KaKaRoTo Speaks of ECDSA Algorithm - CFW Impossible

[lolcatzuru]

im sure he'll figure it out, i doubt sony is clever enough to make it CFW proof

[unreal676]

Instead of looking for an exploit in the firmware, or something, why not attempt to do what C4Eva has been doin' for the 360, hack the DVD drive to play back ups. Buy your new game, spend some money on a good Blu-Ray reader/burner ( $100 ), a pack of 25 gb discs, for just about every normal game out there is only $30, and go from there. Homebrew isn't that important on the PS3 scene as it is on the Wii or the 360, so just get something out there like that. The day that
C4Eva finishes all the 360 drive firmware with LT 3.0, is the day I hope he turns toward the PS3's drive and ****s it up. If people spend money for a shitty TB dongle, they'll spend it for some discs and a burner. Pirates or not, it'll help move the scene along. That's if you can even call this a scene anymore.

[ahou]

OTP:

"If the key is truly random, as large as or greater than the plaintext, never reused in whole or part, and kept secret, the ciphertext will be impossible"

However, nothing is truly random. OTP can be cracked.

lol. Yes, some things are indeed random, and it most certainly cannot be cracked, unless used by idiots.

[hypertryer]

Keys are a lost cause, they should just patch out sig checks altogether like the 360's Jtag kernel.

[CS67700]

Keys are a lost cause, they should just patch out sig checks altogether like the 360's Jtag kernel.

If it was possible it would have been done already.
The PS3 is a fortress, unlike the 360 which was "rushed" with a lousy security.

This is the new era guys, lets face it, console hacking is slowly gonna die.
Why ? the PS2/Gamecube/Xbox 1 were barely connected to the internet, nothing serious (like now).

When a console was hacked there was nothing the company could do to stop it.
Now, they can.

Consoles are connected to the internet all the time, meaning constant update of the firmware and anti piracy securities.
Even if someone does hack a next-gen console, it's gonna be patched again and again, meaning it's worthless (unless you wanna do that all day).

The 360 had serious flaws (Jtag + drives), but also got slowly patched by Microsoft (the new drives require more expensive tools to flash, and is more complicated), especially in the drive FW.
But the CD/DVD's are gonna disappear slowly (the console companies want consoles without physical games, especially Sony, meaning even less possibilities of hacking since no drive).

I suggest you get a job and start buying games. They aren't gonna fall from the sky anymore.

[yoshi314]

I still remember when everyone and their mothers said that Sony couldn't fix the PS3 without a hardware revision because of the original key leaks? lol

Idiot sheeps.

idiot sheep here. i think i mostly referred to the geohot's glitch - the only way to avoid it was to cut the linux support from the ps3 - there is no other way around it. otherwise you would be able to take ram dumps from ps3 with any firmware.

secondly, there were no key leaks. keys got discovered due to mistake on sony's end. and it's not a full collection of keys - certain parts of ps3 system are still locked, and new firmware is signed with keys contained in that unhacked parts.

The PS3 is a fortress, unlike the 360 which was "rushed" with a lousy security.

actually xbox360 has much more solid security in place. the hackers put it a few steps over the ps3 in terms of quality of protections.

AFAIK most xbox hacks revolve around drive firmware modifications and working around the sophisticated disc protections that keep popping up. and running homebrew requires extensive JTAG hacking.

[NuclearAqua]

Instead of looking for an exploit in the firmware, or something, why not attempt to do what C4Eva has been doin' for the 360, hack the DVD drive to play back ups. Buy your new game, spend some money on a good Blu-Ray reader/burner ( $100 ), a pack of 25 gb discs, for just about every normal game out there is only $30, and go from there. Homebrew isn't that important on the PS3 scene as it is on the Wii or the 360, so just get something out there like that.

But that won't work. Our problem is that we can't decrypt new games' executables, so we can't launch them in 3.55. A BD drive hack wouldn't change that.

If it was possible it would have been done already.
The PS3 is a fortress, unlike the 360 which was "rushed" with a lousy security.

If the PS3 is a fortress, it's thanks to IBM, that designed Cell in a nearly bulletproof way. On Sony's end they ****ed up on something so basic as not using a random number in ECDSA. Console security isn't the Sony's strong point.

This is the new era guys, lets face it, console hacking is slowly gonna die.

No it's not. Every console so far is hacked. There is a number of reasons the PS3 isn't as sucessful as other scenes:

1- It's barely an year old. Yeah, it's hard to believe but it's true.
2- Pussy devs that are afraid of Sony lawsuits.
3- Devs with bigger ego than the world.

Despite that, recently True Blue just came out a few months ago, so the scene is really far from dead. I think it's most a matter of not having the right people for the job.

Consoles are connected to the internet all the time, meaning constant update of the firmware and anti piracy securities.
Even if someone does hack a next-gen console, it's gonna be patched again and again, meaning it's worthless (unless you wanna do that all day).

What, you mean like the PSP? Every FW that came out for it was eventually cracked. It was patched again and again, and people cracked it again and again. That's not a problem.
The Xbox 360 is always having new anti-piracy features, and people are always cracking it. i don't really see what's the problem here.

But the CD/DVD's are gonna disappear slowly (the console companies want consoles without physical games, especially Sony, meaning even less possibilities of hacking since no drive).

Yeah, you can totally tell the resounding success the PSP Go had, with no physical game support.

[krytonic]

But that won't work. Our problem is that we can't decrypt new games' executables, so we can't launch them in 3.55. A BD drive hack wouldn't change that.

Yes it would change it. If you hack the drive's firmware to bypass the disc's DRM, you would be able to play the latest games backed up on a burnt disc on the latest firmware. You wouldn't have to stay on 3.55, if you want backups more than homebrew.

[NuclearAqua]

Yes it would change it. If you hack the drive's firmware to bypass the disc's DRM, you would be able to play the latest games backed up on a burnt disc on the latest firmware. You wouldn't have to stay on 3.55, if you want backups more than homebrew.

If that's what he meant then yeah, it's true. Never thought of that, sorry.

[unreal676]

If that's what he meant then yeah, it's true. Never thought of that, sorry.

That's exactly what I meant, and if you look around, many people aren't here for Homebrews like the early scene for the PS3. It's all about, can I play my latest games now? Why isn't TB faster!? Things like that, so I wonder if any of the hackers have ever thought of going straight to the DVD Drive firmware and taking a crack at it. I'm still on 3.5, but man, I'm ready to just make the jump to the latest FW for now and hope that dvd drive hacking is the next big thing, like it was for the Box.

[ridesideways]

I've always liked the idea of the "optical drive emulator" where you put a piece of hardware between the PS3 and the drive, and just emulate the data stream. Easier said than done obviously. I don't really like the idea of CFW, my opinion is go back to OFW and emulate the data stream between the drive and the PS3. I don't know how feasible this is on a PS3 with its architecture, but I'm just saying...

Keys can always be found. The new keys exist somewhere inside the PS3 hardware, and therefore they just need to be found. It's true that you can't guess them, given how secure ECDSA is. But you can "find them" inside the PS3, perhaps in RAM or ROM or wherever (I don't know enough about the PS3's architecture to say where they might be stored). But the fact is if the PS3 can decrypt a game, then the keys are in the PS3, and therefore subject to being found somewhere with enough reverse-engineering.

[hawkY]

80% of comments here say its possible to generate a CFW,then how come nobody made it yet ??? I also know that it must be possible to make it but it seems nobody really wants to do it ...why ?
NOBODY F****** cares...
But there is still one and only hope left , which is team ac1d...If they cannot achieve it, no one can...

[krytonic]

80% of comments here say its possible to generate a CFW,then how come nobody made it yet ??? I also know that it must be possible to make it but it seems nobody really wants to do it ...why ?
NOBODY F****** cares...
But there is still one and only hope left , which is team ac1d...If they cannot achieve it, no one can...

Who are they supposed to be?

[hawkY]

Who are they supposed to be?

google team ac1d and cfwprophet

[nookupeous]

Does anyone remember the PSP or wii exploits. They all rely on crashing something in the system in order to execute unsigned code. The old PSP TIFF image viewer and GTA savegame hacks that allowed for them to make a HEN. The wii's twilight princess exploit or banner bomb. The PS2 007 game exploit.

Instead of relying on decrypting and resigning our own executable files. Why not just figure out something with a buffer overflow/underrun or a savegame exploit within something that already exists within the ps3 to be able to execute unsigned code?

[hollowtip]

If it's man made it can be circumvented. While I'm not a programmer or hacker by any means, people seem to be obsessed with key decryption and devs aren't exploring other exploit possibilities like others have already have pointed out above me.

If it was possible it would have been done already.

Consoles are connected to the internet all the time, meaning constant update of the firmware and anti piracy securities.
Even if someone does hack a next-gen console, it's gonna be patched again and again, meaning it's worthless (unless you wanna do that all day).

Sony doesn't require you to authenticate your system server side before being able to play. It may do so to access online features, but you can still boot 4.0 games, save to the hard drive ect. I know people that are perfectly happy playing games on their PS3 locally that don't even have an internet connection.

[ahou]

If it's man made it can be circumvented.

This is wrong. I already provided the example of a one time pad, which is 100% impossible to crack even given an infinite amount of time, when used properly.

[NuclearAqua]

This is wrong. I already provided the example of a one time pad, which is 100% impossible to crack even given an infinite amount of time, when used properly.

And how exactly would you implement a one time pad in console security?

[fivee]

If that's what he meant then yeah, it's true. Never thought of that, sorry.

And i'd like to point out that kakaroto didnt actually said no CFW, he said - no way to sign your homebrew in a way that sony cant block it. Thats because his idea of a open FW is one you get to install local content, wich he has, and a way to sign said content so the console acepts it regardless of future updates.

Since he's going about the way you can't use it for piracy, he's not trying to install unsigned code or enable peek/poke, not because he thinks it cant be done, just because its not what he wants

[ahou]

And how exactly would you implement a one time pad in console security?

You wouldn't, and couldn't.