This story was written back in 2007 by Bruce Schneier, several years before fail0verflow found a weakness in the random number generation to retrieve the crucial private PS3 keys in OFW 3.55 (and below). Quote: 'Break the random-number generator, and most of the time you break the entire security system. Which is why you should worry about a new random-number standard that includes an algorithm that is slow, badly designed and just might contain a backdoor for the National Security Agency.' ... 'Even if no one knows the secret numbers, the fact that the backdoor is present makes Dual_EC_DRBG very fragile. If someone were to solve just one instance of the algorithm's elliptic-curve problem, he would effectively have the keys to the kingdom.' Can anyone confirm if this indeed is the reason the PS3 implementation of ECDSA was flawed?"

http://www.eurasia.nu/modules.php?na...ticle&sid=3191