1. smf

    smf GBAtemp Psycho!
    Member

    Joined:
    Feb 23, 2009
    Messages:
    4,005
    Country:
    United Kingdom
    He had three vulnerabilities (1 high & 2 medium) out of his bluray talk, when he was invited to the bug bounty.
    The $40,000 one was in the first three & the other two were lower amounts, so I'm going to say that is probably from that.

    I look forward to more talks. The $25,000 one 4 months ago sounds like it might be kinda fun.
     
    Last edited by smf, Jul 9, 2020
    susi91 likes this.
  2. dannyb1

    dannyb1 Member
    Newcomer

    Joined:
    May 28, 2018
    Messages:
    43
    Country:
    United Kingdom
    The 40k one had to have led to a full blown JB.
    Got a feeling that this xploit might have been 1 of a few and may still have an xploit that can be taken over to the PS5.
     
  3. smf

    smf GBAtemp Psycho!
    Member

    Joined:
    Feb 23, 2009
    Messages:
    4,005
    Country:
    United Kingdom
    The high value exploit, that he was invited to the bug bounty around that time for, led to code execution on the ps3 & ps4 bluray drive, probably ps5 too. While optical discs are so 20 years ago, I'm sure if you could mod a ps5 drive and burn discs then it would cause sony a lot of problems.

    If those first three are not then not only did they omit adding the three from the video, but he had another high value one up his sleeve.
     
    Last edited by smf, Jul 10, 2020
    dannyb1 likes this.
  4. leonmagnus99

    leonmagnus99 GBAtemp Psycho!
    Member

    Joined:
    Apr 2, 2013
    Messages:
    3,645
    Country:
    Iraq
    can someone enlighten me to what that bounty thing exactly is?
    Does sony offer money to hackers to hand them over bugs they've found ?

    what for is that, so that the hackers that found the bugs don't release it to the public etc.?
     
  5. hippy dave

    hippy dave BBMB
    Member

    Joined:
    Apr 30, 2012
    Messages:
    6,078
    Country:
    United Kingdom
    Yes, roughly. In this case, for example, Sony paid theflow to tell them the bug first, rather than release it to the public before Sony knew about it. This way it's fixed in current firmware versions, so its usefulness is limited to a significantly smaller number of consoles, rather than being made available to every PS4, and Sony then pushing out a fixed firmware and hoping most people will update rather than stay on the vulnerable version for piracy lols.
     
    leonmagnus99 likes this.
  6. leonmagnus99

    leonmagnus99 GBAtemp Psycho!
    Member

    Joined:
    Apr 2, 2013
    Messages:
    3,645
    Country:
    Iraq
    damn, hmm i think if pirates had made 'theflow' an offer of 20k we would have had it up to the latest huh? xD
     
  7. hippy dave

    hippy dave BBMB
    Member

    Joined:
    Apr 30, 2012
    Messages:
    6,078
    Country:
    United Kingdom
    Maybe, or maybe he's one of those devs that likes to be "responsible", who knows.
     
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - release,