PS4/PS5: TheFloW confirms having a big vulnerability on PlayStation, with a significant HackerOne bounty

Google+ Pinterest LinkedIn Tumblr +

theflow ps5 jailbreak 2024

PlayStation hacker TheFloW took to LinkedIn to confirm that he received an additional $10,000 from the PlayStation bounty program on HackerOne. This indicates that the researcher actually submitted a critical vulnerability to Sony. It remains to be seen if and when this will be disclosed.

Incoming PS5 kernel exploit?

The PS4 and PS5 have been “blocked” for some time now, with jailbreaks only available on fairly old firmware. Although this seems to be the rule on PlayStation devices now (and, as such, the advice to buy a console early and keep it on low firmware from day one remains the most valid advice we can give on the PlayStation scene), this naturally frustrated many users.

However, in September, TheFloW sparked the scene with a simple “do not update” statement. The hacker (un)subtly indicated that he had something important in store.

There was no doubt that this was a kernel exploit for the PS5 or PS4 (or both), but his post this week on LinkedIn is further confirmation. The email he received from the PlayStation security team reads:

Thank you very much for the report!

We reproduce your conclusions, we have decided to qualify the seriousness of this report as high and to award you a bonus of $10,000.

Again, there is no indication of a disclosure whichever chain of exploits this is, but in the past TheFloW has been pretty consistent about having its exploits publicly disclosed, with the Sony approval.

However, it is interesting to see that the hacker decided to make the announcement on LinkedIn rather than on Twitter, perhaps to avoid the army of “ETAWEN” responses…

Is HackerOne a blessing or a curse for the PS4/PS5 scene?

People took to Twitter to say that HackerOne was damaging the scene, especially since we are at the mercy of Sony’s security team to decide whether or not an exploit will be disclosed. Personally, I think this situation benefits both the scene and professional hackers. As much as some people want to believe it, there is no way the scene collectively raises enough money to regularly pay a $10,000 premium for a jailbreak. In my almost 20 years of experience in the field, I have seen countless attempts to raise money to fund the efforts of security researchers: raising more than $1,000 for a very promising lead is the exception, not the norm. $10,000 would be a huge undertaking, not even mentioning the legalities.

It is true that the hacking scene on PlayStation is much less lively than in the PSP/PS3 era, but in my opinion this is mainly due to:

  1. the security of new devices is significantly improved, meaning a much higher barrier of entry for those interested in DIY
  2. more and more devices (e.g. phones), services (e.g. Epic, GOG,…) and the rise of the free-to-play gaming model allow people to play a lot of games for next to nothing these days, which means (IMO) some of the appeal of playing emulators or pirated games (I know, it’s shocking) on ​​consoles is fading quickly
  3. PS4 and PS5 are very similar to traditional computer hardware and architecture. Some hackers like FailOverfl0w have indicated that this impacts their motivation to work on consoles.

In my opinion, HackerOne is a blessing in disguise as I believe it keeps some hackers such as TheFloW interested, if only because it gives a bit of “professional credibility” to the hacking effort, for people who are already professionals in the field.

What’s Next for PS5/PS4 Jailbreak Status?

At this point, the only thing we can do is stay put. The hacker warned in September not to update your PS5. If your PS5 currently has firmware higher than 8.xx (and unless you received it for Christmas this year), you will only be responsible if you missed the sequel. As for the PS4, I remain convinced at this point that the easiest way is to simply buy a used one for 9.00.

Gn tech