The Playstation 3 has been "jailbroken" *MOD NOTE POST 220*

Helix

The debug fw update is a package file downloaded from the web and installed offline tho so should run. The question is if itll work, are we aware of any hardware diff between retail and debug? Only a software thing that ive seen, so thinking maybe theres a debug os and regular one maybe?

Myrddin

Helix wrote: »

The debug fw update is a package file downloaded from the web and installed offline tho so should run. The question is if itll work, are we aware of any hardware diff between retail and debug? Only a software thing that ive seen, so thinking maybe theres a debug os and regular one maybe?

Well why would you need an exploit, if you can download it an run it? I'm not aware of hardware differences per se, but hardware identifiers are certainly there. Debug firmware will (for now) only install on a debug console.

Helix

Its a package file so you need the exploit to run it on a retail. Youre positive it wouldnt work then? Im tempted to try on one of my retails lol

Myrddin

Helix wrote: »

Its a package file so you need the exploit to run it on a retail. Youre positive it wouldnt work then? Im tempted to try on one of my retails lol

I'm not positive about anything :pac: As I said, I havn't seen your point raised before so original thinking award goes to you

If you decide to try it, let us know what happens. As I said though, because the firmware update reboots the machine, the exploit won't be of any use from the reboot onwards...interesting theory though...

Helix

gotcha about the reboot, but what im thinking is that the exploit isnt needed after the reboot, because you've installed the debug firmware onto the box so you should still be able to run packages, if that makes sense

i dont think this affects joe bloggs in the street anyway though, since theyve zero access to debug preview code, but its simply a curiousity for me. would be nice to be able to build my own debug instead of relying other companies to loan them you

Myrddin

Helix wrote: »

but what im thinking is that the exploit isnt needed after the reboot, because you've installed the debug firmware onto the box

You havn't though, from what I've seen when you click the firmware upgrade option, the installer & package are copied into memory, and your prompted to reboot. The actual install process doesn't technically begin until the reboot has completed, and the console enters a firmware upgrading process (it's not the standard GameOS), and as you know, once rebooted it's a bog standard console.

Now if there was a way of keeping the exploit alive somehow after a soft-restart, so the console continues in 'dev' mode, then it's possible, but as it stands, I seriously doubt it will install.

Varik

EnterNow wrote: »

once rebooted it's a bog standard console.

It'll not have the ability to run unsigned code, but it may not be bog standard there could be a trace that would be detectable. PSN now prevents any 3.41 PS3 using it and the work around no long works.

Myrddin

Varik wrote: »

It'll not have the ability to run unsigned code, but it may not be bog standard there could be a trace that would be detectable.

I'm talking about it's ability to run unsigned code from a soft-reboot. PSN wise anyone who gets banned deserves it, the warnings are quite clear.

Varik

EnterNow wrote: »

I'm talking about it's ability to run unsigned code from a soft-reboot. PSN wise anyone who gets banned deserves it, the warnings are quite clear.

Had an edit for the previous post, PSN now prevents any 3.41 PS3 using it with the work around no longer working so anyone tried to go online they'll probably get the deserved ban and it won't work anyway.

Myrddin

Varik wrote: »

Had an edit for the previous post, PSN now prevents any 3.41 PS3 using it with the work around no longer working so anyone tried to go online they'll probably get the deserved ban and it won't work anyway.

Yep, they closed off the DNS exploit a few days ago, can't say I'm dissappointed.

What I meant originally though, was in answer to Helix's theory about installing dev-mode firmware, in that once re-booted the PS3 becomes a 'retail' unit again and lacks the ability to run unsigned code. I didn't mean 'bog standard' in the sence that the original exploit can't be detected, or even a log file read by Sony.

Helix

Unless the install being copied to system memory means itll still run since the package has been extracted already. As you say, its an external module to the regular os, so perhaps sony never thought to cover that, since the hole didnt exist to allow retails to extract unsigned packages to memory before?

Myrddin

Helix wrote: »

Unless the install being copied to system memory means itll still run since the package has been extracted already. As you say, its an external module to the regular os, so perhaps sony never thought to cover that, since the hole didnt exist to allow retails to extract unsigned packages to memory before?

So again, why would you ever need the exploit as the firmware package isn't installed under "Install Package Files", it's intsalled using "System Update". Also why would it still run prior to OtherOS being loaded, everything including OtherOS runs under LV1 (Hypervisor), so whatever the loader for firmware, it's still under LV1.

Just because thr package is extracted into memory, doesn't mean the process has begun, trust me. Try it if you don't believe me

Helix

you need to exploit because debug firmware comes as a package file you manually run through the xmb. without the exploit you cant kick off the installation process of debug firmware

ive no clue about this kinda stuff, just bouncing around some thoughts of what i think might be logical

the debug update is completely different to the retail one, with retail it pulls it from online on the console, with debug youve to download it from a computer, put it onto a usb key and manually run the package - you cant do this on a retail because you cant run package files to extract the stuff in the first place. so my thoughts are that the ability to extract the debug firmware update in the first place may mean you can slip under the security features of a non up to date retail machine, allowing it to update as normal after reboot. the question for me is whether sony ever foresaw this and put some kind of additional safeguard in place that preempted the ability to extract the executables into system memory in the first place. if they did then it shouldnt work, but if they didnt think it was necessary since you couldnt extract the package in the first place, then they may not have the additional safeguards in place and the firmware update might work normally after reboot, converting a retail to a debug of sorts

maybe

i havent got a spare retail in canada though, so cant test it. i do however have a couple at home, neither of which have been fw updated in over a year, so will give it a go on them with the iphone hack when i get back for christmas

its perhaps not the kind of thing anyones given much thought to before, since joe soap doesnt have access to debug firmware

Myrddin

Helix wrote: »

the debug update is completely different to the retail one, with retail it pulls it from online on the console, with debug youve to download it from a computer, put it onto a usb key and manually run the package - you cant do this on a retail because you cant run package files to extract the stuff in the first place.

Sorry, but that's just wrong. It's exactly how I upgraded my retail unit to 3.41. The debug firmware also seems to be PUP based, & not package based, so it' nothing to do with unsigned code - the exploit will make no difference here.

From looking at your theory, it's been partially done two years ago using some kind of hdd swap method. But it only results in a hybrid retail-debug unit, with the debug options available but unuseable. Looks like there are hardware differences, or at least serious protection against this. Interesting to note that the PS3 debug systems can downgrade, with downgrade firmware PUP files too.

Google it, there'a a fair amount of info on it actually, & makes a good read

gizmo

EnterNow wrote: »

From looking at your theory, it's been partially done two years ago using some kind of hdd swap method. But it only results in a hybrid retail-debug unit, with the debug options available but unuseable. Looks like there are hardware differences, or at least serious protection against this. Interesting to note that the PS3 debug systems can downgrade, with downgrade firmware PUP files too.

There will most definitely be a difference in hardware between retail and debug kits.

Varik

gizmo wrote: »

There will most definitely be a difference in hardware between retail and debug kits.

Did anyone have a look at those old demo kits that they had, the ones were the ps3 case was empty and the stand contained all the equipment.

Leiva

Varik wrote: »

Did anyone have a look at those old demo kits that they had, the ones were the ps3 case was empty and the stand contained all the equipment.

Tweeted by Hector Martin :

"Got lv2 to output debug over USB. Turns out the only thing it outputs is "Prepare to shutdown .." when you hit the power button. Very lame."

vandammaged

just a matter of interest but how many different hacks are out clones and all that.

seems like a good few from what Ive seen online.

are they even near the playing game stage ?

just wondering

Helix

cant you play games on most of them?

Varik

Helix wrote: »

cant you play games on most of them?

If the hack works as it meant to then yes, the different version are just trying to apply the method to different devices so you use an phone, calculator, of any number of suitable gear.

Wez

gizmo wrote: »

There will most definitely be a difference in hardware between retail and debug kits.

PS3 secrets wrote:

PS3 Test Unit
Developers get a PS3 Test unit (Debugging Station) that allows it to run unsigned code. The machine is normally labelled Test below the PlayStation 3 logo, and it comes with a testkit. The PS3 model numbers for these Test machines are similar to the the ones for consumers, but instead of the CECH prefix, the model numbers have the DECH prefix. Unlike consumer units, a PS3 Test unit has an extra "Settings"->"Debug Settings" menu in the XMB (XrossMediaBar), which allows many options like downgrading to previous PS3 Test firmwares (available in PS3 Test firmware 2.00 and higher), changing the PS3 region, and treating a USB drive as a Blu-ray drive,. The PS3 Test unit is identical to the consumer PS3 unit hardware-wise, but the different software settings is tailored for allowing easy debugging of programs. By default it is missing Blu-ray movie decryption keys found in the retail PS3, but has decryption keys for running debug encrypted software. The PS3 Test, therefore, cannot decrypt and play retail Blu-ray movie discs, but can run retail PS3 games. In the DECHA models, PS2 games (any region, debug and retail) loading were disabled, but later firmwares allow it.

The Test PS3's are basically debug units, same as a retail with the JB device plugged in. Only difference is the firmware on them. If you can get the firmware off a Test unit and install it I can't imagine it wouldn't work.

The Tool units are the ones that are pretty much full on "devkits", hardware and software are completely different.

Fwiw, the same site also stated this a while ago:

PS3 secrets wrote:

The PS3 can enter a special "Service Mode". When it does the bottom right hand corner of the screen has a red translucent rectangle with the words "Playstation 3. Factory/Service Mode" inside of the rectangle. It is rumored that by plugging a special JIG in the USB port (and then pressing both Eject and Power button at the same time), the PS3 shuts down and is triggered into Service Mode the next time it boots up. This special mode then accepts firmware code loaded in from the USB port, and allows reflashing the firmware chip.

gizmo

Wez wrote: »

The Test PS3's are basically debug units, same as a retail with the JB device plugged in. Only difference is the firmware on them. If you can get the firmware off a Test unit and install it I can't imagine it wouldn't work.

The Tool units are the ones that are pretty much full on "devkits", hardware and software are completely different.

Fwiw, the same site also stated this a while ago:

Interesting Wez, thanks for that. I know there's definitely a difference between the devkits alright but I always thought the debug kits would be different from retail too.

Myrddin

gizmo wrote: »

Interesting Wez, thanks for that. I know there's definitely a difference between the devkits alright but I always thought the debug kits would be different from retail too.

Yeah nice one Wez, interesting read. I would say it's only a matter of time so, before debug firmware is installed on a retail. As far as I know though, debug *.pkg's are different to retail ones, and it requires some fiddling around to get a debug to run a retail pkg file. As it stands, it wouldn't be the be - all - end - all solution.

I would imagine, that custom firmware (if it does transpire), will be built on debug PUP firmware files, as that firmware can already run unsigned code. So if the debug firmware can by hybridised with retail functions (pkg files), then that would allow the system to run retail packages, unsigned code & all the other bits n pieces all without a usb jig once flashed.

Myrddin

SNES Emulator running. The Cell processor seems to handle that one anyway :rolleyes::p

https://www.youtube.com/watch?v=BQNIVtFPkOw

Helix

does that mean i was kinda right about debug fw on a retail box then?

would anyone fancy giving it a go if i got them debug fw?

gizmo

Helix wrote: »

does that mean i was kinda right about debug fw on a retail box then?

would anyone fancy giving it a go if i got them debug fw?

Well if the hardware is the same then the hurdles are purely software. The question is, can the firmware be changed given the current level of access the jailbreak allows.

Also, installing debug FW on a retail kit would be quite illegal I would say.

Myrddin

Helix wrote: »

does that mean i was kinda right about debug fw on a retail box then?

would anyone fancy giving it a go if i got them debug fw?

It wont install to date, the furthest anyone's gotten is a hybrid of the two, there's obviously added precautions. It will happen though, but not today. Google it, there's plenty of info on it out there. The debug firmware is also not as friendly as you think, there's a bit of fiddling around with retail pkg files needed, in order to run them on debug f/w's.

Helix

gizmo wrote: »

Also, installing debug FW on a retail kit would be quite illegal I would say.

How/why? I can understand itd invalidate warranty but how could it be against the law to put debug firmware on a retail box?

gizmo

Helix wrote: »

How/why? I can understand itd invalidate warranty but how could it be against the law to put debug firmware on a retail box?

Wouldn't there be certain restrictions put in place by Sony when they give you a debug kit that you can't do this kind of stuff? I would have thought it'd go beyond the use EULA level of enforcement anyway?

On a side note, as a games journalist shouldn't you be against all of this given how 99.9% of it's usage will be aimed at playing pirated games?

Helix

gizmo wrote: »

Wouldn't there be certain restrictions put in place by Sony when they give you a debug kit that you can't do this kind of stuff? I would have thought it'd go beyond the use EULA level of enforcement anyway?

On a side note, as a games journalist shouldn't you be against all of this given how 99.9% of it's usage will be aimed at playing pirated games?

i havent got a debug kit at the moment, hence my curiousity if i can turn a retail into a debug. sony can make you agree that you cant do anything like that with a debug, but how can they stop you doing anything with a retail machine they dont know you own?

and on the side note, why would i be against it? just coz im a games journalist means i have to be anti piracy? not at all, im a regular pirate of all kinds of stuff - just like practically everyone with an internet connection on the planet.

but tbh with this particular thing, im not interested in it for a piracy reason. im interested in it because it would be bloody great if i could turn a retail into a debug wherever in the world i am by loading up some different firmware.

secondly, im a believer in open source stuff and i think the next gen of machines will be surprisingly open to this kind of thing now that publishers have started figuring out a way around piracy. how long til every game is shipped with a special one off code at the back of the manual that allows access to the game, or something equally old school? not long ill wager - its starting with the online pass style thing, but whats to stop publishers deciding that only first time purchases are entitled to play the game, its easily done and it certainly isnt like you can run a keygen on your xbox

i think its very important that homebrew is encouraged, and im not talking about piracy here, im talking about actual homebrew. lets take it back to the days where people can build their own games with minimal tools and expense. yeah most of them will be woeful, but some will be inspired, and under the way it is now none of them would ever exist unless its opened up

well that certainly veered off the point, but yeah, pretty sure it explains where i stand on it. am i anti piracy? no. am i interested in this for piracy? no. do i care of joe bloggs uses the jailbreak to play pirated games? no. easy peasy