It never ends, does it? For quite some time now, Grand Theft Auto: Episodes from Liberty City has been rumored to be gracing the PlayStation 3 at one point or another. The package, which includes The Lost and Damned and The Ballad of Gay Tony, is currently exclusive to Xbox 360.

Retail website simplygames.com has listed Grand Theft Auto: Episodes from Liberty City for PS3. The listing even contains the newly designed PS3 boxart, lending the listing some credibility.

Via: PlayStation Lifestyle ...

News via http://www.psp-ita.com/

New updates from the coder spike_132000 for his homebrew PSP Installer application that allows you, using a Wi-Fi to download your favorite homebrew directly from PSP without having to resort to using a PC then. This is a bugfix release that fixes a bug for version 3.10.

Changelog v3.11:

Quote:

- Fixed a bug that could occur if the file was not created correctly sourcelist.lua after updating the repo

Download and Give Feedback Via Comments ...

News via http://streetskaterfu.blogspot.com/2...ch-take-1.html

I just started to take a look at Folding@Home / Life with Playstation. There are several little details which are pretty interesting.


One thing which got me interested, is that the "game" has more permissions than any other game or application. Normal games do not have access to the root of /dev_hdd0/ but F@H has.
It can read, write and execute which was found out as it creates a folder called /cntlnk/ in /dev_hdd0/. There it caches several music files you play while running the application. This is handled via a SQL Lite Format 3 DB (db1.1.sqlite) in /NPIA00002/USRDIR/data/wlop/.

Another thing is, that F@H/LWP can override the PARAM.SFO. Normally the option window when u press triangle in XMB on a game just reads the data, PARAM.SFO passes to it. But here, the automatic start option is not loaded via the .sfo. It seems it comes from an external XML file in the game directory.

The last I want to write about now is, that older F@H versions were able to control the SPU's partly. For example it was possible to define how many SPU's are used at all.

These are just some points that came up so far. I will keep you updated when there is more!

http://streetskaterfu.blogspot.com/2...ch-take-1.html ...

News via http://streetskaterfu.blogspot.com/2...continues.html

So the PS3 is hacked ? Well that's nothing more than an urban legend.

Altough it's nice to capture all these HV calls and stuff from a plain (not encrypted) lv1 binary, but this will never lead to a hacked PS3.

Let's have a look.
The major security architecture on the PS3 is called the "Secure Processing Vault" and is the most important thing regarding "hacking" the PS3.

There is NO WAY for the PPU or even the HV to gain access to the SPU, which is an application running inside of an isolated SPU.
Well you can kick out the isolated SPU, like geohot mentioned, but this gives you nothing, as ALL the encryption and execution of applications (HDD encryption, app encryption, decryption, executing, signature checking, root key extraction) happens inside the isolated SPU.

To run homebrew on the PS3 you would have to reassemble the whole functionality from the SPU inside a binary running on the PPU.
For this you will need the root key. The root key is stored in hardware (not even close to the things on the iPhone). The root key cannot be extracted by any software or hardware means and is essential to ALL encryption/decryption, executing and checking routines.
The only way to get the root key is inside of an isolated SPU, as it is kick-starting the hardware encryption facility. There is no other way to do that !

Let's just assume that geohot or some other guys are able to break into the local store of the isolated SPE. There they will just find some encrypted binaries.
The key for decryption is encrypted by the root key !
You won't get anywhere without the root key.

Let's assume that someone managed to do all those stuff from the isolated SPU on the PPU and creates a CFW.
There is still a secure booting environment. The first module loaded/bootet is integrity checked by the hardware crypto facility utilizing the root key. So you have also to address this booting stuff. Again, no root key, no booting.

So there's always runtime patching you might ask ? Not possible on the PS3 because the hardware crypto facility is able to check the signatures whenever it wants to. And which part is responsible for this ? Exactly, the isolated SPU.
So if you kick out the isolated SPU the system will not boot/run anymore.

The PS3 is neither an PSP nor an iPhone. It's the most secure system architecture of this time !

The girl behind this stuff, Kanna Shimizu, is not somebody. Messing around with this is not like saying Bruce Schneier is a n00b.

Btw.: forget about all those stories, that certain hackers are or will be employed by SONY. That's nothing more than another urban legend.

@geohot It is OBVIOUS that the HV is PPC. The Cell BE is a PPC architecture, you know ;-) Better read those IBM papers in first place !

- iQD ...

News via http://www.nintendomax.com/viewtopic...3d27b992e3f33c

Jan Mulder offers "Agenda DS", Which as its name suggests an agenda for the DS.

I do not know if it's finished, but I can not imagine anything to add.
It's like the name says calendar year.
You can browse (correct English?) Through 'your' agenda in the bottom screen.
To add a new activity and press NEW to delete the first one press DELETE.
in the top screen you see the activities in the right order (that's harder to program than you might think).
The first date will automatically disappear when it has been happened.
You can see the current time as well.
And also the time left until the next activity (it always thinks the month has got 31 days).
The dates are automatically saved to your FAT and they will automatically load too.
When the dates are being loaded it might be possible it has some bugs.
It works better in an emulator but then you can not save.
The dates in the browsing part are not correct.

Download and Give Feedback Via Comments ...

New from Larbi



Hello
check out this math game I made using Palib. it is my first DS game. I wrote it to help my son improve his math skills, addition, subtraction and multiplication to be more accurate. it works on any emulator but plays better on the DS. the handwriting recognition is better with the stylus.

The game can be downloaded from here : http://ndsmath.blogspot.com/

Download and Give Feedback Via Comments ...

Lino has released a new pre alpha version of fb4nds - Facebook for Nintendo DS, new for this release is the sending of messages:

Download and Give Feedback Via Comments ...

News via http://www.wii-addict.fr/forum/WiiXp...01-t18282.html

Updating rev101 in the file explorer on the Wii made by dimok and r-win.
Forwarder v3 always available

You can delete, rename, copy / paste / cut and see the properties of files on your SD or SDHC card.

QUOTE
* R101
- Fixed exchange of DVD being remounted
- Moved DVD mount to mount only when the DVD Icon is clicked when devicemenu is not loaded
- Fixed D-PAD after scroll
- Fixed Properties on RightClickMenu being off screen
- Pictures Made up fullscreen at startup when they are over the size for better SlideShow
- Some more minor bugfixes

* R100
- Fixed WiiXplorer not returning to SYSMENU when started with Forwarder
- Changed Forwarder and app entrypoint (Sorry dj_skual'll have to reupload a new channel the old one will not work anymore)
- Compiled and uploaded new Forwarder.dol (the old one will not work anymore)
- Changed the way DOL / ELF booting is working completely. Now almost all Homebrews should boot, this includes WiiXplorer booting itself up again
- Minor fixes

Download and Give Feedback Via Comments ...

Marcan is back with a rather long post over at Hackmii:

Wow, time does fly. More than a year ago, on October 23rd, 2008, Nintendo finally released an update that fixed the strncmp (fakesigning) exploit in all forks of IOS. This disabled any direct methods to install unofficial content on all updated Wii consoles. At the time, version beta9 of The Homebrew Channel had been in the making for a while, so we decided to take the opportunity to use one of our stockpiled IOS exploits to work around the update and release beta9. These exploits differ from fakesigning in that they directly exploit the IOS runtime, injecting code that lets us take control and disable signatures altogether. Therefore, this was our first released IOS code execution exploit. HBC beta9 was released and worked great on all Wiis, as always.

In order to hinder Nintendo’s attempts at fixing it, and to avoid misuse by warez kiddies, sven and I had a lot of fun obfuscating the exploit over a couple afternoons. We decided not to release information about it, hoping it would last long enough to be useful for future installers and BootMii. Later we kind of forgot about this, but on a few occassions people have asked us to document it, and we proposed a challenge: we would document the exploit as soon as someone “broke” our obfuscation and figured out how the exploit works. The intent was to promote reverse engineering and also see just how long it would take people to crack it. Apparently, either people weren’t very interested or we did a pretty good obfuscation job, because it took pretty long

Well, I’m happy to say that today I received an e-mail from an anonymous hacker who successfully reverse engineered our layers of obfuscation. He (or she!) discovered the inner workings of the STM Release Exploit, as I will be calling it, and did so after three weekends of reverse engineering. Hats off to you, and thank you for taking the challenge!

This bug was discovered by accident, and in fact it is a real honest-to-goodness software bug that is not only exploitable, but a nuisance during regular use. To understand it, you need to understand how STM works.

STM is the IOS module in charge of random hardware functions such as handling the fan, “idle” (WC24) mode, the front slot LED (including the blink patterns), and the buttons. I have no clue what STM means, but I’ve seen it called “State-TM” somewhere on the Wii. One of the main functions of STM is to provide a way for PowerPC software to get notifications when either the Reset or the Power buttons are pressed. It’s worth noting that I have no clue why they did this –the PowerPC already knows about Reset via the legacy GameCube interface, and can be given direct access to Power including IRQ via the shared GPIO system, and IOS doesn’t use these buttons at all– but they did. It works like this: STM creates two devices, an “immediate” device, and an “event” device. The immediate device is used to issue commands to STM that take effect immediately, while the event device is the callback mechanism. The PowerPC code issues an IOS_IoctlAsync() call on the “event” device, and this call blocks (asynchronously) until there is an event (such as a button press). When this happens, the call returns with the event code, and the PowerPC code reissues it to listen for further events.

One problem with this approach is that the PowerPC needs a way to shut down the event callback. The IOS IPC mechanism doesn’t provide a way for the PowerPC to cancel an ongoing request; it must wait until its completion. When PowerPC code needs to hand off execution, it needs to clean up all references and file descriptors to IOS, so it needs a way to get rid of the event call. STM implements this by having a call on the immediate interface that forces the event call to return with a zero event code. So far so good. If you’re interested, check out stm.c on libogc (particularly the functions with EventHook in the name).

Full article --> http://hackmii.com/2010/01/the-stm-release-exploit/ ...