PS Vita: Did F00D get hacked? (and should you care?)
Team molecule member and hacker xyz (also known as pomfpomfpomf3) posted a screenshot on twitter that seems to imply he has managed to find an exploit in the F00D processor.
PS Vita – What is F00D?
F00D is considered to be the “level 0” of the PS Vita security chain. Security checks on FOOD happen before other systems are even accessed.
It is believed that exploiting F00D could lead to a permanent hack, that possibly couldn’t be patched without a hardware upgrade of the PS Vita. Update: that last sentence has been confirmed to be incorrect. Specifically, Yifanlu said: The stuff people want: 3.63 psn spoofing, 3.61+ game decryption/running, permanent henkaku hack, hacks for 3.63, etc is orthogonal to hacking f00d. It is much “easier” to do though other means like finding a kernel exploit or porting an existing WebKit exploit. We (molecule) have retired from all that stuff so it’s up to other people to pick it up. See here for details.
YifanLu, one of the hackers behind the HENkaku Vita hack, has stated recently that he would focus his reverse engineering efforts on F00D moving forward. Team molecule are apparently all focused on hacking this “level 0” right now.
Was a F00D vulnerability found?
Xyz’s message in itself is just a screenshot showing some hexa code, some of which saying : “Congratulations! At last you get the plaintext of the PS Vita secure kernel !”, to which Yifan Lu ironically replied “you completed the CTF challenge, congrats”. Yifan Lu also replied with an hexa string accompanied by a timestamp:
Several hackers have retweeted xyz’s screenshot, and congratulated him on the work.
— nowhere everywhere (@pomfpomfpomf3) February 18, 2017
However, I for one, am a bit confused by the mixed signals we are getting from some hackers on this tweet, and from xyz in particular on his work with F00D. The last time he published a tool related to F00D, he stated this was a “hack”, which as I explained in a former article was definitely a stretch (or potentially a trolling attempt ?).
This time again, xyz has updated the Vita dev wiki stating a vulnerability in F00D, that he nicknamed the octopus exploit, is yet to be disclosed.
PS Vita F00d Exploit – What does it give the end user?
Whether the exploit is real or just some hackers having a little bit of fun, there’s honestly not much difference at this point or even in the foreseeable future for the end user.
Although hacking level 0 of the PS Vita security could mean a more permanent hack than HENkaku, the only visible difference would be that users on 3.60 do not have to launch HENkaku again every time they reboot their console.
Update: that last sentence has been confirmed to be incorrect. Specifically, Yifanlu said: The stuff people want: 3.63 psn spoofing, 3.61+ game decryption/running, permanent henkaku hack, hacks for 3.63, etc is orthogonal to hacking f00d. It is much “easier” to do though other means like finding a kernel exploit or porting an existing WebKit exploit. We (molecule) have retired from all that stuff so it’s up to other people to pick it up. See here for details.
At this point, a 3.63 hack would be much more welcome, and I fail to see how a F00D hack would help with that. It would still be an awesome achievement, but people shouldn’t be over excited about it.
From the hackers’ perspective, F00D is the ultimate level of security, the holy grail of PS Vita’s protections, but from your typical user, there will be little to no direct benefits in getting F00D hacked.
One can only hope that if the Octopus exploit is real, and if somehow it gets coupled with a HENkaku release, team molecule name it takoyaki.
Source: xyz on twitter