Thread Status:
Not open for further replies.
  1. DarkShinigami

    DarkShinigami #1 strongest Shinigami BANKAI
    Member

    Joined:
    Sep 12, 2009
    Messages:
    1,902
    Country:
    United States
    well i for one hope the 3ds is closer to being hack but i want it hacked to get arround the region locked

    once that happens i will buy the 3ds project diva game in a heartbeat
     
  2. AdnanMuhammed

    AdnanMuhammed Newbie
    Newcomer

    Joined:
    Mar 24, 2012
    Messages:
    7
    ....so we gonna get youtube and flash soon? also maybe some sort of messenger/voice chat homebrew? Cause I'd rather have that over free games.
     
    1 person likes this.
  3. Slowking

    Slowking GBAtemp Maniac
    Member

    Joined:
    Dec 31, 2006
    Messages:
    1,401
    Country:
    Gambia, The
    Well the Wii key also was in the firmware, multiple times, since Nintendo sucked at security.
     
  4. SifJar

    SifJar Not a pirate
    Member

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    No ps3 had a flaw which meant the private key was able to be calculated, so actual signing could be done. That was fixed in 3.60 and above, so private key can't be found anymore, so no more signing. The 3.60 public keys were recently released, meaning 3.60 content can be decrypted, but not encrypted. Anything over 3.60 remains unable to be decrypted.
     
    1 person likes this.
  5. KiiWii

    KiiWii Reporter
    Reviewer

    Joined:
    Nov 17, 2008
    Messages:
    9,918
    Country:
    United Kingdom
    Unless its a TB patch, which can now also be decrypted for 3.55 thanks to duplex.

    E.g. Max Payne 3

    TBH I only think I would buy a 3DS if it gets hacked.
     
  6. FireGrey

    FireGrey Undercover Admin
    Member

    Joined:
    Apr 13, 2010
    Messages:
    3,921
    Country:
    Maybe they left their key under a fake rock.
     
  7. Cyan

    Cyan GBATemp's lurking knight
    Global Moderator

    Joined:
    Oct 27, 2002
    Messages:
    22,532
    Country:
    France
    No, the "TB" are not decrypted. They are debug Eboots + DRM.

    The recent "TB crack" is only the DRM check which is bypassed.
    The eboots are still the one provided by TB team (debug eboots, which are unsigned and run on any cfw able to run unsigned eboots). Duplex didn't provide new eboots that the TB team didn't.

    If the release teams (Duplex) don't know how to get or create debug eboots, they are still dependent on the TB team. And I suspect that TB team will stop providing such eboots at all if their DRM is bypassed, unless they make a new DRM.

    Well, debug are also decrypted? maybe SifJar can explain it better? I didn't follow the TB hack very closed.
     
  8. dicamarques

    dicamarques Definitely not Bruce Wayne.
    Member

    Joined:
    Jun 25, 2010
    Messages:
    1,023
    Country:
    Portugal
    The PSP and the PS3 Used the same key (Common and Private) so finding in the psp would also work in the ps3.
     
  9. LuigiBlood

    LuigiBlood SNES and 64DD Savior
    Member

    Joined:
    Jun 23, 2009
    Messages:
    182
    Country:
    France
    The 3DS Common Key is in the hardware. Nintendo learned from its mistakes.
     
  10. KiiWii

    KiiWii Reporter
    Reviewer

    Joined:
    Nov 17, 2008
    Messages:
    9,918
    Country:
    United Kingdom
    Correct me if I am wrong:

    If this were true how come debug eboots havent proved useful to date? I'm 99% sure people have obtained debug eboots but they wont run on CEX FW.

    TB somehow cracked either getting debug eboots to work or found an exploit for cracking some (not all) eboots without keys.

    No one knows what the truth is behind TB, but I thought we couldn't run debug eboots on retail cfw's.
     
  11. SifJar

    SifJar Not a pirate
    Member

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    My understanding of the topic was that TB were able to decrypt the EBOOTs from games requiring 3.60+, and they then re-encrypted the EBOOTs with their own key, which was stored in their dongle (the results were then released under the release group names "Paradox" and "ParadiSO" or something like that). Their CFW would then use the key from the dongle to decrypt the EBOOTs and play them; without the dongle, their key wasn't present and the EBOOTs couldn't be decrypted. But I haven't really read too much about TB stuff and could be completely wrong. You seem to know more about this than I (as with most PS3 stuff).

    I haven't heard of "debug EBOOTs" before, but that seems plausible to me. I may look into it more later if I get a chance.

    EDIT: Although this all has nothing to do with the 3DS... :P
    EDIT: A little research later...Looks like Cyan is right about them being debug EBOOTs. And the TB CFW contains patches to run debug EBOOTs, patches which I don't believe are present in other FWs. Debug EBOOTs can be obtained using a modified PS3 and downloading via a proxy. Apparently they are also signed using TB's own keys, presumably so that even if someone else does figure out the patches for another CFW, the TB EBOOTs can't be used (i.e. debug EBOOTs would be needed to be obtained/released independently from TB's releases).

    Note that I am still not 100% clear on the whole thing, so this post could be slightly inaccurate. I still intend to look into this further at a later date, and may update this post again at some time.

    EDIT: OK, from reading here, it would appear that what is happening is this: TB get the debug EBOOTs for games (for disc based games, I assume these are updates, so it will only work for games that have an update I guess?), which are unencrypted, they then encrypt these EBOOTs with keys that only work with their CFW, which in turn only works (fully) with their dongle present because of the DRM in the dongle.
     
    2 people like this.
  12. Seratonin

    Seratonin GBAtemp Regular
    Member

    Joined:
    Jul 14, 2012
    Messages:
    168
    Country:
    United States
    Are you saying that we will only see 3ds's with hardware mods is it gets hacked?
     
  13. 3DSGuy

    3DSGuy No longer in scene
    Member

    Joined:
    May 22, 2012
    Messages:
    345
    Country:
    United States
    No they weren't debug (un-encrypted) eboots, TB eboots are just flagged as fself (fake self/debug self), probably so the TB dongle would be notified to intervene and decrypt the eboot when a TB eboot is played. And TB wasn't relying on debug game updates, to get unencrypted eboots, 99% of TB eboots were fixes of the original disc eboot.

    Also just to clarify, proper Debug eboots(fself) are not encrypted, and anyone can make debug eboots. The PS3 SDK has been leaked numerous times, which can make debug eboots.
     
  14. SifJar

    SifJar Not a pirate
    Member

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    According to this page, they are debug EBOOTs, which are then encrypted with the TB keys so that they only work with the TB CFW, which in turn only works with the TB dongle inserted. The same could be done with the regular 3.55 keys and the results could be played on a regular 3.55 console apparently. If you have a better source of information, please share it as I'm rather interested in reading about it. (I find the whole "piracy dongles with DRM" thing from the PS3 rather interesting).
     
  15. 3DSGuy

    3DSGuy No longer in scene
    Member

    Joined:
    May 22, 2012
    Messages:
    345
    Country:
    United States
    Source:Myself/Knowledge of PS3/looking at TB eboots. There are many speculated methods on obtaining decrypted eboots, which mostly surrounds dumping the RAM, in some form (and having the keys, but having the keys is unlikely). Nothing confirmed of course. But they are re-encrypted versions of the original disc eboots, I haven't checked Duplex's 'anti-drmed' TB eboots, but they should be the same size as the disc original eboot. When they say debug eboot, they mean an eboot flagged as debug in the SCE header. Again TB obtain decrypted eboots (to which they apply DRM to) from a source other than debug fselfs(that is unless they get debug copies of every game they've patched again unlikely). What you see when you look at a TB eboot, is simply the result of their DRM process. The fself flag among other things in the SCE Header, is simply a way for the DRM distinguish between regular eboots and TB eboots(after all, all a SCE header does(for selfs) is tell the PS3 what the eboot is). Especially since fselfs are treated differently by the PS3 simply for been an fself(it has to be modified to accept them). And of course the encryption of TB eboots is part of the DRM.

    EDIT: If you don't believe me, here's a quote from the dev wiki regarding the 'fself nature' of TB eboots:
     
    2 people like this.
  16. SifJar

    SifJar Not a pirate
    Member

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    I get what you're saying, true FSLEFs aren't encrypted. But that doesn't mean that the decrypted EBOOTs TB have access to aren't the debug EBOOTs (i.e. FSELFs). As I see it, it is perfectly possible they have access to the FSELFs (debug EBOOTs) of the games they release "patches" for, and they apply their DRM to those (including the encryption with their own keys) so they only work with the dongle. I see no other way for them to obtain decrypted EBOOTs for newer games unless they had all the newer keys, in which case they could release far more fixed games than they do. They could possibly also create some sort of software to allow users to fix games themselves (without giving the keys away; that part could be tricky, but they've managed to protect their EBOOTs this far, they could probably have a decent attempt at protecting the keys also). AFAIK, the only way to get unencrypted EBOOTs is debug EBOOTs (FSELFs), so that must be their "starting point" for each fix, right?

    EDIT: The quote from the dev wiki you posted is found under this header:
    I wouldn't put too much faith in that quote...

    EDIT: Just found this post above:

    No they didn't. The PS3 firmware just contained (some of) the keys needed to (sort of) sign stuff for the PSP.
     
  17. ZombiePosessor

    ZombiePosessor GBAtemp Fan
    Member

    Joined:
    May 1, 2008
    Messages:
    445
    Country:
    United States
    Why is there all this talk of old PS3 eboots and shit instead of what the topic is about? Who gives a shit about PS3 stuff, there's a PS3 section where you guys can talk about that shit.
     
  18. Ace Overclocked

    Ace Overclocked My CPU's hot but my core runs cold.
    Member

    Joined:
    Jul 30, 2010
    Messages:
    2,110
    Country:
    Italy
    Because people are thinking of the possibility of using those methods on a 3ds.
     
  19. Fudge

    Fudge Remember that death is not the end, but only a tra
    Banned

    Joined:
    Aug 26, 2009
    Messages:
    2,655
    Country:
    United States
    No.
     
  20. Rydian

    Rydian Resident Furvert™
    Member

    Joined:
    Feb 4, 2010
    Messages:
    27,880
    Country:
    United States
    Yeah, 'cause we all know that the 3DS and PS3 have absolutely no technology or security methods in common whatsoever.

    Oh wait.
     
Loading...

Hide similar threads Similar threads with keywords - decrypted, Firmware,

Thread Status:
Not open for further replies.