looks like the PS3s been hacked properly now :o

tomos · 01-01-2011, 15:22

info here

PS3 owners hopefully can look forward to a range of possibilities with this :o

hopefully this is ok to post here?

Fail0verFlow is Coming: http://fail0verflow.com/ and http://twitter.com/fail0verflow (Dongle-less PS3 JailBreaking, overflow by replacing PS3 revoke list with a large one at bootup)
Fail0verflow Tweets: Our goal is to have linux running on all existing PS3 consoles, whatever their firmware versions. Our current PS3 goal: AsbestOS.pup. For all those out there that think fail0verflow.com has been hacked - it hasn't. We're just busy working on a demo for tomorrow. Patience!
Marcan42 Tweets: We don't have the game signing key but the same epic fail applies to it. Once someone dumps appldr they can calculate it too. They actually CAN change keys for LV2/LV1, isolated modules, rvklists, spp, but that's useless because you can just downgrade the loaders. Myth #2: Sony can change keys. No, they can't. These aren't encryption keys, they're signing keys. If they change them GAMES STOP WORKING. Myth #1: It took us 3-4 years to do this. Negative, this exploit only took a few months after we started working. We weren't trying before.
Marcan42 Tweets cont'd: FWIW lightning talks tomorrow are at 11:30-13:45. PS3 demo will be 4 minutes _somewhere_ within that range (to be determined). They can try to whitelist every existing piece of official PS3 code... but good luck with that. IOW they CANNOT change keys or fix this in a new firmware, because stuff we sign is every bit as good as existing official software. Wii fakesigning vs. PS3 epic fail: Wii issue is a BUG in console code (fixable), PS3 issue is a FAIL in THEIR secret signer (not fixable).
Marcan42's PS3 NOR Flash 40-50 Wire Mod (more pictures HERE) http://twitter.com/marcan42/status/16985058829144065
Public Private Keys Calculated, Current PS3 Firmware vulnerable and downgradeable
Signing (SELF Packages), Not Games (No Apploader Keys)
Live Demo by Marcan42 (confirmed above via Twitter) during Lighting Talks tomorrow- Day 4, Room Saal 3, Start time 11:30, Duration 02:15.
MPlayer port to PS3 in the works, confirmed by lantus on IRC
Although only PS3 keys up to 3.15 are currently available, it is now possible to build an AsbestOS.PUP sven confirms via IRC

[/QUOTE]

LordoftheDance · 01-01-2011, 16:56

I have no idea what 95% of the above means. As long as Sony don't punish legitimate software users (like myself) in some manner with all this hacker nonsense, then I don't care.

Marv · 01-01-2011, 17:04

People will keep Jail braking Firmware and Sony will keep updating the firmware to throw them off again for a few months. The only thing i'am intrested in the PS3 being is a region free blu-player but i cant ever see that happening.

tomos · 01-01-2011, 17:09

iirc, with this new hack, sony can't do anything about it without hardware changes - at least not without revoking keys which would stop every game ever made for the PS3 from working. doubt even sony will go that far

looking forward to seeing what scene dudes can do with this once the tools are out later this month

Jimmyboy · 01-01-2011, 17:13

If these reports are true then the problem can not be fixed with firmware updates as the hack appears to allow you to run unsigned firmware as authentic. From what I understand, the jailbreak simply allowed people to run unsigned secondary programmes in a temporary window which reverted back on reboot. This new hack has nothing to do with the jailbreak, its to do with hackers now being able to completely re-write official firmware which will obviously mean a much deeper penetration into the machines hardware.

Jim989 · 01-01-2011, 17:31

Quote:

Originally Posted by Jimmyboy

This new hack has nothing to do with the jailbreak, its to do with hackers now being able to completely re-write official firmware which will obviously mean a much deeper penetration into the machines hardware.

You are correct. It took this long because people used to have access to the CPU via OtherOS. What Sony failed to realise was that OtherOS was the reason their console security was never broken before. Why bother doing that when you already had access to the CPU?

There was no challenge so nobody was interested. Then Sony tried to save a few pennies and shot themselves in the foot. The Slim was a stepping stone to FW removal and when FW3.21 came out it put up the challenge

Epic Fail award of 2010 goes to the Sony idiots who thought it would be a good idea to **** off hobby programmers.

pip&pop · 01-01-2011, 17:44

The Epic Fail was due to Sony generating a 'random' number for their private key that was always the same. (failOver's talk) enabling the key to be figured out with some simple maths.

I really look forward to being able to run Linux again on my PS3 even if its 256MB of RAM makes it less than perfect.

The team responsible are ONLY looking at this and not enabling pirates and for that I applaud them.

Linux plus decent access to the graphics card would be great for emulator writers and porting of Linux games.

LordoftheDance · 01-01-2011, 17:47

Actually, there is one useful thing I can think of that I'd like my PS3 to do which it doesn't at the moment. My other half asked me to call her on Skype the other day (she's in Poland), but I can't use Skype on the PS3.

Perhaps these guys can get that to work?

statto · 01-01-2011, 17:51

Quote:

Originally Posted by Jim989

You are correct. It took this long because people used to have access to the CPU via OtherOS. What Sony failed to realise was that OtherOS was the reason their console security was never broken before. Why bother doing that when you already had access to the CPU?

There was no challenge so nobody was interested. Then Sony tried to save a few pennies and shot themselves in the foot. The Slim was a stepping stone to FW removal and when FW3.21 came out it put up the challenge

Epic Fail award of 2010 goes to the Sony idiots who thought it would be a good idea to **** off hobby programmers.

This.

Can't wait for Linux compatibility for my slim. Then the old PS3 I have can assume media streaming duties in the bedroom.

blazeuk · 01-01-2011, 20:02

Quote:

Originally Posted by pip&pop

The team responsible are ONLY looking at this and not enabling pirates and for that I applaud them.

The team who discovered this are against piracy themselves, however it appears Waninkoko is working on stuff (already released a FW encrypter), so its only a matter of time before its opened up alot more. Pirates themselves have been able to play games for a few months now anyway.

Adge · 01-01-2011, 21:38

I hope it doesn't lead to online cheating (aimbots etc) as I find those sort of things a real pain in the neck.

tomos · 01-01-2011, 21:54

i think with this, that'll be a real possibility. not sure if they can even ban consoles

jester · 02-01-2011, 09:29

Nope, they cannot! Since they announcement things have already started to move very quickly indeed with the likes of tools to sign pkg files.

Basically it turns every hacker into a Sony dev.

And make no mistake, all this "no piracy" nonsense is just that - nonsense, its already on the coat-tails.

Since the second ylod of my post launch 60gb phat occurred I am getting another PS3 today with NFS:HP. I had considered not bothering with replacing it but have every confidence now that this year will be a very interesting one for PS3 owners indeed.

jester · 02-01-2011, 20:34

Geohot has now released the master MetLdr key, thats it... game over for Sony. This console is now wide open... for ever.

tomos · 02-01-2011, 20:55

yay, time to get myself a PS3 i think :o

scoobyood · 02-01-2011, 20:57

.... all because Sony decided they didn't want to "allow" linux to be installed on PS3's any more. That's awesome and priceless

LordoftheDance · 02-01-2011, 22:01

Quote:

Originally Posted by jester

Geohot has now released the master MetLdr key, thats it... game over for Sony. This console is now wide open... for ever.

Could you please explain this in layman's terms, as this is all way over my head. Sounds quite interesting though!

statto · 02-01-2011, 22:08

It's the PS3 root key, that allows you to decrypt and sign pretty much anything you want code wise.

LordoftheDance · 02-01-2011, 22:12

Quote:

Originally Posted by statto

It's the PS3 root key, that allows you to decrypt and sign pretty much anything you want code wise.

Could you please explain this in layman's terms, as this is all way over my head. Sounds quite interesting though!

RESSEH · 02-01-2011, 22:12

Quote:

Originally Posted by LordoftheDance

Could you please explain this in layman's terms, as this is all way over my head. Sounds quite interesting though!