Submitted via IRC for SoyCow1984
Cryptography failure leads to easy hacking for PlayStation Classic
Plug-and-play hardware lacks even basic functional security for crucial bootrom.
In the days since the PlayStation Classic's official release, hackers have already made great progress in loading other PlayStation games (and even non-PlayStation software) onto the plug-and-play device. What's more, it seems some sloppy cryptography work on Sony's part is key to unlocking the device for other uses.
Console hackers yifanlu and madmonkey1907 were among those who were able to dump the PlayStation Classic's code via the system's UART serial port in the days after its release. From there, as yifanlu laid out on Twitter, the hackers found that the most sensitive parts of the system are signed and encrypted solely using a key that's embedded on the device itself, rather than with the aid of a private key held exclusively by Sony. In essence, Sony distributed the PlayStation Classic with the key to its own software lock hidden in the device itself.
takyon: PlayStation Classic is an ARM-based video game console that ships with the ability to play 20 preloaded games made for the original PlayStation console (released in 1994). Sony will not add additional games, but since the console uses the free and open source PCSX emulator and can be easily hacked, adding new content shouldn't be a problem.
(Score: 1, Informative) by Anonymous Coward on Thursday December 13 2018, @02:54AM
Most places recommend that if you have the know-how, you should use an x86-based SBC. The reason is that the better profiling data, assembler optimizations, and I/O mean that you get better performance with less powerful hardware.