Changes

Jump to navigation Jump to search
899 bytes added ,  22:40, 6 December 2016
no edit summary
Line 1: Line 1:  +
This module implements TLS for the Vita in most use cases (including PSN access). Notably, WebKit does not seem to use this but it shares the CA list in <code>vs0:data/external/cert/CA_LIST.cer</code>. CA_LIST.cer includes all the usual root CAs and in addition, 5 SCE signed ROOT CAs. Note that because the SCE root CAs are also used in WebKit and other apps (email for example), it is possible for Sony to do a [https://en.wikipedia.org/wiki/Man-in-the-middle_attack MITM] attack on any of their users. This is a privacy hole for users, but it seems that the same policy is in place in PSP, PS3, and likely PS4 as well. Although CA_LIST.cer is unsigned, just like in later PS3 firmwares, Sony stores the hash of all certificates in SceLibSsl (which itself is signed). This makes an theoretical attack of adding a root CA on an updated Vita in order to extract the platform passphrase impossible.
 +
 
== Module ==
 
== Module ==
  

Navigation menu