The PS3’s system software and security features have been blown wide open after publication of the console’s LV0 decryption keys. The LV0 keys allow access to the lowest level of the system, known as “root” access, giving hackers access to every system function, including creating custom firmwares that allow PSN access.
The LV0 keys are used by the console to decrypt firmware updates and verify its authenticity, and is installed in every PS3 console released to date. A launch 60GB console has these keys and allows it to be updated to the latest firmware. The release of the keys means the decryption process can happen on a PC, allow the files to be modified (e.g. custom firmware) and then re-packaged up to appear like a official firmware release.
Apparently the hack (and the key decryption) has been known about for some time, but a Chinese hacking group, dubbed “BlueDiskCFW”, planned to charge for and release new custom firmware updates. This led the original hackers, who discovered the keys and initial hack, to release the keys into the wild to prevent the Chinese hacks from profiting.
Within 24 hours, a free custom firmware has also been released that apparently allows PSN access. Naturally, installing a custom firmware on your console could render it useless or “bricked”, so be cautious if you plan on installing it.
“You can be sure that if it wouldn’t have been for this leak, this key would never have seen the light of day, only the fear of our work being used by others to make money out of it has forced us to release this now,” said a statement from the hacker group.
The LV0 keys may be patched in the v4.30 firmware update, expected to be released today. But since the leak is still very new, it will likely be patched in the near future.