Forums GAMERGEN

Marcan répond à des questions afin de clarifier la situation

Marcan répond à des questions afin de clarifier la situation

Message non lupar pseudomystere » 30 Déc 2010, 11:28

Hector Martin, mieux connu sous le nom de marcan répond à des questions qui lui ont été posé via twitter, afin de clarifier la situation à propos de fail0verflow.

Myth #1: It took us 3-4 years to do this. Negative, this exploit only took a few months after we started working. We weren’t trying before.


Mythe #1 : Nous avons mis 3 ou 4 avant de faire ça. Faux, nous avons découvert cette faille quelques mois après que nous ayons commencé. Nous n'avons pas essayé plutôt

Myth #2: Sony can change keys. No, they can’t. These aren’t encryption keys, they’re signing keys. If they change them GAMES STOP WORKING.


Myth #2 : Sony peut changer les clés. Non, ils ne le peuvent pas. Ce ne sont pas des clés de chiffrement, ce sont des clés pour signer . S'ils les modifient, alors les jeux ne pouvront plus marchés.

They actually CAN change keys for LV2/LV1, isolated modules, rvklists, spp, but that’s useless because you can just downgrade the loaders.


Ils peuvent changer les clés du LV2/LV1, isolated modules, rvklists, spp, mais c'est inutile puisqu'on peut downgrader ces loaders

we don’t have the game signing key but the same epic fail applies to it. Once someone dumps appldr they can calculate it too.


@marcan42 and how about game patches? After changing keys they cant release a update a game with new keys or something?
@AluProductions they could, to some extent, but they’d -mot censuré- over everyone who doesn’t go online and gets an update from a new game.


no one can create a new metldr (for an existing console). Not even Sony (unless they have that console’s key stashed somewhere).


The XKCD “return 4″ function that we showed is (essentially) part of the code that Sony HQ runs to sign games, it’s not in the PS3 FW.


This is also why we didn’t use the term “exploit” or “bug”. The PS3 signature fail is neither an exploit nor a bug (in the PS3 firmware).


It’s Sony not knowing WTF they’re doing when making signatures, and thus mathematically leaking their keys.


Clarification #3: The private keys refer to keys that Sony HQ uses. PS3s don’t have these keys (but we calculated them due to the fail).


@marcan42 How did you find out the m value was the same?
@Zmathue because that causes the R value to be the same, i.e. the first half of every signature is the same.


@marcan42 Did you learn some new and good security practices from breaking the PS3?
@LouiseHoffman not much, it’s all a large pile of fail. The Wii has better security design (it just has a lot of implementation holes).


Clarification #4: the random number isn’t 4, it’s more like 007eabbb79360e14df1457a4194b82f71a0dc39280 (example). But it’s still constant.


Clarification #4 : le nombre aléatoire ressembe plus à ça 007eabbb79360e14df1457a4194b82f71a0dc39280 (c'est un exemple). Mais il est toujours le même.

@marcan42 we are able to create our own metldr and co and decrypt (dump decrypted) ldr for reversing? So i finaly can brick my consol tryin?
@KDSBest we can’t modify lv1 directly yet (no lv1ldr dump) but we can pwn lv1 early in the boot process via a hacked iso module.


@marcan42 Last year you mentioned that the Wii code is a mess. How do you imagine the original Sony code looks like?
@LouiseHoffman worse, at least the Wii stuff is mostly C. Sony loves C++, especially in SPU code. Security feature! SPU C++ is hell to RE icon razz Marcan: It Is Not An Exploit Or Bug


@marcan42 my fault, ofc you are right. We can create our own Hypervisor? I should sleep. What can we modify?
@KDSBest yes.


nice work @fail0verflow will we be able to install any distro of liunx or just AsbestOS?
@Idlewild2007 AsbestOS isn’t a distro, it’s a bootloader that works with any distro (given a tweaked kernel).


Q : Bon boulot @fail0verflow sera t il possible d'installer n'importe quelle distribution de linus ou seulement AsBestOs ?
R : AsBestOs n'est pas une distribution, c'est un bootloader qui marche avec n'importe quelle distribution (given a tweaked kernel)

Je vous rappelle par la même occasion, qu'une démo sera faite aujourd'hui à 11h30, salle 3 ;)

----
Je n'ai pas le temps de finir la traduction, si quelqu'un veut le faire ;)

source : http://twitter.com/marcan42 [via dukio]
pseudomystere Gamer Averti
Gamer Averti
Messages: 75
Inscription: 28 Mai 2010, 18:11
Pays: France

Re: Marcan répond à des questions afin de clarifier la situation

Message non lupar gogopango » 31 Déc 2010, 11:26

trop génial
gogopango Gamer du Dimanche
Gamer du Dimanche
Messages: 28
Inscription: 30 Juin 2010, 14:47
Prénom: gerard
Pays: France
Sexe: Homme


 

Retourner vers Jeux vidéo, Consoles et PC