PS3Hax Network - Playstation 3 Hacks and Mods - View Single Post - Geohot: PS3 100% Hacked, no need for rootkey and more

Pirate · 02-13-2010

Today GeoHot brings more updates from his blog and twitter about his PS3 work, to quote:

Today I verified my theories about running the isolated SPUs as crypto engines. I believe that defeats the last technical argument against the PS3 being hacked.

In OtherOS, all 7 SPUs are idle. You can command an SPU(which I'll leave as an exercise to the reader) to load metldr, from that load the loader of your choice, and from that decrypt what you choose, everything from pkgs to selfs. Including those from future versions.

The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.

Ah, but you still didn't get the Cell root key. And I/we never will. But it doesn't matter. For example, we don't have either the iPhone or PSP "root key". But I don't think anyone doubts the hackedness of those systems.

I wonder if any systems out there are actually secure?

And from his twitter:

Today I validated my theories about running the isolated SPUs on the PS3 as crypto engines. The PS3 is 100% hacked. So where my homebrew at?

Stay tuned for more updates.

[VIA]

02-13-2010	#1
Pirate Join Date: Feb 2007 Posts: 6,945 Likes: 370 Liked 8,006 Times in 1,240 Posts Mentioned: 575 Post(s) Tagged: 0 Thread(s)	Geohot: PS3 100% Hacked, no need for rootkey and more Today GeoHot brings more updates from his blog and twitter about his PS3 work, to quote: Today I verified my theories about running the isolated SPUs as crypto engines. I believe that defeats the last technical argument against the PS3 being hacked. In OtherOS, all 7 SPUs are idle. You can command an SPU(which I'll leave as an exercise to the reader) to load metldr, from that load the loader of your choice, and from that decrypt what you choose, everything from pkgs to selfs. Including those from future versions. The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor. Ah, but you still didn't get the Cell root key. And I/we never will. But it doesn't matter. For example, we don't have either the iPhone or PSP "root key". But I don't think anyone doubts the hackedness of those systems. I wonder if any systems out there are actually secure? And from his twitter: Today I validated my theories about running the isolated SPUs on the PS3 as crypto engines. The PS3 is 100% hacked. So where my homebrew at? Stay tuned for more updates. [VIA]