Video Game Device Forensics

You may have read that the PlayStation 3 was recently hacked, allowing users to develop their own homebrew applications for the device (or to play pirated games).  This development has a number of implications for digital forensic investigators, most notably the increased risk of coming across a modified system used for illegal activity.  When the console first launched, users were able to install a second operating system alongside the primary operating system, a feature Sony has since disabled via firmware updates.  Now, with the ability to execute foreign code on the system, it is once again possible to run Linux (or some other derivative) on the PS3, making the system a potential source of evidence for investigators.

On the plus side, this exploit can potentially allow programmers to develop forensic tools specifically for the PS3.  Hopefully it won’t be too long before we see a file system dump utility, or perhaps a more targeted tool that exports user messages or other relevant data.  Ideally, we’ll end up with the ability to mount the PS3′s file system in Linux or Windows.