Print

[PS3Scene]

Playstation 3 Flash ECC Algorithm Reversed Posted by XanTium | 22-9-2008 13:53 EST

From ps3news.com: First, a small technical explanation. We were not able to modify any data on the PS3's flash chips due to the ECC. The ECC is a checksum basically, that ensures whatever data is in the block is not changed or corrupted, and if it is it errors. So, the problem was since when we tried to alter data, the ECC would then in turn be invalid, causing errors, making the system not boot. We did develop a way around this, however, it was time consuming and quite slow. We used the PS3 to write data to the flash, then dump it, with its proper ECC, then rewrite to where we needed it. This would take hours on end! We were not able to regenerate the ECC since we did not know the proper algorithm. But now, we can!! After multiple tests done by NDT to see what the ECC algorithm was when the block was filled with some magic data, our very own RPS was able to reverse the algorithm! What does this mean? Simple, we are now able to in minutes properly edit a flash dump, regenerate the ECC and flash it onto the PS3 in order to experiment with flash changes. Using this, we have already found where the encrypted keys are stored for SELF's, PKG's, and BD Pairing among other things, more on that in the weeks to come. Furthermore, NDT implemented RPS's ECC regeneration code into his newest FlowRebuilder, which will be posted next week! Finally, this has already saved one PS3! Hacked2123's PS3, which bit the dust long ago due to a bad flash was recently fixed thanks to RPS's ECC Regeneration code which was built into NDT's newest FlowRebuilder! His PS3 had bad data that did not match the ECC data, resulting in a plethora of issues. However, as described here, it is now fixed!

[badbrains]

So let the hacking begging. Time to go get some large size externals.

[spinr34]

props to all the people involved with this.

[Ranger72]

This sounds very interesting indeed.

[vildzek]

Great respect from me, is a lot of work with Ps3 !!!

[wassco]

AMAZING WORK GUYS!

i cant begin to tell you how long ive been waiting for this!

keep up the great work!!!

[bubbafett4hire]

wonderful news now self repairs are a reality, would be nice to see what some of the PSP groups have to say about this maybe Dark Alex will switch systems

[badeip]

It would be interesting to analyze one of the dumps.
I am guessing the ECC algorithm is a Reed Solomon derivate?

-badeip
binary-art.net

[eduardor2k]

Very good news.  

Congrats to everyone involved.

[wassco]

Im curious, why is it when bunny made the dvd-mod for the 360 there was like...30 pages of ppl replying, but when the ps3 gets any news, theres...10 ppl overly excited....

its a shame

not enough ppl in the ps3 scene at all, it sucks

[dave_birdi2007]

Niiice, I imagine we'll have to wait a bit longer before we can play backup games though. Is there any more technical info on this?

Regards,

[ILikeMeat]

So...does this mean...you can run whatever you want on the PS3? Hacked dashboard or home or whatever PS3 calls it...PS3 has been hacked or at least has the possibility to be hacked more than the 360? I might want to pick up a PS3....

[bubbafett4hire]

QUOTE(ILikeMeat @ Sep 25 2008, 04:40 PM)

So...does this mean...you can run whatever you want on the PS3? Hacked dashboard or home or whatever PS3 calls it...PS3 has been hacked or at least has the possibility to be hacked more than the 360? I might want to pick up a PS3....

No..not yet anyway but this is a good step in the right direction meaning that they can now write the Sony firmware to the PS3 but a true dump and study of the dump would have to be explored for any security points and checks and so on, then a exploit of some kind or even a custom firmware would have to be developed for implementation in order to running home brew from the XMB as seen in the PSP

Had we not seen the Linux system out of the box when released this hack would have probably been done a least a 6 months after the release of the PS3 as there whould have been more of a push from more groups to do this

[HotKnife420]

QUOTE(bubbafett4hire @ Sep 25 2008, 11:34 PM)

No..not yet anyway but this is a good step in the right direction meaning that they can now write the Sony firmware to the PS3 but a true dump and study of the dump would have to be explored for any security points and checks and so on, then a exploit of some kind or even a custom firmware would have to be developed for implementation in order to running home brew from the XMB as seen in the PSP

Had we not seen the Linux system out of the box when released this hack would have probably been done a least a 6 months after the release of the PS3 as there whould have been more of a push from more groups to do this

 I believe there was a tiff exploit of some sort that worked on an early firmware, but I don't know what all it allowed. I believe this means they could re-flash an older firmware if an exploit exists it, much like what is talked about with the 360's KK exploit.

 Hopefully, some juicy homebrew ensues.

[darkshadow2k8]

well if its that easy to downgrade firmware on the ps3 thats a good thing because it will allow to see if any security holes exist than make a hacked firmware but u would have to have the games installed on the hard drive as no one wants to buy a blu ray burner and blu ray discs unless they can find a way around that and use dl discs

im just surprised that hacking the ps3 took this long either sony did real well or people just dont care