Sony wakes up to new PlayStation security nightmare
Sony is waking up to a new PlayStation 3 security nightmare after a day in which a brand new, PSN-enabled custom firmware was released for hacked consoles, swiftly followed up by publication of the console's LV0 decryption keys - which some say blows the system wide open.
We've been here before of course. Over two years ago, the first piracy-enabling firmware and USB dongle combo - PSJailbreak was released, which exploited a weakness in the PS3's USB protocols, allowing for the system software to be patched in order to run copied software running from hard disk. This was followed up some time later by the release of tools from hacker group fail0verflow, which allowed users to encrypt files for the system in the same way that Sony does, allowing for a new wave of piracy. Geohot's public release of the "metldr" root key also added to the challenges facing Sony, resulting in a messy legal battle.
The firm's response - firmware 3.60 - plugged many of the holes, neatly working around the entire root key problem, and even with the release of the new custom firmware, any console running system software 3.60 or higher is effectively locked out. Only hacked consoles, or those still running 3.55 or lower can run the new code unless expensive, difficult-to-install hardware downgrade devices are utilised on older hardware.