Homebrew software was first run on the PlayStation 3 by a group of hackers under the name "Team Ice" by exploiting a vulnerability in the game . Following various other hacks executed from Linux, Sony removed the ability to install another operating system in the 3.21 firmware update. This event caused backlash among the hacker communities, and eventually the group Fail0verflow found a flaw in the generation of encryption keys which they leveraged to restore the ability to install Linux. George Hotz (Geohot), often misattributed as the genesis of homebrew on the PS3, later created the first homebrew signed using the private "metldr" encryption key which he leaked onto the internet. Leaking the key led to Hotz being sued by Sony. The court case was settled out of court, with the result of George Hotz not being able to further reverse engineer the PS3.[1] [2]
At the 2010 Chaos Communication Congress (CCC) in Berlin, a group calling itself fail0verflow announced it had succeeded in bypassing a number of the PlayStation 3's security measures, allowing unsigned code to run without a dongle. They also announced that it was possible to recover the Elliptic Curve DSA (ECDSA) private key used by Sony to sign software, due to a failure of Sony's ECDSA implementation to generate a different random number for each signature. However, fail0verflow chose not to publish this key because it was not necessary to run homebrew software on the device.[3] The release of this key would allow anyone to sign their code and therefore be able to run it on any PlayStation 3 console. This would also mean that no countermeasures could be taken by Sony without rendering old software useless, as there would be no distinction between official and homebrew software.[4] On January 3, 2011, geohot published the aforementioned private key, represented in hexadecimal as C5 B2 BF A1 A4 13 DD 16 F2 6D 31 C0 F2 ED 47 20 DC FB 06 70, as well as a Hello world program for the PS3.[5] [6] [7] On January 12, 2011, Sony Computer Entertainment America filed lawsuits against both fail0verflow and geohot for violations of the DMCA and CFAA.[8] [9] The suit against geohot was settled at the end of March, 2011, with geohot agreeing to a permanent injunction.[10] [11]
To allow for homebrew using the newly discovered encryption keys, several modified versions of system update 3.55 have been released by Geohot and others. The most common feature is the addition of an "App Loader" that allows for the installation of homebrew apps as signed DLC-like packages. Although Backup Managers could run at that time, they could not load games at first even though some success had been made by making backups look like DLC games and then signing them. An LV2 patch was later released to allow Backup Managers to load game backups and was later integrated into the Managers themselves so that it doesn't have to be run whenever the PS3 is restarted.
PS3 System Software update 3.56 tried to patch Miha's exploit for 3.55, however, within a day the system was circumvented again.[12] [13] This caused Sony to release another update shortly after, 3.60, which was secure against circumvention.[14]
However, users may choose not to update and games requiring a firmware version above 3.55 can be patched to run on v3.55 or lower. Soon after v3.60 was released, updates to the PlayStation Network were conducted to block any methods known that allowed PSN access on firmware older than the latest required official firmware (v4.91), thereby blocking users who chose not to update.
A custom firmware known as "Rebug",[15] released on March 31, 2011, gave retail PS3s most of the options and functionality of debug/developer PS3 units. One week later, tutorials became available allowing users to download PSN content for free, using fake (rather than stolen) credit card numbers.[16] One April 12 report described hackers using the jailbroken firmware to access the dev-PSN to get back on games like Call of Duty, with widespread reports of cheating.[17] While some sources blamed Rebug for the subsequent intrusion to Sony's private developer network, Time "Techland" described such theories as "highly—as in looking down at the clouds from the tip-top of Mount Everest highly—speculative".[18]
In late 2017, there was a tool released to convert 4.82 PS3 to .[19] [20] A new exploit toolset, named the Bguerville Toolset (BG Toolset for short), was released in 2020,[21] which allows firmwares 4.75 to 4.90 to be patched. Sony has worked numerous times to try and patch the BG Toolset, but as of June 20th, 2024, it still remains as the primary entry point for the custom firmware scene on the PlayStation 3.
It is also worth noting that in early March of 2023, a flash writer[22] for firmware 4.90 was released for the Playstation 3 that required a specific firmware to be installed. This method required a web server that exploit files would be hosted on. This exploit was released in the absence of the BG Toolset as its websites, along with numerous other popular jailbreaking sites, had their domains seized.
In 2019, a tool called PS3HEN was released, compatible with any model of PS3, which allows non-CFW compatible consoles to run homebrew with LV2 kernel access.[23] has to be loaded on every reboot albeit this process only takes a few seconds. On release, it was unstable, however as of 2022 it is very stable. has been adopted by many popular homebrew applications, such as multiMAN, to detect LV2 access and run accordingly. Most features of are in, making it a viable alternative for the late 25xx and 30xx series Slims as well as all Super Slims to be able to run homebrew.