Learn, hack!

Hacking and security documentation: slides, papers, video and audio recordings. All in high-quality, daily updated, avoiding security crap documents. Spreading hacking knowledge, for free, enjoy. Follow on .

Playstation Portable Cracking

Chaos Communication Congress 24th (24C3) 2007
Indexed on
Mar 27, 2013
File name
File size
16.7 MB

The Sony PSP is over 3 years old yet barely a day has gone by without some part of it getting attacked. This lecture will go through how hacker ingenuity and systematic failures in Sony's hardware, software and business practices ended up completely destroying the hand held's security including some previously unreleased information about how it was achieved. As one of the original authors of the free PSP SDK, various hacking and development tools as well as being a member of the Prometheus project (better known as team C+D) I am in a unique position to discuss many of these aspects of PSP cracking from bitter experience. The Playstation Portable has been the battle ground between Sony and a small group of hackers for close on three years with Sony implementing new security measures and bug fixing firmware updates to keep people out, all the while the hackers have found more unprotected areas to go after. What nobody had realised was Sony had lost from day one. The lecture will go into detail on a number of different topics related to the cracking of the PSP. An overview of how Sony tried to make the system secure will be presented, to give an idea of how it was supposed to work. Then details about the various classes of attacks that were successfully made against the device and how they each related to a failure in Sony's implementation in one way or another. There will also be discussion on how the firmware was so easily taken apart and what mistakes Sony made in making their design "cleaner" while giving the attackers means to extract kernel information. The final part will describe roughly how in the end the security was completely defeated culminating in Pandora's Battery and the customised initial program loader (IPL). A lot of this talk could be taken generally as a lessons learned lecture for Sony's designers, hopefully they don't take much of it on board.

About us

Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.


Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.


To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.

Flattr this Click here to lend your support to: Keep live SecDocs for an year and make a donation at www.pledgie.com !