Hacker dumps a security nightmare into Sony’s lap, then uses the opportunity to try to find himself employment.
George “GeoHot” Hotz, who gained notoriety for hisjailbreaks as well as his PS3 from early last year, has posted what he claims to be the PS3’s root key on his website. This key will give people the ability to sign their own homebrew software, and have the PS3 think that it’s genuine.
In a very short post, Hotz thanked the fail0verflow hacker team, who gave a presentation about the PS3’s security system just last week, for their assistance with the asymmetric part of the key. As proof that the key was genuine, he offered a “Hello World” program, a common exercise when you’re starting out writing code, and thanked the people behind the open-source PS3 hombrew SDK, PSLight, who had made it possible for him to release it.
It’s believed, although not confirmed, that Sony will have trouble changing this key without rendering a lot of PS3 software inoperable. If this is true, then there may be nothing that Sony can do to prevent people running their own homebrew software, or playing pirated games. Hotz made it clear that he didn’t condone piracy, however, and hoped that people would use the key responsibly. He also offered his services to Nintendo, Sony and Microsoft in making their next consoles secure, saying that it would be interesting to be on the other side of the fence.
Of course, the problem is that while Hotz might not condone piracy, there are plenty of others out there who have absolutely no problems with it at all. I don’t know whether Hotz is genuinely hoping that people won’t abuse the key, or whether he’d just trying to cover his own back, but either way, he’s much easier for a lot of would-be pirates