Toggle sidebar

PS3/PSP private keys released.

  • Thread starter Thread starter Rydian
  • Start date Start date
  • Views Views 72,433
  • Replies Replies 313
RupeeClock said:
Fireballo said:
I bet anything that Sony releases a new console next year.
Click to expand...
I don't think so, Sony is too proud of their "10 year plan" to be honest, even with this major set-back.
Click to expand...
Sony said the same thing about the PS1, but released the PS2 in five years as well, and you couldn't even buy any more ps1 stuff in stores after "year six" or seven of the PS1's lifecycle.
angry.gif
 
dragonking said:
*STUPID N00B QUESTION ALERT*
Isn't it possible that they make a new key and whitelist all old games?
Click to expand...
No. It has been suggested many times, but if they did this, then the new key would have to be included in an update, and that update would HAVE to be signed with the current keys, or else it wouldn't install on PS3s with current firmware. And because the current keys are well known, that update could be decrypted and the new keys found from it. Simple as that. Also, I think at least some of the keys (master key at least) is hardcoded into the PS3, but I'm not 100% sure on that part, haven't seen any reputable hacker stating that.
 
codezer0 said:
Sony said the same thing about the PS1, but released the PS2 in five years as well, and you couldn't even buy any more ps1 stuff in stores after "year six" or seven of the PS1's lifecycle. :angry2:
Click to expand...
I don't remember sony ever saying that the PSX would have a ten year life cycle, but you could still buy PSX stuff in the UK in 2005, ten years after launch.
 
Link00y said:
I said it before, I say it again, a change of keys IS POSSIBLE and yes, it could be used to tighten up the security again. However, it is not trivial.

a) Add a second public key to the PS3.
b) Use the private key for the new public key to sign new games.
c) Create a checksum list of the headers of all old games - PSN games could be updated for the new keys I guess.
d) Once the checksum list is complete - remove the original public key.

The new public key would not allow exposal of the private key, if Sony did use a really random number to hide their private key. That system is used by the DSi, however, such a system is flawed as R4i and all other DSi flash cards show - they simulate the header of a known game, the DSi verifies the header and on load the header data is replaced with the actual flashcard header- at that time the DSi already accepted the flash card as valid! Something like that could happen on the PS3 then, so that would raise the security of the system again, however it makes exploits to the verification very possible!
Click to expand...


Well I think that's almost it. The best course of action for sony would be to release a second key for new games, and just let the old games die. What's lost is lost, and there's no feasible way to recover from this. Just save what you can.
 
Teeko said:
Link00y said:
I said it before, I say it again, a change of keys IS POSSIBLE and yes, it could be used to tighten up the security again. However, it is not trivial.

a) Add a second public key to the PS3.
b) Use the private key for the new public key to sign new games.
c) Create a checksum list of the headers of all old games - PSN games could be updated for the new keys I guess.
d) Once the checksum list is complete - remove the original public key.

The new public key would not allow exposal of the private key, if Sony did use a really random number to hide their private key. That system is used by the DSi, however, such a system is flawed as R4i and all other DSi flash cards show - they simulate the header of a known game, the DSi verifies the header and on load the header data is replaced with the actual flashcard header- at that time the DSi already accepted the flash card as valid! Something like that could happen on the PS3 then, so that would raise the security of the system again, however it makes exploits to the verification very possible!
Click to expand...


Well I think that's almost it. The best course of action for sony would be to release a second key for new games, and just let the old games die. What's lost is lost, and there's no feasible way to recover from this. Just save what you can.
Click to expand...


Well, this is like the fourth time its been said in this thread, but even if they make another key for future games, A) This means all previous games would be useless, B) Most likely not even an option since the keys are hardcoded into the hardware, and C) Even if it were possible, it would need to be through a firmware update, meaning it would need to be signed with the old keys, thus easily cracked and TADAA! The new keys are now public.
 
TwinRetro said:
Teeko said:
Link00y said:
I said it before, I say it again, a change of keys IS POSSIBLE and yes, it could be used to tighten up the security again. However, it is not trivial.

a) Add a second public key to the PS3.
b) Use the private key for the new public key to sign new games.
c) Create a checksum list of the headers of all old games - PSN games could be updated for the new keys I guess.
d) Once the checksum list is complete - remove the original public key.

The new public key would not allow exposal of the private key, if Sony did use a really random number to hide their private key. That system is used by the DSi, however, such a system is flawed as R4i and all other DSi flash cards show - they simulate the header of a known game, the DSi verifies the header and on load the header data is replaced with the actual flashcard header- at that time the DSi already accepted the flash card as valid! Something like that could happen on the PS3 then, so that would raise the security of the system again, however it makes exploits to the verification very possible!
Click to expand...


Well I think that's almost it. The best course of action for sony would be to release a second key for new games, and just let the old games die. What's lost is lost, and there's no feasible way to recover from this. Just save what you can.
Click to expand...


Well, this is like the fourth time its been said in this thread, but even if they make another key for future games, A) This means all previous games would be useless, B) Most likely not even an option since the keys are hardcoded into the hardware, and C) Even if it were possible, it would need to be through a firmware update, meaning it would need to be signed with the old keys, thus easily cracked and TADAA! The new keys are now public.
Click to expand...

they could make a whitelist for the old games.
 
DigitalDeviant said:
TwinRetro said:
Teeko said:
Link00y said:
I said it before, I say it again, a change of keys IS POSSIBLE and yes, it could be used to tighten up the security again. However, it is not trivial.

a) Add a second public key to the PS3.
b) Use the private key for the new public key to sign new games.
c) Create a checksum list of the headers of all old games - PSN games could be updated for the new keys I guess.
d) Once the checksum list is complete - remove the original public key.

The new public key would not allow exposal of the private key, if Sony did use a really random number to hide their private key. That system is used by the DSi, however, such a system is flawed as R4i and all other DSi flash cards show - they simulate the header of a known game, the DSi verifies the header and on load the header data is replaced with the actual flashcard header- at that time the DSi already accepted the flash card as valid! Something like that could happen on the PS3 then, so that would raise the security of the system again, however it makes exploits to the verification very possible!
Click to expand...


Well I think that's almost it. The best course of action for sony would be to release a second key for new games, and just let the old games die. What's lost is lost, and there's no feasible way to recover from this. Just save what you can.
Click to expand...


Well, this is like the fourth time its been said in this thread, but even if they make another key for future games, A) This means all previous games would be useless, B) Most likely not even an option since the keys are hardcoded into the hardware, and C) Even if it were possible, it would need to be through a firmware update, meaning it would need to be signed with the old keys, thus easily cracked and TADAA! The new keys are now public.
Click to expand...

they could make a whitelist for the old games.
Click to expand...
 
I really think we need to stop speculating on what Sony could do to fix this. Hopeless or not, they could be drawing ideas from all this. We'd be stupid to thing that there isn't at least one member here who could potentially be from Sony. I know it may seem like a lost cause to them, but what if our ideas leads them to something that WORKS? Shut the doors right up. >.
 
TwinRetro said:
Teeko said:
Link00y said:
I said it before, I say it again, a change of keys IS POSSIBLE and yes, it could be used to tighten up the security again. However, it is not trivial.

a) Add a second public key to the PS3.
b) Use the private key for the new public key to sign new games.
c) Create a checksum list of the headers of all old games - PSN games could be updated for the new keys I guess.
d) Once the checksum list is complete - remove the original public key.

The new public key would not allow exposal of the private key, if Sony did use a really random number to hide their private key. That system is used by the DSi, however, such a system is flawed as R4i and all other DSi flash cards show - they simulate the header of a known game, the DSi verifies the header and on load the header data is replaced with the actual flashcard header- at that time the DSi already accepted the flash card as valid! Something like that could happen on the PS3 then, so that would raise the security of the system again, however it makes exploits to the verification very possible!
Click to expand...


Well I think that's almost it. The best course of action for sony would be to release a second key for new games, and just let the old games die. What's lost is lost, and there's no feasible way to recover from this. Just save what you can.
Click to expand...


Well, this is like the fourth time its been said in this thread, but even if they make another key for future games, A) This means all previous games would be useless, B) Most likely not even an option since the keys are hardcoded into the hardware, and C) Even if it were possible, it would need to be through a firmware update, meaning it would need to be signed with the old keys, thus easily cracked and TADAA! The new keys are now public.
Click to expand...

Ouch. Checkmate sony...
 
Sony @ IGN article said:
"We are aware of this, and are currently looking into it[...]We will fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details."
Click to expand...
Given the way this works, it seems like Sonyspeak for "We actually have no idea how we're going to fix this."
 
ProtoKun7 said:
Given the way this works, it seems like Sonyspeak for "We actually have no idea how we're going to fix this."
Click to expand...
Which isn't surprising, knowing how Sony actually does things.

This is the same company that gave us that ham-fisted music CD DRM that installed rootkits and the like. And Sony itself is no stranger to controversy over its heavy-handed methods toward "security."
mellow.gif
 
DasXero said:
How is "homebrew" of all things (Ex: viruses), a security issue? Total BS
Click to expand...
the "system security" has been breached on the system
they cant mention how they are going to fix it other then say they will release updates
if they did hackers would just use that information to their advantage
 
So has anything actually been released? Anything made yet for the PS3? I just see talk talk and more talk about Sony trying to prevent this and the key is released but I don't see any real information or programs.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Nintendo Direct June 9, 2026 roundup - Ocarina of Time remake announced, Kingdom Hearts IV trailer

Paper Mario PC recompilation "ReCut" gets its first pre-release build

Steam Machine waiting list goes live, starting at £879 with a 512GB SSD

The long awaited EarthBound Beginnings Remake romhack is now available after almost 2 decades in development

Low-level 3DS emulator 3Beans released alongside setup tutorial video

Super Mario 64 gets a brand new port on the Nintendo DS, brings support for full local multiplayer

PlayStation State of Play June 2, 2026 broadcast - new God of War announced

Nintendo fined 35 million euros by the French government due to Switch 1 Joycon malfunctions