PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

January 14, 2011 // 12:34 am - Today Waninkoko mentioned he agrees with Hermes and Naima's recent views on the discussion of PS3 NPDRM SELFs, how their encryption differs, GeoHot and what PS3 Firmware 3.60 may bring to combat PlayStation 3 hackers.

Below is a rough translation from Elotrolado, to quote:

"Let's see... speaking of bans and stories...

I like to play magic, astrology and / or fortune-telling, so what is written below is not from any of the three.

The first consequence that will bring the firmware 3.60 is that all applications signed with the utility in make_self_npdrm created by Geohot stop working.

Oh Wait! That's not what I had said 'sceners' by the mouth of all are phrases like 'are key signed with Sony, you can not do anything'

That would be true if they were well signed, but the truth is that they are not.

Without going into deep detail about how the Sony npdrm I will explain briefly, when Sony makes the process to generate an executable npdrm valid, generates a random key pair unique for each executable, those keys are encrypted with the ERK + npdrm RIV, which is available reverse-engineering the firmware PS3 coded counterpart obtaining them.

The keypair is encrypted then clear the rest of the encrypted file and its counterpart is included as such in the header. The ERK + RIV npdrm Sony counterpart to decrypt the header and get the keypair clear after which we can follow the rest of the decryption process of the application.

I have intentionally omitted details, but I think the important concept is clear.

Geohot with cheap excuse not to encourage piracy has never published the key then Sony would decrypt all npdrm. That would be honest if it came from someone else, but in the case of a megalomaniacal egomaniac we suspect other hidden agendas.

Kakaroto said recently that "now the hackers we must also reverse engineer Geohot both work as that of Sony's as clear sign of his displeasure toward Geohot control policy.

My general definition of piracy would be the misappropriation of something in order to obtain personal benefit Geohot just what has been done.

Have you used the keys and the Sony code to position a checkpoint in the 'scene' for PS3, be he who decides who can do the rest of us.

Hypocrisy has been used at will as best suited him, we do not condemn it piracy on one hand but on the other metldr the key post because it is a contradiction.

Has clearly used his position to a position from childhood, I think Geohot has seen too many movies, openly seek work, the sad reality is that in the professional world or for fellow would not today. If you want to work professionally is formed first.

The question of its usefulness in make_self_npdrm is that it uses a keypair static since it does not include the ERK + RIV Sony npdrm keypairs can not generate random for each file.

Has other errors, such as creating blank File Digest, which are unmistakable signs that the executables created are legitimate, but these other errors could be corrected by any competent programmer. However, the static keypair has no solution without the ERK + RIV npdrm Sony.

Sony is therefore extremely easy to block the execution, blacklist, all executable to use that keypair, and Geohot knows.

In fact in your source code includes a request to Sony: 'Please do not add to blacklist the key pair that I use, I have offered applications lack the ability to decipher the npdrm'

If we add your child open and work order which I have mentioned, I feel the urgent need to address a question to Geohot, the same question is also the desire of all employees and people who are part of Sony and I even think that part of the user community.

Geohot, kid, "Are you stupid or you do it? just that I thought a few days ago +risas

In addition, the patch is applied by mounting the flash in writing, decoding module, it gets the patch messed with the payloads for pkgs (four bytes), re-encrypts it and writes it to the flash.

This is just watching the elf text strings with a hex editor (the syscall to mount the device is published in

Sys_storage_util_mount 837 (?) Parameters: Device Name (eg CELL_FS_IOS: BUILTIN_FLSH1) Device File System (eg CELL_FS_FAT) Device Path (eg / dev_flash), 0, Write Protection (0 or 1), 0, 0, 0

Sys_storage_util_unmount 838 (?) Parameters: Device Path (eg / dev_flash)

Of course, what I do is I can not control 50 areas and 50 fregaos get into, because at the end, I can find a mess that can not leave (other than each has its strengths and weaknesses.) Thing, is that all of our own solve the puzzle and all methods are public and that each work on what you like most independent of the others.

I certainly hoped to have the functional fail0verflow tools that allow me or others, to create the necessary code, but it certainly was very much in disagreement with the path taken by geohot to guard things, basing his work on the part of work of others. That makes a pass at a small application, but not something that requires the best minds and some tranaparencia for anyone charged with the responsibility and does not wither.

A big companies we give a crap: I do not care if you're brilliant or mediocre, if you're black or white glove: we all get into the same bag and say the same for all: the mess that was previously head better. And if not interested in the game, not to intervene.

So it's understandable that people be careful not to look for trouble, but it is understandable that you do your job, you keep it and you become solely responsible for certain things that are happening, because then, you cut what hangs and what does not hang as well, do not farm your friends and how to proceed, you prevent this forward and put others at risk trying to do the same as your own + the boot.

PD: Anyway, I do not want to lose, for us and much to gain and dismantle the arguments of SONY or most of their arguments, but also to be scared enough to do what I should have done from the beginning : o nothing, or what others are doing in this regard.


Waininkoko adds the following: "Totally agree.

By the way, what a surprise when I told you about the XML and then saw Finally, geohot has done the same thing I already got done, but in a different way."

Hermes and Naima on PS3 NPDRM SELFs, Encryption Differs

PlayStation Follow us on Twitter, Facebook and join us at our new site WWW.PSXHAX.COM!

#25 - DENEGRAO - January 14, 2011 // 4:57 pm
Geohot is very capable hacker, but his real intent is to work on Sony or Nintendo or Microsoft, so if a was a dev, i will never wait for something from him. About the devs, stop complain about Geohot and do what you gotta do!

#24 - fldash - January 14, 2011 // 4:45 pm
fldash's Avatar
geohot seems to think that by touting his anti-piracy stance and not releasing certain information that Sony cares. Sony doesn't care, they are pissed.

The only thing geohot is doing is slowing down development by not releasing everything he knows about the system. Sony is going to sue (and has already) regardless of him being anti-piracy and keeping things he considers to enable piracy under-wrap.

If he has the NPDRM keys to decrypt he should release them. If he knows ERK + npdrm RIV, he should release it so all our code isn't signed with the same key pair...

#23 - nipsen - January 14, 2011 // 4:28 pm
nipsen's Avatar
It's a rough google-translation, but they suggest the same others thought when looking at the security design - geohot doesn't have "the root-key", he has a method to extract an existing key-pair.

Just like the last time - the approach he uses isn't going to be impossible to counter, just as it's completely useless for packaging and running homebrew you compile yourself.

But unfortunately, the guy just keeps impressing Sony's producer-spawn, and they go into high gear when it comes to spending resources on legally questionable, and market-hostile ways to limit their customers.

Geohot doesn't seem to get this, that Sony has no interest in keeping their device "unlocked". (Apple did with the iPhone, because it would allow them to sell phones outside the American service providers). And that there will be no silent admittance of defeat for Sony's folks here.

In fact, if Sony really did make a mistake when applying the security model they've developed, Sony will most likely abandon the ps3 and the psn in general. And they will state something along the lines that "crackers destroyed the ps3", made it unfit for the market - and they will believe it as well.

So even though the guy doesn't actually have a way to reverse-engineer the ps3's signing process, producer spawn is going to go off on a rampage. While we're not getting anything useful.

The point is that Geohot isn't contributing anything useful, while making sure that unnecessary steps that inconvenience everyone is taken. We had that with linux as well. Geohot didn't discover anything useful then to actually remove the copy-protection, and the exploit that turned up later wasn't based on a low-level hack.

#22 - routehero - January 14, 2011 // 4:06 pm
routehero's Avatar
Quote Originally Posted by parallx View Post
And for the record, I own more actual old school cartridges than you can imagine, along with tons of original hardware. I played atari when it was NEW.

I don't see the relevance. A backup manager, such as multiMAN, is enabling a user to backup his games to local disk (or USB) and play from there.

An emulator, such as SNES or MAME, is enabling a user to download a ROM (forgive me if I doubt most people's ability to dump a cartridge or arcade machine to linux/win32), copy to local disk (or USB), and play from there.

They are in effect equal in purpose and ability. Both have the purpose of allowing a user to play the game from local disk, and both have the ability to enable copyright infringement.

It's wonderful that you're waiting for an XBMC (or other) port, but that's not likely to happen. If you do want such a contraption, why not buy a Boxee? It comes with XBMC and is cheaper than a PS3.

Too many devices, you say? More consolidation, you say? Man up and put your equipment in your basement and run an HDMI cable through your walls to your TV. Get an RF-capable remote to control your devices down below.

#21 - semitope - January 14, 2011 // 4:02 pm
semitope's Avatar
Need this to be translated properly. I couldn't read it.

Is geohot really the only ones with these keys? No-one else can use the fail0verflow information to get further?

#20 - parallx - January 14, 2011 // 2:58 pm
parallx's Avatar
So you equate brand new released games, sold in stores TODAY, to out of print hardware, which to some degree is unobtainable? I tend to think otherwise. I'm not saying there may be things wrong with it, but not everything revolves around US copyright law.

Personally, I most await things like an XBMC port, additions to/and or a new web browser, and the creative things that people haven't even thought of yet. Besides, coding is an art, and writing an emulator is art. I appreciate the novelty of making a machine imitate another machine, and in these cases, in 1080p with enhanced graphics.

But I'm sure there is an art to playing current games without paying for them... Keep in mind, the original goal was to restore Linux. The original intent of the very first exploit was access to the graphics hardware. Piracy is unfortunate collateral damage (or fortunate if you are a pirate.) Some very ungrateful people in this "scene."

I suspect lots of kids living with parents who's allowance doesn't allow for a new game all the time. I can understand that side of piracy, I was a kid once. I've got a job now, and can afford to man up and pay for games I want to play.

And for the record, I own more actual old school cartridges than you can imagine, along with tons of original hardware. I played atari when it was NEW. We can agree to disagree, I suppose.

#19 - fldash - January 14, 2011 // 2:11 pm
fldash's Avatar
As I've said... geohot is the only developer that has released something to be consumed by the general public for firmware 3.55 yet the system is supposedly 'wide open'. So, at this point, the scene is somewhat dead until the current devs are able to catch up to what geohot knows about the system... A wide open system means nothing if it's so complex that the developers working on it can't figure it out.

#18 - cfwprophet - January 14, 2011 // 1:55 pm
cfwprophet's Avatar
I find it funny that such things comes from Hermes and Waninkoko. Don't misunderstand i'm happy about permanent jailbreak but to same time it is not ok the way it was released.If geohot would have work in underground with sceners and released it to specific time via a other person then it wouldnt hurt sony as it to time do.

Beside all this i remember that Waninkoko is respond for killing the Wii scene in case he released first the USB Loader and in time of a few hours he also presented and released a SD loader. Marcan was the one who showed him that it is not to hard to write a SD loader cause he hase done the same in time of 2-3 hours and asked Waninkoko to not release his SD loader.

But what hase wanin done? Jop released the shit and ruined the Wii Hombrew and Hacking scene with it.I to this time finished my work on Wii and jumped over to the ps3 and coded my first machine code pc app for the ps3 to us on win32 pc. Hermes never released a Backup Loader but he also released a custom IOS for the Wii to make use for Homebrew and Pirated Games.

Also on the PS3 he hase coded payloads for use with psgroove jailbreak to also activate pirated games. So i don't want to say that his post isnt true but are Hermes and Waninkoko the guys who really can spid out such things about Geohot?

And thats no fan war cause i call geohot as EGOHOT like the interview from yesterday has proven that he is.


#17 - y2kkingboy - January 14, 2011 // 1:20 pm
y2kkingboy's Avatar
Most of us understand that the guy gets off on being popular and on top. I'd suggest to leave him alone and forget about him. We do not have to jump and start working and try every thing he throws at the scene every time he does something. Just do the opposite, ignore him and leave him to his naive and misrepresented childhood trauma. That would kill him.

I feel that we should leave everything in the hands of our more trusted, more giving people who have been working really hard with payloads, jailbreaking and other stuff. They gave us something working. But he comes every time and does something that makes the whole scene happy, sad and angry at the same time.


my 2 cents.

#16 - daveribz - January 14, 2011 // 1:19 pm
daveribz's Avatar
This note really seems like a warning. I kinda see it like: "I have the keys, but i'll keep them for myself as long as you don't piss me off." And I think that might be too late for Sony.