Here’s a “quick” status update on the 4.00 HEN (Homebrew ENabler) for PS3.
Following my clarifications from almost 2 months ago here, there has been a lot of progress. We have not been slacking off, we’re a group of about 10 developers working together for the last 2 months, for sometimes 15 hours everyday in order to bring back homebrew support to the latest version of the PS3.
There are three major parts to the HEN, first, getting the packages to install on the PS3, that part is done, completed, tested, debugged, etc.. the second part is to get the apps to run, that one still has major issues… the last part is something I will not discuss for now (it’s a surprise) but it’s about 60% to 70% done (and it has nothing to do with peek&poke and has nothing to do with backup managers or anything like that. This is and will stay a piracy-free solution for the PS3).
Now, running apps is the biggest challenge that we’ve been working on for the past 2 months. As some of you know, if you’ve been following me on Twitter, we originally had hoped for Mathieulh to give us the “npdrm hash algorithm” that was necessary to run the apps, but he was reluctant, he kept doing his usual whore so people would kiss his feet (or something else) so he’d feel good about himself. But in the end, he said that he refuses to give us the needed “npdrm hash algorithm” to make it work… So what I initially thought would be “this will be released next week” ended up taking a lot more time than expected, and we’re still nowhere near ready to make it work.
Mathieulh kept tossing his usual “riddles” which he thinks are “very helpful for those who have a brain”, and which pisses off anyone who actually does… so he told us that the solution to all our problems was to look in appldr of the 3.56 firmware.. and that it was something lv1 was sending appldr which made the “hash check” verified or not… so we spent one month and a lot of sweat and after killing a few of our brain cells out of exhaustion, we finally concluded that it was all bullshit. After one month of reading assembly code and checking and double-checking our results, we finally were able to confirm that that hash algorithm was NOT in the 3.56 firmware like he told us (at all).
He said that it was an AES OMAC hash, but after tracking all the uses of the OMAC functions in appldr, we found that it was not used for the “hash”… he then said “oh, I meant HMAC“, so we do that again and again come up with the same conclusion, then we’re sure it’s not in appldr, and then he says “ah no, it’s in lv1“.. have a look for yourself to what he decided to write : http://www.ps3devwiki.com/index.php?title=Talk:KaKaRoTo_Kind_of_%C2%B4Jailbreak%C2%B4
That happened after the huge twitter fight I had with him for being his usual arrogant ass and claiming that he “shared” something (For your information, the code that he shared was not his own, I have proof of that too (can’t show you the proof because even if I don’t respect him, I gave him my word to not share what he gave me, and I respect my word) since he forgot to remove the name of the original developer from one of the files… also it was completely useless and was not used at all, just made me waste a day reading the crappy undocumented code. So why is he still trying to force his “advice” through these riddles even after we had that fight? Well to sabotage us and make us lose all those months of hard work!
So anyways, we had all accepted that Mathieulh was full of shit (we knew before, but we gave him the benefit of the doubt) and decided to continue working without considering any of his useless riddles. So we then tried to exploit/decrypt the 3.60+ firmware in order to get the algorithm from there.
Now, a few more weeks later, we finally have succeeded in fully understanding that missing piece from the “npdrm hash algorithm”, and here it is for everyone’s pleasure with some prerequisite explanation :
A game on the PS3 is an executable file in a format called a “SELF“file (kind of like .exe on windows), those “self” files are cryptographically signed and encrypted.. For PSN games (games that do not run from a bluray disc), they need to have an additional security layer called “NPDRM”. So a “npdrm self” is basically an executable that is encrypted and signed, then re-encrypetd again with some additional information. On 3.55 and lower, we were able to encrypt and sign our own self files so they would look like original (made by sony) “npdrm self” files, and the PS3 would run them without problem. However, it wasn’t really like an original file.. a real NPDRM self file had some additional information that the PS3 simply ignored, it did not check for that information, so we could put anything in it, and it worked. Since the 3.60 version, the PS3 now also validates this additional information, so it can now differentiate between NPDRM self files created by sony and the ones that we create ourselves for homebrew. That’s the “npdrm hash algorithm” that we have been trying to figure out, because once we can duplicate that information in the proper manner, then the PS3 will again think that those files are authentic and will let us play them.
Another important point to explain, I said a few times that the files are “signed”.. this means that there is an “ECDSA signature” in the file which the PS3 can verify. The ECDSA signature is something that allows the PS3 to verify if the file has been modified or not.. it is easy to validate the signature, but impossible to create one without having access to the “private keys” (think of it like a real signature, you can see your dad’s signature and recognize it, but you can’t sign it exactly like him, and you can recognize if your brother tried to forge his signature). So how were we able to sign the self files that were properly authenticated on 3.55? That’s because this “ECDSA signature” is just a very complicated mathematical equation (my head still hurts trying to fully understand it, but I might blog about it in the future and try to explain it in simple terms if people are interested you can learn about it here), and one very important part of this mathematical equation is that you need to use a random number to generate the signature, but Sony had failed and used the same number every time.. by doing that, it was easy to just find the private key (which allows us to forge perfectly the signature) by doing some mathematical equation on it. So to summarize, a “signed file” is a file which is digitally signed with an “ECDSA signature” that cannot be forged, unless you have the “private key” for it, which is impossible to obtain usually, but we were able to obtain it because Sony failed in implementing it properly.
Now, back on topic.. so what is this missing “npdrm hash algorithm” that we need? well it turns out that the “npdrm self” has a second signature, so it’s a “encrypted and signed self file” with an additional layer of security (the NPDRM layer) which re-encrypts it and re-signs it again. That second signature was not verified in 3.55 and is now verified since the 3.60 version of the PS3 firmware.
One important thing to note is that Sony did NOT make the same mistake with this signature, they always used a random number, so it it technically impossible to figure out the private key for it. To be more exact, this is the exact same case as the .pkg packages you install on the PS3, you need to patch the firmware (making it cfw) so that those .pkg files can be installed, and that’s because the .pkg files are signed with an ECDSA signature for which no one was able to get the private key. That’s why we call them “pseudo-retail packages” or “unsigned packages”.
The signature on the NPDRM self file uses the exact same ECDSA curve and the same key as the one used in PS3 .pkg files, so no one has (or could have) the private key for it. What this means is that, even though we finally figured out the missing piece and we now know how the NPDRM self is built, we simply cannot duplicate it.
The reason we wasted 2 months on this is because Mathieulh lied by saying that he can do it.. remember when the 4.0 was out and I said “I can confirm that my method still works” then he also confirmed that his “npdrm hash algorithm” still works too? well he didn’t do anything to confirm, he just lied about it because there is no way that he could have verified it because he doesn’t have the private key.
I said I will provide proof of the lies that Mathieulh gave us, so here they are : he said it’s in 3.56, that was a lie, he said it’s an AES OMAC, that was a lie, he said it’s an HMAC, that was a lie, he said it’s in appldr, that was a lie, he said it’s in lv1, that was a lie, he said that he can do it, that was a lie, he said that “it takes one hour to figure it out if you have a brain”, that was a lie, he said that he verified it to work on 4.0, that was a lie, he said that he had the algorithm/keys, that was a lie, he said that once we know the algorithm used, we can reproduce it, that was a lie, he kept referring to it as “the hash”, that was wrong. The proof ? It’s an ECDSA signature, it’s not a hash (two very different terms for different things), it was verified by vsh.self, it was not in lv2, or lv1, or appldr, and the private key is unaccessible, so there is no way he could build his own npdrm self files. Now you know the real reason why he refused to “share” what he had.. it’s because he didn’t have it…
So why do all this? was it because his arrogance didn’t allow him to admit not knowing something? or was it because he wanted to make us lose all this time? To me, it looks like pure sabotage, it was misleading information to steer us away from the real part of the code that holds the solution…. That is of course, if we are kind enough to assume that he knew what/where it was in the first place. In the end, he wasn’t smart enough to only lie about things that we could not verify.. now we know (we always knew, but now we have proof to back it) that he’s a liar, and I do not think that anyone will believe his lies anymore.
Enough talking about liars and drama queens, back to the 4.0 HEN solution… so what next? well, we now know that we can’t sign the file, so we can’t run our apps on 3.60+ (it can work on 3.56 though). What we will do is look for a different way, a completely new exploit that would allow the files we install to actual run on the PS3. We will also be looking for possible “signature collisions” and for that we will need the help of the community, hopefully there is a collision (same random number used twice) which will allow us to calculate the private key, and if that happens, then we can move forward with a release.
When will the “jailbreak” be released? If I knew, I’d tell you, but I don’t know.. I would have said in last november, then december, then before christmas, then before new year, etc… but as you can see, it’s impossible to predict what we will find.. we might get lucky and have it ready in a couple of days, or we may not and it will not be ready for another couple of months.. so all you need to do is : BE PATIENT (and please stop asking me about an estimated release date)!
I would like to thank the team who helped on this task for all this time and who never got discouraged, and I’d like to thank an anonymous contributor who recently joined us and who was instrumental in figuring it all out. We all believe that freedom starts with knowledge, and that knowledge should be open and available to all, that is why we are sharing this information with the world. We got the confirmation (by finding the public key used and verifying the signatures) yesterday and since sharing this information will not help Sony in any way to block our efforts in a future release, we have decided to share it with you. We believe in transparency, we believe in openness, we believe in a free world, and we want you to be part of it.
If you want to know more about this ECDSA signature algorithm, I tried to explain it in a blog post here, also, you can read this interesting paper that explains it in detail, and you can also watch Team Fail0verflow’s CCC presentation that first explained Sony’s mistake in their implementation, which made custom firmwares possible.
Thanks for reading,
KaKaRoTo
thanks for the info, look forward to informed
Thanks Kakaroto, I’ve seen all the bullshit you have gone through every day on twitter, well done and keep up the good work!
Pingback: Status update on the PS3 4.0 HEN
kakarotoks thank you very much you and your group and we are aware that there is garbage on the scene (Matheluh or whatever) will be patient and hope they do not leave your job because you look forward
luck
Thanks for letting us know, we believe in you and we will wait
“We will also be looking for possible “signature collisions” and for that we will need the help of the community.”
How exactly can the community help?
You can look for bad code and signature collisions. =) Not everyone can help because not everone knows how to do that ofc. but there is LOADS of people out there that DOES know how to do it, and if we all help eachother the Firmware will be done faster and we can use Homebrew again =]
Thank You, KaKaRoTo! /GHFear
We’ll be releasing an app to gather the signed files from your ps3s so we can find potential collisions in them. that’s how people can help, I’ll explain more about it when it’s ready.
HI kakaroto i want to say im a big fan off you i love hacking consuls if have soft mod the wii ps2 and had a kopybox for the snes i dont care for playing back ups but like you am mostly interesd it understanding this big comp tech stuff i been following you 4 sometime i know you know alot more ten me i just been doin this 6 mounts i understan you also doin ps3 sinds 1 year now but any how i had found some sony leaked stuff i coudnt understand but think maby it would help you out maby so iwanted to share and whent on the IRC then i did not know how irc worked first time there MACPREAK was kind enuff to help me out to upload the file to share then eussNLstarted making fun off me saying i was a troll and a noob like me mut go so i started explaining what i know i asked euss if it was posible to exit factory mode on firm ware higher then 355 then euss stared read they wiki you noob with old news en i only said i wanted to share and help out the had said i was like MATH so i said i wasnt him mac said before are you MATH indiscus LOL butt eussNLstared the diss respecting telling me i was a noob with no life and to much spare time and to scared to go play with my dick then kicked me then when i came back i was stiltrying to explain about sharin info caning knowleg as you stared you also did know everthing poeple help you out also and maby explain things to you butt eussnl toke my voice on the irc so i coudnt say any thing will still been called a dumb noob and troll then kick me agian so icame back to the IRC with no voice so i did the name chance HACK FOKPS3 became FOKeussNL then got baned i did not diss respect hell i respect eussNL just because i m off NL holland cool that holland also helps out and spain you from canada a rusian guy greek it like the world is uneted working 2 gette aat one goal i luf that espacaly sinds there is so much wrong in the world its good to see poeple united and help out i 4 sure will help out with you new app to get keys on collision if 4 biloen people help out then you can trully say the world uneted ohter 3,5 biloen foks is the system and sony corp or maby even they will help you out and join the being 1 world sharing and carin just as it was 1 world when the first man on the moon
i never dis respected eussNL butt sind i had no voice how can one speak and learn or defent him self if eussNL feels like i dissrespected im sorry 4 that
but eussNL good have just stay out off the conversation as MACPREAK was kind and patiat unef to help me out even if i was a noob (i like to know what does noob mean?)NOOB SABIAN MORTEL KOMBAT
gregory rasp decent guy he was the first to ever tweet back to me 2 i gotten 1 tweet back from you thank you same we wasnt abel to chat gose i got bant bye euss butt still with over 21000 followers on twit thx for coment about euss hope you read this would be nice to hear from you on tweet but i know you realy busy still woulb nice
I RESPECT ALL PS3DEV s except the lieing RAT OW iment MATH any maby geohot gus he was on tv sayin he hacked the ps3 all bye him self even thenMATH siad that geohot didnt hack the ps3 guse geo had used his mathldr exploit and it was you who made 3.41 the first cfw
bye and peace
PS will i ever get unbaned from irc ? gregory offert to join his ps3sancuary but some how i cant join his irc alsol
TL;DR
Your grammar is horrible (were you drunk?)
When looking at your post, I do not think you will get unbanned from IRC 😛
شكرا للجهود المبذوله لحقوق الملكيه الفكريه
وفقك الله
Thanks to all of kakaroto team you are very good people and i hope you very soon breaking jail and freedom us you are hero for child and the good man i understand and want from god to gaive you very very light of galexy.
thanks before
sharifshayan
سلام
با تشکر فراوان از طرف بچه های ایران وخاورمیانه امیدواریم موفق باشید .
thanks
hay dude, i enjoy reading your blog, would love to get involved but I’m too much of a dumass to understand code.. but most of the time i get the “just” of what your saying. Thanks for all the work. Big ups!
cheers R
tl;dr
Pingback: [Topic Ufficiale] KaKaRoTo annuncia il Jailbreak per OFW 3.73 - Pagina 32
When speaking of the signature collisions, are we, the end user, able to help?
Would it be beneficial to use distributed computing (CPU, GPU) over the net?
no bruteforcing is impossible in our lifetime, finding collisions is possible since sony screwed their implementation, but I’ll let you know more when the time comes.
Thank you for all your work, and we will be patient and understand his effort
thank you
Thanks for this status update Kakaroto.
Definitely a very interesting post to read for everybody who is interested in the background behind exploiting such systems as the PS3. If I had the skills in such low-level programming languages I’d love to join your team and help finding an exploit which could actually find a way around the signaturing process.
There are several people who’d love to share or send some information about PS3s if you need some.
This community poorly is full of drama-queens, attention-whores and retarded/demanding kiddies. However, there is a small group who honors the developers work.
Thanks. People like you still make the scene interesting enough for me to follow daily/weekly news.
Both of you, Mathieulh and you are nothing but drama queens.
Think of it, since the beginning of this scene, you have always been involved in drama. Firstly with Hermes and now with this idiot. There are people that have born to code, and there are people that have born to make drama. Guess which type you are.
Let’s hope those other 9 people in your team are not attention whores like you.
oooh poor you didn’t he finish his jb soon enough for you
last time i checked KaKaRoTo was still project leader you dumb f*ck
KaKaRoTo again thanks for all the hard work
and thank the other team members too without you guys we would have nothing at all to look out for even if it takes longer then expected
If there’s anything you need, any testers, any distributed cracking, anything at all, please don’t hesitate in asking your followers for help 🙂
Shame about the trolls though. Really disappointed in Math, thought he was way better than that. He’s like a Geohot without the skills!
We got the confirmation (by finding the public key used and verifying the signatures) yesterday and since sharing this information will not help Sony in any way to block our efforts in a future release
does that mean u guys did found the the right signatures sorry for the dump question
Read something about public/private key encription and answer that question yourself.
Hey kakaroto, thanks for the update. Came here from reading the update at psxscene 🙂
Just wanted to let you(and your dev team) know thanks for working so hard on something that you are not even being paid for (rather, paid with annoying emails and posts probably). Have been waiting in the midst of e3 flashers, true blue dongles, cobras, etc etc..
I really appreciate the update!
It will be something small, but I would like to donate- is there a link here in this blog or somewhere I can do so? (Or can anybody else let me know?)
An interesting read on the paper link about the elliptical curve cryptography, btw. Wow, I am not a CS major (closest I got to hardcore programming is Matlab :p), but this seems like some complicated algorithms to wade through!!
Thanks again- good luck
Sam
Hi, thanks, I’ve given your thanks (and from others) to the team.. but it’s rather “the team you’re working with” rather than “your team”, no one has ownership of the team :p
I’ve had a few people ask about the ecdsa algorithm post, so I will eventually post something about it that explains how it works, I still need to fully understand it myself.
As for donations, thanks, it’s appreciated, although it’s not really necessary. But if you’d like you can find a link at http://kakaroto.homelinux.net/donate.html
Thanks
We will also be looking for possible “signature collisions” and for that we will need the help of the community, hopefully there is a collision (same random number used twice) which will allow us to calculate the private key, and if that happens, then we can move forward with a release.
If I (or anyone in the community) could do anything to help you, only ask for it. Those who only have basic knowledge of programming (and understand your work) will be eternally grateful to you and your team.
THANKS!
Well done kakaroto and your team that are making it possible for us to use our ps3 to the fullest you guys are my heroes 😀 So happy people figured out that Mathieulh was a waster and was talking a load of shit which i had suspected the whole time lol
much love
Naniiii 🙂
I respect you for your job and your ideology. I against piracy, but i for free platform and possibility to run homebrew. Keep going man !
Hey its me Patrick, I uplaoded that video for you before… Can you contact me via twitter or facebook or email me at [email protected]? I want to help but dont know where to start or if I can even be of any help.
Hi, I remember you 🙂
What is it you need? just post your question here. For now I don’t need immediate help, when it’s time, I will ask people for help with instructions on what exactly they can do to help.
Thanks
^this. Is there some documentation on how we can find these random numbers? My PS3 is just sitting there due to more fun on the Wii. But that’s because I can’t be useful to the PS3 scene. My PS3 needs some action. Let me start my journey with PS3 hacking by helping with these “signature collisions”. (Sounds simple enough. If it’s doable I need to do this >.>)
it was supposed to be a “reply” to this..
http://kakaroto.homelinux.net/2012/01/status-update-on-the-ps3-4-0-hen/comment-page-1/#comment-40145
just a quick question. In FW 4.0 maybe SONY has fixed that problem on key … now it could be working perfectly like they want.
Have you seen the ECDSA equation now for FW4.0?!
P.S: if you need any help on VB and/or C# send me an e-mail !
Thank you very much. Don´t let yourselves down. Please keep fighting for the insterests of all the world, I believe you can do it. Thank you once again, and good luck guys. You deserve much more than this. Greetings from Portugal.
I wish I had the know how to do what you guys do. If I did I would love to work with you guys. It amazes me how you guys know all this stuff. Thank you for all the fine work you all have put in this. As for Math…. Well ….. I keep it clean. Thanks for putting him on front street and showing us he true colors.
Big thanks for info.
fake 4-0 hen
http://www.universodasroms.blogspot.com
\o/ \o/
Guys, trying to crack a ECDSA key is almost impossible. We would need to compute 1.208.925.819.614.629.174.706.176 keys to find it.
However some guys from a university in Finland proved that they could use the timing-attack technique to crack the private key.
Maybe someone should investigate this…
What do you guys think?
Here is the link for the research white paper: http://eprint.iacr.org/2011/232.pdf
Pingback: KaKaRoTo's says Mathieulh is full of . General Playstation 3 Chat
THANK KaKaRoTo’s… THANK!!!!!!!!!
YOU ARE THE KING
KING KaKaRoTo’s.
Hey this is ismaelrocks from twitter i just read everything and all i can say is thanks, is great to understand all the things that clear, from my part all the questions have been vanished with this, i just hope someday i can play something really free in my console install homebrew tools for my bluerays and feel a little more like (this thing i buyed is really mine).
Thank you again for all the efforts, every step you guys take is being written in history and is amazing so go on and never got discouraged or dissapointed since you are building something awesome.
From Colombia Southamerica we follow u at every step- Thanks
Obrigado KAKAROTO e sua equipe por todo o trabalho feito até então. Estou muito feliz pela informação e todo o pessoal do Brasil que quer ver um ps3 rodando homebrew também!
Agora para os burros de plantão que estavam chateando o kakaroto…Viram! Calem a boca! o cara se esforçou todo esse tempo tentando trazer a vocês um metodo de liberdade para o ps3!
Deixem ele trabalhar!
Que você seja recompensado por tudo Kakaroto!
Thank you very much !
If you give me a simple run-down of how this all works, I can work with ya… even if it’s in equation finding… PM me. I do Calc with my eyes closed, and have nothing but time for a couple months. (I) Need to contribute anyways. Brick. 🙂
Guess I should toss in I know [some] programming, and I’m VERY familiar with hex.
your best bet is to not listen the Math at all unless it is plan fucking English
Cette lecture était passionante, merci à toi Younes et les personnes de l’équipe dont tu fais partie car ce genre de post est rare. Bonne chance pour la suite des analyses sur la ps3.
Brother,muito obrigado pelos esclarecimentos,voce sim merece o respeito de todos que acompanham a cena,e todos que estiveram contigo tentando.Ainda que seja um balde de aqua fria,é bom saber a verdade.Espero que de alguma forma voces consigam,mas para mim ja são heróis.Sou Brasileiro espero que entenda tudo.Thanks brother,you is the mam…
Pingback: KaKARoTo fa il punto sull' Hen 4.0
superb job in writing this blog… my advice to someone who is dealing with a liar… make him believe that his “answers” are real… i find ignoring is easier… but the first option is much more entertaining :]
Also, I always believe what pisses you off always makes you stronger. I don’t think you wasted two months…. I know you know that every second of those two months you were with your team and they stuck by your side. So, now you know you have an amazing team! But, i also bet that you familiarized yourself with a lot info. you NEVER lose ;]
you and your team are awesome.
Sorry for my English.
So I wonder if:
To extract the missing keys is not enough to have 3 identical files pkg. only one would be from 3.55 to 3.66 druid third with 4.00?
The same content encoded other key should allow for the extraction of key …
THANK KaKaRoTo’s… THANK!!!!!!!!!
http://www.multiupload.com/JC54WKBZYF
Congratulations and good luck bro!
Mathieulh Please Die, you stupid baster.
i don’t Know the reason you lie, and i don’t care, all you do is to slow others from doing something you can just dream of doing.
kakaroto, good luck in what you are doing, hope you find what you looking for, and fast.
i hope that your next update will be when you break the sony completely.
Keep up the hard work! If I could help, I would. ><
If you have anything trivial that you could use people for, feel free to ask me! 😀
me parece facinante lo esperare con ancias ! y agradesco su esmero !
Thanks for sharing the team’s achievements with us KaKaRoTo, this is quite an impressive work to do. Quite a genkidama to say so xD
Greetings to you and the other members of the team for the work you truly are elite and deserve some respect for your teamwork and also for what was achieved. The following paragraphs will try to give the reason why we owe that to the team’s work.
Somehow this is also a funny announcement because your article publication’s date fits very well with the anti-SOPA protest. Should I use an adjective to qualify the timing I would say this is just a perfect timing, even if Sony claimed they were not backing SOPA anymore after the Anonymous threats.
To get back to your teamwork, I’ve read your wiki, some pastie’s provided by a mysterious anonymous irc nick, and oh yeah, I also watched the failover’s youtube video about the 2010 CCC event when they released the – fun isn’t it ? – pseudo random number (4 … like Sony’s OFW 4.00 😉 ).
Before watching the failover’s video and after reading I had the conviction that they used at least SHA-1 with something else but I would never have guessed it was AES, to say the truth I would have expected them to use something else maybe more secure than the AES algorithm, something different, maybe RSA. Thought, that might have been the better option they had at the time they designed the ps3 because AES was not pawned like it’s now with all the flourishing WiFi AES encrypted hotspots xD.
But achieving such performance needed more than that and thanks to your hack I’ve come to the conclusion that the next programming language I have to learn simply is : hex (which is not a programming language but a notation) ! It’s also a shortcut : 248163264, all are bytes, but we don’t learn to count natively on bytes, the most widespread counting system is the decimal system : /
Why ? Something simple : due to the variety of hardwares now, their diffusion, also the fact that platforms are increasingly using ARM arch and alike on embedded devices (if not always), and given the fact that low level programming is probably the one able to use to its maximum extent the capabilities of the hardware, then Hexadecimal is really something I got to learn. Why ? I’ve got to learn it because memory or should I say that in-memory instructions will be in RAM but locations in RAM, “memory blocks” if we can afford to say so, are written in hex for more comfort, but also to build a better algorithm (less voracious when it comes to RAM and CPU needs, and we know that small is beautiful xD) that’s what we can hack from the pasties.
Of course much more than hex was needed to do the job :
– a lot of time
– skills in domains suchs as :
* understanding the hardware’s design and how it worked
* understanding the software’s design both in terms of architecture so to say the software architecture (how it’s organized, how parts get along with other parts of codes/files) and in terms coding architecture (how it works, what are the instructions, where are they located, what is they role in the great scheme, etc…)
* understanding the virtualization at different levels such as userland (non-root lv2), kernel (lv1), and finally the hypervisor itself (lv0)
* understanding how encryption works (how we scramble things and XOR them and give all the stuff kind of an enigmatic look)
* understanding how decryption works (what the key does)
* understanding how to reverse engineering encryption (so to say how to break an encryption algorithm, or put in simple words how to find again the lost flat’s key we just need to get home)
* being able to work in team efficiently ( and your team demonstrated this and also that they were more efficient than some individual whose fullness of himself will probably make of him a living joke xD)
* well I’m not going to lie, a pretty good level in maths (not lh lol)
* a good understanding of *NIX, afterall PS3 soft side is widely relying on *NIX just the .pkg can prove it. Okay not only the .pkg 😀
* what else ? Knowledge about certificats oh thinking to it, yesterday’s night I found a dump of the OFW 4.00 on the net, I had a glimpse on it just by curiousity and inside the arch there was several certs, at least 30 certs, I’ve opened some of these in a well known text editor and it seemed that some of these differents certs had a very similar content, other seemed to be slightly different yet they were not totally singular.
* understanding what is hacking, what’s the spirit of hacking too and you, i mean the team, gave us a living example of what is hacking, what’s the spirit and how a hacker behaves.
At the begining of your article KaKaRoTo you’ve said that the team had not been slacking off the 2 previous months, but this was the end of the year so thank you to all the team for giving us this January 19th 2012 a second Merry Xmas which is also your second Merry Xmas !
merci pour tout ton travail a toi Kakaroto et tout les personne qui te rende service qui travaille avec toi lexou06 et the-green ect ce-serrer vraiment super si tu arrive affaire ton firmware 4.0
ou autre nouveauté moi je t’avoue que tu et le seul a qui j’ai confiance avec aussi wanikoko qui a fait vraiment du bon travail coter Nintendo et ps3
pour le travail de qualité que vous donner a tout le monde c est pas comme tout c ‘est fausse rumeur qui viens pourrir le scènes ps3 quand on regarde la team psp rien voir dans le système psp bon travaille a tous et merci pour tout
I’d just like to say how sorry I am that mateldouche wasted your time.