A few months ago a famous hacker announced that he had achieved install the PPSSPP emulator on a PlayStation Portal, allowing the game to be played locally Grand Thef Auto: Liberty City Stories. The news was very well received by the scene community, but because this hacker is a professional who works for Google and has reasonable ethical standards, he decided to inform Sony about finding him so that they could do something about it. . And that is what has happened.
Hacking the PlayStation Portal
It was to be expected that the first job involved in software modifying a PlayStation Portal would be to run external code that would allow the streaming device to be used as a portable console. And that use is what many users expected to find in the PlayStation device, so Andy Nguyen got started with it. Employed at Google within the cloud vulnerability research department, he worked alongside another company engineer to find errors in the PlayStation Portal, and that is how they found a method to install the well-known PSP emulator.
We responsibly reported the issues to PlayStation. Bugs are fixed on 2.06. https://t.co/0B38HRaaaw
—Andy Nguyen (@theflow0) April 2, 2024
The result was quite surprising and completely functional, however, because the hack took advantage of serious vulnerabilities in the device, the researchers decided to inform Sony so that it was aware of the security hole and could patch the problem. That's just what they did, since the last 2.06 update of the device plugs the holes of shame.
Beaten by the community
The most surprising thing is that after discovering the errors, demonstrating their power and informing how to fix them, good Nguyen is being attacked on social networks. Many users blame the decision to inform Sony of the bug, since the options to install emulators have disappeared.
Did you find vulnerabilities beyond just PPSSPP installation? Could you foresee this leading to actual data leakage or financial information being stolen from the “hack”? If so, I totally get where you're coming from & would agree. If it's just a decade+ old emulator? Nah this is…
— Smash JT (@SmashJT) April 3, 2024
Andy assures that, if they did not report, reporting the errors publicly would have had the same outcome, and it is most likely that they would be sued by Sony for exposing a security problem so openly. If they had published a tool or steps to follow to install external software, Sony would have found the fault immediately, and would have been forced to sue whoever had published the details.
Impossible not to update
The problem for those interested is that the device forces you to update the firmware the moment you turn it on for the first time to configure it, so it is impossible to avoid the new version of the system on newly purchased consoles. We will have to wait for future methods and solutions, but it is clear that Sony will follow the trail to prevent its console from being used for purposes other than playing remotely with your PS5.
Source: Andy Nguyen
Vía: IGN