Obviously notorious George Hotz has managed to get all 7 SPUs of the Playstation 3’s CPU under his control. This means although he cannot access the CPU’s root key, he now can decrypt everything that’s going thru these SPUs like datastreams of (encrypted) commercial games.
The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.
In the meantime another hacker going under the nick XorLoser has released a more detailed manual of how to use GeoHot’s exploitation files and how to do the glitching.
Besides that XorLoser maintains a plugin for reverser’s beloved Interactive Disassembler (IDA) that contains special PPC instructions for Xbox360 and PS3.
Congratulations to GeoHot. Kudos fly out to XorLoser.
This might not be the news for many of you. Some will already know, others will most likely not even know who Fravia was. Anyway, this news is sad. Fravia has been one of the most outstanding intellectual reverse engineering gurus since the middle of the 1990’s. He seems to be the only one who ever managed to get into direct contact to the mysterious +ORC (Old Red Cracker), who edited the main reverse engineering tutorials during that time.
Fravia anyhow passed away in May, after a long fight against cancer. He has become 56 years only. Our hearts will be with you. Rest in Peace, bro’. You won’t be forgotten.
GeoHot just granted the world an insight into his current work project. It is called EDA and it almost looks like IDA (that btw also includes an iPhone debugger), but EDA seems to go a little further in case of simulator/dissassembler terms.
Geohot says the EDA simulator to:
include version control
allow graphical comparision between different versions of code
handle memory location as files
handle instructions as changelists
This concept he explains should make tracing of memory mapped IO processes “super easy”. But as GeoHot says: “Sadly, it’s still a work in progress. Maybe when its done, I’ll look for the 3G unlock.” Means: this tool is not available to the public, sadly.