Why Sony Cannot Stop PS3 Pirates

Sam writes "A former Ubisoft exec believes that Sony will not be able to combat piracy on the PlayStation 3, which was recently hacked. Martin Walfisz, former CEO of Ubisoft subsidiary Ubisoft Massive, was a key player in developing Ubisoft's new DRM technologies. Since playing pirated games doesn't require a modchip, his argument is that Sony won't be able to easily detect hacked consoles. Sony's only possible solution is to revise the PS3 hardware itself, which would be a very costly process. Changing the hardware could possibly work for new console sales, though there would be the problem of backwards compatibility with the already-released games. Furthermore, current users would still be able to run pirated copies on current hardware." An anonymous reader adds commentary from PS3 hacker Mathieu Hervais about Sony's legal posturing.

Evil commenting on evil

[RogueyWon]

I must say, it does feel like having an Ubisoft exec comment on the chances of Sony being successful in combating piracy feels a bit like having Sauron publish an article on Voldemort's chances of taking over the world.

He's probably right, of course. A software-only hack is very bad news indeed for Sony. It's worse news than such a hack would be for Microsoft. Why? As TFA notes, Sony probably will be able to catch and ban people with custom firmware who connect to the Playstation Network, just as MS can with users on Xbox Live. However, as an owner of both consoles (who has no strong overall preference for either), I can fairly confidently say that Xbox Live is a much more central part of the whole "360 experience" than the PSN is to the PS3. It's not that Sony haven't put a lot of time and effort into improving the PSN - it is certainly far better than it used to be - but it still feels like something that sits off to the side a bit from the PS3's main functionality, while a 360 without Xbox Live feels fundamentally incomplete.

As for a new PS3 hardware iteration to solve this - I just don't see how, short of sending some kind of self-destruct signal to every existing PS3 out there (and I don't think even Sony would go that far) they could plausibly make that one work.

If Sony has one sliver of hope left, it's that the extremely large size of many of the big-name PS3 games (and hence the time and bandwidth needed to download them), combined with the relatively high price of writable blu-ray media, will still act as something of a deterrent. Of course, lots of big-name cross-platform releases like the Call of Duty games are basically identical to the 360 versions and could probably fit on a DVD.

Re:Evil commenting on evil

[mprinkey]

Large downloads are a potential impediment to piracy, but with the ability to run unsigned code, it can likely run backup manager with an ftp server that can be used to move games directly onto the PS3 hard drive and run from there, not unlike the current situation with JTAG 360 systems now. Therefore, bluray blank prices aren't going to be an issue.

Re:Evil commenting on evil

[kyz]

Sony could potentially stuff the genie back in the bottle.

The first step is a new firmware update, and make it mandatory to be allowed on the PSN. This will force the hand of most actual gamers. Perhaps there's even an option for Sony to force a firmware upgrade without user acceptance - we'll find out soon enough.

The firmware update will start verifying against a new Sony public key, and will only allow the old key for a whitelist of known past titles. So homebrewers can sign anything they like, but this new firmware won't run it.

Sony will start signing new titles with random numbers as well as the private key, so the private key remains private.

There goes softmodding.

"Ah", you say. "What about hardmodding? Because Sony can't update metldr with a firmware update, we can just rewrite the firmware on the flash chip, and metldr will accept our key, so we can change any stage of loading after bootldr/metldr."

But, you neglect that Sony could update metldr. The fail0verflow people said they couldn't, because they reasoned that as metldr is encrypted with a random key that's burned into the console at the factory, Sony couldn't update it en-masse. However, all Sony need to do is to pull their database of "what key was burned into each PS3 at the factory", and add code to their firmware that gets the PS3's serial number, sends it to Sony, and in return gets a firmware update already encrypted for that console.

metldr is only use to load firmware, which Sony never allows downgrades on, so it only needs to accept the new signature on firmware, not the old one. Now homebrewers and pirates are SOL, there's not even a hardhack that'll work.... unless you avoid Sony's network like the plague from this moment on, until modders come up with a fake update that convinces Sony you've upgraded, but you haven't really.

Meanwhile, in the factory, they keep on making PS3s but they change the firmware signing key. That's all that's needed.

Re:Evil commenting on evil

[pspahn]

I don't think it's really ethical to force a firmware update on someone without giving them the chance to accept it or not. For whatever reasons there are, you should always allow the user to avoid a potential brick by letting them choose when to update.

Re:Evil commenting on evil

[kyz]

allow the old key for a whitelist of known past titles

Depending on how the whitelist was done, couldn't a softmodder just have his code say, "oh, yeah, I'm [some whitelisted game]. So use the old key for me"?

No. The signature verification stars by SHA-1 hash of the executable itself. This is what is "signed".

The whitelist would be a list of SHA-1 hashes.

SHA-1 is still secure, in that it's not possible in any reasonable time to work out which few bytes you would add to the end of your homebrew that would transform your homebrew's SHA-1 hash into one of the hashes on the list.

all Sony need to do is to pull their database...

That assumes that such a database exists, which isn't necessarily true. And if Sony is sending that data over the Internet, it's just a matter of poking around the updating code and listening to the netwiork traffic, and then the hackers could have Sony kindly supply them with the factory key of any system they have an identifyer for.

Not quite. This is what's called a collusion attack, and we don't know if it's possible with the encryption algorithm Sony used, because we don't know what algorithm they used (yet) - we haven't seen bootldr.

It would be nice to have a plaintext of metldr, but we don't have that - only George Hotz does, and even then I suspect he only has some of it, not all of it.

If Sony pre-encrypt all metldrs handed out, and all console-specific keys were random (i.e. not generated based on the serial number), there's no way to map serial number to console-specific key without Sony's database (presuming it exists).

If we can't work out the encryption used on metldr, and we can't get a plaintext of the updated metldr Sony hands out, then we can't reverse their encryption mechanism and therefore work out the console-specific key for any given console.

So, our only hope is to find out where the console specific key is stored, and to become able to extract it in future. Once we have that, we can encrypt our own metldr, which is easily accessible on the flash chip.

Furthermore, if we try and work out the encryption based on large numbers of requests to Sony's update servers, they potentially could detect us and start serving us phony updates, which would scupper our attempts (and would also entirely brick a PS3 if they mistook a genuine PS3 updating)

Re:Evil commenting on evil

Unlikely

having a unique CD key for each CD means that you can't mass produce them, which would massively increase the costs
https://secure.wikimedia.org/wikipedia/en/wiki/Compact_Disc_manufacturing

Re:Evil commenting on evil

[hairyfeet]

Question: Why would you bother to hack YOUR x360? Already banned X360s can be had for quite cheap on craigslist, hell many of them with "back up" games already loaded. So why would you risk boning your XBL account and go to the trouble of hacking your console when you could just have a second one for pirated content?

I would say this is one area where the advantage will be to Sony. The market simply isn't nearly as flooded with PS3s as it is with X360s and MSFT's ban hammer has made pirated consoles a dime a dozen. While there is also the issue of downloading BD rips VS DVDs which will add up quick if you have any caps, and most folks don't have BD drives in their PCs to rip rented games (although that can be gotten around for less than $100 now).

Of course what I would say is the biggest advantage over the X360 is something I bet Sony isn't really happy about, and that is that most folks I've met with a PS3 don't actually game on the PS3 hardly at all. They buy the few PS3 exclusives like God of War and most of the time they are just using their PS3 as a BD player. Now to be fair from what I've been told the PS3 is still the best BD player bar none, but I kinda doubt that was what Sony had in mind when they put the BD into the PS3. Maybe it is just me but everyone I've met with a PS3 also had an X360 and THAT was what they did all their gaming on, preferring XBL over PSN.

In any case I think we can all agree killing OtherOS painted a big red bullseye on the PS3 and it looks like that dumb move is gonna take a big old bite out of Sony's bottom line regardless.

Re:Evil commenting on evil

[hjf]

Greetings from Latin America!

Down here, most of the piracy is in the form of someone selling a pirated DVD right on the street. Maybe simply because $80 is not a reasonable price for a game (BTW, the PS3 costs $800 here, instead of the US $200). We're also not allowed to join XBOX Live or PSN even if we pay for it. You have to lie and sign up as someone from US. For XBOX live, you have to pay using a xbox live prepaid card - they won't take your Visa because it was issued outside the US/EU/ETC.

And before you say anything, keep this in mind: Movie tickets cost $3 here and the release date is usually 1 day before US (premieres here are thursdays). So if Hollywood can lower their prices to match what the market can pay for, then why can't the video game industry do the same? BTW, PC games are much cheaper than console games, at about half the price. They're expensive, but still more reasonable than console games.

The whole piracy thing is a fuckup from Sony, Microsoft, Nintendo, etc. who keep insisting that "developing countries" like the ones from latin america are too poor to afford their systems, except for the rich people, so they keep their prices really high - assuming that only rich people, who can afford them, will buy them. Well, this isn't true. Most people buy grey-market import consoles which cost half the price and come already chipped.

So considering all this, will you tell me why sould I care about getting a $800 console (almost 2 months salary), pay $100 for a game, and be told by sony/MS "we don't allow your kind here, get the fuck out" on PSN/Live. For me, piracy is a form of boycotting sony, for treating me like a second-class citizen.

Keep all of that in mind before thinking people who pirate games are just "cheap".

Re:Evil commenting on evil

[hjf]

The noble response here would be to take your business elsewhere.

Yeah? Where? All console makers charge the same price. I should just NOT play games? Should I resort to a Balero (Cup-and-ball) only because that's the "noble" thing to do?

Perhaps that's considered too passive or cowardly where you are from. Maybe your culture expects a more active response.

You, as an american, don't have the moral authority to say that. America is all about suing your way through life. You don't like something? Sue away!

probably not

this metldr Key :

erk: C0 CE FE 84 C2 27 F7 5B D0 7A 7E B8 46 50 9F 93 B2 38 E7 70 DA CB 9F F4 A3 88 F8 12 48 2B E2 1B
riv: 47 EE 74 54 E4 77 4C C9 B8 96 0C 7B 59 F4 C1 4D
pub: C2 D4 AA F3 19 35 50 19 AF 99 D4 4E 2B 58 CA 29 25 2C 89 12 3D 11 D6 21 8F 40 B1 38 CA B2 9B 71 01 F3 AE B7 2A 97 50 19
    R: 80 6E 07 8F A1 52 97 90 CE 1A AE 02 BA DD 6F AA A6 AF 74 17
    n: E1 3A 7E BC 3A CC EB 1C B5 6C C8 60 FC AB DB 6A 04 8C 55 E1
    K: BA 90 55 91 68 61 B9 77 ED CB ED 92 00 50 92 F6 6C 7A 3D 8D
  Da: C5 B2 BF A1 A4 13 DD 16 F2 6D 31 C0 F2 ED 47 20 DC FB 06 70

is static and it is not revocable and even if they change everything that is revocable, someone can start using this key to get the ones after and so on.

eFUSE

Sony's only possible solution is to revise the PS3 hardware itself, which would be a very costly process.

Maybe. Cell has IBM's eFUSE system. It may be possible for Sony to issue a system update which changes the behaviour of all existing PS3s in some way to detect pirated games.

Why stop pirates?

[Bert64]

Platforms like the PC, Amiga, C64 and others thrived because of piracy... People (mostly kids) would trade games with their friends and keep copies, most of the people i knew bought as many games as they could afford and then pirated others. Without piracy, those people would just have had less games, they simply didn't have the money to buy more. I still have a stack of original games from publishers who i would never have heard about had i not pirated their games from friends.

All DRM schemes, including those on consoles do is hurt legitimate consumers...

Lost/damaged media (especially when kids are involved)
Inconvenience of having to have the media instead of playing a game from HD
False positives from DRM schemes preventing paying customers from playing

Actual organised pirates don't care about any of this, they actually have a superior product for a cheaper price..

So what they should do is tollerate casual piracy (eg kids sharing games with friends), stop wasting their time/money/public image on implementing draconian drm schemes and ensure that legitimate customers actually get a better product than the pirates do.

Enough with the "Evil" hyperbole

[Viol8]

Real evil is children being massacred in tribal wars, real evil is people being tortured in prison cells. Real evil is NOT a company trying to protect its profits no matter how much you dislike it.

A PS3 is hardly a critical item to 21st century life. If you didn't like the way SOny played ball you shouldn't have bought one - vote with your wallet. I get tired of kids whining about how unfair it is that they can't do [some hacker thing] with [insert name of expensive consumer kit here]. Life is unfair - deal. That doesn't make it evil.

Piracy..?

[bhunachchicken]

What's all this talk about piracy? As far as I understood it, people were cracking the PS3 so that they could install Linux and run homebrew...

Re:Piracy..?

[geschild]

I'm not really interested in fairness and 'politcal correctness' towards Sony anymore. As far as I'm concerned Sony 'altered the deal' and is muttering that we should pray it alters it no further.

Unfortunately for Sony, as soon as you change one end of the bargain unilaterally, I feel no obligation to uphold any the deal from my end and so I feel no obligation towards Sony. None. Whatsoever.

(The fact that buying a PS3 was my first Sony purchase after the DRM fiasco and making me feel like a sucker now for slowly starting to trust them again has nothing to do with it. No. Really. ;p )

Re:Lots of things they can do to stop pirates

[CronoCloud]

causing games to bug out midway through if they fail checks

They've done that before:

http://www.webcitation.org/5vN0X2AgG

Enough with one dimensional views of Evil

[manekineko2]

Goldman Sachs, Monsanto, BP, and many others thank you for your strict limitation on what "real" evil is.

After all, they're just companies trying to protect their profits.