You know you’re crooked when “users can run the software they want on their own hardware” causes the sky to fall.
PS5 ROM Keys Leaked: Sony’s Unpatchable Security Nightmare (2026) | The CyberSec Guru
Submitted 2 days ago by commander@lemmy.world to games@lemmy.world
https://thecybersecguru.com/news/ps5-rom-keys-leaked/
Comments
chunes@lemmy.world 2 days ago
lepinkainen@lemmy.world 2 days ago
And EU is pounding Apple to get 3rd party app stores on its platform.
Meanwhile at Sony:
Rooty@lemmy.world 2 days ago
Yeah, this is a boon for the end user, and a loss for rootkit distributor Sony.
gegil@sopuli.xyz 2 days ago
If ps5 hack will allow running linux on it, i will run linux on it.
poVoq@slrpnk.net 2 days ago
That is already possible, but the hacks to get it actually to run are quite annoying and limited to a few older versions AFAIK.
Hopefully with this you can just boot Linux normally on a PS5 in the nearish future. Would definitely make for a nice Steam Machine.
WhatGodIsMadeOf@feddit.org 2 days ago
Isn’t there a lot of custom hardware that would require drivers to allow it to work effectively?
P1nkman@lemmy.world 2 days ago
Would definitely make for a nice Steam Machine.
That would be absolutely brilliant!
Surp@lemmy.world 1 day ago
That’s what I wanna do with my PS5 make it a steam machine
SalamenceFury@lemmy.world 2 days ago
Oh Sony is actually cooked now.
I give it a month before unlocked PS5s are everywhere, and maybe six months to an year before a full on PS5 emulator.
pory@lemmy.world 2 days ago
Sony isn’t even cooked, man. Piracy is a non issue to the bottom line. The Switch had this plus fully functional pirate installers in like, month 2 and Nintendo still sold a morbillion copies of TOTK despite all the hackable consoles on the market (and the maturity of emulators)
SomethingBurger@jlai.lu 2 days ago
The GBA had a working emulator before it even came out.
Kushan@lemmy.world 2 days ago
It’s really not. Literally the same thing happened with the PS3, arguably that was much worse and it didn’t cook Sony at all.
pory@lemmy.world 2 days ago
Piracy never ever actually hurts big companies. Game consoles make their entire business on selling “just plug it in and click the prompts and play the game, ezpz” as a lifestyle. It doesn’t matter how fully hacked a console is or how easy it is to hack them, the percentage of users that’ll mod and pirate is always miniscule.
Look at sales numbers for Pokemon X and Y, which released when the 3DS was ironclad. Compare them to Pokémon Omega Ruby and Alpha Sapphire, which released when 3DS piracy required a $100 flashcart and an ancient system firmware with no downgrade route. Compare those to Pokémon Sun and Moon, which released when five minutes with an SD card and a magnet would let you pirate the game directly from Nintendo’s own fucking server. Notice a pattern? No you don’t, they all sold like hotcakes.
Lojcs@piefed.social 2 days ago
Why is it always game consoles that get these leaks and not like, phone firmware or gpu vbios
MoogleMaestro@lemmy.zip 2 days ago
I think it’s just the amount of love for game consoles is much higher than phones, where people are a bit complacent.
I do agree it should happen more often.
krooklochurm@lemmy.ca 2 days ago
Also there are SO many phones.
There’s only a few ps5s. I’m not sure if they share the same code that’s been leaked here but probably.
Gerudo@lemmy.zip 2 days ago
Consoles have extremely limited variations, less variables to mess with. A ps5 is a ps5, but a Samsung Galaxy 25 isn’t the same as a Samsung Galaxy FE25
Lojcs@piefed.social 2 days ago
But if Samsung’s firmware keys or whatever leaked, wouldn’t that apply to all of them? It’s not like they reinvent all their infrastructure for each phone.
Actually, I take it back. These things do happen in the mobile world, they’re just not released publicly. Celebrite etc just gobble them up
pory@lemmy.world 2 days ago
Ps5 pro, ps5 slim, ps5 digital edition? Nintendo Switch (Erista), Nintendo Switch (Mariko), Nintendo Switch OLED, Nintendo Switch Lite?
drcobaltjedi@programming.dev 2 days ago
As someone else pointed out, there’s a shit ton of different phones. In 2012 alone, how many different “Samsung Galaxy …” did samsung release? Wikipedia lists 6
That’s 1 company, with 1 brand name in 1 year. Each with different hardware and as of late those phones have been harder and harder to even open. However, there’s a handful of models of “PS5” standard, slim, pro. They are also very easy to open requiring regular tools your average joe is likely to have, in fact sony encourages this in case you want to upgrade your SSD. It’s a lot harder to keep a system secure if the user can poke and prod the hardware, i mean the Wii’s security was literally beaten by tweezers
Nonononoki@lemmy.world 2 days ago
Good news, a new exploit has been recently found that can unlock the boot loader of several older Sony phones, even the Japanese models which were not unlockable until the discovery!
xperable - Xperia ABL fastboot Exploit [CVE-2021-1931]
YiddishMcSquidish@lemmy.today 2 days ago
I will not post the keys here for legal reasons.
One paragraph later posts a picture of the xit.
capuccino@lemmy.world 2 days ago
Time to do the jump from ps2 to ps5 this 2026
DoucheBagMcSwag@lemmy.dbzer0.com 24 minutes ago
Or save on a PC instead since most PS5 games are coming to PC.
fleem@piefed.zeromedia.vip 2 days ago
think so?
Xander707@lemmy.world 2 days ago
I just want to be able to back up my saves to usb
AbsolutelyNotAVelociraptor@sh.itjust.works 2 days ago
Not that I particularly care as the few exclusives on ps5 are all arriving on pc.
But this is gonna be hell on earth for anyone interested in competitive multiplayer games.
And the damage to Sony might be epochal if the exploit is easy enough for anyone to do it.
SalamenceFury@lemmy.world 2 days ago
Competitive multiplayer games are already cooked on Playstation anyways since a lot of console cheaters use Cronus on PS4s that can’t detect it.
Chozo@fedia.io 2 days ago
Chronus can be detected on consoles, just not super easily. And it kinda depends on each game's developer and their ability to implement such detections. I know that Embark Studios have said that they've found ways to detect such devices in The Finals.
I believe that, while they can't detect the actual hardware plugged into the console, they're able to detect input patterns that would only be possible from M/K (such as 0ms AD-spamming). Of course, I can't imagine that's 100% foolproof on its own, either.
chocrates@piefed.world 2 days ago
Why? Other than allowing piracy and home brew stuff what does this mean?
AbsolutelyNotAVelociraptor@sh.itjust.works 2 days ago
Cheating online is gonna be extremely easy since you can just run a cheat program as legitimate software.
That could snowball into people not buying any big competitive game on ps5 anymore.
markz@suppo.fi 2 days ago
Hell yeah
Mwa@thelemmy.club 2 days ago
So this means we can Homebrew the PS5???
shittydwarf@piefed.social 2 days ago
This is really cool, fuck Sony
superglue@lemmy.dbzer0.com 1 day ago
If someone gets Bazzite running on it I will 100% start shopping around for a used ps5.
73QjabParc34Vebq@piefed.blahaj.zone 2 days ago
If the PS5 could be booted to a decent Linux desktop, I’d buy one to play with it. A good OS with a fun form factor.
Otherwise, don’t buy consoles.
ClamDrinker@lemmy.world 2 days ago
Or just… don’t by consoles at all. Buy a mini PC (which you can upgrade too) or wait for the Steam Cube? Why still funnel money into a company that seems to be adamant that it owns that machine (and lets be honest, could try and use any kind of kill switch or safeguard to stop you from doing so) and will wield your money as a weapon against you. It’s like soliciting a stalker because you enjoy receiving random gifts in the mail with totally no strings attached.
londos@lemmy.world 14 hours ago
Or install SteamOS on a PS5…
rafoix@lemmy.zip 23 hours ago
PCs with a GPU and CPU comparable to a PS5 are much more expensive than they should be.
GPU prices finally dropped to MSRP for about a month or two before prices skyrocketed again.
Chozo@fedia.io 2 days ago
I'm kinda out of touch with hardware pricing these days. Let's say I wanted to buy a second PS5 for the purposes of turning into a desktop like this; would that be better or worse than just buying normal hardware and building a PC of equivalent specs?
SailorMoss@sh.itjust.works 2 days ago
The PC would undoubtedly be much better. Mainly be you would get better software support. Not saying this isn’t cool. I already own a low firmware ps5 for such an occasion. But real PC hardware is better.
This video shows the approximate performance you’ll probably get out of it.
rafoix@lemmy.zip 2 days ago
I doubt it but if true I will put Bazzite on mine.
russjr08@piefed.zip 2 days ago
Well, someone is certainly not having a Happy New Year heh.
Meanwhile others are absolutely over the moon celebrating 🎉
Stupendous@lemmy.world 2 days ago
I have a PS5 that I rarely turn on. Everything ends up on PC. PC handhelds better than a PS Portal. To phone streaming everything supports. Playing PC games on Android is a thing now. Switch handles party gaming. No replacing Mario party/kart/tennis/strikers/golf. Nintendo IP party games are OP
What I’m interested in are the insights the PS5 will give into PS4 architecture. PS5 is backwards compatible and seeing what the PS5 does to accommodate any problematic games in BC. PS4 emulation over 5 because 4 is well along. PS5 is deep in the no console exclusives era. Early PS4 still had semblance of third party exclusives and Japanese games skipping PC
I unplugged the PS5 Ethernet port just in case I ever want to do something in the future. I doubt it besides possibly future of running Linux on it. It’d make a great gaming PC someday as a gift. People always talk about exclusives as a reason for consoles. I play way more games on PC that aren’t available on consoles. Too old and abandoned. Too indie so it may not show up for years if ever on consoles.
Hopefully the Xbox series X gets jail broken someday too. They’d be great values for gaming PCs
Naho_Zako@piefed.zip 2 days ago
We barely turned our PS5 on until about a year and a half ago, it was the Switch that was getting all our love. Now we have a Switch 2 we barely touch and the PS5 gets attention cause games are on sale (nobody bought it lol)
I do PC game, but I prefer console because there’s WAY less fiddling and tinkering due to hardware issues or shitty game ports. I was excited for the FFVII steam sale until I saw the reviews complaining about stuttering and performance issues. I prefer a painless, boot-it-up-and-play-immediately experience over modding capability.
criticon@lemmy.ca 2 days ago
nobody bought the ps5?
Key Figures & Estimates (Late 2025/Early 2026)
PlayStation 5 (PS5): ~84-86 million units (crossing 80M mark by late 2025).
Xbox Series X/S: ~34 million units (estimates vary, but well behind PS5).
Nintendo Switch (Original): ~154 million units (still selling well, nearing DS).
Nintendo Switch 2 (New): Starting sales with ~12.4 million units by late 2025 (estimated).
84 mil seems like a lot. PS games have always been discounted, contrary to Nintendo games
SailorMoss@sh.itjust.works 2 days ago
It seems it’s not widely known. But the Xbox series X is hacked. The PS5 has been hacked for a while too. This is just gonna make the hacks a lot better. 
BroBot9000@lemmy.world 2 days ago
Now we are getting somewhere
KiwiTB@lemmy.world 2 days ago
Sony has no competition right now in their market so they will be fine. Besides the PS6 isn’t to far away.
degenerate_neutron_matter@fedia.io 2 days ago
Cool, but this article looks like AI slop.
Chozo@fedia.io 2 days ago
How?
degenerate_neutron_matter@fedia.io 2 days ago
Didn't see this earlier but another thread gave a good summary: https://piefed.social/comment/9505729
harcesz@szmer.info 2 days ago
Let me guess, they sunk their battleship?
fistac0rpse@fedia.io 2 days ago
hypothetically, could they use different keys for each hardware revision? that'd help limit the impact as not every existing console would be affected. you'd think they had a plan for this in place after the PS3 keys leaked and their multiple huge security breaches
SolarPunker@slrpnk.net 2 days ago
I hope this will lower its price
chocrates@piefed.world 2 days ago
Probably going in the other direction. Now current gen ones are more valuable then the next gen they make.
If Sony was selling ps5’s at cost or loss, then you could get a gaming pc and run Linux on it for cheaper than building one
bubblybubbles@lemmy.ml 2 days ago
Seems cool, but what does this mean?
AbsolutelyNotAVelociraptor@sh.itjust.works 2 days ago
In simple: you can tell your ps5 that ANYTHING is legal and ok to be executed on it.
keyhoh@piefed.social 2 days ago
I’m not much for understanding all of the lingo, so I’m wondering if this is something I could do on my own. I would love to make my ps5 my “smart” tv and no longer have to use Google’s services.
Also, installing RetroArch on it would be super sweet. Will this all be possible for a low level user, or will I need an expert to put Linux on it so I can customize my rig?
My second question that wasn’t quite clear was if I could have my psn account and still play online while changing the os. I still want to play with my friends online while being able to load other apps. I know if it’s detected I changed things I’ll get locked out, but how will they tell?
Chozo@fedia.io 2 days ago
If this is something you want to try for yourself, either buy a second PS5 and use a burner account on it, or be prepared for the possibility of losing your entire PSN account. This goes for pretty much any internet-enabled console modding.
Nintendo deactivated a 10+ year old account of mine when I tried modding a Wii a while back. It wasn't a huge deal at the time, because I still had physical copies of most of my games at that point. But these days, my library is almost entirely digital, so I keep separate fuck-around accounts so that I don't find-out with an account I've spent money on.
Gerudo@lemmy.zip 2 days ago
Coming from previous console hacks…
It generally does require a halfway decent techie background to hack a console (or anything, like jailbreaking a phone). At the very least, being able to follow guides exactly to the letter or risk bricking a device.
Generally speaking, hacking a console will not let you play online.
You generally don’t want to put a hacked console on the internet at all to keep it from being potentially flagged from the parent service like PSN
Now, this could all be different depending on the actual hack, but it’s what’s been true for previous ones.
keyhoh@piefed.social 2 days ago
Thank you. I figured it’d likely be too hard for me to do, but being able to get someone to mod my machine is pretty sweet. I might wait for a bit longer to do it, but I’m liking where this is going. And if I could run steam on it, I might just do it right away so I can play those games instead of my PS ones. Most games are cross platform now anyways.
Lfrith@lemmy.ca 2 days ago
Ever since Sony and Nintendo switched to paid online that has no longer been the con it used to be for me. Back for the PS3 I didn’t jailbreak it since online was free, but for the switch and ps4 I didn’t hesitate.
Lojcs@piefed.social 2 days ago
Strong ai slop vibes emanating from the article. It’s full of contradictions and listicles. The information density feels way too high for something ai written, but at the very least they must’ve used an ai to fuck up the sentences
Kushan@lemmy.world 2 days ago
Yeah I checked the twitter profiles of the two people mentioned, one doesnt talk about it at all and the other says it’s not what people think and it won’t enable CFW.
AI nonsense.
Kazumara@discuss.tchncs.de 2 days ago
Yeah agreed especially further down when it’s just randomly rehashing old history. It’s also mixing up decryption and verification even in the beginning of the article. First they write:
Then just two paragraphs below:
So which is it? Usually boot chains hash the next stage and compare it with a signed “known-good” hash they have stored, no encryption. Maybe this is different for the PS5 but then that would be noteworthy, not something you just assume readers to know.
4am@lemmy.zip 2 days ago
Maybe I am missing something but I think you answers your own question?
ROM is Level 0, it has the burned-in, permanent key. It hashes and verifies the Level 1 bootloader, on disk, signed with the ROM key.
Now that the ROM key is known, anyone can sign a PS5 bootloader; and you can pretty much do whatever you want from there.
It would seem that all existing PS5s just went up in value.
Lojcs@piefed.social 2 days ago
decrption is when cryptography
Rhoeri@piefed.world 2 days ago
Yeah, but the kids eat it up.
Lojcs@piefed.social 2 days ago
Skeptical that kids would read thecybersecguru.com