PS3/PSP private keys released.

codezer0

codezer0

Gaming keeps me sane
Member
Level 14
Joined
Jul 14, 2009
Messages
3,576
Trophies
2
Location
The Magic School Bus
XP
4,524
Country
United States
RupeeClock said:
Fireballo said:
I bet anything that Sony releases a new console next year.
Click to expand...
I don't think so, Sony is too proud of their "10 year plan" to be honest, even with this major set-back.
Click to expand...
Sony said the same thing about the PS1, but released the PS2 in five years as well, and you couldn't even buy any more ps1 stuff in stores after "year six" or seven of the PS1's lifecycle.
angry.gif
 
SifJar

SifJar

Not a pirate
Member
Level 7
Joined
Apr 4, 2009
Messages
6,022
Trophies
0
Website
Visit site
XP
1,175
Country
dragonking said:
*STUPID N00B QUESTION ALERT*
Isn't it possible that they make a new key and whitelist all old games?
Click to expand...
No. It has been suggested many times, but if they did this, then the new key would have to be included in an update, and that update would HAVE to be signed with the current keys, or else it wouldn't install on PS3s with current firmware. And because the current keys are well known, that update could be decrypted and the new keys found from it. Simple as that. Also, I think at least some of the keys (master key at least) is hardcoded into the PS3, but I'm not 100% sure on that part, haven't seen any reputable hacker stating that.
 
George Dawes

George Dawes

Wanker
Member
Level 1
Joined
Nov 11, 2009
Messages
687
Trophies
0
Location
your wife's corpus uteri
Website
www.indymedia.org.uk
XP
15
Country
Chad
codezer0 said:
Sony said the same thing about the PS1, but released the PS2 in five years as well, and you couldn't even buy any more ps1 stuff in stores after "year six" or seven of the PS1's lifecycle. :angry2:
Click to expand...
I don't remember sony ever saying that the PSX would have a ten year life cycle, but you could still buy PSX stuff in the UK in 2005, ten years after launch.
 
T

Teeko

New Member
Newbie
Level 1
Joined
Jan 8, 2011
Messages
2
Trophies
0
XP
1
Country
Canada
Link00y said:
I said it before, I say it again, a change of keys IS POSSIBLE and yes, it could be used to tighten up the security again. However, it is not trivial.

a) Add a second public key to the PS3.
b) Use the private key for the new public key to sign new games.
c) Create a checksum list of the headers of all old games - PSN games could be updated for the new keys I guess.
d) Once the checksum list is complete - remove the original public key.

The new public key would not allow exposal of the private key, if Sony did use a really random number to hide their private key. That system is used by the DSi, however, such a system is flawed as R4i and all other DSi flash cards show - they simulate the header of a known game, the DSi verifies the header and on load the header data is replaced with the actual flashcard header- at that time the DSi already accepted the flash card as valid! Something like that could happen on the PS3 then, so that would raise the security of the system again, however it makes exploits to the verification very possible!
Click to expand...


Well I think that's almost it. The best course of action for sony would be to release a second key for new games, and just let the old games die. What's lost is lost, and there's no feasible way to recover from this. Just save what you can.
 
MelodieOctavia

MelodieOctavia

Just your friendly neighborhood Transbian.
Former Staff
Level 15
Joined
Aug 29, 2008
Messages
6,258
Trophies
2
Age
39
Location
Hiatus Hell
Website
yourmom.com
XP
4,692
Country
Djibouti
Teeko said:
Link00y said:
I said it before, I say it again, a change of keys IS POSSIBLE and yes, it could be used to tighten up the security again. However, it is not trivial.

a) Add a second public key to the PS3.
b) Use the private key for the new public key to sign new games.
c) Create a checksum list of the headers of all old games - PSN games could be updated for the new keys I guess.
d) Once the checksum list is complete - remove the original public key.

The new public key would not allow exposal of the private key, if Sony did use a really random number to hide their private key. That system is used by the DSi, however, such a system is flawed as R4i and all other DSi flash cards show - they simulate the header of a known game, the DSi verifies the header and on load the header data is replaced with the actual flashcard header- at that time the DSi already accepted the flash card as valid! Something like that could happen on the PS3 then, so that would raise the security of the system again, however it makes exploits to the verification very possible!
Click to expand...


Well I think that's almost it. The best course of action for sony would be to release a second key for new games, and just let the old games die. What's lost is lost, and there's no feasible way to recover from this. Just save what you can.
Click to expand...


Well, this is like the fourth time its been said in this thread, but even if they make another key for future games, A) This means all previous games would be useless, B) Most likely not even an option since the keys are hardcoded into the hardware, and C) Even if it were possible, it would need to be through a firmware update, meaning it would need to be signed with the old keys, thus easily cracked and TADAA! The new keys are now public.
 
DigitalDeviant

DigitalDeviant

Well-Known Member
Member
Level 5
Joined
Feb 14, 2010
Messages
2,082
Trophies
1
Location
Solar Federation
Website
Visit site
XP
704
Country
United States
TwinRetro said:
Teeko said:
Link00y said:
I said it before, I say it again, a change of keys IS POSSIBLE and yes, it could be used to tighten up the security again. However, it is not trivial.

a) Add a second public key to the PS3.
b) Use the private key for the new public key to sign new games.
c) Create a checksum list of the headers of all old games - PSN games could be updated for the new keys I guess.
d) Once the checksum list is complete - remove the original public key.

The new public key would not allow exposal of the private key, if Sony did use a really random number to hide their private key. That system is used by the DSi, however, such a system is flawed as R4i and all other DSi flash cards show - they simulate the header of a known game, the DSi verifies the header and on load the header data is replaced with the actual flashcard header- at that time the DSi already accepted the flash card as valid! Something like that could happen on the PS3 then, so that would raise the security of the system again, however it makes exploits to the verification very possible!
Click to expand...


Well I think that's almost it. The best course of action for sony would be to release a second key for new games, and just let the old games die. What's lost is lost, and there's no feasible way to recover from this. Just save what you can.
Click to expand...


Well, this is like the fourth time its been said in this thread, but even if they make another key for future games, A) This means all previous games would be useless, B) Most likely not even an option since the keys are hardcoded into the hardware, and C) Even if it were possible, it would need to be through a firmware update, meaning it would need to be signed with the old keys, thus easily cracked and TADAA! The new keys are now public.
Click to expand...

they could make a whitelist for the old games.
 
MelodieOctavia

MelodieOctavia

Just your friendly neighborhood Transbian.
Former Staff
Level 15
Joined
Aug 29, 2008
Messages
6,258
Trophies
2
Age
39
Location
Hiatus Hell
Website
yourmom.com
XP
4,692
Country
Djibouti
DigitalDeviant said:
TwinRetro said:
Teeko said:
Link00y said:
I said it before, I say it again, a change of keys IS POSSIBLE and yes, it could be used to tighten up the security again. However, it is not trivial.

a) Add a second public key to the PS3.
b) Use the private key for the new public key to sign new games.
c) Create a checksum list of the headers of all old games - PSN games could be updated for the new keys I guess.
d) Once the checksum list is complete - remove the original public key.

The new public key would not allow exposal of the private key, if Sony did use a really random number to hide their private key. That system is used by the DSi, however, such a system is flawed as R4i and all other DSi flash cards show - they simulate the header of a known game, the DSi verifies the header and on load the header data is replaced with the actual flashcard header- at that time the DSi already accepted the flash card as valid! Something like that could happen on the PS3 then, so that would raise the security of the system again, however it makes exploits to the verification very possible!
Click to expand...


Well I think that's almost it. The best course of action for sony would be to release a second key for new games, and just let the old games die. What's lost is lost, and there's no feasible way to recover from this. Just save what you can.
Click to expand...


Well, this is like the fourth time its been said in this thread, but even if they make another key for future games, A) This means all previous games would be useless, B) Most likely not even an option since the keys are hardcoded into the hardware, and C) Even if it were possible, it would need to be through a firmware update, meaning it would need to be signed with the old keys, thus easily cracked and TADAA! The new keys are now public.
Click to expand...

they could make a whitelist for the old games.
Click to expand...
 
MarcusRaven

MarcusRaven

HBC Theme Maker
Member
Level 9
Joined
Feb 5, 2010
Messages
971
Trophies
1
Age
38
Location
N. Carolina
XP
1,597
Country
United States
I really think we need to stop speculating on what Sony could do to fix this. Hopeless or not, they could be drawing ideas from all this. We'd be stupid to thing that there isn't at least one member here who could potentially be from Sony. I know it may seem like a lost cause to them, but what if our ideas leads them to something that WORKS? Shut the doors right up. >.
 
T

Teeko

New Member
Newbie
Level 1
Joined
Jan 8, 2011
Messages
2
Trophies
0
XP
1
Country
Canada
TwinRetro said:
Teeko said:
Link00y said:
I said it before, I say it again, a change of keys IS POSSIBLE and yes, it could be used to tighten up the security again. However, it is not trivial.

a) Add a second public key to the PS3.
b) Use the private key for the new public key to sign new games.
c) Create a checksum list of the headers of all old games - PSN games could be updated for the new keys I guess.
d) Once the checksum list is complete - remove the original public key.

The new public key would not allow exposal of the private key, if Sony did use a really random number to hide their private key. That system is used by the DSi, however, such a system is flawed as R4i and all other DSi flash cards show - they simulate the header of a known game, the DSi verifies the header and on load the header data is replaced with the actual flashcard header- at that time the DSi already accepted the flash card as valid! Something like that could happen on the PS3 then, so that would raise the security of the system again, however it makes exploits to the verification very possible!
Click to expand...


Well I think that's almost it. The best course of action for sony would be to release a second key for new games, and just let the old games die. What's lost is lost, and there's no feasible way to recover from this. Just save what you can.
Click to expand...


Well, this is like the fourth time its been said in this thread, but even if they make another key for future games, A) This means all previous games would be useless, B) Most likely not even an option since the keys are hardcoded into the hardware, and C) Even if it were possible, it would need to be through a firmware update, meaning it would need to be signed with the old keys, thus easily cracked and TADAA! The new keys are now public.
Click to expand...

Ouch. Checkmate sony...
 
ProtoKun7

ProtoKun7

GBAtemp Time Lord Regenerations: 4
Former Staff
Level 8
Joined
Jan 3, 2009
Messages
7,525
Trophies
2
Location
Gallifrey
XP
1,361
Country
United Kingdom
Sony @ IGN article said:
"We are aware of this, and are currently looking into it[...]We will fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details."
Click to expand...
Given the way this works, it seems like Sonyspeak for "We actually have no idea how we're going to fix this."
 
codezer0

codezer0

Gaming keeps me sane
Member
Level 14
Joined
Jul 14, 2009
Messages
3,576
Trophies
2
Location
The Magic School Bus
XP
4,524
Country
United States
ProtoKun7 said:
Given the way this works, it seems like Sonyspeak for "We actually have no idea how we're going to fix this."
Click to expand...
Which isn't surprising, knowing how Sony actually does things.

This is the same company that gave us that ham-fisted music CD DRM that installed rootkits and the like. And Sony itself is no stranger to controversy over its heavy-handed methods toward "security."
mellow.gif
 
Joe88

Joe88

[λ]
Global Moderator
Level 18
Joined
Jan 6, 2008
Messages
12,736
Trophies
2
Age
36
XP
7,418
Country
United States
DasXero said:
How is "homebrew" of all things (Ex: viruses), a security issue? Total BS
Click to expand...
the "system security" has been breached on the system
they cant mention how they are going to fix it other then say they will release updates
if they did hackers would just use that information to their advantage
 
DarkMario616

DarkMario616

Well-Known Member
Member
Level 3
Joined
Mar 19, 2008
Messages
547
Trophies
0
Location
New York
XP
276
Country
United States
So has anything actually been released? Anything made yet for the PS3? I just see talk talk and more talk about Sony trying to prevent this and the key is released but I don't see any real information or programs.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Nintendo Switch firmware 18.0.0 has been released

GitLab has taken down the Suyu Nintendo Switch emulator

Atmosphere CFW for Switch updated to pre-release version 1.7.0, adds support for firmware 18.0.0

Wii U and 3DS online services shutting down today, but Pretendo is here to save the day

Denuvo unveils new technology "TraceMark" aimed to watermark and easily trace leaked games

GBAtemp Exclusive  Introducing tempBOT AI - your new virtual GBAtemp companion and aide (April Fools)

Pokemon fangame hosting website "Relic Castle" taken down by The Pokemon Company

MisterFPGA has been updated to include an official release for its Nintendo 64 core

General chit-chat
Help Users
    K3Nv2 @ K3Nv2: For real for real