Comment: Re:Fail (Score 1) 534
Mod parent up. PSGroove's mention of NOR flash and dongleless jailbreaking is bunk, not sure how they got that.
Comment: Re:Wow... (Score 4, Informative) 534
What did Sony do wrong? Obviously, they could do nothing about a suitably well-equipped hacker physically modifying a PS3 to stop it from verifying at all, or to always return "yup, all good" regardless of the verification outcome; similarly, a firmware bug could allow the same outcome without the expense of physical modification; but how could it be that they would have to put anything in their client(no matter how well hidden by hardware obfuscation/TPMs/smarcards/whatever) that could be used to compute their private key? Isn't a public key, which is a totally safe piece of data to disclose, all you need to verify whether or not something has been signed with the matching private key?
From my layman's understanding of what they did (View the actual conference footage here: http://www.youtube.com/watch?v=GPjd6gHY6A4 ), they don't HAVE the private key. Sony made a big mistake in their key generation method, where they were supposed to use a random value for one variable, they used a static value. Because of that, you're able to generate valid signed packages without the private key.
Comment: Re:How did they get the private key, if they did? (Score 1) 534
They don't have Sony's signing key, from what I've read. What they have is a flaw in the key generation process, which allows them to generate valid signed packages without the private key. In fact, here's the video from the conference itself:
http://www.youtube.com/watch?v=GPjd6gHY6A4
Comment: Re:Epic Fail? Hardly. (Score 1) 534
The people that did this exploit/hack/whatever reportedly only chose this method of action after Sony decided to remove OtherOS support from PS3's. Their stated goal is to get Linux up and running on retail PS3s. Maybe this would've occured a lot quicker if OtherOS never existed.
Sony's PS3 Jailbroken Forever-> 1
Submitted
by
ReportedlyWorking
ReportedlyWorking writes "It appears that Sony's PS3 has been fatally compromised. At the Chaos Communication Congress in Berlin, a team named "fail0verflow" revealed that they had calculated the Private Keys, which would let them or anyone else, generate signed software for the PS3. Additionally, they also claim to have a method of jailbreaking the PS3 without the use of a Dongle, which is the current method. If all these statements are true, this opens the door to custom firmware, homebrew software, and OtherOS! Assuming that Sony doesn't take radical action and invalidate their private keys, this could mean that Jailbreaking is viable on all PS3, regardless of their firmware!
"Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs Following this, the team declared Sony's security to be EPIC FAIL!""
Link to Original Source
"Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs Following this, the team declared Sony's security to be EPIC FAIL!""
Link to Original Source
Comment: Re:P4 pride (Score 1) 354
Wouldn't it make more sense just to load Office 2003 on the C2D machine? It'll be more energy efficient, faster, and has less chance of taking a random nose-dive due to old age.
Comment: Re:WAY UNDERSTAFFED! (Score 1) 414
You, good sir, live in the land of plenty. Can I come?
I think my corp is at about 1 syadmin per 800 people, one netadmin per 1500 people, and about 1 tech support per 700 people. I think the users would be happier with 1 tech support per 250-300users.
Comment: Re:My dept is 'prox 600 computers/3 techs (Score 2, Informative) 414
Lack of AD doesn't prevent automated OS updates. You can implement WSUS without AD, which will take care of many critical OS updates, it just requires that you alter some registry settings and ensure the users have the latest Windows Update client.
MechWarrior: Living Legends enters Public Beta->
Submitted
by
Fireye
Fireye writes "After several years in development, the fan-made Mechwarrior addon for Crysis has entered a public Beta phase! Featured are a smattering of Clan and Inner Sphere Battlemechs, along with Aerospace fighters and Tanks. While it's clear that there's a lot of work yet to be done, the game offers new hope to a somewhat stalled series. Until Smith and Tinker's Mechwarrior sees the light of day, this is the best bet for any Mech Jock to get his or her fix! Catch some of the gameplay here."
Link to Original Source
Link to Original Source
Comment: Re:anyone got hires of the beach scene ?? (Score 1, Informative) 183
The mpg on the creators site is a bit higher quality, but not much.
http://hinome.net/EFh9F10/galaxyrise.jpg
