The Road Ahead. Dead End Or Roadblock..? (from a Tweet by RMS)

[JudgeDrokk]

The road ahead
Posted on January 30, 2011 by rms

Hi, I’m rms, a PS3 software/homebrew developer.

Well, I’ve been on EFnet for a while now, and I’ve seen many people asking about PS3 Custom Firmware 3.56, well, let me put it in a simple manner, it’s not possible thanks to what Sony did with their ECDSA (Elliptic Curve DSA) cryptography, and the new PUP format along with Cell-OS Lv2 having some extra checks on SELF files now.

See, when we used to get private keys for earlier fail ECDSA keyset revisions, a variable, r, in the ECDSA signature was static, thus allowing us to get the keys using the signature itself, now, Sony fixed this by making that variable random, so we can no longer use simple algebra to get the private key like before. Do note that to retrieve the older private keys, one needed to use 2 signatures, and simply compare them to get the private key. Now, for those who do not know about private keys and public keys and ERK/RIV, here’s a simple explanation: Private keys are used to create signatures, public keys are used to verify the signature’s authenticity. ERK/RIV is used to decrypt the encrypted SELF data.

The new PUP format has 2 extra files, one consists of a new tarball with spkg_hdr1 files, ensuring package integrity, so one can no longer create rehashed pups anymore. Until the spkg format is deciphered, and they can be resigned, one’s pretty much stuck with Official Firmware. Core OS also has some new additions, appldr now checks your SELF revision for NPDRM, and Lv2 selfs, they either must be whitelisted or use the new revision 0x0D keyset in 3.56. Lv2 now will also refuse to load older updater or Lv2diag.self files that do not use the 0x0D keyset. Core OS also has two new revoke lists, prog_srvk and pkg_srvk. They have yet to be fully inspected yet.

So, in the end, Sony pretty much fixed most of the fail, some’s still around though, go look for it. =)

[LiteSoul]

Thanks rms (and JudgeDrokk for pasting the tweet), very useful information, and most of all relatively simple to understand, I appreciate it.

It seems Sony did a few things right, which is ok. Hopefully most people will calm down and stop trying to get a 3.56CFW, basically because we don't need it!
But the people who updated...well patience, maybe when there is a new firmware that is worth the effort (probably 3.60 with Killzone 3), then devs will look at it and try to make a CFW out of it. Pretty much like PSP scene not so long ago.

[Wutangrza]

It's definitely no longer possible to install CFW once you install 3.56 OFW, but I wouldn't think that 3.56 CFW in general would be impossible forever.

3.55 can decrypt read and install 3.56, and we have all the keys for everything 3.55 can do.

I mean logically, 3.55 can make sense of all the files contained in the 3.56 PUP, so all the things needed to make sense of the 3.56 PUP are either already contained in 3.55 or are at least readable in the 3.56 PUP.

That said, there really doesn't seem to any point in 3.56 CFW. With the remote code execution, there's really no way to beat that, and the only advantage 3.56 has over 3.55 is PSN access. Since there's no good way to beat that, there's no real good reason to bother making a 3.56 CFW since even if you did you still wouldn't get PSN access. Aside from PSN, 3.55 can do everything 3.56 can, so why bother?

edit: Oh, I'm stupid and forgot how encryption works for a second. Of course we can decrypt everything in the PUP, but we won't be able to reencrypt because we'll never get the private keys.

[mogwaimon]

Well, despite what people are saying (And despite my lack of programming expertise) I'm a big fan of 'Never say never!' when it comes to scenes like this. There's a lot of brilliant minds at work here, and prior experience has told me that what was ridiculed as impossible one day is possible the next.

Remember, there was a time when everyone thought that the PS3 was rock solid, unhackable...and look where we are now. It may not be right now, or next week, or even next year, but this will all blow over eventually and we'll be at the next level when it comes to cracking open this system.

[AlexDC22]

Well, despite what people are saying (And despite my lack of programming expertise) I'm a big fan of 'Never say never!' when it comes to scenes like this. There's a lot of brilliant minds at work here, and prior experience has told me that what was ridiculed as impossible one day is possible the next.

Remember, there was a time when everyone thought that the PS3 was rock solid, unhackable...and look where we are now. It may not be right now, or next week, or even next year, but this will all blow over eventually and we'll be at the next level when it comes to cracking open this system.

Agreed sir, i am not dev, but i know when somebody tells me you cant do thi or that, i find a way to do it lol.
in the end sony will fail again.

[Thatdude888]

why no decrpt 3.56 and renecrypt it using 3.55 keys ???

[ModIT]

It's definitely no longer possible to install CFW once you install 3.56 OFW, but I wouldn't think that 3.56 CFW in general would be impossible forever.

3.55 can decrypt read and install 3.56, and we have all the keys for everything 3.55 can do.

I mean logically, 3.55 can make sense of all the files contained in the 3.56 PUP, so all the things needed to make sense of the 3.56 PUP are either already contained in 3.55 or are at least readable in the 3.56 PUP.

That said, there really doesn't seem to any point in 3.56 CFW. With the remote code execution, there's really no way to beat that, and the only advantage 3.56 has over 3.55 is PSN access. Since there's no good way to beat that, there's no real good reason to bother making a 3.56 CFW since even if you did you still wouldn't get PSN access. Aside from PSN, 3.55 can do everything 3.56 can, so why bother?

edit: Oh, I'm stupid and forgot how encryption works for a second. Of course we can decrypt everything in the PUP, but we won't be able to reencrypt because we'll never get the private keys.

The thing is : do we ever need to upgrade to 3.56+ ?
It dont see the point - even if they implent new features in 3.56+, i guess you and other devolpers will be able to rip this features and implent them into 3.41/3.55 cfw?
And as long as we can reencrypt on 3.41/3.55, we can encrypt games until the ps4 lunches.. so no need for 3.56 - better implent some useful stuff on the current cfw...

[Bluloa]

I only play a handful of games online, MW2 and Black ops, the rest are for playing at home and letting the kids have a go.

Thanks to homebrew ill never have to worry about a scratched disc again, and there and hundreds of games I can play with CFW 3.55.

What have I lost? PSN. Well sod you sony, im happy to keep my CFW 3.55, have all my game back ups and never have to worry about scratched discs again. Ill also get to enjoy some fantastic homebrew.

And for the games i want to play online? Guess its time to join X Box live!

Thanks to those who gave us homebrew and CFW 3.55.

[AlexDC22]

I only play a handful of games online, MW2 and Black ops, the rest are for playing at home and letting the kids have a go.

Thanks to homebrew ill never have to worry about a scratched disc again, and there and hundreds of games I can play with CFW 3.55.

What have I lost? PSN. Well sod you sony, im happy to keep my CFW 3.55, have all my game back ups and never have to worry about scratched discs again. Ill also get to enjoy some fantastic homebrew.

And for the games i want to play online? Guess its time to join X Box live!

Thanks to those who gave us homebrew and CFW 3.55.

I couldnt agree more, as i have 4 kids and i do understand what you mean

alsowill newer games require the newer firmware? thats my worry right there, i could care less for psn, but i do care about playing newer games that are only available on the ps3.
So i ask, will newer games require you to upgrade and or bring the upgraded OFW in the discs?

Thanks

[tonybologna]

I think the news of remote code execution shows Sony's #1 goal is to stop CFW on PSN. They aren't interested in stopping people from playing pirated games from the console itself. They will leave that to the anti-p2p companies but we all know that's a joke.

They just want to keep gamers from playing pirated copies of games on PSN. If they can get that done I believe Sony would consider that a success coming from this hack. I do believe they're far less worried about gamers playing homebrew than pirated games.

I knew Sony would throw a monkey wrench into this fire and they have! I could care less about PSN access myself. I don't play games online. I'm a single player guru! As long as I can have my homebrew offline I'm happy!