Post: Sony Adds PS3 Firmware 3.60 Authentication on PSN
Options
03-17-2011, 08:54 PM
#1
CLM
[b]They say sorry Mr. West is..[/b]
Source: Several Sites // By: ClutchLikeMelo // March 17, 2011
Just when it seems like Sony can't do anything about jailbreakers, they always find another roadblock to throw at them. Weeks if not months have gone by since the originally exploited 3.55 firmware has been patched. But Sony's supposed 'security fixes' haven't stopped many from connecting to the PSN. With all sorts of bypass methods available for use such as spoofers, ****psn, Charles, DNS codes, and more, hackers continue to get PSN access.
Let's look back at Sony's timeline to battle the hackers.
January 27, 2011 - PS3 3.56 Firmware is released: A security patch has been added.
February 2, 2011 - PS3 DNS bypass gets patched (for 3.56 FW)
February 16, 2011 - Sony sends emails and release an official statement regarding PS3 circumvention devices and pirated software
To avoid this, consumers must immediately cease use and remove all circumvention devices and delete all unauthorized or pirated software from their PlayStation 3 systems.
March 9, 2011 - PlayStation Network Maintenance for unknown reasons
March 10, 2011 - Sony releases 3.60 firmware which adds some new features and more security fixes
March 16/17, 2011 - PSN undergoes maintenance again to add 3.60 authentication
That's right. They just ran a PSN maintenance to add 3.60 authentication. This means spoofers and any bypasses will no longer work. Famous hacker Mathieulh has even tweeted some messages about this, saying that some people using spoofers can connect to PSN just to get flagged!
You must login or register to view this content.
Here is an IRC chat the Mathieulh was in. They were discussing this whole situation.
Scorpion1: well mathieulh said the 3.55 one is
Scorpion1: saktdlMapxsbsghmq5dhlwrmtsicyijmzntqaLcpgd8ybbetdmsha=jm
Scorpion1: and thats from his ps3 i take it
Scorpion1: so is yours the same ?
trixter: yeah that is the same as my 3.55
Scorpion1: so its the same then
Mathieulh: it's a static value
Mathieulh: for all ps3s
trixter: so it appears that it is the same which means that they are not as smart as I gave them credit for
Mathieulh: that's the 3.55 one
Mathieulh: basically 3.56 and below have that old passphrase
Scorpion1: what about all the old firmwares like 3.21 etc did the passphrase change much ?
trixter: its used to auth with psn
trixter: one of the HTTP headers
trixter: X-Platform-Passphrase: saktdlMapxsbsghmq5dhlwrmtsicyijmzntqaLcpgd8ybbetdmsha=jm
segobi: its tghaaiennclabelcaxetighenpgjgth5gkdhwlwldighhj8kehehxl
MCPADDING: lol i'll just wait for team rebug to release a pkg
trixter: it *ONLY* is used to log into psn
trixter: nothing else
Scorpion1: trixter so you have the 3.60 passphrase ... whats the first character of it ?
trixter: my scope is very narrowly defined, security/privacy related stuff in terms of where your information goes, to whom, when/why, so that you can make informed decisions about how you use things
Scorpion1: there not going to ban anyone if you cant get online on psn anyway, whats the point in them doing that
trixter: attempting to get online with a spoofed version lets them know who is violating the tos, they can console ban so tthat the device never gets on in the future even if you manage to figure it out
trixter: the ban would only be from psn, it would stop them getting on psn
Sc0rpius: trying to circumvent it is a direct violation of the TOS, so they could ban anyone with non matching version and passphrase
Celestria: i been playing on jpsn for last month
Celestria: no ban
trixter: Celestria: each region is run independently of each other. you may get banned for certain language on one but not on the others, and a ban in one place does not guarantee it elsewhere
Scorpion1: bet graf could find the 3.60 passphrase and he will post it, he posts everything lol
trixter: Scorpion1: probably, although its already known to some
trixter: it treally is not that hard to get it
trixter: at least by my method, which requires no sneaky access to any of the software on the system, no disassembling, no nothing that way..
Scorpion1: but for 3.60 the ssl encryption keys changed
Scorpion1: didnt they
trixter: no
defyboy-: you will need to generate your own certificate
trixter: ssl makes new keys for each connection unless it caches
trixter: if it caches it may use the same keys for a session to the same host but it will eventually rotate them to new keys either because its a new session or different host or watever
trixter: its just how ssl works
George234: does it use the chain of trust?
trixter: it uses PKI yes, that is how SSL works (for https anyway)
trixter: but the session key is dynamically created, it is just transmitted using the public key that is part of the server
Scorpion1: so you can connect a 3.55 console get the ssl encryption keys cached , then connect an official 3.60 console and decrypt the ssl ?
trixter: nono they are cached in memory and are device specific
So again, be careful before you log on to PSN with a spoofed firmware. There's a possibility you can get flagged. Other people using spoofers or bypasses, you may receive the good ol' "A system software update is required. Do you want to update now?
You must login or register to view this content.
Not much more I can tell you at the moment. I will keep you updated with this thread as more information arises so be sure to check back.
The following 5 users say thank you to CLM for this useful post:
03-17-2011, 08:58 PM
#3
djh1495
Gotta Love Mods <3
Originally posted by ClutchLikeMelo
Sony Adds PS3 Firmware 3.60 Authentication on PSN
Source: Several Sites // By: ClutchLikeMelo // March 17, 2011
Just when it seems like Sony can't do anything about jailbreakers, they always find another roadblock to throw at them. Weeks if not months have gone by since the originally exploited 3.55 firmware has been patched. But Sony's supposed 'security fixes' haven't stopped many from connecting to the PSN. With all sorts of bypass methods available for use such as spoofers, ****psn, Charles, DNS codes, and more, hackers continue to get PSN access.
Let's look back at Sony's timeline to battle the hackers.
January 27, 2011 - PS3 3.56 Firmware is released: A security patch has been added.
February 2, 2011 - PS3 DNS bypass gets patched (for 3.56 FW)
February 16, 2011 - Sony sends emails and release an official statement regarding PS3 circumvention devices and pirated software
Unauthorized circumvention devices for the PlayStation 3 system have been recently released by hackers. These devices permit the use of unauthorized or pirated software. Use of such devices or software violates the terms of the “System Software License Agreement for the PlayStation 3 System” and the “Terms of Services and User Agreement” for the PlayStation Network/Qriocity and its Community Code of Conduct provisions. Violation of the System Software Licence Agreement for the PlayStation 3 System invalidates the consumer guarantee for that system. In addition, copying or playing pirated software is a violation of International Copyright Laws. Consumers using circumvention devices or running unauthorized or pirated software will have access to the PlayStation Network and access to Qriocity services through PlayStation 3 system terminated permanently.
To avoid this, consumers must immediately cease use and remove all circumvention devices and delete all unauthorized or pirated software from their PlayStation 3 systems.
March 9, 2011 - PlayStation Network Maintenance for unknown reasons
March 10, 2011 - Sony releases 3.60 firmware which adds some new features and more security fixes
March 16/17, 2011 - PSN undergoes maintenance again to add 3.60 authentication
That's right. They just ran a PSN maintenance to add 3.60 authentication. This means spoofers and any bypasses will no longer work. Famous hacker Mathieulh has even tweeted some messages about this, saying that some people using spoofers can connect to PSN just to get flagged!
You must login or register to view this content.
Here is an IRC chat the Mathieulh was in. They were discussing this whole situation.
Scorpion1: the 3.60 passphrase will be the same for everyone
Scorpion1: well mathieulh said the 3.55 one is
Scorpion1: saktdlMapxsbsghmq5dhlwrmtsicyijmzntqaLcpgd8ybbetdmsha=jm
Scorpion1: and thats from his ps3 i take it
Scorpion1: so is yours the same ?
trixter: yeah that is the same as my 3.55
Scorpion1: so its the same then
Mathieulh: it's a static value
Mathieulh: for all ps3s
trixter: so it appears that it is the same which means that they are not as smart as I gave them credit for
Mathieulh: that's the 3.55 one
Mathieulh: basically 3.56 and below have that old passphrase
Scorpion1: what about all the old firmwares like 3.21 etc did the passphrase change much ?
trixter: its used to auth with psn
trixter: one of the HTTP headers
trixter: X-Platform-Passphrase: saktdlMapxsbsghmq5dhlwrmtsicyijmzntqaLcpgd8ybbetdmsha=jm
segobi: its tghaaiennclabelcaxetighenpgjgth5gkdhwlwldighhj8kehehxl
MCPADDING: lol i'll just wait for team rebug to release a pkg
trixter: it *ONLY* is used to log into psn
trixter: nothing else
Scorpion1: trixter so you have the 3.60 passphrase ... whats the first character of it ?
trixter: my scope is very narrowly defined, security/privacy related stuff in terms of where your information goes, to whom, when/why, so that you can make informed decisions about how you use things
Scorpion1: there not going to ban anyone if you cant get online on psn anyway, whats the point in them doing that
trixter: attempting to get online with a spoofed version lets them know who is violating the tos, they can console ban so tthat the device never gets on in the future even if you manage to figure it out
trixter: the ban would only be from psn, it would stop them getting on psn
Sc0rpius: trying to circumvent it is a direct violation of the TOS, so they could ban anyone with non matching version and passphrase
Celestria: i been playing on jpsn for last month
Celestria: no ban
trixter: Celestria: each region is run independently of each other. you may get banned for certain language on one but not on the others, and a ban in one place does not guarantee it elsewhere
Scorpion1: bet graf could find the 3.60 passphrase and he will post it, he posts everything lol
trixter: Scorpion1: probably, although its already known to some
trixter: it treally is not that hard to get it
trixter: at least by my method, which requires no sneaky access to any of the software on the system, no disassembling, no nothing that way..
Scorpion1: but for 3.60 the ssl encryption keys changed
Scorpion1: didnt they
trixter: no
defyboy-: you will need to generate your own certificate
trixter: ssl makes new keys for each connection unless it caches
trixter: if it caches it may use the same keys for a session to the same host but it will eventually rotate them to new keys either because its a new session or different host or watever
trixter: its just how ssl works
George234: does it use the chain of trust?
trixter: it uses PKI yes, that is how SSL works (for https anyway)
trixter: but the session key is dynamically created, it is just transmitted using the public key that is part of the server
Scorpion1: so you can connect a 3.55 console get the ssl encryption keys cached , then connect an official 3.60 console and decrypt the ssl ?
trixter: nono they are cached in memory and are device specific
So again, be careful before you log on to PSN with a spoofed firmware. There's a possibility you can get flagged. Other people using spoofers or bypasses, you may receive the good ol' "A system software update is required. Do you want to update now?
You must login or register to view this content.
Not much more I can tell you at the moment. I will keep you updated with this thread as more information arises so be sure to check back.
Source: Several Sites // By: ClutchLikeMelo // March 17, 2011
Just when it seems like Sony can't do anything about jailbreakers, they always find another roadblock to throw at them. Weeks if not months have gone by since the originally exploited 3.55 firmware has been patched. But Sony's supposed 'security fixes' haven't stopped many from connecting to the PSN. With all sorts of bypass methods available for use such as spoofers, ****psn, Charles, DNS codes, and more, hackers continue to get PSN access.
Let's look back at Sony's timeline to battle the hackers.
January 27, 2011 - PS3 3.56 Firmware is released: A security patch has been added.
February 2, 2011 - PS3 DNS bypass gets patched (for 3.56 FW)
February 16, 2011 - Sony sends emails and release an official statement regarding PS3 circumvention devices and pirated software
To avoid this, consumers must immediately cease use and remove all circumvention devices and delete all unauthorized or pirated software from their PlayStation 3 systems.
March 9, 2011 - PlayStation Network Maintenance for unknown reasons
March 10, 2011 - Sony releases 3.60 firmware which adds some new features and more security fixes
March 16/17, 2011 - PSN undergoes maintenance again to add 3.60 authentication
That's right. They just ran a PSN maintenance to add 3.60 authentication. This means spoofers and any bypasses will no longer work. Famous hacker Mathieulh has even tweeted some messages about this, saying that some people using spoofers can connect to PSN just to get flagged!
You must login or register to view this content.
Here is an IRC chat the Mathieulh was in. They were discussing this whole situation.
Scorpion1: well mathieulh said the 3.55 one is
Scorpion1: saktdlMapxsbsghmq5dhlwrmtsicyijmzntqaLcpgd8ybbetdmsha=jm
Scorpion1: and thats from his ps3 i take it
Scorpion1: so is yours the same ?
trixter: yeah that is the same as my 3.55
Scorpion1: so its the same then
Mathieulh: it's a static value
Mathieulh: for all ps3s
trixter: so it appears that it is the same which means that they are not as smart as I gave them credit for
Mathieulh: that's the 3.55 one
Mathieulh: basically 3.56 and below have that old passphrase
Scorpion1: what about all the old firmwares like 3.21 etc did the passphrase change much ?
trixter: its used to auth with psn
trixter: one of the HTTP headers
trixter: X-Platform-Passphrase: saktdlMapxsbsghmq5dhlwrmtsicyijmzntqaLcpgd8ybbetdmsha=jm
segobi: its tghaaiennclabelcaxetighenpgjgth5gkdhwlwldighhj8kehehxl
MCPADDING: lol i'll just wait for team rebug to release a pkg
trixter: it *ONLY* is used to log into psn
trixter: nothing else
Scorpion1: trixter so you have the 3.60 passphrase ... whats the first character of it ?
trixter: my scope is very narrowly defined, security/privacy related stuff in terms of where your information goes, to whom, when/why, so that you can make informed decisions about how you use things
Scorpion1: there not going to ban anyone if you cant get online on psn anyway, whats the point in them doing that
trixter: attempting to get online with a spoofed version lets them know who is violating the tos, they can console ban so tthat the device never gets on in the future even if you manage to figure it out
trixter: the ban would only be from psn, it would stop them getting on psn
Sc0rpius: trying to circumvent it is a direct violation of the TOS, so they could ban anyone with non matching version and passphrase
Celestria: i been playing on jpsn for last month
Celestria: no ban
trixter: Celestria: each region is run independently of each other. you may get banned for certain language on one but not on the others, and a ban in one place does not guarantee it elsewhere
Scorpion1: bet graf could find the 3.60 passphrase and he will post it, he posts everything lol
trixter: Scorpion1: probably, although its already known to some
trixter: it treally is not that hard to get it
trixter: at least by my method, which requires no sneaky access to any of the software on the system, no disassembling, no nothing that way..
Scorpion1: but for 3.60 the ssl encryption keys changed
Scorpion1: didnt they
trixter: no
defyboy-: you will need to generate your own certificate
trixter: ssl makes new keys for each connection unless it caches
trixter: if it caches it may use the same keys for a session to the same host but it will eventually rotate them to new keys either because its a new session or different host or watever
trixter: its just how ssl works
George234: does it use the chain of trust?
trixter: it uses PKI yes, that is how SSL works (for https anyway)
trixter: but the session key is dynamically created, it is just transmitted using the public key that is part of the server
Scorpion1: so you can connect a 3.55 console get the ssl encryption keys cached , then connect an official 3.60 console and decrypt the ssl ?
trixter: nono they are cached in memory and are device specific
So again, be careful before you log on to PSN with a spoofed firmware. There's a possibility you can get flagged. Other people using spoofers or bypasses, you may receive the good ol' "A system software update is required. Do you want to update now?
You must login or register to view this content.
Not much more I can tell you at the moment. I will keep you updated with this thread as more information arises so be sure to check back.
Hmmmm I wonder If hackers will find something new...
Always good to have 2 Ps3's though. :y:
03-18-2011, 01:02 AM
#8
RavagedBoom
Sing My Guitar
This will not stop bypassing. Hackers will find a way. They always do.
Copyright © 2026, NextGenUpdate.
All Rights Reserved.
