Italian developer and security researcher Luca Todesco may have announced that he has turned his back on iOS device liberation for the foreseeable future, but that doesn’t mean he has lost his passion for security research and finding vulnerabilities in public platforms.
In a series of tweets from his own personal account, Todesco has announced that he’s managed to jailbreak Sony’s latest firmware versions for PlayStation 4: version 4.50 and 4.55.
Todesco has been relatively quiet on recently, at least from an iOS jailbreak perspective, choosing instead to talk publicly about travel plans and and the scandal surrounding the CIA and the potential ownership of a number of hacking toolkits.
Clearly interesting to his legions of followers, but likely not as interesting as the first in a series of PS4 tweets, confirming that he had “just pwned PS4 4.5x.” Historically speaking, we know what happens when someone decides to jailbreak Sony’s gaming console, so it will be interesting to see if any of this is made public, or if it is just kept to himself.
Todesco then followed that initial tweet up with others to confirm that the exploits used works both on PS4 firmware 4.50 and 4.55, suggesting that 4.55 is vulnerable to “both webkit rce & kernel Ipe.”
We don’t currently know what the developer’s intentions are in terms of progressing his research and potentially turning the WebKit vulnerability into some kind of software to be offered to PlayStation 4 owners who would like to achieve root status, but given his previous stance on topics such as this, it’s highly likely that this is for research and self-achievement reasons only. It’s unlikely anything will be released to the public.
This isn’t the first time that a prominent figure has taken time to investigate the possibility to hacking Sony’s PlayStation console. Famously, George Hotz, otherwise known as Geohot, or the first person to ever jailbreak Apple’s iPhone, released information onto the Internet on how to hack Sony’s PlayStation 3. This resulted in a very public court case with the Japanese company actively pursuing Hotz through the legal system. That case was ultimately settled, but it’s very unlikely that anyone else would want to go through the same process.
Still, public release or not, it’s great to see Todesco continuing to flex his research muscles and hone his skills.