impur1ty said:
joeorc said:
so in short:
the online blog stated from the claimed hack
"
Hello hypervisor, I'm geohot
I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3. The rest is just software. And reversing. I have a lot of reversing ahead of me, as I now have dumps of LV0 and LV1. I've also dumped the NAND without removing it or a modchip.
IBM states:
All of this is accomplished exclusively by hardware means; no software, in the form of setting protection bits in an address translation table for example, is involved in the process. Because of this hardware isolation, even the operating system and the hypervisor cannot access the locked up LS or take control of the SPE core. Therefore, a hacker who has gained root or hypervisor privileges is not a threat to an application executing on an isolated SPE. The supervisory privileges will not enable him to control the application, nor will it allow him to read or write the memory used by it. The execution flow and the data of the isolated application are safe.
if he did what level of exploit would he indeed have?
that the real problem , what would the full capability of this hack?
my guess as it stand's not very much
|
Can you post the IBM source?
|
I think this is the source
https://www-01.ibm.com/chips/techlib/techlib.nsf/techdocs/AEBFE7D58B5C36E90025737200624B33/$file/CBE_Secure_SDK_Guide_v3.0.pdf
