PS3: Hacked
Digital Foundry on the first true assault on PS3 security.
News over the weekend that iPhone hacker George Hotz has "hacked the PS3" has been met with shock, surprise and incredulity. Sony's console is undisputedly the most secure games machine ever made, yet Hotz claims to have achieved a full hack in just five weeks. PS3's security fail is generating incredible interest both inside and outside of the games industry, to the point where an interview he gave to the BBC became the most popular news story on the site last night.
However, despite the level of publicity, it remains unclear what the ramifications of the hack actually are: whether homebrew coding can actually be enabled, whether the deliberately hobbled implementation of Linux can be improved and - crucially - whether Hotz's work will open the door to piracy. It is interesting to note that despite the many claims, right now there has been no "hello world" homebrew code executed that typically demonstrates that the hacker actually has full control over the system.
What Hotz (hacker alias: Geohot) claims to have achieved is clearly important though. Posts on his blog put it blankly, revealing that he has "read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3".
In older systems, like the PSP, reverse-engineering code contained within that memory map was enough to find the decryption keys to game security and system software updates, and so the concepts of ISO loaders and custom firmware emerged.
"Basically, I used hardware to open a small hole and then used software to make the hole the size of the system to get full read/write access," Hotz told The Register. "Right now, although the system is broken, I have great power. I can make the system do whatever I want."
The HV in question is the so-called Hypervisor - low-level code that no-one outside of IBM and Sony should have access to. It controls access to the hardware and monitors the operating system running on it. It's also a key component of the security of both PlayStation 3 and Xbox 360. In theory, during run-time it can detect hacker attacks on the system - for example, the TIFF image exploits that have brought down some firmware revisions of the PSP. These typically worked by overrunning memory buffers, allowing hackers to implant code in memory where it really shouldn't be, where it would then be executed. The implementation of the Hypervisor makes such attacks almost certain to fail.
Hotz reckons that his control over the Hypervisor is so complete that when it attempts to run code designed to secure the system, he can simply stop the call from ever happening. More than that, he can create his own calls designed to access the system at the very lowest levels. He claims to have created two new calls so far, one to read from any point in system memory (Peek) and the other to write (Poke). As the code injection is happening at pretty much the lowest level, the only way Sony can effectively defeat it is to redesign the hardware - although firmware updates can seek to circumvent whatever brand of code he chooses to inject into the system.
Making matters difficult is the fact that Sony and IBM's security protocols were created to anticipate a worst-case scenario, and assumed that at some point someone like Geohot would gain access in this way. So even more layers of security were added to the design.
First up there's the matter of the all-important decryption keys. The PS3 has eight SPUs circling its PowerPC core. One of those is disabled (to improve yields in fabricating the expensive CELL chip - more "faulty" ones can be used if the defective element of the chip is disabled). Another SPU handles security, processing encrypted code, leaving six purely for game developer usage. While the hack gives access to the entire system memory, the all-important decryption keys are held entirely in the SPU and can't be read by Hotz's new Hypervisor calls.
The other security element is the so-called root key within the CELL itself. It's the master key to everything the PS3 processes at the very lowest level, and according to publicly available IBM documentation, it is never copied into main RAM, again making its retrieval challenging. While there is no evidence that Hotz has this, his BBC interview does make for alarming reading for Sony, particularly when he talks about publishing "details of the console's 'root key', a master code that once known would make it easier for others to decipher and hack other security features on the console".
Once the root key is available, it's essentially game over for the system's security for all-time, but it's here that some of the claims being made for the hack don't really add up. PSP has been compromised on many levels again and again, but its root key apparently remains unknown. The BBC report also quotes Hotz as saying that the hack opens up the PS3 to allow all models to run PS2 software: unless the original Graphics Synthesizer chip from the old console is in there, or a software emulator exists, this is almost certainly not the case. While elements of the story don't add up, it is clear that what Geohot has achieved is significant, leaving many commentators to wonder what happens next.