The PlayStation 5’s ROM keys have allegedly been leaked, meaning anyone who can get their hands on the hex strings now has the hardware code that will allow jailbreakers to try decrypting and analyzing the console’s bootloader. According to The Cybersec Guru, this is an unpatchable problem for Sony, because these keys cannot be changed and are burned directly in the APU. The only way that the company can invalidate the leaked codes is to replace the chips on yet-to-be-manufactured units, meaning consoles that are already in the wild could possibly take advantage of future jailbreaks stemming from the use of these leaked codes.
When you turn on the PS5, its CPU runs the BootROM code that’s baked in the chip and uses the ROM keys to ensure that Bootloader is valid. Now that the ROM keys have been leaked (and assuming they are valid), a hacker could then decrypt and study the official bootloader and potentially use that as a starting point to understand how the PS5’s boot system works. Since the issue is at a hardware level, Sony would not be able to release an update that will stop consoles with the compromised chip from loading kernel-level exploits in the future, should one become available.
Note that this leak does not automatically mean that we will see jailbroken PS5s on the market right now, especially as Sony has other security measures that hackers need to bypass. However, the appearance of these codes means that one of the biggest security features of the console has likely already been compromised, making it easier for those working on creating custom firmware to have a deeper understanding of how the console works and use that knowledge to maybe build a modified (or even a totally different) operating system for it.
This isn’t the first time that Sony has had to deal with a security crisis with the popular PlayStation family. The PlayStation 3 was previously hit with a vulnerability when the company made a mistake with their cryptography on the console, allowing users to install homebrew software and allow piracy and cheating on popular titles. We also saw this with the Nintendo Switch, when a flaw in the Nvidia Tegra X1 chip that it used let tinkerers run Linux on the handheld.
Sony has yet to release a statement regarding the hack, but the company could release revised hardware in the near future to rectify the situation. Another solution is to issue a recall for all existing PlayStation 5 consoles on the market and replace their motherboard to change the hardware codes, but this is unlikely to happen as it’s either going to be too costly for the company or gamers would be unwilling to pay extra for a mistake that was ultimately not theirs.
Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.