Hacking PS4 Security Analysis and Question

[IndieDeveloper]

Hey dudes, questions are being asked about the security of PS4 ( in my mind ). Given that PS4 uses ARM Truszone for memory security, probably key protection too and checking boot-chain after bootrom sets it up.
No one has ever tried to looking what is running on the same security level to see what is possible to do, without go in against hardware security.
With a little research you can see that ARM truszone is also used in IOS systems for kernel r/w.
Ideas ?

 

[Bergot]

Hey dudes, questions are being asked about the security of PS4 ( in my mind ). Given that PS4 uses ARM Truszone for memory security, probably key protection too and checking boot-chain after bootrom sets it up.
No one has ever tried to looking what is running on the same security level to see what is possible to do, without go in against hardware security.
With a little research you can see that ARM truszone is also used in IOS systems for kernel r/w.
Ideas ?

Dude, the ps4 scene have the most talented people out there who meddle with exploit..but none of them are willing to release a kexploit to Sony patch it in a few hours or days...wait for the EOL of the console or wait theflow to release a kexploit for a patched firmware ( 6.20..) the current firmware will never have a kex at the moment....

 

[IndieDeveloper]

Dude, the ps4 scene have the most talented people out there who meddle with exploit..but none of them are willing to release a kexploit to Sony patch it in a few hours or days...wait for the EOL of the console or wait theflow to release a kexploit for a patched firmware ( 6.20..) the current firmware will never have a kex at the moment....

what does this have to do with my "question/doubt" ? it's a speech about ps4 security, your answer has absolutely nothing to do with ^^

 

[Bergot]

what does this have to do with my "question/doubt" ? it's a speech about ps4 security, your answer has absolutely nothing to do with ^^

ok..if you think that nobody has thought about what you said..you are being naive..

 

[IndieDeveloper]

ok..if you think that nobody has thought about what you said..you are being naive..

no, I'm not naive.
It may be that no one has thought this, since the PS4 scene as an entry point only exploits the webkit (publicly, privately I do not know what and who has uses )

 

[MostlyUnharmful]

It may be that no one has thought this, since the PS4 scene as an entry point only exploits the webkit (publicly, privately I do not know what and who has uses )

Two years ago the guys behind fail0verflow posted a PoC on how to achieve permanent(?) code execution on Aeolia and Belize (plus an exploit on the HDMI CEC), so I'm aligning with @Bergot on this one. ^__~

Also attacking the browser is easy because usually is someone else doing the legwork, someone showed another WebKit RCE a few weeks ago IIRC.