-
Hey Guest. Check out your NeoGAF Wrapped 2025 results here!
PS3 OFW 3.56 New Feature: Rootkit (allegedly)
- Thread starter Vagabundo
- Start date
SolidusDave
Member
JudgeN said:
not only that, but if you are on OFW 3.56+ you now need again a hardware solution to jailbreak/put CFM on it. Before 3.56, EVERYONE with a PS3 and a normal USB stick was able to jailbreak the PS3 to install homebrew in the OFM (or CFM).
Of course this was also true for pirates and cheaters.
So now you can't just be bored/interested etc. and simply crack your PS3 in your 5 minute lunch break, you actually have to show some effort (even if it just means to spend money) which should reduce the number of pirated PS3 games as the mass market won't catch on to it + PSN gets less potential cheaters (though the "rootkit" should keep the PSN clean anyway).
Grampa Simpson
Banned
The second guy for the most part. I know some people like that (I really shouldn't be doing this at work).obonicus said:
GavinGT said:
You're talking about the DVD hack - see if anyone has managed to get a modded kernel Xbox 1 or 360 (via JTAG hack) onto Live.
There were rumors in the Xbox 1 era that some people had gotten it working, and maybe it was even true. It was never publically released to my knowledge, though.
The thing is that you only have to fail verification once to get banned, and they can delay between the detection and banning to make sure they catch as many people as possible. They could issue new challenges every day and they would catch more and more people who did not have updated tables yet.
IMHO you could only stay undetected using tables if Sony gets lazy (they feel that no one is trying to crack the system anymore so they stop issuing updated challenges) and the modified firmware with tables is never publically released (because obviously if they saw everyone installing this, they would issue new challenges!).
BMF said:
The thing is though, it's an over exaggeration to say that this is a security hole. I've seen nothing that shows that this is in anyway some sort of vulnerability to PS3s. I've seen a lot of people make claims, but the problem is, unless your system is already vulnerable in some way or someone has access to the delivery platform on the PSN (and the new private signing keys), I don't see a single way possible that someone is going to be able to use this option to do anything to someone else's PS3.
Hmm
now I have to decide what to do. I'm obviously not going to update my PS3 with CFW to the OFW. So the question I have to answer is how important is it for me to play games online? If I can live without it no problem. Will continue to use CFW and be happy. If I do want to play online, I gotta go buy another PS3! I hate owning multiple consoles too!!!
LiquidMetal14
hide your water-based mammals
That's the spirit! /sports like butt slap incomingLM4sure said:
SolidusDave
Member
Honest question to the guys willing to trade online/PSN for homebrew: Do you buy any PSN games? I guess not, so any particular reason why you don't enjoy them? You can't possible dislike every PSN game available.
From my point of view, it's like heavily self-restricting the available PS3 games library (which should be the last thing you sacrifice if you use your PS3 for you know, PS3 gaming).
I mean, come on. No Flower, no PJ games, no WipEout (well ok, that one you now can buy/import in stores as well) and so on. (no Journey this year!!)
From my point of view, it's like heavily self-restricting the available PS3 games library (which should be the last thing you sacrifice if you use your PS3 for you know, PS3 gaming).
I mean, come on. No Flower, no PJ games, no WipEout (well ok, that one you now can buy/import in stores as well) and so on. (no Journey this year!!)
LiquidMetal14
hide your water-based mammals
Makes you question their intent a little. You can't look at me, a legit consumer, as worse than someone who is refusing to update to run games that we can't confirm they really own. Unless they want to start posting pics when they buy every game. It's not like someone will just come out and say they pirate on GAF.SolidusDave said:
I've bought at least 2k in junk on PSN. I have retail games. It's not worth it for SNES or backups.
SolidusDave said:
It boggles my mind that people would cut themselves off PSN for the ability to run some emulators, or even worse lose PSN and jump through hoops to run a backup manager just for the convenience of not using disc (like that's convenient!).
I think the legit people that went through this just love messing stuff, which is not rare or uncommon anyway.
Saren is Bad
Member
SolidusDave said:
Speaking for myself, I prefer Xbox Live to PSN as a gaming platform because that's what all my friends have. In terms of PSN games, I've never gotten hooked by any of the exclusives, and all of the DLC I purchase is on XBL anyways (not trying to start a war, just stating my reasons).
And as a caveat, I would never in a million years mod my Xbox if it risked losing XBL.
I feel the same way as Liquid.
As long as the system still works the way it's supposed to and they don't zap any more features, Sony can download anything they want onto my system.
I'm reading the homebrew thread and I see some happy homebrewers, but I also see widespread inconsistencies in executing some of these programs, and at least a couple of people have lost their system.
If playing Nier off my hard drive means that potentially I won't be able to connect to a media server without Sony bricking my console, no thanks.
As long as the system still works the way it's supposed to and they don't zap any more features, Sony can download anything they want onto my system.
I'm reading the homebrew thread and I see some happy homebrewers, but I also see widespread inconsistencies in executing some of these programs, and at least a couple of people have lost their system.
If playing Nier off my hard drive means that potentially I won't be able to connect to a media server without Sony bricking my console, no thanks.
ClovingWestbrook
Banned
Yea, you are not accusing anybody. <wink wink>LiquidMetal14 said:
LiquidMetal14 said:
meh, its just a matter of not upgrading or not (for the time being)
Good thing people who done this have 2 consoles or just don't care
LiquidMetal14 said:
I agree with you, I bought alot of shit too but people who are doing homebrew should be away something was going t happen.
Can't really complain when people expected Sony to do something about it.
LiquidMetal14
hide your water-based mammals
Not even close. All I'm saying is that no one on here will admit to it. I'm pretty sure I'm right on that. Unless you would walk about bragging about robbing the bank ofr 50 dollars? You know what I mean, I hope.LovingSteam said:
That's the approach I would take. But the more I try to rationalize findin a used unit or buying new, the less it seems like a smart idea. I would have 2 boxes hooked to the TV and 1 as a novelty for homebrew and the other for my gaming. If I had money to throw I would consider but it seems much less attractive to me to spend a decent amount of money on another unit.g35twinturbo said:
Well I decided to stay on 3.55 for the moment anyway. Maybe I'll homebrew and say goodbye to PSN (maybe for ever); Ubuntu looks to be on the way too.
To be honest the more I think about it I don't like the idea of Sony being able to run software to snoop on my system. And, no, I've got nothing to hide, but I don't trust corporations and with them pulling these kind of stunts without any announcement does nothing to soothe those fears. Call me paranoid if you like, but I have photos of my kid on the PS3 and a hard drive full of my files connected via USB; movies, mp3s, photos, etc. All that being accessible to Sony if they choose to look - or someone else if they exploit the 3.65 hole - rubs me up the wrong way.
So time to ponder my options with this; carry on GAF and make your own choices.
And can the pirate accusations, these are legit concerns for anyone with a fucking brain cell or two.
To be honest the more I think about it I don't like the idea of Sony being able to run software to snoop on my system. And, no, I've got nothing to hide, but I don't trust corporations and with them pulling these kind of stunts without any announcement does nothing to soothe those fears. Call me paranoid if you like, but I have photos of my kid on the PS3 and a hard drive full of my files connected via USB; movies, mp3s, photos, etc. All that being accessible to Sony if they choose to look - or someone else if they exploit the 3.65 hole - rubs me up the wrong way.
So time to ponder my options with this; carry on GAF and make your own choices.
And can the pirate accusations, these are legit concerns for anyone with a fucking brain cell or two.
LiquidMetal14 said:
Well see for me for example, its a matter of having a emulation box near my computer or another ps3.
its more convenient for me to have another ps3 since my setup (hell out of all people you know how my setup is lol).
I find it easier to just use a ps3 since their is a start of homebrew and I'm always curious on playing with new things.
You already know my stance on people "stealing", especially since you know where I work.
LiquidMetal14
hide your water-based mammals
I know you're an honest guy so no worries there. If only you would log in and play on PS3g35twinturbo said:
And this "wiping", does that essentially delete any traces of homebrew and the homebrew itself?
Please excuse my ignorance but I've read the entire thread and I'm still confused.
Does 3.56 block cfw from connecting to PSN?
Once 3.56 is "hacked" do Sony have security measures in place to not allow cfw to connect to PSN?
Is this all in effect right now?
Hope you can help, thanks.
Does 3.56 block cfw from connecting to PSN?
Once 3.56 is "hacked" do Sony have security measures in place to not allow cfw to connect to PSN?
Is this all in effect right now?
Hope you can help, thanks.
get2sammyb
Member
Isn't this really good news? As a legit user Sony can check my console as much as they like, so long as it doesn't hinder my general use of the machine I can continue playing my games as normal. Homebrew people can fiddle about with their system offline as much as they like (I'm cool with that, it doesn't affect me). Cheaters can't get on the PSN to cheat. Pirates have to exert significant effort to pirate making it a less attractive option for standard users, and even then they can't get online to play the games.
If I've misunderstood the information then I apologise, but this sounds like an ideal solution for everyone involved. At least for now anyway.
If I've misunderstood the information then I apologise, but this sounds like an ideal solution for everyone involved. At least for now anyway.
Grampa Simpson
Banned
Do we have confirmation that they're using those new keys to hashcheck executables uploaded through the new mechanism? If they are doing exactly that then I'll agree that my argument is invalidated.RyanDG said:
Argyle said:
I was indeed referring to the DVD firmware hack, but I figure such a strategy could work if applied to Sony's kernel checks. Especially since they could sign the program to do it. You're probably right, though.
It's kind of mind boggling that the latest 360 modified firmware can so deftly re-route Microsoft's checks. That shit's publicly available, yet Microsoft is apparently helpless. There wasn't even a ban wave last November. The situation is quite different, though. However, Microsoft does seem to have one small recourse - activating the new security sector on disks previously thought not to have it.
Zoe said:
Never seen anything like that anywhere. I only found out recently that they send a bunch of data at boot up. Software that calls home without permission should be banned.
But what's even worst is that they could target specific machines with different queries. And have particular code run on a users machine. Delete stuff. The privacy concerns are staggering. I suppose I was lulled into a false sense of control when they asked my permission to download firmware updates.
I bought my PS3 second hand. I never agreed to allow they to connect to their network each time i boot the time. I'm glad I have that blocked at the router level.
I'd be happier if the EU stepped in and mandated consent for any phone home stuff.
GavinGT said:
Yeah...I think this is why the hackers never spent much effort trying to keep JTAG'ed 360s on Live. You can see the end game already - Sony has a bunch of challenges waiting, they issue one new one, a bunch of people get banned (say the hackers can instantly detect that the challenge has changed, because the hacked firmware will report that the challenge they just got is unknown, whether they are immediately banned or not)...they work on getting a new hacked firmware out that counters the new challenge, and as soon as the post on PS3Scene or whatever comes out that there is a new firmware available, update now...boom, Sony pushes the button and changes the challenge on the PSN servers immediately after the hacked firmware is posted, and everyone is back to square one. Since the hackers are always forced to react, it's pretty much pointless to try to keep it updated.
It's why MS gave up when they were trying to get MSN Messenger to sign onto AIM.
LiquidMetal14 said:I know you're an honest guy so no worries there. If only you would log in and play on PS3
And this "wiping", does that essentially delete any traces of homebrew and the homebrew itself?
lol, you need to stop playing that damn PSN game (cars with balls?) I dont even remember the name lol.
Supposedly, the wiping is suppose to erase what they think Sony might look at if people was on CFW
plagiarize
Banned
yeah they *could* do a bunch of shitty stuff with this, but until they do i wouldn't bitch personally. i mean, you could do a bunch of shitty stuff when you install CFW, but unless you do Sony shouldn't be able to do anything to you (other than release new firmwares that may or may not screw your console).
why these arguments are always framed as being whether CFW should be okay or not really confuses me.
Sony may have done this to fight CFW cause clearly they don't like it, but as an end user their motivations for doing it shouldn't be relevent surely?
but anyways, i see this as fine, and i see CFW as fine. the hackers will find a way around this, and Sony will come up with something new, and so on. that's how it is, and that's how it should remain.
why these arguments are always framed as being whether CFW should be okay or not really confuses me.
Sony may have done this to fight CFW cause clearly they don't like it, but as an end user their motivations for doing it shouldn't be relevent surely?
but anyways, i see this as fine, and i see CFW as fine. the hackers will find a way around this, and Sony will come up with something new, and so on. that's how it is, and that's how it should remain.
LiquidMetal14
hide your water-based mammals
You insulting that game is like insulting my wench! It's Super Acrobatic Rocket Powered Battle-cars. Best game on PSN, deal with it!!g35twinturbo said:
Time to wipe dat PS3 ass then and get on to get your ass whooped.
Beer Monkey
Member
Zoe said:
Thing is it appears they collect the data when you boot even if you never have connected to the PSN.
Zoe said:
It doesn't mean they have* the ability to collect that information.
And that is total bullshit anyway. EU stand up for your citizens and lay the smack down on Sony and their stupid EULA...
I'm going to have to write to the EU commission.
* EDIt; excuse me, had the ability. They now have the ability to run whatever they like in their new FW and nobody will be the wiser.
Vagabundo said:
Do you use an anti virus on your pc?
Firewall?
Adware scanner?
E-mail provider?
Steam?
Punkbuster?
I can go on, but in order for those guys to provide the service you paid for they have to look at your shit in detail to keep it secure.
I'd much rather Sony actively looked for and banned hackers who are causing nothing but problems for legit paying customers in some games than did nothing.
kitch9 said:
No I don't. Ubuntu user here (2 computers, 2 laptops). I do have steam in a walled garden on a gaming PC with no private data on it at all.
I'm a legit paying customer and I want to be informed about what they are doing on MY machine. I don't want to have to find out from a bunch of hackers on IRC thanks.