Suggestions that Sony has added a rootkit with the latest firmware update to its PS3 console have been denounced as bunkum by a leading gaming security expert. Rumours began flying on the interwebs earlier this week that the official 3.56 firmware upgrade for Sony's consoles gave the consumer electronics giant the ability to …
"The more excitable elements of the gamer community as well as tech blogs and gaming sites cried foul over the move"
All over some random IRC chatter. Truely pathetic and shambolic reporting. Hang your heads in shame.
As I have tried to point out to the register before....
This is easy to avoid.
1) Don't buy consoles.
2) If you do buy them do not plug them into an Internet accessible network and they will not be able to talk to the mothership.
A games console you can't play online? No thanks i'll buy games....
In other news (as clearly with all the Xbox Live sponsorship recently, they are prevented from reporting it), PS3 has now claimed 2nd place in the number of active consoles. Xbox is now flat last, despite launching 18months earlier...
3. Don't buy anything branded Sony. Not a console, not a PC, not a television, not a CD, not a battery, nothing.
4. Let Sony know you are boycotting everything Sony, and why.
I will buy nothing with the Sony brand on it for the rest of my life.
If you aren't completely outraged by Sony, just imagine that you'd bought (say) a Ferrari. Imagine that three years after you bought it, when you took it in to be serviced, Ferrari "upgraded" it so it couldn't be driven outside the UK, nor on any road not authorized by Ferrari. Imagine that a smart guy told you how to get around this artificial restriction. Imagine Ferrari then retalliated by suing him, and anyone else who passed on this know-how.
Couldn't happen? Think they'd get sued into the ground? Think they'd never sell another car?
This is what Sony did to the people who used to run Linux on their Playstation (and they seem to have gotten away with it)
Getting all proprietary over MiniDISC was bad enough. The rootkit was the last straw. They haven't cleaned up thier act one iota since. Sony is off the Christmas list forever.
Apparently, Nissan has a speed limiter on the GT-R, that only deactivates if the GPS detects that it's at a Nissan approved raceway.
WTF I haven't heard a more stupid analogy in my life.
A car is nothing like a Games console, You do not buy a car and buy additions to run on that car from the manufacturer solely, however making illegal modification or alterations will vinvalidate warranties or get yourself in trouble with the law.
A games munfacturers business is selling games, therefore a platform is created (ie the console you buy) and they licence games for that platform. its a business model, one which you agreed to when you bought that platform, when people start tinkering with it so that the business model changes, making the platform holder change security and o/s capabilities to prevent piracy, I can quite rightly see why Sony are P**sed . stop making silly comparisons. anyone can do that for any circumstance , does not mean its the same thing
"This is what Sony did to the people who used to run Linux on their Playstation (and they seem to have gotten away with it)"
They havent quite yet. There facing a class action suit in California.
cant really see what the hoohar is about
neve had any issues with my PS3, the kids play on it without issues. Granted I dont care about homebrew, cracking, "backup games" etc.
Sony retrospectively took away what you'd purchased.
Sony sold a console that could play games AND run Linux. It was a great combination for anyone who enjoyed games AND programming somewhat exotic computer hardware.
Subsequently, they issued an upgrade, after which you could no longer run LInux. Anything you'd invested in Playstation Linux - money, time, enjoyment - was destroyed. If you chose not to install the upgrade, you' were locked out of the latest games instead.
In other words they retrospectively took away something that had been a major part of the deal when you first purchased. I think the car analogy is *exactly* right.
As for the speed limiter that automagically turns off at registered racetracks, that's really cool. Just as long as the speed limiter was known to be there at the time you bought the car (presumably required by law).
and why did they take out the Linux O/S ?? because as already state people were tinkering with it , leave it alone and enjoy it as it was .
Car analogy makes no sense. it has very little after sales purchases apart from fuel, services.
but Like I said if you mod your car outside of the manufactuer's original design it may be taken of the road. doesn't mean you cant enjoy it on your own on private (ie ps3 would be taken of the net you can enjoy it offline) thats the only relevant analogy
I don't think that word means what you think it does...
I didn't agree to anything, my console was gift. How will anyone uphold these terms & conditions? What if the console belongs to a 6 year old child? Will Sony and co sue them for breaching the T&C? Children cannot sign legal documents, and i certainly did not sign anything when I was gifted my PS3. You need to take a deep breath and contact reality.
PS. you can chip your car legally so long as you tell your insurance company. Don't let facts get in the way of your ranting.
A few things that need correction in the article
1: A way to run unsigned code wasn't found, a way to SIGN the code was found. That means home brew software can now be signed as if sony add approved it.
2: People aren't worried about sony running unsigned code on the PS3, they are worried sony will run ANY code on the PS3 that they don't agree with. Sony can sign it's own code anyway.
Paris, cause she doesn't have a dongle either
1 there is NO WAY to run code that isn't approved by sony on the latest firmware, because although its been opened up it hasn't been cracked. so people worrying about malicious signed pretending-to-be-sony code is just as pointless as worrying about malicious unsigned creeped-out-of-the-gutter code.
so it goes back to being an issue of not getting on PSN for modders who can't update. nobody is going to somehow magically send your PS3 some dodgy code and make it blow up, signed, unsigned or co-signed which is what most of the crying and shouting seems to be about.
2 see above. i'd imagine the majority of people who arent modding don't care what sony runs on their console. do they know what the console has been doing / running the last six months or a year that they've had their console for? of course they don't, they haven't got a clue other than it comes on when they press the power button.
but some guy says something on IRC and suddenly its an issue? makes perfect sense.
"Paris, cause she doesn't have a dongle either"
You owe me a new keyboard - and how do I dislodge the toast and marmalade that ended up in thew back of my nose?
Yeah, people should worry about...
Why would people worry more about running a firmware update from Sony that includes enhancements to it's security system that protects their transactions on PSN instead of a hacked firmware that has been modified by who knows who to do who knows what? You have zero recourse against Mr anonymous haxxor and his latest custom firware, but you definitely have recourse against Sony if they violate your consumer rights.
I'm beginning to think people are lemmings. They'll blindly trust some hacker so they can play video games, but won't trust an organizations who's own self interests prevent them from doing anything to harm consumers.
How to mass hack PS3s
First, use the known issue to generate your own code, signed by Sony.
Then, execute a DNS attack to change the domain that the PS3 looks for to point to your own server.
Finally, when the PS3 'phones home', it reaches your server. 'Update' it with your code. For bonus points, after you subvert the PS3, redirect the traffic to the correct server, or to a suitably functional pirate server.
On a smaller scale, if you could compromise, say, a university dorm router, or any other piece of network backbone that serves a large number of PS3s, you could subvert those units when they called home.
Paris, because she subverts units.
If the same company creates the hardware and the OS, how is additional functionality the same thing as a rootkit?
By the same logic if I put together a simple lame "anti-virus" software and then add a scareware wrapper on it it will be just an added functionality, right? 'cause I'm the original software's author, see?
Vlad, that's just not even close dude.
If I as an OS maker determine that my OS's security has been compromised, I will take action to plug that game and prevent further compromise. As the developer and owner of the OS that is not just my right, it's my responsibility. I have a duty of care to make sure that my system remains secure for the protection of my customers. Enhancing the security of an OS to prevent hacking, or detect hacking is by no stretch of the imagination adding a root kit.
Now, for anyone who cares to read, please read this. The CellBE is designed from the ground up to support something called the Secure Processing Vault (SPV). The SPV starts before *anything* else on the system runs. It runs independently of the hypervisor and any OS running on the system. This has been in the Ps3 since before day 1. The code in the SPV is specifically designed to watch the system to detect intrusion. The design of the cell CPU actually assumes that the OS and/or hypervisor would be compromised The concept of the SPV is not to prevent such hacking, but to expose it, to make it evident that the system is compromised.
The only thing that Sony has done with this firmware update, apart from rain on the parade of those wishing to continue stealing games, is beef up the system's ability to detect and expose tampering. this allows PSN to detect consoles that have been hacked. For Sony to live up to it's side of the implicit contract with PSN users, Sony has to do what it can to ensure that hacked consoles do not access PSN.
Really, all this hand wringing and wailing about a rootkit is little more than a temper tantrum. How many people throw a fit if a Cell phone company demands that cellphone handsets that attach to it's network meet it's minimum requirements, such as official firmware? You are attaching a device to a proprietary network, The network operator has every right to demand such compliance. On the PS3 if you seriously fear having your Ps3 made more secure in order to continue using PSN, then you have the option of not installing the latest firmware, and foregoing PSN. In life, there are consequences to actions. Deal with them.
Block Sony IP on your Firewalls
Just sniff what IP addresses your PS3 is 'phoning home' to then configure your firewall to block them and only them.
SONY are really peeing off a lot of people. I know from my gaming Son that there has been a lot of resentment simmering just below the surface ever since they blocked people from installing Linux.
Now it is coming to the surface.
Now where's the 'Black Pig'?
Bet your son
didn't tell you that Sony removed Linux because it was being used to hack the system...
Everything stems from GeoHots original hypervisor attacks from within OtherOS(Linux).,
Sony didn't remove OtherOS, the idiots that tried to use to to hack forced Sony into removing it. Tell your immature son to wake up and smell the coffee.
"didn't tell you that Sony removed Linux because it was being used to hack the system..."
It should not be Sony's business if someone tries to modify a piece of equipment, which Sony says it has *sold* to him (FYI "sold" implies a transfer of title. "Sold" is different from "lent" or "given").
"Sony didn't remove OtherOS, the idiots that tried to use to to hack forced Sony into removing it. Tell your immature son to wake up and smell the coffee."
Your logic is confused. What you're saying is equivalent to "he didn't beat up his wife, his stupid wife forced him to beat her up - tell her she should shut up and not ever complain about him being drunk/watching football/not taking shower/whatever".
I understand your fear that Daddy Sony will come and take your console away if he thinks someone is being naughty - but never fear, ultimately, he won't.
Software isn't equipment. It's a licensed product...
And the license includes terms that explicitly forbid the modification of it.
You own the hardware, not the software. If GeoHots had merely fried the motherboard on a dozen PS3s just to fritz the hypervisor, Sony would have done nothing, but since he demonstrated an ability to modify the hypervisor code in memory, Sony had little choice but to act.
This is not about hardware modifications, this is about software, and software is governed by the terms of it's license.
Sony recently earned the enmity of...
yet another sizeable chunk of its customer base, as well a significant number of potential customers who will now avoid Sony purchases in the foreseeable future.
There, fixed it for you.
I'm not clear what Boyd is saying. He first seems to be saying there's no rootkit at all and it's the same update code that's always been there, and then he says there's something in there that's a last ditch attempt at blocking hacks. I think at best this is semantics, it's not necessarily a rootkit, but it apparently something has been added that gives Sony the ability to do things to your PS3 if they decide it's running a custom firmware. What they plan to do with this utility could do with clarifying.
The general argument I've seen lately is that consoles are closed systems and you shouldn't be modding them in the first place. But frankly there will always be people who want to explore the possibilities of their hardware, and not necessarily for piracy (and at this point someone usually chips in that's it's mostly for piracy and implies that should void all other reasons).
Sony need to be careful here, if they screw up and zap some PS3s that weren't modded or weren't being used for piracy they could end up with a bit of a PR disaster, with irate mothers complaining that Sony broke little Johnnie's PS3 on TV.
Or worse, given Sony's security track record, a hastily written root kit might have some sort of flaw open to abuse that lets some malicious sod wipe every internet connected PS3 in the world. I think Sony would be wishing for the days when just their batteries exploded if that happened!
lost in translation
boyd has talked a lot about this on twitter, and i think semantics do play a part here, along with the heaped confusion of what people are talking about - not helped by the hysterical reporting which went from "is there a rootkit" to "console ships with rootkit" in the space of a few days. he seems to be saying the main thing that people are shouting about..."why should sony be able to do things to my console"....has always been in the T&Cs, but IF this is a new addition to the consoles functionality it shouldn't be compared to the 2005 rootkits whether related directly to those sections in the T&Cs or some other aspect of monitoring / changing the system.
all sony seem to be doing is trying to keep the PSN free of modding, which seems fair enough to me and a task made more difficult by all the system exploration going on.
seeing people shriek about "ps3 viruses" and botnets based on some IRC chatter that isn't even confirmed is laughable...and the person who first mentioned this in IRC has even said he was misinterpreted.
"I said on irc that I saw small hints of possible remote execution code in 3.56, not the code itself, people should stop miss-interpreting." "I am tired of seeing sentences I write on irc being somewhat modified and then newsed all over way out of proportion..."
Course, unless his IRC chat was heavily modified he said "3.56 pretty much has a built in psn rootkit" and i'm not sure how else anyone could take that - seems like he's now backpedalling.
"The general argument I've seen lately is that consoles are closed systems and you shouldn't be modding them in the first place."
This just doesn't fly.
If the shop tells me they *sell* the thing to me and I put it in my house it is not a closed system anymore. It is MY piece of hardware and I can do whatever I want with it.
If you want it to remain yours then lease it to me and ask me to sign a contract, nicely.
Sorry, I am not saying you as in Si 1 "you", but as a hypothetical manufacturer "you", who is trying to put that argument forward.
Think tamper evident, not tamper proof.
I think Sony is smart enough to realize that anything electronic can be hacked- sooner or later. So making it tamper proof is potentially an impossible dream. However, making the system tamper evident is far easier, and means that modders can mod away, but Sony can ban their console from PSN is the tampering is detected.
The changes here are not about running remote software to do some nefarious thing. The code n the SPV has always actively checked to detect system compromise. Sony has simply beefed that capability up and made it possible to initiate the SPV remotely in case it has been disabled (which can be done by a custom firmware by simply bouncing the SPE running the SPV code out of isolation mode). That allows the SPV to continue it's role and to respond to appropriately encoded instructions to check the system and return it's status to PSN. Making the console tamper evident, not tamper proof.
Message to Boyd:
Dude, there's a 50% chance that Basement Bob might be my friend while there's 0% chance Sony is anyone's friend (except maybe yours of course). You never rootkit your friends, OK ?
riiiight ... you can trust anything that comes from your friends, can't you?
So that explains all the Facebook exploits that get passed around.
You know where you stand with Basement Bob
"People will happily download homebrew from Basement Bob which could steal logins/credit card details, but code from the console maker is evil?"
At least with Basement Bob you know your probably getting a trojan.
Is it just me or...
Just because it's been in the T&C's for 5 years does not mean Sony have actually been doing all of those checks?
It may have been a "Belt & Braces" move by the Legal department at the time, to give them room to create a "back door" at a future point without having to publish a "Revised/Updated" T&C.
No, it's been there since day 1.
This capability has always been there, Sony simply beefed it up.
The crux of the matter...
...is in this paragraph:
"I'm still waiting for someone to explain how this 'PS3 rootkit' could be used to run unsigned malicious code on a non-jailbroken box,"
...methinks. Jailbroken units. Where is the tin foil hat icon?
H/W manufacturers need to get a clue.
If I buy a car, I am allowed to make whatever modifications I want to it.
Sometimes, these modifications mean that the government will no longer allow my car on the public road (ie, makes the car "illegal") but I can still use it on private roads/tracks. Sometimes, a modified car is used to commit a felony. This makes those who use the car to commit the felony a felon - *not* the people who did the modification.
In other words, I can do what I want to my car so long as I do not use it to commit a felony/crime. The fact that the car *can* be used to commit a felony is irrelevant. (how many people get killed in car-related accident? Doesn't that mean that anyone who buys a car is a murderer-waiting-to-happen?)
But if I buy a console/computer/tablet/phone...?
Re: H/W manufacturers need to get a clue.
you can do what you want with your console, the update is optional. You only need to apply the update if you wish to connection to PSN.
From your example, you will only need to worry about the modding you did to your car once you decide to take on the road. As long as you keep your car off the road, you can mod it as much as you want. The same apply to your console.
Nice analogy there. Just think of teh Intertubes as the public highway and you are on the money.
You can hack the shit out of your console within the privacy of your own network, just don't take it out on the "road".....
RE: H/W manufacturers need to get a clue.
"Sometimes, these modifications mean that the government will no longer allow my car on the public road (ie, makes the car "illegal") but I can still use it on private roads/tracks."
Following on from that analogy even tracks have regulations and if your car does not fit inside the regulations (psn T&C) then you are not allowed to compete/practice with cars that do fit the regulations (unjailbroken consoles)
Obvious it's always done it.
How else would it notify you an update was available? It's "phoned home" on startup, right? Or am I missing something here?
I think that the point was...
...that it only used to "phone home" for software updates when you logged in to the PSN.
Do T&C apply to me if I buy a second hand console? Purely for Linux of course :)
Known by whom?
"... into its terms and conditions since at least 2006... It's been known for a while..."
The T&Cs are never read by the masses, so it's not really known by the masses either.
...ignorance is no defence.
Did you post a story about this yesterday?
I'm sure that there was a report about this yesterday here at ElReg. I'm pretty sure I posted comments that almost exactly matched the comments of this leading security dood. I'm by no means an expert on this kind of thing, but a small amount of RESEARCH would have lead your 'journalists' to the same information.
sony has to protect the integrity of their hardware. Anyone remember the dreamcast by sega
? The same thing will happen if Sony allows hacking to continue yeah people may say "its my device we should be able to do what we like with it" if Sony allowed hackers to root the console and play copied/backed up games developers will stop making games for the console (as the amount of copied games would outweigh the legitimate ones plus cheating in games would be rife) As mentioned before if you want to maintain a rooted console don't connect it to the internet.
Talk about missing the point. Claiming its all OK because sony buried the 'right' to do this in a ream of T&Cs that nobody reads or accepts is a view only a lawyer could love.
Is he OK will sony sawing off his left leg because they buried the right to "remove external customer entities" in section 14, subsection 23-1, paragraph 7, point c ?
Anything that's tried to be imposed post purchase is invalid, and that includes the totality of the sony b*llsh*t. The only T&Cs that are in place are MINE, imposed by ME, when I paid MY money. The sooner the lawyers are forced to accept this, at gunpoint if necessary, the better the world will be.
sony need to accept that the PS3 is a device owned by the person paying the money, that they can do what they want with it, and attempts to impose locks on that right are subject to punishment of those concerned - with two bricks if necessary.
Missed the point
Dont think you got the gist here, the hardware is yours, do with it what you will, however using it on sony's network outside the T&C , ie hacking or piracy etc is the whole point, if you want to mod YOUR equipment then do so just expect it to be taken of the network.or road as analogy seems to be in this forum.
- Product round-up Ten excellent FREE PC apps to brighten your Windows
- Hi-torque tank engines: EXTREME car hacking with The Register
- Review What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight
- Product round-up Trousers down for six of the best affordable Androids
- Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...