I think the next step we should take is trying to load and dump lv2 using loaders like Mathieulh and Geohot have; we should prioritize on that because looking for text strings in hex won't get anywhere, its not like the root key is hidden in plaintext somewhere in the dump.
Last edited by yellowsnow; 02-17-2010 at 07:39 PM Reason: Automerged Doublepost
To quote on the Tarnovsky guy, I believe he is also the one who was working on the Nagra 3 hack, which is the smart card employed in the DishNetwork systems. If anyone follows the FTA scene, could they confirm whether or not this is the same person?
To clarify, I'm not on a team and haven't given anyone the loader stuff and don't plan to. I'm messing with this every once and a while for fun.
And the loaders aren't where I would start. It's hard to do without some serious reversing. Start by getting access to things like the full flash and hd; thats fairly easy. Also, notice the first thing I found in the dump; its posted as the blog post after the exploit announce one. Finding appropriate function names is a huge part of reversing, and you've been given about 100 right off the bat.
I somewhat didn't want to disclose it but now the cat is out of the box anyway so here it is: Lv2 was dumped a week ago (thx to geohot)I rather not elaborate, geohot was the one to figure out how to do it.I don't need credits, I didn't ask for them, which part of "Geohot did it" and "it wasn't my work" don't you get ?Geohot did it, I wont elaborate. I kept quiet until now but it seems the info kinda leaked anyway, which was bound to happen soon or later, beside if you can use the loaders to decrypt content, it is obvious it can also be done for lv2Unless Mathieulh is lying numerous times above... but I think most people (myself included) feel you did tell Mathieulh how to do it (if not even provide him your lv2 dump as you did with lv0/lv1), so why not practice what you preach and add details how to a Wiki so it doesn't get lost and the rest of the scene can join in the fun?My tweet was quite specific, I said lv2 was dumped, lv2 is the so called GameOS. I also stated geohot was actually the one to figure out how to do it, which means it wasn't my work.
i respect you so much George, i mean, your the guy who got me my iPhone jailbroken.. tethered of course, but oh well
but i think you should document somethings or help guide people to where they should go next. i know you want to help people to learn how to hack the PS3 themselves so it doesnt end up like the iDevices with only a few people knowing how to hack it, but the quicker this gets done the better it'll be for everyone. the devs that are really interested in this stuff will take the time to read over all the findings and documentation when everything has settled down.
Who said Mathieulh has the loader stuff? I told him how I dumped the kernel...using a cold-boot attack. There you go, now the information is public.
Exactly. You need to document that in a Wiki so that everyone knows, not just Mathieulh... don't tell us to do it and then not do it yourself.
hyp·o·crite - a person who acts in contradiction to his or her stated beliefs or feelings.
You need to realize, each update you do the scene expects to be told how it was done, otherwise it's just useless bragging.
NZHawk honored your request and created a Wiki here: http://ps3hvdoc.wikispaces.com/
So go boy go, get to contributing your cold-boot attack info to it!