126w ago - Here is a little piece of news we skipped over when our
PS3 Reference Tool arrived.
One of our resident PS3 DEV's
CouRieR extracted the flash of a PS3 Slim (CECH-2000) European console with Firmware 2.75 a few months back by removing the chip, and dumping it with an external reader along the lines of the
BeeProg.
The chip, a Samsung
K8Q2815UQB, is a 128 Megabit flash chip. The dump, which weighs in at 16.0 MB (16,777,728 bytes), is quite similiar to that of a later model PS3 with the smaller flash.
Earlier generation Fat PS3's, those that sported dual 1 Gigabit flashes, had two copies of the PS3 firmware along with a full AES filesystem (for
/dev_flash) on the flash.
The PS3 Slims, like later generation Fat's, have the AES filesystem (/dev_flash) on the Hard Disk Drive, and mounted virtually (like a loopback) with only one copy of the firmware.
Both the Fat and Slim PS3 systems feature everything that one would expect: a bootloader, corresponding core operating system LV1/LV2 SELF's, along with corresponding isolated SPU code - all encrypted of course.
Since everything is encrypted, and tied per box, the Slim's flash is really no different from that of a Fat PS3 - makes you really wonder what the "hardware differences" that made
OtherOS incompatible were.
Finally, for those who'd like to take a peek, here is the PlayStation 3 Slim's
FileList Dump Log!
Next week we will share some exciting PS3 Service Mode information, specifically on what we got in the mail a few days back! Then we will take a tour of the PS3 TOOL XMB as promised last week.
Hello,...
Agreed - especially how i'm now working in that industry. Brute forcing only works if you know what you are dealing with. - that as well as you can't split it into sections and divide it up against multiple hackers - its designed to be encrypted as a whole, therefore need to brute force it in one section (or one piece). That being said, even the firmware signed hashes (SHA1-MD5 i think) is impossible without the original key to create. Therefore impossible to brute-force as well.
Yeah, I suggest you search first - Namely, its multiple different types of encryptions, and multiple layers of it. How you state will not work, not to mention just cracking the encryption by analysis / brute force will not work with any modern encryption system, short of using every supercomputer in the world - and even then, you need to know how the system works in order to brute it.
With the old systems, at least, we had a large chunk of encrypted data, that we did not know what it was for - but, we also knew what was on the flash, and it was no where to be found on the system. It was not a far leap to assume that the big piece of encrypted data was our filesystem (especially going by filesizes of the FS and files)!
Oh, and another thing. I don't agree with Sony's take on forced updates once you're online. Imagine going through an update and experiencing a grid power failure (and you're out of warranty)... That's why service mode for regular Joes would be great -> having a backup which you can restore (even if it's tied to your own machine). So keep up the good work !