Hey why you don't have jailbreak for my cech - 3002? You're too lazy to do it?

Discussion in 'General PS3 Discussion' started by kozarovv, Jun 7, 2015.

  1. 7,474
    5,532
    847
    kozarovv

    kozarovv Super Moderator

    Joined:
    Nov 8, 2014
    Messages:
    7,474
    Likes Received:
    5,532
    Trophy Points:
    847
    Home Page:
    I heard similiar questions today, so i try to use KaKaRoTo words to explain how hard is this. Sony using ECDSA algorithm to security purposes on Playstation 3, if we break this algorithm we get needed access to almost everything. But is not easy, or maybe even impossible.. Read how it work:

    Source: http://kakaroto.homelinux.net/

    WHAT!?

    Ok here is understandable version why we have jailbreak for older consoles. But not for newest ones:

    In December 2010, a group calling itself fail0verflow announced recovery of the ECDSA private key used by Sony to sign software for the PlayStation 3 game console. However, this attack only worked because Sony did not properly implement the algorithm, because k was static instead of random. This makes d_A solvable and the entire algorithm useless. It was just Sony mistake that they repair in new consoles/firmwares. Above you can read what kind of thing hackers fighting to break new consoles. Don't look like put PUP to usb and install CFW, huh?
     
    Last edited: Jun 7, 2015
  2. 5,354
    2,532
    497
    atreyu187

    atreyu187 Wanna-BeTA Tester Moderator

    Joined:
    Sep 29, 2014
    Messages:
    5,354
    Likes Received:
    2,532
    Trophy Points:
    497
    Gender:
    Male
    Occupation:
    MCU/Sony Enthusiast!
    Location:
    127.0.0.1
    Home Page:
    What a lot also fail to realize is this protection is used in a lot of everyday applications that keeps our privacy just that private. Be thankful for ECDSA it isn't just a protection used for securing a video game system. If they did find a way to break your 3000+ models a helluva lot of more problems would be around. Like people having direct access to all your bank info. Sony was just head strong as they didn't see anyone having an entry point to the PS3. Had they never had sent a dongle back in a repair unit the PS3 using a static key would more likely then not still hold up security wise.
     
  3. 1,335
    887
    197
    psykosis

    psykosis Developer Developer

    Joined:
    Dec 7, 2014
    Messages:
    1,335
    Likes Received:
    887
    Trophy Points:
    197
    My head hurts and calculus comes natural to me....

    Can someone hand me a beer and a b?
     
    ntodek, RatManDom and hawboutnow like this.
  4. 148
    32
    57
    zeromant

    zeromant Member

    Joined:
    Feb 2, 2015
    Messages:
    148
    Likes Received:
    32
    Trophy Points:
    57
    Location:
    Venezuela, Maracay
    And thats the beauty of maths :(
     
  5. 161
    24
    52
    arcadekidflo

    arcadekidflo Member

    Joined:
    Feb 18, 2015
    Messages:
    161
    Likes Received:
    24
    Trophy Points:
    52
    The key to resign eboot is the same as the one to resign fw ?
     
  6. 136
    19
    52
    chris

    chris Member

    Joined:
    Oct 23, 2014
    Messages:
    136
    Likes Received:
    19
    Trophy Points:
    52
    Just wait till quantum CPUs are mainstream. they will render all current encryption useless
     
  7. 5,354
    2,532
    497
    atreyu187

    atreyu187 Wanna-BeTA Tester Moderator

    Joined:
    Sep 29, 2014
    Messages:
    5,354
    Likes Received:
    2,532
    Trophy Points:
    497
    Gender:
    Male
    Occupation:
    MCU/Sony Enthusiast!
    Location:
    127.0.0.1
    Home Page:
    Yes but CFW is signed with 3.55 keys we don't have the 3.56+ keys reencrypt. After 3.56 we can only decrypt as we have the public key to do so but don't have the private key to reencrypt. After 3.55 those keys were blacisted by Sony and that's why you need to have been on 3.55 in order for the PS3 to accept them still.
     
  8. 1,335
    887
    197
    psykosis

    psykosis Developer Developer

    Joined:
    Dec 7, 2014
    Messages:
    1,335
    Likes Received:
    887
    Trophy Points:
    197
    Awesome write up.....I wish more people would read it. lol :)
     
  9. 7,474
    5,532
    847
    kozarovv

    kozarovv Super Moderator

    Joined:
    Nov 8, 2014
    Messages:
    7,474
    Likes Received:
    5,532
    Trophy Points:
    847
    Home Page:
    All credits go to kakaroto, i only digged up and quoted his post here. :)
     
  10. 1,335
    887
    197
    psykosis

    psykosis Developer Developer

    Joined:
    Dec 7, 2014
    Messages:
    1,335
    Likes Received:
    887
    Trophy Points:
    197
    test this is a test. did this double post? (posted from ms edge)
     
    levelscored likes this.
  11. 7
    0
    0
    aniki_red_daring

    aniki_red_daring

    Joined:
    Jun 20, 2015
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    0
    sony used a static key ,but used the same signature to sign everything....
    now its truly random but its still a integer constant
    unless u want to manually go through all the ldrs listed on the devwiki
    and figure out which keys post 3.56+ are being used 47xx good luck
    lol
     
  12. 7
    0
    0
    aniki_red_daring

    aniki_red_daring

    Joined:
    Jun 20, 2015
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    0
    The ps3 can still accept keys higher than 3.56 but its due to their ASS AES HW CRYPTO
    that makes it nearly impossible. out of shared memory tho u can probably page a table and allocate extra memory to create a small buffer overflow .then acess that address in memory via pointer
    and overwrite the top of the stack where the first jump instructions calls the hypervisor during m_map.
     
  13. 19
    6
    7
    hawboutnow

    hawboutnow Forum Noob

    Joined:
    Aug 9, 2018
    Messages:
    19
    Likes Received:
    6
    Trophy Points:
    7
    Gender:
    Male
    as a guy who studied physics his whole life........i can tell you that we have a better chance of trying to break the ECDSA lol
     
    chris likes this.
  14. 609
    185
    72
    Bloodmoons366466

    Bloodmoons366466 Member

    Joined:
    Mar 14, 2018
    Messages:
    609
    Likes Received:
    185
    Trophy Points:
    72
    Gender:
    Male
    Would a hen exploit also apply to that same algerithem or would hen be on anoughter level
     
    hawboutnow likes this.
  15. 8
    3
    7
    RatManDom

    RatManDom Forum Noob

    Joined:
    Mar 31, 2019
    Messages:
    8
    Likes Received:
    3
    Trophy Points:
    7
    Gender:
    Male
    OMG !!! dam ! This is so inspiring I need to get my head around this,
    Buzzed after reading that,
    I am catching up with what there is out there today now and I have not been learning like this long.

    Wait until we have the quantum computers! That can brake encryption and you will see havoc if they get out there in the hands of some people. But no doubt it will be under the radar when developed properly any way I hope we all get one and they are still testing things, that will be a day to see what can happen with them.
     
    Last edited by a moderator: Apr 6, 2019
    DeViL303 likes this.
  16. 297
    98
    32
    Danxx444

    Danxx444 Member

    Joined:
    Sep 11, 2018
    Messages:
    297
    Likes Received:
    98
    Trophy Points:
    32
    Gender:
    Male
    Wait ... what? !!:confused3: ... This is more complicated than I thought!!, you guys are really geniuses to understand all this, awesome the ability of you developers. I'm shocked.:eek:
     
  17. 10,750
    4,173
    497
    pinky

    pinky Bitsiboo's Other Half Developer

    Joined:
    Mar 8, 2015
    Messages:
    10,750
    Likes Received:
    4,173
    Trophy Points:
    497
    Gender:
    Male
    Location:
    The Great Gig in the Sky
    you don't necessarily have to break the security, just bypass it with some sort of exploit. a jailbreak implies total control over a system, and those days may be over. however, it's not the end of the line.
     
    Danxx444 likes this.
  18. 172
    37
    32
    snkplkn

    snkplkn Member

    Joined:
    Apr 19, 2019
    Messages:
    172
    Likes Received:
    37
    Trophy Points:
    32
    You know what is the REALLY scary thing? Your personality and psychological profile - that's all pretty much hacked already. No kidding. And most people gave away this information willingly. Big Cybertech companies (Like SCL-CA and Palantir) have ransacked Social media with massive algorithms, grabbed tons of personal data and mapped the psychological profiles of hundreds of millions of people. They use it all this information for many things. That's how Donald Trump won US elections. And Britain voted on Brexit referendum.

    Anyway, i have heard that there is something called deep web and its full of private information of many kinds. Social security numbers, health records, Bank details, personal databases etc etc flowing around in Deep web. I wonder how much of this is true? Perhaps only someone who is on the other side of the world (swimming in deep web) knows the reality.
     
    Major_Pothead92 and Algol like this.
  19. 10,750
    4,173
    497
    pinky

    pinky Bitsiboo's Other Half Developer

    Joined:
    Mar 8, 2015
    Messages:
    10,750
    Likes Received:
    4,173
    Trophy Points:
    497
    Gender:
    Male
    Location:
    The Great Gig in the Sky
    I'm not on facebook for a number of reasons, one being the fact that they've been hacked multiple times, members information stolen. and, they never seem to improve their security.
     
    Algol likes this.
  20. 172
    37
    32
    snkplkn

    snkplkn Member

    Joined:
    Apr 19, 2019
    Messages:
    172
    Likes Received:
    37
    Trophy Points:
    32
    Facebook is Evil. So are all these big social media giants. By the way, Facebook is doing a lot of lobbying Europe to escape penalties and prosecution on anti-trust inquiries and election meddling. I just hope that they ban Facebook.
     
    Algol likes this.

Share This Page