LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Sorry, but this is not true

Sorry, but this is not true

Posted Jan 20, 2012 6:27 UTC (Fri) by khim (subscriber, #9252)
In reply to: Viruses? by BenHutchings
Parent article: SFLC: Microsoft confirms UEFI fears, locks down ARM devices

The code verification chains for the three popular consoles have been cracked repeatedly.

Sorry, but no. Only Wii (which apparently had security bolted on after the initial design) can be broken using only software without any specialized hardware.

XBox360 does not have any software exploits: all the existing break-ins require hardware modifications.

PS3 was only broken once, that happened half-year after removal of OtherOS and was quickly and efficiently remotely patched: if you ever upgrade your PS3 to firmware version 3.56 you'll lose the ability to break the code verification chain. The time where you had the ability to use PSN on cracked console was short indeed.

One of the obstacles to disassembling and finding weaknesses in the code verification chain seems to have been that the relevant code has been embedded within ASICs and/or encrypted.

Right - this is natural next step. This will happen eventually. Actually this is already true for ARM devices (they usually are built as a single SOC with many different chips tied together) - perhaps this is why Microsoft is more concerned about them? It knows x86 will be crackable for a few more years anyway...

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds