PlayStation 3 homebrew
Some enthusiasts participate in homebrew for the PlayStation 3 video game console. Homebrew software was first run on the PS3 by a group of hackers under the name "Team Ice" by exploiting a vulnerability in the game Resistance: Fall of Man. Following various other hacks executed from Linux, Sony removed the ability to install another operating system in the 3.21 firmware update. This event caused backlash among the hacker communities, and eventually the group Fail0verflow found a flaw in the generation of encryption keys which they leveraged to restore the ability to install Linux. George Hotz (Geohot), often misattributed as the genesis of homebrew on the PS3, later created the first homebrew signed using the private "metldr" encryption key which he leaked onto the internet. The action of leaking the key led to Hotz being sued by Sony. The court case was settled out of court, with the result of George Hotz not being able to further reverse engineer the PS3.
Private key compromised
At the 2010 Chaos Communication Congress (CCC) in Berlin, a group calling itself fail0verflow announced it had succeeded in bypassing a number of the PlayStation 3's security measures, allowing unsigned code to run without a dongle. They also announced that it was possible to recover the Elliptic Curve DSA (ECDSA) private key used by Sony to sign software, due to a failure of Sony's ECDSA implementation to generate a different random number for each signature. However, fail0verflow chose not to publish this key because it was not necessary to run homebrew software on the device. The release of this key would allow anyone to sign their code and therefore be able to run it on any PlayStation 3 console. This would also mean that no countermeasures could be taken by Sony without rendering old software useless, as there would be no distinction between official and homebrew software. On January 3, 2011, geohot published the aforementioned private key, represented in hexadecimal as 46 DC EA D3 17 FE 45 D8 09 23 EB 97 E4 95 64 10 D4 CD B2 C2, as well as a Hello world program for the PS3. On January 12, 2011, Sony Computer Entertainment America filed lawsuits against both fail0verflow and geohot for violations of the DMCA and CFAA. The suit against geohot was settled at the end of March, 2011, with geohot agreeing to a permanent injunction.
Custom firmware (CFW)
To allow for homebrew using the newly discovered encryption keys, several modified versions of system update 3.55 have been released by Geohot and others. The most common feature is the addition of an "App Loader" that allows for the installation of homebrew apps as signed DLC-like packages. Although Backup Managers could run at that time, they could not load games at first even though some success had been made by making backups look like DLC games and then signing them. An LV2 patch was later released to allow Backup Managers to load game backups and was later integrated into the Managers themselves so that it doesn't have to be run whenever the PS3 is restarted.
PS3 System Software update 3.56 tried to patch Miha's exploit for 3.55, however, within a day the system was circumvented again. This caused Sony to release another update shortly after, 3.60, which was secure against circumvention.
However, users may choose not to update and games requiring a firmware version above 3.55 can be patched to run on v3.55 or lower. Soon after v3.60 was released, updates to the PlayStation Network were conducted to block any methods known that allowed PSN access on firmware older than the latest required official firmware (v4.87 as of December 2020[update]), thereby blocking users who chose not to update.
A custom firmware known as "Rebug", released on March 31, 2011, gave retail PS3s most of the options and functionality of debug/developer PS3 units. One week later, tutorials became available allowing users to download PSN content for free, using fake (rather than stolen) credit card numbers. One April 12 report described hackers using the jailbroken firmware to access the dev-PSN to get back on games like Call of Duty, with widespread reports of cheating. While some sources blamed Rebug for the subsequent intrusion to Sony's private developer network, Time's "Techland" described such theories as "highly—as in looking down at the clouds from the tip-top of Mount Everest highly—speculative".
- AttackOfTheShow (2011-01-14), Hacking and Jailbreaking with George Hotz, retrieved 2018-01-14
- "Sony and PlayStation 3 jailbreaker George Hotz settle out of court". Engadget. Retrieved 2018-01-14.
- Thorsen, Tor (2011-04-13). "Sony/Hotz settlement details surface". GameSpot. Retrieved 2018-01-14.
- S, Ben (March 1, 2011). "46 DC EA D3 17 FE 45 D8 09 23 EB 97 E4 95 64 10 D4 CD B2 C2". Yale Law & Technology. Yale University. Archived from the original on March 10, 2011. Retrieved September 24, 2015.
A 'PS3 Flag', an homage to its predecessor, the 'Free Speech Flag'
- Bendel, Mike (2010-12-29). "Hackers Describe PS3 Security As Epic Fail, Gain Unrestricted Access". Exophase.com. Retrieved 2011-01-05.
- Fildes, Jonathan (2011-01-06). "iPhone hacker publishes secret Sony PlayStation 3 key". BBC. Retrieved 2011-03-20.
- Rosen, Brad (March 1, 2011). "46 DC EA D3 17 FE 45 D8 09 23 EB 97 E4 95 64 10 D4 CD B2 C2". yalelawtech.org. Retrieved 6 February 2017.
- "Hacker Claims To Have The PS3's Front Door Keys". Kotaku. 2011-01-03. Retrieved 2011-01-05.
- "Geohot: Here is your PS3 Root Key! – Now with "HELLO WORLD" proof!". (psx-scene administrator). Archived from the original on 2011-01-06. Retrieved 2013-08-21. (original GeoHot posting to psx-scene with key and hello world program)
- "Sony to Geohot: See you in court". Eurogamer. January 12, 2011. Retrieved January 12, 2011.
- "Motion for TRO". Scribd.com. 2011-01-12. Retrieved 2011-03-20.
- Sony and George Hotz Settle PS3 Hacking Lawsuit
- Settlement in George Hotz Case – PlayStation Blog
- "Sony patches PS3 to 3.56, hackers immediately open system back up - Geek.com". Geek.com. 2011-01-28. Archived from the original on 2018-01-15. Retrieved 2018-01-14.
- "PS3 firmware 3.56 hacked in less than a day, Sony's lawyers look confused (update)". Engadget. Retrieved 2018-01-14.
- "Hacker who released first custom firmware says PS3 is secure with 3.60 - Geek.com". Geek.com. 2011-03-15. Archived from the original on 2018-01-15. Retrieved 2018-01-14.
- The site rebug.me is credited in an April 26 Eurogamer.es report.
- "PlayStation Network taken down to halt piracy?". computerandvideogames.com. 2011-04-25. and linked articles
- "PlayStation 3 Hackers Using Developer Network to Access PSN". attackofthefanboy.com. 2011-04-12.
- Peckham, Matt (2011-04-26). "Did Custom 'Rebug' Firmware Kill Sony's PlayStation Network?". techland.time.com.
- "PS3 Custom Firmware 4.82 Download Installer 2017 Released For Homebrew, Details Here | Redmond Pie". Redmond Pie. 2017-11-30. Retrieved 2018-01-14.
- ""Christmas in November" release: PS3 Custom Firmware installer for Firmware 4.82 - Wololo.net". Wololo.net. 2017-11-24. Retrieved 2018-01-14.
- "PlayStation 3: bguerville releases PlayStation 3 Toolset – A PS3 Exploitation Framework leveraging a brand new exploit!". Wololo.net. 2020-03-29. Retrieved 2021-05-01.