(cache) On the PlayStation 3: Here's your silver platter

Tuesday, January 26, 2010

Here's your silver platter

In the interest of openness, I've decided to release the exploit. Hopefully, this will ignite the PS3 scene, and you will organize and figure out how to use this to do practical things, like the iPhone when jailbreaks were first released. I have a life to get back to and can't keep working on this all day and night.

Please document your findings on the psDevWiki. They have been a great resource so far, and with the power this exploit gives, opens tons of new stuff to document. I'd like to see the missing HV calls filled in, nice memory maps, the boot chain better documented, and progress on a 3D GPU driver. And of course, the search for a software exploit.

This is the coveted PS3 exploit, gives full memory space access and therefore ring 0 access from OtherOS. Enjoy your hypervisor dumps. This is known to work with version 2.4.2 only, but I imagine it works on all current versions. Maybe later I'll write up how it works

I've gotten confirmation the exploit works on 3.10. Also I've heard about compile issues on Fedora. I did this in Ubuntu. I would really like someone to write up a nice tutorial :)

This is a good article for what it means for the less technical. A good more technical writeup is here.

Good luck!

837 comments:

«Oldest ‹Older 1 – 200 of 837 Newer› Newest»

Antoine said...: first ;); January 26, 2010 6:25 PM
George Hotz said...: ITS A VIRUS!; January 26, 2010 6:28 PM
DPyro said...: Thanks for everything Geohot!; January 26, 2010 6:28 PM
gountar said...: Thanks for the release, hope the community will make good use of it. Too bad you have to get back to your life and keep up the awesome work you did so far lol

See you around; January 26, 2010 6:29 PM
Solfegieto said...: Good work; January 26, 2010 6:32 PM
ed said...: Thank you im just sorry you have to put up with so much crap.; January 26, 2010 6:32 PM
irfan khan said...: keep up the good work. You may be remembered in history books if this is successful.; January 26, 2010 6:33 PM
keith said...: Thanks, knew this was legit. Let the games begin!; January 26, 2010 6:33 PM
Lazzeri said...: Great work sir. You placed your name in history once again. :-); January 26, 2010 6:34 PM
Max said...: Good work.; January 26, 2010 6:36 PM
sushi said...: Thk you very much guy.
my phone and my PS3 joined me ton thank U.; January 26, 2010 6:37 PM
rafaelfpviana said...: And the revolution starts...congratz GeoHot; January 26, 2010 6:37 PM
Pablinho™ said...: George Hotz said...

ITS A VIRUS!
January 26, 2010 6:28 PM

what?; January 26, 2010 6:37 PM
Mohammad Sharifi said...: Thank you; January 26, 2010 6:38 PM
hedayat said...: "ITS A VIRUS!"
what ? !!!; January 26, 2010 6:39 PM
DaveMD said...: Thanks dude.; January 26, 2010 6:39 PM
steven said...: This is a good move for sony, game developers, public AND the future of encryption, everything must change and evolve in time. if not you somebody else eventually.

Thanks.

That is someone who has created an account and given himself the same name, its not virus.; January 26, 2010 6:39 PM
Spacefish said...: WOW! Thx! ps3 is hacked! you made history!; January 26, 2010 6:40 PM
Jan said...: Nice work, i hope there will be a software version for your expl0it. thx; January 26, 2010 6:41 PM
Newd said...: Right on right on right on. Time to play around with this when i get home.

PS3 News; January 26, 2010 6:41 PM
xzchgdgxh said...: I appreciate your work and your attitude.

I need advice of you or someone like you in order to train myself. I am an undergraduate electrical engineer student, I have full interest in reverse engineering. I want to practice on a device and gain vision. I know VHDL, digital circuit design principles, basic understanding of RAM/ROM/Registers. I had a project on FPGA. I know "C" but not at the level that can be used to control manage ram etc.. I have very good knowledge of JAVA which is useless for this subject, I guess. However, I can't start with something like PS3 of course, I can't even start with a simple cell phone. I want suggestions about which device to analyse and the techniques to learn.

I would thank you if you answer. Even if you don't answer, I would understand.

Have a good life.; January 26, 2010 6:42 PM
Sander said...: The whole "First!" thing is a virus.; January 26, 2010 6:42 PM
asdf said...: He's saying 'its a virus' bc some oddball posted the played out 'first' comment.

Thanks for everything you do Geo; January 26, 2010 6:43 PM
Keoshi said...: you are my hero; January 26, 2010 6:43 PM
SPYke said...: @Geohot
What do you think about diode idea in previous post's comments?

And thanks for release!; January 26, 2010 6:44 PM
Harry said...: @Jan:

Me too as the PS3 will never be fully hacked until something can run on the slimline.

I'm a bit gutted because my phat recently bit the dust and I went out and got a slimline.

Still, any progress is good progress.; January 26, 2010 6:47 PM
Syirrus said...: Right on and thank you; January 26, 2010 6:47 PM
JohnnyX said...: Thanx dude, you are an inspiration!; January 26, 2010 6:48 PM
xw0lf said...: geohot, read my comment from your previous post (January 26, 2010 6:44 PM, a level playing field)

what you think at all?; January 26, 2010 6:49 PM
aldin said...: sry but my englsih is bad..... so can i play pirat games now or we must wait ..sry for enhlish; January 26, 2010 6:50 PM
casale2a said...: How do you use this?!?!; January 26, 2010 6:51 PM
Kohr said...: You jackasses about piracy just don't friggin quit do you? You are all killing every game scene there is with your bullsh*t. Luckily this exploit is for the more advanced, and you morons won't be able to do crap with it.

George, good work. Don't abandon this though simply because of these moronic kids.; January 26, 2010 6:53 PM
トロワ said...: i was hoping it wasnt though otheros... i hope sony dosnt axe this feature in future firmwares. as i use it for linux on my ps3 T_T; January 26, 2010 6:53 PM
Thomas said...: time to boot linux up and give her a go.; January 26, 2010 6:54 PM
Gonçalo said...: dude stop with pirated games talk, fucking trols no pirated games, jesus this shit gets on everybody nerves!

THIS WILL NOT ALLOW YOU TO RUN PIRATED GAMES; January 26, 2010 6:55 PM
brodie said...: You people asking if you can pirate games now or how to use this are just pathetic.
If you don't even know what this is, you should ignore this for now.; January 26, 2010 6:55 PM
Kiriller said...: Thanks for the contribution.

Hope this gets us far in brewing process.; January 26, 2010 6:56 PM
Spacefish said...: sony won´t be able to fix this, it´s a problem that is hardware based, you can´t fix in in software.; January 26, 2010 6:56 PM
RescueTechLA said...: OMG 3rd world pirates are going ape shit! LOL; January 26, 2010 6:57 PM
jordan said...: what the hell how do you install this on your ps3 ?
im confused ?
plz help; January 26, 2010 6:57 PM
Göran said...: @aldin: no
@casale2: read "instructions.txt". If you still dont understand you shouldnt "use this".; January 26, 2010 6:58 PM
Spacefish said...: @jordan this is just for skilled people for now you can´t "install" it!; January 26, 2010 6:58 PM
Gonçalo said...: IF YOU DON'T KNOW HOW TO USE THIS EXPLOIT ISN'T FOR YOU!!! JUST WAIT!!!; January 26, 2010 6:59 PM
David said...: George...I've never posted before but I'd like to contribute to your hard work. Please set up a PayPal button to donate...I'm sure quite a few people would like to donate to the person that did what no one else could do in over 3 years.

It's always the seagulls that squock the loudest when it comes to freebies tossed to them and then squock some more when they've gobbled it all up and want more...but there are the silent ones that appreciate the contributions that you and many others have done. You've seen it in the iPhone scene and moreso here...good thing you haven't touched the PSP!

You've got a strong head...never let the fools get to you...they'll always be around and there's no hack to change that...

You've never been a 'for profit' hacker and while countless others have asked for donations while they promised the world and many times never delivered...you've set out to acomplish goals and only after you deliver the product have you offered a place to donate. Few posess that kind of integrity.

So please, set up a paypal button and let the people that appreciate your contributions show it with a monetary thank you and help you with purchasing hardware or supplying you with some liquid inspiration!

Cheers; January 26, 2010 6:59 PM
Modder said...: DONT UPDATE your console guys for the coming weeks/months...lolz; January 26, 2010 6:59 PM
Choochoo545 said...: @RescueTechLA hahahaha, didn't know they had internet on them boats in the middle of the indian ocean.; January 26, 2010 7:00 PM
admin said...: great work man! congrats! Good luck coping with the super n00bs :lol:; January 26, 2010 7:00 PM
Jonuhey said...: Now find a way to PATCH KINGDOM HEARTS : BIRTH BY SLEEP!!! :D The world is waiting for someone to do that. Maybe you are the Chosen one!! lol; January 26, 2010 7:01 PM
majikproductions said...: You are the man!; January 26, 2010 7:02 PM
トロワ said...: seriously. other os can be disabled in ps3s that have it. other os call is software not hardware.

sony dosnt like people even using the rsx in linux thats why they shifted its memory addresses around after someone made a working driver for rsx... in firmware 2.10 or somthing

now linux will be blocked out alltogether because of sony wanting to protect its "games" >.< sony hates homebrew and its sad.; January 26, 2010 7:03 PM
George Hotz said...: upgrading is a choice; January 26, 2010 7:04 PM
tictok said...: hehe - nice one Mr Hotz - you've certainly shown your cards.
Now go and have beer!

Hope it's put to good, sensible, use by those with the right knowledge and talent.

So what's next? The iPad/ iSlate?? ;)); January 26, 2010 7:06 PM
grimlord said...: Thank you, geohot.
I can't wait to see what this baby can do in the right hands. Hope you continue your amazing development, and get to point where we get a software exploit. Great work. :); January 26, 2010 7:08 PM
hamgammon said...: if you want 2 piratez..

A.go somewhere else lolol1!!"one
B.buy a xbox 360 omg kthxbi

Now to normal people....

Ugh :( Anyway amazing work! Im in awe of your work and thanks for the time you took to release it.; January 26, 2010 7:08 PM
am said...: That is some crazy code ... I've done a lot of Cell processor development, but I hardly understand a line of this, probably because I don't know anything about kernel programming. I wish someone would explain line by line what it`s doing ... especially the step where you have to electrocute the circuitry for 40 nanoseconds? And what to do the magic hex numbers do?; January 26, 2010 7:08 PM
johnnyg said...: what model of the ps3 have you been working on?; January 26, 2010 7:10 PM
tOiO said...: Hi George, I'm following your progress since you started your work with ps3.. Well, I'm not an hacker, just another boy who wants to congratulate with you.. very impressed, and what very impressed me is that no one until today has reached to hack ps3, it must be very nice.. XD anyway congratulation, you're in the history.. and as we say here.. "si nu mostr!!; January 26, 2010 7:10 PM
lr said...: id s piece of hardware required to run this in linux?; January 26, 2010 7:12 PM
Rami said...: Hello World; January 26, 2010 7:13 PM
ragerino said...: thanks a lot geohot.

could you please post some higher-res pics (different zoom-levels) of the circuit path that needs to be pulsed low for about 40 NANOSECONDS (i think i'll have to find my soldering iron).; January 26, 2010 7:14 PM
am said...: Is this using the memory glitch trick you mentioned? What does "glitching the memory" mean?; January 26, 2010 7:15 PM
Niels said...: Geohot,

Honest, I don't think i'd like you as a person, but your knowledge of coding goes beyond my comprehension, and for that I have infinite respect. Keep going like this and you will be offered a very well paying job somewhere. The digital history books will certainly carry your name into the future, else i will.

Keep up the good work!

(frequent user of all soft unlocks @ tmobile netherlands, excusing himself for the offtopic reply..); January 26, 2010 7:19 PM
George Hotz said...: he has not hack the ps3, stop calling it a hacked, its a exploit '' loop hole'' until they get the keys then you can call it a hack so STFU.. no hacks yet. stop asking for boot loaders and homebrews; January 26, 2010 7:20 PM
matt said...: when the mem is glitched the codes gets executed but some times goes into kernel panic; January 26, 2010 7:20 PM
Dr.Ak said...: Wow! Dude you are a genius! I think noone forget your name!; January 26, 2010 7:20 PM
Recep Baltaş said...: George, 2 questions:

1- Why did you give up retireving keys?
2- What do you think about qID's statement?

Thanks.; January 26, 2010 7:23 PM
max micke antoine said...: Lol how many destroy her PS3 tonight ? many i think because lot of people has not understand; January 26, 2010 7:28 PM
Mac said...: I have set up a development community for this over at http://ps3.devsplus.com as a temporary place for people to work on things and post their findings!

http://ps3.devsplus.com; January 26, 2010 7:28 PM
Ivory_Dealer said...: He didn't say he was giving up on finding the keys. Just because he's not working on it all day and night doesn't mean he's stopped working on the ps3 completely.
Good job Geohot, hope this leads to something.; January 26, 2010 7:29 PM
Temi said...: I have little to no faith in other ps3 devs so this is pretty much a bust if geohot is stopping.

they have all these different systems (dev/tool etc) and got nowhere. Anyone looking for a ps3 to buy? this thing is useless to me. :p; January 26, 2010 7:29 PM
Dr.Ak said...: qID's statement'da nedir?
Tekrardan gözlerinden öpüyorum @GEORGE HOTZ kardeşim.; January 26, 2010 7:30 PM
Mathieulh said...: This will be fixed by sony in a future update by the way. If you care about using this particular exploit, make sure you do not update past 3.15; January 26, 2010 7:30 PM
shuffle2 said...: openness++
...now to get my grubby hands on a ps3 ;p
@Mac there is already psDevWiki, what's the point of setting up another place?; January 26, 2010 7:31 PM
Michael said...: According to my hot sources, Sony is onto this as we speak.. Expect a new PS3 firmware to release in the next few weeks.

lol this is why you don't release an exploit, only a custom firmware of some sort.; January 26, 2010 7:31 PM
George Hotz said...: @Recep Baltaş said...

George, 2 questions:

1- Why did you give up retireving keys?
2- What do you think about qID's statement?

Thanks.
-------------------------------

because im playing my xbox 360; January 26, 2010 7:32 PM
samu.minimalina said...: geohot grazie di tutto,la maggiorparte degli italiani aspettiamo te!!6 un grande; January 26, 2010 7:40 PM
Dr.Ak said...: Lol! :D

"because im playing my xbox 360"; January 26, 2010 7:41 PM
Sean said...: Somebody should make a fake (or real) "Hello World!" thing to make all the haters shut up.; January 26, 2010 7:41 PM
Felix said...: @Hotz: can you do the PSP next? :P that pre-IPL has been waiting around for longer than the PS3!

And, if you're thinking it's already been hacked, well, it hasn't. Up until now we only had "temporary" hacks, that were fixed by software / hardware updates.; January 26, 2010 7:43 PM
Nicolas said...: Must... resist... hacking... open... his... PS3...

No seriously... that's way too tempting.; January 26, 2010 7:43 PM
Paulo said...: HAHAHAHA, THE BIGGER PIRACY OF THE WORLD, BRAZIL , CONGRATULATIONS YOU GH. THX A LOT!!!; January 26, 2010 7:47 PM
chrit said...: GeoHot, you f***ing amazing man! I'm glad to be a part of the same generation of kids as you. Most kids our age are given everything, but you are one of the few exceptions.

Kudos to you and wish for the best!; January 26, 2010 7:49 PM
Ghetto said...: Thanks for the share man!!; January 26, 2010 7:49 PM
Paulo said...: I CREATED AN ISO LOADER AND MIGHT RUN BACKUPS. LOL.; January 26, 2010 7:49 PM
Seth Hikari said...: 4th kernel panic in a row... Restarting the PS3 is starting to get really annoying. Linux takes a while to load. Just want to get disk speed and GFX better; January 26, 2010 7:51 PM
Mano Alma Negra said...: You is a man!; January 26, 2010 7:54 PM
Ghetto said...: @Paulo

Its only been few hours since he released the exploit so yea, don't fool yourself by talking fake craps.; January 26, 2010 7:54 PM
ragerino said...: This post has been removed by the author.; January 26, 2010 7:56 PM
ragerino said...: lets assume someone finds the decryption keys!

they should be the same like on the ps3-slim. so everything that is gonna work outside otherOs will be available for the slim version too.

but i still think, that even if you have the decryption keys, it's not gonna be easy to sign homebrew code or make the playstation run unsigned code. i think that sony has just put the public key (key for decryption/signature check) into the chip, but still has the private key, which is needed to encrypt / sign code.

are my asumptions correct?; January 26, 2010 7:58 PM
ma said...: you call this hacked?!! this is bullshit! he did not figure out anything and he can't do anything with this that is why he is so-called getting back to his life. the ps3 pwned him!!lol!!; January 26, 2010 7:58 PM
Mac said...: Sorry about that earlier I hadn't finished installing everything, I have now setup the forum on ps3.devsplus.com go ahead and check it out and post anything you find about your hacking!

Hackers unite!

Once again thanks to GeoHot for this release, you are absolutely amazing!; January 26, 2010 7:58 PM
ҰÄŅҜΣΣ™ said...: you're really an inspiration....

I'm just beginning to learn computer programming (right now I'm working on C++, i can understand only little bits of your code), but I'd really like to know where you learned all this...do they teach this much in high schools or did you basically teach yourself?

Anyways, however you did you, you've truly made a name for yourself. More power to ya!; January 26, 2010 7:59 PM
michael said...: Thanks for all the work you put in the PS3. that's all I can say.; January 26, 2010 8:00 PM
boo said...: did you use a ps3 slim when creating this exploit? Also please try upgrading to latest firmware and trying this exploit again if you can.

Some high res photos of the soldering would be good.

thanks geohot!; January 26, 2010 8:00 PM
ChillyCat said...: I CREATED AN ISO LOADER <------ BULLSHIT !!!

TROLL !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!; January 26, 2010 8:03 PM
ashley said...: @geohot
so in other words , you have hit a brick wall and are giving up for the time being ?; January 26, 2010 8:06 PM
Somacross said...: 2.4.2? you do know that we are on 3.10 right? I mean...2.4.2 PS3 are not even made anymore...every PS3 is at least post-3.0.0...; January 26, 2010 8:06 PM
suavi said...: Thank's for your great effort! You are the Jedi of exploit world!; January 26, 2010 8:06 PM
phire said...: @George,

Any idea how critical the length of the 40ns pulse is?; January 26, 2010 8:07 PM
Mr. ? said...: A guy on a site im a member of posted this thought it was interesting : Below is iQD's statement regarding the recent GeoHot PS3 Hack news, partly it really seems as if he does not read any docs.

To quote: "So the PS3 is hacked ? Well that's nothing more than an urban legend.

Altough it's nice to capture all these HV calls and stuff from a plain (not encrypted) lv1 binary, but this will never lead to a hacked PS3.

Let's have a look. The major security architecture on the PS3 is called the "Secure Processing Vault" and is the most important thing regarding "hacking" the PS3.

There is NO WAY for the PPU or even the HV to gain access to the SPU, which is an application running inside of an isolated SPU.

Well you can kick out the isolated SPU, like geohot mentioned, but this gives you nothing, as ALL the encryption and execution of applications (HDD encryption, app encryption, decryption, executing, signature checking, root key extraction) happens inside the isolated SPU.

To run homebrew on the PS3 you would have to reassemble the whole functionality from the SPU inside a binary running on the PPU. For this you will need the root key.

The root key is stored in hardware (not even close to the things on the iPhone). The root key cannot be extracted by any software or hardware means and is essential to ALL encryption/decryption, executing and checking routines.

The only way to get the root key is inside of an isolated SPU, as it is kick-starting the hardware encryption facility. There is no other way to do that !

Let's just assume that geohot or some other guys are able to break into the local store of the isolated SPE. There they will just find some encrypted binaries.

The key for decryption is encrypted by the root key ! You won't get anywhere without the root key.

Let's assume that someone managed to do all those stuff from the isolated SPU on the PPU and creates a CFW.

There is still a secure booting environment. The first module loaded/bootet is integrity checked by the hardware crypto facility utilizing the root key. So you have also to address this booting stuff. Again, no root key, no booting.

So there's always runtime patching you might ask ? Not possible on the PS3 because the hardware crypto facility is able to check the signatures whenever it wants to.

And which part is responsible for this ? Exactly, the isolated SPU. So if you kick out the isolated SPU the system will not boot/run anymore.

The PS3 is neither an PSP nor an iPhone. It's the most secure system architecture of this time !

The girl behind this stuff, Kanna Shimizu, is not somebody. Messing around with this is not like saying Bruce Schneier is a n00b.

Btw.: forget about all those stories, that certain hackers are or will be employed by SONY. That's nothing more than another urban legend.

@geohot It is OBVIOUS that the HV is PPC. The Cell BE is a PPC architecture, you know ;-) Better read those IBM papers in first place !

- iQD"

thats means he does nothing really just baypass lvl1 security wich is great
but paradox did it before him!.

the hard and the unpossible thing to do is to get the root key from the
isolated SPU. and that is by far uncheckable.; January 26, 2010 8:12 PM
WoW said...: i lub u geohot; January 26, 2010 8:13 PM
Ghetto said...: Is the exploit working on PS3 Slim?!; January 26, 2010 8:13 PM
MrBubbles said...: Brosef, I heard there were a couple files stored in all PS3s that referred to the PS2, do you think emulating the PS2 will come back one way or another thorugh this?; January 26, 2010 8:15 PM
Mars said...: Thank you very much George! You are a true inspiration!

I'm having a problem though. When I try to compile the code on my PS3, I get a whole lot of errors and warnings.; January 26, 2010 8:16 PM
Steve said...: Judging from the blog, the PS3 community is a disaster. 90% of people on here are noobs asking retarded questions over and over again, 9% of people are here to trying that start a flame war or are here to discredit George's work. 1% of the comments are actually informative. Great example of crabs in a barrel here.; January 26, 2010 8:20 PM
ma said...: and 99% of the people on here on give too much credit for something that has not been accomplished!!! if you are going to say something as monumental as stated that you hacked the ps3, than you better have hacked it instead of this garbage that only bypasses one level of security!!! so stop praising this dude for something he could not accomplish!! that is why he gave up!!!; January 26, 2010 8:26 PM
Mishal said...: The PS2 had the same exploit when it first came out. A Pules button to be pushed to get the system to read backups of software; January 26, 2010 8:26 PM
Crazthonfry said...: Wow...; January 26, 2010 8:28 PM
Tyler Genter said...: It seems a little complicated to have a linux kernel module that does this attack. Linux is going to take 20-30 seconds before it will have the hdd inited and be able to load a kernel module from it. It would be faster to completely replace the kernel with something that appears to be a linux kernel/otheros whatever. This in turn could initialize the ps3 as little as necessary, run this attack to exploit the hv, and then load something like ps2link to allow us to boot a homebrew elf. It would also be possible to simplify the hardware somewhat. I imagine it would be possible to have an avr with usb that could generate the 40ns pulse. The program running your exploit could tell the microcontroller when to act over usb. It might be possible to connect a microcontroller (or maybe a cpld) to some other gpio or serial port thats already present on the ps3 mobo. All this will make it easier and faster to reset the ps3 and get the exploit running with simpler hardware and software.; January 26, 2010 8:28 PM
Ezequiel said...: This post has been removed by the author.; January 26, 2010 8:31 PM
Vinnymac said...: Grats Geohot, you never cease to amaze.; January 26, 2010 8:31 PM
ari said...: Are you saying you cant get the keys?

Cmon geohot. Please give another week on obtaining the keys.

Thanks.; January 26, 2010 8:34 PM
DJ said...: Hmm lol i guess people cant wait for a user friendly exploit (The Noob Way)

lmao

all in time

CFW PS3S? WHAT!!?!?? >.<; January 26, 2010 8:37 PM
ma said...: @DJ

the noob way?!! funny you the one waiting but you talking about the noob way!! then you figure it out and post it up mister professional!!; January 26, 2010 8:40 PM
Kanna Shimizu said...: Great work GEORGE HOTZ!
You beat me at last!

I have to work so much!

( Kanna Shimizu. She is the architect of this PS3 security! )

And iQD you are a real lamer idiot! Suck this post! :D
I am sure that you don't understand anything what he has done! :D; January 26, 2010 8:40 PM
RescueTechLA said...: To make it work on the slim you just have to download firefox, defrag the time machine backup and then inject the itunes into myspace, duh!

i <3 n0ob$; January 26, 2010 8:46 PM
snowboard_extr3me said...: WE ALL SHOULD TRY TO KIDNAPP MRs KANNA SHIMIZU AND FORCE HER TO TELL US THE KEYS!!!!
SHE IS THE DEVIL!!!; January 26, 2010 8:49 PM
SNaG said...: Lol, you made history...Again. haha.; January 26, 2010 8:50 PM
got2oneday said...: Well thanks anyway GeoHOT, until next time.; January 26, 2010 8:54 PM
kaizonudo said...: venga vamos geohot reconocelo tu no tienes vida lo que pasa es que no has podido con la negra.. demasiada maquina para tu joven mente.; January 26, 2010 8:56 PM
][UNREAL][ said...: Parabéns Geohot! Good work! ^^; January 26, 2010 8:59 PM
James said...: Sweet!!

Look forward to seeing the outcome of this.

Linux desktop with full cell access will be very sweet indeed!!!

Thanks for your efforts; January 26, 2010 9:00 PM
asong said...: I never knew how secure PPE / SPE / Hypervisor architecture was until reading this...

http://www.ibm.com/developerworks/power/library/pa-cellsecurity/; January 26, 2010 9:02 PM
Jj22 said...: Very good job, congratulations. I hope the community will get together and find a software way to do it along with a 3D driver. Good work.; January 26, 2010 9:04 PM
Gamera said...: Gracias; January 26, 2010 9:10 PM
asong said...: Based on what I've read on the ibm site:
http://www.ibm.com/developerworks/power/library/pa-cellsecurity/

And some of the comments posted here, I wonder if we've all drank the cool-aid...

I am not exactly sure anymore if this is a hack that'll get us anywhere. I am only hoping for the best though.... I am not convinced we if we ever actually get to the 'root key' based on boot-time checks and isolated SPE routines...

I have all to gain for the success here. I wish all you geniuses best of luck!; January 26, 2010 9:14 PM
Dusty said...: Well done dude! Thanks; January 26, 2010 9:14 PM
jarm said...: @mr ? Whats stopping us from ripping that chip apart to get what we want. Been done before.; January 26, 2010 9:16 PM
jan said...: This thread is full of non facts assuming and trash talk, what rests is Your my hero, and eventually a good comment with helpful information.
I admit doing the same wright now, which is comment off-topic....

"Smart people know when to keep there mouth shut, so i must be dumb..."; January 26, 2010 9:17 PM
Shayde said...: damn geo....looking just at your C source file makes me feel indebted to you for life...the theory in itself and code all makes sense...time to put this to the test...I'm positive it'll work, your exploit is ingenious!! Time for a night alone to test the exploit and hopefully - if all goes well - be able to dick around inside the memory You're a genius man....You deserve more credit than you'll ever get...Congrats and THANK YOU!; January 26, 2010 9:17 PM
ma said...: I TRULY DO NOT UNDERSTAND WHAT ALL THE THANKS AND CONGRATS ARE FOR!!! HE DID NOT HACK THE PS3!! SO I DO NOT KNOW WHY HE WOULD BE SO BOLD TO DECLARE THAT HE DID!!! SURE HE WAS ABLE TO GAIN ACCESS TO THE MEMORY BUT WAS UNABLE TO DO ANYTHING WITH IT!!!SO YOU DO NOT DESERVE ALL THIS UNWARRANTED PRAISE!! YOU ARE A QUITTER!! AND QUITTERS NEVER WIN!!! THANKS FOR NOTHING!!!; January 26, 2010 9:18 PM
DoctorChops said...: It's off-topic, but worth mentioning - considering all of the "You should been remembered" posts... They were talking about you and the neat little trick you can do on G4TV earlier..Attack of the Show, I think. So rest easy, he's already in the book.

Hopefully this trims the fat from some of the posts...; January 26, 2010 9:20 PM
fdsa said...: is there any hardware io that can be toggled to trigger a verilog timer to methoidcally search for proper glitch timing with hardware? delays could be realyed back from a FPGA dev board over a serial port or similar, monitoring the reset line to determine success?; January 26, 2010 9:21 PM
Tom Kalinske said...: This is lame. You've unlocked ONE part of the security features? Good luck going any further!

Seriously, people, stop patting this guy on the back for a mediocre exploit of the Linux install function.; January 26, 2010 9:22 PM
ma said...: i know right!! i agree with you 100% tom!! people all getting excited for nothing!! this accomplished nothing!! lame is an understatement!!; January 26, 2010 9:26 PM
jasoncsmith007 said...: Tom, you are the one that is lame, we didn't see you hack sh17, let alone ONE part, so when you do manage to achieve something, let us know! in the meantime, feck off; January 26, 2010 9:27 PM
Matt Hargett said...: I donated $150 via your iPhone blog page. Keep up the great work on this PS3 stuff! I can't wait to run XBMC, MAME, and Tenebrae Quake in 1080p native! (HV restricts to 768p, for some dumbass reason.); January 26, 2010 9:27 PM
DaN69 said...: www.ps3brew.net

forum set up specifically for geohot.

geohot, i am the admin of this forum, if you join we can have moderated place for you to chat!

Thanks for all the support; January 26, 2010 9:27 PM
vitorgatti said...: congrats! you deserve a platinum trophy for that xD; January 26, 2010 9:29 PM
Wicked Penguin Box said...: Isn't this DMA Cache glitch to gain entry?; January 26, 2010 9:37 PM
Flame said...: and this is useless for my slim T+T; January 26, 2010 9:39 PM
TH3 K said...: @geohot i think most of us r asking the same question are u going to leave the scene of the ps3 or will you still try to make more progress cause right now the only guys that have skills are the guys at ps3news and demonhades and i trust demonhades but not ps3news i mean ok youve done enough of course u dont have to do more but if u continue on the scene allot of persons in the world will apreciate ur work but also thanks for the exploit even much said u couldnt do it u actually did but i still wish for u to keep looking for those 'keys' wich im a noob and dont know what their for but they must be important i guess cmon geohot ur the only one that can do this; January 26, 2010 9:40 PM
Brainy142 said...: By "playing xbox 360" do you mean cooking up more haxx? Good job BTW I cant wait to see some REAL linux on these beasts.; January 26, 2010 9:47 PM
****** said...: join the facebook group
"hack the ps3"

it will keep updated info about this
so join ASAP

thanks geo for hacking it; January 26, 2010 9:47 PM
leo said...: My reason why George is leaving everything is because $ony stepped in and made a threat to him; January 26, 2010 9:54 PM
g4uthiii3r said...: George Hotz, please do not post this achievement to the public. Contact the team dedicated solely to avoid any instant fix from Sony.

For it is important to remember that Sony is not Apple, and he will do everything to block access to anything fruitful work for the improvement of the PS3 system.

I repeat, please do share your work with the team only competent and safe!

I think everyone should have the same thought as me to have an open future for the PS3, and not selfish to share thing which serve no purpose at present because the developers have so many Things to learn today, so understand this, let the time it is time, patience is required and long term we will be rewarded.

Geohot thank you for everything, and congratulations for your active involvement on the scene!; January 26, 2010 9:56 PM
Nash said...: Thanks for releasing the exploit George, there are many opeople from elotrolado. com with you in this. They have great hopes for new projects on homebrew for the PS3!
Thank you again!!

And to all you racists out there, waninkoko, the most successful modder in the Wii Scene is Spanish, so screw you all! (not to Geohot, just to idiots) You guys wish you had the same team spirit as we do.; January 26, 2010 9:59 PM
tonyNOS said...: Ok man I am sorry. unfortunately in the global scene, the PS3 lamers are the worst and neither i nor you or those of goodwill who are here to learn something, can defend ourselves from this garbage.

I believe in you but i need MORE information if i want to rape my ps3:

FIRST:

you say: OtherOS. Good, it mean Ps3 Fat right? Ok, there are

# CECHA: COK-001 1-871-868-22
# CECHA: COK-001 1-871-868-32
# CECHB: COK-001 1-871-868-22
# CECHC: COK-002 1-873-513-21
# CECHC: COK-002 1-873-513-31
# CECHE:
# CECHG: SEM-001 1-875-384-11
# CECHG: SEM-001 1-875-384-21
# CECHH: DIA-001 1-875-938-11
# CECHH: DIA-001 1-875-938-31
# CECHJ:
# CECHK: ???-002 1-876-912-32
# CECHL: VER-001 1-878-196-21
# CECHL: VER-001 1-878-196-31

mistakes aside, at least 12 revisions of the motherboard. Can you tell us , which is your revision?

SECOND

i've two problems: one, your photo is not detailed , i don't understand where i've to weld, second ,not have given us the electronic diagram , we cannot make random weld, dont't you? :-)

And...yes.I've a third problem, i'm not able to quantify 40 ns...i quote you

"i have a button on my FPGA board
that pulses low for 40ns"

BIG PROBLEM: Where to Buy a button that pulses for 40ns, or , how to built it?; January 26, 2010 10:03 PM
Hacked2123 said...: Congrats! You have surpassed all on the PS3 development scene, including the RSX development from firmware <2.1. I hope to use this gateway to some good use in the future; I personally lack the skills to advance the project at this point. :-/

Thanks Geohot; January 26, 2010 10:07 PM
iphone people said...: Please hack the pspGo! Great work on this, congrats!; January 26, 2010 10:08 PM
George Hotz said...: gotta go to the button store...; January 26, 2010 10:11 PM
George Hotz said...: And btw, who ever was talking about bypassing Linux and running a small RTOS, thats the right idea :) Chop Chop start coding; January 26, 2010 10:12 PM
ma said...: to george hotz
you are lame!! you did not hack the ps3!! just admit it!! put this sad rumor to rest!! you gave up because you could not get any further in your attempts to hack the ps3!! every attempt you made was shot down!! just come clean!!!; January 26, 2010 10:14 PM
David said...: To Ma
Thank you for your contributions to the ps3 hacking community.; January 26, 2010 10:21 PM
Mobusaki said...: Just curious, what is your profession, George?; January 26, 2010 10:23 PM
Spikertk said...: @ma

Why are you complaining when you haven't done anything.

@EVERYBODY

Stop complaining. He actually did something and tried to get as much information as he could out the system. he has now released what he has found and whatever happens with it, happens.; January 26, 2010 10:23 PM
ma said...: to david
thanks to yours!!!; January 26, 2010 10:23 PM
Nash said...: to Ma
Some Americans are just so full of hate... thats why the world hates the US, because of people like that.
Peace from Latinamerica.; January 26, 2010 10:26 PM
xw0lf said...: one question for geohot, or someone with more technical knowledge:

what you think about exploiting ps3, using very old (read first) ps3's? if rootkey is unique for all ps3 consoles (frost start until now) and sony can't simply change it when it is publicized (if change it, all existing consoles will became useless junk)..

if anyone have first ones that want to sell/donate for examine/exploit bugs (i sure first firmwares are full of bugs/holes).. feel free to help...

what you think about idea to use real hardware ps2 cpu in first ones to hack ps3 cpu... it's posible for both cpu to work at same time, where ps2 cpu sniff/read/steal important info from ps3 memory?

what about using rsx shaders to sniff/steal important info from ps3 cpu/memory???

any ideas?; January 26, 2010 10:27 PM
ma said...: i am not complaining!! you see how he could not answer my post? cause it is true!! i am just saying that if you claimed to have done something you have better well have done it!! and to all the idiots in cyberspace, just because someone has not done what someone has claimed to do, does not mean that they can not question what said person has claimed to do!!!! idiotic comments like, "what have you done", or "do it yourself" just goes to show how intellectually inferior you are to people with thoughtful opinions and observations. thank you.; January 26, 2010 10:28 PM
Kessler said...: It works?
by the way, have you sold you soul to the devil? haha; January 26, 2010 10:29 PM
Spikertk said...: @ma

As you can tell he doesn't answer a lot of peoples comments. I would do the same in any situation where there are tons of people out there that can do what they please with this exploit and others like yourself that have no idea what he is talking about when he posts things as such.; January 26, 2010 10:32 PM
Marcio said...: Greetings from Brazil GEOHOT, i'm sure that because of you something bigger will come soon! I need to run backup games!!!; January 26, 2010 10:33 PM
ma said...: @spikertk

be honest with yourself!! this is not a hack!! i do not speak on things before i research what i am talking about!! and this is just a bypass of one of the ps3 security measures!! i mean come on!! who would not want to be the first person to hack the ps3!! you telling me that you are going to work on hacking it and make a little progress and tell everyone it is hacked and then just quit before you finish it!! REALLY!! No!! he realized that he could not complete the hack and gave up and passed on this half-assed incomplete method of sending electrical shocks to your motherboard!! you know how dangerous that is!!! there are going to be alot of people flaming this guy in the next couple of days because they fried their ps3 trying to do this hack!! people need to wake up and smell the coffee!! yeah he hacked the iphone!! congrats!!! but the ps3 he failed!! the truth is what it is!!! thank you !!; January 26, 2010 10:39 PM
roulduke said...: Short and sweet. You are the balls and the taint. Great JoB George!; January 26, 2010 10:40 PM
roulduke said...: And there are alot of haters on here that don't know shit and can't listen. Just big shit talkers behind the screen. They couldn't program a universal remote.; January 26, 2010 10:43 PM
ma said...: and there are people on here that think just cause they praise the guy they are going to get a hacked ps3!! just cause you say thank you!! then he will get some magic dust and make your ps3 hacked!! it is not hacked and will not be hacked by this method!! i am not hating on the progress but just the fact that he said it was done when he did not do it!! believe me, i want my shit hacked too so i can play my emulators. but i would not hack my ps3 if it got me banned from online play like xbox no matter how much back ups it let me play!! some things are just not worth it!!; January 26, 2010 10:47 PM
Potato said...: "to george hotz
you are lame"

"i am not hating on the progress"

lol; January 26, 2010 10:51 PM
Marco Badauê said...: Wow, 3 years and no one didn´t manage to hack, enter, whatever the expression is... But this guy did, no matter if it is completly hacked or just one of the locks.. What he GeoHot did MUST be acknowledged.

Man, Congrats from Brazil again!!!!; January 26, 2010 10:52 PM
Benjamin said...: Talk about recent ps3 hack here:

wiseserpent.com

Great forum for everyone; January 26, 2010 10:55 PM
Spikertk said...: @ma

What is a hack Ma? "Circumvention of a implemented security feature meant to discourage user's of the product" I believe this "Circumvented a security feature" and that is what is needed. He opened his console and did something to it to get these results. It is your own risk to open it up and do this. If you downloaded the program (Which you probably did and noticed you knew nothing about it) you would see that he wrote this is not noob friendly which means you shouldn't test it.; January 26, 2010 10:57 PM
ma said...: well i know i wont be shocking my motherboard in hopes that it will get the exploit to run only to have my motherboard fried!!; January 26, 2010 10:57 PM
inconspicuous0 said...: As a relative ludite, I'm wondering what it would take to get the ps3 to read hd dvds. From what I've read, the difference seems to be software, and so a workaround seems possible, if not feasible. If one could dual boot the xbox os...; January 26, 2010 10:57 PM
Bahamut said...: Thanks George! You are the new hero! :); January 26, 2010 10:57 PM
inconspicuous0 said...: @myself. *IF* this were possible, Sony would be well advised to covertly support development.; January 26, 2010 10:59 PM
Spikertk said...: @ma

Then don't do it, but while your not doing it, don't complain cuz he and other can do what they please.; January 26, 2010 10:59 PM
ma said...: @spikertk

and i can "complain" as i please! and since when is having an opinion and stating facts complaining??
FACT:
IT IS NOT HACKED
just because he "Circumvented a security feature" . when he circumvents them all and gets unsigned code to run. then it will be hacked! he should have not said it was hacked then it would have been an honest post!! but when you say it is hacked and it is not than it is false! and i don't praise people for misleading the facts!!; January 26, 2010 11:04 PM
Jact said...: Adelante GeoHot..... you can do it!!!!; January 26, 2010 11:05 PM
koko-goal said...: "because im playing my xfail 360"

LOL
-------

Geo, you have to know that you're an awesome hacker.

You may stopped because you're a hacker - hackers feel high when they hacked something after that they may lost the interst to hack it anymore, please don't :D, Xbox 360 fanboy :p; January 26, 2010 11:07 PM
TH3 K said...: damn i would like for geohot to answer this quiestion wich will shut up everyone

is it possible to start making homebrew with this hack or is there more things to do before running homebrew?

CMON ANSWER THIS ONE COMMENT PLEASE MANY ASK THEMSELBES THE SAME QUESTION; January 26, 2010 11:08 PM
George Hotz said...: @ma, would you like to define hacked? Or would you like to continue hating?; January 26, 2010 11:09 PM
George Hotz said...: @TH3K Yes, in fact, you could make homebrew since the start with the PS3. Install OtherOS. This removes the restrictions.; January 26, 2010 11:10 PM
ma said...: @george
define hating!!
is stating the facts that you did not hack it! and we all know what hacking means!! it means that you can run cfw, homebrew, backups, emulators, and other things. so do not hide behind some pathetic definition of hacking from wikipedia. you know the only thing you did was bypass one level of security. i am now hating on that. that was a clever concept. but the fact that you said it was hacked and it wasnt got the whole ps3 world riled up and for no reason. be honest!! why would you put this much effort into hacking it and then give up if you could do it?? why would you want someone else to bear credit for you hard work?!! you could not go any further than what you did, granted you come further than anyone before but don't call hacked when it is not!; January 26, 2010 11:16 PM
stephen said...: Ma is the only realistic person posting here, the rest of you can go ahead and live in dreamland.

I have briefly studied what George has done and to claim he's "hacked the PS3" is FAR from reality.

This "exploit" allows access to the memory but nothing else and is quite frankly useless.

As time passes you will see that people like Ma, Tom and Myself are correct as this will literally go no where!

The blury board picture and vague installation instructions should have given it away. This guy has clearly hit a brick wall and is quitting as he has realised what many before him have realised... The PS3 is unhackable without the root keys!!

Now to the maronic masses, if you want to go ahead and keep praising George and donate your hard earned money to him for an exploit that doesn't work.. (when you could send it to save some lives in Haiti) then by all means go ahead. ..and before you mention it: I haven't contributed anything to the scene, but neither have any of you ass lickers commenting on here as you have nothing intelligent to add.

I respect George's work and it was a solid attempt.. however, this is NOT A HACK!; January 26, 2010 11:17 PM
ma said...: @stephen

thank you!!! finally a voice of reason!!; January 26, 2010 11:19 PM
Pedro Prado said...: I don't have skills to say it works or it doesn't. But I have more skills than needed to understand what is going to help and what is not.

Done is better than perfect.
Nobody did step 1 before; he is showing how it's done. Who's raising the hand to volunteer doing step 2?

Again, congrats and greetings from Brazil GeoHot!

[Off-topic]
BTW, Brazil does have a huge pirate market and I am sad about it.
The ones that pay R$5 for games wouldn't charge their bosses R$5...

On the other hand, it's very hard to find a PS3 game for less than R$200 (about US$100).
For that, PS3 owners do import games (WAY cheaper) while Xbox360/Wii owners just unlock their consoles and buy pirated games.
Lack of games sales with lots of console sales (need to buy to unlock) is a problem as the console sales does not have as much return. So prices don't drop. Deadlock...
[/off-topic]

If the PS3 had a way to expand RAM, I would have one computer less in my house.; January 26, 2010 11:21 PM
George Hotz said...: @ma No, what you listed there was a lot of coding, not hacking. Hacking is breaking the security of the system, which I have done. I'm not spending my time writing custom firmware, iso loaders, and an open SDK. Leave that to somebody else.

And I didn't give up, I'm just not spending all day on it anymore. I have other things to do. Just because I don't do something doesn't mean I can't do it. Unlike the iPhone, there isn't a clear definition of hacked(as in unlocked or jailbroken). This is code execution at the highest privilege level.

Okay, I'm done feeding the trolls.; January 26, 2010 11:22 PM
ma said...: @george you can beat around the bush all you want!! the fact is you did not hack it and can not hack it! stick with the iphone!! thats more on your level!!; January 26, 2010 11:25 PM
stephen said...: George said: "Yes, in fact, you could make homebrew since the start with the PS3. Install OtherOS. This removes the restrictions."

So you admit that you have done nothing to bring us further?

That's not homebrew, that's called a linux app.

Answer me this Geohot: if I use this exploit will it be possible for me to access the full power of the ps3 in linux? GPU and everything?

I didn't think so.; January 26, 2010 11:26 PM
George Hotz said...: If you are a noob looking for the things in the previous post(like custom firmwares and backup), and don't believe the PS3 is hacked, please GTFO my blog. They aren't here and they never will be.; January 26, 2010 11:27 PM
John said...: @Ma, geohot exploited it, now it's up to US to "hack it" (make the software) Start viciously coding people, I see a bright future ahead of all of this.; January 26, 2010 11:28 PM
ma said...: @stephen

he cant do anything with this!! he is a fake!! yeah he hacked the iphone but the ps3 is far too advanced for him!! if you call shocking the hell out of you motherboard with electrical currents a hack!! then yeah he did that!! but who in their right mind will do that to their ps3?!! not i!!; January 26, 2010 11:29 PM
Tida said...: Well know I ain't trollin but now the ps3 slim is unhackable :D; January 26, 2010 11:29 PM
George Hotz said...: @stephen Umm, actually thats the idea. You have full access to the GPU and all of the rest of the hardware.

OMG, gotta stop arguing with people on the internets.; January 26, 2010 11:29 PM
Christopher said...: Hey George. Good job and all on the exploit. I'm honestly no where near technical enough to understand some of your techno-speak, but I doubt you're so happy with your progress for nothing.

Anyways, this post comes in the form of a question (you're not tired of those yet, are you? haha)It's sort of a combination of two questions.

One:Concerning the post by @Th3K, I think you may have misunderstood the question, or maybe you're avoiding it. I think what's really on everyone's minds is have you unlocked the PS3's complete horsepower to be used by the homebrew community? Everyone knew you could use linux to run software, but it's always been very limited.

Two: Where do you see this exploit leading to? Are we talking complete unlocking of the system, like PSP or iPhone? Or has this been just a sort of hobby of yours; something to challenge yourself with that won't result in anything but a little satisfaction on your end? (Nothing wrong with that) Also, kind of pertaining to these questions, what is the theoretical road to complete unlocking of the system?

I've been with the PSP community ever since a browser was modified to be used from the wipeout pure UMD, so I can't wait to hear what you have to say. I know you're probably tired of answering questions, but it'd mean a lot if you answered these ones, and I'm sure that it would put a LOT of people's minds to rest.; January 26, 2010 11:30 PM
TH3 K said...: also what about the demonhades exploit that lets you run the .elf files why isnt there anything about that wasnt that a hack i think the elf files are the one wich the ps2 was hacked with wasnt it im not sure doh well hope this really does lead to homerbew all though im thinking that well have to wait a long time (again) since it apears that geohot is leaving the scene wich if truly happens brings my hopes down well hope im wrong since 3 years seems to much waiting but anyway thanks geohot ur help is apreciated anyway

i also hope for a hack that cant put in danger my ps3 cause i really payed allot for it like most of us did i had to pay 800 wich is allot of money and not risking my ps3 but anyway thanks and sorry for writing things that probably have been already posted and probably everyone is going to ignore this post but i just wanted everyone to know what i think so see ya and hope the ps3 scene keeps on growing and hope that this year the ps3 has homebrew on it also some videos of someone doing the exploit will be apreciated and also ding it in 3.15 since im pretty sure most of us have since its the latest update i was asking myself why havnt u updated geohot were u planning on doing this long time ago and also would like to add u as a ps3pal
maybe u can connect to playstation home one day would like to have a chat with u and thanks and if you feel that this comment has no sense then just delete it i dont mind look im going to try to start reasearching i have little experience since i only made cfw for cellphones but thats nothing compared to the ps3 (the black beast) ok ive wrotten down too much
TH3 K OUT!!; January 26, 2010 11:31 PM
Mobusaki said...: @George Hotz: I'm not a troll! You can feed me. haha I just would like to know what your background is. I'm curious because I am an Electrical Engineering student and it seems pretty likely that you may be an EE yourself!

Much love from a non-hater! lol :P; January 26, 2010 11:31 PM
Samuel said...: @George : What about the root key ?

Hacking the HV layer is fine, but the system is still locked.; January 26, 2010 11:36 PM
Tida said...: He ain't leavin the scene. He's just working on it when he FEELS like it god.. It's not like this is his real job.. He has a college to go to>>>; January 26, 2010 11:37 PM
John said...: Don't you think geohot (a goddamn genius) has better things to do than feed you goddamn trolls? Your almost as bad as the chans, I mean Jesus Christ, just because you don't understand the hack dosent mean you should bash and troll for no reason. Geohot did this not for money or anything, just for you people. Get over yourselves and stop using the anonymity of teh interwebz to think you are all clever. Obvious troll is obvious; January 26, 2010 11:37 PM

«Oldest ‹Older 1 – 200 of 837 Newer› Newest»

On the PlayStation 3

Tuesday, January 26, 2010

Here's your silver platter

837 comments:

Post a Comment

Blog Archive

About Me