Technological discussion on PS3 security and crack.*

draconian said:
He said that he has read and write privileges everywhere. After the cell boots up, loads, decrypts the firmware, I would imagine his pulse is sent. Then he simply rewrites the memory location of where the firmware version string is?

I really wish someone who knows about this stuff could write up an article.
Click to expand...
The point is that his hack that allow read/write privileges is done using the OtherOS and opening the console.
Contrary to that he claims his CFW will run (or install?) on untouched consoles:
This can be installed without having to open up your PS3, just by restoring a custom generated PUP file, but only from 3.15 or previous. It's possible this CFW will also work on the slim to actually *enable* OtherOS; I'll know when my infectus gets here.
Click to expand...
 
-tkf- said:
I feel the same way, this is all over the place for me, if he can "patch" the firmware then how deep is he actually into the system. I would say neck deep, but then, if i understand it correct, it´s more of a OS running some basic stuff like Friend lists etc. The more complex stuff is programs that is started from the XMB, like gallery, Vidzone, Home etc...

But it does have access to the Account information, it includes a video player, music player and stuff like that. The important Protection in regards to games seems to be decoupled completely from the XMB, it essentially starts games that then has to run though the build in protection.

But maybe it opens up Region free Blu-Rays since the Blu-Ray player is a part of the firmware.

Maybe Eastman could really get what he wants here, access to features that he can´t live without and noway of playing pirate games :)
Click to expand...

I kinda just want to be able to install strait to my hardrive and play the game from there.Oh and cross game chat would be nice but not a deal breaker.


But as I said in the other thread. Looks like I was right , CFW with no piracy.
 
grandmaster said:
Breaking down and extracting the PUP file, changing or replacing a signed module is basically Sony's worst nightmare and that's exactly what he's saying he's done here. My guess would be it's a straight component swap from one firmware to the next, but it still shouldn't be possible.
Click to expand...

Extracting a PUP isn't a huge feat -- there've been apps that do that for years. I'm wondering how they secure it. The fact that I can unpack them on my PC tells me that the PUP itself isn't encrypted. Since you can download and install the firmware from a pendrive if you have no internet connection, I figure they're not getting some checksum over the internet. So is there a checksum in the packed file itself? Or is each pkg file contained therein signed with a public key, and Sony simply believes no one else to be able to generate such files?

That might explain how he did it -- if the security is all in the individual files, then just mixing and matching will guarantee that it'll at least work. Hell, I'm not sure if that's where the system reads it from, but the firmware version is in a plaintext file.

Edit: looks like it stores the hashes right there in the PUP itself, but they use some algorithm people don't know. Has geohots cracked that, or have there been advances there?
 
Last edited by a moderator:
So what happens when he or others start adding features to the firmware, affecting RAM usage? That would break the way games expect a certain amount to be available right?
 
N_B said:
So what happens when he or others start adding features to the firmware, affecting RAM usage? That would break the way games expect a certain amount to be available right?
Click to expand...

Most likely, but they could probably off load those modules when you boot a game.
 
Phil said:
Well, legimate or not, it's all over the news already... :rolleyes:
Click to expand...

I don't see how bragging about custom firmware could possibly be good for geohot. If he dares to release it he will be sued into oblivion for copyright infringement. Maybe he hasn't heard about Dark Alex and what happened to him.
 
mmendez said:
I don't see how bragging about custom firmware could possibly be good for geohot. If he dares to release it he will be sued into oblivion for copyright infringement. Maybe he hasn't heard about Dark Alex and what happened to him.
Click to expand...
Err? While many EULA`s prohibit reversing and might be enforceable by law (I never fully understood the legalese regarding EULA`), creating CFW ain't violating any copyright and creators thus cant be attacked because of violating it. Atleast not if they are done in the way of the PSP CFW which are distributed as smallish patches to the OFW - no Sony code is included.
And what happened to Dark Alex? He pushed out CFW`s for years, dont you think he would've been sued out of existence after the first one - his identity is known for long.
 
Npl said:
Err? While many EULA`s prohibit reversing and might be enforceable by law (I never fully understood the legalese regarding EULA`), creating CFW ain't violating any copyright and creators thus cant be attacked because of violating it. Atleast not if they are done in the way of the PSP CFW which are distributed as smallish patches to the OFW - no Sony code is included.
Click to expand...

You cannot modify and redistribute code you don't own unless explicitly allowed to do so (e.g. GPL, BSD licenses). If he distributed a patch that might or might not be legal, depending on how he does it.

Npl said:
And what happened to Dark Alex? He pushed out CFW`s for years, dont you think he would've been sued out of existence after the first one - his identity is known for long.
Click to expand...

As you mentioned DA used to release his own installer override/patcher which I suspect is what kept him on the legal side. What I read was that he was invited by Sony to stop doing so and eventually did. Had he released a homebrew-only CFW (No ISO/CSO loader) I'm sure Sony wouldn't have cared that much.
 
I can't connect anymore. Bypassing fw check is not possible with known methods. Hopefully a new one will appear soon.
 
N_B said:
So what happens when he or others start adding features to the firmware, affecting RAM usage? That would break the way games expect a certain amount to be available right?
Click to expand...

The chances of hackers writing their own XMB modules is pretty slight wouldn't you think? In a worst case scenario they'll be adapting tiny portions of the existing ones. Over and above that, I'm fairly sure the vast majority of the XMB is blitzed from RAM when the game starts.
 
Sooner or later it's gonna be hacked since it's console with a fixed system, and technology never stands still. The only question is will it be hacked completely before or after the PS3 loses it's relevancy?
 
Well... we'll never know what's happening behind the scene. May be Geohotz got hired (Think $$$$$$$$$$) and has to stay clean, or focus on another project. Just leave him alone.

I moan my PS3 Linux loss.
 
Sony was going to drop Linux support after Kutaragi was ousted, the slim without Linux was proof of that, security claimed was just an excuse. Shame really, if Kutaragi still at the helm, perhaps Linux and Cell would not be dead on water. I think PS3 would probably be the last Playstation to support Linux too. I doubt PS4 would support Linux.
 
V3 said:
Sony was going to drop Linux support after Kutaragi was ousted, the slim without Linux was proof of that, security claimed was just an excuse. Shame really, if Kutaragi still at the helm, perhaps Linux and Cell would not be dead on water. I think PS3 would probably be the last Playstation to support Linux too. I doubt PS4 would support Linux.
Click to expand...

We'll never know though - who knows some form of Chrome OS might make it onto the device. The primary issue that both caused Linux to be less useful as it could have been, and caused Linux to be removed now, is that the RSX part of the PS3's system wasn't as well protected as the Cell and Game OS had been. If they can solve that in the next design, then they could allow Linux on there and, importantly, allow it full use of the GPU subsystem.

It seems slightly more likely though that the next OS will be more 'Apps' style, like iOS, Android, Chrome OS or whatever, with the whole Apps running on a completely virtualised platform. We'll have to wait and see though.
 
You must log in or register to reply here.

Similar threads

C
FAO Linux users on PS3
Replies
12
Views
4K
patsu
P
H
Cell's Security Architecture: Ibm's Prize And Sony's Achilles Heel
2
Replies
28
Views
5K
SPM
S
U
  • Locked
IGN on 360 and PS3 versions of MLB2K7: "So much for spending $600 dollars".
Replies
13
Views
3K
techhead77
T
M
(Simple?) questions about Xbox 360 and PS3 bandwidths
Replies
8
Views
2K
marconelly!
M
T
  • Locked
Some developer comments on PS3/X360 (Edge Magazine)
7 8 9
Replies
162
Views
23K
MonkeyLicker
M
Back
Top