PS3 LV0 Keys Released (the ACTUALLY UNPATCHABLE KEY)
184 replies, posted
[QUOTE=Forumaster;38155853]Maybe games like FONV or Skyrim could, but I doubt it.[/QUOTE]
With F:NV, you could rename basic mods to "update.esp" and put it in place with some hocus pocus I don't quite remember and it would apply that mod.
This just made it easier to apply mods (CFW permitting), as well as maybe possible to apply mods that add/meshes and textures (also CFW permitting)
Can this be fixed by using new hardware in newer versions or are they fucked forever and after?
From what I understood, people will have now an easy way to use custom firmwares to play pirated games and for the most part it will be seen valid?
oh my
The PS3 was released late 2006 right? I think it's impressive a console as old hasn't been cracked yet.
I hope Sony dosn't flip out over this.
Funny thing is this will increase sales of PS3's
I don't see why sony would have any problems with it other then the corporate butt frustration from having your "set in stone retarded rules" violated
Seriously a console that comes with homebrew is something most people want these days, but because companies can't make money off the custom software on them, they treat it like it's satan aids or something
Hopefully this has good results, the last time this happened (yes I know this is level 0), it got super hyped then over night became completely silent.
Doesn' this mean the PS3 is open for hardware configuration now too?
From what I understand you still need to be on OFW 3.55 or lower to use any of this. You cannot install a CFW on any of the 3.56+ versions of the firmware as the exploit allowing you to was removed.
So in order to use any cfw you will need to buy a kit to downgrade your ps3 to 3.55 then install cfw 3.55, THEN install cfw 4.21+ and onwards from there.
So not so easy yet, unless they figure out how to overwrite newer firmwares without modchips the userbase won't grow a whole lot because only previously hacked ps3's and those willing to fart around with hardware hacks to use this.
[QUOTE=64fanatic;38161581]From what I understand you still need to be on OFW 3.55 or lower to use any of this. You cannot install a CFW on any of the 3.56+ versions of the firmware as the exploit allowing you to was removed.
So in order to use any cfw you will need to buy a kit to downgrade your ps3 to 3.55 then install cfw 3.55, THEN install cfw 4.21+ and onwards from there.
So not so easy yet, unless they figure out how to overwrite newer firmwares without modchips the userbase won't grow a whole lot because only previously hacked ps3's and those willing to fart around with hardware hacks to use this.[/QUOTE]
From the article, that was true for the LV2 keys, but LV0 is afaik Hardware level, something that cannot be patched. Hence why this might be rather big.
[QUOTE=64fanatic;38161581]From what I understand you still need to be on OFW 3.55 or lower to use any of this. You cannot install a CFW on any of the 3.56+ versions of the firmware as the exploit allowing you to was removed.
So in order to use any cfw you will need to buy a kit to downgrade your ps3 to 3.55 then install cfw 3.55, THEN install cfw 4.21+ and onwards from there.
So not so easy yet, unless they figure out how to overwrite newer firmwares without modchips the userbase won't grow a whole lot because only previously hacked ps3's and those willing to fart around with hardware hacks to use this.[/QUOTE]
The gate is wide open, now it's just a matter of opening the right door(s).
[QUOTE=64fanatic;38161581]From what I understand you still need to be on OFW 3.55 or lower to use any of this. You cannot install a CFW on any of the 3.56+ versions of the firmware as the exploit allowing you to was removed.
So in order to use any cfw you will need to buy a kit to downgrade your ps3 to 3.55 then install cfw 3.55, THEN install cfw 4.21+ and onwards from there.
So not so easy yet, unless they figure out how to overwrite newer firmwares without modchips the userbase won't grow a whole lot because only previously hacked ps3's and those willing to fart around with hardware hacks to use this.[/QUOTE]
buy a kit to downgrade?? what are you on?
you either buy a modchip if you cant downgrade. or you downgrade. simple as that.
Here's how [URL="http://games.slashdot.org/comments.pl?sid=3205473&cid=41747075"]someone on Slashdot[/URL] describes the situation (apparently someone who worked on another complicated PS3 hack):
[QUOTE]The first-stage bootloader is in ROM and has a per-console key which is effectively in tamper-resistant silicon. The second-stage bootloader (bootldr) is encrypted with the per-console key, but is not upgradable and is the same for all consoles (other than the encryption wrapper around it). This second-stage bootloader verifies lv0. Sony signed lv0 using the same broken process that they used for everything else, which leaks their private key. This means that the lv0 private key was doomed from the start, ever since we demonstrated the screwup at the Chaos Communication Congress two years ago.
However, because lv0 is also encrypted, including its signature block, we need that decryption key (which is part of bootldr) before we can decrypt the signature and apply the algorithm to derive the private key. We did this for several later-stage loaders by using an exploit to dump them, and Geohot did it for metldr (the "second root" in the PS3's bizarre boot process) using a different exploit (we replicated this, although our exploit might be different). At the time, this was enough to break the security of all released firmware to date, since everything that mattered was rooted in metldr (which is bootldr's brother and is also decrypted by the per-console key). However, Sony took a last ditch effort after that hack and wrapped everything after metldr into lv0, effectively using the only security they had left (bootldr and lv0) to attempt to re-secure their platform.
Bootldr suffers from the same exploit as metldr, so it was also doomed. However, because bootldr is designed to run from a cold boot, it cannot be loaded into a "sandboxed" SPU like metldr can from the comfort of OS-mode code execution (which we had via the USB lv2 exploit), so the exploit is harder to pull off because you don't have control over the rest of the software. For the exploit that we knew about, it would've required hardware assistance to repeatedly reboot the PS3 and some kind of flash emulator to set up the exploit with varying parameters each boot, and it probably would've taken several hours or days of automated attempts to hit the right combination (basically the exploit would work by executing random garbage as code, and hoping that it jumps to somewhere within a segment that we control - the probabilities are high enough that it would work out within a reasonable timeframe). We never bothered to do this after the whole lawsuit episode.
Presumably, 18 months later, some other group has finally figured this out and either used our exploit and the hardware assistance, or some other equivalent trick/exploit, to dump bootldr. Once the lv0 decryption key is known, the signing private key can be computed (thanks to Sony's epic failure).
The effect of this is essentially the same that the metldr key release had: all existing and future firmwares can be decrypted, except Sony no longer has the lv0 trick up their sleeve. What this means is that there is no way for Sony to wrap future firmware to hide it from anyone, because old PS3s must be able to use all future firmware (assuming Sony doesn't just decide to brick them all...), and those old PS3s now have no remaining seeds of security that aren't known. [B]This means that all future firmwares and all future games are decryptable, and this time around they really can't do anything about it.[/B] By extension, this means that given the usual cat-and-mouse game of analyzing and patching firmware, every current user of vulnerable or hacked firmware should be able to maintain that state through all future updates, as all future firmwares can be decrypted and patched and resigned for old PS3s. From the homebrew side, it means that it should be possible to have hombrew/linux and current games at the same time. From the piracy side, it means that all future games can be pirated. Note that this doesn't mean that these things will be easy (Sony can obfuscate things to annoy people as much as their want), but from the fundamental security standpoint, Sony doesn't have any security leg to stand on now.
It does not mean that current firmwares are exploitable. Firmware upgrades are still signed, so you need an exploit in your current firmware to downgrade. Also, newer PS3s presumably have fixed this (probably by using newer bootldr/metldrs as trust roots, and proper signing all along).[/QUOTE]
Simply put the only way for sony to fix this is to create a new dye/chip for the consoles which would require plenty of money and time. This is never going to go away.
Yay, I've been waiting for something like this to come along. Time to buy a PS3.
Cool! Maybe I will install CFW on my PS3 when they make one, but only for the Emulators, and maybe linux.
[QUOTE=Ehmmett;38161916]I thought you needed the E3 Flasher kit to downgrade though? How else can you downgrade?[/QUOTE]
Yeah sorry you are right, although there was a way on 3.60 but that doesnt work on most ps3's.
For those on v3.56 or v3.60 or v3.61 or v3.66 or v.377 there is no Downgrade, no Jailbreak and no CFW according to psxscene, but anything above that you can use ProgSkeet or E3. Personally I prefer progskeet because it does everything and is cheaper than E3.
Is there CFW out now that we can use? Or is it still early days?
[QUOTE=Over-Run;38162258]Is there CFW out now that we can use? Or is it still early days?[/QUOTE]
this doesnt make it easier to get a cfw onto your ps3, you still have to downgrade
Oh I thought somebody said on the first page that you can get a CFW no matter what FW you were on
uh, no you won't?
[editline]24th October 2012[/editline]
@usa
[QUOTE=Over-Run;38162352]Oh I thought somebody said on the first page that you can get a CFW no matter what FW you were on[/QUOTE]
no its a misunderstanding. what it does mean though is once you are on a custom firmware, we no longer have to analyze and patch the new firmwares that come out because we can decrypt them.
[editline]25th October 2012[/editline]
[QUOTE=TippZ;38162366]uh, no you won't?
[editline]24th October 2012[/editline]
@usa[/QUOTE]
we can [B]decrypt[/B] firmwares and [B]resign them for older ps3s by changing some singature stuff.[/B]
what we cannot do is make every firmware cfw-able, because that relies on exploits, we cant "fake a sony firmware upgrade".
see slashdot.
Wow, just yesterday I was looking up stuff on how I could downgrade my PS3 to jailbreak it (it would need a hardware dongle + some soldering - fuck that)
[editline]24th October 2012[/editline]
Of course from now reading the thread this won't make shit much easier but eh, still good to know
does this mean we can jailbreak our ps3's in the latest updates now?
[QUOTE=Flarey;38163384]does this mean we can jailbreak our ps3's in the latest updates now?[/QUOTE]
This is answered something like 5 posts into the thread.
[QUOTE=Fangz;38155423]Sony then bricks all Playstation3s in response to this.[/QUOTE]
Then they release an even thinner PS3 with no USB connections, PSN only connections and no disc drive whatsoever.
For 300€
Does this mean I can turn my PS3 into an emulator hub?
[editline]24th October 2012[/editline]
with CFW ofc
[QUOTE=Forumaster;38159093]Then they get slammed with the biggest lawdildo ever invented.[/QUOTE]
What about nintendo and the 3DS? I cant remember them being sued over their decision to brick 3DS's using custom firmware and similar.
[QUOTE=MendozaMan;38160900]Funny thing is this will increase sales of PS3's
I don't see why sony would have any problems with it other then the corporate butt frustration from having your "set in stone retarded rules" violated
Seriously a console that comes with homebrew is something most people want these days, but because companies can't make money off the custom software on them, they treat it like it's satan aids or something[/QUOTE]
Because sony loses money when it sells a console, and it has to make money through the sale of games and licensing. More piracy = less sales, less income.
What I want to see now is OFW + CFW + Linux tripleboot.
I need to start saving up money.
[QUOTE=Fatfatfatty;38163766]What about nintendo and the 3DS? I cant remember them being sued over their decision to brick 3DS's using custom firmware and similar.[/QUOTE]
Not only is there no 3DS cfw or flashcarts, they have yet to take any action against people using older flashcarts on their 3DS'.
Sorry, you need to Log In to post a reply to this thread.