Geohot releases the PS3 keys [Discussion]

[HawkMan]

In speaking with a friend now that this has been released we were thinking it is now possible to make custom launchers for games that would include custom code for cheating, Kinda like a gameshark in the old days. Now you can just create a custom launcher that emulates a downloaded game which can launch a game from the disk only with slight changes like the inability to die or whatnot. or even worse people using it to cheat with online games such as Call of Duty and whatnot.

Since you can sign anything any way you want, and create any firmware you want that can return any value you want when sony sends a challenge whether your binaries are valid and such, yeah. cheating is a very real possibility and will probably be a big concern on the PS3 from now.

[Rudy]

Since you can sign anything any way you want, and create any firmware you want that can return any value you want when sony sends a challenge whether your binaries are valid and such, yeah. cheating is a very real possibility and will probably be a big concern on the PS3 from now.

Pretty much.

Homebrew for the console is great, personally I never liked cheating though :/

[zeta_immersion]

While I do not agree and/or disagree with software/hardware piracy I do believe that IFF (if and only if) you modify the console or game please do play it OFFLINE only. IF you do indeed want online then buy the game.

As I do not understand the reason behind cheating, I would much rather have a MS style banning (ie. play the game online before release date then get banned) than have a bunch of idiots that got a PS# from the local triads and start monkeying around online

Edit: ... on a side note, depending how this shapes up I might get a PS3, then again remains to be seen

[SaltLife]

The fact this.whole discussion has been about pirating games is unreal. I've hardley read anything in this whole topic about ps3 extensions such as media enhancements and what not.

Are the hackers not exploring this route yet? Or is the piracy issue more important to them.

Of all of this the part that ****es me off more is the cheating and honestly I don't see how Sony can pull it off as anyone can make multiple ids to full around with. So even with a console id ban that user can still play on another with out any complications or compromise to his originating id.

[HawkMan]

Why would they need to explorer that, you can pretty much already play anything on both the PS3 and 360 This is all about piracy.

whatever they say abotu linux and homebrew, if it was all about linux, they could just have released a pre signed linux ISO

[Rudy]

Why would they need to explorer that, you can pretty much already play anything on both the PS3 and 360 This is all about piracy.

whatever they say abotu linux and homebrew, if it was all about linux, they could just have released a pre signed linux ISO

Isn't that what AsbestOS is about? They're not at the point where they can release something though, porting Linux is a bit more complicated than that :rolleyes:

[HawkMan]

Isn't that what AsbestOS is about? They're not at the point where they can release something though, porting Linux is a bit more complicated than that :rolleyes:

There already was a working linux distro for PS3 you know. so it's not that complicated.

the difference is that as a signed "app" it would actually be a lot more useful than the old otherOS linux, since you would then have full access to the whole CELL, and the GPU. so it'd actually be somewhat useful, the lack of practically any memory still makes it fairly useless for practical usage but.

and besides the point was that they didn't need to release the codes that allow you to pirate and run unsigned code, they could have kept it to themselves and just released a signed linux distro if that's really all they wanted. they didn't. if you think this was at all abotu bringing back a useless linux that no one but research centers running clusters can use for anything useful, then you're being fooled.

[Rudy]

There already was a working linux distro for PS3 you know. so it's not that complicated.

the difference is that as a signed "app" it would actually be a lot more useful than the old otherOS linux, since you would then have full access to the whole CELL, and the GPU. so it'd actually be somewhat useful, the lack of practically any memory still makes it fairly useless for practical usage but.

and besides the point was that they didn't need to release the codes that allow you to pirate and run unsigned code, they could have kept it to themselves and just released a signed linux distro if that's really all they wanted. they didn't. if you think this was at all abotu bringing back a useless linux that no one but research centers running clusters can use for anything useful, then you're being fooled.

Yes but the point of AsbestOS isn't to bring back an exact copy of OtherOS but to bring a full featured Linux distribution (GPU accelerated etc etc )

[HawkMan]

and my point still stands that they didn't need to release the keys for this, they could have kept on to them untill this was done. and OtherOS already had the basics, all they needed to do was add the drivers, drivers that already exists out there. to a working base paltform.

but again, the dev time for the distro wasn't the point here, the point was that if linux was the thing they wanted to fix, they never needed to release the keys, that as all abotu piracy.

[Rudy]

and my point still stands that they didn't need to release the keys for this, they could have kept on to them untill this was done. and OtherOS already had the basics, all they needed to do was add the drivers, drivers that already exists out there. to a working base paltform.

but again, the dev time for the distro wasn't the point here, the point was that if linux was the thing they wanted to fix, they never needed to release the keys, that as all abotu piracy.

No drivers can enable the GPU under "OtherOS", as soon as it switches to OtherOS the hardware is blocked. So yes they needed this (they had some complicated way of launching Linux before but it involved a lot of hardware and wasn't very user friendly)

[HawkMan]

No drivers can enable the GPU under "OtherOS", as soon as it switches to OtherOS the hardware is blocked. So yes they needed this (they had some complicated way of launching Linux before but it involved a lot of hardware and wasn't very user friendly)

what are you talking about.

I was talking about using the keys they have here to make a fully accessible linux distro based on yellowDog or whatever it was called. it has everything needed. the limitations on otherOS was in the otherOS firmware. the OS itself could have accessed the full Cell and the GPU had the firmware not blocked them through the OtherOS function, by launching the Liknux as a fully licensed app using these keys however, they would not have any of the limitations otherOS used to introduce and they could just add the drivers and would immediately have access to the full Cell.

So no they never needed to PUBLICALlY release the keys, that was ALL about piracy. they could have made their AsbestOS based on yellowDog code, added the necessarily drivers, updated th kernel and stuff to be current, and then released it as a fully signed ISO they made with the keys, without ever releasing the keys to the public.

I wasn't even talking about the no longer in existence otherOS function, I was talking about releasing a fully working distro based on otherOS distro's.

[DukeEsquire]

Why would they need to explorer that, you can pretty much already play anything on both the PS3 and 360 This is all about piracy.

whatever they say abotu linux and homebrew, if it was all about linux, they could just have released a pre signed linux ISO

I don't know what kind of PS3 you have, but I can only run PS3 games on my PS3. I haven't been able to run Linux on my box in a long time.

what are you talking about.

I was talking about using the keys they have here to make a fully accessible linux distro based on yellowDog or whatever it was called. it has everything needed. the limitations on otherOS was in the otherOS firmware. the OS itself could have accessed the full Cell and the GPU had the firmware not blocked them through the OtherOS function, by launching the Liknux as a fully licensed app using these keys however, they would not have any of the limitations otherOS used to introduce and they could just add the drivers and would immediately have access to the full Cell.

So no they never needed to PUBLICALlY release the keys, that was ALL about piracy. they could have made their AsbestOS based on yellowDog code, added the necessarily drivers, updated th kernel and stuff to be current, and then released it as a fully signed ISO they made with the keys, without ever releasing the keys to the public.

I wasn't even talking about the no longer in existence otherOS function, I was talking about releasing a fully working distro based on otherOS distro's.

Anyone else find it ironoic that you are arguing that withholding information is better than open information in the context of installing Linux on a PS3? :laugh:

[Snowl]

We (fail0verflow) discovered and released two things:

• An exploit in the revocation list parsing, enabling us to dump a bunch of loaders, and thus their decryption keys
• A humongous screwup by Sony, enabling us to calculate their private signing keys for all of those loaders, and thus sign anything to be loaded by those loaders

We used these techniques to obtain encryption, public, and private keys for lv2ldr, isoldr, the spp verifier, the pkg verifier, and the revocation lists themselves. We could've obtained appldr, (the loader used to load games and apps), but chose not to, since we are not interested in app-level stuff and that just helps piracy. We didn't have lv1ldr, but due to the way lv1 works, we could gain control of it early in the boot process through isoldr, so effectively we also had lv1 control.

With these keys we could decrypt firmware and sign our own firmware. And since the revocation is useless and the lame "anti-downgrade" protection is also easily bypassed, this already enables hardware-based hacks and downgrades forever. Basically, homebrew/Linux on every currently manufactured PS3, through software means now, and through hardware means (flasher/modchip) forever, regardless of what Sony tries to do with future firmwares.

The root of all of the aforementioned loaders is metldr, which remained elusive. Then Geohot announced that he had broken into metldr (with an exploit, analogous to the way we exploited lv2ldr to get its keys) and was thus able to apply our techniques one level higher in the loader chain. He has released the metldr keyset (with the private key calculated using our attack), but not the exploit method that he used.

The metldr key does break the console's security even more (especially with respect to newer, future firmwares - and thus also piracy of newer games), and also makes some things require less workarounds. Geohot clearly did a good job finding an exploit in it, but considering a) he used our key recovery attack verbatim, and b) he found his exploit right after our talk, so he was clearly inspired by something we said when we explained ours, I think we deserve a little more credit than we're getting for this latest bit of news.

There's still bootldr and lv0, which are used at the earliest point during the PS3 boot process. These remain secure, but likely mean little for the PS3 security at this stage

all keys besides rvklist, rvkldr and spp_verifyer's keys haven't been released.

[HawkMan]

I don't know what kind of PS3 you have, but I can only run PS3 games on my PS3. I haven't been able to run Linux on my box in a long time.

you do realize I as replying to a post about media(movies, music, stuff, ps3mediaserver) right ? no ?

Anyone else find it ironoic that you are arguing that withholding information is better than open information in the context of installing Linux on a PS3? :laugh:

why ? you seem to be mistaking the world linux for the worlds "everything must be open and known", linux is just an excuse for them to release this, as I said, if all they wanted was linux they would never have needed to reveal the keys opening up the console for rampant piracy, online cheating and all that.

[Kushan]

and my point still stands that they didn't need to release the keys for this, they could have kept on to them untill this was done. and OtherOS already had the basics, all they needed to do was add the drivers, drivers that already exists out there. to a working base paltform.

but again, the dev time for the distro wasn't the point here, the point was that if linux was the thing they wanted to fix, they never needed to release the keys, that as all abotu piracy.

Except they never actually released those keys first, geohot did. They said they didn't have the keys to sign games and didn't want to enable piracy. All they did was release their findings on the PS3's security and geohot went and put it to use.

[aftas]

I think we deserve a little more credit than we're getting for this latest bit of news.

He stated on his site that he gave you credit. Its not his fault, its the fault of people like the person who made this thread that put Geohots name.

[Snowl]

He stated on his site that he gave you credit. Its not his fault, its the fault of people like the person who made this thread that put Geohots name.

Geohot didn't actually put the credit up until they asked him to.

[Darksoft]

all keys besides rvklist, rvkldr and spp_verifyer's keys haven't been released.

We could've obtained appldr, (the loader used to load games and apps), but chose not to, since we are not interested in app-level stuff and that just helps piracy.

If they didn't release this, what's the problem? Can someone else get this now?

[Snowl]

If they didn't release this, what's the problem? Can someone else get this now?

Course. It's on a publicly available google docs spreadsheet.

[Darksoft]

Course. It's on a publicly available google docs spreadsheet.

Thank you.

I am just finding it a little confusing to follow and understand this. A group of people discovered something, then one guy discovered something else based on the findings of the first group of people. I am not understanding who did what and the significance lol.

Thanks though.

[Julius Caro]

I use PS3 Media server. It's not all DTS files, it's just certain ones, I can't narrow it down. I just have to remux the file to Dolby 5.1 to play it.

All this would be solved if someone ports XMBC!

Remuxing still means that the PS3 is playing those DTS files

[Julius Caro]

Why are people assuming that just because of this people can play burnt BD-R games? The copy would also be signed with the original, legit (and now leaked) key anyway, so clearly there's something else, most likely hardware, that would prevent this from happening. I guess they could make some sort of loader or something, or perhaps just make a fake system upgrade (that the PS3 would not reject since its signed) to allow this.

I wonder how Sony will react. I really dont want them to accelerate the release of a newer console or to radically change the terms of the PSN. You gotta admit microsoft didnt do a bad job, though I think it's borderline inadmissible to ban cosnoles (and not users) from online playing, but what else can you do?

Except they never actually released those keys first, geohot did. They said they didn't have the keys to sign games and didn't want to enable piracy. All they did was release their findings on the PS3's security and geohot went and put it to use.

What else did they expect by doing this?

[seethru]

Why are people assuming that just because of this people can play burnt BD-R games? The copy would also be signed with the original, legit (and now leaked) key anyway, so clearly there's something else, most likely hardware, that would prevent this from happening. I guess they could make some sort of loader or something, or perhaps just make a fake system upgrade (that the PS3 would not reject since its signed) to allow this.

Custom Firmware can now be signed, basically anything is possible at this point, it's safe to assume being able to play burnt BD-R's or games right from the hard drive will be possible.

[Kushan]

Remuxing still means that the PS3 is playing those DTS files

No it doesn't, because the DTS portions have been converted to Dolby digital. The ps3 is playing Dolby files, not DTS.

What else did they expect by doing this?

What did sony expect from stopping OtherOS support on the slim, despite there being no good reason for it.

[sirnh1]

What did sony expect from stopping OtherOS support on the slim, despite there being no good reason for it.

Didn't sony removed the OtherOS support AFTER geohot claimed to found a hack/bug (or something) in it?

(slightly offtopic: I still don't get why anyone would use the OtherOS, for linux you could get a cheap(er) computer that would be better fit to run linux. As for media files, you could just stream them.)