Do the debug PS3 have kernel access? Can the flags be changed by the PS3 itself? Does it has crypto processor like the PSP? If so is it just trying to figure out the correct command?
To be honest, at first we thought we were wrong, but it turned out- that wasn't the case! Most of the differences in configuration are done essentially via flags.
Now, we can't change these flags yet for two reasons. First off, the few we know about are encrypted and can't be changed without resigning the EID... which is a ways off. Secondly, we have yet to find them all to date, but it's being worked on!
If I understood correctly, these flags are stored inside the nand. So, the question is what program (or chip) verifies the signature of EID ? By the way, what is EID exactly? I mean, what hardware-specific information it contains? Since if we can change this hardware-specific information of retail ps3 to that of debug ps3 and correct EID accordingly, then we are done.
Do the debug PS3 have kernel access? Can the flags be changed by the PS3 itself? Does it has crypto processor like the PSP? If so is it just trying to figure out the correct command?
Not direct access to it, at least not yet
The flags can be changed by the PS3, and it does have crypto logic. The issue is gaining the proper permissions, then getting the correct command(s).
Originally Posted by amirel
If I understood correctly, these flags are stored inside the nand. So, the question is what program (or chip) verifies the signature of EID ? By the way, what is EID exactly? I mean, what hardware-specific information it contains? Since if we can change this hardware-specific information of retail ps3 to that of debug ps3 and correct EID accordingly, then we are done.
It's the chain of trust, each level verifies the next. It contains HW specific information like Region Assignment, crypto keys, etc.
Yes, if we could change it, we are set. But for the moment it seems that the only way to change it would be to use the PS3 itself (due to per box issues), which we can't do yet since we can not run unsigned code on a retail system- yet!
My PS3 is still sitting there collecting dust with a FW 1.5. I am a total newbie, I'd love to get involved, but there is probably nothing I can do with my zero knowledge of all this. So, keep up the good work, guys!
It's the chain of trust, each level verifies the next. It contains HW specific information like Region Assignment, crypto keys, etc.
Yes, if we could change it, we are set. But for the moment it seems that the only way to change it would be to use the PS3 itself (due to per box issues), which we can't do yet since we can not run unsigned code on a retail system- yet!
The question was not about circumventing the crypto basis of the chain of trust --- this is next to impossible. I just asked if we can force the hardware to report fake info to be involved in the chain of trust.
Sorry for my bad English --- maybe I really said something strange in the previous post.
This is all very interesting to read about. I am very impressed with the effort that is going into opening up the PS3. Kudos to Sony for engineering such a strong system and providing such a good challange. I would have been happier if they had made the PS3 Region free for Blu-Ray's and DVD's though. Anyhow keep up the great work guys and let's hope all us plebs get a great christmas present in the form of custom firmware
Reply With Quote
Originally Posted by CJPC 
