"Sony didn't bother generating any random numbers to secure the blasted thing."
Not to bash Sony, but I think the interesting point here is that creating secure systems is actually a really hard problem. Creating usable secure systems is an even harder problem.
Actually, I think the interesting point is all the theory and practice around secure systems is pretty sound but one very simple human error can cause it all to tumble down. I imagine just have one or two more eyes on the problem would have caught this and then the PS3 would have remained secure.
I wonder if anybody at Sony has come up with the conclusion that it's always going to get hacked, and the money they spend trying to secure it(along with the bad press) could be better focused in other areas of the company.
It seems unlikely; if they're not seen as doing something to fight piracy on the platform, even if that something amount to throwing some money down a hole, they could see publishers abandon them, which would cost them more money in the long run than paying a couple of firmware devs to play sisyphus.
You seem to be missing "Business 101" --The continuous
cracking-fixing-cracking cycle results in press coverage and hence, free
advertising for Sony as well as making the product more desirable to
some fraction of potential buyers.
The problem is, most of the revenue is made from licensing to game
producers rather from console sales, so unless there is some token
effort to keep the console "secure," the real revenue stream would
disappear.
What I still find hard to believe is that the whole "cracking" effort was based around the fact Sony removed OtherOS and they (the hackers) wanted to return it to the people who paid for it. I still can't seem to find a workable solution to re-enable it or install a custom Linux distro on my PS3...
I believe that AsbestOS (http://marcansoft.com/blog/2010/10/asbestos-running-linux-as... seems most authoritative) is what you're looking for. It's early; you need to netboot a PPC linux kernel, but that blog post mentions pretty much everything that you need to do to get linux running in GameOS. I can't find anything about a root-key signed version of AsbestOS that allows booting without the USB hack, but I could have sworn that I had found it earlier today. Maybe somebody else can give a link?
I didn't expect them to hack it into the firmware overnight, but I thought maybe somebody would have re-signed OtherOS.self for > 3.15 firmwares on phat PS3's, created a homebrew bootloader or developed a basic proof of concept. All i've seen so far is people developing backup managers and PSN hacks.
"Sony didn't bother generating any random numbers to secure the blasted thing."
Not to bash Sony, but I think the interesting point here is that creating secure systems is actually a really hard problem. Creating usable secure systems is an even harder problem.
See Schneier: http://www.schneier.com/blog/archives/2009/08/security_vs_us...