PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

January 26, 2010 // 1:02 pm - Below is iQD's statement regarding the recent GeoHot PS3 Hack news, partly it really seems as if he does not read any docs :P

The most he claims to be surprising is mentioned in the IBM docs hehe^^

To quote: "So the PS3 is hacked ? Well that's nothing more than an urban legend.

Altough it's nice to capture all these HV calls and stuff from a plain (not encrypted) lv1 binary, but this will never lead to a hacked PS3.

Let's have a look. The major security architecture on the PS3 is called the "Secure Processing Vault" and is the most important thing regarding "hacking" the PS3.

There is NO WAY for the PPU or even the HV to gain access to the SPU, which is an application running inside of an isolated SPU.

Well you can kick out the isolated SPU, like geohot mentioned, but this gives you nothing, as ALL the encryption and execution of applications (HDD encryption, app encryption, decryption, executing, signature checking, root key extraction) happens inside the isolated SPU.

To run homebrew on the PS3 you would have to reassemble the whole functionality from the SPU inside a binary running on the PPU. For this you will need the root key.

The root key is stored in hardware (not even close to the things on the iPhone). The root key cannot be extracted by any software or hardware means and is essential to ALL encryption/decryption, executing and checking routines.

The only way to get the root key is inside of an isolated SPU, as it is kick-starting the hardware encryption facility. There is no other way to do that !

Let's just assume that geohot or some other guys are able to break into the local store of the isolated SPE. There they will just find some encrypted binaries.

The key for decryption is encrypted by the root key ! You won't get anywhere without the root key.

Let's assume that someone managed to do all those stuff from the isolated SPU on the PPU and creates a CFW.

There is still a secure booting environment. The first module loaded/bootet is integrity checked by the hardware crypto facility utilizing the root key. So you have also to address this booting stuff. Again, no root key, no booting.

So there's always runtime patching you might ask ? Not possible on the PS3 because the hardware crypto facility is able to check the signatures whenever it wants to.

And which part is responsible for this ? Exactly, the isolated SPU. So if you kick out the isolated SPU the system will not boot/run anymore.

The PS3 is neither an PSP nor an iPhone. It's the most secure system architecture of this time !

The girl behind this stuff, Kanna Shimizu, is not somebody. Messing around with this is not like saying Bruce Schneier is a n00b.

Btw.: forget about all those stories, that certain hackers are or will be employed by SONY. That's nothing more than another urban legend.

@geohot It is OBVIOUS that the HV is PPC. The Cell BE is a PPC architecture, you know ;-) Better read those IBM papers in first place !

- iQD"

iQD: PS3 is Hacked - The Urban Legend Continues

PlayStation Follow us on Twitter, Facebook and join us at our new site WWW.PSXHAX.COM!

#39 - PS4 News - January 29, 2010 // 10:44 pm
PS4 News's Avatar
I suppose it's time to wrap this thread up, mainly as iQD isn't here to reply and we don't want to upset those working at hacking the PS3 their own way, etc.

#38 - Warrorar - January 29, 2010 // 10:05 pm
Warrorar's Avatar
Quote Originally Posted by cfwprophet View Post
What do you talking man?

To get hands on a dump of lv1 is the first step what need to be done for a real ps3 hack. To time a whole team is reversing the lv0 and lv1 dump from GH and he self is working on the lv2.So what have SKFU or iQD done what could be similar?

The next official hackers what could mess with GH is Mathy (Mathieulh&Crew) and CJ (CJPC&Dev's) if you ask me.

i agree with cfwprophet..

#37 - cfwprophet - January 29, 2010 // 9:11 pm
cfwprophet's Avatar
What do you talking man?

To get hands on a dump of lv1 is the first step what need to be done for a real ps3 hack. To time a whole team is reversing the lv0 and lv1 dump from GH and he self is working on the lv2.So what have SKFU or iQD done what could be similar?

The next official hackers what could mess with GH is Mathy (Mathieulh&Crew) and CJ (CJPC&Dev's) if you ask me.

#36 - SDF - January 29, 2010 // 8:43 pm
SDF's Avatar
Well, the truth is that if SKFU+iQD ever say "i/we hacked the ps3" then the ps3 will be hacked for real.

GH is just cocking and advertising himself, he opened he's mouth too early and when he realized that he cant do much and that the ps3 isn't an iphone, he posted that he doesnt know c++ and that he cant be 24/7 on the ps3... yea right, better luck next time chummy.

#35 - gravesg - January 28, 2010 // 2:06 pm
gravesg's Avatar
I wish we could link up about 200,000 ps3's and try to brute force the keys out... via the [email protected] method computing cloud.

I for one understand we are nowhere near homebrew... KEYS PEOPLE KEYS... but when the day comes i'll be sure to have my 20x blu-ray burner and 100Mbit connection ready to download some stuff.

#34 - cenoxdj - January 27, 2010 // 4:43 pm
cenoxdj's Avatar
We are human being, so every machine encryption or whatever are created by a human being, not by an IA or anything else. So in the our story many many times things that werem't crackable are getting crackable, an example is what happened with cuda, do you remember? It was a bank or another services with HIGH sicurity got hacked by GPUs. I'm not saying that someone like GH is THE ONE but even if ps3 had a veryhigh security we have to remember that is a thing that WAS created.

I'm not so expert but i would like to ask a question: when we download a firmware update by network, that is "universal" so to get installed i think that had to match the key with the hardware key, so the key should be unique, how can they change? Only AFTER installing the new firmware (if they want to) so we could be able to spoof what effectively changed.

If it's not so every firmware has a key, than it decrypted/encrypted by the key matched and re-encrypted with the HW key (so loong i think). There is an algorithm, of course there is whatever is the case. If is the first, isn't ps3 enough powerful to "decrypt" itself?

#33 - Siggy12 - January 27, 2010 // 4:01 pm
Siggy12's Avatar
pay attention to the POST that is BEFORE that GEOHOT release the exploit

so after that geohot release the exploit it was better for them remove THIS ENVY POST

#32 - saviour07 - January 27, 2010 // 3:33 pm
saviour07's Avatar
I'm gonna agree with kakarotoks, coz what geohot has done is great and IS a hack by definition (he's accessed a part of the ps3 that he shouldn't have access to) but it is not the type of hack that the "mere mortals" are familiar with.

I think even though what iQD/SKFU have wrote may come across as either jealousy or flaming, is infact just a rose tinted view by those who believe what geohot has done has given them the key to homebrew... he hastn't. And this is what iQD/SKFU have tried to explain.

Geohot has done great in opening up a new door, but what iQD/SKFU are now saying is that there are MORE obsticals to overcome! It annoys me hearing noobs asking "where's the cfw?" or "yes! homebrew!"

So people need to read iQD/SKFU's original post again and understand that there is still ALOT of work to be done before YOUR definition of a hack arrives.

#31 - RyLoS - January 27, 2010 // 3:28 pm
RyLoS's Avatar
SKFU, I don't know you, but you are giving this impression... you are "defending" the ps3 protection only at the end... are you a sony employee or dev?

Kudos to GH.

#30 - dunkler - January 27, 2010 // 1:28 pm
dunkler's Avatar
Quote Originally Posted by cfwprophet View Post
Word Dude. And i wouldnt give a lot on things coming from SKFU!!

I remember on our last conversation here on ps3 news where he have claimed that he know how to play ALL games from hdd but he dont will tell us/me becouse im a lame pirate. So SKFU whats you problem dude, hu..?

What GeoHot have reached is more then you ever have. Thx for your nice infos but as i said they are useless and couldnt lead into anything.

True.. I think SKFU and most devs are jelous now, GH done this in so short time and it's a shame. I remember when devs invited GH to join the team, i loled hard, GH > mathieulh, SKFU and many others. Imo CJPC remains the best dev here...