Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrades.
Please accept our apologies in advance for any inconvenience this might cause.

PS3 jailbreak, stuxnet, and best practices in private key protection

Created: 09 Feb 2011 • Updated: 18 Dec 2012
Tim Callan's picture
0 0 Votes
Login to vote

About a month ago Sony made headlines at the Chaos Communication Congress in Berlin when a Playstation 3 jailbreak was revealed based on the use of stolen private keys for the PS3's code signing functionality. This incident illustrates the danger organizations face if their private keys are stolen. Similar incidents in the wild can result in the forced revocation of code signing certificates, which may cause existing deployments to stop working. To help organizations protect themselves from this possibility, Symantec has commissioned security writer/blogger Larry Seltzer to study the stuxnet attack (which depended in part on stolen certificates) and lay out the best practices in protecting your private keys: Securing Your Private Keys as Best Practice for Code Signing Certificates.