PS3 re-secured with Firmware 3.60?
Hacker says "epic fail" security holes now fixed.
A leading PlayStation 3 hacker says that today's firmware 3.60 update re-secures the system from hackers and by extension, should lock out piracy.
Youness Alaoui (hacker alias: KaKaRoToKS) knows what he's talking about. He developed PSFreedom - an open source Jailbreak alternative, and devised the PL3 payload for the USB dongles that attacked the PS3's security system on firmware 3.41 and lower.
According to his swift analysis of the new system update posted on his Twitter feed, Sony has come up with an ingenious method of side-stepping its existing security protocols:
"For now, it looks to me (at first glance) that the PS3 has been re-secured, but it doesn't mean it can't be broken again from scratch," he says, qualifying his findings by adding that he didn't spend more than a couple of minutes looking at the new update.
The PS3's existing security system is based on a "chain of trust" - different layers of the console are protected by individual levels of encryption, one opening up access to the next. This chain of trust was annihilated when Geohot revealed the "mtldr" key, the root decryption cipher that can unlock all of the others.
According to Alaoui's quick analysis, Sony simply doesn't use mtldr any more, opting for a new security system that could possibly require a completely new exploit to be uncovered - something hackers would be unlikely to take on bearing in mind the legal blitzkrieg Sony has unleashed in recent weeks.
"The epic fail was epic," Alaoui says. "It doesn't mean they can't come [up] with an epic save."