Conclusões do Chaos Communication Congress conference

[kivan]

Pelos vistos a Protecção da PS3 é considerada um epic fail, vamos ver o porque:

If you missed the Chaos Communication Congress conference, then we have the summary for you of all the goodies you missed right here.





We basically learned that the PS3 security is now “epic fail”, and the 360 is currently a more secure system compared to the PS3.

To quote:

    The first few minutes of the conference were spent explaining the state of security on other consoles (Wii, 360, etc). Following this, the group went on to explain the current state of affairs on the PS3. First, explaining Geohot’s memory line glitching exploit from earlier this year. The team then went on to explain the current PS3 security bypasses, such as jailbreaking and service mode/downgrading.

    Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs Following this, the team declared Sony’s security to be EPIC FAIL!

    The recent advent of these new exploits means current firmware is vulnerable, v3.55 and possibly beyond. It will be very difficult for Sony to fix the described exploits.

    The team then displayed the website You are not allowed to view links. Register or Login were we assume will host examples of the new exploits and further details. They stated that easy to use tools would be coming next month.


Here are some of the latest Twitter updates for fail0verflow:

    * @KushanTheCat our goal is to have linux running on all existing PS3 consoles, whatever their firmware versions.
    * Our current PS3 goal: AsbestOS.pup

You are not allowed to view links. Register or Login

[kivan]

Novidades - GeoHot Releases dePKG – Firmware Package Decrypter

I already posted something about this in the Epic Fail thread but now it is official:

    The famous Geohot resurfaced today, to release a useful app called dePKG. The app is very useful for devs that are planning to look into Sony’s official firmware files. dePKG is a linux app that will decrypt PKG files (not to be confused with PSN PKG files) that are within PS3UPDAT.PUP files. This will allow devs to take a look at files such as CORE_OS_PACKAGE.pkg, from the convenience of their PC. Previously, the only way to take a look at these files was via graf_chokolo’s method which utilized the PS3. Geohot’s app is ready to be compiled and includes necessary decryption keys.