Hackers attending the GeekPwn conference in Shanghai have revealed a new exploit for PlayStation 4 running on the 4.01 firmware. In a live demo you can see below, once again the Webkit browser is utilised in order to inject the exploit, which - after a conspicuous cut in the edit - jumps to a command line prompt, after which Linux is booted. NES emulation hilarity courtesy of Super Mario Bros duly follows.
Assuming the hack is authentic - and showcasing it at GeekPwn makes the odds here likely - it's the first time we've seen the PlayStation 4's system software security compromised since previous holes in the older 1.76 firmware came to light, utilised by noted hacker group fail0verflow in the first PS4 Linux demo, shown in January this year.
The hack is also significant in that firmware 4.01 - or a prior version - is likely to be installed on the upcoming PlayStation 4 Pro, and the close compatibility and identical operating system used by the new hardware also makes that vulnerable to the same exploits. What is troubling about these Webkit exploits that periodically appear for PS4 is that they are granting full kernel access to the hardware, required in order to run Linux.
Read more…


More...