and once they started succeeding a bit, OtherOS was nixed on the older models as well, citing 'security concerns'.

*"this"?

Get the Atmel code from GitHub [which] by itself [...] lets you run unsigned code

Seems like homebrew and linux were possible right there and then...

and apply a small patch which will enable backup play

Right. Backups. I guess that's really what "this" is.

Sounds rather threatening. Open your platform to homebrew, without restriction, or else we'll open it for you - and make it stupid-simple for this* to happen as a(n un)fortunate 'side-effect'.

That out of the way.. I'm looking forward to an actual thriving homebrew scene for the PS3, with lots of indie developers making the games for PS3 they always wanted to but never had the funds to become a licensed developer, and didn't have the access they needed to develop their envisioned games.

Re:simple solution (0)

ogdenk (712300) | about 4 years ago | (#33454652)

In addition, you -could- run homebrew on the PS3. You didn't get access to the BD, you didn't get full access to the graphics bits and pieces, but you could run homebrew. Apparently that wasn't enough for some,

So basically you couldn't get access to any of the bits that make writing anything but a folding@home client on the platform remotely appealing interesting. The bits that actually make it a PS3 instead of a fairly quick PPC with some extra DSP units and a dumb framebuffer. No.... that wasn't enough. And then they stole that. An old PowerMac G5 would be infinitely more useful and interesting than that PS3 sandboxed Linux environment.

Sony telling me what I can and can't do with hardware I legitimately purchased and then being ballsy enough to remove functionality without adequate notification or consent is shady at best and they deserve whatever comes to them as a result. Fuck Sony, I hope they burn and people pirate on the PS3 until it's so unattractive to developers that it tanks.

Re:simple solution (1)

RyuuzakiTetsuya (195424) | about 4 years ago | (#33454224)

You mean to say that if Sony let people run arbitrary code pirates wouldn't want to try to exploit the system to play ISO dumps?

Do you understand how ridiculous that is?

Do you still believe in Santa Claus?

Do you want this 20 acres of swampland in Arizona I've got?

Re:simple solution (0)

LingNoi (1066278) | about 4 years ago | (#33454470)

Don't be a moron. In the years the PS3 has been out it's only after they disabled other os that people started hacking the console.

Re:simple solution (3, Interesting)

hardburn (141468) | about 4 years ago | (#33453034)

Oh, and another solution: Mark updates with an expiration date such that the unit will refuse to run if its firmware is too stale.

If they ever do that, I will have to kill somebody. Besides the obvious reason, I have a driving wheel that won't work unless the system date is set before 12-22-08. The bug has been there for well over a year and there's no sign its getting fixed.

Consider that the one and only reason I bought a PS3 over a 360 is to play GT5. See how well that decision worked for me?

Re:simple solution (0)

Anonymous Coward | about 4 years ago | (#33453874)

If they ever do that, I will have to kill somebody. Besides the obvious reason, I have a driving wheel that won't work unless the system date is set before 12-22-08. The bug has been there for well over a year and there's no sign its getting fixed.

Have you tried contacting Fanatec about that? I'm pretty sure there's either a firmware upgrade or a reasonably priced upgrade that can be dne to take care of that.

porting to linux (0)

Anonymous Coward | about 4 years ago | (#33452236)

um like this?
http://kakaroto.homelinux.net/2010/09/update-on-psjailbreak-linux-kernel-for-n900-devices/

Blocking (1)

Rik Sweeney (471717) | about 4 years ago | (#33452266)

From the looks of things, the entire jailbreak is reliant on the PS3 being cold booted and the user having to press eject as the PS3 powers on to make it read the code from the USB key. If Sony can block this through a firmware update then that's the end of the jailbreak isn't it?

Obviously the user simply doesn't update their PS3...

Just how does this exploit work? (1)

Terminaldogma (765487) | about 4 years ago | (#33452294)

I've been at work every time I've seen an article come up about the jailbreak, so I haven't had time to go digging for details (including the links off this article; I don't want to push my work's internet filter). Does anyone have an explanation as to how this jailbreak actually works? Every article I've seen doesn't go into the details other than saying it's a magic USB dongle you plug in. Can Sony even patch this hole?

Re:Just how does this exploit work? (2, Informative)

Anonymous Coward | about 4 years ago | (#33452438)

The USB dongle is a microcontroller that emulates a 6-port USB hub. It works by attaching a sequence of fake USB devices with large configuration descriptors, one of which contains the exploit payload. The sequence of USB connections and disconnections results in a heap overflow that eventually results in the exploit code being executed with root privileges. Sony can indeed patch the hole and surely will in the next firmware update. I believe that the open-source version disables automatic firmware updates, but I might be wrong.

This exploit is beautiful (5, Informative)

DeadCatX2 (950953) | about 4 years ago | (#33452662)

http://www.ps3news.com/PS3-Dev/ps-jailbreak-ps3-exploit-reverse-engineering-is-detailed/ [ps3news.com]

It emulates a six-port hub and connects/disconnects devices with corrupted descriptors (that have their size changed on-the-fly!) in a particular order to smash the Heap so you can use a corrupted malloc boundary tag to overwrite the call to free() so that after the failed Jig authentication tries to release the memory allocated for the cryptographic response it will launch the shell code that was dropped into memory using a USB descriptor.

It brings a tear to my eye. Truly, one of the most beautiful things I ever had the privilege of understanding.

Re:This exploit is beautiful (1)

Chad Birch (1222564) | about 4 years ago | (#33453186)

I always wonder how someone even ends up attempting an exploit through something like this. How did they figure out in the first place that it might be a possible approach? It just seems so obscure compared to a lot of other exploit methods for other systems/programs (not that I know much about the topic).

Re:This exploit is beautiful (3, Interesting)

DeadCatX2 (950953) | about 4 years ago | (#33453590)

I have blue screened my development workstation before because I had a bad descriptor that the Windows Audio driver tried to parse and it brought down the kernel. So I knew this sort of thing would be possible. I think attacking the USB host controller driver is going to become a much more common method of infection in the next few years.

But to get that far...you need dedication. You need to love the hardware. When you see it, it's like the matrix...behind the 1s and 0s and circuit board traces, there is a setting, characters, and a plot.

From there, that's how you can see the attack on the heap. That's actually the most complicated part, in my opinion. You are trying to fool the kernel into handing you a certain portion of memory. It's like social engineering...and that's what makes it hard. The kernel is interrogating you, and you have to give the right answers. Not only the right answers, but the answers must be corrupted in just the right way.

Everything from this point can be built on the work of someone before you. Pretty much all exploits eventually launch shellcode somewhere. They all need some way to launch the shellcode, and hooking a system call (in this case, free()) is a favored way to go about that. Then you need some way to do the hook, which in this case was the smashing the Heap.

So you sit there and think...how do I drop shellcode in? What function do I hook? How do I hook it? Dots appear...and then you connect them, and you annotate the connections, and you go back and you start from scratch again because you see a better way, and then finally...it all comes together.

Re:This exploit is beautiful (2, Interesting)

Myoukochou (1817718) | about 4 years ago | (#33454386)

You'd be amazed what a bounty for getting OtherOS working again gets you.

Re:This exploit is beautiful (2, Insightful)

saboola (655522) | about 4 years ago | (#33454504)

I heard they used magnets.

Re:This exploit is beautiful (2, Funny)

I'm not god any more (613402) | about 4 years ago | (#33453640)

I see the future:

1. Sony release a new PS3 super slim that won't have any USB ports.
2. Sony release a statement that they have no intention to remove USB support on the older PS3 models.
3. Shortly thereafter, update 3.XX with have a nice EULA mentioning that to protect us they'll be disabling the USB ports on the older PS3s.

Re:This exploit is beautiful (1)

elrous0 (869638) | about 4 years ago | (#33454474)

My cat's name is Mittens.

Re:This exploit is beautiful (1, Interesting)

Anonymous Coward | about 4 years ago | (#33454574)

It brings a tear to my eye too, but not for the same reason. Sure, I'm glad the thing is jail-broken, but for fuck's sake... a buffer overflow? These kinds of bugs were completely solved in principle in the 90s*, so every time I see one of these I die a little inside. It also means that the exploit relies on a bug in the platform, which is philosophically inelegant, since that means that it cannot really be used as a data point to corroborate the "if it exists it will be hacked" attitude; additionally it means that the next firmware update this won't work any longer.
* VB (to name just one example) only used counted strings and checked arrays.

So the logical next step is... (1)

wandazulu (265281) | about 4 years ago | (#33452328)

...to sue everybody who buys an Atmel development board. Wasn't it some satellite that went down the list of people who had bought mag card writers and threatened to sue them, regardless of what the mag card writer was being used for?

After the knee-jerk reaction of removing Linux support from the PS3 (which I actually used), I can really imagine Sony contemplating such stupidity.

F them, I'm going to play Nethack; still better than most of the games available on the PS3 anyway.

Re:So the logical next step is... (1)

hedwards (940851) | about 4 years ago | (#33452448)

I doubt that they'll reconsider. They were stupid enough to think that there wouldn't be a backlash when they removed hardware from later releases of the PS3 without properly stating it on the packaging and then they removed features from previous versions which had them. Only an extremely arrogant and or delusional individual would think that there wouldn't be some sort of comeuppance coming at some point.

Atmel are used for meny other things and pinball g (1)

Joe The Dragon (967727) | about 4 years ago | (#33453076)

Atmel boards are used for meny other things and stern pinball use them in there pinball games.

If they are used in pinball game and many other ticket games as well other embed systems you can just do mass suing.

but steeling sat tv is not the same as running you (1)

Joe The Dragon (967727) | about 4 years ago | (#33453408)

but steeling sat tv is not the same as running your own code / Linux on a box that you own and it not like you can useing and they just get games for free by just hookinh the hacked box up like how it was with sat tv hack the card hook up the dish and get free HBO.

Re:but steeling sat tv is not the same as running (0)

Anonymous Coward | about 4 years ago | (#33453822)

Christ, would you please learn to spell & type?

Re:So the logical next step is... (1)

RyuuzakiTetsuya (195424) | about 4 years ago | (#33454176)

Or fix the USB bug that allows this exploit to work.

Which is more reasonable and cheaper?

Re:So the logical next step is... (0)

Anonymous Coward | about 4 years ago | (#33454620)

Or fix the USB bug that allows this exploit to work.

Which is more reasonable and cheaper?

Knowing Sony, they'll just deactivate the USB ports instead of fixing the actual problem...

"Sorry, it has been discovered that you can use a boot disc to run pirated games, so we have disabled the BD drive with this update... take that, you pirates!"

Sweet (1)

otis wildflower (4889) | about 4 years ago | (#33452370)

I had been holding off on the PS3 firmware update until the first jailbreak came out, presumably the USAF/DARPA can use this to 'unlock' any supercomputing PS3s they have?

Console are all about control (0)

Anonymous Coward | about 4 years ago | (#33452420)

Go ahead, be a corporate zombie and buy a console. Sell out your soul, fling away your freedom and slave away for Sony.

Why, oh why, don't people always prefer PCs and power over consoles and corruption?

Besides, everyone knows consoles are for kids. Grow up and buy a real computer.

Website pimpin'...offtopic mod time (0, Troll)

Pojut (1027544) | about 4 years ago | (#33453542)

Maybe because being a fanboy is short changing yourself as a gamer [livingwithanerd.com] .

Re:Console are all about control (1)

KovaaK (1347019) | about 4 years ago | (#33453592)

I have been a PC gamer for years, but that doesn't mean that some games and genres don't work better on consoles. When was the last time you played a good party game on the PC (Worms would be my most recent, and that feels like ages ago)? How about a 2d fighting game?

I just ordered a PS3 yesterday for the purpose of playing Blazblue with friends. Sure, there is an arcade version of the game that I can torrent and play on my PC, but the input feels like shit (even with a PS3 or XBOX360 controller) and it has no online play.

Of course, when it comes to first person shooters, nothing can beat a good duel in almost any of the Quake series on PC.

Re:Console are all about control (1)

RyuuzakiTetsuya (195424) | about 4 years ago | (#33454072)

Because PCs suck for gaming.

Inconsistent rigs, inconsistent play experiences, having to chase an upgrade path every 2 or 3 years versus 5 to 6 to play games(Seriously, you take 250 bucks and buy a computer that'll do Call of Duty Modern Warfare 2 at 1080p and act as a slick BluRay player.

Re:Console are all about control (0)

Anonymous Coward | about 4 years ago | (#33454332)

I'm so sick of ix86 all over that i'm trying to do some PowerPC for a change.

Now, tell me, what do you think a real computer is.

I assume new hardware will come out soon (1)

ub3r n3u7r4l1st (1388939) | about 4 years ago | (#33452432)

much like the PSP Slim TA088v3 motherboard which til current day still unhackable. Dark Alex has retired so.....

Re:I assume new hardware will come out soon (1)

canajin56 (660655) | about 4 years ago | (#33453142)

Doesn't need new hardware. It's a trivial fix. This works by exploiting a heap overflow bug in their USB drivers. All they have to do is fix the drivers and it's patched.

Re:I assume new hardware will come out soon (0)

Anonymous Coward | about 4 years ago | (#33453180)

much like the PSP Slim TA088v3 motherboard which til current day still unhackable. Dark Alex has retired so.....

or did people just stop caring about the psp, i know after the appeal of roms and homebrew i sold my fat psp cause i knew there were no games coming for it. and i kind of was right...

Lawsuit? (0)

Anonymous Coward | about 4 years ago | (#33452532)

Sony can and will close this overflow with a firmware update. The interesting bit comes when new games require the updated firmware to play the game. Do I update my firmware and lose otherOS or decline the update and lose my ability to play new games? I’m guessing this will be used against them in court...

Let's make this easier for everyone... (0)

Anonymous Coward | about 4 years ago | (#33452936)

Who can provide a URL link to the necessary Atmel USB part I need to buy? Bonus points if it's in Canada!

Re:Let's make this easier for everyone... (2, Informative)

Yvan256 (722131) | about 4 years ago | (#33454142)

If it's one of the usual Atmel parts, you can probably use Digi-Key.ca

Extremely fast shipping, no customs fees.

Still can't wait (0)

Anonymous Coward | about 4 years ago | (#33453100)

Really looking forward to getting my PS3 despite their malevolent rooting of equipment that comes with terms of use allowing them to update their software however they choose. Call me crazy, but I have three computers in my house and I don't give a wet slap about mangling sophisticated hardware to get it doing something it isn't really optimized for. Yessir, can't wait to get my box, install their evil, evil updates and play my legitimately purchased copy of Call of Duty on my GAMING COMPUTER on the #1 OS for gaming... PLAYSTATION THREE.

Jailbreak? (0)

Anonymous Coward | about 4 years ago | (#33453194)

Jailbreak is about unlocking a SIM card. This is called a homebrew loader.

Re:Jailbreak? (1)

bsdaemonaut (1482047) | about 4 years ago | (#33454426)

Actually jailbreak is about breaking free of the restrictions of any locked down system. The term "jail" is an old one that has been used in Unix-like operating systems for a long time. The iPhone, to my understanding uses a unix-like directory tree and limits your access to that tree by making a jail not terribly dissimilar to those in other unix-like operating systems.. therefore the usage of the term "jail" and "jailbreaking."

Can we make use of libUSB and use our PC? (0)

Anonymous Coward | about 4 years ago | (#33453322)

Hi,

I'm not really familiar with the USB bus. But if it's possible to build this state machine with libusb, it would be really sweet.

What about the PSP? (2, Interesting)

slapout (93640) | about 4 years ago | (#33453336)

It would be interesting if this thing was ported to the PSP and the PSP could be used to unlock the PS3

Sony (1)

JxcelDolghmQ (1827432) | about 4 years ago | (#33453414)

Can somebody explain to me why Sony even cares that these mods exist?

What's up with all of these companies acting like we don't own the hardware that we PURCHASE with our hard-earned money?

Re:Sony (1)

RyuuzakiTetsuya (195424) | about 4 years ago | (#33453992)

Piracy, online cheating, support hassles? These don't ring like a reason why a company would care?

Re:Sony (1)

JxcelDolghmQ (1827432) | about 4 years ago | (#33454584)

Still, if I own the damn device, and I want to hack it and put linux on it, that's my perogative as long as I am not pirating their games or cheating online with it.

As for support hassles, that's just tough shit.

sabotaged in 3... 2... 1... (0)

Anonymous Coward | about 4 years ago | (#33453964)

How long will it take Sony to force a firmware upgrade that breaks this? That is what you get when you buy a machine where the manufacturer can force upgrades on you in order to keep it functioning normally. True, you don't *have* to install the upgrade, but I guess you don't really want to play that new game (which will require it), do you?

I have no sympathy for the consumers here who just want control over their own hardware. You purchased a product from a company known to sneakily hide rootkits on users' PCs, and you deserve whatever you get as a result.

See also: http://en.wikipedia.org/wiki/Sony_rootkit

You fools! (2, Funny)

zmollusc (763634) | about 4 years ago | (#33454102)

You foolish fools! Defeating DRM will let the terrorists win! Already another oil platform has exploded due to evil hackers playing unsigned content on the PS3!

Re:You fools! (0)

Anonymous Coward | about 4 years ago | (#33454122)

It's either them or Sony. I'm okay with Sony losing to anything.

I saw this yesterday (0)

Anonymous Coward | about 4 years ago | (#33454334)

I saw this yesterday (its not often I beat /. to the punch, but this time I did ;). The code is available for download, and it can run on at least 3 or 4 different development boards. Usually they go for only a few bucks each. I think Hack-A-Day had them too, and maybe also 2600 (or not, I forget now). Its just kind of a burn-n-go kind of thing. I see people also modifying their projects to get their PS3 to do more. I know Sony wants to severely restrict what people can do with products they have bought, but its like telling someone: you can write words with this pencil, but we forbid you to draw pictures! But you say: its my pencil, I bought it, and what I do with it is my business (as I type this, I'm reminded of the constipated mathematician, who worked it out with a pencil).

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>