Feb 7, 2011

Did Sony add a rootkit to PS3 firmware update?

Gamers on a forum accuse Sony of adding a rootkit to its latest version of PlayStation 3 firmware.

Rootkits, in general, have a bad reputation. Security watchers often associate them with malware. In this case specifically, though, the alleged rootkit would allow Sony to peer into users' system files without their knowledge.

A user dubbed N.A., who first mentioned the alleged rootkit last week on the Neogaf forum and cited work performed by developer Mathieulh, alleged that a rootkit in firmware version 3.56 allows Sony to "remotely execute code on the PS3" when users connect to the PlayStation Network. Mathieulh informed people over Internet Relay Chat that the alleged rootkit can be used by Sony for "verifying system files or searching for homebrew." It might also be used as a way to ensure users on the PlayStation Network are using Sony's own firmware.

However, N.A. also pointed out that "Sony hasn't activated any of this yet."

For its part, Sony hasn't made any mention of a rootkit being added to its latest update. A page on the company's site describing the updates in firmware version 3.56 say only that a "security patch has been added." Because of that, it should be noted that the claims made through Internet Relay Chat and forums are unsubstantiated, and there is currently no indication from Sony that a rootkit was added to its PlayStation 3 firmware.

What is clear is that Sony is in the middle of a real battle with jailbreakers who continue to take issue with the way the company safeguards its console. With each new update released by Sony since the company made the decision to end support for "Other OS," allowing folks to run operating systems--typically Linux--on the console, jailbreakers have found ways to run so-called homebrew applications.

PlayStation 3 firmware version 3.55 arguably attracted the most attention after well-known hacker George Hotz, known as his Web name, Geohot, found a way for users to run custom packages on the console. The move prompted Sony to request a restraining order against Geohot to take his solution off the Web. After a lengthy court battle with each side trading shots, Sony was awarded the restraining order last week.

"After consideration of the record and the arguments of counsel, the court finds that a temporary restraining order is warranted," U.S. District Court Judge Susan Illston wrote in a judgment released last week. "Plaintiff has submitted substantial evidence showing that defendant George Hotz has violated the Digital Millennium Copyright Act."

For his part, Hotz contends that his jailbreak shouldn't violate the DMCA. He pointed out that the DMCA allows mobile phone owners to jailbreak their devices without fear of legal recourse. The far-reaching act fails to mention other devices, which allowed Sony to gain the upper hand in its battle against Hotz.

"I think the same precedent should apply," Hotz said in an interview with G4TV last month. "If you can jailbreak one closed system, why can't you jailbreak another?"

It's a sentiment that many in the Neogaf forums agree with. And rather than face the possibility of being locked into Sony's latest firmware, those who believe Mathieulh's claim that a rootkit is in the latest software have warned others not to upgrade to 3.56.


"Official Firmware 3.56 released," an announcement reads on the forum. "Do NOT update."
Sony did not immediately respond to request for comment.

Back in 2005, Sony BMG came under fire for including a rootkit in software on some of the company's CDs. The rootkit was used to limit the widespread reproduction of music CDs at the time. Sony later reversed its stance, offering up a solution to remove the rootkit, and then eventually, recalled CDs with the rootkits installed.

0 comments:

Twitter Delicious Facebook Digg Stumbleupon Favorites More