Did Sony Install A Rootkit On Your PS3?

For Sony’s sake there had better be nothing to this next story. A particularly nasty rumor currently spreading around the place where rumors tend to spread around quite easily, the Internet, suggests that the latest PS3 firmware, version 3.56, has a rootkit that can remotely execute code without your knowledge or approval. It’s 2005 all over again!

Best to just copy-paste the report:

Essentially Sony can now remotely execute code on the PS3 as soon as you connect. This can do whatever Sony wants it to do such as verifying system files or searching for homebrew. Sony can change the code and add new detection methods without any firmware updates and as the code executes remotely there is no reliable way to forge the replies.

Whilst it is possible to patch or remove this code from the firmware this will likely mean the end of playing CFW online (as PSN can just check before login that this is active) or at the very least mean it will be even easier for Sony to detect and ban users.

Granted, the other day I spelled out exactly why I don’t have a problem with Sony wanting to keep its PlayStation Network as clean as a whistle, but I’m not really sure surreptitiously enforcing that is the way to go.

At the very least Sony could try to be honest with its users. “Look, we don’t want people playing with custom firmware on PSN, so we’ve installed a mechanism in the latest firmware update to check your console as soon as it connects to our servers.”

A little honesty can go such a long way here. I genuinely don’t understand why companies insist on obfuscating their every move.

Keep in mind this is all based on one man’s analysis, analysis that was pasted into an IRC room. Don’t throw out your back re-arranging grains of salt, etc.