How do people make CFW? What is CFW's limits?

M

mmmrkennedy7

Forum Noob
I'm interested in learning more about how CFW is made and its limits.

I was thinking about ways to safely get a PS3 on PSN (with me having no knowledge of how cfw works), and I wondered why we couldn't just tell Sony what they want to hear about the console when on PSN. I assume if this was possible, it would already be done, so I wanted to find out why.
 
Nice. I'd like to make a standard cfw my self too. Thanks Aldo. Since now we are getting only cobra versions. My problem is that I am not a developer my self, I can only use software like ps3mfw builder, but I see the instructions there are for 4.75 and I don't know if above 4.8x some settings have to change. My goal is to make a mfw from ofw, not an existing cfw, so I can manually load mamba on boot.
 
mmmrkennedy7 said:
I'm interested in learning more about how CFW is made and its limits.

I was thinking about ways to safely get a PS3 on PSN (with me having no knowledge of how cfw works), and I wondered why we couldn't just tell Sony what they want to hear about the console when on PSN. I assume if this was possible, it would already be done, so I wanted to find out why.
Click to expand...
What do you mean by "what they want to hear"? CFW does not "announce itself" when logging in to PSN - that's why you don't get banned as soon as you log in with a modded console.

Here's what's possible and what's not -
  • It's possible to spoof the firmware version - That's what people do right now since there's no 4.92 CFW yet. The only catch is that after a new OFW is released you should wait a bit until it's verified that nothing's changed in the login process itself. Fortunately, that hasn't been the case for years.
  • It's possible to spoof the IDPS but - IDPS is the unique console ID. PSN requires it to log in. CFW will allow you to spoof it if your real IDPS is banned, but you can't use any random number - it has to be a valid ID. Also, it's not possible for two consoles to share the same IDPS, because if both try to go online at the same time, the IDPS will be banned instantly. This is the reason why you'd never see an IDPS posted publicly on the Internet. There are people who extract IDPS numbers from dead consoles and sell them online, but you'd need to hope the seller is honest and will not sell the same number again (and not all sellers are honest).
  • It's not possible to log in to PSN without a valid, non-banned IDPS and account - The server just won't let you authenticate.
  • Only games and trophies can get you banned - I've never heard of anyone who got banned after just logging in, sending messages, using the store etc., 99.9% of bans are a result of either cheating or trophy hacking.
  • It's possible to hide CFW presence from games - That's what disabling syscalls does. When syscalls are disabled, most games will not be able to detect it. There are very few games that can sometimes detect modded consoles even with syscalls disabled - those are CoD BO2, later CoD titles and Destiny (GTA V also used to do that but its online services for the PS3 are long gone). For BO2 there's a patch to the game itself that removes that check. You might be able to implement something that hides the CFW from those games at the firmware level if someone would ever bother to reverse engineer those games and figure how the detection works. Note that if the mod is detected by a game, the firmware cannot prevent it from being reported, because it's the game that's communicating with the servers and not the firmware itself.
  • It's not possible to evade server side heuristics - That's the main reason people get banned. In many games the server monitors the game input for signs of cheating. For instance, if you get an insanely high accuracy of head shots, way beyond what's humanly possible, the game server will flag you as using an aim bot, and the game server will then report you as a cheater to PSN, leading to a ban. Since this report goes directly from the game server to PSN servers and does not even pass through your console, there's nothing you can do about it. Similarly, if you try to sync dozens of trophies with almost identical timestamps, PSN will flag you as a trophy hacker and ban you. What both of those cases have in common is that it's your own fault and you pretty much deserve the ban. There's a very easy way to avoid those bans - don't cheat and don't trophy hack.
 
Sky is the limit. ;)

No way to make 100% safe from ban. Sony or game can try peek & poke or crawl through dev_hdd0 which normally access should be defended by HV. Closest thing you can achieve for safety is CFW DualBoot but it has not been made for a long time now, while SEN needs usually latest fw.
 
Berion said:
Sky is the limit. ;)

No way to make 100% safe from ban. Sony or game can try peek & poke or crawl through dev_hdd0 which normally access should be defended by HV. Closest thing you can achieve for safety is CFW DualBoot but it has not been made for a long time now, while SEN needs usually latest fw.
Click to expand...
There is 4.91 dual boot. And I think disabling syscalls should prevent access to dev_hdd0 but maybe I'm mistaken.
 
You must log in or register to reply here.

Similar threads

Back
Top