It appears Sony are ahead of the Jailbreakers as the rumour is the next Firmware will detect the Jailbreak USB gizmo. Apparently the following email has been sent to people who have ordered the despicable device;
“Just a friendly update email and some advice for you over the coming days and weeks.
While PS Jailbreak team have told us it should be possible to support future firmware versions on the PS3, it is not guaranteed, they will need to access any newer firmwares than 3.41 and if needed release an update for the PS Jailbreak to support the newer firmwares.
So we wanted to give you all some advice that if a system update is released for the PS3 in the coming days or before you receive your PS Jailbreak which blocks system updates, we recommend that nobody update their PS3 for the time being.
If a PS3 system update newer than 3.41 is released you should keep an eye on the PS Jailbreak website for news on compatibility with the PS Jailbreak on the new firmwares. Only update your PS3 past 3.41 firmware if the PS Jailbreak team say that it’s safe to do.”
If this true then it’s fantastic news, the USB device will be rendered pretty much useless before people even receive it as Sony can instantly ban any PS3 with the device. Of course it won’t stop people using their PlayStation consoles offline but that will be a small minority.
Source: TQCast
adamguest1985
Sounds good. Wouldn’t sticking required firmware updates on the content (as they tried on the PSP UMD’s) also slow things down? Sure, it wont deter the hardcore, but the casual “I’m just trying a few games before I buy” anti-market aren’t going to want to faff with ripping files and the like.
Grey_Ghost13
That would be hilarious if the next game to come from Sony had this on it already, well done Sony for getting a fix ready before the problems already mainstream.
TSBonyman
Lol,it’s started already.
cc_star
Of course the PSJailbreak device has upgradeable firmware which could render Sony’s firmware updates pointless and do nothing but cause honest gamers inconvenience.
DJ-Katy
I’m curious how the jailbreak team are going to update it to be honest. They wrote a PKG file with the Sony SDK but the hardware itself is ripped straight from the service centres. This means they haven’t analysed how it works, theyve just cloned it.
If a firmware update detects the stick, that means the jigsticks in Sony’s own service centres have been upgraded to avoid detection as modchips. Without a new jigstick being leaked, the hackers will have to figure out what is going on in order to produce an update, and if they haven’t reverse engineered the jigstick, and may not actually be able to, it is hard to see how they will be able to update it.
BrendanCalls
Yeah Katy, I was just about to say that aswell ;-)
Uhyve
Remember though, to run code on a PS3, a program needs to be signed with a key (that hackers do not have). If the hackers try to edit the Backup Manager App, they would need to resign it, which they can’t. Therefore, the only way they could fix the device with an update, is if Sony uses a lazy fix, like banning the USB ID, which yeah, the pirates could easily bypass through firmware update.
Uhyve
Oh wait, are you saying this hack allows them to run custom code? Even if you need to write it with the Sony SDK, that’s pretty snazzy if true.
Bleh, after the Pandora battery, I’m sure Sony have plenty of knowledge on how to defend against stuff like this.
DJ-Katy
Uhvye yes the point of the jigstick is to allow unsigned code to run. They have already modified the PKG file they wrote to a newer version, they don’t need to sign it.
Uhyve
This is probably a stupid question, but why would Sony need something to help them run unsigned code? Couldn’t they just… sign the code?
bunimomike
I was just thinking, it’ll enter the same situation as the iPhone. Each new firmware update is jailbroken very soon afterwards. The cat and mouse begins.
bunimomike
Unless Katy’s right. Whoops! :-)
DJ-Katy
If they come out with an update that works with 3.42, that will be the acid test of whether they have actually reverse engineered it or just cloned it. If they come out with an update, the cat and mouse game will ensued.
Sony have a dilemma now. This hack can be disabled permanently, once and for all, by disabling the USB bootstrap ability in a firmware update. The problem with doing that is they won’t be able to repair PS3s with corrupted firmware in the service centres anymore, it is like cutting off their own recovery backdoor.
No doubt they took the USB route for simplicity and speed when doing repairs, but it was an incredibly stupid decision from a security standpoint and I was really surprised to learn this. They should have used the JTAG port with a custom protocol instead.
adamguest1985
Regarding the inconvenience you mentioned…
Looking at Sony’s previous anti piracy stance, (removing OtherOS) it looks like a USB lockdown could be implemented. This would of course be an entirely insane solution for honest folk, rendering USB card reader’s, hubs, music players etc. useless.
I’m imagining it wouldn’t be too difficult to allow users with an active connection to PSN access to features, and not to offline users? If for example once a week the PSN connected, and downloaded the “unlock” code. It runs a check, and if you don’t have the latest FW, then the features remained locked out. Offline, but legitimate users would require updates from the SCEE blog, or retail discs. (Inconvenience again, but as the majority of heavy users are online, it seems feasible)
Just an idea.
cc_star
The controllers are paired with the PS3 via a data connection through the USB port, short of shipping replacement controllers to every single person they will not be able to restrict the USB ports to power only.
Like katy said above, they need to work out how they are going to service consoles if they exclude USB from the boot-up process.
adamguest1985
@CC I totally fell asleep there regarding USB peripherals. Best to ignore me. Although after reading Katy’s post, which seems very well informed, I’d still tend to lean towards Sony offering replacements instead of reapairs in the long run, if it’s the only way to avoid USB hacks, as the loss from game sales and development would surely be higher than that of faulty consoles. (Once the remaining batch of 60 gigs YLOD – there can’t be many left going strong?!)
DJ-Katy
adamguest1985, they don’t need to lock down USB, all they need to do is remove the ability for the machine to be bootstrapped (when it starts) from a USB device; by the time XMB is running any damage the hack can do is already done, so having USB running normally then is safe.
adamguest1985
@DJ-Katy – Figured as much after reading your first post, thanks for the info. I stand by what I said in my response to CC though.
andytorr
Ban ’em. BAN ‘EM ALL!!
bunimomike
You got a lit torch and some banjo music to go with that comment? ;-)
carson321
He’s got me backing him up with my boomstick!
moshi
damn you mike ive got banjo music in my head now
Hullian_Hero_95
maybe a moonshine bottle?
Danza Di Fuoco E Ghiaccio
Send them to Sony… to er… work on a few things
Mentality
That says nothing about Sony being on top of it, or that they are going to release a firmware, it just states ” if a system update is released for the PS3 in the coming days or before you receive your PS Jailbreak” then not to upgrade unless stated otherwise that it is safe to do so.
Sony are yet to actually comment on the whole thing and have not released any information to give us reason to expect an update.
andytorr
At the end of the day, at least Sony are putting up a good fight with the pirates this gen. Ever since the 360 hit shelves there’s been stories of games leaking early, cracks, cheaters, copied games and hacks. It’s almost like Microsoft couldn’t give a crap.
Bilbo_bobbins
thats true. I reckon Sony will always find a way to get around it. They know the in’s and outs of their own system.
Bilbo_bobbins
I can trust Sony to sort this out.
gazzagb
But what if the hackers find another way past this Firmware? At least Sony are doing something about it, hopefully the FW arrives soon.
solidsteven
good teach hackers a lesson
teflon
can’t they add an extra layer of abstraction over the top of the current Bootstrapping method they use? Something like the need for 2 USB devices that then enable a very specifically stripped out version of the XMB to run from a custom HDD?