Technological discussion on PS3 security and crack.*

-tkf- is being sarcastic.

 

Hey, somewhere had to be an original involved, hence backup!
And the hope of playing legal backups is so totally worth installing the first shady CFW, bricking a couple PS3s.

 

Is there anything they can do with lvl0, somehow blowing an eFuse or two, re-encrypting a fixed lvl1 and lvl2?

 

It's sure that metldr keys are the hardware keys inside Cell?
So anyone can sign an executable and go to SPE Isolated mode (Secure Valut)?

 

Yeah right... Infinity Ward blame it on the hackers NOW... it's not like the 360 version (or the PS3 version prior to these hacks) was compromised already... bullshit.

 

I thought the difference with the latest hack is that peoples stats/progress can be erased/overridden by a hacked server.

As far as I know, this is not the case with the previous hacks on PS3 or 360... and apparently, still cannot be done on the 360.

Of course, there's nothing, other than IW statements, indicating that this latest hack is directly a result of the private key vulnerability. It could just be yet another advancement of the existing hacks that have nothing to do with the key vulnerability.

 

I can't see too big issue from the Sony side.
It is compromising all of the current signatures-however the only not patchable/changeable are the software on the blue-ray discs.
They can deny all software from all source to be executable,except the original blue-ray discs-however it is next to impossible to make a factory-pressed BR discs.
After the new firmware patch,the old content from the PSN will not be usable-it will not be possible to update the console firmware with the old private key.Probably all userr have to re-download all content from the store.

The console will accept the old key only from original BR discs.

All console will receive a new,per console uniq key (if it hasn't got it) and in the future a whitelist will allow to each console to connect-if the Sony doesn't have the list of issued console IDs,then it could be impossible,but I'm sure about that they can identify all console by a stored,uniq ID,and with that they can close out the compromised consoles-probably for the second try,but after a while they will run out from the codes (and the PS3 keyvault will worth 40 pounds too )


Of course,it will make very difficult the life of the Sony for a while,but one-by-one ,with each firmware update they can decrease the amount of the soft hackable machines.

All of the machines let say before the May of 2011 will be hackable by hardware modification,a fraction of all console by software(with old firmware),and the next 30-60 million unit (after the winter of 2011 price drop) will be un-hackable.

 

FW3.6 should block FW updates from USB sticks IMO, allow updates from PSN and manufactured BD only. But this would create problems with HDD upgrades...

 

Problem for Sony is that the fw3.6 can be decrypted, disected, modified and resigned and then be flashed as custom fw to old devices. Any check or feature Sony puts to new firmwares most likely can be hacked given enough time and motivation.

Ofcourse sony can put stuff into the firmware that makes modification harder but eventually somebody will hack it.

 

But without USB updates there is no easy way to put modified FW into the console, this woud require modchips or something like that. Right now anyone with USB stick can use CFW.

 

But you cannot take usb update out of existing ps3's...

 

Wrong. There are ways to proxy your PS3 through your PC to force updates as if your PC was the official Sony Servers.

 

You can.With a firmware update.

 

Like OOS?

Ha!... but can't Sony encrypt this connection or something like that?

 

What's the point? The hackers will just reverse engineer and crack whatever methods Sony attempts to add in. It's not a matter of 'if' but 'when'. Like it or not, the current PS3 is in a never ending cat-and-mouse game between Sony and the Hackers. Anything short of hardware modification on new consoles will end up being hacked.

 

If you have custom firmware,OR if you have the new,real random private key of the Sony (it will be secure now ),OR if you have pre 3.6 firmware.

The PS3 will not accept any file with a 3.55 or lower signature from other source than a pressed BR disc after the 3.6 firmware update.

By a high chance after the fw3.6 the communication will be secure again between an ofw ps3 and the Sony.

 

The point was, with full access to any firmware that is released to current consoles, and the ability to re-sign everything, there a fully open path to decrypting and modifying pretty much everything Sony releases from this point forward.

So they could hypothetically release a firmware that removes the ability to flash over USB. But since the system is completely open now, they can either write their own application to flash the firmware from USB, HDD, network share, etc. They can take the official firmware, and if needed decrypt it, modify it, resign it and flash it from anywhere.

At no point can Sony completely block things out as you can always work forward from where you are now, to where they are at any time. If they, hypothetically, used 10 firmwares in an effort to mask new keys in that 10th firmware, there's still an open path from now, to firmware 1, then to firmware 2, then to firmware 3, etc...

Of course, perhaps they can make it time consuming enough that it buys them a week or a month or whatever for a new release before the firmware is hacked and released to the wild. That might be enough to mitigate the impact of pirating somewhat. PSP's situation would suggest it may not help as much as one could hope however.

Regards,
SB

 

Did you ever try to use the old,fat PSP with cfw?
It is an endless nightmare with the fw updates,you have to wait for the new keys to update the cfw to be able to play with the new games-it is fun if you have infinite time,otherwise you just let it to update to the ofw,and from that point of time the kid will be able to use the LBG online.

Everyone can hack his console now-or just simply not update to the ofw 3.6,and wait until a method to use on the 3.55 the PSN.

After a while the Sony will ban the CFW consoles one by one,and slowly all ,network capable cfw console will be dead .

if you will update to the ofw3.6 then you will lose the ability to roll back to the 3.55,without hardware modification / new security hole.

This is an interesting event,and actually it trash the PSN experience , but it will not be a permanent threat to the sony.They will be able keep on an acceptable level the piracy (it will have a smaller scale than on the xb360),and re-secure the PSN (but only with the new game releases )

 

You don't get the point.
The 3.6 ofw will block the 60%-99% of the users from the path of the piracy.
If you want to update to the post 3.55 cfws,then you will be able, only if someone will extract the new public keys from it,and make a user friendly installer for it.
But if you will update in the future to any of the ofws,then you will not be able to install cfw without hardware modification.

 

You place too much faith in this mystical 3.6 official firmware.