so basically its come back to him having actually not really done "much". He's e-peen proclamations of hacking the ps3 have fizzled out to getting hypervisor access in otherOS and not being able to run any kind of code? That and/or he doesnt really understand the security model of the ps3?
Right Let's Try This Again: PS3 Hypervisor Hacked
- Thread starter Dragona Akehi
- Start date
Sorry for the apparent double post, but he's posted a big update.
Well, at the very least he'll be able to make a modchip that'll enable RSX access in Linux.
I'm still a bit surprised the hypervisor is written in C++. I'm tempted to say something about how he's dealing with the compiled product so the language shouldn't matter, but I know C++ uses pointers and memory allocation differently from C (makes buffer overflow attacks harder, iirc).
Still have no idea what he means by kicking the isolated SPEs out.
Yeah, loading them's the easy part.
Ice Monkey
Member
Yeah I think its clear, everyone on neogaf hates piracy. Is it thus necessary to have post after post in this thread lambasting geohot's personal views on it? Stop reading his blog, stop reading this thread and move on.
I guess I'm one of the few here who doesn't give a crap what the hell he does with his personal life if he creates a way to circumvent the retarded savegame locking and the road to XBMC on the PS3.
"You, there, you like weird fetishes? I won't have my life saved by the likes of you."
*lets go of ledge and plunges to death
I guess I'm one of the few here who doesn't give a crap what the hell he does with his personal life if he creates a way to circumvent the retarded savegame locking and the road to XBMC on the PS3.
"You, there, you like weird fetishes? I won't have my life saved by the likes of you."
*lets go of ledge and plunges to death
SecretBonusPoint
Banned
Its just kinda sad that ultimately his "curiosity" and "need to open the platform" aren't for homebrew things but seemingly his completely naive and contemptable stance on piracy. Normally hackers avoid the issue, but I guess he's so dumb he can't see the repurcussions at all in any way.
I also love the constant whining "why isn't it ARM and an iPhone and rrrrrgh!". I think he's going to hit a brick wall if he hasn't already and then we'll see if Geohot has "the skillz" required.
I also love the constant whining "why isn't it ARM and an iPhone and rrrrrgh!". I think he's going to hit a brick wall if he hasn't already and then we'll see if Geohot has "the skillz" required.
Truespeed
Member
androvsky said:
Seems like the logical choice to me. What other language would IBM use?
androvsky said:
He's referring to the ability of the PPE to end an isolated SPE session. The PPE can only begin and end an isolated SPE session. The reason for this limited functionality is to secure the isolated SPE as much as possible. The isolated SPE vault is also where the decryption keys are revealed. Since he's given up on the isolated SPE, he's also given up on retrieving the keys to the system and the ability to sign any code.
if you "know" arm opcodes, then it's really not hard to extend that to know ppc or mips or whatever. it's all risc, and very similar. also, the hypervisor "being in c++" doesn't make sense. they don't ship the code with each machine like it's javascript or something. and knowing sony's game side api's, i doubt they decided to go object oriented for their hypervisor. well i guess maybe it could be a modification of ibm code... but either way knowing the high level language the program was originally written in isn't going to be what gets him stuck. it sounds like an excuse.
i was hesitant to doubt this kid, thinking he was some sort of wunderkind, but now i'm starting to think he's in way over his head.
this attempt had received the most publicity of any hacking attempts on the ps3 so far, and if it ends up going nowhere, that's a pretty huge victory for sony.
i was hesitant to doubt this kid, thinking he was some sort of wunderkind, but now i'm starting to think he's in way over his head.
this attempt had received the most publicity of any hacking attempts on the ps3 so far, and if it ends up going nowhere, that's a pretty huge victory for sony.
androvsky said:
I think he means stopping them. The only thing a PPU can do is 'stop' a isolated SPE. That's what I think he means by kicking it out (i.e. kicking the currently running program in the SPE out).
From the rest of his post then I'm guessing he feeds encrypted PPE code to the SPE that had its code kicked out, gets it to decrypt it and save the decrypted code out somewhere. I'm not sure how he's doing this - I don't think it's MEANT to be allowed to read any data the isolated SPE is dealing with. But again there's a difference between what's meant to happen and what does happen...maybe this has something to do with his hardware interference.
Then he's changing that code. How he's then running that code, I'm not sure. He says it's PPE code, so maybe some binaries or code modules are less rigorously checked at runtime vs others, particularly perhaps some of the ones that run on the PPE.
I dunno. Just guessing. Sounds like he's a fair bit of work still to do. I'm curious about the hardware element in this too - will it just be required to develop the hack, or will it be required to use it too? And whither OtherOS?
AzureNightmare
Banned
Protip: He wasnt anywhere near arguing in favour of Piracy. Don't put words into his mouth.Dambrosi said:
Ice Monkey
Member
Dambrosi said:
Admitting to piracy anywhere, especially one with a huge userbase that hates it is always a flamebait/idiotic maneuver.
Anyways, I guess I'm just tired of hearing the same old "geohot is a dirty pirate" and am itching badly for more juicy SPE/PPE discussion and with that in mind, everyone should ignore this post and carry on so I can learn more by osmosis (does that work through the interwebz?)
*Cue more posts about SPE isolation
The_Reckoning
Member
this guy is a fluke. He wasn't the 'guy who hacked the iphone" he was 2 generations late before he showed up on the iphone scene. He release a solid jailbreak, which I used. But the iphone dev team put in much more work. I dont believe this guy coulc "hack" his way out of a wet sack. As much as I'd love a homebrew for the ps3, this is not the guy who will give it to us.
Here at my university we had a work shop (it went for 4 Months ) about the effect of piracy on the music industry. What we finally find out was, that the people who share music are part of the group who also invest most in music. While they download tracks, they heavily visit concerts and buy music DVDs for example.
For the music industry it is not easy to say everyone who downloads a song hurts the industry but the gaming industry is a whole different situation. Someone need to do some researches to find the real effects out. It isnt always as easy as it looks like.
For the music industry it is not easy to say everyone who downloads a song hurts the industry but the gaming industry is a whole different situation. Someone need to do some researches to find the real effects out. It isnt always as easy as it looks like.
For a layman, geohot comments seem to point to a steady progress in the hacking. As much as i understand some users trying to show he isn't really close to hacking the PS3, it looks like a wishful thinking - he's one that's actively probing the system while others rely on doctuments and publicly shared information.
In short, it's looking more and more as a question of a (relatively short) 'when' rather than if.
On a side-note, can't help of feeling sort of dumb when a 20-year old has the capabilities and knowledge to hack those sort of stuff, even if he's a kind of a prodigy.
In short, it's looking more and more as a question of a (relatively short) 'when' rather than if.
On a side-note, can't help of feeling sort of dumb when a 20-year old has the capabilities and knowledge to hack those sort of stuff, even if he's a kind of a prodigy.
obonicus said:
He may be dumb, or as you say a really smart dumb person, but don't call him a kid. He is 20 and is in his 2nd year of college.
gofreak said:
Actually, according to the IBM docs, while the SPE is in isolation mode, the only real external command it can respond to is cancel. At which point, all data on the SPE's localstore is erased.
According to digital foundry, Hotz is trying to get the PPE to emulate the SPE. And since the PPE doesn't have all the protection features of the SPE, he should be able get the exposed keys from there.
Call me insane, but I don't think IBM would put the hardware keys in the PPE.
Mr.Potato Head
Banned
Umm..i wouldnt say he's a dumb kid.. he's the one that started off the iphone hacking..the first to get it cracked and it brought us the uber sexy jailbreak that alot of us enjoy for homebrew,etc,etcobonicus said:
SO i wouldnt go spouting off calling people names unless you know a little history about them.. just some advice that you may benefit from in the future, son. Besides this kid probably could run circles around both you and me when it comes to code.
KernelPanic
Member
But but he said it's not about piracy ! :lol
Amusing that making an ISO loader is at the top of his priority list.
Amusing that making an ISO loader is at the top of his priority list.
Lagspike_exe
Member
Wow, that's very smart design...
Even if the BD-ROM gets cracked (which is unlikely), it means that it will be able to run games released until a new FW update... Which reflashes the ROM again, and the crackers would need to keep up releasing cracked firmwares all the time. :lol
OldJadedGamer
Banned
Lagspike_exe said:
You mean just like the PSP?
infinityBCRT
Member
Access to the RSX is a big deal IMO. That means we could have XBMC-like software running in OtherOS which could handle 1080p.gcubed said:
Lagspike_exe
Member
OldJadedGamer said:
Before additional trolling, please learn the difference between BD-ROM firmware and PS3 OS firmware.
Thanks.
AndyD said:
Yeah, but hackers would need to make a new BD-ROM flash for each new XMB firmware update, since XMB FW update would reflash BD-ROM as well.
So, if you don't flash you don't get to play a new game and if you flash you lose the cracked BD-ROM firmware.
Not to mention the hassle of reflashing all the time.