Hackers, who call themselves “The Three Musketeers”, this week released an equivalent of the so-called “master key” for Sony Corp.’s PlayStation 3 video game consoles. The new keys allow decrypting PS3’s level 0 (lv0) security layer used by the primary boot loader and therefore create custom firmware completely compatible with the console itself, but which allows running pirated games.
Sony uses the lv0 keys to safeguard the firmware of the PlayStation 3. After update 3.60 the lv0 keys were also used to authenticate the software. With the release of the lv0 keys to the web, hackers are able to change existing and future PlayStation 3 firmwares. Since the lv0 key is put into the Cell CPU during manufacturing it is unlikely that Sony will be able to restore the protection of the PlayStation 3 with a new update and with the PS3 firmware decrypted also the new PSN authentication key is easy to grab, reports The Hacker News web-site.
According to Eurogamer web-site the reveal of the lv0 keys means that any system update released by Sony going forward can be decrypted with little or no effort. Options Sony has in battling this leak are limited - every PS3 out there needs to be able to decrypt any firmware download package in order for the console to be updated (a 2006 launch PS3 can still update directly to the latest software). The release of the LV0 key allows for that to be achieved on PC, with the CoreOS and XMB files then re-encrypted using the existing keys in order to be run on hacked consoles.
Custom firmware for the PlayStation 3 allows enforcing compatibility of consoles with pirated video games or other software that Sony does not want to be run on PlayStation 3. In case Sony cannot tackle the problem, then piracy of PS3 games will increase significantly.