Quantcast
Sony says sorry for other os take down

Forums - Sony Discussion - Sony says sorry for other os take down

Kasz216 said:

It was in the best intrests of the majority to remove a feature the majority never used and therefore were never at risk of anything... by screwing over a minority of people who used this and who are the only people effected.

Yeah... ok Sony.

People who think Sony doing this is a positve need a major reality check.

Hell this isn't even going to slow down piracy, if anything it will probably lead to a piracy solution quicker because Sony decided to anatagonize people who use Linux on the PS3... aka hackers... and also basically threw down a gauntlet to a bunch of other people.

Hardly matters.

First, there are no PS3s being produced that run Linux.

Second, the vast majority of owners who have an older PS3 will simply update the firmware with no regard for the loss of Linux as they, like the vast majority of PS3 owners, had no intention of ever installing Linux.

Add to these the older PS3s that are no longer working.

Ultimately, you're left with a shrinking number of consoles that are capable of having a hardware hack installed on an older console that can run Linux.

Net result: it makes a slightly larger niche market for old PS3s among the small community of users determined to play pirated games.

When found, this solution does nothing for the vast majority of PS3 owners who don't have an older PS3, aren't running Linux, don't have the hardware modifications made to their console and of course the simplest part of playing pirated games: don't have a PC with a BD burner and a stack of BD media.

You're left with a pretty insignificant number of potential pirates who have to leap through quite a few hoops just to play pirated games.

So someone gets a working solution to play pirated games on a software and hardware hacked PS3. Congrats. Really; congrats. It will have taken almost four years. The only benefit for the general public wlll be the inevitable Youtube videos displaying the achievement since it won't help all but a tiny niche of people who are very dedicated to playing pirated games.

SCE isn't concerned with this tiny niche of people that will go through more trouble than it's worth simply because they can.

They're concerned with general piracy among regular consumers who wouldn't have to do anything more than pay their local hardware hacker $50 to install a mod chip and supply them with $10 burned games.



Around the Network
fordy said:
joeorc said:
fordy said:
joeorc said:
fordy said:
joeorc said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

the way in was the use of a board shocker!

he could not have done it anyother way without mod chiping the board. So no! many people tryed it just by software alone and for 3 year's they failed. there is more way's but all require opening up the PS3 and using custom hardware to do it. and I know of another way and it involves another PCB board hooked upto the PS3 but the fact that was not the only thing it also required software and that was also Linux.

That's a completely different story then, since the hardware itself was comproised, but in that case, you'd find that no part of the system would be safe then. Even if OtherOS was removed, the system could still be breached through hardware, and always would be. It's a sad fact, but that's the way it goes. Hence, why servers are often physically locked up from the outside world.

and that's how he got into the security. but by removing the Linux access through the PS3 it does help to prevent hacking of not just password's but other data as well. No linux through the PS3 HELP'S in reduction of those said encrytion hack attempt's.

for example:

Nick Breese

through a single PS3 was able to get his PS3 to do quite a few thing's one of which:

The strength of cryptography implementations is usually based on its cracking time -- how long it would take for someone to sit down and crack it, says Breese. His discovery has demonstrated that the capability of cracking encryption algorithms has multiplied by 100.

Within PS3, in Breese's case running Linux, there are six SPU (Synergistic Processing Unit) processor cores. Each core is able to do four calculations -- so across all of the cores it is possible to do 24 calculations at the same time, he says. The simplistic design of the processor architecture also helped increase the speed, he says.

Breese was looking for a way to optimize processing to make MD5 calculations go very quickly, he says. MD5 (Message-Digest algorithm 5) is one of the most used cryptographic hash functions. The PS3 managed to conduct over 1.4 billion MD5 calculations a second, he says.

that's just one PS3!

EVEN TO USE

Salt Cryptography may not be enough

Okay, we're getting a little off track here. I am aware of what the PS3 is capable of.

From what I can gather, the software side still required a full encompassment of the entire PS3's system memory. a breach could have then been made by routing the controlling CPU's protectd mode flag and accessed memory outside of it's operating environment.

Now, let me tell you why a VE would also fix this:

Addresses in the VE are exclusive only to the environment itself. The only part that knows how to map VE addresses to real memory is the OS that Sony uses to drive the PS3 itself, and even then, it is usually a single chunk in memory.

In order to breach memory outside of the VE by using hardware breaches and software within the VE, a hardware hack would need to be made in order to change the pointing address to the memory space used by the VE. This would also change the pointing address to the Linux OS itself, and effectively halt the Linux dist installed on the VE. Within the VE, it would merely be seen as a massive corruption of memory. It would give no chance for any custom software to do it's stuff before the VE halts.

no you cannot access the SPE's protected flag even by hardware because you have no access to it from outside the spe, even a physical hack would not allow you to get that information, geohot is running his exploit in an Virtual enviroment already. that's how it's within the PS3

In that case, it is the fault of the VE. The VE should be limited to it's own range of memory only, and any successful attempts at circumventing that should be dealt with by updating the VE security, not by removing the entire feature altogether.

 what he done was map the memory and duplicated a VE enviroment based on that memory. you cannot update the VE security if your Enviroment is created outside of Sony's security enviroment VE. it's two seperate VE enviroment's being ran at the same time!

Sony can update their VE enviroment but that does nothing to stop his VE enviroment.



I AM BOLO

100% lover "nothing else matter's" after that...

ps:

Proud psOne/2/3/p owner.  I survived Aplcalyps3 and all I got was this lousy Signature.

I'll put it another way, say you use a yearly gym membership for about 360that allows you to bring you to let one of your family members come in as well and use it whenever they want... including adopted relatives.

Few people give their adopted relatives the free membership and out of that group, some are adopting their friends to get them in free. Is it right for them to discontinue this right in the middle of peoples memberships?

Of course not. It inconveniences the innocent just to punish the guilty. To make it so that all other memberships after this doesn't apply. That makes sense. (AKA the slim.)



Lol @ Sony Defense Force(tm) @ this matter. Its like saying 'I didn't even know that guy. Its just common interest to kill him, if he knows too much.', when someone is going to be killed in public because of knowing too much or something.

Its almost as good as PS3 is good, because of Amiga.
(Virtual cookie for the one who knows from whom that impression was. :D)

Anyway, all this is very bad PR for Sony and looks like I am not getting PS3 at all.



Kasz216 said:
jneul said:
Kasz216 said:
jneul said:
huh I am chilled, lol, I am backing up Sony here they said sorry and explained it is for the greater good, I thought it would be better if a sony fan posted this instead of just a random person, lol

So all it takes is for someone to claim something "is for the greater good" and your fine with it.  Nevermind Sony said it was for security reasons only.

They've never once actually mentioned piracy to my knowledge.  So, how is this for the greater good for removing it because of security issues... that the majority won't ever expierence because they won't even use it?

Not to mention... security problems with Linux on the cell?  Is there even a MORE obscure thing to design a security exploit for?  If they don't bother with Apple why would they bother with this?

Unfortuantely I know so much more about this than you think, GeoHotz went to alot of trouble just to get this far, after thinking about it really it would not surprise me how much futher hackers would be willing to go, do not under-estimate them

I do not just believe Sony, I know alot of things, unfortunately, I am a programmer I can program in c#, c++, Java, Visual Basic and Assembly language, I could develop some nasty applications if I put my mind to it, but I am not like that.

Believe sony... about what?  Once again, this security issue doesn't effect ANYBODY who doesn't have other OS installed?  Yes?

So... uh... what's your greater good? 

Stopping the phat PS3's from pirating?  That's not the greater good... that's Sony having left a door wide open that they should of known would of been a probelm when they were designing it.  Period.

They didn't they put it in.  I feel sorry for Sony, but it's wrong of them to remove a feature they sold the product with.

right you do know developing HD games cost a lot of money, it is hard for a deveoper to make a profit in recent times, hence the reason why alot of them are going multi, now stop being silly please, this is for the greater good, piracy is bad.

Finally if you enable piracy on the ps3 via custom firmware I am betting you will have to overide it's security features, this will leave the door open to attacks such as stealing personal information, I am sorry but I think you are living in pixie land if you think people will not try and take advantage of newer abilities on PS3



it's the future of handheld

PS VITA = LIFE

The official Vita thread http://gamrconnect.vgchartz.com/thread.php?id=130023&page=1

Around the Network
greenmedic88 said:
Kasz216 said:

It was in the best intrests of the majority to remove a feature the majority never used and therefore were never at risk of anything... by screwing over a minority of people who used this and who are the only people effected.

Yeah... ok Sony.

People who think Sony doing this is a positve need a major reality check.

Hell this isn't even going to slow down piracy, if anything it will probably lead to a piracy solution quicker because Sony decided to anatagonize people who use Linux on the PS3... aka hackers... and also basically threw down a gauntlet to a bunch of other people.

Hardly matters.

First, there are no PS3s being produced that run Linux.

Second, the vast majority of owners who have an older PS3 will simply update the firmware with no regard for the loss of Linux as they, like the vast majority of PS3 owners, had no intention of ever installing Linux.

Add to these the older PS3s that are no longer working.

Ultimately, you're left with a shrinking number of consoles that are capable of having a hardware hack installed on an older console that can run Linux.

Net result: it makes a slightly larger niche market for old PS3s among the small community of users determined to play pirated games.

When found, this solution does nothing for the vast majority of PS3 owners who don't have an older PS3, aren't running Linux, don't have the hardware modifications made to their console and of course the simplest part of playing pirated games: don't have a PC with a BD burner and a stack of BD media.

You're left with a pretty insignificant number of potential pirates who have to leap through quite a few hoops just to play pirated games.

So someone gets a working solution to play pirated games on a software and hardware hacked PS3. Congrats. Really; congrats. It will have taken almost four years. The only benefit for the general public wlll be the inevitable Youtube videos displaying the achievement since it won't help all but a tiny niche of people who are very dedicated to playing pirated games.

SCE isn't concerned with this tiny niche of people that will go through more trouble than it's worth simply because they can.

They're concerned with general piracy among regular consumers who wouldn't have to do anything more than pay their local hardware hacker $50 to install a mod chip and supply them with $10 burned games.

Actually no.  I mean people will work to find a way to hack the actual PS3.  Or even find a way to reset and/or customize the firmware like PSP.


So instead of only old phat systems being able to pirate for the small amount of people who want to find an old PS3 to pirate... they open it up to where every PS3 may end up being pirateable.

Other OS was actually a good diversion to keep the hackers on.



jneul said:
Kasz216 said:
jneul said:
Kasz216 said:
jneul said:
huh I am chilled, lol, I am backing up Sony here they said sorry and explained it is for the greater good, I thought it would be better if a sony fan posted this instead of just a random person, lol

So all it takes is for someone to claim something "is for the greater good" and your fine with it.  Nevermind Sony said it was for security reasons only.

They've never once actually mentioned piracy to my knowledge.  So, how is this for the greater good for removing it because of security issues... that the majority won't ever expierence because they won't even use it?

Not to mention... security problems with Linux on the cell?  Is there even a MORE obscure thing to design a security exploit for?  If they don't bother with Apple why would they bother with this?

Unfortuantely I know so much more about this than you think, GeoHotz went to alot of trouble just to get this far, after thinking about it really it would not surprise me how much futher hackers would be willing to go, do not under-estimate them

I do not just believe Sony, I know alot of things, unfortunately, I am a programmer I can program in c#, c++, Java, Visual Basic and Assembly language, I could develop some nasty applications if I put my mind to it, but I am not like that.

Believe sony... about what?  Once again, this security issue doesn't effect ANYBODY who doesn't have other OS installed?  Yes?

So... uh... what's your greater good? 

Stopping the phat PS3's from pirating?  That's not the greater good... that's Sony having left a door wide open that they should of known would of been a probelm when they were designing it.  Period.

They didn't they put it in.  I feel sorry for Sony, but it's wrong of them to remove a feature they sold the product with.

right you do know developing HD games cost a lot of money, it is hard for a deveoper to make a profit in recent times, hence the reason why alot of them are going multi, now stop being silly please, this is for the greater good, piracy is bad.

Finally if you enable piracy on the ps3 via custom firmware I am betting you will have to overide it's security features, this will leave the door open to attacks such as stealing personal information, I am sorry but I think you are living in pixie land if you think people will not try and take advantage of newer abilities on PS3

People don't bother on Linux or Apple... why woud they bother on PS3... also... if pirates get their information stolen by hackers, fuck them they're pirates.

As for the "HD games cost a lot of money"  Sony should of thought of that before they put other OS in to begin with... not to mention there aren't THAT many phat PS3's out there where it should make a difference.  Let alone phat PS3's belonging to people who are going to want to pirate.

People who pirate a lot tend to not buy a system until the way to pirate has been created since you know... they don't want to pay for games.

 

The end result would be a small amount of hackers buying up old PS3s.  Hardly catastrophic... and even if it was... it's Sony's fault to begin with.



joeorc said:
fordy said:
joeorc said:
fordy said:
joeorc said:
fordy said:
joeorc said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

the way in was the use of a board shocker!

he could not have done it anyother way without mod chiping the board. So no! many people tryed it just by software alone and for 3 year's they failed. there is more way's but all require opening up the PS3 and using custom hardware to do it. and I know of another way and it involves another PCB board hooked upto the PS3 but the fact that was not the only thing it also required software and that was also Linux.

That's a completely different story then, since the hardware itself was comproised, but in that case, you'd find that no part of the system would be safe then. Even if OtherOS was removed, the system could still be breached through hardware, and always would be. It's a sad fact, but that's the way it goes. Hence, why servers are often physically locked up from the outside world.

and that's how he got into the security. but by removing the Linux access through the PS3 it does help to prevent hacking of not just password's but other data as well. No linux through the PS3 HELP'S in reduction of those said encrytion hack attempt's.

for example:

Nick Breese

through a single PS3 was able to get his PS3 to do quite a few thing's one of which:

The strength of cryptography implementations is usually based on its cracking time -- how long it would take for someone to sit down and crack it, says Breese. His discovery has demonstrated that the capability of cracking encryption algorithms has multiplied by 100.

Within PS3, in Breese's case running Linux, there are six SPU (Synergistic Processing Unit) processor cores. Each core is able to do four calculations -- so across all of the cores it is possible to do 24 calculations at the same time, he says. The simplistic design of the processor architecture also helped increase the speed, he says.

Breese was looking for a way to optimize processing to make MD5 calculations go very quickly, he says. MD5 (Message-Digest algorithm 5) is one of the most used cryptographic hash functions. The PS3 managed to conduct over 1.4 billion MD5 calculations a second, he says.

that's just one PS3!

EVEN TO USE

Salt Cryptography may not be enough

Okay, we're getting a little off track here. I am aware of what the PS3 is capable of.

From what I can gather, the software side still required a full encompassment of the entire PS3's system memory. a breach could have then been made by routing the controlling CPU's protectd mode flag and accessed memory outside of it's operating environment.

Now, let me tell you why a VE would also fix this:

Addresses in the VE are exclusive only to the environment itself. The only part that knows how to map VE addresses to real memory is the OS that Sony uses to drive the PS3 itself, and even then, it is usually a single chunk in memory.

In order to breach memory outside of the VE by using hardware breaches and software within the VE, a hardware hack would need to be made in order to change the pointing address to the memory space used by the VE. This would also change the pointing address to the Linux OS itself, and effectively halt the Linux dist installed on the VE. Within the VE, it would merely be seen as a massive corruption of memory. It would give no chance for any custom software to do it's stuff before the VE halts.

no you cannot access the SPE's protected flag even by hardware because you have no access to it from outside the spe, even a physical hack would not allow you to get that information, geohot is running his exploit in an Virtual enviroment already. that's how it's within the PS3

In that case, it is the fault of the VE. The VE should be limited to it's own range of memory only, and any successful attempts at circumventing that should be dealt with by updating the VE security, not by removing the entire feature altogether.

 what he done was map the memory and duplicated a VE enviroment based on that memory. you cannot update the VE security if your Enviroment is created outside of Sony's security enviroment VE. it's two seperate VE enviroment's being ran at the same time!

If they are able to create another VE process in parallel, then they obviously must still be working within the jurisdiction of Sony's OS. After all, the software drives multitasking, not hardware. In this case, it is still within the bounds of reason to prevent such erroneous processes from being created within that environment.



Kasz216 said:
greenmedic88 said:
Kasz216 said:

It was in the best intrests of the majority to remove a feature the majority never used and therefore were never at risk of anything... by screwing over a minority of people who used this and who are the only people effected.

Yeah... ok Sony.

People who think Sony doing this is a positve need a major reality check.

Hell this isn't even going to slow down piracy, if anything it will probably lead to a piracy solution quicker because Sony decided to anatagonize people who use Linux on the PS3... aka hackers... and also basically threw down a gauntlet to a bunch of other people.

Hardly matters.

First, there are no PS3s being produced that run Linux.

Second, the vast majority of owners who have an older PS3 will simply update the firmware with no regard for the loss of Linux as they, like the vast majority of PS3 owners, had no intention of ever installing Linux.

Add to these the older PS3s that are no longer working.

Ultimately, you're left with a shrinking number of consoles that are capable of having a hardware hack installed on an older console that can run Linux.

Net result: it makes a slightly larger niche market for old PS3s among the small community of users determined to play pirated games.

When found, this solution does nothing for the vast majority of PS3 owners who don't have an older PS3, aren't running Linux, don't have the hardware modifications made to their console and of course the simplest part of playing pirated games: don't have a PC with a BD burner and a stack of BD media.

You're left with a pretty insignificant number of potential pirates who have to leap through quite a few hoops just to play pirated games.

So someone gets a working solution to play pirated games on a software and hardware hacked PS3. Congrats. Really; congrats. It will have taken almost four years. The only benefit for the general public wlll be the inevitable Youtube videos displaying the achievement since it won't help all but a tiny niche of people who are very dedicated to playing pirated games.

SCE isn't concerned with this tiny niche of people that will go through more trouble than it's worth simply because they can.

They're concerned with general piracy among regular consumers who wouldn't have to do anything more than pay their local hardware hacker $50 to install a mod chip and supply them with $10 burned games.

Actually no.  I mean people will work to find a way to hack the actual PS3.  Or even find a way to reset and/or customize the firmware like PSP.


So instead of only old phat systems being able to pirate for the small amount of people who want to find an old PS3 to pirate... they open it up to where every PS3 may end up being pirateable.

Other OS was actually a good diversion to keep the hackers on.

As soon as it happens, and we see current production PS3s running pirated games, feel free to make a thread about it.

By the time we see a $50 mod chip and $10 BD burned games, the PS3 will be in its twilight years.

I'm not holding my breath and neither should you.



joeorc said:
fordy said:
joeorc said:
fordy said:
joeorc said:
fordy said:
joeorc said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

the way in was the use of a board shocker!

he could not have done it anyother way without mod chiping the board. So no! many people tryed it just by software alone and for 3 year's they failed. there is more way's but all require opening up the PS3 and using custom hardware to do it. and I know of another way and it involves another PCB board hooked upto the PS3 but the fact that was not the only thing it also required software and that was also Linux.

That's a completely different story then, since the hardware itself was comproised, but in that case, you'd find that no part of the system would be safe then. Even if OtherOS was removed, the system could still be breached through hardware, and always would be. It's a sad fact, but that's the way it goes. Hence, why servers are often physically locked up from the outside world.

and that's how he got into the security. but by removing the Linux access through the PS3 it does help to prevent hacking of not just password's but other data as well. No linux through the PS3 HELP'S in reduction of those said encrytion hack attempt's.

for example:

Nick Breese

through a single PS3 was able to get his PS3 to do quite a few thing's one of which:

The strength of cryptography implementations is usually based on its cracking time -- how long it would take for someone to sit down and crack it, says Breese. His discovery has demonstrated that the capability of cracking encryption algorithms has multiplied by 100.

Within PS3, in Breese's case running Linux, there are six SPU (Synergistic Processing Unit) processor cores. Each core is able to do four calculations -- so across all of the cores it is possible to do 24 calculations at the same time, he says. The simplistic design of the processor architecture also helped increase the speed, he says.

Breese was looking for a way to optimize processing to make MD5 calculations go very quickly, he says. MD5 (Message-Digest algorithm 5) is one of the most used cryptographic hash functions. The PS3 managed to conduct over 1.4 billion MD5 calculations a second, he says.

that's just one PS3!

EVEN TO USE

Salt Cryptography may not be enough

Okay, we're getting a little off track here. I am aware of what the PS3 is capable of.

From what I can gather, the software side still required a full encompassment of the entire PS3's system memory. a breach could have then been made by routing the controlling CPU's protectd mode flag and accessed memory outside of it's operating environment.

Now, let me tell you why a VE would also fix this:

Addresses in the VE are exclusive only to the environment itself. The only part that knows how to map VE addresses to real memory is the OS that Sony uses to drive the PS3 itself, and even then, it is usually a single chunk in memory.

In order to breach memory outside of the VE by using hardware breaches and software within the VE, a hardware hack would need to be made in order to change the pointing address to the memory space used by the VE. This would also change the pointing address to the Linux OS itself, and effectively halt the Linux dist installed on the VE. Within the VE, it would merely be seen as a massive corruption of memory. It would give no chance for any custom software to do it's stuff before the VE halts.

no you cannot access the SPE's protected flag even by hardware because you have no access to it from outside the spe, even a physical hack would not allow you to get that information, geohot is running his exploit in an Virtual enviroment already. that's how it's within the PS3

In that case, it is the fault of the VE. The VE should be limited to it's own range of memory only, and any successful attempts at circumventing that should be dealt with by updating the VE security, not by removing the entire feature altogether.

 what he done was map the memory and duplicated a VE enviroment based on that memory. you cannot update the VE security if your Enviroment is created outside of Sony's security enviroment VE. it's two seperate VE enviroment's being ran at the same time!

Sony can update their VE enviroment but that does nothing to stop his VE enviroment.

I am just quoting this because its size