PS3 hacking start-to-finish – CCC

Well it looks like the Play Station 3 is finally and definitively cracked. FailOverflow’s Chaos Communications Congress talk on console security revealed that, thanks to a flaw on Sony’s part, they were able to acquire the private keys for the PS3. These keys can be used to sign your own code, making it every bit as valid (to the machine anyway) as a disk licensed by the media giant. We’ve embedded the three-part video of the talk, which we watched in its entirety with delight. We especially enjoy their reasoning that Sony brought this upon themselves by pulling OtherOS support.

We remember seeing a talk years back about how the original Xbox security was hacked. We looked and looked but couldn’t dig up the link. If you know what we’re talking about, leave the goods with your comment.

[Thanks BoBeR182 via The Register]

Comments

  1. marcan says:

    I have no clue what @xorpunk is smoking, but I’m not a PSGroove developer and I’ve never touched a single line of PSGroove/PSFreedom/PL3 payload code nor have I ever even run them on my PS3, except one time when I was instrumenting GameOS hypercalls to try to figure out how to make the drive work under AsbestOS/Linux (to read e.g. Linux install DVDs, I don’t care about Blu-Ray game authentication). I’ve certainly never worked even the slightest on any kind of warez (oh, sorry, “backup”) launcher for any system. The only PS3 project I’ve ever worked on besides the recent 27c3 developments is AsbestOS (and I’m the sole developer of AsbestOS so far).

    Also, you’re way off base with Wii Linux. Like, *completely* off base. The Wii is a PowerPC processor, and Linux runs great on it and its drivers perform better than native game/IOS drivers. What’s missing is a proper 3D graphics driver, but that’s missing on the PS3 too, and it’s a hard problem to solve. You’re completely confusing that with Mini, which is a support firmware running on the ARM Starlet which was partially developed to support Linux on the PowerPC, and which works *with* (and actually bootloads) Linux on the Wii.

    You’re also completely off base with the PS3. You can use AsbestOS to boot graphical Linux meeting and exceeding the capabilities of OtherOS *today* (over a month ago, really), and people have done so. AsbestOS is a bootloader that can boot a full-blown Linux kernel better than OtherOS can (heck, it’s a lot smarter and actually supports proper Linux boot standards). I just haven’t demoed a windowing system because the whole thing isn’t quite user-friendly enough for me to bother working on that part yet, but other people have done so (this will get better soon since during 27C3 I added support for HDD booting and a FAT filesystem for the boot partition, so it no longer requires network boot). Again, you’re confusing support software/bootloader (AsbestOS) with the actual Linux kernel that gets booted afterwards and which is every bit as capable as any other Linux kernel.

    So please get a clue before posting nonsense. This whole PS3 story is already being misrepresented enough already, we don’t need people completely misreporting the state of Linux on these platforms too.

    On another note, people keep forgetting that THE PS3 WAS CLOSED WHEN THE SLIM WAS RELEASED WITHOUT LINUX, which was BEFORE the Geohot exploit and the reason for it. I’m getting tired of repeatedly reminding people of this. Pulling OtherOS on the Fat was a dick move and pissed a lot of people off, but the root cause of this whole ordeal was artificially disabling OtherOS on the Slim for no good reason. Sony started this entirely out of their own volition, and none of this would have happened had they retained Linux support on the Slim.

    Reminder: all currently manufactured PS3s are PERMANENTLY broken. Sonny CANNOT fix this because they CANNOT revoke older firmware the way Microsoft can blow eFUSEs on the 360. Every single PS3 out there is now permanently hackable via a NAND/NOR writer (or modchip, or whatever). Period. This isn’t just another hole to patch, this is “current PS3s are now just as permanently modchippable as PS2s were” and “even in newer units they’re going to have a HARD time fixing it”.

  2. Timmah says:

    this is cool, and these hackers are smart, but before you give them too much props at their “skillz” , it’s necessary to recall that the USB exploit (IIRC) came into being ultimately from leaked sony apps ( if I’m confused, then it was another key advancement in this hack ). I dont think they would have been able to root the system without a sony employee leaking trade secrets. In the end, we got (or are supposed to get ) linux, so that’s great, but technically their tech security was tight enough to keep hackers at bay (other than geohot’s glitching ) but the real compromise came from an internal leak. ie: a people-breach, not a tech breach.

  3. cantido says:

    >>Until then, you’re just plain
    >>insulting people you dont even
    >>know based on why _you_ would do it.

    Xorpunk seems to be under the impression that everything is done for piracy. If you read any paper into why people do open source work etc it’s A: They are being paid or B: they do it for “respect”, “fame” etc.. I think the reasoning here is very much towards the B. Other people i.e. PSJailbreak would be towards A.

    >>And btw, a lot of scientists,
    >>hell even the US gov,
    >>bought a lot of PS3 because
    >>it’s a cheap computing unit,

    Do you have anything to back that up? I’d say that’d be a really silly business decision. Can you imagine saying to your boss.. “Ok, so what we’re going to do is buy a ton of systems that are closed, amazingly proprietary, have zero support from the vendor for our application..”
    I’d be surprised if the “US Gov” bought PS3’s in huge numbers considering all the different loop holes vendors have to go through to get the government over there to use their kit.

  4. Volfram says:

    @cantido RE: “Do you have anything to back that up? ”

    What rock were you hiding under when the USAF using a set of PS3s as a processing cluster was plastered all over the news? The Airforce Research Lab(AFRL) has(had, anyway) 1,760 PS3 units networked together,(http://www.wpafb.af.mil/news/story.asp?id=123231285) and I know at least one big-name university had a cluster of PS3s which, among other things, were running Folding@Home under Yellowdog Linux.

    Please come back when you’ve located half a clue as to what you’re talking about, or go troll somewhere more worth your while.

  5. cantido says:

    @Pete

    >>such as the iPhone in regards to lockdowns

    The iPhone etc are just a little bit special I would say. The main problem there is that the system has a single entry point for software which is controlled by Apple and the problem is that they change their minds every other day on what is acceptable and what is not. Vote with your money, buy Android instead. In any case if you want to run third party code on your iPhone you can.. get yourself a $50 developer license.

    >> will be on pcs in the not too distant future.

    You’re thinking of Trusted Computing I guess.. the only machines that ship with it built in? Apple X86 machines.

    >>It’s you device.

    In the case of mobile phone.. No, usually it isn’t yours. Usually it is loaned to you through a set of carefully selected contract stipulations.

    >>You should be able to run what you like on it.

    When you turned your device on and didn’t read the first use EULA you probably missed the part that said “contrary to common sense, no you can’t do what you like.. you will do as you are told”. Why companies are allowed to get away with this shit is a total mystery,..

    >>Imagine a pc where you can’t install
    >>Linux because only

    The PC is an open platform, with standards etc.. unless a specific vendor decides to make their X86 PC’s proprietary (Again, Apple) it won’t happen.

    >>This kind of hacking sends a message
    >>to these companies that they either work
    >>with us (so token Linux support)

    Or just buy hardware that is already supported? Why does everyone think they have a right to Linux? Considering how bad some drivers etc are the most popular Linux archs .. i386 and amd64.. why would you want Linux on anything else other than “for shits and giggles”. I have run “Linux” on Amiga m68k, Hitachi H8, Hitachi SuperH, Amiga PowerPC, Mac PowerPC, Xilinx Microblaze, SPARC, UltraSPARC.. most of these have like 1 active developer and maybe some token vendor support.. after the initial “wow it runs the Linux” you will soon notice that it is a toy and nothing more.
    And why not NetBSD? Why does it have to be Linux?

    ** Sony subsidise their hardware, they have no interest in subsidising hardware for people that aren’t going to buy their licensed software. **

    >>or we will find a way around them
    >>and it’ll be worse for them in the
    >>long run.

    No it won’t. Unless you generate billions in revenue for Sony they literally do not give a shit what you think. How many people cared about Linux on the PS3.. not enough for Sony to bother keeping their official support around. If you’re trying to argue that “If we don’t get Linux we hack the consoles which allows piracy too”.. again that doesn’t hold up to interrogation. If Linux didn’t exist there would still be people producing hacked xbox 360 drive firmware, the PSJailbreak would have still happened.

    In my opinion the scene before this whole “ethical hacking/I’m a security researcher” was better anyhow. Where are the cracktros?

  6. cantido says:

    @Volfram

    “1,760 PS3″

    So even the DoD isn’t a huge PS3 Linux user..

    And when I meant the “US Gov” I meant as desktops etc.. That DoD project is a research project and no where does it say that those PS3s are consumer units.

    “Please come back when you’ve located half a clue as to what you’re talking about, or go troll somewhere more worth your while.”

    So far you have brought up evidence for 2k PS3s in the wild running Linux. Is that more than 0.0000001% of all the PS3s shipped?

  7. cantido says:

    @marcan

    >>What’s missing is a proper 3D graphics driver

    Does it even have 2D acceleration in Xorg yet?

    >>but that’s missing on the PS3 too,
    >>and it’s a hard problem to solve.

    At least with the PS3 it isn’t much of a moving target. If someone comes along and writes a driver it’s not like it will need updating every few months to support new boards like the open nvidia and ati drivers..

    >>full-blown Linux kernel better

    You mean one that isn’t sitting on top of the hypervisor? Does it really make that much difference?

    >>I just haven’t demoed a windowing system

    Are you working on getting Xorg support upstream? Or is it going to be a patch set that works against one version of Xorg only to be abandoned when the few active developers aren’t interested anymore?

    Is there going to be a VA-API driver??

  8. marcan says:

    Xorg works fine with the framebuffer driver. I’ve talked with the Nouveau guys about how to best map their work (mostly the nouveau userland side) to work on top of the Lv1 hypervisor interface (which is mostly what would normally be implemented in the kernel). There will be a few limitations but if I’m not mistaken it should be possible to reuse most if not all of nouveau’s 3D support. This will take time, though, we haven’t even started yet.

    The PS3 does not support hardware video decoding. Video decoders work great on the SPUs but that has nothing to do with the video card. I’m sure someone will accelerate e.g. H.264 decoding with the SPUs at some point if it hasn’t happened already.

    AsbestOS also works on top of Lv1, but it’s better than GameOS because it runs with 3D enabled, it can access the entire hard drive raw (no encryption or partitioning bullshit; I copied Linux onto my PS3’s HDD for the demo using a bog-standard USB to SATA converter and fdisk), it supports Linux boot standards (devtree etc.), it supports ramdisks (OtherOS needs an intermediate Linux-based bootloader for that), it supports netbooting, and it gives you access to the seventh SPE (17% more SPU processing power).

  9. Osgeld says:

    oh btw cantido I cant get a X86 box to run PS3 game titles while doing everything else as a tri core 3ghz ppc and a geforce 8 1080 P and bluray, that is damn near silent (seriously have you heard one of these machines, the bluray drive makes more noise than anything) for less than 199$

    seriously dude, your digging a hole to china, with made up stats and opinions

    its damn near the same tactic sony uses, “WELL game X is a complete pile of shit and cost a fuckton of money, it HAS to be PIRACY !!!”

    whatever, like on my PSP, there honestly is not enough games worth playing to justify the console’s price, sony blames piracy, I blame nothing better to do with a 300$ doorstop

    meanwhile my DS is 100X easier to hack but still sells a shitton of software, wonder why (maybe cause its not garbage)

  10. Osgeld says:

    instead of 300$ I meant 200$, finger hit the wrong large button =)

  11. cantido says:

    @osgeld

    >>tri core 3ghz ppc

    The PS3 isn’t a tri-core PPC core.. it’s a single PPC with co-processors isn’t it? Has anyone written any homebrew that uses the co-processors??
    The XBOX 360 is a tri-core PowerPC design yes.. what core is it though? PPC is essentially dead on the desktop.. everything that is around i.e. the “Next Gen” Amiga stuff/Industrial machines are based on older stuff around the G2 PPC era and don’t have Altivec etc. Note that Sony is/has buying the fab that makes the Cell processors back from Toshiba.. so the only people using those chips on any scale is Sony. Sony heavily subsidise the PS3, hence it looks like an “amazing deal(tm)” and hence they will do everything in they can to protect their revenue stream.

    >> and a geforce 8 1080 P and bluray,

    I can play 1080P bluray rips on my Atom machine.. ION has VA-API support… the board costs around $100. Full VESA mountable machines can be had for $250 I think. I run Debian on it. I wanted to run Linux, so I bought a machine that could run Linux, I wouldn’t buy a console and get all upset that I couldn’t use it as a computer.

    >>that is damn near silent

    Really? The original PS3 was noisy as hell and the XBOX360 isn’t much better. The slim I haven’t seen. Let’s forget all the reliability issues.

    >>hole to china

    Well, it’s not that far from Japan..
    Anyhow, yes, I am pulling stats out of the air.. these are informed guesses though. Check the Debian popcon stats for PPC. There aren’t an awful lot of machines running Debian PPC these days.
    What are all the hacked Wii’s, XBOX360’s and PS3’s running? Fedora have dropped PPC builds.. what are all these machines running?

    >>“WELL game X is a complete pile
    >>of shit and cost a fuckton of
    >>money, it HAS to be PIRACY !!!”

    We all know the piracy stuff is a total pile of shit. We all know if Sony were losing real money over it they wouldn’t bother bringing out new hardware but they are.. so it can’t be that bad can it? Saying that hacks like this only happen because people want Linux support is also total garbage. There has been piracy since the days of the Sinclair, Commodore 64, Amiga.. and there’s going to be piracy as long as security systems can still be broken and make a profit. These guys apparently did all this work to run Linux, which is great, nice work, but saying it wouldn’t have happened otherwise is just silly. Personally I think it’s fairly insulting to the warez release groups.

    >whatever, like on my PSP,

    Which is hacked.. but can’t really run real Linux because it doesn’t have an MMU. But hacks only happen to run Linux right? Oh.

    >>there honestly is not enough
    >>games worth playing to justify
    >>the console’s price,

    When a new games console comes out these days the vendor doesn’t make any profit on the hardware. The hardware is heavily subsidised and the vendor makes their profits by being to sole way of entry onto that platform.

    >>sony blames piracy, I blame
    >>nothing better to do with a 300$ doorstop

    They blame piracy for what? They removed a feature they didn’t want to bother supporting. Geohot’s work might have pushed them in that direction.

    >>meanwhile my DS is 100X easier to hack

    Again, it’s hacked and it doesn’t really run a useful Linux (again no MMU). So why was it hacked?
    Dark Fader, the guy that did the first hack IIRC, actually comes here.. maybe he could tell us?

    >>but still sells a shitton of software,
    >>wonder why (maybe cause its not garbage)

    Well, the DS was pretty underpowered at release, just like the Wii. It has titles people want and that’s partly down to Nintendo’s strict licensing/quality control. I.e. they won’t allow you to release games on their platforms unless they give you the ok (you can dig up the compliance docs for a SNES game on the interwebs). Which ironically is again linked to their anti-piracy/anti-third party systems.

    Maybe if all the warez release groups didn’t get busted this would have happened sooner? Call our boards!

  12. cantido says:

    @osgeld

    Here are some stats;

    PS3 41.6 million (as of September 30, 2010)
    Wii 75.90 million (as of September 30, 2010)
    XBOX360 44.6 million (as of September 30, 2010)
    + Millions of PPC generation Macs…

    That’s a lot of PPC machines out there… The Wii has apparently been capable of running LinuxPPC for a long time.

    Number of Debian popcon submissions from PPC + PPC64 machines this month less than 1000 vs over 60,000 for i386+amd64 [Source: http://popcon.debian.org/%5D. Little Endian ARM is also around the ~1500 submissions mark. Looking at the graphs there has been no growth in PPC submissions for 3 years. One would have expected at least some of those 75 million Wii’s running Etch/Lenny based distro’s to have had popcon installed…

  13. xorpunk says:

    @marcan: GitHub and ridiculous amount of twitter posts by other PSGroove devs say otherwise..maybe they imagined you helping and thanked you ^^

    I challenge you to link to even a single source where owners of the consoles you mentioned can get Linux that is more than a stripped down shell and kernel with a half working UI server..

    **Also like I mentioned: time stamps on any source you care to link to more than reinforce my statements**

  14. Dizzey says:

    @cantido
    there is not a huge market for cell development stations that is why they are expensive as hell.
    I know alot of cs undergrades that bougth the ps3 soley for learning to program the cell cpu in linux.

    why
    cell stations are expensive but the cell is not that uncommon for scientific calculations.

    And having the possibility learn the cell does give you a edge in the work market latter.

    Some of them got their jobs thanks to be able to get a hold of cheap cell stations.

  15. iZsh says:

    > Saying that hacks like this only happen because people want Linux support is also total garbage. There has been piracy since the days of the Sinclair, Commodore 64, Amiga.. and there’s going to be piracy as long as security systems can still be broken and make a profit

    You also have to remember that “cracking” is usually the first entry at learning reverse engineering for a lot of people (sure, not all of them). Not to be an ass, but most people working for warez group are in their infancy (skills wise), they usually start with serial patches, then move to keygen then games. cracking securom,safedisc is not hard, it’s harder than most serial keygens sure, but this is far from being that hard.
    Hacking embedded devices/consoles require more experience and skills. And the point being made is that people with the skills to pull it off _fast_ usually dont work in the wz scene.

  16. Volfram says:

    @cantido

    2k PS3s is an ENORMOUS number, and you’ve again demonstrated that you haven’t done your research, as they are indeed consumer models, paid for at the “around $600″ price point. The Air Force was publicly complaining that Sony wouldn’t cut them some sort of discount for bulk purchases/defense purchases/publicity.

    Seriously, this is common knowledge. You’re either the most uninformed person I’ve ever seen, or you’re deliberately falsifying your statements. Nobody here’s fooled anymore.

  17. cantido says:

    @Volfram

    >>2k PS3s is an ENORMOUS number

    For who? Not for Sony obviously.. 2k PS3’s out of 40 million.. pissing in the breeze. If two million people were actively using the OtherOS function they may have cared about it. I think this is very much a “vocal minority” thing though.

    >as they are indeed consumer models,

    I actually looked this up and I couldn’t find anything that gave many actual specifics on what the units were.. you would have thought that the DoD would have at least tried to get development units. Also, why are the DoD importing Japanese hardware? Why didn’t they talk to IBM directly? Sounds very much like publicity grabbing to me.

    >publicly complaining that Sony wouldn’t
    >cut them some sort of discount for bulk

    Wow.. you realise I said “a bad business decision” and you just backed that up. So they made a bad decision and bought a load of machines the vendor basically didn’t want to sell them (Sony lost money on those units). Now they have a 2K machines that they can’t update.. No PSN for the boys at the DoD.

    >>You’re either the most uninformed
    >>person I’ve ever seen

    So I didn’t read some detail-less press releases about some supposed cluster of 2K machines that actually makes no difference to the key point I have been making .. “The PS3 was a prime target to be hacked, even if OtherOS was still on the fat and Sony shipped it on the slim PS3 it would have been eventually hacked.. recent discovers have lead to this happening not some huge spurt in motivation because nasty Sony took away some feature 3 people were using”.

  18. cantido says:

    @Dizzey

    >>I know alot of cs undergrades
    >>that bougth the ps3 soley for
    >>learning to program the cell cpu in linux.

    I can totally get that. If you bought a console with that purpose in mind you just don’t update it. You have to be able to see Sony’s point of view to though. They have sold millions of units, maybe a few thousand have gone to people as you have described. Does it really make any difference to Sony to cut those few thousand people off.

    >>cell is not that uncommon for
    >>scientific calculations.

    You would have hoped that IBM/Toshiba/Sony would have got a university scheme together to get Cell hardware out there.. As I said in a previous post though; Sony is buying or has bought the Cell fab back from Toshiba [http://www.reghardware.com/2010/12/24/sony_toshiba_cell_chip_plant_deal/]. Cell is obviously important to Sony and not important enough to Toshiba for them to have a stake..

    >>Some of them got their jobs
    >>thanks to be able to get a
    >>hold of cheap cell stations.

    Which is a lovely story. But what is in it for Sony? Why should they be paying someone’s salary to look after OtherOS? When you guys are all running multi-billion dollar corporations I hope you’re all as “ethical” as you make out.

  19. cantido says:

    >Not to be an ass, but most people
    >working for warez group are in their
    >infancy (skills wise),

    Well, piracy is pretty watered down these days isn’t it. I blame bittorrent. There were some pretty skilled guys back in the day cracking Speccy speed loaders. PSX was cracked by a warez guy IIRC (he sold the solution to the highest bidder), Dreamcast was cracked by Utopia IIRC, PS2 was cracked by Paradox… The later hacks for the PSP came from information of “dubious legality” right?

    >>Hacking embedded devices/consoles
    >>require more experience and skills.

    But warez groups and grey companies like Datel do reverse engineer consoles. Which is what I was arguing. Even if Sony had left the OtherOS feature in, allowed it complete access to the hardware, and ported it to the Slim someone would have come along with hacks anyway. Fair enough you guys aren’t doing it for piracy, but you really really can’t argue that piracy doesn’t happen on open platforms because it plainly does ask any Android developer.

    >> _fast_ usually dont work in the wz scene.

    So why did the PSJailbreak just pop up out of no where? It’s a warez enabler, nothing more, nothing less.. there’s nothing ethical about it.

    Basically just tell that guy that inserts his “if we had access there would be no piracy slides” not to bother and everything is fine.

  20. xorpunk says:

    @iZsh: It went from bell analog switches(toll fraud) to emulating sector and ROM obfuscations..this was before 0.99 was even a thought and GNU tools were on a M.I.T. BBS unknown to most ^^

    Good luck getting your point across though..these guys have their names associated with something that makes consumers happy, so naturally people who have no clue about RCE or the technology are going to say things that comply with common sense are wrong to keep their gravy train running strong..

    *****
    You really want to see how much BS this Linux thing is..wait a year when it’ll still be what it is now..

    I’m also waiting for links to where I can get an actual Linux system for any of these consoles that were hacked to get Linux on them…MARCAN ^^**

  21. xorpunk says:

    BTW I’m a former engineer for a game studio that got cut from a major publisher because piracy(with numbers to prove it) tanked our products. This was 8 years ago, and it didn’t even have a DRM to tempt scene teams..

  22. Anonymous says:

    This is very cool… But when will the next generation of consoles come out?

  23. marcan says:

    @xorpunk

    You can run a full-blown Ubuntu/Xubuntu on the PS3. Again, please stop spouting nonsense, especially if you’re too lazy to google it first.

    I challenge you to find a single commit by me to any of the psgroove/psjailbreak/PL3/whatever github repos.

  24. xorpunk says:

    @cantido: Go reverse a GCR protection(days of 8bit) without docs, and then try a commercial ISO protector that’s got sector-based keygens unlocking RC4 encypted VM EPs and tables that hide 10+ anti-debugs and timing threads, then tell us what today’s scene doesn’t have. That’s half the specs of a 2006 protector, now VM threads decrypt the next VM EP and buffer+some..most people in today’s scene can’t do ISO protectors though ^^

    @marcan: If an October 20th blog entry by you, and a lot of forums saying you can hack frame buffer xorg into some modified partial distros is Linux I guess you’re right..good luck getting that to work with at least 90% of the demographic(PS3 owners) you’re pitching it to ;)

    Also you and you’re friends are wrong, all SCE has to do is update lv0 which uses the isolated ROM DMA that your revoke overflow can’t access because of hashing LS(which you say doesn’t exist on PS3), and they can kill pretty much anything you care to mention, and still use old keys ^^

    Also there were ways in through leveraging heap spray in lv2 way before geohot even touched the PS3..there were talented people around prior, they just weren’t spamming twitter with narcissistic riddles..

    Also I noticed your name magically disappeared from the 2010-10-14 PSGroove commits..nice PR..your name is still plastered all over twitter accounts for it though, and the marcan tag on psgroove blog brings up a cornucopia of interesting entries.

    But you’re famous, no question about it, have fun in the arms race with SCE xD

  25. linux15love says:

    xorpunk,
    I feel sorry for you man,
    but u got to move on – take your skills and make a game for linux.
    Why waste your energy ragging on people that did something for the world.
    Dust yourself off and make a great game for linux – that would be something you could be proud of instead of the negativity/hate you are dumping here.

    Peace Love Linux,xorpunk.

  26. hans says:

    xorpunk: I have only one simple question. Who is paying for your psyop lie spreading here?

  27. Volfram says:

    I’m pretty sure cantido’s trolling us. Let’s ignore him and see if he goes away.

    @xorpunk: I’m sorry to hear that you were on a project which folded due to piracy. If you’ll listen more closely to what the presenters are saying, however, you will note that they didn’t say “Piracy isn’t going to happen on the PS3.” They didn’t say anything even remotely close to that.

    What they said was “We aren’t trying to do this for the sake of piracy, but please recognize that piracy is an unfortunate side-effect of the work we are doing.”

    Are their goals altruistic? Probably not. Are they as malevolent as you are making them out to be? No, they are not.

  28. xorpunk says:

    @hans:What exactly is a lie? It takes like 10 minutes(quite literally) of web browsing to see what I see..

    @linux15love & Volfram: Just an FYI..The beta tools they just released allow total compromise of PS3 DRM with the edition of maybe 4 bytes worth of patches in well published lv2 syscalls..

    What is more is you don’t even need to be a programmer or warez cracker to do this, the tools and by referencing PSGroove patches you can just let software do it for you..then you just load a pup with your custom PKG->SELF suit and you can say high to playing any game including GT5 from backup..

    Now go take a look at what is available to end users as far as Linux or Homebrew goes and THEN call what I’m saying BS..

  29. iZsh says:

    @xorpunk: either provide real proofs (that you won’t find anyway because marcan never worked for psgroove) or STFU. What you are doing is called defamation…
    Or maybe you should learn how to read, because whatever you found, you apparently read it wrong.

    I read the other day on the internet we have a vaccin for cancer, or was it 10y ago, heh, I can’t recall, but I read it, so it must be true…

  30. Volfram says:

    @xorpunk

    I’m not saying you’re lying, just that I think you’re misinterpreting something. Sure, there’s no homebrew now, and all of the Linux projects were shut down when OtherOS was pulled, but that doesn’t mean it won’t change. The system has only just been opened, wait a year(six months, if it’s as easy to implement as you say) and see what happens. Unless you’re currently on a dev. team for future PS3 releases, anything that comes from this won’t be directly harming you.(Indirectly, piracy hurts everyone. That’s why the PSP homebrew community tended to flame anyone who talked about it into oblivion.)

    Fail0verflow said that piracy wasn’t their objective, it was an unfortunate side-effect of their objective. I would tend to agree with that assessment. They never said that their work would not lead to piracy. In fact, they said “Yeah, and now we’re going to get PS3 piracy, but that’s not what we want.” Fail0verflow recognizes that piracy hurts the companies that make the hardware and software that they like to play with. They aren’t happy about it.

  31. xorpunk says:

    Just use marcan tag on psgroove or search psgroove dev twitter entries:ex:mathieulh(google doesn’t crawl those..)

    If you can’t do that then you have no merit to be calling people liars, because you can’t take the initiative to find out for yourself, and are only going by popular opinion..

    **
    BTW you guys do know that none of the tools they’ve published can be used for Linux..right? The only entry point is self signed PUP containing re-packed SELF binaries in core-os pkg, or other overflows, and that overwrites just enough that you either have to totally rewrite SCE FW, or distribute a lot of it with your patched or rewritten PUP->SELF..

    Under what logic is what I’m saying the BS? >>What they published can be used for nothing BUT piracy..<<
    **

  32. iZsh says:

    @xorpunk: I have merits to call you a liar. I’m a member of fail0verflow, so I know way more than you about marcan and the group’s philosophy.
    And why exactly would you want to search for “mathieulh” in the psgroove dev twitter’s account? You do realize that marcan != mathieulh and that mathieulh is NOT a fail0verflow member, right? Hell, most of us don’t like him at all to say the least (I also saw he released the APP key, the key our group didn’t want to release for obvious reasons, as stated during the talk).

    As for the tools released, watch the demo from the lightning talk, (and the real presentation) and you’ll understand why it is not ready for prime time…

    Anyway, you’re apparently just a troll. So I’ll stop to feed it here.

  33. chippy says:

    “xorpunk: BTW I’m a former engineer for a game studio that got cut from a major publisher because piracy(with numbers to prove it) tanked our products. This was 8 years ago, and it didn’t even have a DRM to tempt scene teams..”

    People doing copyright infringement with your game doesn’t mean you lost sales. Look at World of Goo they reported only 10% of people paid (search online for kotaku article) yet they came out ahead (the game studio.)

    Also seeing first hand how a major publishers yank smaller game studios, I wouldn’t be surprised they had skewed numbers backing up X for making business decisions Y.

  34. xorpunk says:

    @chippy:Spend at least 3 million USD developing and publishing an AAA game, and then watch it get distributed on the internet for free by at least 10k users, *THEN* enlighten us with your economical wizdom..

    @iZsh:How am I a troll for stating the obvious?

    Your tools require core-os-pkg which requires SCE code, which will obviously be of little use to the linux community because of DMCA.

    Unless it’s used via Payload..which defeats the purposed of most of your tools..

    It’s already being used for CFW patched for mounting disks and content as authenticated though..

    Keep calling anyone who goes against the social grain a “troll” though, your herd of consumers got the numbers on us obviously..

  35. chippy says:

    xorpunk “Spend at least 3 million USD developing and publishing an AAA game, and then watch it get distributed on the internet for free by at least 10k users, *THEN* enlighten us with your economical wizdom..”

    Big budget commercial games (AAA) are way past multiples of 3 million. I get the impression you were working for a small game studio that got yanked around. Care to name the original AAA game you worked on?

  36. xorpunk says:

    @chippy: since I was one of ~38 people who worked on it, I’d rather not. The studio sold out to a bigger studio long ago. Not all AAA titles cost 45-350 million..

    It costs like 1.3/5 of each PS3 unit sale just to get it sold on retailer shelves, then you have at least a dozen or more licensing and rating fees, cheapest is like 20k USD per title.

    The ratio for pirated users to licensed users in games these days is overwhelming, but of course outside server stats for MP>pirated download the census isn’t possible.

    Go write one, or make one of these consoles, and then see it not cover it’s cost in the return, or any potential content creators turns their backs, then defend people who humbly publish tools that allow end-users to rip your content and little else.

    What really adds foundation to my side of the argument is that the Linux community can’t use these tools because of DMCA. That is unless they write firmware from scratch and load it in a rewritten lv0; which you won’t see anytime soon for multiple reasons.

    **
    It’s trivial to call critics “troll” when you have all communities involved blindly supporting you, not because of real logical or moral reasons, but for social ones like greed and desperate righteousness…nothing they say will hold any ground in such a frenzy.

    I’m also not jealous of someone who published PKI keys and a buffer overflow for a game console. There are more complex things getting vulns published for them almost weekly..I could write a fuzzer and jump on the bandwagon tomorrow if I wanted..
    **

  37. cantido says:

    @xorpunk

    Well, aside from technical skills the “scene” did use to have lots of insiders. If you can get someone on the inside to get you dev materials you are halfway there.. and I’m pretty sure someone is going to leak those for money rather than some Richard Stallman-like belief in software freedoms. ;)

    @Volfram

    Sorry, was away doing other stuff… You just never seemed to grasp that OtherOS was insignificant. If it was a major thing more people would have tried to sue Sony. They didn’t. Even if OtherOS was still there devices like the PSJailbreak would have happened. And I really don’t blame Sony for not giving a shit about it.

    Failoverflow seem to think that they were the only ones in the running for this hack, yet it all stems from what other people discovered i.e. the PSJailbreak which has nothing what so ever to do with “ethical hacking”.

    @xorpunk

    >>I could write a fuzzer and jump
    >>on the bandwagon tomorrow if I wanted..

    150% Agree with you. Sony’s protection survived for 4 years! How is that a “fail overflow” in today’s environment? If these guys had got all the public keys out of the console before it’s release and done it without the major leaps in progress made by others they would have right to be all smug about it.. but it took 4 years!

  38. Paulie Walnuts says:

    @xorpunk

    LOL, you fanboy – you really dont know what the fuck you are talking about

  39. Volfram says:

    @cantido

    Well, there just aren’t that many people living in Japan right now, are there? And the population is on a decline, too. I guess by your logic, there’s nothing wrong with using the Island Nation as a test site for biological and nuclear weapons. After all, what’s a couple million people? They’re insignificant compared to the 7 billion more that live elsewhere.

    Sony chose to remove OtherOS partly as an example. It was a feature few(by their numbers, nevermind that the office building I work in is full, and it has fewer than 2000 workstations including the reserve machines) customers used, so complaints were likely to be insignificant.

    It was an experiment. If they could get rid of OtherOS, they could get away with removing any feature they want from any product they make, retroactively. From a legal standpoint, they got away with it. When the Playstation 4 comes out, they’re going to remotely disable every single PS3 they can touch. If they catch a user watching un-approved Blue-Ray movies on one of their players, they’re going to remotely disable that player. If Sony decides they don’t like a particular movie studio, you will no longer be able to use Sony hardware to view movies made by that studio.

  40. xorpunk says:

    @Walnuts:tame down troll..what am I suppose to be a fan of?

    I made legit comments here, they just don’t comply with hipster and greedy consumer ideals..

    @cantido: SecuRom and Starforce are just VM protectors with a lot of tricks and keygenned crypto. They just take a while to reverse, you are probably right about insiders though.

    Also geohot wasn’t the first to get code execution on the PS3, he wouldn’t even know about ‘oracles’ if someone else didn’t show him IBM docs for LS mailboxes.

    This is a lost cause though, this will be my last comment. I’m not going to argue with these idiots who only know what they see on websites..

    I’ll remember I ‘hate Linux’ next time a commit a patch for it..

  41. hai says:

    Thank you graf_chokolo for unlocking Linux on the Ps3!!! Not only unlocking it but accessing the hardware via the Hypervisor because you can reverse engineer!

    Thank you for releasing a VRAM/FLASH/HDD Driver update with your kernel! I cant wait to turn on my Ps3 Slim or Phat to see all these penguins during startup!
    http://i54.tinypic.com/20jrdqw.jpg

    Who knew linux would come this fast full force to the ps3!!! best of all his kernel can be used with AsbestOS!!!! Double bonus!

    Yay for having smart people who are able to program and reverse engineer (not make fail AAA games that get pirated after for a reason)

    Hurry up RSX Driver.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 92,123 other followers