Notorious iPhone hacker GeoHot has succesfully circumvented the Playstation’s security system. According to his latest blog entry, he has dumped LV0 and LV1 code, thus allowing him to (theoretically) run code on the processor, bypassing the hypervisor.
The Playstation’s hypervisor is intended to run third party software (like Yellow Dog Linux) on a virtualized level, thus maintaining system integrity and protection of the host system. Within this virtualized environment arbitrary access to certain hardware devices has been disabled, thus allowing only basic access to the graphic processing unit (GPU) for example.
GeoHot seems to have broken the chain of trust. This means he can bypass the hypervisor to directly access hardware like the GPU with his custom code. Anyway he has not released any further information or proof of his work. But hey, it is not anyone, it is GeoHot, so it seems solid.
We compiled some links for people being interested in the hypervisor protection topic.
» GeoHot: Hello hypervisor, I’m GeoHot…
» WeboPedia.com: Virtualization – All About Hypervisors…
» PS3News: Overview on Security architecture of the PS3…
» PS2Dev Wiki: Details about hypervisor functions of the PS3 and Toshiba’s CellEB…
» PS3News: A PS3 Game’s Flow of Execution; PS3’s base AIX…
Massive Attack: Protection (1995)…
Pingback: [PS3] Sony To Remove Linux Support for PS3
Pingback: [PS3] GeoHot Reenables “Other OS” (Linux) Support