PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

  1. #271
    Join Date
    Feb 2009
    Today I validated my theories about running the isolated SPUs on the PS3 as crypto engines. The PS3 is 100% hacked. So where my homebrew at?
    What did Geohot do?

  2. #272
    Join Date
    Apr 2005
    Quote Originally Posted by semitope View Post
    What did Geohot do?
    Unfortunately nobody here is a mindreader, so until he publishes his "theories" it would be a waste of time to speculate on tweets like that.

    Edit: I see he has now updated his blog with more specific details, as follows:
    On the Isolated SPUs

    Today I verified my theories about running the isolated SPUs as crypto engines. So to people like this, sorry you are wrong.

    In OtherOS, all 7 SPUs are idle. You can command an SPU (which I'll leave as an exercise to the reader) to load metldr, from that load the loader of your choice, and from that decrypt what you choose, everything from pkgs to selfs. Including those from future versions.

    The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.

    Ah, but you still didn't get the Cell root key. And I/we never will. But it doesn't matter. For example, we don't have either the iPhone or PSP "root key". But I don't think anyone doubts the hackedness of those systems.

    I wonder if any systems out there are actually secure?
    So basically he's saying according to his research iQD's theory isn't correct is all.

  3. #273


    George states that you can decrypt pkgs, would I be right in thinking that includes the files extracted from updates? If so then I'm guessing it would make it easier for people to analyse the firmware for possible "bugs"

  4. #274
    Join Date
    Nov 2007
    I understand it like this (correct me if I'm wrong):

    The problem now is to be solved by cryptoanalysis. Pkgs are visible now - but that's not a big deal - they are encrypted! So are firmware update downloadable files.

    I understand Geohot is saying that now "we" can try to decrypt this files from the inside (don't imagine how) - and because of that inside approach it will be easy(er).

  5. #275
    Join Date
    Feb 2009
    What i get from his update is the now he can command/force any of spus to decrypt any pkgs or selfs and even modified/make a custom hypervisor would it means he can run unsigned code or maybe i'm all wrong.

  6. #276
    so what now? can we say that the ps3 entire system is down or what?

  7. #277
    sounds interesting? or is this just something that was already known?

  8. #278
    Join Date
    Oct 2009
    he has already figured out the "how".. what he is saying is that he can now force the spu to decrypt pkgs or selfs.. I would assume he can use them to decrypt anything.

  9. #279
    Here is a blog comment from geohot. could be something useful..
    George Hotz said...

    If someone wants to be useful, and can code in a little "language" I created, help me out. is an Instruction Set Descriptor File For EDA, my disassembler. Someone pick up the syntax and finish it, SPU docs are public

    To see what EDA is

    [Register or Login to view code]

    Updated Version:

    [Register or Login to view code]

  10. #280


    That source is for a processor module for his disassembler that he created, having worked with EDA in the past it would be nice for an SPU library to exist, its much more intuitive than IDA.
    Last edited by lilstevie; 02-14-2010 at 08:39 AM Reason: added missing words from post

Closed Thread
Page 28 of 29 FirstFirst ... 18272829 LastLast


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts