Fail0verflow is the code name of the PS3 vulnerability found and revealed at 27th Chaos Communication Congress by hackers (bushing, marcan and sven). Fail0verflow is a way to overflow the bootup via replacing the NOR flash on startup. According to team “ PS3 totally failed in security, and the signing keys are there inside everyone’s PS3 Console ” Basically they found the PS3 private keys and this will allow anyone to sign executables and run them on any retail PS3.
Primary goal of the team is to have Linux running on all existing PS3 consoles, whatever their firmware versions.
- Update 1 : PSGroove brings more light on fail0verflow, according to (PSGroove) “ Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs Following this, the team declared Sony’s security to be EPIC FAIL!
The recent advent of these new exploits means current firmware is vulnerable, v3.55 and possibly beyond. It will be very difficult for Sony to fix the described exploits.
- Update 2 : Fail0verFlow official website http://fail0verflow.com/ (under update) and official twitter account http://twitter.com/fail0verflow.
- Update 3 : Current PS3 Firmware (v3.55) is vulnerable and downgradeable, Dongle-less PS3 JailBreaking.
- Update 4 : Video clip from 27th Chaos Communication Congress
We’ll update this space time to time, so keep your eye on us.
For more news on this project or many other stuff make sure to subscribe to our free once in a day e-mail news letter to get all the Latest updates on PS3 related hacks and news directly in your Inbox. Which will provide you with all the news before anyone else knew about it. You can also join us on Facebook and Twitter.