Sony Has Lost the PS3 Hacking War

YokimaSun writes "Sony may have dealt a major blow to the PSjailbreak sellers, but the release last week of PSGroove, an open source version of the hack, has now opened the floodgates of ports to mobile phones such as the Nokia N900 and Palm Pre. The final kick in the teeth is that a port of the exploit has been released by Waninkoko of Wii custom firmware fame for the Dingoo Handheld, which is a homebrew console that is very popular amongst emulation fans. It makes you smile that you can use one homebrew console to hack another to get homebrew on that console. Awesome." pudge notes that you can apparently do the same with a TI-84 Plus graphing calculator (YouTube video).

The only thing Waninkoko is famous for...

The only thing Waninkoko is famous for is not thinking before releasing things. He put out a USB .iso loader, for example, that made the pirating possible on a large scale and caused Nintendo to step up patching the Team Twiizers hacks. Don't paint him as a god! He didn't even make any "Custom Firmware", only a few patches to the wii's system menu.

Re:The only thing Waninkoko is famous for...

[marcansoft]

Even worse, he's directly responsible for bricking hundreds of consoles due to shoddy code (his "custom updater" and "custom downgrader" saga; at one point running one of his tools bricked your console 100% of the time) and generally speaking hasn't made any contributions to homebrew, instead opting to cobble together pieces of homebrew code to make pirac^H^H^H^H^Hbackup tools, often without following the licences.

He's only jumping on the PS3 bandwagon to get some attention, which is something he loves. If he ever releases anything halfway meaningful for the PS3, I can pretty much guarantee it'll be a port or simple combination of existing tools in a slightly more "marketable" way, with a "healthy" dose of his sponsor's logos, as his Wii releases always have been.

True story: he released his USB loader about 20-30 days after someone actually wrote a high-speed USB driver, which was the final piece of the puzzle. For kicks, after his announcement but before the release, I proceeded to independently create an equivalent USB loader, to gauge how much work had to go into it. ~200 lines of code and 6 hours, not counting time spent writing a silly menu and slapping in logos.

Re:The only thing Waninkoko is famous for...

[FrangoAssado]

Why is this modded troll? Anyone who follows the Wii homebrew scene knows Waninkoko has been very disruptive to people who want to write and run homebrew code without having anything to do with piracy.

See also for example this post from another Homebrew Channel developer. And this from marcan (presumably the parent) about how he wrote an USB loader in 6 hours just to show it's no big deal, given everything other people had already done.

Re:The only thing Waninkoko is famous for...

[xtracto]

Nah... I have followed the Wiiscene for quite some time (including the demise of TehSkeen, Marcan's whiny rants,etc ) and some "scene" guys are angry at Waninkoko/Wiigator, etc because they release stuff allowing to run backups.

See, there is a certain segment of the WiiScene which are a bunch of Mother Theressas and the only mention of backup launcher gets their panties in a bunch.

Other segment just do not see software itself as "evil" or bad and use whatever tools there are to increase the functionality of the console (as other person commented in this story for the PS3, it is good being able to rip your games into a USB drive).

And of course there is people who use such tools to steal software.

Lost the war?

[socsoc]

Maybe this battle was a loss, but as long as Song can force firmware updates, the war is far from over.

There's aslo an iOS version being made that'll run from a jailbroken iPhone.

Ridiculous submission

[Goaway]

The hack exploits a bug in the USB code on the PS3. A firmware update will render every single one those hack versions useless.

That's nowhere near a victory of any kind.

Re:Ridiculous submission

You underestimate the consequences of this. To do anything exotic you would need to change the shellcode to launch your own unsigned bootloader instead of tricking the Sony system software into thinking we have a Jig; but if you do, you have complete control.

With more development, you could fake it perfectly - the PS3's own security capabilities (that were used to such effect in the OtherOS hypervisor that needed a hardware glitch to even come close to breaking) can also be used against it, to stealth DNAS and firmware updates and make any changes we like to the running code, undetectably.

An SPU in security mode is latched off the bus so that the CPU and other SPUs can't tamper with it. DNAS has to blindly trust it is running signed code - and that trust root is now gone, because if it isn't, and it lies, it lies convincingly. This is a design flaw in the trust root of Sony's DNAS ("Dynamic Network Authentication System") DRM - which actually encompasses the entire corpus of copy protection technologies on the PS3, including the clock (really), code signing, anti-cheat, disc authentication, rental timeouts (hence the clock), online store, update signing, (some) peripheral authentication, region lockouts (where enabled), console/disc unique IDs, Blu-Ray ROM-Mark, AACS and BD+ - and it's (of course) a fundamentally unfixable one. Once you've cracked the eggshell (so to speak), it's easier to root the PS3 on an ongoing basis than it is (say) the Xenon.

Plus, you now have complete firmware dumps for all components available without decapping, so you could maybe extend that hack to any future versions by simply finding new bugs in those dumps. This is the beginning, not the end, but it's the breakthrough that was being waited for, the one hole that opens the floodgates.

And let's face it, by being assholes and removing advertised features like OtherOS (and, I suppose, PS2 compatibility when the software is fully capable of it), Sony had it coming.

Re:Ridiculous submission

[marcansoft]

The exploit has nothing to do with Sony's service jig. It uses the service jig code as a handy way to stash 64 bytes into memory, but it neither passes jig auth nor does anything related to what the jig does at Sony's repair centers. In fact, I think the exploit could be reworked not to emulate a device with the jig's ID at all. The core exploit relies on random (non-specific unidentified vendor) USB devices with wacky descriptors.

The exploit also only has permissions at lv-2 level (GameOS). Breaking into lv-1 will require extra work, and breaking into the secure SPU is still impractical.

Re:Ridiculous submission

[feepness]

Then why hasn't Sony released one yet? If it's so trivial to patch the flaw you'd think they would have done so by now.

Because they have careful testing and actually care about not breaking shit?

It does make homebrew *possible*.

You're making a whole lot of assumptions. Following the news of this exploit, there's been no evidence of reaction from Sony beyond the lawyer attacks on distributors. It's true the commercial product is designed for backups (which may be used for piracy, but aren't necessarily), but it does allow adding other code - including homebrew. There simply isn't any around yet. I've been looking into the code injected to see if I can figure out a way to replace it with a Linux bootloader, and so far, this looks doable (but far from easy).

So, 1) this is not *just* used for pirating. 2) that is not all it allows. 3) you're the first I've seen spouting the rumour of people being banned from PSN for this. 4) Sony went right ahead and "ruined" the console months ago.
Sony have taken a surprisingly long time to react on the firmware side of things - they were quicker than this to kill Other OS when they weren't even threatened and knew the attack would have no positive effect.
I have been effectively banned for much less reason, however - insisting on keeping functionality I bought the machine for. SCE started the attack on me back in April, and I'm trying to regain what they've unrightfully removed.

If SCE had any interest in goodwill, they could release an update that reenables Other OS. Contrary to some spurious claims, the function required no extra work on their part - they only made changes to it to prevent Linux from getting "too good" at graphics, which is frankly laughable. It also didn't need removal to fit newer features, as it only existed on models with larger flash in the first place. If Other OS continued working as it should, I'd have no reason to spend so much effort on these exploits.

Re:It does make homebrew *possible*.

[gilesjuk]

If this was the iPhone people would call this Jailbreaking and be claiming it is just allowing them to choose what software is on the device.

I don't understand why it's fine on the iPhone yet on a games console it is deemed to be a bit more 'dodgy'. Especially when jailbreaking an iPhone also allows pirate software to be installed.

Re:It does make homebrew *possible*.

[Sancho]

Because there's tons of free and useful software for the iPhone. While there may be some for the PS3, it's definitely not a multi-purpose device.

I haven't seen a lot of useful stuff in the Cydia store. There are a handful of moderately useful things, hundreds of themes, and a lot of stuff which, by all appearences, is pretty useless and would probably be approved by Apple if the developer bothered to submit it.

There isn't much available for the PS3 right now because the jailbreak just freaking happened. Give it time. If someone can port a decent media center (like XBMC) to the PS3, that alone would be reason enough to mod it. Not to mention, as I posted elsewhere, the possibility of restoring OtherOS and PS2 emulation.

That seems a bit hyperbolic, no?

[fuzzyfuzzyfungus]

Unshockingly enough, Sony crushed a commercial seller of a PS3 mod device like a bug. Even if the law weren't probably unfavorable to the sellers, Sony probably could have just tied them up in injunctions forever anyway. Shocking.

Equally unsurprisingly, halting the distribution of some OSS software is going about as well as the fight against DVD Jon's little toy did. It's totally unwinnable, and Sony hasn't shown many clear signs of even trying. Shocking.

However, it isn't clear how much this matters. This isn't CSS, where the system was set in stone, millions of un-patchable, non-internet-connected hardware units were already in the wild, and team DRM pretty much just had to suck it up. Those were the good old days.

Sony controls the Playstation Network, and can enforce minimum software versions for access, or punitively lock out units. Even for offline users, individual game disks can mandate, and include, upgrades to a higher version. Sony has, certainly, lost the game against anyone content to just pick up an old PS3 fat on ebay and enjoy a pirated copy of every PS3 game to date, all for ~$200. You'll have to stay offline, and avoid games with mandatory upgrades; but not a bad deal on the whole, I can certainly see a fair few takers.

However, unless this USB hack is seriously powerful, exploiting some basically unblockable fundamental flaw in the PS3's design, all PS3s that ship more than a few weeks from now, are updated(manually or automatically) to the next firmware revision, or wish to play newer games or use newer peripherals, or play online, are back in Sony's camp. And, unlike a DVD or Blu-ray disk, where the plaintext copy, once created, is eminently playable on all sorts of 3rd party devices, general purpose computers, and whatnot, PS3 games are pretty much only playable on PS3s, pending substantial advances in computing power that will allow emulation. This isn't "hack once, run anywhere." Each individual PS3 is controlled separately, and the success of the hacking device depends on how many hackable PS3s remain in the wild, a variable over which Sony has substantial control...

Re:Banned from PSN...

[morari]

Sorry. Sony already ruined their own expensive console by removing marketed features after the fact.

Re:Banned from PSN...

[StikyPad]

Those who have used them have already been banned from PSN and multiplayer games. What a great way to ruin your expensive console.

Not everybody's idea of an enjoyable gaming experience involves trading insults with hormonal 15 year-olds, nor does $300 meet everyone's definition of "expensive." Jailbreaking is appropriate for anyone who either doesn't care about online features, can afford two consoles, or both. I suspect that's a not-insignificant portion of current and potential owners.

Re:Banned from PSN...

[diamondsw]

First of all, this is just used for pirating purposes. In fact that's the only thing the hack allows, so drop the homebrew bullshit.

Pardon? I have no interest in either pirating OR homebrew. I just want to load the games that I bought onto the console to improve load times, avoid disc damage from handling, and keep all my games available at all times. What's the point of a 250GB drive it all I have on it are dinky PSN games?

Re:Banned from PSN...

[Nihn]

"These hacks are fully detectable by PS3 and Sony." Only if the system is online....which most people already know and thanks to the ability to download the ps3 updates to a usb means you never have to connect your console to the Sony servers. "this is just used for pirating purposes" Welcome to the game of consumer desire and business ethics. You can buy something now and it is not legally your property. You are not allowed any freedoms with something you paid your money for. If this jailbreak allowed people to get a whole console for free then I would have some sympathy.....but as the Xbox community has already shown that the console...is only a computer. And a computer has the potential to do alot....even if it isn't in the original design. Hell, if it wasn't for hackers you wouldn't have the computer you sit in front of. Sony will not listen, the industry will not listen.....hackers ALWAYS listen...and they deliver hand over fist. Be mad all you want, the future of games are in the hands of the intelligent...and they numbers favor the hacking team. "Sony has lost the PS3 hacking war?" Yes...the fact Psgroove exist and works is absolute proof that the ps3 is hackable, and that Sony has gone to great lengths to prevent something that a bunch of "criminals" ,who are no better than pedophiles in some peoples eyes ,were able to accomplish. Now comes the flood of "homebrew" apps that will add value to a system and unlocks the potential for something greater. "What a great way to ruin your expensive console" you mean what a great way to keep revenue out of the pockets of billionaires who don't care for the consumer, only the stock margin and their own personal well being......

Re:Linux on ps3? Give me a break

[TheCount22]

I'm a full time linux user and I also own a ps3 for two years now. However, I never tried to install linux on it because it does it's job well for what I can't do on my linux system - play games. I wouldn't be surprised if most slashdotters that posted so far don't even use linux on their desktop let alone own a ps3. So what's up with the hate?

From your point of view they took away a feature you never used. Now imagine Dell forced a new BIOS that would disable Linux from booting on your PC. Because "nobody uses linux". What would you say then?

I bought the PS3 for 3 things, linux, movies and games.

I used my PS3 as a thin client mostly. But also as a media center. But now thats no longer possible.

Yo dawg!

[xaosflux]

"It makes you smile that you can use one homebrew console to hack another to get homebrew on that console."

Yo dawg! I heard you like hacking homebrew, so we we put hack in your homebrew so you can hack homebrew while you hack!

good news for PC gamers

[0111+1110]

Now that there is no unhacked console left, maybe the consolization of PC games will slow down a bit. And maybe Sony will finally release the PS4, so that PC graphics can finally move ahead. It has been 3 years since Crysis. PC games have been stalled in terms of graphics because the better the graphics are on the PC version the more difficult it is to port to the old tech on the consoles.

Re:Naturally, the usual OMGWTFPIRACY folks arrive.

[Nursie]

"And the latest report is that the next firmware update is going to disable the USB ports"

BULLSHIT.

Sorry, but I have to call this one out for what it is.

The USB ports are how the controllers are used during certain updates or if they're out of power. The USB ports also are how you plug in things like the Playstation Eye, a peripheral that Sony themselves sell and are relying on for their "Move" push.

They will not now, nor ever, disable the USB ports, this is some sort of forum echo-chamber nonsense or an outright troll that's somehow gained credence.

Especially when an update to their USB driver will destroy this jailbreak just as well.

pc piracy rates are the problem

[judeancodersfront]

While there is piracy on the consoles it isn't like the pc where most of the people playing the games aren't paying for them.

That isn't an exaggeration, numerous indy developers have reported piracy rates of over 80%. Just be glad there are enough sales on the pc to still justify console ports.

New firmware 3.42 patches the USB exploit

[cciRRus]

Unfortunately, you are spot on.

http://exophase.com/ps3/ps3-firmware-3-42-hits-network-update-18063.htm:

Update: We can confirm that all variants of the USB-hub emulating exploit (PSFreedom, PSGroove, PSJailbreak) are no longer functional in firmware 3.42.