Sponsored Links

Sponsored Links

Page 12 of 15 FirstFirst ... 21011121314 ... LastLast
Results 111 to 120 of 142



  1. #111
    Contributor masri01's Avatar
    Sponsored Links
    Sponsored Links
    GeoHot's Twitter, 3 Minutes ago..

    yay, got R/O access to 32 bytes of RAM i wasn't supposed to. what uselessness
    Not sure what he is talking about?

  2. #112
    Toucan Sam CJPC's Avatar
    Sponsored Links
    Sponsored Links
    Quote Originally Posted by masri01 View Post
    GeoHot's Twitter, 3 Minutes ago..

    yay, got R/O access to 32 bytes of RAM i wasn't supposed to. what uselessness

    Not sure what he is talking about?
    Basically he was able to read 32 bytes of memory that he was not supposed to, and it was useless - mind you, 32 bytes is not a lot.

    For example, an IP address: 192.168.245.250 - 32 Bytes (not including the .'s!) - not too much data at all.

  3. #113
    Contributor masri01's Avatar
    Sponsored Links
    Sponsored Links
    Quote Originally Posted by CJPC View Post
    Basically he was able to read 32 bytes of memory that he was not supposed to, and it was useless - mind you, 32 bytes is not a lot.

    For example, an IP address: 192.168.245.250 - 32 Bytes (not including the .'s!) - not too much data at all.
    Thanks for that!

  4. #114

    Exclamation

    Keep this thread on topic guys... it's for posting geohot's twitter etc updates, not for comparing him or the devs here to others. Thanks!

    From IRC today:
    Wed Sep 9 16:48:26 :
    geohot: hey, hows the ref tool working out for you?
    cjpc: good - its still working

  5. #115
    OMG I Idled like 5 days in IRC hoping to see something, and today I'm away and geohot came on IRC. I think that CJPC is getting the hang on the tool, shame that geohot can't experiment with it in RL like CJPC. Would be nice. Those 32Bits it's a great start seeing he started last month with hacking.

  6. #116
    Nah, it wasn't in the public channel... that was just set up for people who whined about not having an IRC channel any more. As usual, nothing ever happens in it so it may end up being closed again as only a few people idle there.

    On IRC geohot just messages CJPC by using /msg CJPC but he doesn't stick around to have a detailed conversation most of the time.

  7. #117
    This definitely look promising.. Although I personally think the way to go is HDD decryption, and re-encryption.

  8. #118
    Quote Originally Posted by Llacune View Post
    This definitely look promising.. Although I personally think the way to go is HDD decryption, and re-encryption.
    Which you cannot do since the encryption keys are protected through a long "chain of trust" (as Geohot said) that ultimately leads to the Cell hardware.

    That's Trusted Computing (check Wikipedia) and it seems that the PS3 is the first fully functional Trusted Computing device to be largely distributed to people in general, as it has all the requirements for this type of technology. It's very likely that the PS3 itself is a console developed in a way as to test the security of such new tech since we all know any console would be under heavy atack by hackers for obvious reasons.

    To me (and I'm no expert) it looks like the only two means by which this type of security would be broken is:
    1) Find a way to obtain the private and public endorsement keys somehow via hardware manipulation, since the private key would never be obtained through a virtual environment as it never leaves the chip. I have absolutely no idea if this is even possible at this moment, you know, to read hardware... but eventually, I think it could be done one day.

    2) Breach the curtained memmory so the encryption keys might be read. This wouldn't get the private endorsement key but would get the means to communicate and authenticate to it and would open a hole in the chain of trust that could lead not only to the decryption of the HDD but also allow hackers to find ways to spoof remote attestation. This is, I think, the most likely way of doing it on the long run since it's inevitable that one day programmers will understand how curtained memmory works.

    So, for now, I think we have to trust the devs work and wait for things to happen.

  9. #119
    Quote Originally Posted by mondoparalelo View Post
    That's Trusted Computing (check Wikipedia) and it seems that the PS3 is the first fully functional Trusted Computing device to be largely distributed to people in general, as it has all the requirements for this type of technology. It's very likely that the PS3 itself is a console developed in a way as to test the security of such new tech since we all know any console would be under heavy atack by hackers for obvious reasons.
    Oh man - I have posted this few times already and need to do it again: read something about Public-key cryptography ([Register or Login to view links]) This mechanism ensures that private keys do not need to be present at all on PS3! Only public keys are enough to decrypt/check stuff (it would be quite helpful to be able to be able to decrypt binaries to be able for example to try to find some exploit). So no hardware manipulation will help you at all. And these are still protected by chain of trust...

  10. #120
    Quote Originally Posted by RexVF5 View Post
    Oh man - I have posted this few times already and need to do it again: read something about Public-key cryptography ([Register or Login to view links]) This mechanism ensures that private keys do not need to be present at all on PS3! Only public keys are enough to decrypt/check stuff (it would be quite helpful to be able to be able to decrypt binaries to be able for example to try to find some exploit). So no hardware manipulation will help you at all. And these are still protected by chain of trust...
    Ok then, got it about the private/public keys. As I stated earlier, I'm no expert on this subject, so there's no need for flaming. If you know better, please care to explain. I'd appreciate it a lot.

    But then again, as quoted from xorloser's blog by PS3News in this very thread:
    xorloser says:
    August 17, 2009 at 4:35 pm
    Correct, lv1.self is the hypervisor. The keys to decrypt it are stored inside lv1ldr which is a secure loader that runs on the SPU. So to get the the lv1 decryption keys you first need the secure loader decryption keys and decrypt lv1ldr. This chain of trust goes back to the initial bootloader that is encrypted using a key stored in the cell hardware itself. So you find a way around the chain of trust if you want to decrypt the hypervisor.
    So how you expect to decrypt anything when every time you try to do it you're taken to a deeper layer of encryption that will only stop at the Cell hardware?

    If you cannot obtain any encryption key in the middle of the way and you don't have access to memmory, how else are you supposed to get the keys if not by trying to rip it off the hardware itself? And what do you mean by "no hardware manipulation will help you at all. And these are still protected by chain of trust"?

 
Sponsored Links

Page 12 of 15 FirstFirst ... 21011121314 ... LastLast
Advertising - Affiliates - Contact Us - PS3 Downloads - PS3 Forums - Privacy Statement - Site Rules - Top - © 2015 PlayStation 3 News