Chupale Pichon: Sony Ratifica Que Han Destrozado Sistema De Seguridad PS3.
Y que mas le quedaba mas que decir lo que ya todos saben:
Sony confirma que han logrado burlar ya su sistema de seguridad y que tienen la llave maestra con lo que pueden firmar cualquier software, pero lo que niega es la parte en que el grupo fail0verflow asegura que no se puede contrarrestar sin modificacion del hardware. Con esto sony dice estar trabajando en una solucion basada en software para impedir la ejecucion de software y acceso al hardware sino se trata de un programa validado por ellos.
Es claro que sony tiene quie decir algo para medio tranquilizar a sus licenciatarios -todas las casas que desarrollan juegos para PS3- pero dudo que tal solucion exista sin que afecte a los juegos que ya estan en el mercado con lo que cualquier juego original podria dejar de funcionar, lo cual no es bueno para sony por la cantidad de demandas y quejas que recibira de los dueños de la consola y que ven vuklnerados sus derechos.
Un gran tema polemico en la industria tecnologica al consumidor casero y que seguira siendo objetio de atencion por todo este año que recien comienza. Imaginen la mala imagen que se tiene de sony en la industria del sector de consolas y la encrusijada en la que se encuentra al perder credibilidad antes sus socios.
BBC News escribió:
iPhone hacker publishes secret Sony PlayStation 3 key
The PlayStation 3's security has been broken by hackers, potentially allowing anyone to run any software - including pirated games - on the console.
A collective of hackers recently showed off a method that could force the system to reveal secret keys used to load software on to the machine.
A US hacker, who gained notoriety for unlocking Apple's iPhone, has now used a similar method to extract the PS3's master key and publish it online.
Sony declined to comment on the hack.
"The complete console is compromised - there is no recovery from this," said pytey, a member of the fail0verflow group of hackers, who revealed the initial exploit at the Chaos Communication Congress in Berlin in December.
"This is as bad as it gets - someone is getting into serious trouble at Sony right now."
The group, which has previously hacked Nintendo's Wii and says it is vehemently against games piracy, said that it had developed the hack so that it could install other operating systems and community-written software - known as homebrew - on the powerful machine.
"The details we provided and information and techniques we disclosed would have been enough to install Linux," he said. "We have no interest in piracy."
Following the presentation, US hacker George Hotz, who has previously hacked parts of the console, used a similar technique to extract the master key. He has now published it on his blog.
Continue reading the main story
“Start Quote
This is supposed to be the most secret of secret of secrets - it's the Crown jewels”
End Quote pytey
This formerly secret number is used to "sign" all games and software that run on the system, to authenticate that it is genuine and approved by Sony.
However, once the key is known it can be used to sign any software - including unofficial software and games.
"I hate that it enables piracy," said Mr Hotz. "The publication of the key is more academic than anything else."
The number also works for Sony's handheld console the PlayStation Portable, said Mr Hotz.
Developers have already started releasing tools to develop new software for the PS3 using the hacks.
'Valid target'
The PS3 - once regarded as the most secure of the game's consoles, and the only one not to have been permanently cracked - has in the last 12 months come under increasingly scrutiny from hackers.
PlayStation hack (George Hotz) Mr Hotz's original hack is widely believed to have led to Sony disabling features on the console
In January 2010, Mr Hotz claimed to have cracked the console.
Following his initial announcement, Sony released an update disabling a function, called OtherOS, that allowed gamers to install a version of Linux on their machines, thought to have been exploited by Mr Hotz.
Many saw it as a pre-emptive strike to guard against games piracy.
Mr Hotz never released the exploit and publicly said that he had stopped work on the console.
But Sony's removal of OtherOS prompted other hackers to begin to look at the system more closely.
"It became a valid target," pytey told BBC News. "That was the motivation for us to hack it."
He said the team had spent "months" trying to find their way into the system.
"It was not trivial to do this," he said.
In the end, the flaw that allowed them to crack the system was a basic cryptographic error that allowed them to compute the private key, held by Sony, he said.
"Sony uses a private key, usually stored in a vault at the company's HQ, to mark firmware as valid and unmodified, and the PS3 only needs a public key to verify that the signature came from Sony.
"Applied correctly, it would take billions of years to derive the private key from the public key, or to make a signature without knowing the private key, even when you have all the computational power in the world at your disposal."
..
BBC News - iPhone hacker publishes secret Sony PlayStation 3 key
Nathan Brown escribió:
Manufacturer breaks cover and comments on recent security breaches; network updates planned.
Sony has at last broken silence on recent developments which have seen its PlayStation 3's security measures completely defeated.
The firm has remained resolutely tight-lipped since news broke that a hacking group named fail0verflow had gained full control over the system, after reverse engineering the code used to sign authorised software as genuine.
Shortly afterwards iPhone hacker George “GeoHot” Hotz published the console’s “root key” online, enabling homebrew developers to create and sign their own apps. Blu-Ray and PSP root keys have also since been found buried within the PS3 and released online.
“We are aware of this, and are currently looking into it,” Sony told us in a brief statement. “We will fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details.”
“The only way to fix this is to issue new hardware. Sony will have to accept this.”
Both fail0verflow and GeoHot are staunchly anti-piracy, and have not released any tools that directly enable the playing of copied games, but it is widely expected that piracy will soon be rife on what was, until very recently, considered to be the most secure console ever released.
Sony Responds To PS3 Hacks | Edge Magazine
