What's new

Discussion Why the PS3 can't be hacked

  • Thread starter Carson
  • Start date
  • Views 29,903
S

Spiidey

Enthusiast
Messages
11
Reaction score
29
Points
60
Sin$
7
Tell me, how does swappable hard-drives have anything to do with encryption? Just because you can change drives, or swap for a larger one does not mean that it is not encrypted. In fact, all it means that multiple drives are supported, meaning an encryption that can be supported across all drives. The encryption is console-specific, meaning a drive can only be used on that console (and also because only that console has the right keys); not the other way around, which what you said means that the console is drive-specific.

Actually, the argument wasn't that crypto wasn't loaded onto the drive after insertion. The argument was that the hard drives very own firmware wasn't encrypted, and that the internal drive itself is swappable. If it was encrypted (some of you may remember having to break your original hard drive's protection on the original xbox and duping it onto your new hdd), you wouldn't be able to swap out the disk (without breaking encryption), period. The fact remains that if there was crypto on the hdd (thereby making it console-specific) it would not be possible to swap it out for a fresh 320 gig drive. Go check Wal-Mart dude. They got the kits on the shelf.

As for the rest of your stuff, nice work on explaination. However if you know so much about these "test points" on the PS3, just how much they can offer, and all that is needed to read them, then why not show people how to do so?

I myself am not a hardware hacker. I don't like to break my expensive stuff in efforts to support the cause, nor do I know nearly enough about PCBs, traces, capacitors, transistors, etc. to successfully identify and fully utilize said test points. That's what we have techs for! And this is why I don't show people how to do it.

That said, and given that hardware modchips are available, AND that Sony has to test 'dead' mobos (under their warranty contract), these are reasonable, plausible explanations that these test points exist. Again, I am not a hardware hacker, and haven't installed modchips, but a simple google search for something such as "PS3 motherboard test points" should bring you some good hits. As a matter of fact, modchips use these test points in order to bypass the built-in security on these systems. It has also been a proven method of bypassing security measures in other instances, such as the Nintendo DS by shorting these test points with tin foil or solder.

...Recommended bit count for RSA keys in any commercial application lasting past the year 2010 is 2048 bits. Quite luckily, Sony opted in for this keysize. However no CRAY network of any size will be able to crack such a key in any *decent* amount of time.

I stand by the fact that 1024 bit RSA keys have been cracked, and, as proven historically and mathematically, all encryption can be broken. As for the network of CRAYs - I can certainly guarantee far beyond a shadow of a doubt, that these machines, processing twelve teraflops per unit [1] would hardly have a hard time running through 2048 bits in a
*decent* amount of time
.

Sure it is possible then (by your explaination) to debug the seventh cell, but this leads to nothing.

In debugging the seventh cell and discovering it's functions and processes would, eventually lead to an exploit of some sort. While the seventh cell is (presently) impregnable, it is not impossible to remove it from the cluster, thereby nullifying it's processes, functions and uses (and of course, potentially bricking your PS3), which may lead to custom firmwares, homebrew and anything else imaginable running on the PS3. Up to and potentially including using the BD ROM drive and built-in security measures to crack the disc, and extract the contents.

On a final note, I give you props for proper spelling, punctuation use and challenging me. I love a challenge. So thank you.

And, it would just be d!ckish of me to not acknowledge you, SiK GambleR! Thanks :wink:

Greetz,

Spiidey
- Developer - Modder - Hacker - Human -

Follow up to my last:

Forgot my footnote: [1] http://www.cray.com/Assets/PDF/products/xt/CrayXT5Brochure.pdf - Cray's XT5 brochure, pp 4, 5
 
N

nickcas

Getting There
Messages
1,681
Reaction score
877
Points
260
Sin$
7
Spiidey said:
In debugging the seventh cell and discovering it's functions and processes would, eventually lead to an exploit of some sort. While the seventh cell is (presently) impregnable, it is not impossible to remove it from the cluster, thereby nullifying it's processes, functions and uses (and of course, potentially bricking your PS3), which may lead to custom firmwares, homebrew and anything else imaginable running on the PS3. Up to and potentially including using the BD ROM drive and built-in security measures to crack the disc, and extract the contents.

This is the only part of your post I'm having trouble understanding. Every aspect of the Xbox 360 kernel has been reversed completely, and there hasn't been an exploit in years. (As Haxalot said.)

The part I'm having trouble understanding is where you say:

"While the seventh cell is (presently) impregnable, it is not impossible to remove it from the cluster, thereby nullifying it's processes, functions and uses"

How do you plan on editing the contents in the 7th cell? Wouldn't these contents be signed/encrypted, which would prevent editing? Or am I missing something?


Good post, by the way.
 
S

Spiidey

Enthusiast
Messages
11
Reaction score
29
Points
60
Sin$
7
My best guess at sneaking around the seventh cell is as good as yours, my friend. All I know is that unless somebody or some group comes up with either the funds for super-ultra-megacomputers, the source code directly from Sony, or finds a way to exploit the cell, that there won't likely be a software way to do this for a long time, if at all. Quite honestly, I don't know how many groups are presently working on this project, what their aims are, and what achievements they're making, so it's hard to gauge just how far off we are from seeing this come to fruition.

Hardware-wise, though, I suppose there could be numerous ways to beetle around it, like lasering it, rerouting traces on the PCB, or hell, maybe even shorting those test points like on the DS would give free reign to the firmware, which in itself may have some reprogrammability directly to or around the cell.

Again, I'll say it (mostly because I can lol) - I'm not a hardware hacker, and don't have a lot of hands-on experience with boards and all that. I'm mostly a network and software guy, smashing stacks and sniffing packets wherever I can find 'em. (I do, however, conform to local laws. I don't like it when RCMP show up at my doorstep. Unless they're delivering a cup of coffee and maybe some candy!)

The concept behind dodging the seventh cell is to be able to take it's processes away to defeat security in order to execute an exploit (or unsigned/homebrew code, as the case may be).

In any case, it hasn't been done yet. Probably attempted, and most likely failed, as I haven't seen anything yet. I'm staying on top of this stuff, because I would _love_ to have a kickass linux box that uses six cores. MD5 Hashes in seconds!

Word!
 
Haxalot88

Haxalot88

VIP
VIP
Messages
7,970
Reaction score
2,668
Points
590
Sin$
0
Spiidey said:
I stand by the fact that 1024 bit RSA keys have been cracked, and, as proven historically and mathematically, all encryption can be broken. As for the network of CRAYs - I can certainly guarantee far beyond a shadow of a doubt, that these machines, processing twelve teraflops per unit [1] would hardly have a hard time running through 2048 bits in a .

Two things:

first: RSA 1024 has not been broken. The closest so far is 1023, but that was using a very special number which made factoring it much easier.

second: yes, I am familiar with the power of the XT5's. Let's break this down, shall we? A single CRAY processing at 12 Teraflops per second would make approximately 183251937962 attemps per second (this is assuming a main processing loop of 72 cycles which is ample for cracking RSA. Now, to factor such a number would require 1.1388271713595239951873265061249e+613 attempts (the approximate number of primes below the square root of such a number), which would results in around 1.9706188709789530410081965024108e+594 years for a single CRAY machine to crack such a large number.
Now I specifically list out possible primes for a reason. The FASTEST method for cracking RSA is factoring, and this involves testing out each prime number under sqrt(n) until it divides out evenly (aka given x as your prime, if((n % x) == 0)). So unless there is some major vulnerability or flaw, RSA-2048 is still not feasible. It's not based around your idea that anything can be cracked, but rather by mathematical proof. No matter how powerful a computer, you cannot do it (unless you had a quantum computer in which there is an algorithm that can do it in a short period of time).
 
S

Spiidey

Enthusiast
Messages
11
Reaction score
29
Points
60
Sin$
7
Jebus! You ACTUALLY did the math? Eff that. I'm not touching math with even the biggest of poles. Props for that.

As for the 1024 RSA - I misspoke/misread when I stated that it had been broken. Close! But no cigar. Yet.

And so, since I'm feeling lazy (I got home from work 5 hours ago and still haven't fully changed out of my combats), and really dislike doing math, I humbly step down from the plate on RSA encryption. Not to say that there isn't a way to avoid that module altogether, but I'm not going to be a retard about it either and argue in hope for alien spacecraft that cracks 4096 in microseconds.

You da man, leetness.
 
C

Carson

Retired
Retired
Messages
7,370
Reaction score
2,571
Points
755
Sin$
7
Spiidey, I have to say, you seem like one very smart guy. I'm kinda jealous of your knowledge. But the thing is, I can't argue back with you because all I did was copy and paste this article. I didn't cite any source, because I found it on another site which also had copied and pasted it with no source. So yeah, I didn't write this man. But I'd definitely send that to the writer if I were you.
 
S

Spiidey

Enthusiast
Messages
11
Reaction score
29
Points
60
Sin$
7
Ah. Well, now I feel like an a$$ for 'calling [you] out' lol! Cite your sources, man!

I think we should all be friends. As you see, I've been on here a day now, and apparently, have made a splash... but still I haz no friends.

Is it because I don't have my 360 Elite anymore? Cuz I'm thinking of getting another one! I just have to justify buying another console for which most titles come out on PS3 as well. And then there's the XBOX Live Gold subscription fee. I quit WoW over fees - I didn't play enough. To add to that, I've only got the one HDTV, and my girlfriend has taken a liking to playing her TV Shows on it... I really only get it when she's sleeping or working on my days off... women, eh?
 
Haxalot88

Haxalot88

VIP
VIP
Messages
7,970
Reaction score
2,668
Points
590
Sin$
0
It's not because for any reason, this isn't the type of crowd where people can make friends in 15 minutes that's all :wink: however you shouldn't have too much of a problem here. People who know their **** tend to be popular around here.
 
S

Spiidey

Enthusiast
Messages
11
Reaction score
29
Points
60
Sin$
7
Well, I guess I'll just have to stick around long enough to find out just how much **** I know then, eh?! hahahahaha
 
SiK GambleR

SiK GambleR

VIP
VIP
Retired
Messages
9,623
Reaction score
1,566
Points
695
Sin$
0
Spiidey said:
I think we should all be friends. As you see, I've been on here a day now, and apparently, have made a splash... but still I haz no friends.
id be delighted to be your friend man. drop me a msg on aim sometime. sik gambler is my aim
 
N

nickcas

Getting There
Messages
1,681
Reaction score
877
Points
260
Sin$
7
Spiidey said:
In any case, it hasn't been done yet. Probably attempted, and most likely failed, as I haven't seen anything yet. I'm staying on top of this stuff, because I would _love_ to have a kickass linux box that uses six cores. MD5 Hashes in seconds!

Word!

Yeah, I'd buy a PS3 if it got hacked. Six cores is serious ****, haha.
 
A

arian487

Newbie
Messages
1
Reaction score
0
Points
35
Sin$
0
After reading everything posted here, I thought I had to post. Let me start by saying, VERY informative article. I myself am a programmer but I've never hacked anything, nor do I know the first thing about doing so.

However, I own a PS3, and by all meanings of the term, it is hacked. Don't ask me how, I have no idea. I visited Iran recently and it was done there, I ended up buying games for 7 bucks there and I bought a whole crap load. Real games still work, Blu Ray still works, I can still play online and on PSN. It all works. I do know for sure that its not a soft mod, it's a hard mod. Past that, I have no idea how the hell it was done.

Maybe this article was only referring to soft mods? Also, it is my knowledge that you can also mod it in such a way that games can be put on the hard drive on played from there. My cousins back in Iran were telling me this is possible and the hackers have a whole repository where they share games with people to throw on their drives. I wish I had more info...but I don't.
 
X

Complex360

Enthusiast
Messages
397
Reaction score
59
Points
85
Sin$
0
Wel, I do believe it's a matter of time, games have already been ripped and it's just a matter of time till we can play them.
 
W

War Kid

Enthusiast
Messages
48
Reaction score
2
Points
55
Sin$
0
So, can the PS3 get viruses from surfing the internet? Say you watch p0rn0 on it. Would it get viruses from that like a PC would?
I DO NOT watch p0rn0 on my PS3. End of story.

Sorry for the doube post. I also DO NOT watch p0rn0 on my PC. I do not look at any kind of that stuff.
 
U

unknown v2

VIP
VIP
Messages
3,217
Reaction score
1,294
Points
450
Sin$
0
War Kid said:
So, can the PS3 get viruses from surfing the internet? Say you watch p0rn0 on it. Would it get viruses from that like a PC would?
I DO NOT watch p0rn0 on my PS3. End of story.

Sorry for the doube post. I also DO NOT watch p0rn0 on my PC. I do not look at any kind of that stuff.

I think today would be great to start watching some then.
 
K

kneppy09

Newbie
Messages
10
Reaction score
1
Points
45
Sin$
0
If the PS3 were ever hacked it would definately probably be a sweet system.. fun..think full linux controll with the rsx , playing computer games, get something like xbmc on it and blue ray it would be the ultimate system
 
S

Spiidey

Enthusiast
Messages
11
Reaction score
29
Points
60
Sin$
7
So, can the PS3 get viruses from surfing the internet? Say you watch p0rn0 on it. Would it get viruses from that like a PC would?
I DO NOT watch p0rn0 on my PS3. End of story.

Naw. There aren't any viruses for XMB around man.

and maybe unknown v2 had it right! There's nothin wrong with a little pr0n! Hell, my gf watches with me! So go ahead and download all you want from your PS3 browser.

And don't forget! The PS3 reads DVDs, BD-Disc and Avi's off a USB Drive!

@ Kneppy:
fun..think full linux controll with the rsx
Whooaa! Linux? Mac OSX would be t3h r0x0rz! haha!

And yes, I'm still alive.
 
O

ODST Liger

Newbie
Messages
27
Reaction score
1
Points
45
Sin$
7
Top Bottom
Login
Register