Daily Mirror - Print Edition

PlayStation 'master key' leaked online

25 Oct 2012 - {{hitsCtrl.values.hits}}      

Crucial security information about the Sony PlayStation 3 has been leaked online, making it easier for users to play pirated games on the machine.

Unlocking games consoles is a common way for users to open up the system, but in the past, such efforts have been quickly thwarted.

This hack is equivalent to stealing a master key, say experts.

It comes as Sony heard that one of the mass lawsuits brought against it in the US had been dismissed by the judge.

Access to the inner workings of a games console means people can utilise its huge computing power in novel ways.

For example, the United States Air Force has networked 1,700 PS3s to create a powerful supercomputer.

But often the unlocking - called jailbreaking - is seen as a means to allow users to play pirated games.

The hackers behind the publication of the so-called LV0 decryption keys call themselves The Three Musketeers.

They say that they decided to release the information after it was leaked and fell into the hands of hackers who had planned to charge a fee for the code.

In a statement published on The Hacker News, the group said: "You can be sure that if it wouldn't have been for this leak, this key would never have seen the light of day, only the fear of our work being used to make money out of it has forced said us to release this now."

Writing about the hack, Eurogamer said: "Options Sony has in battling this leak are limited - every PS3 out there needs to be able to decrypt any firmware download package in order for the console to be updated.

"The reveal of the LV0 key basically means that any system update released by Sony going forward can be decrypted with little or no effort whatsoever."
'Perfect security'

In the past efforts to jailbreak the PS3 have been countered with the release of firmware able to resecure the console.

Source close to the firm say they are not convinced that the latest hack is any more serious that past ones. An official statement from the console maker is due shortly.

In better news for Sony, a US judge has thrown out a mass lawsuit brought by users of the PlayStation Network, following a huge security breach in May 2011 which saw the user information of 69 million customers exposed.

The suit accused Sony of failing to adequately protect information and exposing users to identity theft.

Judge Battaglia from the US District Court of Southern California pointed to a clause in the user agreement which noted that "there was no such thing as perfect security" and said that the disclaimers meant there were no grounds for the lawsuits.

The plaintiffs have until 9 November to appeal against the decision.

(Source : BBC)