[EmBoLa.be]

Originally Posted by Swish LOL I joined because i seen his comment censored when he proved a group wrong.. That all..

Yeah right, it's not up to me to make a decision, So i gonna leave it to the mods


And how can you prove it or seen the comment if its censored,

[Warning]

Anyone get this yet ?

[yeh_im_here]

Originally Posted by Swish LOL I joined because i seen his comment censored when he proved a group wrong.. That all..

I Seriously dont know what you see through your eyes but dude read the whole thread and get a basic understanding about the ps3 scene, he was censored after a warning , why because he was trolling with his ridiculous comments. I had to indue his c0ckiness and read through the whole thread and it ticked me off. He didnt prove a group wrong , any person can translate or put the words in to his head and understand it the way they want. but the way you and him translate the meaning is stupid .your actually making yourself look ridiculous btw.

[Swish]

Attention

STLcardsWS grow the hell up, seriously, how damn immature do you have to be, to create a new account to argue that your suspended account is right, stop being a little baby and get over the fact that you are wrong, seek professional help for your narcissism and get a life, any more crap like this and i will turn the three week suspension on your STLcardsWS account to a permanent one

[defyboy]

I don't think this is a step closer to discovering the per-console root key. The EID root key is generated at factory and incorporated into metldr. metldr is encrypted with your per-console root key and stored on flash. Please note that while it is speculated that the EID root key is a derivative of the root key, that does not mean that it can be used to calculate the root key. Infact, being able to do so is idiotically counter-intuitive of the purpose of having two separate keys.

The per-console root key is likely burnt into the CPU via One Time Programming over the JTAG port, of which is disabled after programming. There is a hardware decryption routine that uses this key called Runtime Secure Boot, you cannot access or invoke this routine because it only runs when you load an encrypted image into an isolated SPU.

This is IBM's design, not sony's. This was designed to be a very secure multi-purpose processor and it was designed by a company that designs security and military systems for governments and large organisations, not a company that mostly makes consumer grade TV's and DVD Players. It was Sony's implementation of the secure chain of trust that failed but I don't see IBM's part failing anytime soon.

This paper explains everything: http://www.ibm.com/developerworks/po...-cellsecurity/

Because of the root key's importance in keeping all other keys hidden, it must be robustly protected. The Cell BE processor accomplishes this with its Hardware Root of Secrecy. The root key is embedded in the hardware, and you cannot access it with software means; only a hardware decryption facility has access to it. This makes it much more difficult for software to be somehow manipulated so that the root key is exposed, and of course, the hardware functionality cannot be changed so that the key is exposed.

Anyway, Sony cannot change metldr or bootldr on current hardware so they no longer have control of those, we only need to dump bootldr to get the lv0 key, this is the highest level sony can change. If we get the lv0 key we can generate a private key where we will be able to decrypt/re-encrypt the entire chain of firmware for current/future firmware.

[Sabinrene]

Sorry to dissappoint but according to a few good sources of mine we are not really closer to new cfw then we were few months ago. yea a lot more new guys try to make stuff happen now...but please dont get your hopes up.

[Rixevo]

I have a question.......

In pretty much every thread i have read it always turns into a fight, i have two kids one aged 3 and one aged 6 and they dont fight near as much as some people i have seen on this scene!!

I must admit tho it is pretty amusing some days!!

oh yea my question is....

WHY?

[H3avyRa1n]

great to see that the last pages of this thread are worthless reading.. *sigh*
maybe you can use them to create a script to a mexican soap opera (no offense to the mexicans)

[erexx]

Originally Posted by defyboy Anyway, Sony cannot change metldr or bootldr on current hardware so they no longer have control of those, we only need to dump bootldr to get the lv0 key, this is the highest level sony can change. If we get the lv0 key we can generate a private key where we will be able to decrypt/re-encrypt the entire chain of firmware for current/future firmware.

Yes, that's the theory under the 3rd bullet point on the front page for "under per_console_root_key_0" copied from the wikidev.

-metldr is decrypted with this key
-bootldr is decrypted with this key
-might be obtained with per_console_root_key_1?
(largely speculative, not nec. true – need more looked into,
only based on the behavior of the other derivatives known to be obtained through AES)

They are close enough to the core metal of the system that they are starting to directly take on IBM's engineering team.
Good stuff. When they are done it should give IBM something to think about...

Sony's USB Jig and Microsofts plain text DVD firmware both addons to IBM technology.

Originally Posted by H3avyRa1n great to see that the last pages of this thread are worthless reading.. *sigh* maybe you can use them to create a script to a mexican soap opera (no offense to the mexicans)

None taken.
We personally love MariMar in this house... Seriously... rags to riches to revenge and sorrow... what more is there?

[FortyThieves]

Originally Posted by bigo93 This just dumps a few console keys, they are not system master/root keys. You also have to remember that the keys then have to be decrypted before they can make any use of them This article has been over-hyped and any real user usable application probably wont be available until some time after the new year!

Too bad i might just get the e3 flasher then...