PS3 Gets Rooted

" Thomas Hesse, President of Sony's Global Digital Business, literally says: "Most people, I think, don't even know what a rootkit is, so why should they care about it?"
This statement was made 5 years ago, When Sony was Sues for the Root-kit Fiasco 5 years ago.

What is a root kit?
A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. The term rootkit is a concatenation of "root" (the traditional name of the privileged account on Unix operating systems) and the word "kit" (which refers to the software components that implement the tool). The term "rootkit" has negative connotations through its association with malware.[1]
Typically, an attacker installs a rootkit on a computer after first obtaining root-level access, either by exploiting a known vulnerability or by obtaining a password (either by cracking the encryption, or through social engineering). Once a rootkit is installed, it allows an attacker to mask the ongoing intrusion and maintain privileged access to the computer by circumventing normal authentication and authorization mechanisms. Although rootkits can serve a variety of ends, they have gained notoriety primarily as malware, hiding applications that appropriate computing resources or steal passwords without the knowledge of administrators and users of affected systems. Rootkits can target firmware, a hypervisor, the kernel, or—most commonly—user-mode applications.
Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternate, trusted operating system; behavioral-based methods; signature scanning; difference scanning; and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only alternative.

Where has this "Root Kit " been installed into?
"Sony's" Playstation 3 (tm) Firm Ware 3.56 has added this "Security feature" to the PS3.

You Decide is this a good thing or bad thing?

This story is inappropriate and should be flagged for moderation. Please choose from one of the following options:

You have indicated this comment should be removed.

Close

The comment has been submitted for review. Thank you .

lee98632 says ... on Friday, Mar 25 at 10:37 PM

there has been an update, it turns out that the Other OS may have been removed due to Finical reasons and not Security reasons.

lee98632 says ... on Tuesday, Feb 22 at 1:57 PM

Now as for all this mess, I am not sure what is going to happen. Sony could win, Sony would lose. but there must be reason enough to investigate the CFAA . I could see how it could relate to a root kit though.

lee98632 says ... on Tuesday, Feb 22 at 1:54 PM

Sony’s motion to dismiss is granted, with the exception of the claim under CFAA. The motion to strike is denied. Plaintiffs shall file any amended complaint within 20 days of the date of this order. IT IS SO ORDERED.Dated: 2/17/11 RICHARD SEEBORG

Anonymous says ... on Tuesday, Feb 22 at 1:51 PM

18 U.S.C. § 1030(a)(5)(A)(i) While Sony does not expressly address the fact that the complaint contains a separate count under Cal. Bus. & Prof. Code §§ 17500 et seq. for false advertising, the same issues apply.

lee98632 says ... on Tuesday, Feb 22 at 1:50 PM

Plaintiffs contend that Sony violated the CFAA by “knowingly caus[ing] the transmission of a program, information, code, or command, and as a result of such conduct, intentionally caus[ing] damage without authorization, to a protected computer.”

lee98632 says ... on Tuesday, Feb 22 at 1:45 PM

save for getting charged with the Computer abuse act. hard to say they'll probably win.

notcoolsony says ... on Tuesday, Feb 22 at 11:07 AM

thats not an investigation, thats a lawsuit. one in which sony is doing very well seeing as most of it has been dismissed.

Anonymous says ... on Monday, Feb 21 at 11:27 PM

wait you said there was no investigations? there is an investigation in the form of a lawsuit?

Anonymous says ... on Monday, Feb 21 at 11:01 PM

I have not the money to test the console..but wouldn't you agree we would need to test it to see if it is actaully true? who has the money to prove or disprove?

Anonymous says ... on Monday, Feb 21 at 11:00 PM

It is a good discussion were having. But, can you say for a fact that SCEA does Not have a root kit in it? we can go on and on. both citing sources and resources. but waht needs is a test.

notcoolsony says ... on Monday, Feb 21 at 10:57 PM

um, with these time stamps, i am thinking that lee98632 & anonymous are the same person. lee, werent you just calling people cowards on one of your articles for them hiding behind multiple names?

Anonymous says ... on Monday, Feb 21 at 10:56 PM

If you do, when you updated, did you read the new PSN ToS? or did you just click accept? that tos would have given you a hint.

Anonymous says ... on Monday, Feb 21 at 10:55 PM

well there is one sure way to find out, if they do not have a root kit, load a PS3, up with a Jail break version see what happens. Also one quick question? Do you even own a PS3? if

Anonymous says ... on Monday, Feb 21 at 10:52 PM

You also can try calling Sony, and asking them directly as I did. I got a reply that was rather unexpected she had said e don't have any further information and we don't have any information the same breath. Which is confusing in its self.

lee98632 says ... on Monday, Feb 21 at 10:48 PM

they have to get a certain number of files first. I know I contacted them it takes 4 weeks to process a claim. also check out SCEA what the BBB..I believe they still have an F

notcoolsony says ... on Monday, Feb 21 at 9:34 PM

@ LEe, so your proof is someone elses word? i googled it and found what you talked about, it means nothing. you have too much time on your hands and should get a job.

notcoolsony says ... on Monday, Feb 21 at 9:26 PM

@ anonymous, i just went to the FTC website and on there, anyone can see all of their investigations, its public knowledge and there is no investigation into sony for anything to do with the ps3, only the stuff about sony bgm. these are lies.

Anonymous says ... on Monday, Feb 21 at 9:01 PM

to there ToS being un fair.but those are of a private nature and can not be posted here as it is an investigation process.

Anonymous says ... on Monday, Feb 21 at 8:59 PM

Ka2 won't allow it and i understand why. Google Mathieulh ps3 root kit..you might to want to have chrome at the ready, it can translate to English. also the FTC has been sent a number of letters with regards to this as well as letters with regards

Anonymous says ... on Monday, Feb 21 at 8:56 PM

it appears we can not post a link to said subject

Anonymous says ... on Monday, Feb 21 at 8:55 PM

If indeed the PS3 has been rooted, then we will be repeating history all over again.and that is a scary thaught to relive 200-2007 BMG all over again.

lee98632 says ... on Monday, Feb 21 at 8:53 PM

@notcoolsony you are also right in it can not be proven as of yet, Nor can it be dis-proven , Seeing how only one hacker has had the means to peek into the FW.

lee98632 says ... on Monday, Feb 21 at 8:45 PM

@notcoolsony: Sony can also modify the code without a new firmware release, and thus add new detection methods. The firmware is not yet active. don't ask me to translate the entire page.

Anonymous says ... on Monday, Feb 21 at 8:36 PM

It is in dutch.

lee98632 says ... on Monday, Feb 21 at 8:33 PM

only one person can verify it He is a hacker his id is: Mathieulh and he is from France . So far only hackers are privy to much of this information, On how he discovered it. but, none the less he did.

Anonymous says ... on Monday, Feb 21 at 8:25 PM

do so and you hereby give SCEA your express consent to monitor and record your activities and communications.

lee98632 says ... on Monday, Feb 21 at 8:25 PM

@notcoolsony it states in the ToS Unless otherwise required by applicable law, there is no requirement or expectation that SCEA will monitor or record any activity on Sony Online Services, including communications, although SCEA reserves the right to

notcoolsony says ... on Monday, Feb 21 at 5:36 PM

@ darkstormbrewing, the other thing i'm wondering is, i've read that it's only doing firmware checks and looking for jailbreak sticks. where is the proof that they are looking for any more than that?

notcoolsony says ... on Monday, Feb 21 at 5:34 PM

@ Lee98632, but, they got into trouble because they were taking info from people to sell to third-parties, do you have proof that they are doing this again?

notcoolsony says ... on Monday, Feb 21 at 5:32 PM

but most devices "phone-home" when connected to their respective services. what makes this any different? where is the proof that they can shut down or remotely control my ps3? i'm asking for actual proof, like code showing what/where it is.

lee98632 says ... on Monday, Feb 21 at 4:37 PM

On January 30, 2007, the U.S. Federal Trade Commission (FTC) announced a settlement with Sony BMG on charges that their CD copy protection had violated Federal Law

lee98632 says ... on Monday, Feb 21 at 4:15 PM

The moment it logs into the PlayStation Network is when said Kit would kick in.

Anonymous says ... on Monday, Feb 21 at 4:08 PM

another form of Proof is that your IP will notice a great deal more trafic then ususal. You can call your ISP and ask for what devices are sending waht each has an IP adress that you can look up and trace.

lee98632 says ... on Monday, Feb 21 at 4:04 PM

yes, there is proof and it is in Sony's very own ToS. When ever an entity can chose to remove, shut down or remotely control any ones computer or run code with out there Knowledge, that is a root kit.

notcoolsony says ... on Monday, Feb 21 at 1:24 PM

wow. do you have any sort of proof that a root-kit was installed? real proof?

darkstormbrewing says ... on Monday, Feb 21 at 10:44 AM

"Users can continue to use the PS3 system offline or use services that do not use PlayStation Network."

Anonymous says ... on Monday, Feb 21 at 10:16 AM

Does this mean that the PS3 can now be sued to collect any and all my data up on signing into the PSN including sites I have visited? I do not like that Idea.

kratos says ... on Monday, Feb 21 at 5:55 AM

good thing "it only does Everything"

Add a comment

Name:

Comment: 250 Characters Left

KATU.com and its affiliated companies are not responsible for the content of comments posted or for anything arising out of use of the above comments or other interaction among the users. We reserve the right to screen, refuse to post, remove or edit user-generated content at any time and for any or no reason in our absolute and sole discretion without prior notice, although we have no duty to do so or to monitor any Public Forum.