Monthly Archives: February 2010

[PS3] GeoHot Opens All HV’s SPUs / XorLoser Preps Manual

1 Reply

Obviously notorious George Hotz has managed to get all 7 SPUs of the Playstation 3’s CPU under his control. This means although he cannot access the CPU’s root key, he now can decrypt everything that’s going thru these SPUs like datastreams of (encrypted) commercial games.

The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.

In the meantime another hacker going under the nick XorLoser has released a more detailed manual of how to use GeoHot’s exploitation files and how to do the glitching.

Besides that XorLoser maintains a plugin for reverser’s beloved Interactive Disassembler (IDA) that contains special PPC instructions for Xbox360 and PS3.

Congratulations to GeoHot. Kudos fly out to XorLoser.

Links

» GeoHot: On Isolated SPUs
» XorLoser: PS3 Exploit – Software
» XorLoser: PS3 Exploit – Hardware
» XorLoser: PS3 and Xbox360 IDA PlugIn
» Hex-Rays.com: IDA Pro

[Stories] Lovelock’s Gaia Theory Explained by Himself…

Leave a reply

Following an approach of explaining biological processes on earth the Gaia theory says (the surface) of planet earth including its biosphere can be viewed as a single living organism that every life form is a part of. Sounds familiar? Yes, I bet you’ve watched Avatar in cinema.

The Gaia theory has been developed by biologists Lynn Margulis and James Lovelock in the 1960s. According to them the biosphere as the whole of all organisms creates and maintains conditions required for life and evolution.

Lovelock, however, defines life as a self-preserving, self-similar system of feedback loops like Humberto Maturana’s autopoiesis; as a self-similar system, life could be a cell as well as an organ embedded into a larger organism as well as an individual in a larger inter-dependent social context.

(qt: wikipedia.org)

Links
» GaiaTheory.org
» Wikipedia.org: Gaia Hypothesis
» Ecolog.org: Lovelock

The Open University has compiled a documentary about that theory featuring Lovelock himself:

[Security] Tarnovsky Explains Infineon TPM Hack

1 Reply

On the Black Hat 2010 conference in Crystal City notorious smart card hacker Christopher Tarnovsky explained how he managed to hack current Trusted Platform Modules by Infineon.

This time Tarnovsky managed to read secured data from TPM chips like RSA and DES crypto keys. His approach took six months and a lab consisting of devices for about US$ 200,000. After having found out the exacty way to compromise Infineon’s chips it took only six hours to compromise an XBox 360’s TPM chip.

On the Black Hat 2008 in Amsterdam Tarnovsky said he was offered US$ 100,000 to crack the Xbox 360’s TPM:

A Microsoft engineer is wondering: “Did you take an interest in the processor of our Xbox360 game console?” – “I was offered 100’000 dollars to break it”, says Tarnovsky. “But I replied that that wasn’t enough.”

For people generally interested in approaching smart card security check this article with a video Wired.com featuring Tarnovsky in his security lab.

[Security] Credit Card Authorization Compromised

Leave a reply

Security experts from the Computer Laboratory of the University of Cambridge have compromised the electronic autorization and verification process of major credit and debit cards like EC-Card, Eurocard, Mastercard and VISA (EMV).

The computer scientists team around Steven Murdoch found a flaw in the in the EMV protocol which allows criminals to use a stolen genuine card to make a payment without knowing the card’s PIN.

Using a man-in-the-middle attack they trick the electronic terminal into believing the PIN was verified correctly while telling the terminal to step back into signature based authorization mode.

This being said, credit card companies and banks worldwide will not be able to hide behind the phrase that their systems are secure and that customers who have been stolen credit cards have not observed the rule to destroy their credit card’s PIN. Insurance companies take care: customers recurse receivables against issueing banks are coming.

Links:
» IEEE Symposium on Security and Privacy: Chip and PIN is Broken (PDF)
» BBC.co.uk: New flaws in chip and PIN system revealed
» University of Cambridge: Computer Laboratory

Documentary is courtesy of BBC.co.uk

[Movies] Plastic Planet Feb 25th, 2010 in German Cinemas

Leave a reply

Plastic Planet is an documentary about how plastic materials have become a global threat of life. The movie has been directed by Werner Boote from Austria.

Plastic Planet shows how the industry keeps the chemical composition of plastic products top secret. It also explains that one of the plastic ingredients is Bisphenol A (BPA). BPA is found in many things of our everyday life’s like plastic bottles and baby pacifiers. Among scientists BPA is well known to be posing a threat to health. In January 2010 the U.S. american Food and Drug Administration (FDA) released a statement on BPA:

(..) on the basis of results from recent studies using novel approaches to test for subtle effects, both the National Toxicology Program at the National Institutes of Health and FDA have some concern about the potential effects of BPA on the brain, behavior, and prostate gland in fetuses, infants, and young children (..)

Plastic Planet’s soundtrack is provided by the ambient and dub pioneers of The Orb.

After Let’s Make Money by Erwin Wagenhöfer, Werner Boote seems to be the next austrian filmmaker to help describing downsides of the globalization.

We currently don’t have information how or when this movie is coming to a cinema in the U.S.

» Wikipedia: Bisphenol A
» U.S. Food and Drug Administration: Update on Bisphenol A January 2010
» IMDB.com: Plastic Planet
» Wikipedia: Werner Boote (german)…

Plastic Planet Trailer (german):

Austrian TV documentary about health risks of plastics (german only):

[iPhone] Neurosurgeon Finds Baseband Bug for 3.1.3

Leave a reply

Egyptian neurosurgeon Sherif Hashim seems to have found something very interesting. He found a way to actually crash the iPhone’s baseband 05.12.01 of the latest firmware update 3.1.3.

MuscleNerd of the iPhone Dev Team has confirmed this bug. Though the iPhone Dev Team posted later today that they cannot tell if this bug actually leads to an unlock. The iPhone Dev Team also warns for potential scammers trying to rip us off.

More information to come. Congrats to Egypt! Nice find…

Links

» Sherif Hashim’s intense debate comments…
» MuscleNerd confirms bug on twitter…
» iPhone Dev Team Blog: Scam season
» Incomplete-News.com: Incomplete List of Unlock Scam Sites

[iPhone] No Flash But Lego? Now Adobe Strikes Back…

Leave a reply

Apple now has confirmed to be no fan of Adobe Flash. It is too buggy and not open standard and this and that. And foremost: it is no Apple technology ;-) Well, erm… Aswell as the iPhone the iPad is gonna show those nice and tiny Lego bricks instead of Adobe Flash based content. Bringing the web to your mobile device? Or rather bringing back the Lego bricks from our earliest childhood.

Now Adobe strikes back and reimplemented the iPad with all its amazing, wonderful and outstanding features – using real Lego ;-)

Picture is courtesy of Joe Meno of Brickjournal. Find a lot more pics here

DSC00726

[iPad] Apple Places iPad in Grammy Awards

Leave a reply

American actor Stephen Colbert pulled an unreleased Apple iPad yesterday at the Grammy Awards to read the list of nominees. Colbert said

“I’m sorry where’s the list. Oh, I know! It’s on my iPad. Jay-z, did you not get one of these in your gift bag? Am I cooler than you?

This product placement seems to have happened last minute, as you can tell from the reaction of Colbert’s wife. When asking her with a tongue-in-cheek:

Hunnie, Hunnie, does this make me look cool?

She just disapproves by shaking her head.

Anyway this is psychologically a brilliant step by Apple – as it generates demand for the iPad among the most important multiplier target group – the celebrities.

Enjoy the vid…

Via iClarified.com



[iPhone] iPhone Dev Team Release RedSn0w Unlock Solution

1 Reply

From the iPhone Dev Team’s Wiki:

What is it?

A cross-platform jailbreaking, unlocking, and customizing tool for iPhones and iPod touches. Customizations include boot logos, recovery logos, and “verbose” boot. It’s a standalone program that doesn’t use iTunes (no custom IPSWs are involved).

The download links are at the bottom of this page (but please read the whole page anyway!).

We’ve been offering redsn0w in various incarnations over the years (including poorlad’s Windows version of QuickPwn). The most recent release before this one was redsn0w 0.8, which targeted Apple firmware 3.0/3.0.1.

» More information and download here