| joeorc said: here's a little chart:
well this hacker seem's to think So! The PS3, like the Xbox360, depends on a hypervisor for security enforcement. Unlike the 360, the PS3 allows users to run ordinary Linux if they wish, but it still runs under management by the hypervisor. The hypervisor does not allow the Linux kernel to access various devices, such as the GPU. If a way was found to compromise the hypervisor, direct access to the hardware is possible, and other less privileged code could be monitored and controlled by the attacker.
the counter? It remains to be seen what security measures Sony has taken to address a hypervisor compromise. One countermeasure would be to lock down the OtherOS environment, since the attack depends on the ability to manipulate low-level OS memory structures. They could be using a simpler hypervisor than the GameOS side (say, one that just prevents access to the GPU). Perhaps the SPEs have a disable bit that turns off the hardware decryption unit, and the hypervisor does this before booting OtherOS. what did geohot have to say about this: Check out my latest blog post, I don’t think they have lines of defense past the hypervisor. Comment by George Hotz — February 13, 2010 yes they do: One countermeasure would be to lock down the OtherOS environment, since the attack depends on the ability to manipulate low-level OS memory structures.
|
Nice chart. I remember seeing one at the Hackers Homebrew convention. Could it be possibly that one? Even if it isn't there was very clear context when the homebrew community post the same chart. The reason that the homebrew hackers didn't bother hacking the PS3 was because they could already execute homebrew/custom code. That's the context that is being missed. The people who first hack the machine are generally only wanting to use the machine for personal uses and typicly very tame. Once custom code can be executed the pirate coders jump in and start working to do what they want. Since Other OS provided a sandbox environment there was never any major push to work around the security measures. Now that's gone. I assure you the gauntlet has been delivered and the war has begun. Who will win. I garuntee you it's not Sony.
I know a lot of Sony fans would like to believe it was because Sony had good security, but that's not it. If you give a little you will recieve a littile. Sony gave homebrew support and recieved no hacking. I'm going to love the laments and whining soon to follow in the coming months. It's too late already.
Squilliam: On Vgcharts its a commonly accepted practice to twist the bounds of plausibility in order to support your argument or agenda so I think its pretty cool that this gives me the precedent to say whatever I damn well please.
