While true, the keys are not compromised because they are not decrypted and accessible - they're somewhere in that encrypted NAND dump. But this does indicate that Sony aren't using unique hardware serial numbers (which does surprise me), or at least their current encryption system is not making use of it.
Boa tarde raparigo. Como e que esta voce?
Boa tarde raparigo. Como e que esta voce?
Yes, it's an all or nothing solution which is why it's limited to full system cloning.
Where you suggest storing data that isn't externally available?
The console itself can support two different accounts, so there is software running in two different signed contexts. I'm not confident that this is something the security architecture had in mind, so there may be room for a dedicated hacking team to generate an exploit if they find a way to force a console in this state to mix and match validation information, code, or system buffers from both contexts.
The possibilities in the future include integrating it on-die or stacking it so that it becomes physically impractical to get away with it in a game shop's back room. There are likely secure stores for the actual signing keys.
I know the PS4 can support more than two accounts, we have three on ours and friends do, on occasion, login with PSN credentials.
Damm... if ever an automatic translator sucked, it was now
Rapariga means Girl... so Raparigo would mean Boy... But there is no such word in the Portuguese Dictionary.
It was a good try nonetheless
The hack allows for online and offline play. The console is a clone, and the software is original. Games can be removed and even updated!
You can even install more if they are original! But for more pirated ones a new cloning is needed!
That means, with the use of a CD key on the games, Sony could detect multiple access. But this would require an internet connection!
No translator, no, raparigo exists in galician and it is a rapaz (masculine), rapaza (girl, feminine), rapariga (girl). But thanks for clearing that up.How about changing the NAND in future PS4 designs? Would be it feasible to prevent this hack?
That is how the cloned PS4s can continue to add software and updates after the initial cloning. The flaw is that the data that validates the firmware and user credentials is usable outside of the console that created the data.
The thing is that AMD has been big on TPM and security measures like TrustZone for some time, and so the option may have been present. Sony was rumored to have declined that solution, and the auxiliary processor may be where some of the initial validation is being handled.
That's my argument, that I do not see why there would have been any question as to using unique keys per console from the outset, because there is so little available to authenticate otherwise. The platform's defenses are significantly more shallow if a compromise in one device is universally applicable with no additional effort. It doesn't even necessarily have to be unique, just have enough possibilities that a collision is rare and time-intensive to discover on a large scale.
In other cases, firmware chips have had fuses blown before leaving the factory to prevent dumps of the contents or prevent reflashing.
Google's auto detect and translate worked for me. Detected Galician.Damm... if ever an automatic translator sucked, it was now
Fas ben Shifty Geezer.
Google got it with the raparigo thing, but words like voce don't exist in galician, for instance.Thanks for the detailed reply, awesome as always. As for what is stored for rapid start purposes, the game data remains intact, but why should they keep important data on memory rather than just the game's assets?
That's a very good question, and this teardown says that the PS4 doesn't use NAND memory:
I speak galician like 99% of the time. You described the language very well, it also has a few celtic words, especially noticeable in place names. Rapariga where I live is a not so common word, but used to call someone -even a relatively mature woman (say until their late 30s)- girl/woman in an affectionate way. But the "correct" term and the original one always refers to a young girl. So yeah, it depends on the place and the context.Galician is a mix between Portuguese and Spanish. A lot similar to portuguese but with some spanish terms. It´s neither portuguese, nor real spanish.
I keep a Portuguese Technology Webpage, and do all my translations myself. And boy, do I see some terrible translations in other websites. Sometimes things cannot be translated to the letter and if they are the real meaning of the phrase may be lost.
Rapariga is a Girl... but not any girl. A Young girl, an adolescent! If you call Rapariga to a mature woman she won´t like it. It implies she as not matured at all!
And be even more carefull in brasilian. Rapariga is whore or a mistress.
In Portuguese/Brasilian (And brasilians speak Portuguese, but use some terms of their own) the masculine of rapariga is Rapaz.
Sorry for the off-topic. Lets talk again about Sony's rapariga
Don´t you believe a firmware solution can be found that prevents writing on the Nand without some sort of validation, blocking brute force access? BMW did something like that recently to prevent reading of their cars ECU's NAND and the cloning of keys using the OBD port!
That is a fair point, so I can only express curiosity if there is a possible exploit there, either due to something left there by design or just something accidentally left available.
It's flash rather than NAND. The PS4 has three distinct banks of RAM: 8Gb GDDR5 (using Samsung K4G41325FC-HC03 chips), 2Gb DDR3 (a Samsung K4B2G1646E-BCK0 chip), 256mb Flash (a Macronix MX25L25635FMI chip).
Launch times were the same if you used the Instant-on (the equivalent of sleep mode in a computer OS) feature. That's to say, time remained the same to get to the console's dashboard -instant-on, fast launch, like 5 seconds, power saving mode, 1 minute launch-.
Audio is latency-sensitive, so maybe that has to do with the process of suspending interfering with the processing of what remained in the audio buffers. Diablo 3 seems to have a pretty rigid frame tick model going by the way damage and weapon/monster effects kick off, so perhaps other elements of the engine won't to respond to the suspend event without spitting out a few final frames worth of data.
I saw some speculation it was used by the OS and applications, but another explanation that sounds plausible is that it contains a backup system image. I don't recall an official statement on that, however.
