Signed PKG question

Discussion in 'PS3 - Hacking & Homebrew' started by JinTrigger, May 24, 2011.

May 24, 2011

Signed PKG question by JinTrigger at 7:16 PM (849 Views / 0 Likes) 3 replies

  1. JinTrigger
    OP

    Member JinTrigger Asentrix Studios

    Joined:
    Jun 25, 2008
    Messages:
    1,550
    Location:
    Lunesta/Mysteria
    Country:
    United States
    I've been seeing a lot of signed PKG (im guessing this PS3's version of Eboots), so can they be used like eboots.....like how do I put them on my OFW PS3 and play them. I am on the latest firmware.
     
  2. FAST6191

    Reporter FAST6191 Techromancer

    pip
    Joined:
    Nov 21, 2005
    Messages:
    21,747
    Country:
    United Kingdom
    You can but the last couple of OFW releases changed things up so you can not do that any more as Sony prevented it and we have no way of regressing things at present.

    General overview
    They keys for the PS3 (all of them) got leaked by way of very bad implementation (see the 27C3 presentation for more on that- http://www.youtube.com/watch?v=5E0DkoQjCmI ). This meant you could sign any piece of code as previously only Sony could do. Still some sidestepped this and instead made custom firmwares for the PS3 that ignored these restrictions and gained a few other things along the way.
    Sony did about the one thing they could do in this situation (leaked keys like this is about as big a screwup as it gets in crypto)- they whitelisted (made a big list that says only things on this list can run) all known/existing valid files (that is to say not your homebrew program and owing to some choice things this also means no disc games and PSN content with the sort of stuff you have available- effectively locking it back down) and generated a new set of keys for all new pieces of code to use with a proper implementation.

    The original discovered keys do however include a hardcoded value early on in the PS3 boot sequence so technically things could still revert and Sony can do nothing about it on all existing hardware (well I do not know about the very latest models but everything made at least until February if not nearer to present is vulnerable and there is nothing Sony can do) but nobody has released anything yet.

    As for the new keys to my knowledge nobody has these new keys yet and even if they did they would just be the public keys and of no great use other than to decode new games that use them and firmwares (which might lead to new exploits but that is besides the point).
    I think it was mathieulh that detailed a possible method to dump the keys but nobody has followed through yet and alongside this it would probably take fiddling with hardware rather than the load up a USB drive and press install that the first few waves of hacks after signing got broken did.

    As some new games now feature these new keys someone might be moved to dump them and sort things but in general anybody that wants an easily homebrew capable system can get one for about the same price as a regular PS3 (or they did not upgrade) so there is not that much motivation to do such things.
     
  3. chrisrlink

    Member chrisrlink Rouge Temper

    Joined:
    Aug 27, 2009
    Messages:
    1,223
    Location:
    Unova
    Country:
    United States
    well i came upon something intresting on psx-scene it may start up again basicly somebody made a sucessful dump of 16 MB NOR flash

    proof
     
  4. Originality

    Member Originality Chibi-neko

    Joined:
    Apr 21, 2008
    Messages:
    5,154
    Location:
    London, UK
    Country:
    United Kingdom
    Last I heard, all the 3.6X public keys were known but the private key (that makes everything possible) was still unknown. People are working on it, but information on it is all underground so finding out takes effort.

    I'm in the boat of "if it ain't broke, don't fix it" with 3.55. When Disgaea 4 comes out though... chances are I'll buy myself another PS3 along with a handful of the games I really liked (e.g. Star Ocean).
     

Share This Page