Technological discussion on PS3 security and crack.*

[BRiT]

well, no one really knows how the security works. The hackers are claiming that they can make a *.pup file. If the decrypter/encrypter code is from Sony's updateable pup itself, then sony can recover via whitelisting of old binaries and using new keys for new binaries. If the code for the encrypter is not updateable, and actually inside the CELL itself (like the on die boot rom), then sony is screwed. I think it is the former and not the latter. But who knows whats going on in the firmware team's mind.

The whitelist is a nasty horrible means of dealing with this if it needs to include game binaries. Whenever any game has an update or patch the whitelist will need to be updated. That is not a suitable solution in my view.

 

[patsu]

If this hack is as big as some are suggesting, and it will lead to wide scale piracy, I guess the ramifications will be quite big.

Do you think this might force Sony to change their strategy, and start trying to follow Nintendo's model of making profit on hardware/peripherals, such as focusing on selling move peripherals?

Sony's strategies have already changed if you consider Qriocity and Move.

The other factors are Apple's low cost games, success of casual gaming in cellphones, accelerated adoption of digital movies.

There are also industry people who think that open platform is the future (I believe Phil Harrison and Gabe belong to that camp).

EDIT:
Ironically, Kutaragi's original vision for Playstation was to stop charging licensing fees to game developers and will make money only from sales of its own games and hardware.

I am not sure what their latest plans are now. If they go there, it'd be more like Back to the Future.

 

[Xenus]

BRiT it doesn't matter horrible and hacky whitelisting is if that turns out to be their only recourse. I'm sure they'd much rather go that route then to leave the system wide open from this point forward.

 

[Npl]

The whitelist is a nasty horrible means of dealing with this if it needs to include game binaries. Whenever any game has an update or patch the whitelist will need to be updated. That is not a suitable solution in my view.

if the game has an update you can sign it again with a new key. Any kind of whitelist is a mess, but what are the other options?

 

[corduroygt]

Exactly, if they want PS4 BC with PS3, they'll have to resign all game binaries with the new keys only. Most game executables are small enough to be included in an update anyways. Maybe it's more practical to have an update for every game (since it'll be required for PS4 as well) containing the game executable with the new keys, so no messing with whitelists. Of course this won't stop people from just not updating, but at least it'll keep em offline and not spoiling the others' multiplayer.

 

[Deleted member 7537]

They just published the hash value (SHA-1) of the keys. It makes no sense, does it? Why not publish the key itself...

 

[NathansFortune]

The whitelist is a nasty horrible means of dealing with this if it needs to include game binaries. Whenever any game has an update or patch the whitelist will need to be updated. That is not a suitable solution in my view.

You can pre-whitelist games that are yet to be released in a small update every 3 months. It's not that hard. I expect it is the route Sony will take with this latest blow, which means more updates for legitimate users...

 

[BRiT]

You can pre-whitelist games that are yet to be released in a small update every 3 months. It's not that hard. I expect it is the route Sony will take with this latest blow, which means more updates for legitimate users...

And what about the mass of Indie Arcade games? It also means pushing out an update every single time any game has a title update. I would expect the list would need to be updated at a minimum once a month. Does the whitelist include the prior versions of a game (straight off the disc) or application such as Netflix/HuluPlus and all versions of it's title-updates or do you only include the first and last version?

At a minimum you need to store all the allowed versions of a game/app, and I'll detail why. Does Sony push the system updates on newer game discs so offline users gets them too similar to how MS Xbox does? If you only store the last allowed version and you push out the update on a newly released game's disc, then it's guaranteed that the update will invalidate other games the offline user has installed that have online title-updates but haven't been installed on the offline system. Can you imagine the tech support issues that will cause -- installing a new game makes it impossible to play old games! I expect the list to become quite large and unmanageable.

It's a very nasty solution that I think is actually worse than the problem.

 

[Silent_Buddha]

An update once a month is generous in the extreme, IMO. Considering how often even well funded titles get updates within the first 1-4 weeks of release, I wouldn't be surprised if they needed to update the list 5+ (with the possibility of far more updates, especially during the holiday months) times a month.

This also means that everything would need to be signed and whitelisted, including Netflix, Qriocity, everything. As a whitelist would require everything not in the list to be disabled. If you don't, then you just left open a big wide open door for unsigned or self signed applications.

Regards,
SB

 

[Colourless]

updating should run below everything else, restoring the chain-of-trust. means the keys/code to decrypt would be in the new firmware package protected by a a lower cryptographic layer (never leaving the SPU and not broken), and could simply be swapped out in newer firmware.
Thats how I understood the security features of Cell when I red through them, I dont know how its done by Sony.

eg. a Firmware package should look like:
[cryptro LV1] protected by cryptro LV0
[modules] protected by cryptro LV1

so trying to install a new Firmware might pass a simple signature check, stops XMB and starts the updater but then fails the thorough check.

The Chain Of Trust table shown in the presentation (about 1min in third video) would suggest this is significantly more difficult that it would seem because the revocation system is broken due to being extraordinarily poorly designed! Code will be loaded (and run) before its checked to see if its revoked.

 

[Shifty Geezer]

It's a very nasty solution that I think is actually worse than the problem.

If every time I have to patch a game, a few MBs of patch turns into a full half-hour of update, I'll be cheering the hackers on to provide me a FW that means I don't have to! As so often, piracy measure harm legitimate users more than thwart pirates. Adding layers of complications and frustration for legitimate users has got to be one of the best ways of damaging your brand.

 

[Fafalada]

Adding layers of complications and frustration for legitimate users has got to be one of the best ways of damaging your brand.

I suppose the idea is that when your system turns into a PC, noone can be considered a legitimate user anymore

Personally I just see this as more writting on the wall for the 'standard'-software business model, regardless of what happens with the console in the end.

 

[RobertR1]

Saw this on gaf:

Originally Posted by geohot:
No plans for CFW, and btw PSJailbreak team already won the signed PUP contest. Or me if you believe in 3.21OO

Although I do have other plans possibly, perhaps a 3.55 hello world by the end of the day. Hell, perhaps I'll go out and buy GT5 just to show off homebrew and GT5.

Perhaps CFW isn't the way to go, we can create official apps, aside from piracy purposes(which I despise), why do we need a CFW? How about something like Cydia for the PS3?

This is fantastic. I love Cydia and the jailbreak apps for my iphone. I can't imagine using my iphone without Cydia apps. I was more than happy to pay for them also and I'd certainly do the same for PS3 apps that would appeal to me.

 

[AzBat]

Geohot posted the key and this...

~geohot

no donate link, just use this info wisely
i do not condone piracy

if you want your next console to be secure, get in touch with me. any of you 3.
it'd be fun to be on the other side.

LOL, I'm just floored. Wow.

Tommy McClain

 

[Ameen]

Geohot posted the key and this...



LOL, I'm just floored. Wow.

Tommy McClain

Wow, how did he get to the those keys..!?

 

[nightshade]

Saw this on gaf:
This is fantastic. I love Cydia and the jailbreak apps for my iphone. I can't imagine using my iphone without Cydia apps. I was more than happy to pay for them also and I'd certainly do the same for PS3 apps that would appeal to me.

Those are pretty hollow statements cause regardless of what he said he posted the keys.
http://geohot.com/

No donate link, Just use this info wisely
I do no condone piracy

if you want your next console to be secure, get in touch with me. any of you 3.
it'd be so fun to be on the other side

I only pick the locks, and I do it for Santa..don't care if thieves break in instead.
And if you want a better lock, hire me.

 

[Gitaroo]

haha, would be funny to see Sony contact him right away with this, but it probably too late now with all the stuffs leaked.

 

[-tkf-]

Those are pretty hollow statements cause regardless of what he said he posted the keys.
http://geohot.com/


I only pick the locks, and I do it for Santa..don't care if thieves break in instead.
And if you want a better lock, hire me.

I would not be surprised if we end up with some stupid law that would make shit like what he does illegal.
For all the cool stuff that might bless PS3 owners, those that buy their games and play them online will pay..
Not to mention the developers that make a living by creating these games.

 

[AzBat]

so he obviously used our method to calculate the key, but he had to use a metldr exploit to dump it (which we don't yet have).

you need an exploit in a loader (or a prior loader) to dump it. We had most everything below metldr, but not metldr itself.

he likes that sort of game, but we aren't playing it. We're polishing then releasing what we have, then that's it.

geohot++ for breaking metldr, geohot-- for making it another ego act and not publishing how he did it.

http://twitter.com/marcan42

http://psx-scene.com/forums/644213-post236.html

Please edit top post to match geohot.com, forgot to thank fail0verflow...forgot people don't have the full picture. They had several keys but not the root key, I used their discoveries to find the asymmetric root key.

Days of Our Lives. Cue popcorn. LOL

Tommy McClain

 

[Arwin]

If every time I have to patch a game, a few MBs of patch turns into a full half-hour of update, I'll be cheering the hackers on to provide me a FW that means I don't have to! As so often, piracy measure harm legitimate users more than thwart pirates. Adding layers of complications and frustration for legitimate users has got to be one of the best ways of damaging your brand.

But that's not the case with the PS3 right? For PS3 it's just a matter of how big the developer makes the executable, as that's usually the thing that needs to be updated at minimum. That can vary a lot, from a few MB to the full game, whatever size that may be. That there is so much variation seems to be more lazyness either on the side of developers (reduce testing overhead) or Sony (force policies or provide other solutions to the problem).

Also, why I agree in principle, and have advised various bosses of mine against employing any security measures at all, in the case of firmwares on consoles, the PSP was released almost completely open initially, and has been (very) slowly closed down to some significant level of protection. If I compare how things went for that system with the PS3, I'm having a hard time arguing for a more open system there.

(Of course that does not mean I wouldn't condone something like the App Store on any system, but I live in a very rich country with an incredibly high level of piracy and an incredibly low public sense of that being wrong)