Post by trog @ 12:46pm 04/01/11 | 61 Comments
Inevitably, this drew the ire of the hacking community, and after several months of hard work it seems that this move has been completely and utterly responsible for the demolishing of all the outstanding security measures on the PlayStation 3. At a recent conference in Berlin called the Chaos Communication Congress, a team called fail0verflow has announced that (amongst other exploits), they have uncovered the private signing keys used to sign PlayStation 3 content - turns out Sony didn't use a random number in the right place, which meant they could trivially calculate the private key values.
If you're interested in the gory details, as well as a good summary of the state of console security as it stands now, the fail0verflow presentation is available on YouTube in three parts (one, two, three). It's a pretty interesting talk and worth the watch (~45 minutes).
The practical upshot of their research apparently means that we should soon be seeing dongle-less jailbreaking for the PS3, which will return the ability to run custom code via an OtherOS-esque system.
Latest Comments
61 Comments
Show
Follow Us
Advertisement
Log In
Posted 12:48pm 04/1/11
Posted 12:52pm 04/1/11
Posted 12:55pm 04/1/11
Posted 01:04pm 04/1/11
Posted 01:14pm 04/1/11
Still, piss off a community and get hacked. More power to the people i say.
Posted 01:56pm 04/1/11
http://dilbert.com/strips/comic/2001-10-25
lol!
Posted 01:24pm 04/1/11
Posted 01:26pm 04/1/11
The Wii didnt let you run any homebrew, so was hacked and people took the hacks and made iso loaders. Personally I only use homebrew to run wiimc, but if nintendo had just made it easier for people to write there own apps, then it probably wouldnt have been hacked.
Nintendo even had an app store setup, but just didnt allow access to it for anybody.
Posted 01:30pm 04/1/11
Posted 01:36pm 04/1/11
Posted 01:57pm 04/1/11
as mentioned above, these guys dont like being locked out of their own consoles so go to town on them to get the access they believe they should have (ie to be able to run their own code)
sony have pretty much done everything wrong to prevent piracy by upsetting groups like this.
also, lols at their random number generating code
Posted 01:59pm 04/1/11
Posted 02:14pm 04/1/11
But I totally agree things like allowing you to run games direct from the HDD, the fact that companies try to stop you doing stuff like that for totally retarded reasons just makes people (like me) want to go defeat these systems security, even if just to be annoying and defiant to them.
Seriously, 'f*** you' to any company who thinks they can tell me how I can and can't use my device.
Posted 02:36pm 04/1/11
Oh, Sony's AACS keys (used for Blu-Ray decryption) were leaked too, which is also unpatchable since you can't hide something like that on a system as compromised as the PS3. Any time they try updating the keys, someone could just rip them out again. Double oops.
Also, as mentioned before the PSP's keys were released too. Also can't be patched out. Triple oops.
Posted 02:38pm 04/1/11
how about a single device, 1 drive, with 3 readers, able to play all music and video formats, and network connectible to PC & Mac (easily) and you can put anything other OS you want on it!
Posted 02:46pm 04/1/11
Posted 02:59pm 04/1/11
Posted 03:03pm 04/1/11
Posted 03:05pm 04/1/11
Posted 04:12pm 04/1/11
I'm pretty sure that's because the patents have expired on those systems now though, or something to that effect.
Posted 04:15pm 04/1/11
Posted 04:51pm 04/1/11
Posted 09:58pm 04/1/11
Posted 01:49am 05/1/11
Posted 08:10am 05/1/11
ie, it works, but it's pretty inconvenient.
Posted 08:59am 05/1/11
PS3 piracy isn't done from burnt disks, it's all USB drives or copying the files locally to the PS3 over FTP, so replacing one file is no different to copying the crack out of the crack folder after installation on a PC.
Posted 09:35am 05/1/11
At the moment, you still need the jailbreak dongle to use any of those. But it's only a matter of time until you'll be able to soft-mod without any extra hardware or opening the case.
Posted 09:48am 05/1/11
Posted 10:07am 05/1/11
Posted 10:17am 05/1/11
The PS3's only cheat protection was the individual console's security:XBL was always reasonably protected from this because your paid subscription is linked to your consoles identifier but since PSN is free of charge, cheaters could just register a new account, change their console ID and keep going.
Sony will no doubt work at adding better mod detection methods, but they're not going to be able to rollout updates as fast as hackers can subvert them.
Game developers would have to build punkbuster and VAC style protections into their own games if they wanted to even hope to protect them, and that's pretty unprecedented on consoles.
XBL just got a whole lot more appealing.
Posted 10:26am 05/1/11
I think it's more likely that custom versions of the latest firmwares will be released, eliminating the need for people to remain on older firmware versions.
Posted 11:11am 05/1/11
^^ This is why the whole thing sucks. stupid Sony.
Posted 11:20am 05/1/11
an excellent argument for public release server software if i ever heard one.
Posted 12:43pm 05/1/11
good call
Posted 02:10pm 05/1/11
Posted 02:21pm 05/1/11
CD keys ftw!
Posted 02:23pm 05/1/11
blu ray burner + a blank blu ray + 40-60gb download of a pirated game...
its cheaper and easier to just buy the original :/
Posted 02:36pm 05/1/11
also only a few games have used up a whole bluray disc. i can only think of ff13 and mgs4 atm. most games are usually the 10gb mark.
last edited by ravn0s at 14:36:14 05/Jan/11
Posted 02:29pm 05/1/11
Posted 02:39pm 05/1/11
What developers with upcoming PS3 games should be doing, is packaging their content up in huge archive files, inflating them so that they fill up the entire BD, then not letting the game run if a few checksum tests fail. 60GB games wouldn't stop piracy, but it would at least set the effort bar a whole lot higher.
Posted 03:09pm 05/1/11
I always scoffed at having to pay to use the XBL service but now I'm not so sure it's such a bad setup. I wonder if sony will introduce some kind of credit card thing, where you need a valid CC to use the PSN (even if it remains free, just for ID purposes).
Not to mention people without 1TB download quotas would only be able to grab 1 game a month.
I used to think the same, it's not so bad for consoles but for PC games these days you've got to jump through so many hoops just to prove you didn't steal the game.
Pirated version: Put disc in, install, take disc out, play game
Paid version: Put disc in, install, enter CD key, log in to steam, pray the auth server hasn't fallen over, run game, log into auth server, get half way though game, lose connection to auth server, get booted out of the game.
I know which path I'd rather take, unfortunately I only play online stuff so it has to be legit.
Posted 03:22pm 05/1/11
speaking of ubisoft, theyve secretly removed the mandatory internet connection for their drm from ac2 and splintercell. you still need to authorise it on first time playing (like steam) though.
Posted 03:22pm 05/1/11
It probably won't take super-long for the smarties to work around, but if a developer can at least keep piracy at bay for the first few weeks of release when the big bucks are to be made. And it's a nice unobtrusive thing that can't hurt legitimate purchasers.
Posted 03:58pm 05/1/11
40gb games aren't a problem since ps3 game rentals are common at many video stores. The real problem I think will come now that factories in China will be able to press pirated ps3 games that require nothing extra to run.
That's one of the key things that destroyed the dreamcast, $2/title hk-silvers.
Posted 06:10pm 05/1/11
This problem has been worked around since the very first pirated PS3 games.
The internal drive supports files bigger than 4GB anyway.
Posted 06:20pm 05/1/11
http://www.xbox-linux.org/wiki/17_Mistakes_Microsoft_Made_in_the_Xbox_Security_System
Posted 07:22pm 05/1/11
Posted 07:55pm 05/1/11
I know of so many computer illiterate people that bring stacks of those pirate dvd films back from SE Asia - going to be the same deal for PS3 now.
Posted 09:02pm 05/1/11
and from my understanding, it will be totally undetectable for online play.
Posted 10:04pm 05/1/11
Chinese disc presses are probably still standing by for the time when they do, but it hasn't happened as-yet
that said, you can still load the games via usb with the current method
Posted 10:23pm 05/1/11
I grabbed MacDrive and formatted my portable hdd in it and voila
It took me about 10 minutes of googling to find that solution. I imagine it will take leet hacking geeks much less.
Posted 12:06am 06/1/11
As already mentioned, they cannot create bootable discs yet. While it is really only a matter of time and desire; I doubt it will happen any time soon. Filling a large hard drive with game images is an easier/convenient option than having to burn dual-layer DVD's or Blu-Ray discs.
Posted 10:49am 06/1/11
That worked on your PS3? Last I checked, the PS3 didn't support HFS+, only FAT32.
A quick Google shows your post as the only mention of the PS3 supporting HFS+.
Posted 11:38am 06/1/11
Posted 12:37pm 06/1/11
Posted 12:47pm 06/1/11
I had it plugged into my xbox and assumed since it worked there it would work on my ps3. gay.
Posted 01:10pm 07/1/11
http://www.bbc.co.uk/news/technology-12116051
Posted 10:42pm 12/1/11
Posted 10:50pm 12/1/11
Posted 10:50pm 12/1/11
Really hope they don't reach a bulls*** settlement and set another nice pro-modding precedent.