12-29-2010 #11daGraveR Guest
Breaking News: Suicides at Sony's PS3 dev team through the roof
12-29-2010 #12tillman Guest
awesome the ps3 is totally hacked
12-29-2010 #13enohand Guest
so what did they say? i missed the show
12-29-2010 #14enohand Guest
so anyone who watech the confrence, care to share what they were talking about? the failoverflow site still isn't complete yet, so no info there.
12-29-2010 #15sananth Guest
They have all the keys!
In summary, thats what it looked like ... they have all the keys, and they can revoke the "irrevocable" sections according to Sony!
They clearly stated that even though they have apploader keys, they will not be signing games as they are not interested in doing that.
Hopefully they release AsbestOS with those nice NRC python APIs so that we can try the same things they did!
12-29-2010 #16rumblpak Guest
They broke public private crypto keys allowing to patch pretty much everything. It makes the usb dongles useless because now everything can be signed including ps3 updates (yet to be seen but possible). Meaning we can modify updates to include the payload and keep our ps3's up to date and running (now) signed code that we have made on our own.
12-29-2010 #17tillman Guest
They broke the chain of trust because one of the bootloaders implemented a broken crypto algorithm which returns as "random" input always the same data.
Hence they are able to modify the revoked list which means there is no downgrade protection and they are able to retrieve any key, thus sign any file they want = true custom firmware, you can run your own bootloader which allows you to run linux or whatever you want just by powering on your ps3 without redoing the usb exploit every time. They will present the demo tomorrow.
http://fail0verflow.com/ (coming soon)
- Join Date
- Apr 2005
Still working on updating the first post, here is one partial capture video thus far:
Update, another partial clip:
12-29-2010 #19THCIV Guest
that's not accurate. they can sign pups with presigned contents but can't modify some if not all of the contents.
12-29-2010 #20rumblpak Guest
not exactly, the xkcd comic was kind of a joke. it wasn't that it returned the same number it was that it used the same random number twice making it computationally possible to calculate the unknown. I'm sure the number changes but when you can calculate it every time it doesn't really matter.