Ps3 Hacked

[chapperlin]

PS3 Jailbreak

 

Seems to be genuine with a few independent groups testing it and confirming it works

 

No doubt sony will be quick to act - new fw etc but the "USB dongle" is apparently upgradeable so we may end up with a cat and mouse type situation like with the PSP

 

Who here with a PS3 would pay approx £100 for one of these dongles?

 

I for one will be waiting to see how things pan out

[the mo beats experience]

To what end? What is the point of this dongle and jailbait? Is it to play pirate games or what?

[chapperlin]

From what I understand it will back up your original PS3 games to your internal or external hdd.

Then with any original disc in your PS3 it will play the backup.

 

Also supposed to allow homebrew - so some sort of iso loader will be along soon enough.

 

Im sure sony will be able to block this dongle with a forced FW update but it remains to be seen whther the dongle can then be updated to get around whatever sony do.

[the mo beats experience]

Still fail to see the point tbh. Whats Homebrew?

[chapperlin]

So at the moment you can take an original PS3 disc and with this dongle you can copy it to your internal or external hdd.

 

Homebrew are programs designed by "consumers". These often include emulators(think snes/n64 etc) and iso loaders.

Iso loaders would allow you to download pirated games and put them onto you ps3 hdd.

 

Whether any of this happens d3pends on whether Sony are able to permanently block this new usb dongle.

[ans]

Ps3lol would actually have to have games worth pirating first.

[modey]

Well if it ends up like the psp homebrew scene I'll eventually get one, so much potential for homebrew on the ps3, but not at that price, there are bound to be cheaper clones comealong soon enough

[scarbunny]

The clones are already in production, no word on pricing yet but estimates put material costs at no more than $10 for a one off so sensible pricing with mark up of around $30-$40.

 

The dongle it self is a clone of a clone of a Sony service centre "Jigstick" which just puts the PS3 into "debug" mode, which allows for the execution of unsigned code.

 

I may actually look at buying a PS3 now, the main reason I got a PSP was for its homebrew.

 

As for games to pirate, I can think of enough to cover the initial outlay for the console and the stick.

 

I will wait a few months though to see what actually comes of it, if Sony block it, and if decent hombrew comes along.

[chapperlin]

The full code for the ps3 jail break has been released

 

ps3 jail break code

 

All that is needed is a usb development board

 

Teensy board

 

which will allow you to make your own ps3 jail break dongle

 

But there is talk on ps3 forums of this hack being coded for cfw enabled psp's - that would be awesome lol

[scarbunny]

The only problem is every where seems to be sold out of compatible boards.

 

Might see what pre-owned PS3s are in town at lunch.

[arronc]

Thing is : its not really "hack", because it does it does not alter the behaviour of the PS3 : you are just running in a different mode, which is coded and controlled by sony. Cloning a usb key is pretty small change : thats why there are programmable boards on the market to do it. But you have to steal each version of the key to copy.

 

And to be honest, all you need to do to stop it working is :

 

1) Re-issue the debug keys (might take a couple of weeks)

2) Issue new firmware (not that big a deal)

 

Of course, it is possible more keys could be stolen and cloned in the future, and so all you would do as a developer if you did not want your discs pirated is issue a command when the game starts to determine the run mode of the PS3 : if its in debug, don't start the game.

 

The great thing about using digital keys is that you always have a way of revoking stolen keys.

 

And the homebrew thing is a bit of a red herring : back in the days when there was a legitimate route to do this by running an officially supported version of linux, the dev community for it was hardly on fire.

 

So im summary : not a hack, just a stolen digital key, which will be revoked in due coarse. Not a big deal.

[scarbunny]

Its actually custom code that emulates a USB hub and forces an overflow in the USB stack, which then allows the system to boot into debug mode and execute custom code.

 

The fact custom code can be executed means the system is hacked.

 

Easy enough to not update the firmware, and in time there will be CFW like the PSP.

[arronc]

Its actually custom code that emulates a USB hub and forces an overflow in the USB stack, which then allows the system to boot into debug mode and execute custom code.

 

The fact custom code can be executed means the system is hacked.

 

Easy enough to not update the firmware, and in time there will be CFW like the PSP.

 

Sure : agreed: if that is how it works, and does not require you to use any keys, because it can interupt the the boot before the hypervisor runs, then that would be quite a robust hack. Is there a description of this anywhere ? I had a quick google and couldn't find anything much more definitive than "I suppose it must work like this...."

[scarbunny]

The only full analysis of the actual program is here but Google's translation is a little rough around the edges.

 

The way you boot the hack, pushing eject straight after power, forces the PS3 to check for an attached USB drive before booting the GameOS from the internal ROM. At least thats the theory as far as I understand it. Not sure if Math will be releasing further notes based on his reverse engineering for PSGroove.

[arronc]

The only full analysis of the actual program is here but Google's translation is a little rough around the edges.

 

The way you boot the hack, pushing eject straight after power, forces the PS3 to check for an attached USB drive before booting the GameOS from the internal ROM. At least thats the theory as far as I understand it. Not sure if Math will be releasing further notes based on his reverse engineering for PSGroove.

 

Cheers for the link : probably the most interesting statement is :

 

"A short time later (we are moving here in Milliseconds) the jig module is connected, and encrypted data is transmitted to the module jig. A (in MS) eternity later, the answers Jig 64Byte module with static data, all USB devices are disconnected, a new USB Device is connected and the PS3 launches with a new look."

 

Which to me at least, (translation withstanding) is that the key exchange still happens as normal between the dongle and hypervisor. If this is true, then you still have the stolen, revokable key in the procedure. Even if you don't update, the key most likely would still have an expiration date.

 

I guess there isn't much good information around, and probably not likely to be, as the invested parties will just be wanting to take a lot of pre-orders All very interesting though.