Technological discussion on PS3 security and crack.*

bomlat said:
"just" all of the LBP2 items/profile data (it mean that he will have to spend a lot of time to get back everything)
Click to expand...

What makes you think it was a hack, rather than a bug?

It seems unlikely that someone would have been able to hack LBP2's network behavior just over the last week.. even assuming that custom firmware for someone's PS3 would allow LBP2 to be analyzed to find a vulnerability in the network protocol that would allow one player to order another player's profile to delete items.

It seems much more likely that it was a bug on Media Molecule's part, or that your son might have accidentally done it to himself.

AFAIK.
 
jonabbey said:
What makes you think it was a hack, rather than a bug?

It seems unlikely that someone would have been able to hack LBP2's network behavior just over the last week.. even assuming that custom firmware for someone's PS3 would allow LBP2 to be analyzed to find a vulnerability in the network protocol that would allow one player to order another player's profile to delete items.

It seems much more likely that it was a bug on Media Molecule's part, or that your son might have accidentally done it to himself.

AFAIK.
Click to expand...

It wasn't my son,but my son's friend.
And I don't think it is that complicated.
The sony used same standard SDK stuff to make the network /trophy/storage part of the game.They build everything around the machine ,not the user,so from that point of time it could be to modify an example from the SDK,and start the hack.


From my side it mean is a full stop to buy any network capable game for the ps/xb .(the xb has been on ban this since the jtag hack)


I will buy stuff from only the Steam from now on (actually that is a very safe platform)


Both the PS/xb can not deliver the same experience like the Steam-since the beginning of january.
 
You do know the same hacking occurs on Steam games, right?

Also, I beg to differ. The XB Jtag hacks are quickly detected and dealt with on XBLive, the longest it takes is 4 hours. I'd even be so bold as to say they are dealt with faster than Steam hacks.
 
The word from Sony on 3.56 is "A new PS3 system software update, v3.56, will be released soon. This is a minor update that adds a security patch."

We'll have to wait and see what the hacker community has to say on this update.
 
BRiT said:
The word from Sony on 3.56 is "A new PS3 system software update, v3.56, will be released soon. This is a minor update that adds a security patch."

We'll have to wait and see what the hacker community has to say on this update.
Click to expand...


http://twitter.com/#!/KaKaRoToKS

"lv2 3.56 decrypted, lv1 decrypted"
and it didn't take long.. key's are already found and : kakarotoks: "pup from ps3utils and puppack/pupunpack from ps3tools in *************can now pack/unpack 3.56 correctly."

However the update includes a new .self file with a new, previously unknown, key inside. This means all homebrew tools will have to be updated in order to restore functionality.
 
Last edited by a moderator:
damienw said:
Kotaku claims a source says they are moving to unique serial keys, but this could be a misunderstanding of the leaked keys:

http://kotaku.com/5744389/sony-starts-rolling-out-the-ps3-security-updates
Click to expand...

That is the one solution that would not require either massive effort (and massive user inconvenience) or just going to new hardware: PS4, with no backward compatibility.

It would still be onerous to users... but if their serial licensing system is sufficiently secure... it's the only real option. Still won't solve all problems, but will alleviate the problem of rampant piracy.
 
http://store.brewology.com/

Is this site trying to be the alternate PSN store? It has got demoes and patches for games and stuff. People are getting so serious about this PS3 piracy issue.

As for the hacking of games online. That is a very serious issue. Looks like PSN bans will have to come sooner.
 
I'm starting to wonder if the rumored 3G capabilities of the PSP2 will be used for online authorization/registration of software, whether or not you pay for data service. Sony can't do free data for things like game downloads, video, music and general internet access, but exchanging a few KB every time you start a game brings that kind of Kindle model within reach.
 
If it's only a removal of recovery mode, then CFW could spoof the versions number and be done with it.
 
I know what recovery mode is used for. I was specifying how currently hacked PS3s with CFW could possibly remain hacked and run games needing the new 3.56 firmware if that was the only change in 3.56.

Removal of the recovery mode in 3.56 only affects systems that opt to upgrade to it. It's closing the door on new systems installing CFW, so consider it Sony's first steps. However, it wouldn't do anything on systems running CFW or those not upgrading to 3.56.

From what is being talked about, the update to 3.56 is not absolutely required at this time to connect to PSN.

It looks like Sony is now using new keys and a newer ps3swu.self, but have had to keep the old keys for those upgrading from older firmwares. It looks like new lvl1, and lvl2, and perhaps even SPU too.
 
I have a question to more knowledgealbe people here.
I know that the original pressed discs cannot be duplicated, and this probably means that there is some information written on them somewhere that is not accesible freely, that only the BD drive can read.
Would it be technically possible to put a unique serial key on this area of the disk? Each disk would then have it's own serial pressed to it, so no need to enter it manually.

If the question is dumb - sorry, but thanks in advance for the answer.
 
I remember hearing about that sort of copy protection before PS3 was even released, i think it is possible for each individual bluray to have a unique serial from what i remember.
 
baten said:
I have a question to more knowledgealbe people here.
I know that the original pressed discs cannot be duplicated, and this probably means that there is some information written on them somewhere that is not accesible freely, that only the BD drive can read.
Would it be technically possible to put a unique serial key on this area of the disk? Each disk would then have it's own serial pressed to it, so no need to enter it manually.

If the question is dumb - sorry, but thanks in advance for the answer.
Click to expand...
Technically possible yes, financially feasible no.

pressing discs takes building one rather expensive "glass master" and then using it to stamp 100 000`s of discs. creating one master per disc would result in those discs costing upwards of 200€ to produce (without the cost of the content).
And more importantly this would be impossible to do in a timely manner - would be faster and cheaper just to burn everything to BDR`s and ship those, which would still take to long
 
Hmmm

http://www.neogaf.com/forum/showpost.php?p=25641102&postcount=4866

I'll try and some everything up (I'm no expert in this so I'll probably get a couple of things wrong).

- Geohot's signed homebrew always uses the same keypairing which Sony have now blacklisted. Another keypairing can be generated and any homebrew signed with this would work on vanilla 3.56 (you would have to install it on 3.55 though as NPDRM keys still haven't leaked). It's likely this will always be the case unless Sony creates a whitelist. However it is not practical as you would not be able to install new homebrew once you upgrade from 3.55.


- 3.56 fixes the ECDSA random number bug. Private keys can no longer be calculated. Public keys can still be found (and already have been).

Private keys = encrypt data
Public keys = decrypt data

The fact Sony fixed this makes no difference to people already on CFW or pre-3.56 OFW as they have everything they need to decrypt and encrypt with old keys.

Additionally fail0verflow's other exploit allowed all the loaders and revoke lists to be downgraded using hardware (very difficult). This cannot be patched by Sony so all PS3's can still use CFW (though it's very inconvenient for anyone on 3.56)


- Signed 3.56 CFW will only work with 3.55 or lower firmware because of the new keys.


- New PSN security means that it will very soon be secure even when 3.56 CFW arrives. (see my post on the last page)


What this means:
- All consoles on virgin 3.56 or higher can't install CFW or homebrew without a downgrade via hardware.
- Homebrew will run on 3.56 or newer once resigned with different keys (but you can only install homebrew on 3.55 or lower)
- CFW 3.56 will eventually arrive but will only be able to be installed on 3.55 or lower.
Click to expand...
 
The Cat and Mouse game has started, the most important job for Sony is to shutdown PSN so the thiefs don´t get in there. That will force them to either upgrade to play "for real" or stay single player only.

And the Homebrew lovers have all they need now anyway.
 
You must log in or register to reply here.

Similar threads

C
FAO Linux users on PS3
Replies
12
Views
4K
patsu
P
H
Cell's Security Architecture: Ibm's Prize And Sony's Achilles Heel
2
Replies
28
Views
5K
SPM
S
U
  • Locked
IGN on 360 and PS3 versions of MLB2K7: "So much for spending $600 dollars".
Replies
13
Views
3K
techhead77
T
M
(Simple?) questions about Xbox 360 and PS3 bandwidths
Replies
8
Views
2K
marconelly!
M
T
  • Locked
Some developer comments on PS3/X360 (Edge Magazine)
7 8 9
Replies
162
Views
23K
MonkeyLicker
M
Back
Top