When will be possible to make a cfw for >3.56

Discussion in 'PS3 - Hacking & Homebrew' started by Demifiend, Jul 6, 2015.

  1. Demifiend
    OP

    Demifiend The bored one

    Member
    497
    442
    Mar 20, 2015
    I know that it's not possible to hack a PS3 with a OFW above 3.55, and the only known method are the Cobra Ode Chip that allows you to play backup games, and Pexploit, which is a nice thing, but, my question still persist, Why it isn't possible to hack these kind of PS3's?

    in a nutshell, What is the difference between a PS3 that has 3.55 but other PS3's that doesn't have it?, it's that OFW so different of the updates?, the PSP didn't have that problem, and you have to consider that the PSP has more revisions than the PS3 (PS3: Fat, Slim, Super Slim) PSP (1000,2000,3000,Go,E1000), if someone could answer me those questions i would be grateful, i would be even more if you could link me a page like Wololo, where you can know what was the last hacking update about the PS3, outside of ps3hax or scenebeta likes.
     
    cvskid likes this.
  2. retrofan_k

    retrofan_k GBAtemp Advanced Maniac

    Member
    1,818
    1,114
    May 31, 2013
    Belarus
    Caves
    Because Sony basically changed the keys post 3.55.

    We only have the 3.55 private key, with this key we can make a CFW based on any version (3.55,4.21,4.30, etc) and sign it to look like any real 3.55 FW to the system.
    So, if the console is on 3.55 or below OFW, it can't tell the difference between the 3.55 OFW and any CFW out there so it just installs as a regular update.

    On any higher OFW, that private key is now blacklisted, replaced with one we don't know, and we can't easily figure out because the signature failure was fixed that let us get it the first time. This effectively prevents software downgrading because even if we take the highest version OFW and make CFW from it, it will still need to be signed with the 3.55 key which the system won't accept.
     
  3. Demifiend
    OP

    Demifiend The bored one

    Member
    497
    442
    Mar 20, 2015
    Well, anything it's possible with reverse engineering, right?, and now that i think about it, how can you find that private key especifically?, at this point all we have is Pexploit as i said before, which is something cool, now, if the system don't accept 3.55 keys, which are neccesary to work with CFW's, can't we make the PS3 forcefully work with those keys?, like, writing a program that allows you to use those keys, i know that you said "The private key is now blacklisted, replaced with one we don't know", but, isn't there a possibility to find said key with a method, or something?
     
  4. retrofan_k

    retrofan_k GBAtemp Advanced Maniac

    Member
    1,818
    1,114
    May 31, 2013
    Belarus
    Caves
    Anything is possible with reverse engineering and your question has been asked many times in some way or another but personally, I don't see anything being blown wide open like the PSP days on PS3 anytime soon. The thing is, the security is tight on this system, hell it's 8 years old this year and to not to have cfw on any model or base firmware post 3.55 speaks for itself.

    People in the scene over the years and the lawsuits filled is what keeps it all quiet, but who knows someone or a group(s) may know or have ways of making cfw on any PS3 like a PSP, etc, yet is too afraid to draw attention to themselves because of past events. One day it may be all revealed but times have changed and it's not like it used to be.
     
  5. Demifiend
    OP

    Demifiend The bored one

    Member
    497
    442
    Mar 20, 2015
    To be fair, the serious homebrew development started around 2010, when some of the keys on the PS3 were found and shared to all the people interesed, it wasn't until 1 or 2 years later when we received a stable CFW for 3.55, and then onwards it was becoming better, the PSP started all the way back between 2005 and 2006, that's a lot more than the PS3 homebrew development, to my surprise, i found an user in a forum who is making something interesting, I'll keep in update with that guy, he may be the last hope to eliminate the dominance of the Cobra Ode in the hacking market.
     
  6. Foxi4

    Foxi4 On the hunt...

    pip Reporter
    23,595
    21,612
    Sep 13, 2009
    Poland
    Gaming Grotto
    The reason why systems past 3.55 can't be modified via software means only is very simple - the exploit used for extracting keys (scekrit) and the error in the rand() function resulting in rand() always being 4 (randomfail) were patched after fail0verflow's presentation at the 27C3 conference where they pulled Sony's pants all the way down:



    Sony's not stupid - fail0verflow pointed out exactly what was wrong with the system, so they fixed it. You can still hack systems which are past 3.55 by flashing older firmware on them, provided the unit is compatible with 3.55. Here's a handy table, check the last column for the minimum firmware possibe:

    http://www.psdevwiki.com/ps3/SKU_Models

    There's a number of ways you could flash your system, ranging from using an Infectus chip to more specialized solutions like the E3 Flasher.

    It would also be nice if you stopped bolding everything you write. :P
     
  7. cearp

    cearp the ticket master

    Member
    7,550
    4,813
    May 26, 2008
    Tuvalu
    what you want to hear: a few days, i'll release a cfw .pup that works on the latest fw.
    what you don't want to hear: not going to happen, at least for a while, if and when it does it will be a surprise. people who could maybe do this don't want to for various reasons (sony gets angry)
     
  8. Demifiend
    OP

    Demifiend The bored one

    Member
    497
    442
    Mar 20, 2015
    Seems interesting as a whole, I don't know much about hardware engineering, but i'll study little by little, it may come in handy someday, PS3 is indeed an interesting system to experiment, if you could unlock the true potential in anything, from emulators, homebrews and etc. It would be a beast in all senses.

    I don't know what you're hearing, but as i said before, I was checking certain hackers and their progress, and it seems that some of the internal structure is being little by little unlocking, the console it's indeed difficult to hack, but not impossible, when you part from Ofw 3.55 and you have unlocked a way to obtain an unlock, it means that newer firmwares are able to do the same but with other methods, remember when everyone was saying that the 3DS was unhackeable, that nobody will ever do that thing, that was way back in 2011, now, many methods like Spider, MSET and rxtools are available to the public, and new exploit methods for future firmwares from 9.3 and onwards will be appearing little by little.

    Si, in a nutshell, if the 3DS is now hackeable, the PS3 can be, it just needs a little more of time, i'm realistic in the sense that it will take time, effort and some other things, but i don't have the denial mind that this will not happen, my ears are able to hear anything, and i can accept the fact that this it's not easy, but someday, it will be.
     
  9. cearp

    cearp the ticket master

    Member
    7,550
    4,813
    May 26, 2008
    Tuvalu
    given time or not, if no one wants to work on it then it will not get done. let's hope some skilled people are interested.
    i read something on eurasia a little while ago about someone looking into it, and it seemed people 'high up' could make progress, but they don't want to share/scared.
    personally, i would want all the devs who would be interesting in ps3, to work on ps4... :)
     
  10. Foxi4

    Foxi4 On the hunt...

    pip Reporter
    23,595
    21,612
    Sep 13, 2009
    Poland
    Gaming Grotto
    The prime time for PS3 hacking is over, the second wave will come once the system is completely discontinued so that the risk of lawsuits becomes minimal. As it stands today practically all PS3 models are hackable, some just require additional hardware, which has often been the case in the past as well.
     
  11. retrofan_k

    retrofan_k GBAtemp Advanced Maniac

    Member
    1,818
    1,114
    May 31, 2013
    Belarus
    Caves
    Exactly my point in #4 post. GeoHot was a prime example of lawsuits, along with others later on like Kakaroto too.
     
  12. cornerpath

    cornerpath GBAtemp Fan

    Member
    479
    233
    Dec 15, 2014
    United States
    Jackson, Ms

    Question because I know I' not tripping. Well Before all this hacking stuff in 2007-08 eras 360 and ps3 wasn't forced to update in that time period rite?
    I swear before the hacking we had a choice to update and not update and still play online...
     
  13. retrofan_k

    retrofan_k GBAtemp Advanced Maniac

    Member
    1,818
    1,114
    May 31, 2013
    Belarus
    Caves
    You could always decline updates, yet for online you had to update. It's always been like that regardless of hacks, as far as I remember.
     
  14. Demifiend
    OP

    Demifiend The bored one

    Member
    497
    442
    Mar 20, 2015
    With a good amount of luck, and hopes, we can have a totally working CFW in our systems, i know about the problems about possibly lawsuits and such, and even if the times have changed, the PS3 will be discontinued, since it has so little to things to do here, Next Gen already happened (Although i must say that this next gen was, surprising and dissapointing at the same time, surprising because Kingdom Hearts 3 and FFVII Remake and such, but more dissapointing for many, many titles else) so, taking that in the equation, the risk of any lawsuits decreases as time passes, because nobody will give two shits about it, especially if you are on a country where the law doesn't work, robertmod it's our last hope (at the time being), I hope he can suceed.
     
  15. cornerpath

    cornerpath GBAtemp Fan

    Member
    479
    233
    Dec 15, 2014
    United States
    Jackson, Ms
    Really? well i can't really remember about the 360, now i knew if you decline game updates it will kick you off back in them days
    but for ps3 im kinda blurred.

    hmmmm I'll be back
     
  16. weatMod

    weatMod GBAtemp Advanced Maniac

    Member
    1,962
    620
    Aug 24, 2013
    United States
    you always needed latest FW to log in to PSN/SEN
    except for a few exception when sony released a minor update ,like a half release FW then you go online till they released the next full FW release

    the metLDR LV0 keys finally got leaked but sony changed the boot sequence and got them locked away again
    then they released new HW revision consoles with new syscons that prevent the downgrades from working
     
  17. cearp

    cearp the ticket master

    Member
    7,550
    4,813
    May 26, 2008
    Tuvalu
    i would imagine most things are hackable with a hardmod, but a software hack on the other hand is the important thing.
    although nice for piracy and even though it works, technically a 'middle man'/ode is nothing special :)
     
  18. gunner007

    gunner007 GBAtemp Advanced Maniac

    Member
    1,506
    368
    Dec 31, 2013
    United States
    To answer your question. There's 2 things at work here.

    1) For any of the late model PS3's, METLDR is no longer vulnerable, as it has been spun into BOOTLDR/LV0 layer which nobody has access to. Due to that, CFW can never be installed on those units since there's no way to break the chain of trust to allow unsigned code to be run. Syscon at some point on the new consoles is high enough that there is no way to flash an older FW without bricking. Without being able to modify the earlier boot sequence, we can't do anything.

    2) As stated earlier, after the 3.55 keys leak, Sony redid their ECSDA correctly. 3.55 keys were blacklisted so we are unable to run any content with said keys. However, due to the fact that all consoles must be able to decrypt said binaries and OFW, we can use 3.55 keys to decrypt, patch the FW to allow a downgrade on such vulnerable consoles. (Hence why each CFW release you'll see a patcher - requires HW NAND/NOR writing)

    Since ECSDA has been properly implemented, it will be very unlikely (and even impossible) to find private keys. We'll be unlikely ever to see a CFW for any of the newer model PS3. Sony's taken a heavy hand to the ODE's the past few firmwares so that's a thing to.

    Keep in mind that the two consoles having private keys exposed were done due to mistakes made in security implementation and not a hardware hack. (The 360 works in a different manner with RGH/JTAG exploits)


    PSP was a different beast, but the root signing keys discovered by the PS3 being hacked blew the PSP wide open. (