Hackers Release PlayStation 3 "LV0 Decryption Keys"

[Andy Chalk]

Hackers Release PlayStation 3 "LV0 Decryption Keys"

The PlayStation 3 has been cracked yet again, and this time may prove to be the last time.

Sony has had its hands full trying to keep the PlayStation 3 console "secure," but that battle may have finally come to a losing end. The release of PS3 firmware version 3.60 back in early 2011 brought security exploits to heel for awhile, but now it appears that the doors have been flung open again and this time, Sony may not be able to close them.

A new PlayStation Network-enabled custom firmware was released a few days ago, which is bad enough in its own right, but the real trouble comes from the follow-up release of the "LV0 decryption key," because that allows any changes Sony makes to the PSN security code to be decrypted "with little or no effort." Access to the LV0 key means that PS3 firmware packages can be decrypted on a PC, then re-encrypted with existing firmware 3.55 keys in order to run on hacked consoles.

The discovery of the LV0 key reportedly took place some time ago but was not revealed to the world at large until the information leaked to a Chinese hacking group called "BlueDiskCFW." That group intended to charge PS3 owners for custom firmware updates created with the key, leading the team that originally found it, "The Three Tuskateers," to release the key to the public to prevent anyone from profiting on it.

"You can be sure that if it wouldn't have been for this leak, this key would never have seen the light of day," the group said in a statement. "Only the fear of our work being used by others to make money out of it has forced us to release this now."

How damaging this latest security breach will actually prove to be is debatable, as it really only affects people who are already running custom firmwares and the PS3 is approaching the end of its lifespan anyway. Even so, it's apt proof that in the face of a truly determined adversary, no security measure is foolproof.

Source: Eurogamer [http://www.eurogamer.net/articles/digitalfoundry-ps3-the-final-hack]


Permalink

 

[Tanis]

Hasn't the 360 and Wii been 'easily to hack', for like...ever now?

Never really saw NEAR the level of stories on TE when that was happening...

Maybe it's cause the PSP got so screwed by CFW?

 

[Wado Rhyu]

more prove of the fact that sercurity updates wont work agianst pirates. better make your product worth buying instead of pirating.

 

[Quiotu]

Meh... this doesn't affect us normal gamers. It just let's those hacking the PS3 to hack it even more. Which... I don't see the appeal of, but whatever floats your boat.

Long as it doesn't keep me from playing Dishonored or steal my information again or shut down the PSN for weeks on end, I don't give a shit what the hackers do on the hardware end.

 

[TheMadJack]

In the medium run I'm wondering how Sony will try to handle this for the next generation of its console. From what I've heard the internals are not modular enough if broken into, meaning it can't be replaced, but I might be talking out of one of my hole...

Long story short, how Sony will handle this might make a difference in the decision to get a console on the next iteration for many people.

 

[evilneko]

News like this make me less worried about the Trusted Platform chips that pretty much every motherboard has now. If they're ever used for ill, they will be cracked.

 

[chadachada123]

Hasn't the 360 and Wii been 'easily to hack', for like...ever now?

Never really saw NEAR the level of stories on TE when that was happening...

Maybe it's cause the PSP got so screwed by CFW?

Short answer: No, to my knowledge.

The 360 is easy to hack and play pirated games, but it's really difficult to go online with it and not be instantly permabanned. And every new update includes new ways to find out if a system is modded or not.

This PS3 leak is, as far as I can tell, a whole new level, since it will make all subsequent attempts to find modded consoles nigh-impossible (theoretically).

If I'm reading it correctly, this decryption key will make it impossible for Sony to release any new encrypted coding to detect modded software, since the encrypted coding will be broken almost immediately and solutions found soon after.

 

[ResonanceSD]

more prove of the fact that sercurity updates wont work agianst pirates. better make your product worth buying instead of pirating.

That's such a cop out answer these days. The pirated version is free. What do you need to provide, as a new developer, to be able to beat that? People pirate INDIE games, for fucks sake, they aren't going to come over all moral because "WE NOW DECIDED THE PRODUCT WAS WORTH PAYING FOR ALL OF A SUDDEN BECAUSE REASONS, AND SUCH".

 

[Beautiful End]

Meh... this doesn't affect us normal gamers. It just let's those hacking the PS3 to hack it even more. Which... I don't see the appeal of, but whatever floats your boat.

Long as it doesn't keep me from playing Dishonored or steal my information again or shut down the PSN for weeks on end, I don't give a shit what the hackers do on the hardware end.

Bravo, good sir or ma'am. Exactly what I think every time I hear something to do with hacking, except for that time when the PSN was down for months.

I'm not saying these news aren't relevant. And I'm pretty sure someone's gonna try and counter this with "Weh weh security is important blah blah Sony dr00ls, Xbox rules!". But what's important to me is that I can still play my games as normally as yesterday. That's all.

Note: You may NOT start an argument about how the 360 can also be hacked and the Homebrew channel and whatnot. That's not the point. Seriously.

 

[Epona]

more prove of the fact that sercurity updates wont work agianst pirates. better make your product worth buying instead of pirating.

That's such a cop out answer these days. The pirated version is free. What do you need to provide, as a new developer, to be able to beat that? People pirate INDIE games, for fucks sake, they aren't going to come over all moral because "WE NOW DECIDED THE PRODUCT WAS WORTH PAYING FOR ALL OF A SUDDEN BECAUSE REASONS, AND SUCH".

This is way overused too.

 

[RJ 17]

( Edit because this was posted as I was typing:

I'm not saying these news aren't relevant. And I'm pretty sure someone's gonna try and counter this with "Weh weh security is important blah blah Sony dr00ls, Xbox rules!".

)

Further proof that PS3 sux and 360 rulez! WOOOOOOOOOOOOOOOOO!

Just kidding, just kidding. What this brings to me is the question of "Why?" The people that originally found it said that they had absolutely no intention of spreading it around or releasing it to the whole world, but then they found out that some Chinese company was wanting to make a profit off of it so they decided the best thing to do would be to go ahead and release it to the world so everyone would have it for free.

But why did they do it in the first place? Why were they tinkering around with the PS3's firmware to begin with if they themselves didn't want to spread it around? I guess it really raises the bigger question of "why do hackers hack?" I understand that there's some people out there wanting to send a message against companies they disagree with or otherwise just don't like, so they hack their systems as a way to attack them without getting found out. But I can't help but feel that a case like this are the hackers just saying "We did it just because we could." Well you can very easily take candy away from a baby, but that doesn't make you any less of a dick for doing it.

 

[Epona]

Further proof that PS3 sux and 360 rulez! WOOOOOOOOOOOOOOOOO!

Just kidding, just kidding. What this brings to me is the question of "Why?" The people that originally found it said that they had absolutely no intention of spreading it around or releasing it to the whole world, but then they found out that some Chinese company was wanting to make a profit off of it so they decided the best thing to do would be to go ahead and release it to the world so everyone would have it for free.

But why did they do it in the first place? Why were they tinkering around with the PS3's firmware to begin with if they themselves didn't want to spread it around? I guess it really raises the bigger question of "why do hackers hack?" I understand that there's some people out there wanting to send a message against companies they disagree with or otherwise just don't like, so they hack their systems as a way to attack them without getting found out. But I can't help but feel that a case like this are the hackers just saying "We did it just because we could." Well you can very easily take candy away from a baby, but that doesn't make you any less of a dick for doing it.

Hackers hack because they like the challenge, why do you play games?

 

[RJ 17]

Hackers hack because they like the challenge, why do you play games?

I understand the "they like the challenge" argument as it's always fun to take something that someone said can't be done and go ahead and do it anyways.

But on the other hand, the last time I checked, my playing Crono Trigger didn't ROYALLY fuck over some person or some company. My enjoying running through some puzzles in Portal didn't have major financial ramnifications for countless people I haven't even met. When I load up some Dead or Alive 5, I'm not committing a crime.

Which is why I still say "doing something just because you can doesn't make you any less of a dick." To say that hackers are hacking just because they love the challenge is essentially saying they like committing crime just for the fun of it.

Edit:

Hackers hack because they like the challenge, why do you play games?

while agree with your assertion
i will play devils advocate

some people horrible things are fun , like hacking a place and stealing credit card numbers, just because its challenging and fun doesn't make it right, or productive for that matter.

My point exactly.

 

[Epona]

Further proof that PS3 sux and 360 rulez! WOOOOOOOOOOOOOOOOO!

Just kidding, just kidding. What this brings to me is the question of "Why?" The people that originally found it said that they had absolutely no intention of spreading it around or releasing it to the whole world, but then they found out that some Chinese company was wanting to make a profit off of it so they decided the best thing to do would be to go ahead and release it to the world so everyone would have it for free.

But why did they do it in the first place? Why were they tinkering around with the PS3's firmware to begin with if they themselves didn't want to spread it around? I guess it really raises the bigger question of "why do hackers hack?" I understand that there's some people out there wanting to send a message against companies they disagree with or otherwise just don't like, so they hack their systems as a way to attack them without getting found out. But I can't help but feel that a case like this are the hackers just saying "We did it just because we could." Well you can very easily take candy away from a baby, but that doesn't make you any less of a dick for doing it.

Hackers hack because they like the challenge, why do you play games?

while agree with your assertion
i will play devils advocate

some people horrible things are fun , like hacking a place and stealing credit card numbers, just because its challenging and fun doesn't make it right, or productive for that matter.

Oh so now we are talking about morality? I say people should be able to tinker with their own property. Releasing it to the world is a sticky thing though.

 

[Epona]

Hackers hack because they like the challenge, why do you play games?

I understand the "they like the challenge" argument as it's always fun to take something that someone said can't be done and go ahead and do it anyways.

But on the other hand, the last time I checked, my playing Crono Trigger didn't ROYALLY fuck over some person or some company. My enjoying running through some puzzles in Portal didn't have major financial ramnifications for countless people I haven't even met. When I load up some Dead or Alive 5, I'm not committing a crime.

Which is why I still say "doing something just because you can doesn't make you any less of a dick." To say that hackers are hacking just because they love the challenge is essentially saying they like committing crime just for the fun of it.

Edit:

Hackers hack because they like the challenge, why do you play games?

while agree with your assertion
i will play devils advocate

some people horrible things are fun , like hacking a place and stealing credit card numbers, just because its challenging and fun doesn't make it right, or productive for that matter.

My point exactly.

Wow, you are getting worked up for nothing. You know is true, people hack because they enjoy the challenge. All that other bullshit you just wrote has nothing to do with what I said.

Oh, BTW, if it is a crime to tinker with your own property...it shouldn't be.

 

[RJ 17]

Wow, you are getting worked up for nothing. You know is true, people hack because they enjoy the challenge. All that other bullshit you just wrote has nothing to do with what I said.

Oh, BTW, if it is a crime to tinker with your own property...it shouldn't be.

Oh just to be clear, I'm not worked up. Indeed, I really don't care as it has no effect on me whatsoever. However, you did equate the challenge of hacking to the challenge of a game, and I was simply showing the point that one is a crime and the other one isn't.

Oh, BTW, if you agree to a TOS saying that you won't tinker with the item that you purchased and you do anyway, you're committing a crime, if not at the very least guilty of breach of contract.

Honestly, at this point I'm just "arguing" for the sake of argument. Because I like the challenge!

 

[BernardoOne]

Good news. Personally, I have my PS3 modded so I can use homebrew(media players, emulators, etc). But I couldnt play my newer, original games. Even though about updating.