A member Haxnetwork  NOkk3r1 has came up with a very simple method for fixing the Ps3 YLOD , This YLOD Fix is by far the best methods we here at Modsandhacks have come across.  This Fix requires some technical know how but is low risk due to minimal disassembly of the PS3.  This method of fixing the yellow light of death  does so by using washers to add pressure to the PS3’s CPU and GPU Chips, Quite similar to the Xbox 360 Xclamps.

NOkk3r1 claims to have had good success with this method he says that he has tried it on many version of the PS3 and managed to get good results overall. He has also released a in depth PDF tutorial showing exactly how to Fix your PS3.

Download PDF YLOD TUTORIAL

Source

It seems as though Geohot is not all talk and no action, recently he has released a Custom Firmware named (3.21OO) which re-enables the support for other OS support such as Linux. His recent exploit forced Sony to remove other OS support as the exploit was a glitch which allowed him access to the Hypervisor, another hacker by the name of Jaicrab has found a way to dump the Hypervisor level 2, other OS along with the bootloader, this is why Sony found the need to remove the other OS support. The custom firmware isn’t available yet but will be public soon by Geohot himself.

Geohots Official Quotes from the post “Other OS supported on 3.21oo”

Here is a video demoing my “custom firmware”. It’s not any sort of version string change; I would have added something showing off the new features of 3.21, but oh wait, there aren’t any.

This can be installed without having to open up your PS3, just by restoring a custom generated PUP file, but only from 3.15 or previous. It’s possible this CFW will also work on the slim to actually *enable* OtherOS; I’ll know when my infectus gets here.

No release date yet, use the proxy hack to play online with 3.15

Note to the people who removed OtherOS, you are potentially turning 100000+ legit users into “hackers.” There was a huge(20x) traffic spike to this blog after the announcement of 3.21. If I had ads on this site I guess I’d be thanking you.

Check out the Video in action:

Sony’s PlayStation 3 will be INCOMPATIBLE with BDXL which is the new format for upcoming  3D movies!

Official Press Release Quotes:

The Blu-ray Disc Association’s rolling out a new BDXL format capable of holding up to 128GB (write-once) or 100GB (rewriteable).

Press Release: Blu-ray Disc Association Announces Additional Format Enhancements

LOS ANGELES (Business Wire) Apr 03, 2010 The Blu-ray Disc Association (BDA) today announced two new media specifications that use Blu-ray Disc technology to provide targeted functionality for commercial and consumer applications. The specifications for BDXL™ (High Capacity Recordable and Rewritable discs) and IH-BD (Intra-Hybrid discs) are expected in the next few months.

The BDXL specification, which is targeted primarily at commercial segments such as broadcasting, medical and document imaging enterprises with significant archiving needs, will provide customers with write-once options on 100GB and 128GB capacitydiscs and rewritable capability on 100GB discs.

The discs reach these capacities by incorporating three to four recordable layers. A consumer version of BDXL is also expected, particularly in those regions where BD recorders have achieved broad consumer acceptance.

“Professional industries have expressed a desire to find optical disc solutions that enable them to transition away from magnetic media for their archiving needs,” said Victor Matsuda, Blu-ray Disc Association Global Promotions Committee chair.

“Leveraging Blu-ray Disc to meet this need provides professional enterprises with a compact, stable and long term solution for archiving large amounts of sensitive data, video and graphic images using a proven and widely accepted optical technology.”

The Intra-Hybrid Blu-ray Disc (IH-BD) incorporates a single BD-ROM layer and a single BD-RE layer so as to enable the user to view, but not overwrite, critical published data while providing the flexibility to include relevant personal data on the same physical disc.

This allows for consumer specific applications where combining published content with related user data on a convenient, single volume is desirable. Both the ROM and the RE layers on IH-BDdiscs provide 25GB of capacity.

Because both BDXL and IH-BD are specially designed formats with specific market segments in mind, newly-designed hardware is required to play back or record BDXL or IH-BD media. However, because the new media specifications are extensions of current Blu-ray Disc technology, future BDXL and IH-BD devices can be designed to support existing 25GB and 50GB Blu-ray Discs.

Stay tuned to Mods and Hacks for the latest updates on BDXL.

It seems like quite a while has past since Geohot first discovered the PlayStation 3 exploit. But it seems as he is not the only one trying to break the PlayStation 3’s security. Recently a Spanish hacker by the name of Jaicrab has made some real serious progress by recently revealed a way of dumping the PS3 Hypervisor level 2 including the boot loader and game OS, via the LPT port.

This hack still uses the exploit which Geohots found, this is because Geohots original glitch uses Linux to gain access to the Hypervisor, Jaicrab has come up with the interface and methods to dump this information. Something Sony clearly does not want! (no wonder Sony wants to pull out other OS support) .  JaicraB has made some good progress in using the original Geohot exploit, and the tools from XorLoser in making some good useful dumps of the  “.lvl2″ area which is the area of system Sony is going out of their way to protect especially areas like the XMB OS. According to Jaicrab its all about keeping the RAM intact and rebooting into the Game OS after doing the Geohot exploit in the Other OS, the dumps are then transfered via the LPT (printer) port to the PC and is interfaced with MS-DOS.

e

We will go into more in depth soon but basically you are going to have to install another OS on your PS3 such as Yellow dog Linux or Ubuntu. create the LPT cable above from the schematics and download Geohots exploit along with MS-DOS! With the correct combination you should be able to dump the Boot Loader and Hypervisor LV2 areas of the PS3. This doesn’t mean nothing much to us now but it may hold key encryption keys, algorithms and with some time can lead to a fully fledged hack. Although it is not a full hack i personally believe it is solid progress and a step forward in the PS3 hacking scene.

Stay Tuned for a Full English Tutorial on dumping your hypervisor and bootloader.

For now you can follow Jaicrab on his Blog.

As an addition to the recent post “PS3 firmware 3.2 stops linux support” Geohots has also made a few post recently named “Don’t Update” and “Wait, you are removing a feature” slandering Sony’s move with the new 3.2 firmware update. He then goes on stating that first we lost PS2 game support, SACD playback and now other OS support. He also stated that “The PlayStation 3 is the only product I know that loses features throughout it’s life cycle.”This view is definitely something both Mods and Hacks and Geohot has in common.

Official Quote from Geohots blog – Labelled Don’t Update

A note to people interested in the exploit and retaining OtherOS support, DO NOT UPDATE. When 3.21 comes out, I will look into a safe way of updating to retain OtherOS support, perhaps something like Hellcat’s Recovery Flasher. I never intended to touch CFW, but if that’s how you want to play…

Two things, some people seem to think CFW will enable some sort of piracy. It won’t. It’ll just be a custom version of 3.21 that doesn’t lose OtherOS support. Hacking isn’t about getting what you didn’t pay for, it’s about making sure you do get what you did.

And this is about more than this feature right now. It’s about whether these companies have the right to take away advertised features from a product you purchased. Imagine if an exploit were found in Safari on the iPhone, but instead of fixing it, Apple decides to pull web browsing altogether. Legally, they may be within their right to do so, but we have to show them it’s the wrong move for the future of the product and the company.

For now, it looks like proxying the query for new firmwares is working. My investigation into 3.21 has begun.

Official Quote from Geohots blog – Labelled Wait, You are removing a feature

First off, I want to apologize to all the people who use Linux on their PS3. Before releasing, I weighed the pros and cons, and considered the possibility of an impact on OtherOS support. My logic was this. OtherOS support had already been removed from the Slim(not for technical reasons; I believe it only existed in the first place to promote the Cell for IBM) The builders had apparently no intention of including it in future products. So for the purposes of openness why not release? Not like anything else has(or probably will be) done on the PS3.

Now you go and remove a feature that people expected to be included with the expensive device they purchased, citing “security concerns”. What security concerns? It’s not like the exploit can be run even close to without the users knowledge. You have to open the fucking thing up. How could this harm users? Your blog post doesn’t list positive reasons for upgrading like I think most users expect. Instead it lists things you will lose if you don’t upgrade. Seriously?

The PlayStation 3 is the only product I know that loses features throughout it’s life cycle. Software PS2 emulation, SACD playback, and OtherOS support are all just software switches you can flip. It’s unbelievable you would go and flip one, not just on new boxes you are shipping, but on tens of millions already in the field.

Again I’m sorry users. Sony, I expected more from you.

It seems as Geohots is not all talk and no action as he has recently released some custom themes for the PlayStation 3. He claims this was accomplished in almost the same way the PSP customs themes were modified, via RCO edits. Now all we are waiting for is the real PS3 Hack.

Quote:

“As some people in the comments called, it’s an RCO file edit, just like RCO edits on the PSP(almost same format too). RCO files are resource files for VSH plugins, live in the dev_flash, and aren’t signed. To edit them on your system, patch your hypervisor to allow encrypted access to the partition(flash on old systems, hd on new), and mod ps3pf_storage. dev_flash is just a FAT partition, mount it in Linux and change what you’d like.”

Sony announces Firmware Update 3.2 to be released on the 1st of April!

ADDED features – None

REMOVED features – 1 – Other OS support REMOVED  - PS3 LINUX my fellow hackers has been removed!

Instead of adding functionality of the PS3 console Sony has decided to do the exact opposite and remove functionality from the console. Sony has announced a new firmware update “3.2″ which will be available from the 1st April. This update will put a halt to other OS support on the console. This was a cool feature especially enjoyed by the ModsandHacks team although many may not have even heard of it. It allowed users to turn their PS3 into a computer running an OS such as Ubuntu or Yellow dog lunux allowing it to run Linux based applications. Linux Support was also dropped with the Slim model, so this was a planned move on behalf of Sony.

Along with what was first announced this is not the first thing to be dropped since the release of the console. Sony has also dropped the SD/MMC card support shortly after the console was released, and reduced the speed of the cell processor, now we loose Linux support what will be next Blu-ray support? It seems as each firmware update or revision of the PS3 comes out the less features the console has. Many features which stood as a unique selling point for the PlayStation 3 has been removed and we here at Mods and Hacks think that this is unacceptable.

SCEA’s Patrick Seybold explains that the removal of said functionality is necessary “due to security concerns … [and] will help ensure that PS3 owners will continue to have access to the broad range of gaming and entertainment content from SCE and its content partners on a more secure system.”

We believe that this is a direct response to Geohots PS3 exploit and although it is a precautions measure by Sony to protect there console, personally we think that Sony is too greedy in this game and will leave many fans with a rather negative opinion, especially the fact  that no new features were added, just removed it seems as a punch in the arm to all us loyal fans.  Sony has made many promises and the mere fact that Sony keeps taken away features which were promised to us at the console release at E3. To keep taking out features out through-out the consoles life cycle is ridiculous and may affect Sony’s reputation.

We here at Mods and Hacks will not be updating our console to the new firmware and suggest you do the same if you don’t use there online features. We would rather wait for the PS3 Hack.

Sony Releases Anti Geohot Patent.

anti-ps3-hack

Sony have recently registered a Patent that could render the likes of exploits like Geohot’s recently released PS3 hack useless. The technology was developed by a Sony employee by the name of  Kanna Shimizu, who is a security Architect for cell Based Security Achchitectures.

We here at Modsandhacks think that this is a direct stab to to Mr Geohot. Sony are obviously trying to make a statement by trying to stay one step ahead.

Here is Qoute from the Abstract of the Patent

A method, system, and computer-usable medium are disclosed for controlling unauthorized access to encrypted application program code. Predetermined program code is encrypted with a first key. The hash value of an application verification certificate associated with a second key is calculated by performing a one-way hash function. Binding operations are then performed with the first key and the calculated hash value to generate a third key, which is a binding key. The binding key is encrypted with a fourth key to generate an encrypted binding key, which is then embedded in the application. The application is digitally signed with a fifth key to generate an encrypted and signed program code image. To decrypt the encrypted program code, the application verification key certificate is verified and in turn is used to verify the authenticity of the encrypted and signed program code image. The encrypted binding key is then decrypted with a sixth key to extract the binding key. The hash value of the application verification certificate associated with the second key is then calculated and used with the extracted binding key to extract the first key. The extracted first key is then used to decrypt the encrypted application code.

Read full patent here

Geohots recent blog post labeled “on the isolated SPUs” has created much attention as bunch script kiddie’s has generated a foray of negative comments aimed at Mr Geohot. The main culprit in this affair is by a user named 1 … who makes it very clear he does not like Geohot.

[Qoute from 1 said...]

“It’s nothing but a hardware enabled memory glitch…which, with the rig shown in the pictures would work on ANYTHING with a chip in it and you still couldn’t run any REAL code. “hacking” it while ON with the system locking up or being damaged more often than triggering the glitch is NOT A HACK.”

He then goes on to say

“Don’t claim you’ve hacked what you haven’t, or be as lame as this ‘glitch’ your trying to ride your coat-tails on, to unfounded glory.”

He then spams

“GEOHOT PIECE OF SH*T”

Geohots  then replies to 1’s… comments

^^Oh yea, stupid me asking people to do something, I forgot how worthless they were. You get me the iPhone AES key and I’ll admit the PS3 isn’t hacked.”

We here at Modsandhacks expect this type of behaviour to continue until an a full hack is released, I guess this poses the real question of what is the definition of a hack.

Geohots has updated his blog an has added some further information to regarding the now famed Geohots PS3 Exploit. He informs us that the SPUs and PPUs can be be utilised by clever maping of memory that can hide or bypass the Hypervisor. He also talk about the cell root key. He adds that it is most likely that it will never be accuired and that indeed it is not needed to Hack the PS3.

Quote from Geohot’s Blog

“Today I verified my theories about running the isolated SPUs as crypto engines. I believe that defeats the last technical argument against the PS3 being hacked.

In OtherOS, all 7 SPUs are idle. You can command an SPU(which I’ll leave as an exercise to the reader) to load metldr, from that load the loader of your choice, and from that decrypt what you choose, everything from pkgs to selfs. Including those from future versions.

The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.

Ah, but you still didn’t get the Cell root key. And I/we never will. But it doesn’t matter. For example, we don’t have either the iPhone or PSP “root key”. But I don’t think anyone doubts the hackedness of those systems.

I wonder if any systems out there are actually secure?”