Discussions have been going on today about a potential leak of work in progress exploits for the latest 5.01 PS4 firmware.
People whose work was impacted by the data breach have talked to me about the issue, although most of them have mentioned details under the condition of anonymity, and in general have shared only the bare minimum. The work of multiple people is involved so I think everyone’s begin extra careful in the information they share publicly at this point.
It appears some of the stolen data included unfinished work for the latest PS4 firmware (some hackers have hinted at the possibility that some of that work was a 5.01 exploit, but with nobody explicitly stating it, and others denying any exploit was stolen). A Dump of the 5.00 Kernel was apparently released as proof of the data breach.
Besides the fact that the stolen information cannot be used “as is” to Jailbreak a PS4 5.01, it is also nowhere to be found on the typical public scene sites. Scene sites have recently been protective of console hackers by not publishing such stolen exploits, typically because such leaks do more bad than good for the scene. It’s also possible that nothing (beyond the Kernel Dump) was publicly leaked at the moment but that the data is being circulated in private groups.
The main risk of course is that some of the information could end up being patched in the next firmware update, which would ruin some 5.01 exploit for the whole scene. Additionally, this is obviously disappointing for the people whose work got stolen, and could simply kill their motivation to help the scene. There are good reasons hackers keep their work private, whether we like it or not.
Although I cannot share much about the leak, here’s a word of caution for all scene hackers around here: the alleged person behind the data breach is a well known hacker/social engineer who has stolen scene hackers’ work before. When working on something sensitive such as a groundbreaking console hack, always make sure the people you share your data with are who they claim to be, and that their accounts have not been compromised. Also, easier said than done, but it’s probably good to only communicate/share through secure channels that you can 100% trust.
We are constantly looking for guest bloggers at wololo.net. If you like to write, and have a strong interest in the console hacking scene, contact me either with a comment here, or in a PM on /talk!