Well, it’s been quite some time now, since Bitwig released a Beta version to selected testers. After Ableton showed us new features for their upcoming release of Ableton Live 9, now Bitwig shows us a new video of their latest development progress in handling VST-plugins.
Now VST Support looks like having become fully integrated with integrated crash protection: when a VST plugin crashs the Bitwig will not crash aswell. Bitwig will instead allow to reload the crashed plugin or even to reload all plugins.
Obviously notorious George Hotz has managed to get all 7 SPUs of the Playstation 3’s CPU under his control. This means although he cannot access the CPU’s root key, he now can decrypt everything that’s going thru these SPUs like datastreams of (encrypted) commercial games.
The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.
In the meantime another hacker going under the nick XorLoser has released a more detailed manual of how to use GeoHot’s exploitation files and how to do the glitching.
Besides that XorLoser maintains a plugin for reverser’s beloved Interactive Disassembler (IDA) that contains special PPC instructions for Xbox360 and PS3.
Congratulations to GeoHot. Kudos fly out to XorLoser.
Notorious iPhone hacker GeoHot has succesfully circumvented the Playstation’s security system. According to his latest blog entry, he has dumped LV0 and LV1 code, thus allowing him to (theoretically) run code on the processor, bypassing the hypervisor.
The Playstation’s hypervisor is intended to run third party software (like Yellow Dog Linux) on a virtualized level, thus maintaining system integrity and protection of the host system. Within this virtualized environment arbitrary access to certain hardware devices has been disabled, thus allowing only basic access to the graphic processing unit (GPU) for example.
GeoHot seems to have broken the chain of trust. This means he can bypass the hypervisor to directly access hardware like the GPU with his custom code. Anyway he has not released any further information or proof of his work. But hey, it is not anyone, it is GeoHot, so it seems solid.
We compiled some links for people being interested in the hypervisor protection topic.
Apple has released a technical note recommending the use of Mac antivirus software. For the first time Apple admits that Macs need protection like other operating systems aswell. Apple recommends three Anti Virus solutions:
The open source virus scanner ClamXav is not mentioned. Besides the major players Symantec and McAfee we can hope that Kaspersky also ports a version of their Anti Virus software soon. Or as Apple says:
“Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.”