EEPI - Electronic Entertainment Policy Initiative
EEPI Home Page
EEPI Discussions Mailing List Information
[ EEPI-Discuss ] One Week to Shattered Security: Lessons from the Sony PSP Exploit Saga
[ Please note that the message URL for "The Camel Fully Enters the Tent?" shown below has been updated as of 6/29/05. ] Greetings. It only took around a week for the exploit to evolve from unwieldy but powerful hack, to user-friendly production program, but the "signed-code" security system of the Sony PSP Portable running 1.5 firmware, designed to prevent the execution of pirated or other "unofficial" (e.g. homebrew) code, appears to have been obliterated. I note in: "The Camel Fully Enters the Tent?" ( Updated URL: http://www.eepi.org/archives/eepi-discuss/msg00108.html ) that only about seven days after the release on the Internet of an exploit permitting running of unsigned code via an "impractical for routine use" memory-stick swapping technique, rumors were already circulating that a program eliminating the stick swap was about to be released. This appeared on schedule this morning, meaning that for all practical purposes the widely available U.S. version of the Sony PSP with 1.5 firmware is now as fully exploitable as the original limited-quantity Japanese-market 1.0 firmware units. As mentioned in the referenced link above, Sony will attempt to minimize the damage from these events. But any path they choose is strewn with potential pitfalls. Newer firmware versions in shipped units may prove to be more difficult or impossible to hack through non-hardware-invasive techniques. But forcing firmware upgrades with new game releases may have the effect of actually suppressing purchases of legitimate copies of games, and encourage the use of pirated copies that won't trigger the firmware updates and the likely loss of the ability to run unofficial, homebrew programs. In an ever more pervasively Internet-connected world, it appears increasingly likely that any error -- any opening -- in the implementation of a security system for a "desirable target" will be quickly exploited and that exploit widely distributed -- and probably much more rapidly than the designers of the system would imagine in their worst nightmares. This is a security vulnerability "sea change" that we really haven't come to grips with either as technologists or as businesses, and it goes far beyond the running of programs on a portable gaming device. There's a key question that we need to explore. Given this new environment, to what extent do "closed" systems still make sense? The answers will vary between applications and situations, but it clearly is foolhardy in the extreme to simply assume that security paradigms, even those based on the most advanced encryption and signature models, will long remain invulnerable to successful attacks. These penetrations will range from those initiated by persons who are simply intellectually curious without evil or financial motivations, to individuals who may have very dark intentions indeed. Something to think about. --Lauren-- Lauren Weinstein lauren@pfir.org or lauren@vortex.com or lauren@eepi.org Tel: +1 (818) 225-2800 http://www.pfir.org/lauren Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org Co-Founder, EEPI - Electronic Entertainment Policy Initiative - http://www.eepi.org Moderator, PRIVACY Forum - http://www.vortex.com Member, ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com DayThink: http://daythink.vortex.com _______________________________________________ EEPI-Discuss mailing list information: http://lists.eepi.org/mailman/listinfo/eepi-discuss