24C3 - 1.01

24th Chaos Communication Congress
Volldampf voraus!

Speakers
TyRaNiD
Schedule
Day Day 4 (2007-12-30)
Room Saal 1
Start time 17:15
Duration 01:00
Info
ID 2209
Event type lecture
Track Hacking
Language en
Feedback

Playstation Portable Cracking

How In The End We Got It All!

The Sony PSP is over 3 years old yet barely a day has gone by without some part of it getting attacked. This lecture will go through how hacker ingenuity and systematic failures in Sony's hardware, software and business practices ended up completely destroying the hand held's security including some previously unreleased information about how it was achieved.

As one of the original authors of the free PSP SDK, various hacking and development tools as well as being a member of the Prometheus project (better known as team C+D) I am in a unique position to discuss many of these aspects of PSP cracking from bitter experience.

The Playstation Portable has been the battle ground between Sony and a small group of hackers for close on three years with Sony implementing new security measures and bug fixing firmware updates to keep people out, all the while the hackers have found more unprotected areas to go after. What nobody had realised was Sony had lost from day one.

The lecture will go into detail on a number of different topics related to the cracking of the PSP. An overview of how Sony tried to make the system secure will be presented, to give an idea of how it was supposed to work. Then details about the various classes of attacks that were successfully made against the device and how they each related to a failure in Sony's implementation in one way or another. There will also be discussion on how the firmware was so easily taken apart and what mistakes Sony made in making their design "cleaner" while giving the attackers means to extract kernel information.

The final part will describe roughly how in the end the security was completely defeated culminating in Pandora's Battery and the customised initial program loader (IPL).

A lot of this talk could be taken generally as a lessons learned lecture for Sony's designers, hopefully they don't take much of it on board.