Interesting People mailing list archives
Update: Sony PSP Exploit Apparently Confirmed
From: David Farber <dave () farber net>
Date: Wed, 15 Jun 2005 16:15:44 -0400
Begin forwarded message: From: Lauren Weinstein <lauren () vortex com> Date: June 15, 2005 12:05:02 PM EDT To: dave () farber net Cc: lauren () vortex com Subject: Update: Sony PSP Exploit Apparently ConfirmedGreetings. It appears that the exploit for Sony's PSP that I described in:
http://www.eepi.org/archives/eepi-discuss/msg00099.html was released as "advertised" this morning and has already been tested by many users around the world. Reports indicate that it provides the functionality previously discussed, and it has been confirmed that it will not run on PSP firmware later than the 1.5 version. All but the earliest (firmware 1.0) PSP units in Japan, and all U.S. units, have so far been shipped at firmware level 1.5. Sony has recently released firmware versions 1.51 and 1.52, which block the exploit, that some users have already flashed to their units via Web downloads. While the exploit apparently works, it is not by itself a terribly practical long-term procedure, since it involves the rapid swapping of memory sticks during the startup of each unsigned application. However, the camel's nose is now in the tent, and the exploit, by allowing the execution of arbitrary unsigned code (including the ability to reflash the unit's firmware), will likely lead *very* rapidly to more "user-friendly" and far-reaching exploitations and homebrew applications. So Sony is indeed faced with a problem -- and perhaps an opportunity -- depending upon how they react to these developments. --Lauren-- Lauren Weinstein lauren () pfir org or lauren () vortex com or lauren () eepi org Tel: +1 (818) 225-2800 http://www.pfir.org/lauren Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org Co-Founder, EEPI - Electronic Entertainment Policy Initiative - http://www.eepi.org Moderator, PRIVACY Forum - http://www.vortex.com Member, ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com DayThink: http://daythink.vortex.com ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Update: Sony PSP Exploit Apparently Confirmed David Farber (Jun 15)