George Francis Hotz (in arte geohot) è riuscito a violare le protezioni della Play Station 3.
Secondo Hotz, l'exploit garantisce pieno accesso alla memoria e al processore, sia in lettura che in scrittura, permettendo quindi di gestire completamente le risorse interne della console. Il software sarebbe stato testato solo su firmware 2.4.2, ma l'hacker statunitense afferma che, verosimilmente, funzionerà anche con le versioni più recenti.
Hotz - spiega lui stesso - ha sfruttato una falla nel sistema della Sony che permette di installare su PlayStation 3 una distro Linux, attraverso la quale è riuscito a violare il codice chiave del processore, il cosiddetto HyperVision, teoricamente accessibile ai soli ingegneri Sony e IBM.
Riporto intero il post apparso sul blog di Hotz il 22 Gennaio 2010:
Hello HyperVision, Im geohot
I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3. The rest is just software. And reversing. I have a lot of reversing ahead of me, as I now have dumps of LV0 and LV1. I've also dumped the NAND without removing it or a modchip.
3 years, 2 months, 11 days...thats a pretty secure system
Took 5 weeks, 3 in Boston, 2 here, very simple hardware cleverly applied, and some not so simple software.
Shout out to George Kharrat from iPhoneMod Brasil for giving me this PS3 a year and a half ago to hack. Sorry it took me so long :)
As far as the exploit goes, I'm not revealing it yet. The theory isn't really patchable, but they can make implementations much harder. Also, for obvious reasons I can't post dumps. I'm hoping to find the decryption keys and post them, but they may be embedded in hardware. Hopefully keys are setup like the iPhone's KBAG.
Riporto intero il post apparso sul blog di Hotz il 22 Gennaio 2010:
Hello HyperVision, Im geohot
I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3. The rest is just software. And reversing. I have a lot of reversing ahead of me, as I now have dumps of LV0 and LV1. I've also dumped the NAND without removing it or a modchip.
3 years, 2 months, 11 days...thats a pretty secure system
Took 5 weeks, 3 in Boston, 2 here, very simple hardware cleverly applied, and some not so simple software.
Shout out to George Kharrat from iPhoneMod Brasil for giving me this PS3 a year and a half ago to hack. Sorry it took me so long :)
As far as the exploit goes, I'm not revealing it yet. The theory isn't really patchable, but they can make implementations much harder. Also, for obvious reasons I can't post dumps. I'm hoping to find the decryption keys and post them, but they may be embedded in hardware. Hopefully keys are setup like the iPhone's KBAG.
- Commenti
Powered by !JoomlaComment 4.0alpha3
