14 DAY TRIAL // Hackers claim that Sony has included a rootkit-like component in the latest 3.56 PlayStation 3 firmware update, which allows it to execute any code on people's gaming consoles.
The claim was made last week by French PS3 hacker Mathieulh. "3.56 pretty much has a built in psn [PlayStation Network] rootkit," he wrote on IRC.
The accusation refers to a feature Sony allegedly plans to use in order to ban people with hacked game consoles from the PlayStation Network.
The rootkit would allow Sony to automatically push code to check the integrity of system files, detect custom firmware, search for installed homebrew apps or pirated games and pretty much anything else the company wants.
"The server awaits a proper reply and that reply isn’t in the firmware," Mathieulh pointed out, as proof that remote code will be executed on the fly in order to obtain that reply.
Moreover, Sony will reportedly force users to install this rootkit by preventing them from playing on the PlayStation Network unless they have the new firmware version installed.
Ever since hackers published the ECDSA root key used to sign all software that runs on the PlayStation 3 at the end of December, the company has taken several unpopular decisions.
First, if filed a lawsuit against renowned iPhone and PS3 hacker George "geohot" Hotz and others believed to have contributed to cracking PS3's security mechanisms.
Then it obtained a temporary restraining order against geohot which forced him to remove all jailbreaking tools and information from his website and YouTube channel.
The hacker was also told to hand over any computer and storage equipment containing PS3 hacking information, an order his lawyers plan to appeal.
Sony is no stranger to using rootkits in order to enforce copyright protections. In 2005, researchers discovered that Sony BMG CDs automatically installed a rootkit on Windows systems.
The rootkit opened security holes that other malware could exploit and the revelation resulted in several lawsuits being filed against the company in US and other countries.