Hey there.

So... you use an ad blocker. That's cool. Sometimes we do too.

But without ad revenue, we wouldn't even be here. And we might not be here much longer.

Please disable your ad blocker and click to continue.

Page 3 of 4 First ... 234 Last
  1. #21
    wilkinsonjohn99 Guest
    well Sony has at least gained one thing, the knowledge on how to secure the PS4 properly...

    that and the removal of Linux pissed off the wrong crowd...

  2. #22
    nikola989 Guest
    why would any hacker want to give interview to bbc? if i was sony executive and some "hacker" who seeks attention is cousin me to lose money and is giving interview on bbc and bragging about it and justified it by wanting to have linux on ps3, i would hire a hitmen and kill him.

    If it was because he was pirate i would reconsider because being pirate is cool... pirates are cool... so is Jack Sparow..i n a movie i didn't pay to see.

  3. #23
    Bishoff Guest
    Quote Originally Posted by Transient View Post
    Sony could sue geohot but in the end it would have little or no positive benefit to Sony. Even a successful outcome for Sony, which I believe is unlikely, would still result in a monetary loss for Sony.

    On the other hand, they could hire George, who has already shown interest in such, and turn him into a money maker for them.

    I think the choice is obvious, but then again Sony isn't always one for making the obvious choice.
    I think that was what his intention was to begin with. Didn't work for Apple, so keep trying until one of these mega corporations see's how good you are and pays u a million+ a year to help bring their security up. Wanna stop piracy? Hire the handful of guys that are actually smart enough to do it and it's over.

  4. #24
    BigWheel Guest
    I don't know if there is much sony can do to the hackers... have a look at the back hat security conferences. there are several people there and all they do is talk about breaking different security systems that are implemented on different devices. That is what they do and they talk about how they do it.

    I don't think it is illegal to find and test something... but what you do with it after is illegal... that is why they are not releasing anything with their findings to promote piracy... letting others do what they want with it.

  5. #25
    tifozi1 Guest
    Haha clearly there are downsides to living under a rock.

  6. #26
    ormsondo Guest
    New hardware is needed to fix the master key problem - If the problem would be in the software, 3.60 would already be out by now and have the "correct signing routine".

    Also, you can just enable Rebug and go online on PSN there (Debug consoles can bypass mandatory FW updates). That they can't block since doing that would block many "innocent" kiosk consoles.

  7. #27
    aamir007 Guest

    KaKaRoToKS Interviewed on PlayStation 3 Hacking

    This interview is from: console-spot.com/2011/01/06/ps3-hacker-kakaroto-interviewed/
    Well here it is folk’s, the interview you have all been asking for. Playstation 3 developer KaKaRoTo answering a lot of questions that the most of you are scratching your head about!

    djp: Ok first question, when did you first begin developing?
    KaKaRoTo: Well, I started development when I was maybe 5 or 6 years old, but didn’t do anything above the level of a “hello world” in quick-basic.. I really started coding when I was in high school. I had a TI-83 calculator and I started programming games for it (nibbles) then I went to university and learned real languages, then I joined the aMSN project and I got involved with real programming, and with the open source community.
    KaKaRoTo: I did a lot of reverse engineering for aMSN, mainly the network protocol, but I also wrote an audio codec (libsiren) for the MSN audio calls by reversing the codec from assembly

    djp: Very cool, us not so privledged of knowledge always look up to you guys and wonder how it began. How did you become involved in the PlayStation 3 scene ?
    KaKaRoTo: I was a reader of ps4news.com and when they posted a ‘request for developers’ I sent my ‘resume’, they gave me a little program to reverse engineer, which I did, then I joined them, I really didn’t do anything for them apart from writing the little kernel module to dump the hypervisor when the geohot exploit first appeared
    KaKaRoTo: I entered the ps3 scene really when I saw a usb descriptor dump posted in a forum, and since I did a lot of network and file reversing, I was curious on that data and the usb format, so I started reading on the usb specs, and ended up writing PSFreedom and that’s how I entered the ps3 scene

    djp: So now that you have released your MFW (Modified Firmware) the only feature added is the ability to install .pkg files, do you see any other features being added ?
    KaKaRoTo: I’m not sure on what features to add to MFW. I think what I released right now, is really all you need already. But I know that there are some other modifications to add even more options, like what the Rebug team has been doing so a possible future MFW would be to add all the same options and features as Rebug. But I’m not interested in working on that and it’s possible the Rebug team will release that themselves.

    djp: Now that all the tools are out, and your MFW is available, why haven’t we seen any of the emulators or other homebrew applications signed yet and made available.. is the signing process still being worked on?
    KaKaRoTo: Yes, the fail0verflow team is still working on making the signing and pkg-ing process work correctly. We have the keys for signing, but I think they have some issues still with the file format of the SELF files, so it’s not yet working. Once they figure that out and update their tools, then all the homebrew apps can be signed and we can start installing them

    djp: And do you think that the npdrm will be disabled, or added the ability to use it into the signing process?
    KaKaRoTo: There is no need to disable it, also disabling it would require modifying the kernel (which I don’t want to do) since we have all the keys now, we will just sign all the homebrew with npdrm, just like Sony would sign official games then we can install the homebrew with the MFW and everything works.. that’s why I said that I don’t believe there’s anything really needed from the MFW apart from what I already released

    djp: And along the piracy lines, which we really don’t want to touch on that subject, but to be honest, its bound to happen.. as of right now the PSJailbreak device uses a lvl 2 patch, with the tools that are out now and upcoming future tools, do you see people self signing game rips or packaging them as .pkg?
    KaKaRoTo: Piracy is unfortunately bound to happen, yes. I honestly, personally don’t care either way. I believe that everyone is responsible for their own actions, and if someone wants to pirate, it’s between him and his conscience (and his lawyers ). I don’t accept or condone piracy, I buy all my games, and I don’t like seeing people pirate games, BUT in the end, it’s their choice, it’s their problem, not mine. But just as they are responsible for their actions, I’m also responsible for mine, and I do not want to allow piracy by something that I do.
    KaKaRoTo: About signing game rips, I don’t know, the games are already signed by sony, so there is nothing to sign as far as I know but the games read their files off the bluray, and you can’t fake the bluray player. What psjailbreak did was targeted to backups and piracy from the start, and it had hacks inside the kernel to allow backups to be played but with the MFW, the kernel is left untouched (because it’s risky to modify it) so it can’t work… unless someone finds a way to make them work, but I don’t think any of the ‘smart enough hackers’ will even try.

    djp: Agreed, as most of the dev’s have been pretty voicy about avoiding the opening for it
    djp: And one more question, because it has been asked over and over, with your modified firmware, it is obviously possible to be banned from PSN, but do you see tools to remove the ban, and or change your console ID or another similar work around?
    KaKaRoTo: Yeah, I’ve seen a lot of similar questions on twitter, I think the risk is minimal, simply because the kernel is not modified, the firmware is still the same and it’s hard for sony to detect this. The *only* file modified is an xml file (that specifies what to show on the XMB) where I add a few lines to tell it to show the “Install pkg” option. Sony could release a firmware update with a special software that hashes that specific xml file to see whether or not it was modified but unless they are willing to take action specifically against that, I don’t see it happening

    djp: It is Sony we are talking about..
    KaKaRoTo: Yeah I know, they are a bit lazy though Just look at their failures with the PS3′s security
    KaKaRoTo: About changing console IDs, I don’t know, I don’t have a lot of knowledge in that area, and I don’t really care either, so if there’s a solution, someone other than me might find it. They do have every right to ban the console from PSN (it’s their service, we don’t own it) but they can’t really brick the console on purpose (it’s our machine, we bought it, we own it) but as always, those who decided to jailbreak or install the MFW do it at their own risks we can’t predict the future, and we can’t know what Sony will do if they ever decide not to accept their defeat.

    djp: well in my opinion, it has been said over and over it costs double to develop for the ps3, and if piracy ends up being rampant and easy, i see a long fight from Sony to keep their developers happy..
    KaKaRoTo: Well, developers get paid when they sell on the PS3, and I don’t think this will affect their sales

    djp: whether its blocking a emulator running, or a constant battle to fight the piracy, I bet we see a lot more frequent fw updates
    KaKaRoTo: well, firmware updates are meaningless because there is nothing they can do now we have all their private keys if they change a key, we’ll get it in a matter of seconds (really) they can’t change their root key.. and if they change the application keys, then ALL the games released so far will stop working so they really have no way to escape their fate. Also, the xbox and the wii have piracy, and I don’t see their consoles dying because the ‘rampant piracy’ is making them lose all their sales. Everybody knows that, “Piracy” isn’t about loosing money, it’s only about justifying to the CEOs why something didn’t sell so well (real answer: the game sucked)
    KaKaRoTo: I think that Wolfire (the Indie developers behind The Humble Indie Bindle) explained it pretty well in their blog: one pirated game does not equal one lost sale

    djp: Well the problem with that is now everyone is comparing the ps3 to the Dreamcast, and we all know Dreamcast was pirated to death. But i agree most people who play on line, will still buy that game
    KaKaRoTo: I’m not familiar with that unfortunately. My first (and only) console is the ps3 But I’d say that 90% or 95% of the people who pirate a game were NEVER going to buy it anyways they either wouldn’t have played it, or they download it and never even try it, rent it, or borrow it from a friend, or if they are generous, they would have bought it used. Most pirates are young teenagers in school with no money to buy games anyways.

    djp: Yes, I tend to agree, the people who pirate end up with stacks of burned discs, that never get played they are just there to show off to their friends..
    KaKaRoTo: when someone gets a salary and has money, they will buy games even if they can pirate them

    djp: do you think we will ever see you working on any other systems maybe a 360
    KaKaRoTo: I’m not sure about other systems, I don’t think so, although we don’t know what the future holds. I never expected to be involved with the PS3 scene, it really happened by pure luck. But I only own a ps3, I never even touched a wii or xbox controller, and I’m very anti-Microsoft, so I don’t think I’ll ever buy a 360 or a wii.

    djp: Well we are glad to have you here
    KaKaRoTo: Thanks I’m also glad, it was very entertaining and I learned a lot these past few months.

    We will continue this interview tomorrow along with any questions you guys have for him. If you have a question, leave it as a comment and if it’s worth asking, then we will.

  8. #28
    iUnknown Guest
    I think what they were getting at is that the security issue (ie the master key being known) can't be mitigated without building something else (ie. new hardware) that doesn't rely on it. The easiest way to do this, naturally, is to start a new platform from day 1. That's all.

  9. #29
    xUb3rn00dlEx Guest
    Was I the only one bothered with how often the interviewer referred to piracy? As if that was the motivation or even the main purpose/ conquest of hacking the PS3... *sigh* the media will never change...

  10. #30
    mik30 Guest
    Quote Originally Posted by stinky1978 View Post
    F0F claims to have found out about their signing bug by decrypting the bits of info they had on the system.
    I call BS on that... There is *nothing* of the signing procedure in the kernel that could be decrypted and that would lead to the fault! Without the knowledge of the bug no one could find the fault or calculate the private key. The possibillities to test would be
    impossible by brute force.

    Remember: The signing is done differently than the checking. Only the checking procedure is included in the PS3. Therefore the bug must have been leaked by an insider. Thatīs for sure in my opinion.
    Quote Originally Posted by stinky1978 View Post
    Nothing to do with insider information.
    I do not see *any* relistic possibility to find the bug without a hint to it. That also explains why Sony did not fix it already.
    Quote Originally Posted by stinky1978 View Post
    Sure there was leaks about the service jig, and the dev software has leaked a few times, but none of that has really done much here.
    Nothing is really save. The Wikileaks incident showed that whistleblowers are everywhere no matter how important the secret is. M$ already had their own wihstleblower when the XBOX1 was actual. C4E and The Specialist had the original kernel source code at their hands from which they studied the xbox drive copy protection.
    Quote Originally Posted by stinky1978 View Post
    Geohot still used his otheros hack to get into the system before anything else. He peek and poked around and dumped bits of HV a few bits at a time.
    Thatīs a totally different beast. Geohot did not hack the console... He rather discovered that Sonyīs linux loader allowed unsave
    memory mamangement calls that could be exploited randomly by interfering the address bus (thatīs not really a hack).
    Quote Originally Posted by stinky1978 View Post
    Twiizers did pretty much the same thing on the wii. And it had no leaks at all. Look where it is now. entirely off dumped and decrypted data.
    I disagree with you. The Wii has had a serious flaw in the hash checking routine, which falsly used strcmp rather that
    memcmp. In addition to that the wiiīs system although also based on PPC does not include a HV like the 360 or the PS3 presumably because of itīs massively lower clock rate.
    Quote Originally Posted by stinky1978 View Post
    THE PS3 is in the same position now. I think the even bigger news is that keys for the PSP were inside the PS3 fw.
    I would also call BS on that too. The keys were not in the FW. The flaw that plagues the private key creation on the PS3 is also in effect on the PSP. Itīs just that simple.
    Quote Originally Posted by stinky1978 View Post
    So we got a 2 for 1 deal.
    Here I agree with you.
    Quote Originally Posted by stinky1978 View Post
    PSP is at the end of its life cycle though. so not much loss there. PS3 was supposed to have at least another 5 years before it was going to be looked at being replaced.
    I think that sony will just correct the private key generation and fits al newly build consoles with a new public key. All old consoles get the new public key via FW update. The gameīs get updates via PSN.
    Quote Originally Posted by stinky1978 View Post
    Sony still has lots of options though.. we have not heard the last of them.
    I agree on that again... The game is not over yet...

Page 3 of 4 First ... 234 Last

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Log in