The document summarizes the security and hacking history of various consumer electronics devices from 1999-2011. It shows that systems like the PS2, GameCube, and Wii were hacked to enable homebrew and piracy within months of release, while the Xbox 360 and PS3, with more advanced security features, have still not been fully hacked over 5 years later. The group Fail 0verflow is known for hacks of the Wii and other embedded systems.
This is a presentation I made as final project for my Account Planning class at OU. It is outdated but it still is a great example of a good argument in a presentation.
This document discusses the history and strategy of Microsoft's Xbox video game console. It provides an overview of the company's vision in developing the Xbox, the competitive gaming industry, and Xbox's competitors. The document outlines the development and launches of the original Xbox console, Xbox Live online service, Xbox 360, and later Kinect motion control. It examines Microsoft's research, messaging, acquisition strategy, key success factors of Xbox Live, and how Xbox drove innovation in the gaming industry.
Vide Game Industry - Case Linköping UniversityAntonio Saad
The video game industry has gone through 7 generations of products and consoles since 1972. Key developments include the introduction of CD-ROMs and online capabilities. Competition is intense between Nintendo, Sony, and Microsoft who must respond flexibly to changes. Success requires high flexibility, controlling software sales, setting standards, and producing user-friendly devices. Strategies have shifted from price competition to differentiation through graphics, online features, and targeting new audiences. Dynamic capabilities will be crucial for companies to achieve new competitive advantages in the rapidly changing industry.
The document discusses the Xbox Development Kit (XDK), which is a software development kit created by Microsoft to allow developers to write software for the Xbox gaming system. The XDK includes tools, libraries and a compiler. It can be integrated with Microsoft Visual Studio and includes a tool for recording in-game footage. Different types of Xbox development kits are discussed, including demo kits, reviewer kits, test kits and development kits, each with different capabilities for developing and testing Xbox games. Key features of the Xbox One such as Kinect, cloud storage, and independent developer support are also summarized.
The document discusses research conducted on video game console and game preferences. It found that the Xbox consoles are currently the most popular, and Call of Duty and GTA are the most popular games. Most people prioritize good graphics and high specs in a console. Based on this research, the author concludes that the console they want to create should have very high specifications to run the latest, graphics-intensive games.
ELC 2010 - GeeXboX Enna: Embedded Media CenterBenjamin Zores
GeeXboX Enna is an embedded media center application built using the Enlightenment Foundation Libraries. It provides a small footprint interface for playing multimedia content from local and networked sources. Enna relies on GeeXboX libraries like libplayer for playback and libvalhalla for metadata retrieval. The developer aims to port Enna to ARM devices and integrate more online content and hardware acceleration capabilities.
This month:
* Command & Conquer
* How-To : Install Oracle, LibreOffice, and dmc4che.
* Graphics : GIMP Perspective Clone Tool and Inkscape.
* Linux Labs: Kodi/XBMC, and Compiling a Kernel Pt.2
* Arduino
plus: News, Q&A, Ubuntu Games, and soooo much more.
This is a presentation I made as final project for my Account Planning class at OU. It is outdated but it still is a great example of a good argument in a presentation.
This document discusses the history and strategy of Microsoft's Xbox video game console. It provides an overview of the company's vision in developing the Xbox, the competitive gaming industry, and Xbox's competitors. The document outlines the development and launches of the original Xbox console, Xbox Live online service, Xbox 360, and later Kinect motion control. It examines Microsoft's research, messaging, acquisition strategy, key success factors of Xbox Live, and how Xbox drove innovation in the gaming industry.
Vide Game Industry - Case Linköping UniversityAntonio Saad
The video game industry has gone through 7 generations of products and consoles since 1972. Key developments include the introduction of CD-ROMs and online capabilities. Competition is intense between Nintendo, Sony, and Microsoft who must respond flexibly to changes. Success requires high flexibility, controlling software sales, setting standards, and producing user-friendly devices. Strategies have shifted from price competition to differentiation through graphics, online features, and targeting new audiences. Dynamic capabilities will be crucial for companies to achieve new competitive advantages in the rapidly changing industry.
The document discusses the Xbox Development Kit (XDK), which is a software development kit created by Microsoft to allow developers to write software for the Xbox gaming system. The XDK includes tools, libraries and a compiler. It can be integrated with Microsoft Visual Studio and includes a tool for recording in-game footage. Different types of Xbox development kits are discussed, including demo kits, reviewer kits, test kits and development kits, each with different capabilities for developing and testing Xbox games. Key features of the Xbox One such as Kinect, cloud storage, and independent developer support are also summarized.
The document discusses research conducted on video game console and game preferences. It found that the Xbox consoles are currently the most popular, and Call of Duty and GTA are the most popular games. Most people prioritize good graphics and high specs in a console. Based on this research, the author concludes that the console they want to create should have very high specifications to run the latest, graphics-intensive games.
ELC 2010 - GeeXboX Enna: Embedded Media CenterBenjamin Zores
GeeXboX Enna is an embedded media center application built using the Enlightenment Foundation Libraries. It provides a small footprint interface for playing multimedia content from local and networked sources. Enna relies on GeeXboX libraries like libplayer for playback and libvalhalla for metadata retrieval. The developer aims to port Enna to ARM devices and integrate more online content and hardware acceleration capabilities.
This month:
* Command & Conquer
* How-To : Install Oracle, LibreOffice, and dmc4che.
* Graphics : GIMP Perspective Clone Tool and Inkscape.
* Linux Labs: Kodi/XBMC, and Compiling a Kernel Pt.2
* Arduino
plus: News, Q&A, Ubuntu Games, and soooo much more.
Veda Solutions Providing Training for Embedded Linux Platform Developer. Here are the Introductions and course details. http://techveda.org/embedded-linux-platform-developer/
RDSDataSource: iOS Reverse Engineering for inexperiencedRAMBLER&Co
Валерий Попов рассказывает о том, как организован процесс реверс-инжиниринга iOS приложений.
RDSDataSource - внутренние пятничные митапы iOS-команды RAMBLER&Co.
Tegra 186 (Tegra-P1 : Pascal GPU搭載のTegra)のu-bootとLinuxについて、
特に、BPMP (Boot and Power Management Processer)に関してです。
About u-boot and Linux of Tegra 186 (Tegra-P1: Tegra with Pascal GPU)
In particular, it is about BPMP (Boot and Power Management Processer).
LCU13: Deep Dive into ARM Trusted Firmware
Resource: LCU13
Name: Deep Dive into ARM Trusted Firmware
Date: 31-10-2013
Speaker: Dan Handley / Charles Garcia-Tobin
LCU13: An Introduction to ARM Trusted FirmwareLinaro
Resource: LCU13
Name: An Introduction to ARM Trusted Firmware
Date: 28-10-2013
Speaker: Andrew Thoelke
Video: http://www.youtube.com/watch?v=q32BEMMxmfw
The document discusses the transition from 8-bit to 16-bit and 32-bit video game systems in the 1990s. It focuses on the key player 3DO, which aimed to create a 32-bit CD-ROM gaming console but ultimately failed. 3DO's $700 price point was too high compared to competitors like Sega Saturn and Sony PlayStation. It also lacked exclusive games, had only one controller port, and was marketed more as a multimedia device than a dedicated game system. For 3DO to succeed it needed a lower price, exceptional exclusive games, and to better compete with other consoles for gamers' loyalty.
Ralph Baer and his team created the first video game console called the "Brown Box" in 1967 which connected to televisions and allowed two squares to chase each other on screen. The Magnavox Odyssey, released in 1972, was the first commercial video game console featuring cartridges. The Intellivision, released in 1980, was Mattel's response to the popular Atari 2600 and featured synthesized voices. Sony's PlayStation, launched in 1995, was one of the most popular 32-bit consoles and used CD-ROM technology to reduce game costs. The PlayStation 2, released in 2000, could play PlayStation games and was also a DVD player, making it the best-selling console of its generation.
Bajo - Psyke: EMulazione PS1... da Firenze alla CinaCodemotion
This document summarizes the history and development of emulating the Sony PlayStation console. It describes how emulation began with early emulators like PSEmu and PsyKe in the late 1990s and early 2000s. It then provides an overview of the PlayStation hardware specifications, including details about its CPU, RAM, GPU, and audio capabilities. The document outlines some of the challenges faced in early PlayStation emulation like implementing 3D graphics and its copy protection schemes. It concludes by discussing the author's work on PlayStation emulation and porting their emulator to China.
The document discusses research conducted on video game console and game preferences. It finds that the Xbox consoles are currently the most popular, and that Call of Duty and GTA are the most popular games. It also finds that gamers prioritize good graphics and high specs in a console. The document suggests creating a new console that has very high specifications to be able to run the latest, most graphically demanding games.
The document provides a history of several important video game systems and games from the 1970s to the 1990s. It describes the Sega Master System and Sega Mega Drive/Genesis consoles from the 1980s, including their specifications. It also summarizes the Super Nintendo Entertainment System from 1990 and key games that helped establish genres like platformers, fighting games, first-person shooters, real-time strategy games, and rhythm games. Maze War from 1974 is highlighted as one of the earliest multiplayer 3D games and a precursor to first-person shooters.
Milkymist One is a new type of open source computer designed for audio and video creation. It uses FPGAs that can be programmed in Verilog and VHDL, allowing for hardware-accelerated visual effects. All of its software and hardware plans are released under open source licenses to encourage collaboration and sharing improvements. The developer's goals are to continue developing its capabilities and eventually produce GPL-licensed ASICs based on the Milkymist One design.
Sperimentazioni di tecnologie e comunicazioni Multimediali: Lezione 2Salvatore Iaconesi
This document provides a history of video game and technology companies from the late 1800s to present day. Some of the key events summarized are:
- In the late 1800s and early 1900s, several companies are formed that will later become leaders in consumer electronics and video games, such as Nintendo, Sony, and SEGA.
- In the 1970s, the first arcade video games are created by Nutting Associates and Atari. The Magnavox Odyssey console is also released.
- The 1980s see the rise of the Atari VCS/2600 and introduction of popular games like Space Invaders. Nintendo enters the market with the NES in 1985.
- The 1990s
How to Jailbreak a PS3 on Firmware 4.2531colonyfired
This document provides a history of jailbreaking attempts for the PlayStation 3 from its earliest exploits to the current state. It discusses various jailbreaking methods and devices over time, including Geohot's work, the first jailbreak dongle, firmware updates from Sony that blocked exploits, and the work of fail0verflow, geohot, and others to find vulnerabilities in the system. The most recent goal mentioned is developing a jailbreak for firmware 4.21 that would provide full access and compatibility with online features and the PlayStation Store.
Demoscene (Underground Real-Time Art) was born in the computer underground, and demos are the product of extreme programming and self-expression (see for example http://youtu.be/UmS6LtNwMcE). Many demoscene productions are inspired by real science, which is presented in very creative ways – visuals synchronised with the music to achieve maximum awesomeness, but also sending strong message to the viewer. Come and listen to stories about connecting design, art and science together, and also about some coding tricks.
Veda Solutions Providing Training for Embedded Linux Platform Developer. Here are the Introductions and course details. http://techveda.org/embedded-linux-platform-developer/
RDSDataSource: iOS Reverse Engineering for inexperiencedRAMBLER&Co
Валерий Попов рассказывает о том, как организован процесс реверс-инжиниринга iOS приложений.
RDSDataSource - внутренние пятничные митапы iOS-команды RAMBLER&Co.
Tegra 186 (Tegra-P1 : Pascal GPU搭載のTegra)のu-bootとLinuxについて、
特に、BPMP (Boot and Power Management Processer)に関してです。
About u-boot and Linux of Tegra 186 (Tegra-P1: Tegra with Pascal GPU)
In particular, it is about BPMP (Boot and Power Management Processer).
LCU13: Deep Dive into ARM Trusted Firmware
Resource: LCU13
Name: Deep Dive into ARM Trusted Firmware
Date: 31-10-2013
Speaker: Dan Handley / Charles Garcia-Tobin
LCU13: An Introduction to ARM Trusted FirmwareLinaro
Resource: LCU13
Name: An Introduction to ARM Trusted Firmware
Date: 28-10-2013
Speaker: Andrew Thoelke
Video: http://www.youtube.com/watch?v=q32BEMMxmfw
The document discusses the transition from 8-bit to 16-bit and 32-bit video game systems in the 1990s. It focuses on the key player 3DO, which aimed to create a 32-bit CD-ROM gaming console but ultimately failed. 3DO's $700 price point was too high compared to competitors like Sega Saturn and Sony PlayStation. It also lacked exclusive games, had only one controller port, and was marketed more as a multimedia device than a dedicated game system. For 3DO to succeed it needed a lower price, exceptional exclusive games, and to better compete with other consoles for gamers' loyalty.
Ralph Baer and his team created the first video game console called the "Brown Box" in 1967 which connected to televisions and allowed two squares to chase each other on screen. The Magnavox Odyssey, released in 1972, was the first commercial video game console featuring cartridges. The Intellivision, released in 1980, was Mattel's response to the popular Atari 2600 and featured synthesized voices. Sony's PlayStation, launched in 1995, was one of the most popular 32-bit consoles and used CD-ROM technology to reduce game costs. The PlayStation 2, released in 2000, could play PlayStation games and was also a DVD player, making it the best-selling console of its generation.
Bajo - Psyke: EMulazione PS1... da Firenze alla CinaCodemotion
This document summarizes the history and development of emulating the Sony PlayStation console. It describes how emulation began with early emulators like PSEmu and PsyKe in the late 1990s and early 2000s. It then provides an overview of the PlayStation hardware specifications, including details about its CPU, RAM, GPU, and audio capabilities. The document outlines some of the challenges faced in early PlayStation emulation like implementing 3D graphics and its copy protection schemes. It concludes by discussing the author's work on PlayStation emulation and porting their emulator to China.
The document discusses research conducted on video game console and game preferences. It finds that the Xbox consoles are currently the most popular, and that Call of Duty and GTA are the most popular games. It also finds that gamers prioritize good graphics and high specs in a console. The document suggests creating a new console that has very high specifications to be able to run the latest, most graphically demanding games.
The document provides a history of several important video game systems and games from the 1970s to the 1990s. It describes the Sega Master System and Sega Mega Drive/Genesis consoles from the 1980s, including their specifications. It also summarizes the Super Nintendo Entertainment System from 1990 and key games that helped establish genres like platformers, fighting games, first-person shooters, real-time strategy games, and rhythm games. Maze War from 1974 is highlighted as one of the earliest multiplayer 3D games and a precursor to first-person shooters.
Milkymist One is a new type of open source computer designed for audio and video creation. It uses FPGAs that can be programmed in Verilog and VHDL, allowing for hardware-accelerated visual effects. All of its software and hardware plans are released under open source licenses to encourage collaboration and sharing improvements. The developer's goals are to continue developing its capabilities and eventually produce GPL-licensed ASICs based on the Milkymist One design.
Sperimentazioni di tecnologie e comunicazioni Multimediali: Lezione 2Salvatore Iaconesi
This document provides a history of video game and technology companies from the late 1800s to present day. Some of the key events summarized are:
- In the late 1800s and early 1900s, several companies are formed that will later become leaders in consumer electronics and video games, such as Nintendo, Sony, and SEGA.
- In the 1970s, the first arcade video games are created by Nutting Associates and Atari. The Magnavox Odyssey console is also released.
- The 1980s see the rise of the Atari VCS/2600 and introduction of popular games like Space Invaders. Nintendo enters the market with the NES in 1985.
- The 1990s
How to Jailbreak a PS3 on Firmware 4.2531colonyfired
This document provides a history of jailbreaking attempts for the PlayStation 3 from its earliest exploits to the current state. It discusses various jailbreaking methods and devices over time, including Geohot's work, the first jailbreak dongle, firmware updates from Sony that blocked exploits, and the work of fail0verflow, geohot, and others to find vulnerabilities in the system. The most recent goal mentioned is developing a jailbreak for firmware 4.21 that would provide full access and compatibility with online features and the PlayStation Store.
Demoscene (Underground Real-Time Art) was born in the computer underground, and demos are the product of extreme programming and self-expression (see for example http://youtu.be/UmS6LtNwMcE). Many demoscene productions are inspired by real science, which is presented in very creative ways – visuals synchronised with the music to achieve maximum awesomeness, but also sending strong message to the viewer. Come and listen to stories about connecting design, art and science together, and also about some coding tricks.
1. 27th Chaos Communication Congress
Console Hacking 2010
PS3 Epic Fail
bushing, marcan, segher, sven
Mittwoch, 29. Dezember 2010
2. Who are we?
• In 2008 at 25c3 these teams worked together as
'WiiPhonies'
• We won the 25c3 CTF
• We changed our name to 'Fail 0verflow'
• Not trademark infringing
• The domain was available
• The ratio of fail to win is high.
We've been collaborating on various embedded and thought expansive projects, the most famous of which that
hit the press earlier this year was the full reconstruction of the $REDACTED allowing $REDACTED to be
completely broken, that was a fun couple of weeks.
Mittwoch, 29. Dezember 2010
3. Wii had a good run
• 3 years, 9 firmware updates, 1 real feature
• 73 mil. consoles, 30 mil. vuln. bootloaders
• 1 million users of Homebrew Channel
Mittwoch, 29. Dezember 2010
4. Wii Xbox 360 PS3
2006
2007
2008
2009
2010
2011
t
Mittwoch, 29. Dezember 2010
5. Wii Xbox 360 PS3
2006
Drivechips
2007
Twiizer Attack
2008 Twilight Hack
Homebrew
Channel
2009 Bannerbomb
Indiana Pwns
Bannerbomb
for 4.2
2010
latest update
broken
2011
t
Mittwoch, 29. Dezember 2010
6. Wii Xbox 360 PS3
2006
Drive firmware
hacked
Drivechips King Kong Hack
2007
Twiizer Attack
2008 Twilight Hack
Homebrew
Channel
2009 Bannerbomb
JTAG Hack
Indiana Pwns
Bannerbomb
for 4.2
2010
latest update
broken
2011
t
Mittwoch, 29. Dezember 2010
7. Wii Xbox 360 PS3
2006
Drive firmware
hacked
Drivechips King Kong Hack
2007
Twiizer Attack
OtherOS
RSX exploit
2008 Twilight Hack
Homebrew
Channel
2009 Bannerbomb
JTAG Hack
Indiana Pwns slim w/o Linux
Bannerbomb released
for 4.2 Geohot’s hack
2010 Linux removed
latest update Jailbreak
broken Downgrade
this talk :)
2011
t
Mittwoch, 29. Dezember 2010
78. C++ Objects
VTABLE POINTER
INTERFACE OBJECT #N
C++
VTABLE POINTER
INTERFACE OBJECT #N+1
C++
VTABLE POINTER
INTERFACE OBJECT #N+2
C++
Mittwoch, 29. Dezember 2010
79. C++ Objects
VTABLE POINTER
INTERFACE OBJECT #N
C++
CONFIGURATION #3 INTERFACE #1
INTERFACE OBJECT #N+1
C++
VTABLE POINTER
INTERFACE OBJECT #N+2
C++
Mittwoch, 29. Dezember 2010
80. C++ Objects
VTABLE POINTER
INTERFACE OBJECT #N
C++
CONFIGURATION #3 INTERFACE #1
PAYLOAD POINTER
INTERFACE OBJECT #N+1
C++
VTABLE POINTER
INTERFACE OBJECT #N+2
C++
Mittwoch, 29. Dezember 2010
83. You have earned a trophy.
LV2 Code Execution
Mittwoch, 29. Dezember 2010
84. NO W^X in LV2
Any old exploit == code execution
Mittwoch, 29. Dezember 2010
85. Hypervisor allows
unsigned code
It happily marks pages as executable and plays no role
in enforcing that only trusted code runs
Mittwoch, 29. Dezember 2010
86. Results
• LV2 “GameOS” compromised
• LV1 Hypervisor NOT compromised
• Secure SPE NOT compromised
Mittwoch, 29. Dezember 2010
87. Resultsearned a trophy.
You have
Piracy
• LV2 “GameOS” compromised
• LV1 Hypervisor NOT compromised
• Secure SPE NOT compromised
• Piracy
Mittwoch, 29. Dezember 2010
88. Fail Security Model
• The hypervisor does not enforce LV2 and
game integrity
• You can just patch LV2 to run games from
HDD
Mittwoch, 29. Dezember 2010
93. Downgrades
• Sony fixed the exploit
Mittwoch, 29. Dezember 2010
94. Downgrades
• Sony fixed the exploit
• Service mode triggered by USB “JIG”
• HMAC authenticated, keys dumped
Mittwoch, 29. Dezember 2010
95. Downgrades
• Sony fixed the exploit
• Service mode triggered by USB “JIG”
• HMAC authenticated, keys dumped
• Leaked service app used to enable
downgrades
Mittwoch, 29. Dezember 2010
96. Downgrades a trophy.
You have earned
More Piracy
• Sony fixed the exploit
• Service mode triggered by USB “JIG”
• HMAC authenticated, keys dumped
• Leaked service app used to enable
downgrades
Mittwoch, 29. Dezember 2010
98. AsbestOS
• Replace LV2/GameOS in memory
Mittwoch, 29. Dezember 2010
99. AsbestOS
• Replace LV2/GameOS in memory
• OtherOS mode and GameOS mode are
virtually identical
• Except GameOS can do more stuff, e.g. 3D
Mittwoch, 29. Dezember 2010
100. AsbestOS
• Replace LV2/GameOS in memory
• OtherOS mode and GameOS mode are
virtually identical
• Except GameOS can do more stuff, e.g. 3D
• Run Linux again (even on the Slim!)
Mittwoch, 29. Dezember 2010
101. AsbestOS
• Replace LV2/GameOS in memory
• OtherOS mode and GameOS mode are
virtually identical
• Except GameOS can do more stuff, e.g. 3D
• Run Linux again (even on the Slim!)
• Use NetRPC to remote-control the PS3 and
experiment...
Mittwoch, 29. Dezember 2010
102. SELFs
SCE header
ehdr + phdr
ehdrehdr + phdr
encrypted metadata key
metadata
ECDSA signature
{
ehdr + phdr (again...)
phdr #0 data
#0
phdr #1 data
ELF ...
phdr #N data
Mittwoch, 29. Dezember 2010
103. SELFs
SCE header
ehdr + phdr
ehdrehdr + phdr
encrypted metadata key
r key
l oade
metadata
ECDSA signature
{
SELF key
ehdr + phdr (again...)
phdr #0 data
#0
phdr #1 data
ELF ...
phdr #N data
Mittwoch, 29. Dezember 2010
104. SELFs
SCE header
ehdr + phdr
ehdrehdr + phdr
encrypted metadata key
er key
load
metadata
AES
ECDSA signature
{
SELF key
ehdr + phdr (again...)
phdr #0 data
#0
phdr #1 data
ELF ...
phdr #N data
Mittwoch, 29. Dezember 2010
105. SELFs
SCE header
ehdr + phdr
ehdrehdr + phdr
encrypted metadata key
er key
load
metadata
AES
ECDSA signature
{
SELF key
AES + SHA-1
ehdr + phdr (again...)
phdr #0 data
#0
phdr #1 data
ELF ...
phdr #N data
Mittwoch, 29. Dezember 2010
106. The Oracle
• Sony‘s idea: “No one can see our code!”
• ... unless the PPE is compromised
• Decrypting all code possible from GameOS
• security coprocessor pointless!
• But we want keys!
Mittwoch, 29. Dezember 2010
107. The Oracle a trophy.
You have earned
Obfuscation useless
• Sony‘s idea: “No one can see our code!”
• ... unless the PPE is compromised
• Decrypting all code possible from GameOS
• security coprocessor pointless!
• But we want keys!
Mittwoch, 29. Dezember 2010