“Spoiler alert: don’t update” – TheFloW sets the PS4/PS5 scene on fire once again
Famous PlayStation hacker TheFloW has come to twitter with those simple words today: “Spoiler alert: don’t update”. It is extremely likely he has yet-undisclosed exploits for the PS4 and/or PS5 coming our way.
There is a “catch” though, which is that the hacker has just recently reported those bugs (I assume, to Sony via their HackerOne bounty program). If history is any indication, it could take months, possibly more than a year, for those to be ultimately disclosed to the scene.
New PlayStation vulnerabilities could impact PS5 Firmware 8.00, PS4 Firmware 11.00. Hacker says “don’t update” to people hoping for Jailbreak
PlayStation’s bounty program allows hackers to find and report security issues to Sony, in exchange for a payment. The payments can go up to $10000 for high severity issues on PlayStation, typically kernel exploits that could lead to a Jailbreak.
TheFloW is responsible for a huge amount of vulnerability disclosures on PS4/PS5 (and, before that, PSP and PS Vita), many of which have ultimately led to Jailbreaks for the scene. However the hacker’s recently been playing by the rules set on HackerOne, meaning the exploits first need to be analyzed and patched by Sony before they even discuss disclosure. Furthermore, disclosure isn’t guaranteed, although in the past TheFloW publicly disclosed most of his findings, with Sony’s approval, once the issues were patched.
This has worked ok for the scene as well as Sony: the company gets to patch critical PS4/PS5 vulnerabilities for cheap, securing their network and consoles running the latest firmware (which must represent 99% of their user base), while those of us who are patient enough to stay on lower firmwares ultimately get a Jailbreak.
What does this mean for me as an owner of PS4 11.00 and/or PS5 8.00? (or lower)
Patience is key here as always but I don’t want people to believe this is something more than: a bit of hope for future jailbreaks. The vulnerabilities will be patched (then possibly disclosed) and those of us who update our consoles will miss out on whatever gets disclosed.
The hacker hasn’t given any indication of which firmware this is running on, but there is a significant possibility he has something that could impact PS4 Firmware 11, PS5 Firmware 8.00, and of course all firmwares below that.
This means that the rules haven’t changed: if you’re hoping for a Jailbreak on your console in the future, you need to stop updating it. This means, among other things, renouncing access to PlayStation Network, latest game patches, and online games. And you could be getting nothing for it, for months, possibly years.
PS4/PS5: Should you stop updating?
We know historically that the lower your firmware, the higher your chances of getting a Jailbroken console in the future.
As always, the decision is yours, but updating, in general, lowers your chances of getting a Jailbreak down the line
In an ideal world, you would have 2 consoles: one that you keep on a low firmware for a Jailbreak (or buy a low firmware one if you can find it – tips for finding a low firmware: PS5 /PS4), and one that you keep up to date in order to play your current gen games and access PlayStation online services. I know it’s easier said than done, but that’s how things are. This is however the best idea in my opinion for PS4 at the time Being. PS4s running on firmware 9.00 or lower are reasonably cheap nowadays and relatively easy to find. At this point I think hoping for a new PS4 Jailbreak is not worth the effort, compared to just buying a second PS4.
