New PS3 Firmware Contains Backdoor

Vectormatic noted the rumor floating around that the most recent PS3 patch has a backdoor, and "Sony can now remotely execute code on the PS3 as soon as you connect. This can do whatever Sony wants it to do, such as verifying system files or searching for homebrew. Sony can change the code and add new detection methods without any firmware updates."

IRC

[Ogive17]

Wow, the "source" for this speculation is an IRC conversation.

Not that I respect Sony considering what they've done in the past but I think I'll hold off judgement for a bit longer on this one.

Not a rootkit

[Lord Byron II]

The "article" calls this a rootkit. The summary calls it a backdoor. Neither is strictly true.

Rootkits allow unauthorized users root level access and backdoors allow unauthorized remote users access. In this case, you're installing Sony software and this software allows Sony to autoupdate their software and remove cracks. This isn't much different from Chrome autoupdating or Firefox blacklisting certain extensions. The only real difference is that Sony might not have been all that forthcoming about the fact that this new firmware has this capability. My guess is that if you look at the EULA carefully, it does specify that they are allowed to do this.

I would suggest that if you think they have trampled on your rights, then take them to court. Sony will just keep making their firmware more and more "evil" until a sizable number of users stands up and says "no more".

Re:IRC

[ElectricTurtle]

As many have alluded and will allude to in this discussion, they *are* that dumb, as evidenced by the fact that they did it before [wikipedia.org].

Re:IRC

[LordLimecat]

Actually, they HAVENT done that before-- read the article you linked. That was a rootkit, not a backdoor; they are related but seperate. The BMG rootkit did not allow remote code execution; it instead took measures to hide its activity from visibility, causing havoc with some CD drives and assisting some viruses in the process.

Rootkit=/= backdoor. I know its fun to hate on Sony, and I fully support such positions, but lets not distort the truth here.

Re:I'm not so sure this is wrong anymore

[Svartalf]

Actually, the firmware mod opens it up to being further hacked (Do remember that they lost positive control of the ROOT signing key...meaning that ANYONE can MITM their update chain now...) as now hackers can put and remove things at will on their boxes. This means we should see the beginnings of PS3 Botnets all over the place eventually.

And this would make the second wrong move from Sony, with the OtherOS being removed being the first.

Re:IRC

[ElectricTurtle]

Never did I say rootkit==backdoor. The parent I was replying to was saying that Sony wouldn't do a thing that opened the PS3 to malware writers, and the rootkit, by *your* own example "assisting some viruses in the process" did exactly ... what? The same thing. Before. Do you get it yet?

Re:AGAIN, Sony?

[Moryath]

Actually, no. The Xbox360 won't execute code without permission.

The worst it currently does is check that your firmware and the game you are wanting to play are both up to date, and then if either check fails, tells you you will be signed out of Live (but still free to play the game in offline or LAN mode).

Could I see MS doing this in in the future? Possibly. But I really don't think they consider it that big a deal. The people who have a hacked Xbox360 are already pretty much staying offline anyways so it wouldn't do them much good to insert this kind of code.

Re:IRC

[webmosher]

I cannot attest to the current quality of Sony products, as I have refused to even look at their products for 15 years (well before all this rootkit business).

I was bilked by their shoddy products many years ago, and discovered then that Sony has very distinct lines of products: 1) High end... which are probably worth it, but which I will not touch simply because I think other companies provide better products for the same price point and 2) everything else, which is at various price points. While the external style of these various products is quite good, I personally feel the internal electronics are no better than buying bargain electronics brands like Emerson, RCA, etc.

Just my opinion though.

Re:IRC

[Entropius]

Panasonic, for one.

I used to have a Panasonic digital camera, of the "superzoom" type. The lens (which had the fastest aperture of any superzoom lens available) incorporated anomalous-dispersion glass and was well-designed, and thus had pretty low levels of chromatic aberration; the residual chromatic aberration had been characterized by the lens designer and was cleaned up in software in the camera. For what it was, it took amazing pictures.

Sony made a competing product. It had all sorts of shiny stuff advertised on the box -- lots of megapixels, various gee-whiz modes, "smile shutter", all sorts of stuff that can be marketed -- but the lens was *shit*, with nutty amounts of chromatic aberration, so it didn't matter what you did with it -- you weren't going to take good pictures at the long end of that lens, gee-whiz stuff or no, because the lens sucked.

Re:Companies are Collections of Individuals &

[BlueStrat]

A CEO should be held responsible for the actions of the company they run. Isn't that one of the reasons they earn those multi-million dollar pay packets.

Of course not, silly person!

They earn those millions because they won the "race-to-the-bottom" against all the other corrupt, amoral corporate executives competing for the position by being the most ruthless and amoral in their pursuit of money and power.

It's rather like a twisted "executive Darwinism" that's encouraged and enabled in the US by corrupt Progressive politicians in BOTH parties that have abandoned the Constitution and the rule of law starting about 100 years ago and having grown worse every year since because people can't be bothered to pay attention, educate and inform themselves, and then do something about voting them out.

Strat

Re:AGAIN, Sony?

[The Living Fractal]

You might as well replace "Sony" in your post with any of the top tech companies. Apple is even worse. And yet people have put their market cap at 300 billion. I think it's rather stupid of Sony to spend all this effort doing what they're doing, but I also think it's rather stupid of people like you to get on an internet forum and tell people to consider never buying sony, ever. The vast majority of people who buy a Playstation 3 love it. I own TWO. I love them. Sony wasting its time to prevent me from doing something I was never going to do in the first place is not going to change my experience of owning a PS3, and listening to you I never would've had that experience in the first place.