# FreeBSD is susceptible to common exploits



## drhowarddrfine (Dec 31, 2015)

Some hackers got Linux to run on the Sony Playstation 4, sub-planting FreeBSD as its operating system. According to Engadget:


> The PS4 is powered by Sony's Orbis OS, which is based on *a Unix-like software called FreeBSD and is therefore susceptible to common exploits.*



I post this here if anyone would like to educate Engadget. Their parent company is AOL so they obviously need educating.


----------



## ANOKNUSA (Dec 31, 2015)

Well, the PS4 is just an x86-64 computer. Presumably, whatever barrier there is to running any operating system you want on it would be in the firmware, not the OS.


----------



## shepper (Dec 31, 2015)

The Engadget writer seems to be taking a page from "Marketing your Politician and Ideology".  Create your own reality by saying your position frequently, each time louder and with more conviction.  If you lack supporting evidence; fabricate.


----------



## Beastie7 (Dec 31, 2015)

The writer works for Engadget, which is a owned by a company called AOL and is therefore susceptible to common intellectual defects.

See how accurate that sounds?


----------



## protocelt (Dec 31, 2015)

It's difficult to deduce from that article what the author meant. In my opinion, I think he meant that since the PS4 uses a regular UNIX operating system as opposed to a custom in-house developed OS, it is susceptible to common UNIX exploits(which would of course include Linux and any UNIX like operating systems). It's also possible, as noted above, the author is just making assumptions due to lack of knowledge, which is of course quite common as well on the internet. Either way, it's not very well written.


----------



## drhowarddrfine (Dec 31, 2015)

Here's the author's Twitter account should anyone wish to say hi: https://twitter.com/m4tt


----------



## junovitch@ (Jan 1, 2016)

The jailbreak referenced in the article was a kernel issue.  I would advise reading the series of articles regarding the issue.
http://cturt.github.io/ps4.html
http://cturt.github.io/ps4-2.html
http://cturt.github.io/ps4-3.html

It was resolved months ago in SA-15:21.
https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:21.amd64.asc

Additionally, search for "BadIRET" in your favourite search engine and you'll find more discussions on the topic along with its impact on other OSes.


----------



## youngunix (Jan 1, 2016)

Isn't everything susceptible to exploits at some point or time? How is this big news? Preventative measures and good security practices can reduce and prevent these exploits, but to have an impenetrable system is a fantasy.


----------



## drhowarddrfine (Jan 2, 2016)

It should be now noted that the article has been edited (without mention) to remove the FreeBSD accusation. In addition, the blame is now placed on a webkit bug in coordination with Sony's firmware.


----------



## protocelt (Jan 2, 2016)

Also worth note is the PS4 firmware version that has been exploited is many versions behind what's available currently.


----------



## Atsuri (Jan 2, 2016)

I agree with youngunix. If one tries hard enough, everything can be broken (into). Still, I found the video quite entertaining .


----------



## Oko (Jan 3, 2016)

Playstation 4 is indeed susceptible to an exploit due to the well documented Jail infrastructure security hole. Whether it is a common exploit or not is a different story. The Jail infrastructure is from theoretical mathematics point of view ill conceived security model. That is known circa 2009






For the record I also use Jail to "secure/isolate" some services.


----------



## Beastie7 (Jan 3, 2016)

Oko said:


> Playstation 4 is indeed susceptible to an exploit due to the well documented Jail infrastructure security hole. Whether it is a common exploit or not is a different story. The Jail infrastructure is from theoretical mathematics point of view ill conceived security model. That is known circa 2009



Why don't you justify this drivel instead of repeating the same thing over and over again with nothing but a large video as "proof" of your assertion. Exactly how Jails an "ill conceived" model from a mathematics standpoint? What's fundamentally wrong with it's implementation? Please enlightenment me so I can forward this onto Poul-Henning Kamp in question. I'd really like to know. The less bugs, the better.

Also, note that this is from 2009. So I'm sure the Jail subsystem has improved since then, with enhancements to it's implementation.


----------



## Oko (Jan 3, 2016)

Beastie7 said:


> Why don't you justify this drivel instead of repeating the same thing over and over again with nothing but a large video as "proof" of your assertion. Exactly how Jails an "ill conceived" model from a mathematics standpoint? What's fundamentally wrong with it's implementation? Please enlightenment me so I can forward this onto Poul-Henning Kamp in question. I'd really like to know. The less bugs, the better.
> 
> Also, note that this is from 2009. So I'm sure the Jail subsystem has improved since then, with enhancements to it's implementation.


You obviously have not bother to watch that video. kristaps is a mathematician expert in machine proovability. Paul is programmer. Good luck with improoving outcomes of prooved mathematical theorems. 

OP has specifically asked about PS4 vulnerabilities. Google and you will see that it is jail related. It could be poor code implementation not a fundamental problem Kristapa was talking about. These days you can find Kridtaps skuba diving in Tayland. My New Year resolution is to stop wasting my time at various computer forums so I am hoping this is my last post on this forum.


----------



## drhowarddrfine (Jan 3, 2016)

Oko said:


> OP has specifically asked about PS4 vulnerabilities.


No. I pointed to the article that claimed FreeBSD is more susceptible to common exploits. That was all. Since I started this thread, they removed that accusation and, rightly, pointed to other things that actually caused the problem outlined in the article  and it is not FreeBSD related.


----------

