Slashdot Mirror
PSP Firmware Downgrader Released
roka writes "SonyxTeam has just released a downgrader for the PSP using the toc2rta 2.0 overflow in libtiff. This has been tested and found working by PSP news sites. This is basically opening all sold models of the PSP to homebrew applications and will boost homebrew software development for Sony's handheld."
This is the first time a buffer overflow is used for non-evil purposes.
*SIGH* Wish all the hackers out there were like this guy.
Is "homebrew software development" the new euphemism for "piracy"? You know, how 99.99% of everyone who got mod chips for their ps2 and xbox was just so they could "run linux" ?
consumers increasing the value of the products they've purchased? tailoring them to their own sinister ends? i predict massive retaliation.
and the best kind of retaliation! fruitless retaliation.
gg.
How many people are really using this stuff, vs. the total user base?
The mainstream market isn't even aware hacks like this exist (much less where to find or how to use them), for the most part.
It didn't take long until they patched 1.50. This has been an ongoing process. They will patch the overflow, make the next gen of game require the patched update (Although there is a loader that fakes the psp's firmware). All this means is that everyone who buys a PSP up until the next firmware starts hitting the market will be able to run homebrew, and we will hear whining from all the 2.X people about being locked out of the homebrew scene. But its good news for a little while!
At last, a second chance for those who upgraded their original 1.0 firmware and instantly regretted doing it once the homebrew hacks were discovered. This hack comes at a much better time for enthusiasts to benefit and make use of the hack, if they desire, before Sony patch the hole (not to mention leaving a large number of PSP's out there on the available market running a hackable firmware..). Of course all this would be moot if Sony would just embrace the developer community surrounding the PSP and support it appropriately, instead of them having to go to these lengths.
Business Voyeur
Welcome to the world of Homebrew and Emulation on the PSP, theres emulators for most of the popular systems and nearly 150 games, demos, multimedia and apps for the PSP Emulation and Homebrew scenes, the 2 sites to visit to get all of these are http://psp-news.dcemu.co.uk/ & http://psp-archive.de/ Be sure to pay em a visit One quick comment i hope Sony havent noticed that a certain PSP site (pspupdates) are hosting the firmware file which im sure is illegal, oh well its up to them i supose. Thanks to Yoshihiro and JohnMPH for this great release :)
This is very true. A few months ago I started seeing a lot of used psps being sold on sites like craigslist.com. The ones I contacted about why they were selling their psps basically said that games/movies were pretty expensive.
www.samuraidreams.com - My Blog
www.samuraifiles.com - Get Some Videos Here
I learned from Skylark who was part of the downgrade developing group that SonyxTeam was NOT involved in the creation of this downgrade AT ALL. Instead MPH did released it.
:(
Sorry for messing up, please update the story for I don't think SonyxTeam's name deserves to be mentioned in the news
I'd say Yarrr!! Monkey Island for PSP here we come!
--Agnostics are those that don't have the guts to admit there are no higher powers.
Yes, I know it's less powerful and less sexy, but I'm still waiting for a GP2X. Should be cheaper and DESIGNED to run my own programs. I write silly little games for my laptop (not worthy to be sourceforged, mostly about the level of addictive flash games), and I want to write silly little games to play on the shuttle bus to campus. And I want to run other people's silly little games and Yar's Revenge, which I bought Back in the Day and feel no urge to buy again.
According to PSPUpdates, SonyXTeam has NOTHING to do with this. It is the sole creation of Team MPH.
SonyXTeam is comprised of former members of Team WAB, a group that conned hundreds of people out of their money.
WAB said that they would be releasing a downgrader on September 1, and opened up a Paypal account for donations.
Then members of WAB claimed to have been arrested, and they claimed that their hard drive crashed. If anyone came on their IRC server and asked about the downgrader, they were kicked off. Then the team split up, and the "main coder" of the supposed downgrader went over to SonyXTeam.
This coder, Yoshihiro, is well known throughout the XBox scene as a fake who stole the code of others and claimed it as his own. He is doing the same thing here with the real downgrader.
I am scientifically inaccurate.
as far as piracy of UMD games goes, well that is one of the more boring uses of an 'unlocked' PSP.
the PSP is a rather nice piece of hardware, and you'd be amazed at the stuff that people have got running on it - much more than just 'homebrew pong'.
there are of course the multitude of emulators, so you can have your favourite 8-bit microcomputer, or home console with you on the bus. there is already a good implementation of the SCUMM Virtual Machine, so you can play all (well, most) of your favourite Lucasarts graphic adventures, there's a passable Doom engine running on it, a really promising LUA implementation, DOSBOX, and a zillion other things that are under development right this minute.
slashdot is not condoning piracy with this post, they are simply highlighting the truly creative use of computing hardware - a concept that warms the cockles of many slashdotters!
Yoshi, the ex-member of WAB who recently got kicked out for mischievous activities including stealing money in a PayPal SCAM and ripping off code from other authors now states on his new page that he created the PSP v2.0 Downgrader with MPH and that MPH simply "forgot" to include that in the readme. With his past history and apparent lack of ability to spell correctly I highly doubt that he had anything to do with this downgrader, but until MPH responds or if they don't respond we'll know who is telling the truth or not. UPDATE: MPH has just spent some time online and didn't mention a single word about Yoshi's involvement. Guess Yoshi is trying to take credit for something he had no part in afterall. UPDATE: www.wab.com the group Yoshi was kicked out of has an information article about Yoshi and the fact that he didn't have anything to do with the downgrader.
[ brakken ]
It is only an overflow bug in a library, Sony will certainly patch it in the near future and the PSP will become increasingly tougher to crack open.
AFAIK, the PSP is the first major proprietary system with user-uppgradable firmware. In any case, the 1.00-2.00 trend indicates that Sony does not intend to let the PSP remain crackable indefinitely if it can do something about it... and fixing the exploit sounds like minimal effort.
I am betting that the PSP firmware and/or SDK has provisions for triggering automatic firmware upgrades when a disc containing a newer valid firmware is first loaded. Throw in firmware signature checks in new games and this either makes PSP hobbyists lives increasingly less convenient or forces them to choose between hobby and running Y2K6+ games.
Sony is in the business for profits... and profits come from title licenses for commercial PSP media. To get media endorsement for the PSP, Sony has to demonstrate that the media and platform are a perfect lock-in solution. Exploits like these un-upgrade hacks put a dent in Sony's PSP lock-in desires so they need to be ironed out to make content providers happy and keep the license money flowing in.
Does it suck? Yes. But that is how this particular business model works.
homebrew != arbitrary code execution.
and remember, each purchased unit belongs wholly and solely to you. you own the chips inside the machine, you own the lcd screen, you own the interconnects, you own the speakers, you own the right to fully access each of them.
calling it "homebrew" does a disservice to the property rights "movement". it makes it sound like you have no business using and programming the chips you paid good money for.
Arbitrary Code Execution, ACE.
using technical means to prevent you using your own property is a crime in my book.
and no, "business model" is no excuse in removing your lawful rights in using your own property any way you wish. sell it for 3 times as much but leave my access alone. i want it to make it illegal to rent products but call it buying. if you want people to have limited access, call it renting and then set prices accordingly. if you want to sell items outright, then behave accordingly. the problem is, they want the benefits of selling with the benefits of renting. that's a commerce no no not to mention unethical and immoral.
please don't use the word "homebrew" or if you feel you must, at least give it some thought each time you do.... see if it matches up with the world you want to live in. words have a lot of power... use it wisely.
Science : Proprietary , Knowledge : Open Source