L ß - PSX Scene

More documents

Recommendations

Info

Case3:11-cv-00167-SI Document4 Filed01/11/11 Page272 of 282 Personally, I think explaining things first, then a few days later releasing tools, is better than just dumping keys on the world and keeping how you got them a secret. 1/10/2011 Slashdot marcansoft (11) Comment: Re:Same private key? (Score 5, Informative) by marcansoft on Monday January 03, @07:00PM (#34749208) Attached to: PS3 Root Key Found We (fail0verflow) discovered and released two things: Comments: 374 An exploit in the revocation list parsing, enabling us to dump a bunch of loaders, and thus their decryption keys A humongous screwup by Sony, enabling us to calculate their private signing keys for all of those loaders, and thus sign anything to be loaded by those loaders We used these techniques to obtain encryption, public, and private keys for lv2ldr, isoldr, the spp verifier, the pkg verifier, and the revocation lists themselves. We could've obtained appldr, (the loader used to load games and apps), but chose not to, since we are not interested in app-level stuff and that just helps piracy. We didn't have lv1ldr, but due to the way lv1 works, we could gain control of it early in the boot process through isoldr, so effectively we also had lv1 control. With these keys we could decrypt firmware and sign our own firmware. And since the revocation is useless and the lame "anti-downgrade" protection is also easily bypassed, this already enables hardware-based hacks and downgrades forever. Basically, homebrew/Linux on every currently manufactured PS3, through software means now, and through hardware means (flasher/modchip) forever, regardless of what Sony tries to do with future firmwares. The root of all of the aforementioned loaders is metldr, which remained elusive. Then Geohot announced that he had broken into metldr (with an exploit, analogous to the way we exploited lv2ldr to get its keys) and was thus able to apply our techniques one level higher in the loader chain. He has released the metldr keyset (with the private key calculated using our attack), but not the exploit method that he used. The metldr key does break the console's security even more (especially with respect to newer, future firmwares - and thus also piracy of newer games), and also makes some things require less workarounds. Geohot clearly did a good job finding an exploit in it, but considering a) he used our key recovery attack verbatim, and b) he found his exploit right after our talk, so he was clearly inspired by something we said when we explained ours, I think we deserve a little more credit than we're getting for this latest bit of news. There's still bootldr and lv0, which are used at the earliest point during the PS3 boot process. These remain secure, but likely mean little for the PS3 security at this stage. Comment: Re:Exactly (Score 5, Informative) Comments: 374 http://slashdot.org/~marcansoft 4/6
1/10/2011 Case3:11-cv-00167-SI Document4 Slashdot marcansoft Filed01/11/11 (11) Page273 of 282 by marcansoft on Monday January 03, @06:56PM (#34749184) Attached to: PS3 Root Key Found For the record, that wasn't there initially. We had to complain to him to get him to add that. Last Week Week of January 3 Comment: Re:Rich protecting themselves (Score 1) by marcansoft on Sunday January 02, @09:03PM (#34740728) Attached to: Online Impersonations Now Illegal In California Comments: 217 Sad but true. No matter what the law says, getting protected as mere users is near impossible. Unless you're willing to go through a costly legal battle, no one cares. A few days ago we presented ourselves as a hacker group at the 27th Chaos Communication Congress, presenting PS3 hacks, and now we have a YouTube account squater/scammer asking for donations in our name. I've tried YouTube impersonation reports, but apparently I'm "providing insufficient information" (duh, you get 300 characters to explain everything). I've tried YouTube Legal, received no response so far. I've tried getting people to flag the videos as a scam, but that doesn't work. I'm not even going to try PayPal; I've dealt with them before and they don't care. This whole thing reminds me of my run-ins with scammers back when I was actively developing Wii homebrew stuff. The payment processors (ClickBank, Plimus, PayPal, and co.) don't care. They'll happily take people's money and hand it over to scammers, keeping a percentage, of course, even if what is being sold is a scam or illegal. If you're a small consumer or producer, companies don't give a rat's ass about you. They'll only listen if they know you have the power and lawyers to actually file a lawsuit and win. Comment: Re:Sigh (Score 1) by marcansoft on Thursday December 30, @10:28AM (#34710954) Attached to: Playstation 3 Code Signing Cracked For Good Comments: 532 Everyone keeps forgetting that OtherOS was already removed / discontinued on new PS3s - the Slim - before Geohot started his work. That's what started it all. Removing OtherOS on the Fat made it a lot worse, of course, but it's the lack of OtherOS on the Slim (for a fishy - and, as it turned out, totally BS reason) that got people looking initially. We even gave it a quick look exactly one year ago, at 26c3, though we didn't try very hard (this was before OtherOS was pulled from the Fat). http://slashdot.org/~marcansoft 5/6
Page 1 and 2:
0/;:: l ß"' 1 KILPATRICK TOWNSEND
Page 3 and 4:
Case3:11-cv-00167-SI Document4 File
Page 5 and 6:
Page 7 and 8:
PS3 Software Piracy Begins as First
Page 9 and 10:
PS3 Software Piracy Begins as First
Page 11 and 12:
Page 13 and 14:
fail0verflow (fail0verflow) on Twit
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
PlayStation 3 hack - how it happene
Page 21 and 22:
PlayStation 3 hack - how it happene
Page 23 and 24:
Page 25 and 26:
git.fail0verflow.com Git - ps3tools
Page 27 and 28:
git.fail0verflow.com Git - noralize
Page 29 and 30:
Page 31 and 32:
Project Jerry 7, 2008 Our congratul
Page 33 and 34:
1/9/2011 xyzzy HackMii Notes from i
Page 35 and 36:
1/9/2011 xyzzy 5 SageChaozu // Jul
Page 37 and 38:
1/9/2011 xyzzy P.S. Bushing your op
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
1/9/2011 xyzzy close Galleries of b
Page 47 and 48:
1/9/2011 Keys, keys, keys. HackMii
Page 49 and 50:
1/9/2011 Keys, keys, keys. needs to
Page 51 and 52:
1/9/2011 Keys, keys, keys. other th
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
1/9/2011 Keys, keys, keys. close Ca
Page 61 and 62:
Page 63 and 64:
Post a Reply Posted 899 days ago 0
Page 65 and 66:
Page 67 and 68:
Console Hacking 2008: Wii Fail Is i
Page 69 and 70:
Wii Optical Discs (WODs) IOS Modifi
Page 71 and 72:
Signatures All RSA signature compar
Page 73 and 74:
1/9/2011 Console Hacking 2008: Wii
Page 75 and 76:
1/9/2011 Console Hacking 2008: Wii
Page 77 and 78:
Page 79 and 80:
1/9/2011 Wii: Hardware, seguridad,
Page 81 and 82:
Page 83 and 84:
Títulos Case3:11-cv-00167-SI Docum
Page 85 and 86:
El eTicket El eTicket nos da acceso
Page 87 and 88:
IOS Case3:11-cv-00167-SI Document4
Page 89 and 90:
Page 91 and 92:
Twiizer Attack Case3:11-cv-00167-SI
Page 93 and 94:
Twilight Hack Case3:11-cv-00167-SI
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
1/9/2011 Dev-Team Blog - Search res
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Reply Reply Reply gametheory 44p ·
Page 111 and 112:
1/9/2011 Case3:11-cv-00167-SI Dev-T
Page 113 and 114:
Page 115 and 116:
Hector Martin (marcan42) on Twitter
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
Page 175 and 176:
ushing (gnihsub) on Twitter http://
Page 177 and 178:
Page 179 and 180:
Page 181 and 182:
Page 183 and 184:
Page 185 and 186:
pytey (pytey) on Twitter http://twi
Page 187 and 188:
Page 189 and 190:
Page 191 and 192:
Page 193 and 194:
Page 195 and 196:
Page 197 and 198:
Page 199 and 200:
Page 201 and 202:
Page 203 and 204:
Page 205 and 206:
Page 207 and 208:
Page 209 and 210:
Page 211 and 212:
Page 213 and 214:
Page 215 and 216:
Page 217 and 218:
Page 219 and 220:
Page 221 and 222: pytey (pytey) on Twitter http://twi
Page 241 and 242: also @ TechSpot: Tech Tip: Customiz
Page 243 and 244: trillionsin on January 5, 2011 11:3
Page 245 and 246: Case3:11-cv-00167-SI Document4 File
Page 247 and 248: Geohot: Here is your PS3 Root Key!
Page 249 and 250: Geohot: Here is your PS3 Root Key!
Page 257 and 258: *Maximus AVR USB *Acekard2i *modbo
Page 259 and 260: Burberry Carlton Haymarket Notebook
Page 263 and 264: 5 January 2011 Last updated at 20:1
Page 271: Comment: Re:Same private key? (Scor
Page 277 and 278: 1/10/2011 Slashdot bushing (11) pri
Page 279 and 280: 1/10/2011 Slashdot bushing (11) Com
show all

L ß - PSX Scene

Create successful ePaper yourself

Delete template?

Save as template?