PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

223w ago - Today Waninkoko mentioned he agrees with Hermes and Naima's recent views on the discussion of PS3 NPDRM SELFs, how their encryption differs, GeoHot and what PS3 Firmware 3.60 may bring to combat PlayStation 3 hackers.

Below is a rough translation from Elotrolado, to quote:

"Let's see... speaking of bans and stories...

I like to play magic, astrology and / or fortune-telling, so what is written below is not from any of the three.

The first consequence that will bring the firmware 3.60 is that all applications signed with the utility in make_self_npdrm created by Geohot stop working.

Oh Wait! That's not what I had said 'sceners' by the mouth of all are phrases like 'are key signed with Sony, you can not do anything'

That would be true if they were well signed, but the truth is that they are not.

Without going into deep detail about how the Sony npdrm I will explain briefly, when Sony makes the process to generate an executable npdrm valid, generates a random key pair unique for each executable, those keys are encrypted with the ERK + npdrm RIV, which is available reverse-engineering the firmware PS3 coded counterpart obtaining them.

The keypair is encrypted then clear the rest of the encrypted file and its counterpart is included as such in the header. The ERK + RIV npdrm Sony counterpart to decrypt the header and get the keypair clear after which we can follow the rest of the decryption process of the application.

I have intentionally omitted details, but I think the important concept is clear.

Geohot with cheap excuse not to encourage piracy has never published the key then Sony would decrypt all npdrm. That would be honest if it came from someone else, but in the case of a megalomaniacal egomaniac we suspect other hidden agendas.

Kakaroto said recently that "now the hackers we must also reverse engineer Geohot both work as that of Sony's as clear sign of his displeasure toward Geohot control policy.

My general definition of piracy would be the misappropriation of something in order to obtain personal benefit Geohot just what has been done.

Have you used the keys and the Sony code to position a checkpoint in the 'scene' for PS3, be he who decides who can do the rest of us.

Hypocrisy has been used at will as best suited him, we do not condemn it piracy on one hand but on the other metldr the key post because it is a contradiction.

Has clearly used his position to a position from childhood, I think Geohot has seen too many movies, openly seek work, the sad reality is that in the professional world or for fellow would not today. If you want to work professionally is formed first.

The question of its usefulness in make_self_npdrm is that it uses a keypair static since it does not include the ERK + RIV Sony npdrm keypairs can not generate random for each file.

Has other errors, such as creating blank File Digest, which are unmistakable signs that the executables created are legitimate, but these other errors could be corrected by any competent programmer. However, the static keypair has no solution without the ERK + RIV npdrm Sony.

Sony is therefore extremely easy to block the execution, blacklist, all executable to use that keypair, and Geohot knows.

In fact in your source code includes a request to Sony: 'Please do not add to blacklist the key pair that I use, I have offered applications lack the ability to decipher the npdrm'

If we add your child open and work order which I have mentioned, I feel the urgent need to address a question to Geohot, the same question is also the desire of all employees and people who are part of Sony and I even think that part of the user community.

Geohot, kid, "Are you stupid or you do it? just that I thought a few days ago +risas

In addition, the patch is applied by mounting the flash in writing, decoding module, it gets the patch messed with the payloads for pkgs (four bytes), re-encrypts it and writes it to the flash.

This is just watching the elf text strings with a hex editor (the syscall to mount the device is published in http://ps3wiki.lan.st/index.php/Lv-2_syscalls

Sys_storage_util_mount 837 (?) Parameters: Device Name (eg CELL_FS_IOS: BUILTIN_FLSH1) Device File System (eg CELL_FS_FAT) Device Path (eg / dev_flash), 0, Write Protection (0 or 1), 0, 0, 0

Sys_storage_util_unmount 838 (?) Parameters: Device Path (eg / dev_flash)

Of course, what I do is I can not control 50 areas and 50 fregaos get into, because at the end, I can find a mess that can not leave (other than each has its strengths and weaknesses.) Thing, is that all of our own solve the puzzle and all methods are public and that each work on what you like most independent of the others.

I certainly hoped to have the functional fail0verflow tools that allow me or others, to create the necessary code, but it certainly was very much in disagreement with the path taken by geohot to guard things, basing his work on the part of work of others. That makes a pass at a small application, but not something that requires the best minds and some tranaparencia for anyone charged with the responsibility and does not wither.

A big companies we give a crap: I do not care if you're brilliant or mediocre, if you're black or white glove: we all get into the same bag and say the same for all: the mess that was previously head better. And if not interested in the game, not to intervene.

So it's understandable that people be careful not to look for trouble, but it is understandable that you do your job, you keep it and you become solely responsible for certain things that are happening, because then, you cut what hangs and what does not hang as well, do not farm your friends and how to proceed, you prevent this forward and put others at risk trying to do the same as your own + the boot.

PD: Anyway, I do not want to lose, for us and much to gain and dismantle the arguments of SONY or most of their arguments, but also to be scared enough to do what I should have done from the beginning : o nothing, or what others are doing in this regard.

Greetings"

Waininkoko adds the following: "Totally agree.

By the way, what a surprise when I told you about the XML and then saw Finally, geohot has done the same thing I already got done, but in a different way."

Hermes and Naima on PS3 NPDRM SELFs, Encryption Differs

Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene and PlayStation 4 scene updates and fresh homebrew PS3 Downloads. Enjoy!


  • Sponsored Links




#35 - routehero - 223w ago
routehero's Avatar
You're missing the point. Whether it's illegal today or legal tomorrow, backups and emulators are the same thing.

If you want to go join the holy crusade against copyright law, go ahead.

What really should change is the holier-than-thou "I just want emulators" crowd.

#34 - madsciencelabs - 223w ago
madsciencelabs's Avatar
Quote Originally Posted by routehero View Post

I'm simply man enough to admit when a spade is a spade.


Then you should be man enough to admit when copyright law needs to be changed to account for the disconnect between the pace of modern development and that in place when those laws were enacted.

People used to believe that human slavery was within "the law", and they used phrases very much like the one you pulled from the aether.

Chasing down "copyright infringers" on decades-old IP makes about as much economic and political sense as attempting to keep people from growing and smoking weeds.

Maybe if they spent less money on lawyers to chase kids, they could sell MORE NEW games at less than $60 a pop?

#33 - Tatsh2DX - 223w ago
Tatsh2DX's Avatar
Quote Originally Posted by squarepusher2 View Post
Go cry me a river over poor little developers getting 'copyright infringed', especially when it involves SNES games.

By all means support the industry by forking out 30-40 bucks for a copy of Super Mario All-Stars Wii that is the exact same thing as this copy of Super Mario All-Stars that I own in cart form and in ROM form - only problem is - back in 1993, it was actually value for money, now - it's a goddamn rip-off.

Companies are within their legal rights to defraud millions of customers by selling them what amounts to 1-2MB downloads at unreasonable prices (a 16Mbit ROM on a 4.7GB DVD? Really? You equate that to 'value for money'?) - and you want to talk about poor little developers getting burned by piracy - by a SNES emu of all things?

File size really has nothing to do with price. And if Nintendo feels like wasting all those DVDs, so what.

I think the new Super Mario All-Stars is a rip-off as well. It's 100% the same, it's a SNES emulator with a copy of the ROM image. Should've been released through VC if it has not been already. I don't think the OST has much value either these days.

#32 - routehero - 223w ago
routehero's Avatar
Whether or not it's reasonable doesn't change the fact that you're still inringing copyright.

About 99% of the time, I never pay for software, nor do I have any vested interest in the gaming industry.

I'm simply man enough to admit when a spade is a spade.

#31 - jarvis - 223w ago
jarvis's Avatar
If copyright was still reasonable and not in its current state then SNES ROMs and others would already be in the public domain. Copyright is there to encourage development and creation of the arts, it is not a permanent paycheck for something you did years and years ago.

I'm a software developer, and I still think the laws are ridiculous. I don't know what it is with actors and musicians either. They think they can perform a song once and get paid indefinitely? That would be like me getting residuals every time a line of code I wrote, no matter how long ago, resulted in a paycheck when it was executed. I don't expect this, and neither should those self entitled a-holes.

I purchased close to a hundred SNES games. I admit I have every SNES ROM created, but I still only end up playing the games I purchased many years ago. So no, I don't feel bad. And I deserve to be able to play those to this day.

And I don't pirate PS3 games, even though it is trivial to do so now. I will support a current generation by purchasing games I play. All I want is to be able to install an unencumbered Linux installation on the hardware I bought (as advertised!) and to be able to run homebrew applications, including emulators. I don't care if I can ever play copied/backed up games on the PS3 (although it would be nice to play games I purchased off the hard drive).

So yeah, cry me a river. Why don't you go back to your Sony provided cubicle and spare us your comments in the future.

#30 - routehero - 223w ago
routehero's Avatar
Free market. The value of a product is what you're willing to pay for it. No one is forcing you to buy it, so go cry me a river about the prices.

It's still copyright infringement just as much as copying a modern title is.

#29 - squarepusher2 - 223w ago
squarepusher2's Avatar
Quote Originally Posted by routehero View Post
Unless you have a stack of SNES catridges and arcade machines in your basement, it's still copyright infringement and no different than using 'backups'.


Go cry me a river over poor little developers getting 'copyright infringed', especially when it involves SNES games.

By all means support the industry by forking out 30-40 bucks for a copy of Super Mario All-Stars Wii that is the exact same thing as this copy of Super Mario All-Stars that I own in cart form and in ROM form - only problem is - back in 1993, it was actually value for money, now - it's a goddamn rip-off.

Companies are within their legal rights to defraud millions of customers by selling them what amounts to 1-2MB downloads at unreasonable prices (a 16Mbit ROM on a 4.7GB DVD? Really? You equate that to 'value for money'?) - and you want to talk about poor little developers getting burned by piracy - by a SNES emu of all things?

#28 - Tatsh2DX - 223w ago
Tatsh2DX's Avatar
Quote Originally Posted by tilla View Post
The broader implications of this case are important though, one could argue. If allowed to go to court and Sony loses, it creates a permanent legal precedence against Console manufacturers able to abuse customers like this. I'm all for that.


That 'abuse' will then be brought to the point to where publishers (EA and other big names) will refuse to public any more content. Developers definitely said no to PSP after a while and the reason cited was piracy.

I know many developers will happily make cool stuff, maybe a lot more open source stuff will come out, but who will make the big games most people want to play if they cannot eat?

On another note, maybe these systems could stop relying upon a 'global' copy protection. iPhone and iPod Touch for example both utilise encryption of the ELF files, virtually no asset protection, but they have taken away the need for the developers to find copy protection solutions (although many still implement checks), and so have console manufacturers; where virtually no game has ever had an issue running once signature checking or any type of global copy protection was removed (modchip in PS1,PS2; modchip and softmod with Wii; modchips and softmod with Xbox1; firmware check on 360). Then after that, we would of course have to wait for any apps and games to be cracked just like on PC. Since more things are moving to web-based subscriptions (giving code back only upon successful login, such as the new Ubisoft games), it will be no surprise when there is no way to crack many of these applications.

It is amazing that all these device makers would want one single point of failure for EVERY game/protected application.

#27 - tilla - 223w ago
tilla's Avatar
The broader implications of this case are important though, one could argue. If allowed to go to court and Sony loses, it creates a permanent legal precedence against Console manufacturers able to abuse customers like this. I'm all for that.

#26 - Tatsh2DX - 223w ago
Tatsh2DX's Avatar
Geohot is stupid in one way: why would you give out your name? He thinks because what he has done was apparently legitimate especially since he has never directly enabled piracy that he can give out his name and expect no scrutiny. How dumb is that? The Carnegie Mellon professor is doing the same and risking the same exact thing. Would you really want to lose your job for posting some encryption keys on a server you DO NOT own?

Even if you have an on-line nick, you still gain the popularity. So I do not get the point. I'm sure all of us think highly of other hackers who do NOT give out their real name. Is Hermes really his real name? Is Waninkoko his real name? NO. How about all those release groups who NEVER release any nicks of crackers.

Hermes maybe didn't use git (Marcan, another one stupid enough to give out his real name) but he did get something working EVERY TIME and nobody gave a shit that it came in a RAR file. If I wanted someone to contribute I would want that person to join in and use the same software; however, just because they don't DOES NOT discredit them.

We all take nicks on here and elsewhere (let's say, private torrent sites) for a reason!

'We're security researchers, we shouldn't fear revealing our names, let's take the hit!'