Fun & Games
PS3 Root Key Found – is the Sony PS3 forever hacked?

Pt 10704

Awhile ago, Sony removed the Linux support for the PS3 and recently the “root key” was posted online and it seems like it’s hacked for good, there’s a great post on reddit by defyallodds…

When Sony creates a newer hardware revision with a different metldr key, they would have to issue 2 different firmware updates: one of the current hardware, and one for the new hardware. This is because if they update the metldr keys, all of the ldrs down the chain will need to be re-encrypted with the new key, and signed with the new key. (In theory, they could also publish a single unified update which decides which one to install at runtime.)

So assuming we have current hardware, with the currently known and leaked metldr key, and Sony publishes an update, we can:

  • Decrypt the update, and all levels of the firmware from lv0 downwards (we have the decryption key)
  • We can update any revocation list they provide, we can update any whitelist they provide, we can remove any signature checks they add.
  • We can re-encrypt the update (its symmetric, and we have the keys), and we can resign the update (we have the private ECDSA keys)
  • We can install our newly “hacked” update…

Lets say Sony tries to be smart and adds some self CRC/Hash calculation code to their new firmware:

  • We can decrypt the firmware
  • We can update the CRC calculation code to always return the correct expected value
  • We can encrypt, sign and install our hacked new firmware.
  • Sony can’t tell the difference between a hacked firmware and a real one.

Let’s say our user is dumb, has a current hardware PS3 and updated it to Sony’s new firmware with a whitelist for old apps and a revokelist for old firmware, and newer firmware updates are signed with new PKI keys:

  • We can flash the flashrom (using a hardware flasher) with our own firmware since we have the metldr keys.
  • Alternatively a “modchip” can be installed beside the flashrom to provide the firmware code.
  • The console has to accept it because metldr will decrypt it and verify the signature.

This is what khrak is referring to when he says that its broken in an unfixable way. There is absolutely nothing Sony can do short of updating metldr, or having some secret backup metldr with different keys to fix the issue on current hardware. Even with a backup metldr, geohot (who due to egotistic reasons has not revealed how he got the metldr keys) can probably recover the new metldr keys using whatever exploit he used again.

6 thoughts on “PS3 Root Key Found – is the Sony PS3 forever hacked?

  1. “geohot (who due to egotistic reasons has not revealed how he got the metldr keys)”

    As Geohot credits failOverflow first thing, one could make the logical leap (or small logical skip) that he used their method. To see their method described, watch the video below. failOverflow stated that they were not interested in these keys because they could create custom firmware without them, so they weren’t going to bother. Watch this video for details, especially the bit at 35 minutes in.

    http://www.youtube.com/watch?v=hcbaeKA2moE

    Also, the reason why the PSP is now getting hacked as well, is because Sony had embedded PSP keys on the PS3 (perhaps for minis?).

    The video linked above also has a good discussion of the inevitability of systems getting hacked so that people could run Linux, and how the presenters believe that removing OtherOS from the Slim (and then the Phats) caused the system to be so completely hacked, noting that one only had to hack 20% of the system to enable piracy, if that was your goal.

Comments are closed.

Tagged

current: @adafruit - previous: MAKE, popular science, hackaday, engadget, fallon, braincraft ... howtoons, 2600...

View more articles by Phillip Torrone