PS4/PS5: TheFloW confirms he has a big vulnerability on PlayStation, with significant HackerOne bounty PlayStation hacker TheFloW has taken to LinkedIn to confirm he has been awarded yet another $10K by PlayStation’s bounty program on HackerOne. This indicates the researcher has indeed submitted a critical vulnerability to Sony. If and when it will be disclosed remains to be seen. PS5 Kernel exploit incoming ? The PS4 and PS5 have been “stuck” with Jailbreaks being only available on fairly old firmwares for quite some time now. Although this seems to be the rule now on PlayStation devices (and, as such, the advice to buy a console early and keep it on a low firmware from Day 1 remains the most valid piece of advice one can give in the PlayStation scene), this has understandably left a lot of users frustrated. However, back in September, TheFloW ignited the scene with a simple “don’t update” statement. The hacker was (no so) subtly indicating he had something big in store. There wasn’t much doubt that this was a Kernel exploit for either the PS5 or PS4 (or both), but his message this week on LinkedIn is another confirmation. The email he received from PlayStation’s security team reads: Thank you very much for the report! We have reproduced your findings, we have decided to rate the severity of this report as high and award you a $10’000 bounty Again, there is no indication of a disclosure for whatever chain of exploits this is, but in the past, TheFloW has been pretty consistent at getting his exploits publicly disclosed, with approval from Sony. It is however interesting to see that the hacker has decided to make the announce on LinkedIn rather than on Twitter, possibly to avoid the army of “ETAWEN” replies… Is HackerOne a blessing or a curse for the PS4/PS5 scene? People have taken to Twitter to say that HackerOne is damaging the scene, in particular since we’re at the mercy of Sony’s security team to decide whether an exploit will be disclosed or not. I personally think this situation benefits both the scene and professional hackers. As much as some people want to believe it, there is no way the scene could collectively gather enough money to consistently pay a $10’000 bounty for a Jailbreak. In my almost 20 years of experience in the scene now, I have seen countless attempts at gathering money to fund the efforts of security researchers: gathering more than $1000 for a very promising lead is the exception, not the norm. $10’000 would be a massive undertaking, not even mentioning the legality aspects of it. It is true that the PlayStation hacking scene is much less lively than in the PSP/PS3 days, but in my opinion this is mostly the result of: security of the new devices being significantly improved meaning a much higher entry barrier for people interested in tinkering more and more devices (e.g. phones) services (e.g. Epic, GOG, …), and the rise of the free-to-play gaming model allow people to play a lot of games for practically nothing nowadays, meaning (IMO) some of the appeal of playing emulators or pirated games (I know, shocking) on consoles is fading away fast the PS4 and PS5 are very similar to regular computer hardware and architecture. Some hackers such as FailOverfl0w have indicated that this impacted their motivation to work on the consoles. In my opinion, HackerOne is a blessing in disguise because I believe it keeps some hackers such as TheFloW interested, if only because it gives some “professional street cred” varnish to the hacking effort, for people who are already professionals in the field. What’s next for the PS5/PS4 Jailbreak status? At the point the only thing we can do is stay put. The hacker warned in September not to update your PS5. If your PS5 is on Firmware above 8.xx at this point (and unless you just got it for Christmas this year), you’ll only have yourself to blame if you missed out on whatever comes next. As far as PS4 is concerned, I remain convinced at this point that the easiest method is just to buy a second hand 9.00.
This content was originally published here.
