The Sony PlayStation 3 hack deciphered: what consumer-electronics designers can learn from the failure to protect a billion-dollar product ecosystem

Mike Borza, Elliptic Technologies
EDN (May 19, 2011)

What threats are designers of consumer-electronic products up against when trying to secure their platforms against attacks? A robust platform security system that begins with a clear set of security objectives is key to meeting the attacker challenge and surviving and recovering from similar onslaughts.

The Sony lawsuit against George Hotz (aka "GeoHot"), one of the hackers from the "fail0verflow" team responsible for the hack that opened up the PS3 (PlayStation 3) gaming and media console, has been settled, but at this time, controversy continues to swirl around the incident and the hacker involved. The settlement brings to a close the latest chapter in a lengthy process to completely break down the console's security system, which began with the announcement at 27C3 (the 27th Chaos Computing Congress) in December 2010 that the group had obtained the root code-signing keys on the platform. This conquest, in turn, allowed group members to install any software of their choice on PS3 consoles, in effect obtaining total control of the platform.

The PS3 hack is similar to many attacks on security systems: It is not really one hack, but rather an incremental series of attacks made over a period of time, which successively defeat various security subsystem features via a variety of techniques. These kinds of attacks often take place over many days or weeks and use knowledge gained in each successful stage to advance to the next stage. For example, one of the earliest initiatives was a physical attack that induced glitches on the memory bus, enabling the hackers to take control of the operating system and perform additional investigations. The PS3 hack can teach designers much about how to approach and plan platform security.

Click here to read more ...