The infamous iphone hacker, GEORGE HOTZ(geohot), has done it again, and he is claiming that he has completely hacked the ps3. Correct me if I’m wrong, as far as I understand he has managed to decrypt all of the PS3 XMB info (except the keys) which can give homebrew developers the ability to make apps for ps3 as well as possibly running a custom firmware. Kudos to geohot for his achievement.
This is what he had to say on his blog post,
Today I verified my theories about running the isolated SPUs as crypto engines. I believe that defeats the last technical argument against the PS3 being hacked.
In OtherOS, all 7 SPUs are idle. You can command an SPU(which I’ll leave as an exercise to the reader) to load metldr, from that load the loader of your choice, and from that decrypt what you choose, everything from pkgs to selfs. Including those from future versions.
The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.
Ah, but you still didn’t get the Cell root key. And I/we never will. But it doesn’t matter. For example, we don’t have either the iPhone or PSP “root key”. But I don’t think anyone doubts the hackedness of those systems.
I wonder if any systems out there are actually secure?
