Support NeoGAF

[dallow_bg]

You can confirm whatever you want, I have my opinion and you have yours.

I believe that yes, if you voluntarily let your door opened at night in a shady neighborhood and you get robbed, you got what you asked for.

Sony messed up on purpose?

 

[intheinbetween]

has sony made already any comment about this epic fail?

 

[ClovingWestbrook]

Wow, a soapbox rant about somebody's right to fuck with their own shit. What a moving speech.

Was that aimed at me?

 

[Alts]

You can confirm whatever you want, I have my opinion and you have yours.

I believe that yes, if you voluntarily let your door opened at night in a shady neighborhood and you get robbed, you got what you asked for.

edit: And if we go back to the exploit, there's no way Sony could mistake a random number for a constant. They just never thought that anyone would notice it.

Try all you like, you won't be able to craft an analogy that won't be countered.

 

[darkwing]

has sony made already any comment about this epic fail?

PS4 confirmed? highly unlikely, unless some 'app' messes up the PSN

 

[CaLe]

Sony messed up on purpose?

Seriously, you invest millions in research and development and you mistake a random number for a constant ?

They don't have idiots working in these divisions, which means that this can't be a mistake. I can't fathom anyone with an engineering degree mistaking a random number for a constant.

In my view, they probably found out about this too late and didn't care as they figured that no one would find the exploit anyway.

 

[CaLe]

Try all you like, you won't be able to craft an analogy that won't be countered.

Who says I'm trying to ? I'm expressing my opinion. I read and respect people's point of view and I write mine in return.

I understand that many of you are angry, but Sony also has a hand in this fiasco.

 

[phosphor112]

For me, it truly is about the enjoyment of seeing the developments and what others can do and even following a long myself. I did it with the Wii even though I never really use the system. I did it with the PSP even though I wasn't interested in 99% of the games the system has to offer. For the PS3, I use Goozex and buy games retail. I truly just love to see what the community can and does end up doing.

People will use the tools that the community comes up with and either use it for good or bad but that doesn't mean that the tools themselves should be kept secret. Each individual must decide what he or she will do. There is a demand for people to use their console to the fullest potential and for many folks, that is what its about in the purest sense. That is why I brought up the hammer analogy. Just because a lot of folks may use something for illegal means doesn't mean that the item/service/application itself should be withheld from those who won't be using it for such reasons.

When I paid $599 + tax for my PS3, it became MINE. If I want to blow it up in a safe environment, that is my choice. If I want to use the parts for research, that too is my choice. If I want to install applications that CAN be used for piracy but need not be used for it, that is my choice. My allegiance isn't to Sony. I am not an investor nor an employee. I am a private citizen who purchased a product that Sony produced. The retailer received my money as did Sony. After that, all bets are off.

What does that have to do with anything? Sony isn't going to be the one hurting. In fact, I'm sure this will have their PS3 sales shoot up, it's the developers making the games that hurt, those who make the games for who? You? Those who PROVIDE the content. If the developers have no incentive to make a product because of piracy, they'll stop making that content and move elsewhere to safer waters.

If these guys wanted awesome homebrew they could have easily kept it on the down low, but instead yell it for the whole world to know. I'm sure with more trying they could have figured out an alternative way without completely busting open the system for every idiot to get their dirty hands onto, and I'm sure you could have gotten homebrew out of it without saying "Hey, here is a gaping asshole, stick your dick in it."

 

[ClovingWestbrook]

What does that have to do with anything? Sony isn't going to be the one hurting. In fact, I'm sure this will have their PS3 sales shoot up, it's the developers making the games that hurt, those who make the games for who? You? Those who PROVIDE the content. If the developers have no incentive to make a product because of piracy, they'll stop making that content and move elsewhere to safer waters.

If these guys wanted awesome homebrew they could have easily kept it on the down low, but instead yell it for the whole world to know. I'm sure with more trying they could have figured out an alternative way without completely busting open the system for every idiot to get their dirty hands onto, and I'm sure you could have gotten homebrew out of it without saying "Hey, here is a gaping asshole, stick your dick in it."

This isn't even remotely comparable to the PSP situation which pretty much was busted from GO. It's been more than 4 years and almost 45 million systems later. The vast majority I'd wager doesn't give a rats ass about homebrew and wouldn't even know what to do with it in the first place.

The 360 has a larger install base and has been experiencing piracy for how many years? Has it stopped developers from creating games for that system? If it has, I have yet to see evidence of such. The PS3 will be no different. The developers are not going to ignore the PS3 and focus their entire budget on the 360 (they're not going to the Wii either). The DS, Wii, 360 have all had piracy problems for years and you don't see the developers ignoring those systems due to it. I have no control over what anybody else does with their system. For me, I will not be pirating and therefore my conscience is clean.

Again, this is my system. I don't owe anything to Sony or the developers. I buy their games if they interest me and if they don't I won't spend a dollar nor a bite of downloading data. So again, I don't see how I am a problem for what will transpire from this.

 

[dallow_bg]

Who says I'm trying to ? I'm expressing my opinion. I read and respect people's point of view and I write mine in return.

I understand that many of you are angry, but Sony also has a hand in this fiasco.

Well, I'm certiainly not angry.
And mistakes like this are certainly not unheard of. Smart people can make simple mistakes.

Off memory, this one cost NASA $125 million because some engineers used used metric units and others used English units.

http://articles.cnn.com/1999-09-30/...er-climate-orbiter-spacecraft-team?_s=PM:TECH

 

[CaLe]

edit: nm.

 

[phosphor112]

Seriously, you invest millions in research and development and you mistake a random number for a constant ?

They don't have idiots working in these divisions, which means that this can't be a mistake. I can't fathom anyone with an engineering degree mistaking a random number for a constant.

In my view, they probably found out about this too late and didn't care as they figured that no one would find the exploit anyway.

:lol :lol :lol

Obviously someone fucked up. I'm actually laughing cuz you think they did it on purpose. What is their benefit? That it could have been hacked day one? That the console that they made 200 dollars of loses on each sold would be able to be jailbroken easily?

I'm sure they caught it within the last few months, but fixing it is a matter of changing all the keys on all the previous software they've released, which is frankly, impossible.

I'm sorry, but this doesn't make sense to me.

If the developers are hurt, Sony is indirectly hurt also (see the PSP or the Wii software sales). Sony obtains a percentage of each software sales.

I was speaking in a relative manner. I understand sony makes money on games. That was their only source of income in the gaming division for the first few years because of their 800 dollar consoles that they sold for 600, but like I said. Relatively speaking, it's not Sony that's going to have to suffer. Sony has other sources of income. Dev companies don't.

 

[causan]

Seriously, you invest millions in research and development and you mistake a random number for a constant ?

They don't have idiots working in these divisions, which means that this can't be a mistake. I can't fathom anyone with an engineering degree mistaking a random number for a constant.

In my view, they probably found out about this too late and didn't care as they figured that no one would find the exploit anyway.

I just took one of my first Comp Sci courses this fall, so I'm definitely no expert, but the first thing they taught us with encryption is to never, ever, ever, EVER use a constant as your key. And for a large corporation like Sony to make a mistake like this is just crazy.

 

[sillik]

The ps3 is now just like the PSP.

Sony can't do shit, but hear developers bitch, as they kick the sand. Most people will probably not use piracy as they've havn't yet.

It'll bring in a new wave of console sales for those piracy fans.

This situation isnt anything like psp. What led to psp's downfall was the combination of an easily applied piracy hack aswell as the really small download sizes of said pirated games. Ps3's gamefile sizes will form a natural barrier for years to come. There will always be a scene who takes pride in NOT paying for games, but for the mainstream gamer pirating ps3 games will be too much hassle.

Offcourse these developments will have dubious consequences, but having such a powerful platform opened up, can you even imagine what open source developers will come up with?

 

[darkwing]

actually biggest consequence will be the PSN, since the argument of having PSN access is now rendered moot, i mean since any 'app' is legit, how can Sony know

 

[CaLe]

:lol :lol :lol

Obviously someone fucked up. I'm actually laughing cuz you think they did it on purpose. What is their benefit? That it could have been hacked day one? That the console that they made 200 dollars of loses on each sold would be able to be jailbroken easily?

I'm sure they caught it within the last few months, but fixing it is a matter of changing all the keys on all the previous software they've released, which is frankly, impossible.

I was speaking in a relative manner. I understand sony makes money on games. That was their only source of income in the gaming division for the first few years because of their 800 dollar consoles that they sold for 600, but like I said. Relatively speaking, it's not Sony that's going to have to suffer. Sony has other sources of income. Dev companies don't.

They have no benefit. I agree with you on that one.

But trust me when I say that mistakes like that aren't the work of one man.

This problem *had* to be found during the review process while finalizing the console's specifications and various security measures.

I simply refuse to believe that the X number of engineers working on the security portion of the system failed to find this problem.

How could this pass the review process ? Was there even one ?

I'm not saying that it was intentional. I'm just saying that something of this magnitude boggles my mind and I don't understand how a console could ship like that.

 

[EricHasNoPull]

What does that have to do with anything? Sony isn't going to be the one hurting. In fact, I'm sure this will have their PS3 sales shoot up, it's the developers making the games that hurt, those who make the games for who? You? Those who PROVIDE the content. If the developers have no incentive to make a product because of piracy, they'll stop making that content and move elsewhere to safer waters.

If these guys wanted awesome homebrew they could have easily kept it on the down low, but instead yell it for the whole world to know. I'm sure with more trying they could have figured out an alternative way without completely busting open the system for every idiot to get their dirty hands onto, and I'm sure you could have gotten homebrew out of it without saying "Hey, here is a gaping asshole, stick your dick in it."

Wow one of the most well rounded and thoughtful posts in this thread. But if one thing I partially disagree with you is in the bolded text. Isn't it kind of naive to say Sony wont be hurt by this? I mean the fact that you are saying developers will move else where is enough to prove how much of a negative effect will this have on the PS3 as a gaming console. No?

This just seems pretty bad for the general gaming public, which expect to constantly be offered a quality online experience and great quality games by first and third party developers for a reasonable price, this seems to get in the way of that, all in the expense of buncha egotistic, arrogant German hackers who have some kind of thing to prove to big co-operations.

 

[Drkirby]

Seriously, you invest millions in research and development and you mistake a random number for a constant ?

They don't have idiots working in these divisions, which means that this can't be a mistake. I can't fathom anyone with an engineering degree mistaking a random number for a constant.

In my view, they probably found out about this too late and didn't care as they figured that no one would find the exploit anyway.

I honestly think it was a quick fix that got overlooked, they are human after all. "Hey, the XMB is being flagged as unsigned, we need to test this."; "Oh, it looks like it is a bug with one of the RNGs, I'll just comment out that part so you can test it."

 

[Emitan]

I remember when the PSOne/Dreamcast/PS2/Xbox/DS/PSP/Wii/360 died because of easy piracy. Too bad the PS3 is next. Oh wait, piracy didn't kill any of those systems (Sega killed the Dreamcast).

 

[CaLe]

I honestly think it was a quick fix that got overlooked, they are human after all. "Hey, the XMB is being flagged as unsigned, we need to test this."; "Oh, it looks like it is a bug with one of the RNGs, I'll just comment out that part so you can test it."

I understand, yes. Human errors are of course inevitable.

But that's exactly why code / design reviews should occur. And if those never happened, well... That's just sad (which was the point of my very first post).

 

[BladeoftheImmortal]

Probably not, considering that 98.39% of all statistics are made up on the spot.

80% of homeowners would call that bullshit.

Keep in mind that you still can't do this on the 360, though, 5 years in.

Actually, JTAG has been around a long time, it's just that Microsoft fixed the problem with a hardware and software revision. so that's what sony needs to do quickly as well.

 

[Emitan]

80% of homeowners would call that bullshit.




Actually, JTAG has been around a long time, it's just that Microsoft fixed the problem with a hardware and software revision. so that's what sony needs to do quickly as well.

Wouldn't that "fix" cause all software released for the PS3 to no longer work?

 

[darkwing]

Wouldn't that "fix" cause all software released for the PS3 to no longer work?

indeed, there is no easy way out of this problem

 

[dallow_bg]

Actually, JTAG has been around a long time, it's just that Microsoft fixed the problem with a hardware and software revision. so that's what sony needs to do quickly as well.

It's not the same.

 

[Brashnir]

This situation isnt anything like psp. What led to psp's downfall was the combination of an easily applied piracy hack aswell as the really small download sizes of said pirated games.

The biggest problem with PSP software sales is and has always been PSP software itself. The few compelling pieces of software have had ill-timed releases or have been the types of games people would rather play on a regular console. I've had a PSP since launch, have pirated zero games, and have bought 4. 3 of those 4 were within the launch window. Compare that to every other system I own (20+ games bought) and you start to see a pattern.

PS3 software will continue to sell whether or not people can pirate it, because the PS3 has compelling software that their audience is interested in.

 

[CaLe]

Actually, JTAG has been around a long time, it's just that Microsoft fixed the problem with a hardware and software revision. so that's what sony needs to do quickly as well.

The problem is actually deeper than that.

They can't simply change the algorithm used, as it would invalidate all previously shipped products.

They have some bright minds working over there, they'll probably figure something out. Which will also get hacked later on.

 

[phosphor112]

Wow one of the most well rounded and thoughtful posts in this thread. But if one thing I partially disagree with you is in the bolded text. Isn't it kind of naive to say Sony wont be hurt by this? I mean the fact that you are saying developers will move else where is enough to prove how much of a negative effect will this have on the PS3 as a gaming console. No?

This just seems pretty bad for the general gaming public, which expect to constantly be offered a quality online experience and great quality games by first and third party developers for a reasonable price, this seems to get in the way of that, all in the expense of buncha egotistic, arrogant German hackers who have some kind of thing to prove to big co-operations.

I clarified in another post, that I meant that in a relative term. Sony will hurt, but they have other sources of revenue. Though, on the other hand, the developers that are having their games pirated, only have one source of income. Which is retail / online.

I understand, yes. Human errors are of course inevitable.

But that's exactly why code / design reviews should occur. And if those never happened, well... That's just sad (which was the point of my very first post).

Was a hardware review never done on the 360? See what I'm saying? Shit happens, and sometimes a lot bigger than others.

 

[Dreams-Visions]

I just took one of my first Comp Sci courses this fall, so I'm definitely no expert, but the first thing they taught us with encryption is to never, ever, ever, EVER use a constant as your key. And for a large corporation like Sony to make a mistake like this is just crazy.

co-sign.

it makes you feel like it was intentional.

when you eliminate all the logical possibilities, what remains is most likely the case. and honestly...this kind of error is to stupid to be unintentional. it's too basic. too elementary.

 

[Guyver]

indeed, there is no easy way out of this problem

It would only force Sony to bring out PS4 earlier??

 

[darkwing]

The problem is actually deeper than that.

They can't simply change the algorithm used, as it would invalidate all previously shipped products.

They have some bright minds working over there, they'll probably figure something out. Which will also get hacked later on.

i don't know how they can solve this, short of a massive software recall :lol

 

[BladeoftheImmortal]

The problem is actually deeper than that.

They can't simply change the algorithm used, as it would invalidate all previously shipped products.

They have some bright minds working over there, they'll probably figure something out. Which will also get hacked later on.

Yes, I know. I mostly meant a hardware revision was in-store.

 

[darkwing]

Yes, I know. I mostly meant a hardware revision was in-store.

they could issue a hardware revision but that new revision won't be able to run old games and vice versa

 

[Dreams-Visions]

Yes, I know. I mostly meant a hardware revision was in-store.

makes sense to me.

but is it possible to introduce a hardware revision that accepts the old key in some limited capacity and a new key for all software released after say...February 2011?

meh, probably not possible.

 

[EricHasNoPull]

It always baffles me how some people can be extremely tech savvy, and not realize how stupid they look using terms like "epic fail". Did the presentation also state that all Sony's base belong to them, followed by a picture of a cat making a Chuck Norris joke with poor grammar?

You're just now realizing extremely tech savvy individuals are frequently social retards?

 

[Danj]

Seriously, half the shit you guys want you can do on PC. Others, I can completely understand, but shit like MKV support? Really? What for?

All of the "shit" I want could be done on a PC, it's true. But my PC isn't downstairs in the living room connected to the big telly, and my PC doesn't have a convenient remote control or a suitable interface. The PS3 is already there and already does most of the things I want, it just needs a few extra things (MKV support and region-free for DVD and Blu-Ray).

 

[Guyver]

i don't know how they can solve this, short of a massive software recall :lol

Or issue a revised key update patch all games ever released, but that would only get compromised again later.

 

[darkwing]

Or issue a revised key update patch all games ever released, but that would only get compromised again later.

wouldn't work, how would you patch games on the PS3s that never go online?

 

[BladeoftheImmortal]

makes sense to me.

but is it possible to introduce a hardware revision that accepts the old key in some limited capacity and a new key for all software released after say...February 2011?

meh, probably not possible.

Guess I didn't think of that. hmm, well they could do a blacklist instead of a whitelist, but nevermind.

I'm not tech savvy enough for this kind of thing.

I guess on the PSP they could do a hardware revision for the Pandora exploit but the scene never had the public and private keys for the PSP so they couldn't sign software.

I guess it is bad for the rest of its cycle.

However, I think the best course of action is to just not talk about it from Sony. Really, if they mention it, more people will know about the exploit, but if they keep mumb on it, the more astute gamers will be the only ones to know about it (just like they did with Move :lol ).

Just don't get the word out, and as we all know, if you try to silence something on the internet, they'll just yell louder, so just better to take the lick, keep silent, and try to fix it secretly.

 

[Dreams-Visions]

So.

PS4 coming earlier than expected?

 

[Guyver]

So.

PS4 coming earlier than expected?

I think so

 

[darkwing]

So.

PS4 coming earlier than expected?

yup and it won't do backward compatibility

 

[jonabbey]

I just took one of my first Comp Sci courses this fall, so I'm definitely no expert, but the first thing they taught us with encryption is to never, ever, ever, EVER use a constant as your key. And for a large corporation like Sony to make a mistake like this is just crazy.

The problem here isn't the key, it's the nonce. DSA and ECDSA are both extraordinarily fragile / vulnerable if the nonce isn't properly randomized.

 

[Foffy]

yup and it won't do backward compatibility

Removing features one chunk at a time.

 

[Emitan]

Removing features one chunk at a time.

It only does everything*

*for now.

 

[darkwing]

i guess they would make PSN2 for the PS4 then too

 

[Guyver]

If i was Sony, i would have such a headache right now!!

 

[iNvid02]

so this will help homebrew or piracy?

 

[Foffy]

so this will help homebrew or piracy? im guessing piracy (which im for btw)

That's not something you should openly be admitting you're for though...

 

[Guyver]

so this will help homebrew or piracy? im guessing piracy (which im for btw)

It only does everything!

 

[Brashnir]

If i was Sony, i would have such a headache right now!!

I don't think something without a brain can get a headache.

Spoiler

I'll let you decide whether I'm calling them stupid or if I'm pointing out that "Sony" is not a person.