63w ago - Recently a Northern California district court sided with Sony (PDF) on their TOS change requiring disputes to be resolved through arbitration, while LulzSec hacker Cody Kretsinger pleaded guilty to one count each of conspiracy and unauthorized impairment of a protected computer.

To quote from TechDirt.com (linked above): "Some folks were not at all happy about this and sought to file a class action lawsuit against Sony for the change -- but that lawsuit has been (pretty quickly) rejected by the court, suggesting that the main guy suing failed to show evidence of any harm.

In an interesting move, the court found that the fact that you lost access to the network if you didn't agree to the new terms isn't evidence of any harm, but rather a choice."

Also from TheVerge.com on the LulzSec Sony Pictures Entertainment hacking last year,...

72w ago - Following up on his status update for the PS3 4.0 Homebrew Enabler (HEN), today Sony PlayStation 3 hacker KaKaRoToKS has explained how the ECDSA algorithm works.

To quote: To popular demand, I have decided to try and explain how the ECDSA algorithm works. I've been struggling a bit to understand it properly and while I found a lot of documentation about it, I haven't really found any "ECDSA for newbies" anywhere.

So I thought it would be good to explain in simple terms how it works so others can learn from my research. I have found some websites that explain the basic principles but nowhere near enough to actually understand it, others that explains things without any basics, making it incomprehensible, and others that go way too deep into the the mathematics behind it.

ECDSA stands for "Elliptic Curve Digital Signature Algorithm", it's used to create a digital signature of data (a file for example) in order to allow you to verify its authenticity without compromising its security. Think of it like a real signature, you can recognize someone's signature, but you can't forge it without others knowing.

The ECDSA algorithm is basically all about mathematics.....

74w ago - Since reporting on his last flaw uncovered, PlayStation Vita hacker SKFU has found a few new vulnerabilities in Sony's PS Vita handheld gaming system.

To quote via wololo: Few hours ago, developer SKFU (known for his work on the PS3, but also recently for some investigations on the Vita security) posted a screenshot of his Vita showing some HTML in what is supposed to usually show official messages from Sony’s updates or packages.

Knowing SKFU's passion for everything network-related, I'm assuming he's doing some tests using some local DNS changes... or maybe he managed to put some of his own files in an official package? That would be exciting.

In previous tweets this week, he mentioned he found 2 potentially usable vulnerabilities on the Vita

VITA is back to life, since last tweet found 2 new possibile vulnerabilities. If it runs good, news in blog this evening!

That was, however, 2 days ago, and his blog wasn’t updated since then, so I’m assuming he ran into a few issues. (the “back to life” comment refers to the official...

79w ago - Following up on the PS Vita 1.50 Firmware announcement comes news this weekend from PlayStation Vita hacker SKFU who has confirmed the PS Vita PKG AES Key has changed.

To quote from his blog: I just got my tried to unpack the Twitter application for PS VITA and sadly I have to say that the AES key for PKG encryption and decryption changed.

The PKG's I used for my testings were pretty old and the key update was expected. Nevertheless it's a bit disappointing but a new nice challange

The PS3 can decrypt the new packages on firmware 4.00 which contains the new PS VITA PKG AES key for the PS3 <--> PS VITA content exchange feature. This means we can decrypt and get the content of the PS VITA PKG files via a 4.00 PS3. Sadly there's no solution to re-encrypt it again, yet.

Let the games begin! (again...)

- SKFU

80w ago - Following up on the previous article and update for the 3.73 JailBreak, today Sony PlayStation 3 Hacker KaKaRoToKS has confirmed it is safe to update to PS3 Firmware 4.00 for those planning to use the exploit when it is released.

Below are some recent Tweets from him, as follows:

FYI, tested yesterday and the jailbreak still works on 4.0 so it's safe to upgrade (for those on 3.73)

Just got my progskeet today. Thanks uf6667 for sending it! It's so small!

Not much new to go on at the moment, but keep in mind the upcoming PlayStation 3 exploit will not enable PS3 backup managers such as multiMAN or Rogero as it does not include support for modifying Peek and Poke for lv1 and lv2 as outlined in the FAQ...