By using this site, you agree to our Privacy Policy and our Terms of Use. Close

Forums - Sony Discussion - Sony says sorry for other os take down

fordy on 09 April 2010
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

I know what you are going on about, sadly, what makes you think that hackers will not find newer and better ways of getting what they want, it does not matter how many new features you include nothing is unbreakable, unfortunately, and yes I'm being serious, but it really does look so much more than posting facts to me.

That's the beauty of Virtualisation. Any new compronise can be fixed with a revision towards the Virtual Environment. 

What I'm saying is, while removing the OtherOS MAY be more secure, it should not be Sony's final decision. There are ways to keep the OtherOS and remain almost as secure.



Around the Network
fordy on 09 April 2010
joeorc said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

the way in was the use of a board shocker!

he could not have done it anyother way without mod chiping the board. So no! many people tryed it just by software alone and for 3 year's they failed. there is more way's but all require opening up the PS3 and using custom hardware to do it. and I know of another way and it involves another PCB board hooked upto the PS3 but the fact that was not the only thing it also required software and that was also Linux.

That's a completely different story then, since the hardware itself was comproised, but in that case, you'd find that no part of the system would be safe then. Even if OtherOS was removed, the system could still be breached through hardware, and always would be. It's a sad fact, but that's the way it goes. Hence, why servers are often physically locked up from the outside world.



jneul on 09 April 2010
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

I know what you are going on about, sadly, what makes you think that hackers will not find newer and better ways of getting what they want, it does not matter how many new features you include nothing is unbreakable, unfortunately, and yes I'm being serious, but it really does look so much more than posting facts to me.

That's the beauty of Virtualisation. Any new compronise can be fixed with a revision towards the Virtual Environment. 

What I'm saying is, while removing the OtherOS MAY be more secure, it should not be Sony's final decision. There are ways to keep the OtherOS and remain almost as secure.

you should listen to jeorc, GeoHotz went to a lot of trouble to hack the PS3 and he is right his method does require software as well, there is no way to do this on Game Os at the moment, but if custom firmware allows hackers to bypass security features on PS3 than CFW Ps3'S may be vunerable to futher attacks, do you understand now??



it's the future of handheld

PS VITA = LIFE

The official Vita thread http://gamrconnect.vgchartz.com/thread.php?id=130023&page=1

joeorc on 09 April 2010
fordy said:
joeorc said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

the way in was the use of a board shocker!

he could not have done it anyother way without mod chiping the board. So no! many people tryed it just by software alone and for 3 year's they failed. there is more way's but all require opening up the PS3 and using custom hardware to do it. and I know of another way and it involves another PCB board hooked upto the PS3 but the fact that was not the only thing it also required software and that was also Linux.

That's a completely different story then, since the hardware itself was comproised, but in that case, you'd find that no part of the system would be safe then. Even if OtherOS was removed, the system could still be breached through hardware, and always would be. It's a sad fact, but that's the way it goes. Hence, why servers are often physically locked up from the outside world.

and that's how he got into the security. but by removing the Linux access through the PS3 it does help to prevent hacking of not just password's but other data as well. No linux through the PS3 HELP'S in reduction of those said encrytion hack attempt's.

for example:

Nick Breese

through a single PS3 was able to get his PS3 to do quite a few thing's one of which:

The strength of cryptography implementations is usually based on its cracking time -- how long it would take for someone to sit down and crack it, says Breese. His discovery has demonstrated that the capability of cracking encryption algorithms has multiplied by 100.

Within PS3, in Breese's case running Linux, there are six SPU (Synergistic Processing Unit) processor cores. Each core is able to do four calculations -- so across all of the cores it is possible to do 24 calculations at the same time, he says. The simplistic design of the processor architecture also helped increase the speed, he says.

Breese was looking for a way to optimize processing to make MD5 calculations go very quickly, he says. MD5 (Message-Digest algorithm 5) is one of the most used cryptographic hash functions. The PS3 managed to conduct over 1.4 billion MD5 calculations a second, he says.

that's just one PS3!

EVEN TO USE

Salt Cryptography may not be enough



I AM BOLO

100% lover "nothing else matter's" after that...

ps:

Proud psOne/2/3/p owner.  I survived Aplcalyps3 and all I got was this lousy Signature.

jneul on 09 April 2010
joeorc said:
fordy said:
joeorc said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

the way in was the use of a board shocker!

he could not have done it anyother way without mod chiping the board. So no! many people tryed it just by software alone and for 3 year's they failed. there is more way's but all require opening up the PS3 and using custom hardware to do it. and I know of another way and it involves another PCB board hooked upto the PS3 but the fact that was not the only thing it also required software and that was also Linux.

That's a completely different story then, since the hardware itself was comproised, but in that case, you'd find that no part of the system would be safe then. Even if OtherOS was removed, the system could still be breached through hardware, and always would be. It's a sad fact, but that's the way it goes. Hence, why servers are often physically locked up from the outside world.

and that's how he got into the security. but by removing the Linux access through the PS3 it does help to prevent hacking of not just password's but other data as well. No linux through the PS3 HELP'S in reduction of those said encrytion hack attempt's.

for example:

Nick Breese

through a single PS3 was able to get his PS3 to do quite a few thing's one of which:

The strength of cryptography implementations is usually based on its cracking time -- how long it would take for someone to sit down and crack it, says Breese. His discovery has demonstrated that the capability of cracking encryption algorithms has multiplied by 100.

Within PS3, in Breese's case running Linux, there are six SPU (Synergistic Processing Unit) processor cores. Each core is able to do four calculations -- so across all of the cores it is possible to do 24 calculations at the same time, he says. The simplistic design of the processor architecture also helped increase the speed, he says.

Breese was looking for a way to optimize processing to make MD5 calculations go very quickly, he says. MD5 (Message-Digest algorithm 5) is one of the most used cryptographic hash functions. The PS3 managed to conduct over 1.4 billion MD5 calculations a second, he says.

that's just one PS3!

EVEN TO USE

Salt Cryptography may not be enough

I love you lol, don't worry Im a girl lol, I'm so rubbish at explaining these things, lol



it's the future of handheld

PS VITA = LIFE

The official Vita thread http://gamrconnect.vgchartz.com/thread.php?id=130023&page=1

Around the Network
fordy on 09 April 2010
joeorc said:
fordy said:
joeorc said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

the way in was the use of a board shocker!

he could not have done it anyother way without mod chiping the board. So no! many people tryed it just by software alone and for 3 year's they failed. there is more way's but all require opening up the PS3 and using custom hardware to do it. and I know of another way and it involves another PCB board hooked upto the PS3 but the fact that was not the only thing it also required software and that was also Linux.

That's a completely different story then, since the hardware itself was comproised, but in that case, you'd find that no part of the system would be safe then. Even if OtherOS was removed, the system could still be breached through hardware, and always would be. It's a sad fact, but that's the way it goes. Hence, why servers are often physically locked up from the outside world.

and that's how he got into the security. but by removing the Linux access through the PS3 it does help to prevent hacking of not just password's but other data as well. No linux through the PS3 HELP'S in reduction of those said encrytion hack attempt's.

for example:

Nick Breese

through a single PS3 was able to get his PS3 to do quite a few thing's one of which:

The strength of cryptography implementations is usually based on its cracking time -- how long it would take for someone to sit down and crack it, says Breese. His discovery has demonstrated that the capability of cracking encryption algorithms has multiplied by 100.

Within PS3, in Breese's case running Linux, there are six SPU (Synergistic Processing Unit) processor cores. Each core is able to do four calculations -- so across all of the cores it is possible to do 24 calculations at the same time, he says. The simplistic design of the processor architecture also helped increase the speed, he says.

Breese was looking for a way to optimize processing to make MD5 calculations go very quickly, he says. MD5 (Message-Digest algorithm 5) is one of the most used cryptographic hash functions. The PS3 managed to conduct over 1.4 billion MD5 calculations a second, he says.

that's just one PS3!

EVEN TO USE

Salt Cryptography may not be enough

Okay, we're getting a little off track here. I am aware of what the PS3 is capable of.

From what I can gather, the software side still required a full encompassment of the entire PS3's system memory. a breach could have then been made by routing the controlling CPU's protectd mode flag and accessed memory outside of it's operating environment.

Now, let me tell you why a VE would also fix this:

Addresses in the VE are exclusive only to the environment itself. The only part that knows how to map VE addresses to real memory is the OS that Sony uses to drive the PS3 itself, and even then, it is usually a single chunk in memory.

In order to breach memory outside of the VE by using hardware breaches and software within the VE, a hardware hack would need to be made in order to change the pointing address to the memory space used by the VE. This would also change the pointing address to the Linux OS itself, and effectively halt the Linux dist installed on the VE. Within the VE, it would merely be seen as a massive corruption of memory. It would give no chance for any custom software to do it's stuff before the VE halts.



joeorc on 09 April 2010
jneul said:
joeorc said:
fordy said:
joeorc said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

the way in was the use of a board shocker!

he could not have done it anyother way without mod chiping the board. So no! many people tryed it just by software alone and for 3 year's they failed. there is more way's but all require opening up the PS3 and using custom hardware to do it. and I know of another way and it involves another PCB board hooked upto the PS3 but the fact that was not the only thing it also required software and that was also Linux.

That's a completely different story then, since the hardware itself was comproised, but in that case, you'd find that no part of the system would be safe then. Even if OtherOS was removed, the system could still be breached through hardware, and always would be. It's a sad fact, but that's the way it goes. Hence, why servers are often physically locked up from the outside world.

and that's how he got into the security. but by removing the Linux access through the PS3 it does help to prevent hacking of not just password's but other data as well. No linux through the PS3 HELP'S in reduction of those said encrytion hack attempt's.

for example:

Nick Breese

through a single PS3 was able to get his PS3 to do quite a few thing's one of which:

The strength of cryptography implementations is usually based on its cracking time -- how long it would take for someone to sit down and crack it, says Breese. His discovery has demonstrated that the capability of cracking encryption algorithms has multiplied by 100.

Within PS3, in Breese's case running Linux, there are six SPU (Synergistic Processing Unit) processor cores. Each core is able to do four calculations -- so across all of the cores it is possible to do 24 calculations at the same time, he says. The simplistic design of the processor architecture also helped increase the speed, he says.

Breese was looking for a way to optimize processing to make MD5 calculations go very quickly, he says. MD5 (Message-Digest algorithm 5) is one of the most used cryptographic hash functions. The PS3 managed to conduct over 1.4 billion MD5 calculations a second, he says.

that's just one PS3!

EVEN TO USE

Salt Cryptography may not be enough

I love you lol, don't worry Im a girl lol, I'm so rubbish at explaining these things, lol

for those that still don't think its a threat:

here you go 2007:

PCI

December 11, 2007

Hashing Credit Card Numbers: Revisited Again

I recently had to revisit the estimates I provided in our white paper on brute forcing credit card hashes since new techniques were published that can speed the brute forcing up by at least a factor of 5 using off-the-shelf video cards.  Well, a month later I am having to revise the estimates again.  Nick Breese of New Zealand has published a paper at Kiwicon on using a PlayStation 3 to crack hashes.  His estimates are about 1.4 billion hashes per second for MD5Our proof of concept code running at about 2 million hashes per second seems kind of slow now.  Probably at least 2 billion hashes per second is feasible in the near future with readily available hardware and source code.

Storing credit cards using a simple single pass of a hash algorithm, even when salted, is fool-hardy.  It is just too easy to brute force the credit card numbers if the hashes are compromised.  Based on the potential value of the card numbers, there is more than enough financial incentive to buy a $500 PlayStation 3 and develop a little code.

When hashing credit card number, the hashing must be carefully designed to protect against brute forcing by using strongest available cryptographic hash functions, large salt values, and multiple iterations.
http://www.integrigy.com/oracle-security-blog/topics/PCI


I AM BOLO

100% lover "nothing else matter's" after that...

ps:

Proud psOne/2/3/p owner.  I survived Aplcalyps3 and all I got was this lousy Signature.

redspear on 09 April 2010

Truth is the removal of the OtherOS feature happened with the Slim before anyone hacked anything. However the retro removal of OtherOS is what caused the flack because some people actually use it.


Sony Overreacted plain and simple. Any system will garner hackers. Before hackers there were phreakers. Phreakers shared a similiar system real smart people who did loops and made phones do things they werent supposed to do like play music(hackers) to follow by instruction blue box builders who just knew that a resistor and capacitor of the right values could give you free long distance(pirates).

One group enables the other. So ignorant people bled them together but this is not the case. However there were legendary Phreakers Capn' Crunch and Whistler just like there are legendary hackers that love the attention.

Sony may have thought a nuke was appropriate since they had already removed the feature from the Slim. The path to custom firmware had already begun no doubt with that initial choice. However with the publicity Sony got over the removal of a feature that was existing and in use Sony further publicized the initial hack and bought about the revelation of Custom Firmware to the blue box crowd. These wanabes are what you should be concerned about and piracy will be available shortly.

Did you know that there are Hacker and Phreaker Conventions. Most high level hackers actually build the stuff you use. Some food for thought http://www.xda-developers.com/ is full of both actual hackers and blue box types as well as average consumers. There goal is not piracy but openness. A friend of mine contributes to the hacker community. He helped build the Snapdragon processor you know the tech many advanced phones run on today. His interest is just seeing what tech can do many hackers share that interest at its core.

So these angry posts that defend Sony are doubly insulting to me. The show ignorance about hacking what is how its done and where it takes(hint most likely hackers were involved in the making of the newest intel chips). All one needs to say is piracy and they hop right aboard even with bad decisions. Sony's choice here accelerated piracy not stall it.

The released hack could not play ISOs. It was just a possibility it could lead to that and any hacker is well aware of that possibility with anything. Besides has piracy hurt the Wii(which is easy as hell to pirate...even easier than the PSP) or the 360 which is also easy. Both cracks also have formed out of lack of linux.




Kasz216 on 09 April 2010

It was in the best intrests of the majority to remove a feature the majority never used and therefore were never at risk of anything... by screwing over a minority of people who used this and who are the only people effected.

Yeah... ok Sony.

People who think Sony doing this is a positve need a major reality check.

Hell this isn't even going to slow down piracy, if anything it will probably lead to a piracy solution quicker because Sony decided to anatagonize people who use Linux on the PS3... aka hackers... and also basically threw down a gauntlet to a bunch of other people.

To prevent piracy they are harming completly innocnent people.  That is pure unadulterated BS.



joeorc on 09 April 2010
fordy said:
joeorc said:
fordy said:
joeorc said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
fordy said:
jneul said:
great now people are going to claim $100 just for the fun of it, way to jump on the bandwagon, I really hope Sony sue George Hotz and he get's the bill for tall of this, honestly it is the least he deserves, after his delusional thoughts on how nothing bad would come from his lame move

George Hotz made the executive decision to no longer support OtherOS? That's news to me...

 

Seriously though, Sony could have put the effort into maintaining the feature against hacking but they just planned not to go any further with it.

 

Do you think the owner of a house has any chance of suing a burglar if they left their front door wide open?

bad comparison, sony did not leave the door open, George Hotz had to use a special technique just to hack the PS3 in linux, just to remind you unlike the other consoles it has taken 3 years to get this far.

Yes, but unlike the reciprocation from other systems supporting Operating Systems, they don't go as far to cut out an entire feature.

 

Imagine if Microsoft decided to one day say "Well, we figured the weakest point for people hacking our OS lies in them connecting t the internet, so Windows will no longer suport the TCP/IP protocol". Wouldn't that annoy just a few people, at least?

oh dear you see that's where your argument fails, windows is not the most secure operating system, I thought people knew this, just switch to linux for a while you get no(or a litlle amount) security or virus issues, linux is much better at protecting your pc, you see there are other companies out there which are better than microsoft at making software believe it or not.

Linux is open source. As far as I know, there are no executive decisions involved there.

Yes, Linux is more secure and such, so what does that have to do with the argument? If the same flaw was found for Linux, atempts would be made to FIX THE PROBLEM, not remove the feature altogether.

This is clearly just a cost-cutting measure by Sony, since they no longer wish to spend the money in maintaining the integirty of the feature against hackers.

this is not a cost-cutting measure, sony could not have made changes like that by themselves as they was not responsible for making the flavour of linux availabe to the ps3.

you really should read up on the technique he used, i would love to know how you would have combatted this, and the same to anyone else who thinks sony could have done so much better in such a small amount of time, the ps3 is a very powerful piece of hardware I do not blame them for removing the other os feature.

So the PS3 is such a powerful piece of hardware, but one little hack attempt brings the system to it's knees? Does that make ANY sense at all?

Listen, for every compromise made on ANY system, there is always a way in software terms to prevent it. That being said, no system is entirely unhackable either, so that doesn't mean features shold be removed.

What would I do? Let's see. As far as I remember, his hacking attempt involved accessing outside parts of protected memory. If that's the case, then a Virtual Environment would have alleviated the problem. If that is compromised as well? Then it is the fault of the VE and not the hardware, and since the VE is firmware, and maintained by Sony, it could easily be upated in firmware for future attempts.

There is no "Special technique" used by the hackers for this sort of thing. It's the same techniques used anywhere else, exploiting the limits of a binary system from an infinite world. But there will always be a workaround for this type of thing.

clicking on report now, you see because you know you are wrong, it is not the ps3 at fault the only way he could hack it is because of linux, even though it is more secure than windows, you can keep on trolling, honestly you are not impressing anyone.

I am dead serious here. Read up on Virtualisation. The operating system in the Virtual environment never talks directly to the hardware, which is the point of compromise. If Linux was running on, say, a PowerPC Virtual Environent, the VE would be responsible for any compromise attempts made towards the hardware and stop it before it's made.

You may call it trolling, I call it keeping to the facts.

the way in was the use of a board shocker!

he could not have done it anyother way without mod chiping the board. So no! many people tryed it just by software alone and for 3 year's they failed. there is more way's but all require opening up the PS3 and using custom hardware to do it. and I know of another way and it involves another PCB board hooked upto the PS3 but the fact that was not the only thing it also required software and that was also Linux.

That's a completely different story then, since the hardware itself was comproised, but in that case, you'd find that no part of the system would be safe then. Even if OtherOS was removed, the system could still be breached through hardware, and always would be. It's a sad fact, but that's the way it goes. Hence, why servers are often physically locked up from the outside world.

and that's how he got into the security. but by removing the Linux access through the PS3 it does help to prevent hacking of not just password's but other data as well. No linux through the PS3 HELP'S in reduction of those said encrytion hack attempt's.

for example:

Nick Breese

through a single PS3 was able to get his PS3 to do quite a few thing's one of which:

The strength of cryptography implementations is usually based on its cracking time -- how long it would take for someone to sit down and crack it, says Breese. His discovery has demonstrated that the capability of cracking encryption algorithms has multiplied by 100.

Within PS3, in Breese's case running Linux, there are six SPU (Synergistic Processing Unit) processor cores. Each core is able to do four calculations -- so across all of the cores it is possible to do 24 calculations at the same time, he says. The simplistic design of the processor architecture also helped increase the speed, he says.

Breese was looking for a way to optimize processing to make MD5 calculations go very quickly, he says. MD5 (Message-Digest algorithm 5) is one of the most used cryptographic hash functions. The PS3 managed to conduct over 1.4 billion MD5 calculations a second, he says.

that's just one PS3!

EVEN TO USE

Salt Cryptography may not be enough

Okay, we're getting a little off track here. I am aware of what the PS3 is capable of.

From what I can gather, the software side still required a full encompassment of the entire PS3's system memory. a breach could have then been made by routing the controlling CPU's protectd mode flag and accessed memory outside of it's operating environment.

Now, let me tell you why a VE would also fix this:

Addresses in the VE are exclusive only to the environment itself. The only part that knows how to map VE addresses to real memory is the OS that Sony uses to drive the PS3 itself, and even then, it is usually a single chunk in memory.

In order to breach memory outside of the VE by using hardware breaches and software within the VE, a hardware hack would need to be made in order to change the pointing address to the memory space used by the VE. This would also change the pointing address to the Linux OS itself, and effectively halt the Linux dist installed on the VE. Within the VE, it would merely be seen as a massive corruption of memory. It would give no chance for any custom software to do it's stuff before the VE halts.

no you cannot access the SPE's protected flag even by hardware because you have no access to it from outside the spe, even a physical hack would not allow you to get that information, geohot is running his exploit in an Virtual enviroment already. that's how it's within the PS3



I AM BOLO

100% lover "nothing else matter's" after that...

ps:

Proud psOne/2/3/p owner.  I survived Aplcalyps3 and all I got was this lousy Signature.