+Audioboxer Subscriber² Posted January 27, 2010 Subscriber² Share Posted January 27, 2010 Altough it's nice to capture all these HV calls and stuff from a plain (not encrypted) lv1 binary, but this will never lead to a hacked PS3.Let's have a look. The major security architecture on the PS3 is called the "Secure Processing Vault" and is the most important thing regarding "hacking" the PS3. There is NO WAY for the PPU or even the HV to gain access to the SPU, which is an application running inside of an isolated SPU. Well you can kick out the isolated SPU, like geohot mentioned, but this gives you nothing, as ALL the encryption and execution of applications (HDD encryption, app encryption, decryption, executing, signature checking, root key extraction) happens inside the isolated SPU. To run homebrew on the PS3 you would have to reassemble the whole functionality from the SPU inside a binary running on the PPU. For this you will need the root key. The root key is stored in hardware (not even close to the things on the iPhone). The root key cannot be extracted by any software or hardware means and is essential to ALL encryption/decryption, executing and checking routines. The only way to get the root key is inside of an isolated SPU, as it is kick-starting the hardware encryption facility. There is no other way to do that ! Let's just assume that geohot or some other guys are able to break into the local store of the isolated SPE. There they will just find some encrypted binaries. The key for decryption is encrypted by the root key ! You won't get anywhere without the root key. Let's assume that someone managed to do all those stuff from the isolated SPU on the PPU and creates a CFW. There is still a secure booting environment. The first module loaded/bootet is integrity checked by the hardware crypto facility utilizing the root key. So you have also to address this booting stuff. Again, no root key, no booting. So there's always runtime patching you might ask ? Not possible on the PS3 because the hardware crypto facility is able to check the signatures whenever it wants to. And which part is responsible for this ? Exactly, the isolated SPU. So if you kick out the isolated SPU the system will not boot/run anymore. The PS3 is neither an PSP nor an iPhone. It's the most secure system architecture of this time ! The girl behind this stuff, Kanna Shimizu, is not somebody. Messing around with this is not like saying Bruce Schneier is a n00b. Btw.: forget about all those stories, that certain hackers are or will be employed by SONY. That's nothing more than another urban legend. @geohot It is OBVIOUS that the HV is PPC. The Cell BE is a PPC architecture, you know ;-) Better read those IBM papers in first place ! Source: http://streetskaterfu.blogspot.com/2010/01/ps3-is-hacked-urban-legend-continues.html Looks like someone's having a wee go at Geohot! Link to comment Share on other sites More sharing options...
SimplySchizo Posted January 27, 2010 Share Posted January 27, 2010 i believe this was posted within one of the other ps3 hacked threads. but yea, i still believe geo was biting off more than he can chew since he started this.. Link to comment Share on other sites More sharing options...
+Audioboxer Subscriber² Posted January 27, 2010 Author Subscriber² Share Posted January 27, 2010 i believe this was posted within one of the other ps3 hacked threads. but yea, i still believe geo was biting off more than he can chew since he started this.. I know but with all the other topics running rampant this is better as it's own topic for all the people who are all giddy right now. I like crushing hope :devil: Plus I probably saved some people money running out to buy a Blu Ray writer. Link to comment Share on other sites More sharing options...
SimplySchizo Posted January 27, 2010 Share Posted January 27, 2010 hah! yea this thing is far from being 'hacked'. geohotz, as smart as he is, his progress always falls back seat to his ego. thats why the devteam parted ways with him cause of his arrogance. he has to be the center of attention even if it means jeopardizing the project in hand. prematurely releasing information without any logic other than to be recognized. Link to comment Share on other sites More sharing options...
+Audioboxer Subscriber² Posted January 27, 2010 Author Subscriber² Share Posted January 27, 2010 hah! yea this thing is far from being 'hacked'. geohotz, as smart as he is, his progress always falls back seat to his ego. thats why the devteam parted ways with him cause of his arrogance. he has to be the center of attention even if it means jeopardizing the project in hand. prematurely releasing information without any logic other than to be recognized. Probably won't be hacked, due to the CELL being new architecture and one whole SPU dedicated to security, best bet is probably trying to attack the BD drive - But again that's new technology to all the hackers. We've not even seen the most basic of modchips to play backups in 3 years, those usually pop up quite quickly then advance. I think before the software hack, the 360 had some modchips to play backups. Link to comment Share on other sites More sharing options...
troist Posted January 27, 2010 Share Posted January 27, 2010 In my eyes there isn't much point going to all of that effort anyway, because if professional developers struggle to code for the cell then I can hardly expect the homebrew scene will be going crazy for it... Maybe one day someone will find a flaw in the security, but until then we can just rely on the 360 :D In my eyes there isn't much point going to all of that effort anyway, because if professional developers struggle to code for the cell then I can hardly expect the homebrew scene will be going crazy for it... Maybe one day someone will find a flaw in the security, but until then we can just rely on the 360 :D Link to comment Share on other sites More sharing options...
Recommended Posts