Playstation 3: Hackers Make PS3 Root Key Public

vardu

New Member
Joined
Nov 18, 2010
Messages
214
Points
0
Location
Chennai
This is for all the owners of the PS3 - who are using it to play Blu-Rays - now you can do one more thing.

So now you can probably convince the hardware that regions are for fools and "vasudhaiva kutumbakam" :D and play any zones.

This was revealed couple hours ago in the 27C3 - Chaos Communication Congress 2010 by failOverFlow team.

BTW : THIS IS NOT ILLEGAL ( not if it is for your own use).

The root key has been published and a trial run of "hello world" executed to show the proof.

What does this mean : The root key is akin to a signature that is needed by the PS3 to take any action - when it sees the signature , it proceeds to treat the action as that initiated by Sony.

BTW the C3 is a very interesting hacker's convention that has been going on for the past couple of decades or so in Germany. Every year there is always something mind blowing , simply because the problem was approached in a different way than the norm.
 
That is great news mate. Any more info about how to make the PS3 region-free and also what if a future firmware upgrade changes the root key?

Fyi, the "root" account is the superuser account any *nix platform/operating system like Unix, linux etc. PS3 runs linux.
This means that if the user has the root key or password, they can do anything including destroy the PS3 if they know how (usually by writing shell scripts) . So, has the how part been cracked yet?
 
That is great news mate. Any more info about how to make the PS3 region-free and also what if a future firmware upgrade changes the root key?

Fyi, the "root" account is the superuser account any *nix platform/operating system like Unix, linux etc. PS3 runs linux.
This means that if the user has the root key or password, they can do anything including destroy the PS3 if they know how (usually by writing shell scripts) . So, has the how part been cracked yet?

This is not the "root" account /password type of hack. This is the release of the private key for matching up signatures. If you are familiar with cryptography , there are two keys - public and private. What has been accessed now is Sony's private key which allows them to encode and send to others as well decode what is sent to them.

Pretty much every console /game till date is using this as the key. The portion of the code that decodes this is in the metldr (in the ROM) - it can't be changed unless every single existing PS3 console is sent back to Sony and reloaded with the new ROM and then every existing game is changed and updated with the new keys.

New consoles have to have the same key because they have to be backwards compatible with existing hundreds of thousands of PS3 games otherwise there would be legal ramifications from the Sony vendors, leave alone consumers.

In other words - Sony is screwed :).

Manufacturers should spend more time in improving devices rather than spending resources in building security measures and excessive DRM to prevent folks from doing what they want with their boxes (that they own). The average player is content with his console and will not mod it into an all-glorious-linux-box.
 
There is still one option left for Movie Studios.

They can disable PS3's keys for newer Blu Ray releases. In that case, new Blu Ray disks wont play on it.
 
could someone please post a link. I am interested in finding out what and how they broke this. AFAIK, PKI infrastructure was supposed to be unbreakable (atleast so far, till much faster computers arrive on the scene). Did they catch the key in transit (or trapped from memory) or they actually hacked it using brute force or whatever else?
 
There is still one option left for Movie Studios.

They can disable PS3's keys for newer Blu Ray releases. In that case, new Blu Ray disks wont play on it.

They can't do that without SERIOUS REPERCUSSIONS. Let me see if I can detail it.

PS3 requires a valid SONY Signature to carry out any request. This validation is done by the root key check in its ROM.

If Sony changes it in the new hardware - there would be incompatibility with all the existing games/accessories that have been sold.

They would HAVE to change it in all the existing hardware as well - which can be done only if they physically do it - this is a real huge financial hit.

If they don't do so then they can be screwed by a huge Class-Action Lawsuit that would make tons of lawyers' families happy for generations.

If they did do it the existing game companies would have to provide new copies to all the existing customers since the old ones wouldn't work. Who is going to foot that cost? Another huge class-action on the part of vendors :lol:

This is the key - go to the link keys open doors as mentioned in the previous post for getting the test cases.

Code:
erk: C0 CE FE 84 C2 27 F7 5B D0 7A 7E B8 46 50 9F 93 B2 38 E7 70 DA CB 9F F4 A3 88 F8 12 48 2B E2 1B
riv: 47 EE 74 54 E4 77 4C C9 B8 96 0C 7B 59 F4 C1 4D
pub: C2 D4 AA F3 19 35 50 19 AF 99 D4 4E 2B 58 CA 29 25 2C 89 12 3D 11 D6 21 8F 40 B1 38 CA B2 9B 71 01 F3 AE B7 2A 97 50 19
  R: 80 6E 07 8F A1 52 97 90 CE 1A AE 02 BA DD 6F AA A6 AF 74 17
  n: E1 3A 7E BC 3A CC EB 1C B5 6C C8 60 FC AB DB 6A 04 8C 55 E1
  K: BA 90 55 91 68 61 B9 77 ED CB ED 92 00 50 92 F6 6C 7A 3D 8D
 Da: C5 B2 BF A1 A4 13 DD 16 F2 6D 31 C0 F2 ED 47 20 DC FB 06 70

~geohot

props to fail0verflow for the asymmetric half
no donate link, just use this info wisely
i do not condone piracy

if you want your next console to be secure, get in touch with me. any of you 3.
it'd be fun to be on the other side.

I mentioned this before as well - it would be better if these paranoid companies spent more time on making better products than trying to spend triple preventing a micro loss scenario.

The number of folks using homebrews on these various platforms would barely reach 1%.
 
Well, frankly, it would teach Sony a lesson - and that is to listen to it's consumers.

People have been asking for MKV compatibility (the new Sony Blu-ray players offer this ability), Better MPEG video compatibility, X-FAT/NTFS external drive reading capabilities and Lossless Audio amongst other things. Sony gave us 3D - something many of us don't give a fig about and will probably never ever use until and unless the price of such TV sets come down to realistic levels. :rolleyes:

Now homebrew would allow for such things straight from the GAME OS. All one's got to do is prepare the code and sign it using the keys Sony very graciously gave away. :lol: It can then be applied as an update.

While people are home bubbling and home brewing they could also get rid of both DVD and BD region coding for good - the legal and original Star Trek Region 5 DVD that I purchased won't work on the region 5/C PS3! :mad:

Bravo Sony! :clapping:
 
Last edited:
was not being sarcastic...just a question sprung to mind...so felt like asking...

Permissions on Linux cover three things you can do with files: read, write, and execute.There are also three levels: for the root user, for the individual user who is signed in, and for the rest of the world.

Typically, software that can impact the system as a whole requires root privileges to run.

When you receive a malware via email it is not given execute privileges. Cleverly renaming executable files as something else doesn't matter, because Linux and its applications don't depend on file extensions to identify the properties of a file, so they won't mistakenly execute malware as they interact with it.

If you succeed in transforming your PS3 box to run Linux - you control what you want to run.

If you choose to execute an app without considering the consequences - it is on you alone. You will however have the power to say no to any unwanted intruders :)
 
They can't do that without SERIOUS REPERCUSSIONS. Let me see if I can detail it.

PS3 requires a valid SONY Signature to carry out any request. This validation is done by the root key check in its ROM.

If Sony changes it in the new hardware - there would be incompatibility with all the existing games/accessories that have been sold.

They would HAVE to change it in all the existing hardware as well - which

Sony does NOT need to do anything here.

Blu Ray titles that wold be released in future "can" stop including PS3's Public Keys (Different from this root key) in discs. These discs would not play on PS3.

This is not the first time it would happen. Many Keys were not included on Avatar and Dark Knight and consumers had only two option:

  1. Upgrade firmwares on thei Blu Ray players
  2. OR Return the disc
 
Sony does NOT need to do anything here.

Blu Ray titles that wold be released in future "can" stop including PS3's Public Keys (Different from this root key) in discs. These discs would not play on PS3.

This is not the first time it would happen. Many Keys were not included on Avatar and Dark Knight and consumers had only two option:

  1. Upgrade firmwares on thei Blu Ray players
  2. OR Return the disc

Pretty much 70% of blu-rays are multi-region or region free and even all PS3 games are region free.

There are multiple region free BD players available in the market already and this is not of main concern to the movie industry who are already making money hand over fist with the BD prices.

This hack is not directed mainly at freeing BD regions it is more at being able to free the PS3 to do things that Sony wants to prevent including
- being able to play multiple games from a single BD
- being able to import non-sony-approved games
- make it an ultimate media server
 
all this is going to help Sony sell more units and not harm it. On the other hand, Sony will maintain an official position with studios and content providers and would discourage users from using non official content/ programs.

Timing is quite important, kinect released and is gaining lot of foothold.
 
The Marantz PM7000N offers big, spacious and insightful sound, class-leading clarity and a solid streaming platform in a award winning package.
Back
Top