1. Forums /
  2. Gaming Lounge /
  3. PS3 /
  4. PS3 Mods and Cheats /
  5. Regarding CFW installation on 3.60+
Post: Regarding CFW installation on 3.60+
10-28-2012, 09:21 PM #1
ericmeltz's Avatar
ericmeltz
Grunt
(adsbygoogle = window.adsbygoogle || []).push({}); Trying to keep this as short and understandable as possible. I discuss why installing a modified PUP (CFW) on a OFW of 3.60+ will not happen anytime soon, so don't get your hopes up.

In 3.56 Sony fixed the metldr exploit (hardware) by wrapping its security around bootldr (hardware)
In 3.60 Sony fixed the ECDSA Algorithm, making the variable which was supposed to be randomly generated work as intended

What does this mean?

The ability to sign files (PUP, PKG, etc...) is lost because of the change of private key (not hardcoded) and the fix of ECDSA prevents us form getting the key again.

TO CLARIFY:

The recent exploit of bootldr (lv0) (hardware, Sony's Final Defense) allow the ability to modify PUPs 3.56+ which is why we are getting 4.21, 4.25, 4.30

BUT since the private key used in the OFW has been changed and is unknown, 3.60+ IS NOT POSSIBLE (Rogero 4.21 and E3 4.30 are still using 3.55 private key which is why you need 3.55)

ECDSA WILL NOT BE CRACKED. If it is, GLOBAL security will be compromised, as many other databases, websites, etc. are using ECDSA




If you need proof or further reading, google ECDSA.
(adsbygoogle = window.adsbygoogle || []).push({});

The following 25 users say thank you to ericmeltz for this useful post:

AMNE, Brentdevent, Cien, CodJumper:, DEREKTROTTER, ILovePie24!!, johncov1, Kush Friendly, Machiavelli_23, MxModz1, ohTrashy, PounDJo0DoGz0r, primetime43, Pseudo_Soldier, Pulsar877, sithxnew, spudeeelad, Swampman, Swifter, Terrorize 420, tunde1992, Vampytwistッ, Wesley_Pipes540, riggstq, xShadow

The following user groaned ericmeltz for this awful post:

kingpukka
10-28-2012, 11:09 PM #11
ericmeltz's Avatar
ericmeltz
Grunt
Originally posted by primetime43 View Post
So most likely we will never get the private key again?


To put it simply yes, we will never get it again...
10-28-2012, 11:11 PM #12
primetime43's Avatar
primetime43
Knowledge is power Tiphat
Originally posted by ericmeltz View Post
To put it simply yes, we will never get it again...


Isn't that because, doesn't each ps3 have its own individual key or something now?
10-28-2012, 11:17 PM #13
ericmeltz's Avatar
ericmeltz
Grunt
Originally posted by primetime43 View Post
Isn't that because, doesn't each ps3 have its own individual key or something now?


No, the private key is in all 3.60+ FW and is universal for all PS3s, but the one and only way to get it (which was the ECDSA fail that fail0verflow exploited in 2010) was fixed... So the key cannot be acquired, well unless of course sony decides to just give it out LOL. yeah not gonna happen
10-28-2012, 11:19 PM #14
primetime43's Avatar
primetime43
Knowledge is power Tiphat
Originally posted by ericmeltz View Post
No, the private key is in all 3.60+ FW and is universal for all PS3s, but the one and only way to get it (which was the ECDSA fail that fail0verflow exploited in 2010) was fixed... So the key cannot be acquired, well unless of course sony decides to just give it out LOL. yeah not gonna happen

Well can't we find another exploit. And im sure anonymous or somebody could get it.
10-28-2012, 11:22 PM #15
Newelly's Avatar
Newelly
Can’t trickshot me!
Originally posted by ericmeltz View Post
Trying to keep this as short and understandable as possible. I discuss why installing a modified PUP (CFW) on a OFW of 3.60+ will not happen anytime soon, so don't get your hopes up.

In 3.56 Sony fixed the metldr exploit (hardware) by wrapping its security around bootldr (hardware)
In 3.60 Sony fixed the ECDSA Algorithm, making the variable which was supposed to be randomly generated work as intended

What does this mean?

The ability to sign files (PUP, PKG, etc...) is lost because of the change of private key (not hardcoded) and the fix of ECDSA prevents us form getting the key again.

TO CLARIFY:

The recent exploit of bootldr (lv0) (hardware, Sony's Final Defense) allow the ability to modify PUPs 3.56+ which is why we are getting 4.21, 4.25, 4.30

BUT since the private key used in the OFW has been changed and is unknown, 3.60+ IS NOT POSSIBLE (Rogero 4.21 and E3 4.30 are still using 3.55 private key which is why you need 3.55)

ECDSA WILL NOT BE CRACKED. If it is, GLOBAL security will be compromised, as many other databases, websites, etc. are using ECDSA




If you need proof or further reading, google ECDSA.

Stolen some of the info from here Winky Winky You must login or register to view this content. right?
10-28-2012, 11:24 PM #16
xXGRIM_REAPERXx's Avatar
xXGRIM_REAPERXx
Splicer
the mans rite not gonna happen or else im sure it would have been done already
10-28-2012, 11:29 PM #17
ericmeltz's Avatar
ericmeltz
Grunt
Originally posted by Newelly
Stolen some of the info from here Winky Winky You must login or register to view this content. right?


ECDSA and its application on the PS3 is common knowledge. Honestly, do I really have to link ps3devwiki or wikipedia Winky Winky ...
10-29-2012, 12:23 AM #18
ericmeltz's Avatar
ericmeltz
Grunt
Originally posted by Ownage
Yes, now skiddies can charge $500+ on ebay for one
/sarcasm


Can you sticky this please? It will save us the headache, thanks!
10-29-2012, 03:03 AM #19
sithxnew's Avatar
sithxnew
Treasure hunter
Thanks for this explanation. I didn't understand why the recent exploit didn't allow it to crack recent firmwares. Shame it is so heavily encrypted stare

Copyright © 2026, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo