The Fail 0verflow teams (formerly known as WiiPhonies) announced at the Chaos Communication Congress in Berlin that they have hacked the PS3 and exposed Sony’s private key. Now any game or software can be signed by the public private key and it will run on the PS3.
They first broke the loader’s Chain of Trust.
memcpy(rvk_isolated, rvk_shared,*((int*)(rvk_shared + 0xlc)))
Then they found a flaw in Sony’s signing software, as satirized in the presentation with an xkcd comic; a constant number instead of a random value was used for each signature…
int getRandomNumber() { return 4; //chosen by fair dice roll //guaranteed to be random }