The PlayStation 3’s LV0 keys have been released, theoretically opening up the console to a wealth of new, potentially irreparable security troubles.
The release comes just a day after a PSN-enabled, firmware update 4.25-compatible, custom firmware update was released for hacked PS3 consoles.
Eurogamer is reporting that, in theory, the LV0 keys allow hackers to decrypt any system update that Sony may release in the future with minimal effort. With the keys, PS3 firmware can now be encrypted on PCs, and then encrypted again using past firmware versions to run on hacked consoles.
A group called The Three Muskateers has taken responsibility for the release of the keys, but says their leak only occurred due to the actions of Chinese hacking group named “BlueDiskCFW.” The latter group allegedly planned to use the Muskateers’ LV0 keys for personal profit, charging users for their use in custom firmware updates. According to the Muskateers, the keys were only leaked in order to prevent BlueDiskCFW from making money off the whole deal.
In a statement, The Three Muskateers said: “People should know that crooked personalities are widespread in this so called ‘scene’. Some people try to achieve something for fun together and make the wrong decision to trust others and share their results with them, but ofc there got to be the attention seeking fame ***** that has to leak stuff to feel a little bit better about him-/herself. Now the catch is that it works like this in every ‘scene’, just that in others it usually doesn’t come to light. The only sad thing is, that the others who worked on this won’t get the attention they deserve because they probably want to remain anonymous (also they don’t care about E-fame <3).
“PS: This is neither about drama nor E-fame nor ‘OMG WE HAZ BEEN FIRST’, we just thought you should know that we’re disappointed in certain people. You can be sure that if it wouldn’t have been for this leak, this key would never have seen the light of day, only the fear of our work being used by others to make money out of it has forced us to release this now.”
It’s a messy situation, to be sure, but not one entirely new to Sony. The first custom firmware to enable piracy—PSJailbreak—was released over two years ago, while hacker collective fail0verflow released tools to encrypt files within the PS3 just a short while afterwards. Some may also remember the legal disputes between Sony and famed hacker George “GeoHot” Hotz, after the latter publicly released the console’s root key last year.
Sony responded to those issues with firmware update 3.60, which largely repaired the root key problem and essentially locked out all those tinkering with the system. It remains to be seen, however, how the company will respond to this latest dilemma, or if it even can in the first place.