wraggster
January 22nd, 2012, 22:23
via http://ps3.gx-mod.com/modules/news/article.php?storyid=3053
Kakaroto left a long note on his blog to show us the progress of his project which is very delayed and put the record straight with Mathieulh. Kakaroto settles accounts.
Since my ad to almost two months, there has been much progress. We have not relaxed our efforts, we are a group of ten developers who worked hard for two months, sometimes 15 hours a day to bring the homebrew on the latest update of PS3. There are three parts to hen the first to get the packages to install on the PS3, this game is over, tested, debug, etc.. The second part is to obtain the release of the application, it still has major problems ... The last part is something I would not say at the moment (it's a surprise), but it's over 70% to 60% (and it has nothing to do with the peek & poke or BackupManager or n ' matter what others like this. This is a solution and it will "hack free") Now, launch an application is the biggest challenge is what we worked on in recent months and as some know if you follow my tweets, I asked her to give me Mathieulh NPDRM algorithm is necessary to start an application. But he was reluctant, keeping it for people who want to kiss his feet (or whatever). In the end, he refused to give it to me, my first intention releaser quickly took longer than I would 'have imagined. Mathieulh launched once again one of his famous puzzles that are for him "very useful for people who have a brain." Then he told us that the solution to our problems was to look in the appldr 3.56. And it was something that Lv1 which was sent to applrd or not the hash check. And killed after sweating our brains, we came to the conclusion that it's bullshit. After a month of disassembly and several checks of our results, we can say that the hash algorithm is not in the 3.56 firmware as he says. He says he is a hash AES OMAC, but after monitoring of all functions in the OMAC appldr, we found that it was not used for the hash. Then he said he meant HMAC, then in the Lv1 ... It came after the huge fight on Twitter where he made his usual morning saying he would share something (FYI, this code was not him, I had proof, but I do not reveal it, I told him promiis and I will keep my promise), because he forgot to remove the name of the developer in a file. In addition, it was useless except to make me lose a shit day uncommented code. So why stick me an enigma after what happened? Just to sabotage us and make us lose time. Anyway, we all agreed that Mathieulh was full of shit (we knew before, but he lost the benefit of the doubt) and we decided to continue our work without us unnecessary worry about their puzzles. We tried to use / decrypt the 3.60 firmware to find the algorithm Now, some weeks later, we finally figured out a missing piece in the algorithm npdrm and is explained here for all to enjoy the game PS3 is an executable format SELF, SELF these are signed and encrypted. PSN games (games not run from a disk) they need an extra layer of security called "NPDRM." A self npdrm is so basic, an executable encrypted and signed and re-encrypted with a new layer information. In less than 3.55 and was able to sign our own self as if it files the original Sony Ps3 and executes them without any problems. However they are not really like the original, it lacks the information layer and the Ps3 just ignore this check. Since version 3.60, this check is done, if we could sign our self with this layer of the Ps3 rerun. Another important point explained, I said several times that were self signed. ECDSA signature that the Ps3 can easily check to see if a file has been modified or not. It is easy to validate a signature, but impossible to create without the private key. (think of it as a real signature, you can see the signature of your father and recognize, but you can not sign just like him, and you can recognize if your brother has tried to imitate his signature). So how have we been able to sign files 3.55? This is because this "ECDSA signature" is just a very complicated equation (my head still hurts trying to understand, but I could talk about this in the future and try to explain in simple terms if people are interested). A very important part of this equation is that you must use a random number to generate the signature, but had failed and Sony used the same number every time. In doing so, it was easy to find the private key (which allows us to imitate perfectly the signature) with a few equations on it. So to summarize, a "signed file" is a file that is digitally signed with a "signature ECDSA" that can be falsified, unless you have the "private key. Let us return to the subject, above 3.55 Sony has not made the same mistake, and uses a truly random number, so it is technically impossible to find the private key . The reason we lost two months and that the above Mathieulh lied by saying he could do. Remember when the firmware 4.0 is out and I said that my system was still running, he also confirmed that the algorithm works, he lied because he can not have the private key. I said I had proof of the lies of Mathieulh, here: he says it is in 3.56 is false, he says it's a signature OMAC AES is false, he says it in HMAC is false, he says it is in appldr is false, he said in LV1 is false, he says he can do is wrong, he said that "it takes an hour to find out if you have a brain 'is false, he says to verified that it works in 4.0 is false, he says that the algorithm / key is wrong, he said that once we know the algorithm used, we can reproduce is false. Now you know the real reason he refused to "share" what he had. It's because he has nothing ... So why is all this? The orgeuil does not allow him to admit he can not? To make us waste time? For me it is pure sabotage. Enough about him, back to the HEN 4.0, then what? We now know that we can not sign an application on 3.60 (it can work in 3.56 though). What we do is find another way, a new exploit. We will also be looking for "collision signature" and this we will need the help of the community. I hope he has a collision (even random number used twice) so that we can compute the private key. jailbreack When will be released? If I knew, I would tell you, but I do not know. I said last November, then December, then Christmas and then until the new year ... But as you can see it is impossible to predict what will happen and what that we will discover. Be patient and stop to ask a date, I want to thank my team for all their effort. lexou06 and thanks to the-green for the information. Homepage: http://kakaroto.net
Kakaroto left a long note on his blog to show us the progress of his project which is very delayed and put the record straight with Mathieulh. Kakaroto settles accounts.
Since my ad to almost two months, there has been much progress. We have not relaxed our efforts, we are a group of ten developers who worked hard for two months, sometimes 15 hours a day to bring the homebrew on the latest update of PS3. There are three parts to hen the first to get the packages to install on the PS3, this game is over, tested, debug, etc.. The second part is to obtain the release of the application, it still has major problems ... The last part is something I would not say at the moment (it's a surprise), but it's over 70% to 60% (and it has nothing to do with the peek & poke or BackupManager or n ' matter what others like this. This is a solution and it will "hack free") Now, launch an application is the biggest challenge is what we worked on in recent months and as some know if you follow my tweets, I asked her to give me Mathieulh NPDRM algorithm is necessary to start an application. But he was reluctant, keeping it for people who want to kiss his feet (or whatever). In the end, he refused to give it to me, my first intention releaser quickly took longer than I would 'have imagined. Mathieulh launched once again one of his famous puzzles that are for him "very useful for people who have a brain." Then he told us that the solution to our problems was to look in the appldr 3.56. And it was something that Lv1 which was sent to applrd or not the hash check. And killed after sweating our brains, we came to the conclusion that it's bullshit. After a month of disassembly and several checks of our results, we can say that the hash algorithm is not in the 3.56 firmware as he says. He says he is a hash AES OMAC, but after monitoring of all functions in the OMAC appldr, we found that it was not used for the hash. Then he said he meant HMAC, then in the Lv1 ... It came after the huge fight on Twitter where he made his usual morning saying he would share something (FYI, this code was not him, I had proof, but I do not reveal it, I told him promiis and I will keep my promise), because he forgot to remove the name of the developer in a file. In addition, it was useless except to make me lose a shit day uncommented code. So why stick me an enigma after what happened? Just to sabotage us and make us lose time. Anyway, we all agreed that Mathieulh was full of shit (we knew before, but he lost the benefit of the doubt) and we decided to continue our work without us unnecessary worry about their puzzles. We tried to use / decrypt the 3.60 firmware to find the algorithm Now, some weeks later, we finally figured out a missing piece in the algorithm npdrm and is explained here for all to enjoy the game PS3 is an executable format SELF, SELF these are signed and encrypted. PSN games (games not run from a disk) they need an extra layer of security called "NPDRM." A self npdrm is so basic, an executable encrypted and signed and re-encrypted with a new layer information. In less than 3.55 and was able to sign our own self as if it files the original Sony Ps3 and executes them without any problems. However they are not really like the original, it lacks the information layer and the Ps3 just ignore this check. Since version 3.60, this check is done, if we could sign our self with this layer of the Ps3 rerun. Another important point explained, I said several times that were self signed. ECDSA signature that the Ps3 can easily check to see if a file has been modified or not. It is easy to validate a signature, but impossible to create without the private key. (think of it as a real signature, you can see the signature of your father and recognize, but you can not sign just like him, and you can recognize if your brother has tried to imitate his signature). So how have we been able to sign files 3.55? This is because this "ECDSA signature" is just a very complicated equation (my head still hurts trying to understand, but I could talk about this in the future and try to explain in simple terms if people are interested). A very important part of this equation is that you must use a random number to generate the signature, but had failed and Sony used the same number every time. In doing so, it was easy to find the private key (which allows us to imitate perfectly the signature) with a few equations on it. So to summarize, a "signed file" is a file that is digitally signed with a "signature ECDSA" that can be falsified, unless you have the "private key. Let us return to the subject, above 3.55 Sony has not made the same mistake, and uses a truly random number, so it is technically impossible to find the private key . The reason we lost two months and that the above Mathieulh lied by saying he could do. Remember when the firmware 4.0 is out and I said that my system was still running, he also confirmed that the algorithm works, he lied because he can not have the private key. I said I had proof of the lies of Mathieulh, here: he says it is in 3.56 is false, he says it's a signature OMAC AES is false, he says it in HMAC is false, he says it is in appldr is false, he said in LV1 is false, he says he can do is wrong, he said that "it takes an hour to find out if you have a brain 'is false, he says to verified that it works in 4.0 is false, he says that the algorithm / key is wrong, he said that once we know the algorithm used, we can reproduce is false. Now you know the real reason he refused to "share" what he had. It's because he has nothing ... So why is all this? The orgeuil does not allow him to admit he can not? To make us waste time? For me it is pure sabotage. Enough about him, back to the HEN 4.0, then what? We now know that we can not sign an application on 3.60 (it can work in 3.56 though). What we do is find another way, a new exploit. We will also be looking for "collision signature" and this we will need the help of the community. I hope he has a collision (even random number used twice) so that we can compute the private key. jailbreack When will be released? If I knew, I would tell you, but I do not know. I said last November, then December, then Christmas and then until the new year ... But as you can see it is impossible to predict what will happen and what that we will discover. Be patient and stop to ask a date, I want to thank my team for all their effort. lexou06 and thanks to the-green for the information. Homepage: http://kakaroto.net