HACKERS WASTE NO TIME when it comes to cracking into retro remake consoles, and Sony's PlayStation Classic is the latest to be hijacked.
Thanks to what appears to be weak cryptography in the security of the plug-and-play console, console hackers madmonkey1907 and yifanlu were able to get access to the dinky console code through its UART serial port.
Stream in an hour. It'll just be me laughing for the whole night. pic.twitter.com/nUrYmvCG4E— Yifan (@yifanlu) December 6, 2018
If you're au fait with messing with code and all that jazz then hacking the PlayStation Classic looks to be pretty easy thanks to the consoles sensitive code parts being encrypted and signed using a key that's embedded onto the machine; for hackers, that makes it a doddle to decrypt and get messy with the console's code.
Once hackers have got to the innards of the PlayStation Classic they can effectively load what they like onto the console, from other original PlayStation games to software you'd never expect on a PlayStation console.
While Nintendo's Classic Mini NES and SNES console have been hacked in the past, they take a lot more effort, but it looks like the PlayStation Classic is a lot easier to get into.
Doing all this does looks like it takes a lot of code wrangling, so might not be a beneficial hack for people not keen on editing INI files or databases. But the whole thing does point to a lack of security baked into the console, which when firms like Sony aren't keen on piracy and copyright being breached seems like a major oversight.
The hackers did a Twitch stream of their PlayStation Classic cracking, which Ars Technica watched and noted that the new-old console doesn't seem to perform any form of the signature checks at all when sensitive bootrom code is loaded when the console starts up. As a result, this makes it pretty easy to plonk any code on the hardware through a USB device at the console's startup stage.
If you're digging all this, then one thing to be aware of is sine formatted payloads can end up messing with the console's code a little too much and end up bricking the machine; as ever proceed with caution. µ
We should be shocked, but...
But the search giant has now squashed the bug
But it's not yet available here in Blighty