Technological discussion on PS3 security and crack.*

Well at least I hope Sony learn from the lessons of the PS3 and PSP to use multiple layers of security and use them all properly rather then rely on one system they feel is unbreakable. Multiple layers of security and isolation has always been the best policy and even then it's not unbreakable so much as just usually not worth the effort it takes.
 
Xenus: Its clear that Sony already planned for multiple security layers, its just that too many of them simply are ineffective. I really dont understand how they could slip so much, I`d assume that you`d review your system by 1-2 groups that dint work on it atleast. If thats not possible internally then get some consultant from the outside - IBM maybe?

And I`d really have expected some runtime-checks for games, atleast that way anyone couldnt just copy the disc and would rely on someone to crack it (each time its updated). Sony created SecuROM so this should be within their capabilities
 
Cyan said:
Now that both of you mention PSN, I wonder if the PlayStation Network Cards can also be hacked. :?: I'm talking about the prepaid cards Sony has created to purchase content without needing a credit card or e-money.
Click to expand...

There should be a different set of keys to handle these cards, but yes they are at risk too if the same random number generator is used to redeem them. Sony may have to regenerate new keys, and fix the crypto engine.
 
The PSN cash card code generation algorithm should be stored within the network infrastructure and none of it should be on the PS3, so that's safe, unless Sony were blithering idiots of an epic degree unseen before. :p

Using the same codes as could be generated from the PS3 security system would be one of those things. :p

Regards,
SB
 
It didn't take long at all once the information is out there. The PS3 hackers now have a few of the 3.50 Firmware only games running on Firmware 3.41. The list of games include Tales of Graces F, Need for Speed: Hot Pursuit, Gran Turismo 5, and Harry Potter And The Death Hallows Part1. They are using what I assume to be hacked Firmware 3.50 Game EBOOT files.

The first steps seems to be decrypting the file, modifying some portions then resigning it but keeping the information decrypted. This seems to allow the older firmware to work as it doesn't fail in decrypting information that was encrypted with a key it has no knowledge of.

Though if a game uses a newer SDK with API calls that do not exist in the older firmware it will crash at that point. So even though GT5 uses a newer SDK it doesn't yet seem to make use of the newer API calls so at least one version of it is still very playable. I think it's multiple versions have to do with what region they were released in, but I could be wrong on that point.
 
Npl said:
Xenus: Its clear that Sony already planned for multiple security layers, its just that too many of them simply are ineffective. I really dont understand how they could slip so much, I`d assume that you`d review your system by 1-2 groups that dint work on it atleast. If thats not possible internally then get some consultant from the outside - IBM maybe?

And I`d really have expected some runtime-checks for games, atleast that way anyone couldnt just copy the disc and would rely on someone to crack it (each time its updated). Sony created SecuROM so this should be within their capabilities
Click to expand...

This would be a good movie, how did they slip up, what kind of development courses such a big fuck up, was it one boss that ruled with an iron fist, was it the nature of the Sony developement team, did flaws pass unoticed because they relied to much on "one feature".

I think the basic idea of the Cell security is spot on, the implementation and short cuts they made for convience was just what killed them.
 
One thing they can do is to force older systems to stay online for the new games to work by verifying the new keys online, while the newer systems have different keys. It's not a very consumer friendly solution though :)
 
BRiT said:
It didn't take long at all once the information is out there. The PS3 hackers now have a few of the 3.50 Firmware only games running on Firmware 3.41. The list of games include Tales of Graces F, Need for Speed: Hot Pursuit, Gran Turismo 5, and Harry Potter And The Death Hallows Part1. They are using what I assume to be hacked Firmware 3.50 Game EBOOT files.

The first steps seems to be decrypting the file, modifying some portions then resigning it but keeping the information decrypted. This seems to allow the older firmware to work as it doesn't fail in decrypting information that was encrypted with a key it has no knowledge of.

Though if a game uses a newer SDK with API calls that do not exist in the older firmware it will crash at that point. So even though GT5 uses a newer SDK it doesn't yet seem to make use of the newer API calls so at least one version of it is still very playable. I think it's multiple versions have to do with what region they were released in, but I could be wrong on that point.
Click to expand...

I thought they re-encrypted with the older key after repackaging for the older firmware...?
 
So couldn't Sony (going forward only of course) implement DRM/copy protection on the software side with activation similar to windows, office or PC games, etc.?
 
corduroygt said:
One thing they can do is to force older systems to stay online for the new games to work by verifying the new keys online, while the newer systems have different keys. It's not a very consumer friendly solution though :)
Click to expand...

That's not an option, unless they want to offer refunds to all the users who can't/won't comply with this.

The only real option here for Sony is to find ways to detect user with CFW/modded consoles and ban then off PSN.
 
Can Sony not generate new keys and keep the old keys alive for all the backlibrary? This way at least the new software would only load with new keys.
 
Butta said:
Can Sony not generate new keys and keep the old keys alive for all the backlibrary? This way at least the new software would only load with new keys.
Click to expand...

No. The method for compromising the PS3 is hardware based. Each new firmware will be crackable in the same way.

The PS3 has become a PC as far as copy protection goes and that applies even to Bluray - meaning future blurays will likely NOT play in PS3s FWIW.
 
Mize said:
No. The method for compromising the PS3 is hardware based. Each new firmware will be crackable in the same way.

The PS3 has become a PC as far as copy protection goes and that applies even to Bluray - meaning future blurays will likely NOT play in PS3s FWIW.
Click to expand...

They will. AACS is not going to revoke the biggest BR player's license.
 
...a thought (of sorts)...

If future BRs are not playable on PS3s and future games are made to be unplayable on legacy PS3s, how many units would Sony have to recall to "fix" the legacy systems to be compatible with future games and BRDs? What have they sold to date? 40M world wide? So, let's say $300 per console "recall" would run them around $1.2B. Ouch.
 
RobertR1 said:
They will. AACS is not going to revoke the biggest BR player's license.
Click to expand...

So doesn't the master key make them about a bazillion times more subject to piracy of BR movies? I mean, doesn't the PS3 become a great BR ripper now?
 
Mize said:
...a thought (of sorts)...

If future BRs are not playable on PS3s and future games are made to be unplayable on legacy PS3s, how many units would Sony have to recall to "fix" the legacy systems to be compatible with future games and BRDs? What have they sold to date? 40M world wide? So, let's say $300 per console "recall" would run them around $1.2B. Ouch.
Click to expand...

You mean 12B?
 
You must log in or register to reply here.

Similar threads

C
FAO Linux users on PS3
Replies
12
Views
4K
patsu
P
H
Cell's Security Architecture: Ibm's Prize And Sony's Achilles Heel
2
Replies
28
Views
5K
SPM
S
U
  • Locked
IGN on 360 and PS3 versions of MLB2K7: "So much for spending $600 dollars".
Replies
13
Views
3K
techhead77
T
M
(Simple?) questions about Xbox 360 and PS3 bandwidths
Replies
8
Views
2K
marconelly!
M
T
  • Locked
Some developer comments on PS3/X360 (Edge Magazine)
7 8 9
Replies
162
Views
23K
MonkeyLicker
M
Back
Top