Originally Posted by DuckieHo
... please, please, please go back and read.
1) The same constant is used to generate every key. The same constant is NOT in the every key. This is a major difference. Every key is different.
Here is an simplified
example of the process of key generation and what happened:
I give you the number 2310 and say this is the signature to a piece of offical software. From what you said, it seems like you think every 4-digit signature contains the number "3" but it doesn't.
Then I ask you how to determine how I came up with that number. Would you be able to do it?
How about if you know part of the keys are 7, 3, and 11?
7 * 3 * 11 * X * Y = 2310
Would you be able to determine how 2310 was generated?
How about if I said X = 5? (This is where Sony messed up.)
Would you be able to solve for Y now?
Now do the same thing but:
1) the signature is 128-bits long
2) every type of mathematical operation can be used
3) multiple steps of operations can be used
Solving this is NOT trivial. If you think coming up with this crack is simple, you should apply for the NSA as they would make you their top cracker instantly. You should also go around to universities and tell hundreds of mathematicans and computer scientists that they are wasting their lives because you are smarter than them. Decryption is obsecenly hard..... if it wasn't, it wouldn't work.
I am trying to educate you and explain that you do not have enough understanding of the topic to judge others. I can't simplify it any lower.... really. If is beyond your understanding of cryptology, so be it. [Disclaimer: I have taken only about 10 formal class hours on the topic but I do outside reading and have a computer forensic friend.]
Who's talking about a console? I'm talking about computer science.
Here's your problem:
You continually ignore 3/4 of what I'm saying, all of which is true and unarguable and is my MAIN POINT
, just to sit here and poke at a single sentence where I don't droll on about the EXACT details of how they cracked it. I was speaking generically when I said "The same constant is in the every key." I could've sat here and re-explained the entire thing that they said in the video of the conference about the entire equation, posted photos of it, and what not - I just said that in general. The equation that they used, and figured out that creates the signature keys that Sony uses happens to have the 1 number that is supposed to be random but isn't. You said yourself before it was a constant. I used that term to humor you because I'm not going to sit here and rexplained with another 3 paragraphs what has already been mentioned 20 damn times over again.
You don't need to "educate" me on how hard decryption can be to solve.
I already told YOU, YOU AND YOU SPECIFICALLY, that obviously I'm not the one sitting behind a computer screen doing what they're doing myself. That is irrelevant to the point that I'm making, yet you still droll on about it and ignore everything else I'm saying. It's a waste of breathe. I'm having deja vu from Vhati here.
Originally Posted by xentrox
Omega, I agree with you here man. This is definitely both a lose and a win on SONY's part because it allowed them to be in complete control of their product for nearly 5 years. This meant that nobody could lay their hands on their code and in the run down of things, you had to buy what SONY sold you. There was no other alternative.
Thank you! Good lord someone actually read my post.
Developers loved a system like that, it was stable, secure and profiting. Which is why the PS3 stayed alive despite of the slow crawl in game development. People were not able to pirate the games, they were forced to buy the content.
Now how this was done, or how long it took doesn't really matter anymore. The device is going to enter a new stage just like the XBOX 360 did at the time the JTAG hack was published. I own a JTAG'd X360 and I use it as a Media Center (I don't play the games, I'm a PC gamer). SONY is going to have to deal with this very carefully or they will risk losing chunks of Market share.
Maybe its time for a new generation?
Exactly, now it's a problem for Sony. But they still got away with 4 years of having the only platform with 0 custom software and 0 piracy until a few months ago (which they axed), and now the big boo boo here.
Originally Posted by Brutuz
And as has been said, the people hacking to get full control of the console was relatively small before OtherOS was removed...Yes, there were people hacking, they hacked to gain control of the RSX in OtherOS and quite a few didn't really hack to gain control of the firmware/to enable game backing up, this has been said.
Yes, there was effort to hack it...But that effort was concentrated in other areas, it's like saying "This new racing car sucks because it isn't comfortable to sit in, but they've just installed new seats that should be more comfy" Yes, that may be true...But its because efforts were concentrated elsewhere until recently.
I see what you're saying and I agree. The removal of OtherOS more or less forced people, and created new people, to look elsewhere for holes because everyone thought that OtherOS was the big weak spot other than something like signature keys. I don't doubt that the removal of OtherOS created a more powerful effort BUT: like I've been trying to say this entire time, the fact remains that Sony has gotten away with 4 years of piracy and homebrew-free sales. The PS3 has been what Nintendo and Microsoft have been trying to achieve since this turn of the generation if you will. Sony had it right until now, and everyone is simply throwing crap at them - COMPLETELY disregarding this - because it is
a stupid mistake or "epic fail".
This has busted the PS3 more open than say, Linux or GNU, the 360, PSP, PS2, etc all pretty much had an exploit found in older hardware that was then used to replace files to make more exploits to then make it open...This means that the PS3 will always be crackable too, Sony would have to potentially break a lot of games, files, etc to fix it.
It's the same as Sandy Bridge vs Nehalem, the performance increase isn't massive due to Intel concentrating more on bringing the rest of the platform up to scratch. (Eg. The IGP, boards, etc)
I know this and I've, like everything else, restated all of this 30 times over.
Yes but the effectiveness of the hole is irrelevant to what I'm saying. One person here has understood my post so far it seems.
I said something similar in one of my posts 2 pages back or so:
The security hole that would enable homebrew effectively that people were trying to find since the console launched in November 2006 was more or less never found until now 4 years later. It just happens to be
that the one hole that they've found is a MASSIVE hole. A stupid hole. Regardless, it still took them all this time.
And before Duckie nitpicks this ONE paragraph from post because I said
"The security hole that would enable homebrew effective that people were trying to find since the console launched"
And tries to go off on a tangent about how the decryption stuff that was found isn't what people were looking for. "You didn't state that which would be OK, you stated THIS," as he previously mentioned.
That's not what I'm saying. I'm talking generically
which he needs to learn the meaning to. They were looking for A hole. Not this hole SPECIFICALLY - A hole. Some kind of hole. ANY hole that they could exploit.Edited by OmegaNemesis28 - 1/7/11 at 9:56am