Hey there.

So... you use an ad blocker. That's cool. Sometimes we do too.

But without ad revenue, we wouldn't even be here. And we might not be here much longer.

Please disable your ad blocker and click to continue.

Page 28 of 29 First ... 18272829 Last
  1. #271
    semitope Guest
    Today I validated my theories about running the isolated SPUs on the PS3 as crypto engines. The PS3 is 100% hacked. So where my homebrew at?
    What did Geohot do?

  2. #272
    Join Date
    Apr 2005
    Quote Originally Posted by semitope View Post
    What did Geohot do?
    Unfortunately nobody here is a mindreader, so until he publishes his "theories" it would be a waste of time to speculate on tweets like that.

    Edit: I see he has now updated his blog with more specific details, as follows:
    On the Isolated SPUs

    Today I verified my theories about running the isolated SPUs as crypto engines. So to people like this, sorry you are wrong.

    In OtherOS, all 7 SPUs are idle. You can command an SPU (which I'll leave as an exercise to the reader) to load metldr, from that load the loader of your choice, and from that decrypt what you choose, everything from pkgs to selfs. Including those from future versions.

    The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.

    Ah, but you still didn't get the Cell root key. And I/we never will. But it doesn't matter. For example, we don't have either the iPhone or PSP "root key". But I don't think anyone doubts the hackedness of those systems.

    I wonder if any systems out there are actually secure?
    So basically he's saying according to his research iQD's theory isn't correct is all.

  3. #273
    Tender Phantom Guest


    George states that you can decrypt pkgs, would I be right in thinking that includes the files extracted from updates? If so then I'm guessing it would make it easier for people to analyse the firmware for possible "bugs"

  4. #274
    h3lder Guest
    I understand it like this (correct me if I'm wrong):

    The problem now is to be solved by cryptoanalysis. Pkgs are visible now - but that's not a big deal - they are encrypted! So are firmware update downloadable files.

    I understand Geohot is saying that now "we" can try to decrypt this files from the inside (don't imagine how) - and because of that inside approach it will be easy(er).

  5. #275
    Pcsx2006 Guest
    What i get from his update is the now he can command/force any of spus to decrypt any pkgs or selfs and even modified/make a custom hypervisor would it means he can run unsigned code or maybe i'm all wrong.

  6. #276
    dante489 Guest
    so what now? can we say that the ps3 entire system is down or what?

  7. #277
    worstenbroodje Guest
    sounds interesting? or is this just something that was already known?

  8. #278
    ekrboi Guest
    he has already figured out the "how".. what he is saying is that he can now force the spu to decrypt pkgs or selfs.. I would assume he can use them to decrypt anything.

  9. #279
    worstenbroodje Guest
    Here is a blog comment from geohot. could be something useful..

    [Register or Login to view code]

    Updated Version:

    [Register or Login to view code]

  10. #280
    lilstevie Guest


    That source is for a processor module for his disassembler that he created, having worked with EDA in the past it would be nice for an SPU library to exist, its much more intuitive than IDA.

Page 28 of 29 First ... 18272829 Last

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Log in