However, a software flaw in the way it generated the signatures was effectively painting the private key on the side of every signed code module released.Īnd people still think crypto isn't dangerous? It (probably) only exists at some locked down code-signing center. The cool thing about this flaw is that the private key is not present in the PS3 anywhere. Apparently Sony doesn't read our blog because we discussed this flaw before:Īnd before that, we discussed a variant of this attack when the Debian PRNG was broken: Two (or more) ECDSA signatures were generated with the same secret nonce. They were able to do this because (surprise), there was a crypto mistake in the implementation. They can sign any hypervisor they want, which leads to running any code you want. This is like discovering Verisign's private key - you can now issue any SSL cert you want. A team comprised of Wii hackers has discovered Sony's main boot-signing private key. The more interesting hack was announced at 27c3. The main focus of the linked article at is a key which is used to HMAC-authenticate the service mode dongle. The two exploits in the subject line are two completely separate things.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |