True Blue dongle firmware v2.62 has been released.
Fixed a major game compatibility issue which will allow the release of several popular, previously incompatible titles
Improved system stability
Recently, EBOOT patches have slowed due to a compatibility issue which prevented recent games from running on 3.55 CFW. This issue has been resolved as of this firmware release, thus we strongly recommend that everyone update their True Blue dongles as soon as possible in anticipation of the upcoming batch of releases.
In related news, Corwin75 has updated True Blue Patch Viewer to V2.0.3 followed by V2.0.5 with the changes outlined below.
True Blue Issues Another Warning About TB PS3 Dongle Clone
Today True Blue has issued another warning about a TB PS3 dongle clone, as follows:
21 - 5 – 2012
A new clone has appeared (item.taobao.com/item.htm?id=13491601183) using a very similar external housing to that of True Blue. However, after removing the clone PCB from its exterior casing it becomes evident that there are a number of major differences:
Actel used is A3P125 instead of larger A3P250 used on True Blue.
Clone uses a cheap MCU and cheap dip type crystal in addition to cheaper Actel instead of full Actel integration in the original True Blue design
Clone has a tact switch which the original does not require, and switch can only be accessed by pulling PCB out of the case
Actel logic on clone is based on partial guess work of the original and will not function correctly in future updates
PCB circuit design is highly congested, with numerous visual differences evident, such as programming pads for the MCU and addiional resistors/caps
Please refer to the pictures shown below, to compare the original and clone.
A new software update will be made publicly available in the next few days which will allow users to differentiate original from clone by performing a firmware update.
True Blue dongle authenticity status displayed on PS3 XMB system information screen
Fixed yet another important game compatibility issue affecting recent 4.xx games
The authenticity status display can be used to determine if your True Blue dongle is either authentic or a clone.
For further details, see the information page. How do I know if I have a TB clone?
Q: How can I verify that my True Blue is authentic and not a clone?
A: Install True Blue dongle firmware v2.7 or later.
Then in the PS3 XMB, navigate to Settings -> System Settings -> System Information. Next to the "System Software" version will be information relating to your True Blue dongle. If your dongle is authentic then it will display something like "True Blue v2.7" (this will vary depending on the version of the dongle firmware you have installed).
If your dongle is a clone then it will display "True Blue CLONE" as shown in the following image:
True Blue PS3 JB2 Dongle New Security Packaging is Detailed
Below is an update on the True Blue PS3 JB2 Dongle new security packaging, as follows:
30 - 5 – 2012
New packaging for True Blue incorporating security measures and an updated picture identification reference for clones
Due to the recent emergence of clones we are introducing a new packaging system and a security sticker on the dongle itself to help ensure customers receive original True Blue dongles.
Firstly, a new blister pack with a label over the blister will be introduced, as shown below. This provides several measures for the user to identify if the True Blue device received is likely to be original.
Note the unique security patterns in silver which are difficult to counterfeit, due to the colour variations on the background colours, materials used and complexity of the pattern itself. If the label appears to be stretched or appears to have been used before, then careful attention should be paid to the security sticker on the dongle itself.
The security sticker adhered to the dongle itself (shown below), partially covering the cap will provide the user with an indication of whether or not the dongle has been tampered with before delivery. Therefore, if the portion of the sticker covering the dongle cap has been broken, then it is possible that the dongle may have been tampered with. If this is the case, please use the TrueBlue 2.7 firmware as a means to check the authenticity of the dongle.
If the word clone appears in the PS3 XMB where the TrueBlue 2.7 version number is stated, then you should contact your reseller for assistance. Security stickers are designed with a number of security considerations in mind and are very difficult to reproduce exactly. This will aid retailers and end users in determining whether the product received is an original.
Some original True Blue dongles are in the supply chain yet to be sold, which do not have the new packaging. If you receive a True Blue dongle without the new packaging, then simply use the True Blue 2.7 firmware to identify whether or not it is an original. Details can be found on the information page and inside the 2.7 firmware download package on the downloads page.
Finally, we are updating the picture references for users to identify whether their PCB is an original True Blue or a CLONE. We have released several revisions of the True Blue PCB’s which are shown below. The recent CLONE posing as True Blue in a similar casing is also shown below and referenced as CLONE. If you have received one of these clones instead of the original True Blue you ordered, then you should contact the retailer who you purchased it from for a refund.
Reversing TB (True Blue JB2 PS3 Dongle) Part 1: The VM by Naehrwert
Today PlayStation 3 developer Naehrwert has blogged (nwert.wordpress.com/2012/06/02/reversing-tb-part-1-the-vm/) on reversing the TB (True Blue JB2 PS3 Dongle) Part 1: The VM with details below, to quote:
Thanks to oct0xor (twitter.com/#!/oct0xor) we could get our hands on the decrypted TB payload (stage 2). Of course the first thing to do is to fire it up in IDA, our favourite tool of the trade. The entry code of the payload looks like this:
In the first loop it will relocate itself using 0x1337C0DE as an identifier for the upper 32 bits and rewrite that to the actual base. The disassembly above was already loaded using 0x1337C0DE00000000 as base. While scrolling through the data section at the end of the payload one quickly figures out that the RTOC is 0x1337C0DE00017E40.
As I was analyzing the code I found a sub that was basically just a really big switch with random looking case values. Once I reversed the sub at 0x1337C0DE00002578 and some of the following ones and analyzed their usage in the switch sub, I knew that I was looking at a fricking virtual machine.
Paranoid TB developers even used XOR-tables to obfuscate the VM instructions and data. The virtual machine is mostly stack based but the instructions let you work using registers too. The next thing to do is to reverse all the instructions and write a disassembler and emulator. Here (pastie.org/4015202) is some code to unscramble the embeded vm binary for further investigation. I’m going to write more about this topic in the future.
From shad__ on IRC for TB DRM dongle users: [Register or Login to view links]
[shad__] if it can help, you can play tb eboot without tb plugged in. Just, patch sys_sm_shutdown call in TB update pkg and unplugg Tb dongle then press x to exit.It will exit without reset lv1 and lv2.
[shad__] POC: [Register or Login to view links]
[shad__] Now you can share your dongle with your friends
[shad__] was ~firstname.lastname@example.org * New Now Know How
Also this weekend Team E3DIY claim that they have also managed to run all PlayStation 3 games on 3.55 PS3 CFW (similar to TB/JB2) but they will likely peddle another dongle to do it unfortunately instead of a free PS3 scene solution.
Finally from oct0xor (via twitter.com/#!/oct0xor):
This is good news. But at the same time ANOTHER frikking dongle is down right shameful. I mean whats the frikking point. arrgghhhhhh I know make more money by pirating from pirates. knowing still doesn't help.
Below is an update from wololo (via wololo.net/2012/06/06/ps3-more-dongles-info-decrypted-by-oct0xor/) dubbed PS3 - More dongles info decrypted by oct0xor (covered a few posts above), as follows:
PS3 hacker oct0xor, who was already behind the base work that led to initial reverse engineering of the True Blue dongle, just twitted that he can decrypt True Blue’s stage2, as well as critical information from other clone dongles.
I can decrypt TrueBlue Stage 2, Cobra EBOOT.BIN, ps3usercheat cheatlist.dat and lv2 stage 1 and 2, right on PC.
You really can call me “DongleBreaker” now Thanks to flat_z who was with me all along.
As I said earlier, the people behind True Blue are not amateurs in the hacking scene and could definitely leverage that type of information. Hackers like oct0xor are not fighting against “we don’t know about it until it’s too late” Sony, but against people who regularly check all scene websites, and take action.
I have no doubt that the next True Blue firmwares will change their encryption scheme, and if not, another “magical” dongle will pop up in the months to come, from another random company (the same people who made true blue, of course), with a completely different security system.
That is, unless PS3 hackers completely reverse engineer the system behind the True Blue dongle, in a way that Sony can finally understand how True Blue are able to patch 3.6+ games so easily, and hoping that future games will be protected against the True Blue patches. That would calm down piracy on the PS3, and people who don’t get it will claim that this could kill the PS3 scene.
following up on shad__'s excellent work on the modified true blue eboot, i repacked it as a installable pkg and also modified the text so it now reads remove the dongle and press x to return to the xmb. download link here: [Register or Login to view links]