So, if 3.60 and up keys are hacked, I wonder how long before Sony just changes them again? And if they do, how long before they can be found again? Meh, such is life in the cfw wars I suppose. lol.
Here is a follow-up from varicela on PS3 Dual NAND with a Fat 40GB console: elotrolado.net/hilo_la-dual-nand-fat40g-ya-es-una-realidad_1650176#p1725815463
To quote, roughly translated: After several tests trying to take the Fat out of nand console with poor results because of the long cable and data loss, I decided to approach the issue by putting the two Nand and activating of interest.
Here I leave a picture of the folded and functional flash1 a Sem001.
I hope he releases a tutorial soon, anyway does this method work on slim models, I think I read something somewhere that it won't work but a verification would be nice
Looking at those images and judging by the small number of wires connected to the switch... It seems as though he has disabled the on-board chip, hooked up both new NANDs to the same points and uses the aformentioned switch to switch between the two...
Quotes from Gehot and Fail0verflow may lead to something :
"The complete console is compromised - there is no recovery from this," said pytey, a member of the fail0verflow group of hackers, who revealed the initial exploit at the Chaos Communication Congress in Berlin in December.
Sony updated its consoles to block the software and took legal action against distributors in many countries.
However, according to pytey, it may not be so easy to fix the problem this time.
"The only way to fix this is to issue new hardware," he said. "Sony will have to accept this."
In the end, the flaw that allowed them to crack the system was a basic cryptographic error that allowed them to compute the private key, held by Sony, he said.
"Sony uses a private key, usually stored in a vault at the company's HQ, to mark firmware as valid and unmodified, and the PS3 only needs a public key to verify that the signature came from Sony.
"Applied correctly, it would take billions of years to derive the private key from the public key, or to make a signature without knowing the private key, even when you have all the computational power in the world at your disposal."
But the team found that Sony had made a "critical mistake" in how it implemented the security.
"The signing recipe requires that a random number be used as part of the calculation, with the caveat that that number must be truly random and not predictable in any way," the team said.
"However, Sony wrote their own signing software, which used a constant number for each signature."
This allowed the team to use "simple algebra" to uncover Sony's secret key, without access to it.
"This is supposed to be the most secret of secret of secrets - it's the Crown jewels," said pytey.
Using a similar technique he was able to extract the entire master key for the system, which he subsequently publish online along with a demonstration of it in action.
However, he has not released the method he used to extract the key.
Reply With Quote
PS3 Dual NAND Fat 40GB 
