Desert Bunker

PS Jailbreak: Backed up games and unsigned code now possible on the PS3

The PS3 is now capable of running backed up games from either the internal HDD or an external drive with the use of a USB device that puts the PS3 into developer/debug mode. It doesn’t appear to be an exploit.

News of the device first hit, at first with many users claiming it to be fake. But after several test units began being sent to well-respected scene members, it was confirmed that this magic little device is the real deal.

Here’s a video of the USB dongle in action, loading a game supposedly already backed up on the drive:

Not only will you be able to back up your games to a hard drive, but it is now possible to run unsigned homebrew code on your console, so one can only imagine what sorts of exciting things will be developed.

Oh, and for those of you with PS3s and an extra $120, you can purchase this device right now from these guys:

Clones are apparently already being made, after a few have identified the guts of the goods. The dongle was identified to have the Atmel ATMEGA32U4 micro-controller. Expect a few good copycats and possible malicious attempts to make a quick buck from the uninitiated buyer.

As for Sony, they haven’t commented on the situation. But I’m pretty sure they must be throwing a fit over this, especially since the PS3 is just beginning to make money and outsell the competition. Many fear that Sony may further cripple the PS3 and decide to do something drastic, such as disable USB functionality altogether. Although it’s unlikely that Sony would do such an injustice to users, Sony’s been known to take desperate measures for even the slightest signs of a weakness in their flagship video game console.

Update: Based on the information here, the PSJailbreak ATMEGA chip is NOT updatable. Replacing the hardware is the only way to update the device, if at all. They also go in to detail about how the PSJailbreak works:

We can confirm that PSJailbreak is in fact no simple clone of Sony´s “Jig” modul, instead it´s an honest, self developed exploit. The Chip inside is no PIC18F444 but an ATMega with USB-software. That means that the chip is capable of internal USB emulation. PSJailbreak mainly emulates a 6-port USB-hub to that several USB-devices get connected and disconnected in a speciffic sequence. One of these devices has the ID of Sony´s “Jig” modul, so that means that the “Jig” played a certain role during the development of PSJailbreak.

But first things first: When switching the PS3 on, a device is connected within the USB-emulation, which has a too large configuration descriptor. This discriptor overwrites the stack with contained PowerPC-code that is executed. Now various other devices get connected within the emulation. One device has a 0xAD large descriptor that is part of the exploit and contains static data. Short time later (we´re talking about milliseconds here) the “Jig” gets connected and encrypted data is sent to the “Jig”.
An eternity later (in milliseconds that is) the “Jig” answers with 64Bytes of static data, all USB-devices get disconnected, a new device is connected and the PS3 restarts in a new look.

Brought to you by: DesertBunker

Categorised as: Games, Hardware, News, Software, Videos

Leave a Reply