Overwritten.net
Games => General Gaming => Topic started by: idolminds on Wednesday, December 29, 2010, 12:19:40 PM
-
zomg (http://psgroove.com/content.php?581-Sony-s-PS3-Security-is-Epic-Fail-Videos-Within&s=93e15b393a25cb8d341e43f188e7403e)
The first few minutes of the conference were spent explaining the state of security on other consoles (Wii, 360, etc). Following this, the group went on to explain the current state of affairs on the PS3. First, explaining Geohot's memory line glitching exploit from earlier this year. The team then went on to explain the current PS3 security bypasses, such as jailbreaking and service mode/downgrading.
Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs Following this, the team declared Sony's security to be EPIC FAIL!
The recent advent of these new exploits means current firmware is vulnerable, v3.55 and possibly beyond. It will be very difficult for Sony to fix the described exploits.
Basically what I'm reading is they figured out the keys to digitally sign programs, which means homebrew will be "signed" just like official Sony software so the PS3 will think its totally legit. No hardware hacking required.
Pretty neat stuff. Now I hope we see a bunch of emulators show up. New PS3 slogan would be "It Only Plays Everything"
-
Wow. Complete security collapse. Firmware can't do much about it if security can be defeated before anything runs. They'd have to address it like they did the PSP: revamp the hardware. Good luck with that.
-
Over my head a bit here, but would I be correct in assuming that this basically makes the console just about as unprotected as a Dreamcast? Because fuck, having a cd full of nes games hooked up to your tv was fucking AWESOME.
-
More or less. The question right now is how to get the programs onto the console, because the PS3 apparently wont copy programs from USB. I wonder if it would accept signed burned discs? Im not clear on all of this stuff. Yet.
The private key was very well physically protected, the problem was that in the signing process every single signature was made with the same number, instead of a random number, this exposes mathematically the private key, and thus it was reverse-engineered.
The fun part? There isn't a whole hell of a lot Sony can do about this without also making all currently released PS3 games not work.
-
That's really interesting. And sort of bad. Hmm. I'd love to get myself some SNES going on there.
-
This is a bad week for Sony. They got ahold of the signing keys for the PSP as well. No more need for custom firmware, everything can be signed and run on a stock PSP.
-
Ironically, that makes it more likely I would go back to PSP gaming. No more avoiding new games to keep my custom firmware.
-
I havent touched my PSP in a while, mostly because on CFW I had to not play certain games. Like LittleBigPlanet. Cant get the patch for it on CFW so they dont let you connect and download new levels...which is kind of the point.
But if I could rip it and run the ISO and download the patch...woo!
-
geohot has released a PS3 firmware update that allows you to install homebrew from the USB port. Its a tiny .PUP that the PS3 of course thinks is a legitimate firmware update. Dude isnt interested in piracy or playing backups and this won't enable that sort of thing. But he released the signing tools so as soon as some homebrew gets signed and released...its on for the PS3.
I've seen people talking about a SNES emulator already (was already in the works from when that complicated jailbreak hack came out). I have to track it down before I bother trying any of this.
I've also read that you can easily reinstall the original Sony firmware without any hassle.
-
Nice that it's just for homebrew and not for the other stuff. I have no interest in piracy, but I'd love to get some homebrew going. A SNES emulator would be fantastic.
-
Thread on neogaf (http://www.neogaf.com/forum/showthread.php?t=418223)
First post of that thread should be updated as new stuff develops. People are reporting the SNES emu is working as planned. The only thing holding me back is not knowing what Sonys plans are. Can they find out I've run this and then ban me from PSN? I dont own a lot of stuff on PSN and hardly ever log in, but I wouldnt be able to buy Scott Pilgrim and such if I got banned.
-
Its getting harder for me to resist. They've got a couple emulators going. SNES, obviously, then another one that supports NES, GB, GBC, GBA, SMS, GG, PCE (with more coming), and an arcade emulator supporting Capcom CPS-1, Capcom CPS-2, Capcom CPS-3, Cave, Neo Geo, Sega System 16 (and similar), System 18, X-Board, Y-Board, Toaplan, Taito, Psikyo 68EC020 based hardware. Oh, and a Genesis emu.
CRAZY!
-
So. Awesome. Gads, to play Magical Drop on my TV... the happiness...
-
Oh, interesting note. People went and did this "jailbreak", installed stuff, and then reverted to official unaltered firmware. And all the installed stuff still worked. Signing is fun!
Of course it seems now some people have figured out how to resign retail games and are getting them to work. Sadly with the good must come the bad.
EDIT
Downloading all the stuff. We'll see when I give in.
EDIT2
ScummVM incoming.
-
I do wonder about the viability of actually pirating PS3 games, which seems like a possibility at this time -- they're all blu-ray discs and take up a significant amount of space (25-50GB). Unless you placed a 1TB HDD into the PS3, it is still quite a pain to run illegally obtained retail games.
Emulators are nice though, even if I am personally not interested in using my PS3 to play an SNES game. It's a monumental achievement that people have found a way past Sony's security barriers.
-
Yeah, I think piracy of full retail games will be fairly minimal. No ones really going to want to download that much data (not to mention a few PS3 games and your ISP is going to start asking questions). You could rent and copy, but like you said you're going to need some big HDDs to hold them.
PSN games are kinda fucked, though.
-
Serves those bloody PSN games right. Do you have any idea how many of those I've picked up and never played?
-
haha
So I think I will see how this shakes out with Sony. If they can detect it and ban you from PSN that could be a bad thing. I was thinking of what I even use PSN for. I don't really play online or anything. But if I was banned I couldn't buy Journey (I could acquire it still Im sure, but come on) and when I buy LBP2 I'd like to be able to download the custom levels.
So...yeah, guess I'm waiting.
-
I'm holding off. I still haven't put in more than 10 hours gaming (probably more like 3) into the PS3. I doubt my whole house has. As a media player though? Daaaamn. My roommate has a media server with a 2TB drive and some program on his PC which automatically makes any videos downloaded through torrents available to the network....and the PS3 by extention. Movies up the ying yang. Haven't even subscribed to netflix yet because of it.
-
Dedicated pirates will take a bit of the game money they intend to save, and buy a 2nd console. One goes online; the other one never does. Even if this isn't necessary, I'd hate to swap firmwares constantly. Maybe a more convenient alternative will come around.
So the lid has blown wide open. Unreal. Is Xbox next?
-
Actually the Xbox has been modded for a while. Pirated 360 games are commonplace here and some 360 torrents are pretty high.
-
Yeah, I know. I'm talking about a complete meltdown of security at the root level (which is what afflicts Sony now). The mods used to play pirated discs don't go nearly that deep. I don't think XBLA games are cracked, for instance. They can get copied to discs and distributed. The copies will work, in demo mode.
-
Sony is...kinda mad. (http://www.engadget.com/2011/01/11/sony-sues-geohot-fail0verflow-over-ps3-exploits/)
This isn't a "lawsuit" in the traditional sense, since Sony hasn't filed a complaint for copyright infringement or whatever against Geohot and friends. Instead, the company appears to be trying to shove the genie back in the bottle and have the jailbreak and any information about the jailbreak removed from the web by filing a temporary restraining order. That might work in the short term -- Geohot's already pulled his pages down -- but history suggests that the forces of paperwork rarely triumph over the righteous anger of nerds, and that this code is out there for good. That said, we'll see what the court says tomorrow; although we very much doubt Sony's melodramatic proposed motion and order will be granted as written, we wouldn't be surprised if some sort of order is eventually granted -- and then from there a formal lawsuit is likely just a few days away.
Hard parts over and its in the wild. You can't simply remove something like this from the internet. Sony is trying to fight a hydra.
-
What amazes me is how these people act so cavalier while poking the lion inside his own den. They weren't even difficult to identify. Now they're in for a world of hurt. But no, the genie is free and won't be going back inside the bottle.
-
And here comes the actual lawsuit. (http://www.engadget.com/2011/01/12/sony-follows-up-officially-sues-geohot-and-fail0verflow-over-ps/)
-
Whoomp, there it is.
-
haha, the main news source for PS3 hacking has been the #ps3dev channel on efnet. Earlier today they got a new guest...Sonys lawyer. Or law firm. His IP traces back to them, at any rate. The gave him voice but so far I dont think hes said anything. Most likely just logging what everyone else says in hopes of digging up something for court.
-
Wee! (http://www.theregister.co.uk/2011/01/14/no_playstation_hacker_order/)
A San Francisco federal judge declined to order New Jersey-based hacker Geohot to turn over the technology he used to root the PlayStation 3, saying she doubted Geohot was subject to her court's authority.
The move by US District Judge Susan Illston on Friday was a blow to Sony, which argued that the 21-year-old hacker, whose real name is George Hotz, should be forced to surrender his computer gear and the code he used to circumvent digital rights management features in the gaming console. Illston rejected arguments that Hotz's use of Twitter, PayPal, and YouTube, all located in the Northern District of California, were sufficient contacts with the region to establish personal jurisdiction.
“If having a PayPal account were enough, then there would be personal jurisdiction in this court over everybody, and that just can't be right,” Illston told James G. Gilliland Jr., an attorney representing Sony. “That would mean the entire universe is subject to my jurisdiction, and that's a really hard concept for me to accept.”
-
A judge who refuses to abuse power? Who knew?
-
The platform is in serious trouble. (http://www.joystiq.com/2011/01/17/ps3-hackers-make-modern-warfare-2-unplayable-infinity-ward-ca/) I figured the irreversible security breach would hurt Sony dearly, but this one I must admit I didn't even think of. If hackers can ruin any PS3 online multiplayer experience, without recourse, how can the system survive in the marketplace?
-
Huh. That's interesting. Why does Black Ops work and why can't the fix there be used to patch Modern Warfare? I suspect this has as much to do with the security breech as it does with Activition not wanting to both patching the older game. Either that, or the lack of Infinity Ward at Activition stops anyone from working on the game.
-
Nice try, IW (http://www.infinityward.com/forum/viewtopic.php?f=26&t=251282).
We knew something was wrong when they just waltzed out of their spawn in Highrise and let us kill them.
After we won that round, they said "AWW look at the level 1's" and we noticed...
Killing them made us LOSE xp.... we won the match cause they ended it.
Match Results: -899999453xp....
What the heck.....
I was 2nd prestige rank 50, now im 2nd rank 1. everyone else in my group is reset as well.
to add to the weirdness:
all of my guns, camos, challenges,attachments, killstreaks, all still set as I had them in my Custom slots.
BUT when i went to customize, they were all locked as if I didnt have them.
That thread was dated a YEAR AGO. Ok so its in the Xbox 360 section of their forum, but it appears crap like this isnt entirely new or the fault of the custom firmware. If its save hacking then this just gives people access to the saves on PS3 now. But it seems like a weird oversite on their coding. Is there ever a need to give negative XP? So then why does the game accept negative values?
-
If you overflow a signed integer, you get negative values. It wouldn't be the first time careless programmers fail to test for simple boundary conditions. Borderlands has that issue with your money total.
The story I read was talking about hacked servers, which seems a lot worse to me than hacked saves. Yeah, I know saves can be hacked on all the consoles.
-
The platform is in serious trouble. (http://www.joystiq.com/2011/01/17/ps3-hackers-make-modern-warfare-2-unplayable-infinity-ward-ca/) I figured the irreversible security breach would hurt Sony dearly, but this one I must admit I didn't even think of. If hackers can ruin any PS3 online multiplayer experience, without recourse, how can the system survive in the marketplace?
This is terrible. :(
-
Back over in PSP-land some more interesting developments have been occurring. There was an exploit using a certain demo/save that would allow you to get in and run HEN (Homebrew ENabled) on the latest firmware. I guess it was sort of a pain since you had to go through this process every time you restarted the system.
Now, however, this HEN thing itself has been signed. Drop it on your memory stick, run it, and bam...homebrew ahoy. You can even use an ISO loader and run retail games from the memory stick.
Whats interesting is if that HEN thing can be signed, if that tool is released then perhaps the homebrew apps themselves can be signed. No need for an enabler, just copy and run directly. Which would be pretty groovy.
-
That would be fantastic.
-
The fantastic is happening (http://wololo.net/talk/viewtopic.php?f=2&t=1879). PSP homebrew being signed and released, capable of running on stock PSPs with the latest official firmware.
You can get more info and the homebrew Wagic (play Magic The Gathering on your PSP) here (http://wololo.net/wagic/2011/01/18/release-wagic-for-ofw-yes-signed-homebrews-are-a-reality-on-the-psp/). He notes that it wouldnt be terribly hard for Sony to patch this all out. But for a little bit here, its pretty neat.
-
Well, that didn't last long. (http://blog.us.playstation.com/2011/01/19/psp-system-software-update-v6-37/)
-
Haha...nice description - "This is a minor update that improves system software stability during use of some features."
-
I find the absolute and utter obliviousness of the comments there both amusing and alarming. Why the fuck do we even have the Internet if the people who use it are still this uninformed?
-
Now why would you go and read those? You knew what you were getting into.
-
Let us pray, for his own good, that Que never reads a Youtube comment. I do not think that he would recover.
-
But YouTube is shit for the masses. You'd think people who would bother to make a comment about a firmware update for a gaming system would have a bloody clue. Sure, a lot of people buy these things and don't know much, but do they search news? You figure most of them would just install the updates when a new game requires them, not go out of their way to find a news post about it and leave a comment. I'd assume if they're into things enough to bother with that, they'd know about the security breech. I guess that's an entirely wrong assumption.
Meh, whatever. I get more irrelevant by the day. I'll be obsolete shortly.
-
Interesting. It seems the newest firmware for PSP is not required to access PSN so there is little reason to upgrade to it. From what I've read it fixes known exploits so ISO loaders and that HEN thing doesn't work, but apparently signed homebrews still work on 6.37.
I downloaded 6.35 the other day, so I'm going to give it a try.
EDIT
Heh, have to charge my PSP. Even just sitting there the battery goes dead, no idea why.
Note that I'm only doing this because I have a Pandora battery and can go back to custom firmware all I want. If you have CFW and no pandora, might want to see how this all pans out before goofing with it.
It seems you cant sign things over 4MB, which works for homebrew but wont let you "sign" ISOs. Looks like an optimal situation for Sony.
UPDATE
So I installed the 6.35 official firmware. Cant seem to get on PSN since it tells me theres an updated firmware. It'll be a bit before I get the latest downloaded. But on official firmware I was able to use the Wagic homebrew game! Really cool to be able to do that with no hacks or trickery.
-
Lets hope this (http://www.next-gen.biz/news/sony%E2%80%99s-answer-to-ps3-piracy-serial-codes) turns out to be false. Pretty sure that would kill the PS3. No one wants to deal with that shit on a console.
-
I understand Sony's position but that is a bonehead idea. Nobody likes serial codes on PC and the console crowd aren't used to it; not to mention the effect this will have on the console culture of trading second-hand games.
-
I don't mind it, but really, has it worked on the PC?
-
I messed with my PSP a bit more. Still running 6.35. There is a signed HEN that I put on here that sort of puts the thing in CFW mode. I ran a program called PSPFiler and can use it to rip my UMDs to the memory stick. I tested it with LittleBigPlanet. Then using a program called Prometheus Iso Loader I was able to launch the game and play it from the stick. Pretty cool.
Now the question is how to get the patch for it so I can download custom levels. I dont know if thats a PSP security thing, but LBP has an update on the PSP that you must have to take the game online. Of course I first have to figure out how to get my PSP online in general since it wants me to update to 6.37.
Anyway, its still pretty cool. I can play signed homebrew like a real game and playing my own ripped games just requires a few extra steps.
-
Sony just released a new firmware update and it seems like they were able to throw a monkey wrench into the CFW scene. Couple posts from neogaf:
For those who are curious about the new PS3 security, it seems Sony has implemented something in 3.56 I mentioned here a few weeks ago that is the same as Microsoft uses to detect and ban 360's.
Mathieulh just posted about it on IRC.
Essentially Sony can now remotely execute code on the PS3 as soon as you connect. This can do whatever Sony wants it to do such as verifying system files or searching for homebrew. Sony can change the code and add new detection methods without any firmware updates and as the code executes remotely there is no reliable way to forge the replies.
Whilst it is possible to patch or remove this code from the firmware this will likely mean the end of playing CFW online (as PSN can just check before login that this is active) or at the very least mean it will be even easier for Sony to detect and ban users.
Judging from the fact that people can still connect using the proxy method it seems Sony hasn't activated any of this yet but the functions are there in the new firmware.
I'll try and some everything up (I'm no expert in this so I'll probably get a couple of things wrong).
- Geohot's signed homebrew always uses the same keypairing which Sony have now blacklisted. Another keypairing can be generated and any homebrew signed with this would work on vanilla 3.56 (you would have to install it on 3.55 though as NPDRM keys still haven't leaked). It's likely this will always be the case unless Sony creates a whitelist. However it is not practical as you would not be able to install new homebrew once you upgrade from 3.55.
- 3.56 fixes the ECDSA random number bug. Private keys can no longer be calculated. Public keys can still be found (and already have been).
Private keys = encrypt data
Public keys = decrypt data
The fact Sony fixed this makes no difference to people already on CFW or pre-3.56 OFW as they have everything they need to decrypt and encrypt with old keys.
Additionally fail0verflow's other exploit allowed all the loaders and revoke lists to be downgraded using hardware (very difficult). This cannot be patched by Sony so all PS3's can still use CFW (though it's very inconvenient for anyone on 3.56)
- Signed 3.56 CFW will only work with 3.55 or lower firmware because of the new keys.
- New PSN security means that it will very soon be secure even when 3.56 CFW arrives. (see my post on the last page)
What this means:
- All consoles on virgin 3.56 or higher can't install CFW or homebrew without a downgrade via hardware.
- Homebrew will run on 3.56 or newer once resigned with different keys (but you can only install homebrew on 3.55 or lower)
- CFW 3.56 will eventually arrive but will only be able to be installed on 3.55 or lower.
-
Though confusing, I still understood enough to reiterate what I said before: one virgin PS3 for online, one hacked for offline only. No single-system solution will be reliable longterm.
-
Makes me wish I could afford a secondary system. Sorta. I could probably build a cheap emulation PC and attach a 360 controller and be just as well off.
-
Couple interesting threads on neogaf. Since this latest PS3 firmware update cheaters have started being banned from Black Ops. And if you own a Slim or later model original PS3...you can't change the HDD.
I'm not sure why people call this a bug. It's actual more of a side effect of Sony's newer hot patch process. The 3.56 patch is a tiny patch which simply add/changes files in the 3.55 software. This differs from most patches which download the entire firmware. Since part of the software on models with 16 MB of flash memory is stored on the hard drive, those PS3's need to reinstall the software when upgrading the drive. PS3's with 256 MB of flash memory store all the software in the flash memory so it isn't lost on a drive upgrade.
Anyway since 3.56 is a hot patch and requires 3.55 to be installed prior to updating, you can't install 3.56 on a new drive. You also could install 3.55 when upgrading if not for Sony's software version checks.
In any case it's not a bug, Sony simply wanted to get 3.56 out quickly, hence the hot patch. Once they have most of the PS3 consoles updated, they'll replace the hot patch with a full patch and it will work for drive updates.
I expect that a new 3.57 update will come out before 3.56 is fixed considering 3.56 has already been hacked.
-
I've been planning to upgrade my harddrive to 500GB for a while. Are you telling me that's illegal?
-
I've been planning to upgrade my harddrive to 500GB for a while. Are you telling me that's illegal?
It's covered in the quote above. It's a hardware change they did with the slim due to less flash memory.
-
What a horrid mess.
-
Pug, its apparently a "bug" and has happened before. Hopefully they fix it.
-
Yea I got it when I actually read the quote. I am just so used to D digesting information for me hehe.
But yea, I guess they will just fix it in the next patch.
-
&feature=player_embedded#
I think legally speaking, this guy may be in the clear.
-
I wish him the best of luck. Further nerfing the DMCA would be the perfect outcome.
-
Tee-hee! (http://www.mcvuk.com/news/42955/Kevin-Butler-makes-PS3-gaffe)
In what can only be described as one of the worst corporate Twitter faux pas' of recent times, comedy PlayStation executive-come-marketing character Kevin Butler has accidentally tweeted the PS3's root key to his 70,000 followers.
-
Haha! So he forwarded (or whatever twitter equivalent) a message with an obscure string of characters innocently. If nothing else, it underscores the impossibility of stuffing this genie back in the bottle.
-
Sonys mountain of subpoenas denied (http://www.gamasutra.com/view/news/32954/Sony_Denied_Subpoena_For_Google_Twitter_and_PayPal_In_PS3_Hackers_Case.php).
-
PSN bans incoming? (http://blog.us.playstation.com/2011/02/16/official-statement-regarding-ps3-circumvention-devices-and-pirated-software/)
I think this is the first statement Sony has made to "the people" and not just court filings.
-
Well, its over. (http://blog.us.playstation.com/2011/04/11/settlement-in-george-hotz-case/) They settled with a permanent injunction against Hotz.
We don't have any other details, but to me it sounds like Sony realized they had nothing to gain from winning. The hack is already out there with no way to stop its spread, and Hotz has no money. Losing, on the other hand, means its open season on the NGP and all future consoles. As for Hotz, he already hacked the PS3 so telling him he can't hack it anymore isn't a big deal.
-
Ok, so maybe he won't be hacking the NGP. (http://geohotgotsued.blogspot.com/2011/04/joining-sony-boycott.html)
As of 4/11/11, I am joining the SONY boycott. I will never purchase another SONY product.
I encourage you to do the same. And if you bought something SONY recently, return it.
Why would you not boycott a company who feels this way (http://www.thebestpageintheuniverse.net/c.cgi?u=sony_bullshit) about you?
There is much more to come on this blog.
-
Wait? People gave this dude money to fight the fight? Heh.
-
Ok, so maybe he won't be hacking the NGP. (http://geohotgotsued.blogspot.com/2011/04/joining-sony-boycott.html)
What is the NGP? I don't understand what the text you quoted says about him not hacking the NGP. To me it just says he is not buying any more Sony products.
Edit: Ah, Next Generation Portable (http://lmgtfy.com/?q=ngp). Keep in mind the only gaming news I get these days is from this forum and I'm not part of any other gaming-related community. "Gaming" and "journalism" are two words that don't belong together any more.
-
heh, sorry. Of course I still get messed up when I see NGP since I remember the Neo Geo Pocket.
-
Yeah, I kept thinking "Neo Geo Portable", but knew that was wrong.
-
Fuck, Geohot is such a douche.
-
Fuck, Geohot is such a douche.
Careful, Anonymous might target you too! Aaargh!!