Anathema sent me a link to a few posts he made to discuss PlayStation 3 hacking.
This post is on possible PlayStation 3 exploits and this one is on PlayStation denial of service and memory exhaustion. see: https://web.archive.org/web/20140306131459/http://www.ps3rips.com/?p=8
Why do I care, you ask? Clearly I’m not a hardware guy and I can’t remember the last time I bought a video game. But, I am interested because the PlayStation 3 has an integrated browser (based off the NetFront browser).
The reason this is interesting to me is because more and more devices are becoming web enabled. Whether that means they run webservers or have browsers built into them, the point is the same. They are sitting out there, making or taking requests from who knows where, with unknown protection and with unknown ability to do or perform other actions. Let’s say for a second that PS3 was sitting behind a firewall of someone who worked at supersecurecompany.com and they use a VPN only to connect to their company. Now that I am running my code on that system, I could theoretically break into other machines on the network much easier since I am behind the firewall. This is far more nasty than I think most people realize. It might be a video game console but if it is web enabled and running over a shared internet line it should be just as secure as anything else.
I did not know that the hypervisor could be bypassed?, I am aware of of the OtherOS Demo program from MC. http://forums.ps2dev.org/viewtopic.php?t=8333
Please tell more of how to bypass hypervisor.
Regarding just using the browser it should be noted that the PSP hypervisor was first exploited by using a TIFF image exploit (which could easilly be crafted and hosted on a site).
And more on what Rsnake said about all those possible browsers out there. The average parent would be wary about leaving a child on a PC connected to the net but they will not think twice about that same same child using a console. Consoles are usually brought for children by the hundrends of thousand around Xmas and these will all be network connected and open to all manner of exploits. . Parents if they care about thier home networks should be looking at the consoles they are buying for thier children. Also most offices/work-places etc will not see a Console a