SpecialAttack.net :: Finally worth getting a PS3?

I love my PS3 and I would never ever hack (or whatever you may call it) it.

Yes most games are too pricey and many games are crap. Just boycott them.

The thing that makes me laugh about the entire thing is that this has all come from one feature being removed.

[...]the brute-forcing of which is the sole reason people are developing quantum computers for.

also this took the "hacking community" a god dam long time considering so i guess sony did a good job on the security.

Don't forget your bandwidth im some games (E.G god of war 3) do use the ps3 disc storage so the file for them is around 32Gb.
also this took the "hacking community" a god dam long time considering so i guess sony did a good job on the security.

Ssshh Mini, I also posted without watching the videos!

Anyways, I think this news hasn't reached the big masses yet?
It's not that big of a fuss...yet.
Maybe you're just exaggerating on the problem Lim!

No really, I'm shure Sony will figure something out. They'll probably modify the hardware for future consoles et voilÃ .
Of course the older system can't be saved but that will limit the damage I guess.

On another note, those "hacker" guys deserve better jobs that sitting in a basement all day trying to breach CONSOLES security systems. They clearly have the potential for more ffs, do something with your life!

i think you all watch too many movies

No really, I'm shure Sony will figure something out. They'll probably modify the hardware for future consoles et voilÃ .

Quote:

No really, I'm shure Sony will figure something out. They'll probably modify the hardware for future consoles et voilÃ .

That won't work. Like I said - you can't do anything about the problem unless you want to lose backwards compatibility. The moment you retain backwards compatibility all efforts become useless since the hackers can pose as "old Sony game" with the key using ANY code whatsoever.

I don't see any issues downloading 30GB on our 120Mbit lines

Author:	Lim-Dul [ 04 Jan 2011, 12:04 ]
Post subject:	Finally worth getting a PS3?
http://www.eurogamer.net/articles/digit ... in-tatters http://www.geohot.com/ http://www.reddit.com/r/programming/com ... key_found/ One random seed. facepalm This is worse than our SpA security. :-P Their very thorough and friendly presentation - these guys are quite awesome. ^^

Author:	[SpA]Migu [ 04 Jan 2011, 12:23 ]
Post subject:	Re: Finally worth getting a PS3?
It has always been worth getting a PS3 Lim! Anyways, I can't be bothered to watch all these videos. All I can say is, even if it has been hacked I can't be arsed to download those huge gamefiles from the net. Plus the latest games Sony releases always make you require the latest firmware, so you can't play that game. Shure it's just a matter of time until that is fixed, but who knows how long those steps take. I don't even know if GT5 is playable on a modded system at the moment... Most importantly, you won't be able to play online which is huge. I for my part will continue buying games, because the games for the PS3 are awesome and deserve to be supported. I might watch those videos later though, because they are probably very interesting and informative.

Author:	Lim-Dul [ 04 Jan 2011, 12:32 ]
Post subject:	Re: Finally worth getting a PS3?
Dude - you don't get it. You really should watch the videos. You WILL be able to play online - the discovered private key makes it possible to re-sign games as if they came straight from Sony. It CAN'T be fixed - not with a firmware update, not ever, not unless you want to make all previously released and signed games of the past 4 years unplayable - they could make a whitelist for all titles ever released up until then but hackers could just release their own whitelist to override it on an unpatched console. Whatever Sony tries to do with PS3 security now hackers can circumvent by simply overriding Sony's efforts by... posing as Sony and putting in their own stuff. EVERYBODY in the world can sign things as Sony now and the results would be indistinguishable to the console. Sony's PRIVATE KEY was discovered. Private keys are the most preciously guarded possession wherever such signing is involved - most of the world's digital security relies on the fact that private keys are, well, kept private. ;-) This isn't some kind of "hack" as for the Wii or XBox360 - it's the possibility to replicate the exact procedure Sony uses to sign their products. It's like giving a person a root/administrator account on your computer with NO possibility of changing the password - in fact it's EXACTLY the same. The PS3 has hereby become the LEAST secure console of the trio. I'm not making stuff up here - it's a fact. P.S. So, you wouldn't download 8 GB or so and instead opt for paying $60-$80? Which takes like half an hour or less on a decent connection? Moral issues aside - saying "I can't be arsed" is just stupid - give the $60 to charity instead if it's only a matter of you being lazy. ;-)

Author:	[SpA]Voegelchen [ 04 Jan 2011, 12:37 ]
Post subject:	Re: Finally worth getting a PS3?
Oh yay endorse thiefery Lim! I love my PS3 and I would never ever hack (or whatever you may call it) it. The only thing I would do is put it into a silent HTPC case. If 60 Dollar/Euro/Whatever are too pricey for you rent or lend a game, buy it for cheap in the UK, buy it second hand locally or dont fucking game it at all. Jesus. Yes most games are too pricey and many games are crap. Just boycott them. Stealing someones work isn't the smartest move.

Author:	[SpA]Migu [ 04 Jan 2011, 12:39 ]
Post subject:	Re: Finally worth getting a PS3?
Alright, thanks for summing up the whole thing. Guess I should have watched the videos first. So I guess this is pretty huge then, we'll see how this will work out in future. I just know I won't do any of this stuff, but I'm curious how it works, so I'll definitely check the videos later.

SpecialAttack.net https://forum.specialattack.net/

Finally worth getting a PS3? https://forum.specialattack.net/viewtopic.php?t=9321	Page 1 of 2

Author:	Lim-Dul [ 04 Jan 2011, 12:42 ]
Post subject:	Re: Finally worth getting a PS3?
You don't need to hack anything - that's the best part. No one would even ever be able to tell your game isn't original. The thing that was "broken" isn't on the end-user's side. All pirate groups in the world are re-signing their releases with the now public private key. Download, run. All it takes - your BluRay will be the same as if it came straight from a Sony endorsed factory. ;-) Thievery aside - this isn't an issue of piracy, this is a HUGE security breach in Sony's system and actually one of the biggest security fuck-ups I can think of - it's a sign of someone's total idiocy. Using the SAME "random" number over and over again? This is just lulzy. It's not about people being able to run pirated games - it's about EVERYBODY IN THE WORLD now being able to pretend to be Sony for PS3's purposes. This is why, if you check Google news, every friggin' news outlet in the world is running the story at the moment while nobody would care if a hacker had released some new exploit or hacked firmware or whatever. This is huge, the BIGGEST failure in console security in history - not kidding. Public/Private key pairs are used for all sorts of things - for signing bank transactions for example - if a bank's private key was leaked everybody could make transactions posing as the given bank. They are used for digital signatures. If someone's private key was leaked another person could sign documents as the first one. The issue here being - in most other cases a new key pair would be generated and used henceforth - in the case of the PS3 no such thing can be done without fucking up all games ever released - any other solution will be pointless. Quote: I love my PS3 and I would never ever hack (or whatever you may call it) it. You don't need to do Jack shit with your PS3 - that's the funniest part. Quote: Yes most games are too pricey and many games are crap. Just boycott them. No, why? You can now download any game you ever want and treat is as the demo - you like it, you buy it. Previously you had to rely on true demos. Actually this is pretty much the procedure I use for PC games - if something is worth paying for I pay for it. Still, you don't get the SCOPE of the issue here. It's not about kiddies pirating games or hacking a console - it's about a company LOSING THEIR PRIVATE KEY without the possibility to generate a new key pair. If you ever had anything to do with cryptography at all you will realize what that means. ;-) You can friggin' take a picture of your naked ass, sign it with this key and claim it was Sony and nobody would be any wiser. :-D

Author:	[SpA]Scatterbrain [ 04 Jan 2011, 14:50 ]
Post subject:	Re: Finally worth getting a PS3?
wow. i read through that reddit article, and it sounds like they're well and truly fucked. they can't change anything without the master key, and because it appears to be hardcoded they can't change the master key itsself. anyone in posession of said unchangeable key is gonna look indistinguishable from a legit customer, regardless of whatever new fancy security stuff they put in; any fancy security stuff still answers to the master key... so because anyone and everyone has the master key, if they can't change that, then the ps3 if boned for good. this is actually some pretty big shit here... i'll watch those videos now, i guess

Author:	[SpA]SaintK [ 04 Jan 2011, 14:55 ]
Post subject:	Re: Finally worth getting a PS3?
Random question for people with knowledge on this stuff. Wouldn't it be better to use some sort of SSL certificates which can get re-issued in case security got breached? Or am I saying stupid stuff now?

Author:	[SpA]gibboss28 [ 04 Jan 2011, 15:31 ]
Post subject:	Re: Finally worth getting a PS3?
The thing that makes me laugh about the entire thing is that this has all come from one feature being removed.

Author:	[SpA]Minimoose! [ 04 Jan 2011, 15:57 ]
Post subject:	Re: Finally worth getting a PS3?
hilarious

Author:	Lim-Dul [ 04 Jan 2011, 16:24 ]
Post subject:	Re: Finally worth getting a PS3?
[SpA]gibboss28 wrote: The thing that makes me laugh about the entire thing is that this has all come from one feature being removed. Don't dare taking away Linux from Linux nerds - they will fuck you up. ;-) The thing is so easy and so retarded that it's a miracle it went unnoticed for 4 years. All hacks and mods and whatnot that were ever devised always concentrated on exploiting some bug or hardware feature to run UNSIGNED software on a console - since naturally nobody could SIGN illegal software using the top-secret private key, the brute-forcing of which is the sole reason people are developing quantum computers for. And yet some lazy ass programmer, most likely, didn't bother adding one tiny line to the key generation code that would make all the generated public keys use a random seed. ROFL. I guess there will be some seppuku in order for some guys over at Sony - or at least KarÅshi. ;-) It's like for years you've been trying to forge DaVinci's paintings to fool everybody and all of the sudden Sony came along and said, hey, why don't you take DaVinci instead? =)

Author:	ditch [ 04 Jan 2011, 16:35 ]
Post subject:	Re: Finally worth getting a PS3?
[SpA]Lim-Dul wrote: [...]the brute-forcing of which is the sole reason people are developing quantum computers for.

Author:	[SpA]Minimoose! [ 04 Jan 2011, 17:44 ]
Post subject:	Re: Finally worth getting a PS3?
It's probably the main reason that governments are funding it, but it's definitely not the sole reason to develop them

Author:	Lim-Dul [ 04 Jan 2011, 18:23 ]
Post subject:	Re: Finally worth getting a PS3?
It was supposed to be purposeful overexaggeration to illustrate the scope of the problem. ;-)

Page 1 of 2	All times are UTC+02:00
Powered by phpBB® Forum Software © phpBB Limited

Author:	DrMcMoist [ 04 Jan 2011, 19:44 ]
Post subject:	Re: Finally worth getting a PS3?
Think I'll buy a PS3 now.

Author:	computerhead [ 04 Jan 2011, 23:41 ]
Post subject:	Re: Finally worth getting a PS3?
Don't forget your bandwidth im some games (E.G god of war 3) do use the ps3 disc storage so the file for them is around 32Gb. also this took the "hacking community" a god dam long time considering so i guess sony did a good job on the security.

Author:	ditch [ 05 Jan 2011, 00:27 ]
Post subject:	Re: Finally worth getting a PS3?
computerhead wrote: also this took the "hacking community" a god dam long time considering so i guess sony did a good job on the security. as long as sony supported OtherOS nobody cared

Author:	[SpA]gibboss28 [ 05 Jan 2011, 00:33 ]
Post subject:	Re: Finally worth getting a PS3?
computerhead wrote: also this took the "hacking community" a god dam long time considering so i guess sony did a good job on the security. Didn't watch the videos, did you?

Author:	[SpA]Minimoose! [ 05 Jan 2011, 01:24 ]
Post subject:	Re: Finally worth getting a PS3?
computerhead wrote: Don't forget your bandwidth im some games (E.G god of war 3) do use the ps3 disc storage so the file for them is around 32Gb. also this took the "hacking community" a god dam long time considering so i guess sony did a good job on the security. "Read article or watch video ---> comment" - Timeline of most people.

Author:	[SpA]Migu [ 05 Jan 2011, 08:59 ]
Post subject:	Re: Finally worth getting a PS3?
Ssshh Mini, I also posted without watching the videos! Anyways, I think this news hasn't reached the big masses yet? It's not that big of a fuss...yet. Maybe you're just exaggerating on the problem Lim! No really, I'm shure Sony will figure something out. They'll probably modify the hardware for future consoles et voilÃ . Of course the older system can't be saved but that will limit the damage I guess. On another note, those "hacker" guys deserve better jobs that sitting in a basement all day trying to breach CONSOLES security systems. They clearly have the potential for more ffs, do something with your life!

Author:	DrMcMoist [ 05 Jan 2011, 12:25 ]
Post subject:	Re: Finally worth getting a PS3?
Some people just want to watch the World burn, Migu.

Author:	[SpA]Minimoose! [ 05 Jan 2011, 13:09 ]
Post subject:	Re: Finally worth getting a PS3?
[SpA]Migu wrote: Ssshh Mini, I also posted without watching the videos! Anyways, I think this news hasn't reached the big masses yet? It's not that big of a fuss...yet. Maybe you're just exaggerating on the problem Lim! No really, I'm shure Sony will figure something out. They'll probably modify the hardware for future consoles et voilÃ . Of course the older system can't be saved but that will limit the damage I guess. On another note, those "hacker" guys deserve better jobs that sitting in a basement all day trying to breach CONSOLES security systems. They clearly have the potential for more ffs, do something with your life! They will probably get employed to make console security better, or they will refuse job offers and keep surviving on pot noodles.

Author:	ditch [ 05 Jan 2011, 13:34 ]
Post subject:	Re: Finally worth getting a PS3?
i think you all watch too many movies

Author:	ProtectMyBalls [ 05 Jan 2011, 14:43 ]
Post subject:	Re: Finally worth getting a PS3?
ditch wrote: i think you all watch too many movies like, from the back of a Volkswagen?

Author:	Lim-Dul [ 05 Jan 2011, 15:03 ]
Post subject:	Re: Finally worth getting a PS3?
Quote: No really, I'm shure Sony will figure something out. They'll probably modify the hardware for future consoles et voilÃ . That won't work. Like I said - you can't do anything about the problem unless you want to lose backwards compatibility. The moment you retain backwards compatibility all efforts become useless since the hackers can pose as "old Sony game" with the key using ANY code whatsoever.

Author:	[SpA]Migu [ 05 Jan 2011, 15:19 ]
Post subject:	Re: Finally worth getting a PS3?
[SpA]Lim-Dul wrote: Quote: No really, I'm shure Sony will figure something out. They'll probably modify the hardware for future consoles et voilÃ . That won't work. Like I said - you can't do anything about the problem unless you want to lose backwards compatibility. The moment you retain backwards compatibility all efforts become useless since the hackers can pose as "old Sony game" with the key using ANY code whatsoever. I've read somewhere doublecoding could work...Anyways, I don't have much knowledge about this so I don't really know. We'll see how this will work in the future. As far as I know Sony has not made a statement yet (they did not even make a statement with the recent jailbreak stuff if I remember correctly) and I haven't read that much about it on other sites. Let's wait & see!

Author:	[SpA]Minimoose! [ 05 Jan 2011, 15:32 ]
Post subject:	Re: Finally worth getting a PS3?
Personally, I wouldn't go through the effort of downloading a 30gb game anyway and I don't like gamepads. So that means that even this won't move me towards getting a PS3 or any console (my trusty n64/xbox/gamecube/gameboy collection will do me fine, although I never play any of them).

Author:	[SpA]SaintK [ 05 Jan 2011, 15:48 ]
Post subject:	Re: Finally worth getting a PS3?
I don't see any issues downloading 30GB on our 120Mbit lines

Author:	Lim-Dul [ 05 Jan 2011, 15:54 ]
Post subject:	Re: Finally worth getting a PS3?
And a 1+ TB HDD to keep the games somewhere costs about the same as ONE PS3 game, just for reference. =)

Author:	[SpA]Minimoose! [ 05 Jan 2011, 16:56 ]
Post subject:	Re: Finally worth getting a PS3?
[SpA]SaintK wrote: I don't see any issues downloading 30GB on our 120Mbit lines divide that by 40 At uni we have nice speeds but then we have a 5gb limit per 24 hours ;[