• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
  • The Politics forum has been nuked. Please do not bring political discussion to the rest of the site, or you will be removed. Thanks.

PS3 hack: What it means for you? (CVG Feature)

Mama Robotnik

Member
Apr 11, 2008
7,999
15
985
CVG have written a good article (yes, CVG!) which provides a timeline of the PS3 hacking saga, and explores some of the reasons why its become such a powerful debate.

I know we have had a number of threads on this. I still thought this is worth posting as a point of reference, as almost all of the megathreads on this have begun with recent specific developments rather than an overview of the entire situation.

The timeline. I've annotated the numbers myself.

1. Back in January 2010, hacker George Hotz hacked the PS3. He opened the door for homemade code on the PS3 with an exploit which relied on the PS3's OtherOS function.

2. Sony responded with Firmware 3.21, removing OtherOS from the console altogether. Sony's castle had been built strong enough to withstand attacks from everything hackers threw at it for almost five years but by removing OtherOS they drew the attention of hackers more capable than any who had attempted to break the PS3's security before.

3. Hotz abandoned work on the PS3 in July but one month later Australian modders released the PSJailbreak dongle - a USB stick which opened the Playstation to unsigned software and 'backup' copies of games.

4. Within weeks Sony had blocked sales of the original device and rendereded it useless by Firmware 3.42's security update. Sony had been here before. The PSP had been hacked with a simple exploit early in its life and the company learned a valuable lesson; PS3 was built to resist exploits.

PlayStation had modchips, the Dreamcast was easily broken without any hardware modification, PS2 was chipped, and the Xbox 360's disc drive firmware was altered so it couldn't tell the difference between a copied game and the real thing. Hacking happens, but not to the PS3.

Before Christmas 2010, every attempt to run homemade software on the PS3 had been an exploit or hack - tunnels beneath the castle's walls and ladders over them.

6.Then, at December's Chaos Computer Conference, the hacker group failOverflow publicly demonstrated homebrew code running on PS3 without modification or exploitation.

Two years earlier the team had hacked the Wii with intentions of using it to run homebrew code but the PS3 was a far bigger catch.

Their route through PS3's security took them straight in the front door. The team were able to overflow PS3's bootup and nose around, where they soon found Sony's signing keys freely available on the system.

7. Enter George 'Geohot' Hotz, picking up where failOverflow left off and releasing the Metldr rootkey to the public - keys which encrypt every piece of code running on PS3 and let the console know the code is authorised by Sony.

With PS3 now unable to tell the difference between what's real and what's not, hacker KaKaRoTo made the first custom firmware for PS3 on January 4 to allow installation of homebrew files without the need for a jailbreak.

8. Hotz followed up two days later with his own custom firmware, adding extra functions for coders and PS3 users, and made it public. Hotz's firmware installs via Sony's usual update process from an ordinary memory stick.

Emulators and apps developed for the earlier PSJailbreak were soon up and running but backup loaders were locked out. The stated aim by both Fail0verflow and George Hotz was to restore Linux functionality to PS3.

Piracy requires a full 'level two' hack that gets you into the GameOS - something Hotz excluded from the custom firmware to prohibit pirates from running copied games.

9. However, hacker Riku.kh3ran worked around that and ran a backup copy of Castlevania: LOS straight from the hard drive, modifying the game's main executable to make the PS3 treat it like a legit PSN game.

God of War 3, Heavy Rain, Killzone 2, Hot Pursuit, and others soon followed. Sony's official response was brief. "We are aware of this, and are currently looking into it" they said, in a statement.

"We will fix the issues through network updates, but because this is a security issue we are not able to provide you with any more details."

Their response, according to hackers, is optimistic. "The complete console is compromised" explained failOverflow member Pytey to the BBC, "There is no recovery from this."

If you change the lock on your front door every existing key stops working; if Sony were to change the PS3's rootkey, every existing game on PS3 would stop working. It is, without question, the most catastrophic security failure in video game history.

10. On January 12 Sony launched their lawsuit against Hotz and the failOverflow team, suing the hackers for modifying Sony's software, circumventing PS3's protection, and distributing the means to do it.
11. Just one day after Sony's lawsuit, failOverflow released all their tools and documentation to the public, effectively rendering Sony's legal claim and restraining orders moot.

The case against Hotz is stuck in legal limbo while US courts try to make up their mind about whether the New Jersey resident can be tried in California as Sony would like.

12. All the while, the hacking continues. On January 17 Wii hacker Waninkoko released a custom firmware of his own but bricked a few 60GB consoles in the process.

Hours later hacker Wutangrza followed it with firmware which does the same job without the bricking, and hours after that Kmeaw released a better firmware with complete backup support

They also explore the advantages of opening up a closed console:

What next? Well, the genie's not going back in the bottle, but Sony could attempt to ban pirates from PSN, preventing purchases and online play.

While the hack's significant, it's still far from accessible for the average gamer, so don't expect game sales to fall off a cliff just yet. With the situation still in the balance, it's currently hard to gauge its impact - but the battle for PS3's security should prove fascinating.

The biggest early developments will come from programmers working on devious stuff while the legit software waits for the open SDK to mature, but when it does, the PS3 could become the best bang-for-your-buck under-TV media box ever made.

When Microsoft's original Xbox was modchipped the development scene moved quickly to support it with tools, media players, emulators, and homemade games. Xbox Media Centre was a fully featured media player and operating system which would play just about anything.

It could stream video from your PC, had a built-in ISO loader for running "backups", and could snatch news, trailers, radio, and video straight off the internet. XBMC is the best frontend you could ever use for an under-TV Home Theatre PC.

HTPCs are expensive, but since the PC version of XBMC happily runs on Windows or Linux it's not impossible to imagine the program returning to consoles. A PS3 version could rip your Blu Rays to HDD and run them at the touch of a button, and would support every kind of codec used in the PC space.

Emulation is a grey issue, but so long as you own the original game you're entitled to emulate it. If you still have copies of Donkey Kong Country and Super Mario World in your SNES collection you can run those ROMS in the PS3 port of the famous SNES9X emulator. The emulators themselves aren't illegal.

And the dark side, piracy and cheating:

Of course, there's the dark side to the argument. The PS3 is already happily booting modified copies of PS3 games straight from hard drive and cheaters are already ruining PSN's most popular shooters.

With a custom firmware and a backup loader you'll be able to borrow or download any game and copy it straight to the system. Don't listen to anyone who says "PS3 games are too big to download"; most PS3 games are developed with the PC as the lead platform and are optimised for one DVD.

If you're a pirate you're almost certainly already enjoying commercial-free HD TV and all the free music your ears can handle. Future developments in the PS3 scene will ensure you can stream MKV Blu Ray rips straight from your PC to your PS3 and turn your console into an all-in-one media box.

Emulators will mean almost every game ever made will eventually be made playable on PS3. Homebrew developers emulated everything from the SNES to the N64 on the original Xbox, with only the machine's puny 700 Mhz processor holding them back.

The PS3 is a beast of a console and will happily emulate everything from the ZX Spectrum to the latest MAME-supported arcade games. Don't expect it to emulate the Gamecube or Dreamcast, mind. Until devs implement server-side cheat detection you'll be able to run hacks in online games. See through walls! Have infinite ammo! Oh dear.

And finally they explore the reason that so many people are concerned about the precedent set by Sony's legal action.

On January 12 Sony launched their lawsuit against Hotz and the failOverflow team, suing the hackers for modifying Sony's software, circumventing PS3's protection, and distributing the means to do it.

If granted, the orders would force the hackers to hand over all tools and information to Sony's legal team, but it's not yet clear whether hackers have even broken the law.

Apple tried to stop hackers jailbreaking the iPhone and were blocked by US courts. The American Digital Millenium Copyright Act makes it illegal for a user to circumvent a company's protection on their electronic devices, but an exception was made for phones after Apple's case.

There's no similar exception for games consoles; with their new case Sony will either close or open the door to homebrew console developers and will change the way you can use the games consoles you've paid for.

Why? It's about your right as a consumer to use the product you bought in whatever way you please, and it's an argument about the sanctity of online gaming on a platform which was designed to be closed.

It's an argument about who owns the device you bought and just who is allowed to develop software for it, and an argument about whether publishers will even want to support a truly open console platform.

I've not bolded anything as its all pretty relevant and important.

Reading this has helped clear my thoughts a bit on the matter and helped center my perspective a bit. I'm trying to be less one-sided. Its also reminded me how nuanced the whole situation is and regardless of what the outcomes, there will be negatives for everyone. Gamers, for having their online experience comprimised; developers for having their games more accessible to pirates; Sony for having to massively focus their resources on security, and the homebrew developers for possibly having to deal with a legal precedent enabling them to be sued for tinkering with their own property.

Sorry if anyone feels this is stuff we've covered before, but I thought it was a good article especially for those not following the ongoing developments, and props to CVG for writing it.
 

Mama Robotnik

Member
Apr 11, 2008
7,999
15
985
Billychu said:
What cheaters are ruining the online? The ones doing it 8 months ago? lol

Yeah I did take issue with that bit, but there is a valid concern that as a result of opening up the console, future cheating will increase. As someone who mainly does my multiplayer gaming on an open system - my PC - I do wonder why some console developers find it so difficult securing their online functions.
 

TreIII

Member
May 15, 2006
17,477
0
0
38
Good write-up. It'll be interesting to see what else will happen from here on in.
 
Aug 10, 2008
38,700
0
0
U.S.A.
Thread devolves into who is for and against hackers in 3.2.1...

At least the article points to the positives that can come from hacking the console
 

Emitan

Member
Jun 26, 2008
39,757
2
0
LovingSteam said:
Thread devolves into who is for and against hackers in 3.2.1...

At least the article points to the positives that can come from hacking the console
Please not this shit again. Is there anyone on GAF who fully supports hacked PS3s/CFW being usable online? Can't we all agree that for or against hacking, allowing hacked systems online is too dangerous for Sony? I fully support hacking, but am against piracy and cheating.
 
Aug 10, 2008
38,700
0
0
U.S.A.
Billychu said:
Please not this shit again. Is there anyone on GAF who fully supports hacked PS3s/CFW being usable online? Can't we all agree that for or against hacking, allowing hacked systems online is too dangerous for Sony? I fully support hacking, but am against piracy and cheating.

There are some, yes. I think the middle of the road stance (won't happen) would be to allow us to still log into PSN Store to make purchases (benefits Sony) but be locked out of the PSN for games. I will be buying a second PS3 later this year for Uncharted 3 and the other must have games.
 

Htown

STOP SHITTING ON MY MOTHER'S HEADSTONE
Feb 19, 2008
44,007
7
0
looks like a pretty good summary, though as it's been pointed out, cheating on the PS3 existed long before the console was hacked.
 

H_Prestige

Banned
Aug 2, 2008
15,476
0
0
Can someone explain to me how cheaters will ruin PSN?

AFAIK, if you want to run a hacked game, you need to be on CFW. CFW users can't log into PSN. Online players are unaffected.
 

Jinfash

needs 2 extra inches
Oct 16, 2007
13,883
3
1,475
Jinfash
That's a good summary actually.

Machado said:
biggest flop in video game History???

bull...
In terms of security? I think it is.

erk: C0 CE FE 84 C2 27 F7 5B D0 7A 7E B8 46 50 9F 93 B2 38 E7 70 DA CB 9F F4 A3 88 F8 12 48 2B E2 1B
riv: 47 EE 74 54 E4 77 4C C9 B8 96 0C 7B 59 F4 C1 4D
pub: C2 D4 AA F3 19 35 50 19 AF 99 D4 4E 2B 58 CA 29 25 2C 89 12 3D 11 D6 21 8F 40 B1 38 CA B2 9B 71 01 F3 AE B7 2A 97 50 19
R: 80 6E 07 8F A1 52 97 90 CE 1A AE 02 BA DD 6F AA A6 AF 74 17
n: E1 3A 7E BC 3A CC EB 1C B5 6C C8 60 FC AB DB 6A 04 8C 55 E1
K: BA 90 55 91 68 61 B9 77 ED CB ED 92 00 50 92 F6 6C 7A 3D 8D
Da: C5 B2 BF A1 A4 13 DD 16 F2 6D 31 C0 F2 ED 47 20 DC FB 06 70
 
Aug 10, 2008
38,700
0
0
U.S.A.
H_Prestige said:
Can someone explain to me how cheaters will ruin PSN?

AFAIK, if you want to run a hacked game, you need to be on CFW. CFW users can't log into PSN. Online players are unaffected.

There is still a method for CFW users to log into PSN.
 

plainr_

Member
Oct 31, 2009
9,122
0
0
 
Aug 10, 2008
38,700
0
0
U.S.A.
H_Prestige said:
And Sony can't detect them?

Who knows if they can or can't detect them. Just that right now they aren't doing anything about that method. It involves changing the security certificates. Also there is supposedly a way to change ones console ID thereby unbanning your console. Some idiots have suggested borrowing their friends PS3 or buying a PS3 from a retailer to get that unblocked console ID and then changing their own console to that ID. Obviously resulting in the new console being banned instead.
 
Nov 20, 2008
8,022
0
0
Houston, TX
www.twitch.tv
i'm still fuzzy on why removing otherOS was such a big deal to people that wanted to hack and do homebrew... you know, legal stuff.

they could keep their old PSN-less version of the firmware and still have otherOS. it's completely acceptable to sacrifice being able to use PSN so you can do all your homebrew stuff. that way it keeps the hacking-cheaters away from the legit users, and the legit hackers in their own closed system- which they appear to prefer in the first place.

weren't people able to DOWNGRADE to the otherOS firmware anyway? that's one of the reason why i'm "not on geohot's side" with this whole debacle because i didn't see a reason for him to retaliate against otherOS removal when all it did was restrict him from PSN. i think it was a fair compromise.
 
"We will fix the issues through network updates, but because this is a security issue we are not able to provide you with any more details."

Their response, according to hackers, is optimistic. "The complete console is compromised" explained failOverflow member Pytey to the BBC, "There is no recovery from this."

If you change the lock on your front door every existing key stops working; if Sony were to change the PS3's rootkey, every existing game on PS3 would stop working. It is, without question, the most catastrophic security failure in video game history.

Yeah, the effectiveness of OFW 3.56 came as a bit of a surprise to a whole lot of people.
 

Maddog

Member
Jul 19, 2009
1,661
0
0
Commanche Raisin Toast said:
weren't people able to DOWNGRADE to the otherOS firmware anyway? that's one of the reason why i'm "not on geohot's side" with this whole debacle because i didn't see a reason for him to retaliate against otherOS removal when all it did was restrict him from PSN. i think it was a fair compromise.

This is where you are misinformed. It didn't just restrict him from PSN. Sony started putting out games that required certain firmware which meant that you could either stick with otherOS and not play the latest games or lose otherOS and play them.
 

pharmboy044

Member
Dec 23, 2008
6,575
14
910
BritBloke916 said:
Yeah, the effectiveness of OFW 3.56 came as a bit of a surprise to a whole lot of people.
Please explain. I thought 3.56 was hacked the first day it was released?
 

WrikaWrek

Banned
Oct 31, 2007
14,221
0
0
If i a buy a car, i do whatever i want with it. If it doesn't comply with road rules, then i don't use the car on the road.

If i buy a console, i do whatever i want with it. If it doesn't comply with online gaming rules, then i don't use the console online.
 
Aug 10, 2008
38,700
0
0
U.S.A.
WrikaWrek said:
If i a buy a car, i do whatever i want with it. If it doesn't comply with road rules, then i don't use the car on the road.

If i buy a console, i do whatever i want with it. If it doesn't comply with online gaming rules, then i don't use the console online.

Sure, but the manufacturer doesn't come to your home, remove the exhaust that it finds objectionable, does it? The manufacturer doesn't sue others who publicize the methods to mod your car in a way that it may find objectionable, does it?

Oh, and here we go with the analogies and metaphors.
 

The Lamp

Member
Nov 6, 2010
17,176
2
0
Ugh, this is just going to become a bigger and bigger mess, with Sony taking out their paranoia on everyone in more meaningful ways.

I really don't think hacking the PS3 was worth all the mess that will snowball from here.
 
Aug 10, 2008
38,700
0
0
U.S.A.
The Lamp said:
Ugh, this is just going to become a bigger and bigger mess, with Sony taking out their paranoia on everyone in more meaningful ways.

I really don't think hacking the PS3 was worth all the mess that will snowball from here.

Perhaps it wasn't worth it for you but it was for me and many others who prefers to have control over our own hardware.
 

WrikaWrek

Banned
Oct 31, 2007
14,221
0
0
LovingSteam said:
Sure, but the manufacturer doesn't come to your home, remove the exhaust that it finds objectionable, does it? The manufacturer doesn't sue others who publicize the methods to mod your car in a way that it may find objectionable, does it?

Exactly. I agree.
 
Aug 10, 2008
38,700
0
0
U.S.A.
WrikaWrek said:
Exactly. I agree.

I think most people agree that if you hack your PS3 you shouldn't be allowed to use Sony's pipes to play online. I think the issue that separates the groups is whether Sony should have gone guns blazing against the hackers, regardless of how egotistical and annoying they may be.
 

pharmboy044

Member
Dec 23, 2008
6,575
14
910
H_Prestige said:
3.56 is not hacked. New keys in addition to some other changes.
oh wow, okay. I guess there is a lot misinformation being spread around regarding this topic. Also, in the article it states that the PS3 security is wide open now but if 3.56 has not been hacked and future titles require this firmware to function on the PS3 is it safe to assume Sony has "plugged" the leak for now?
 

WrikaWrek

Banned
Oct 31, 2007
14,221
0
0
LovingSteam said:
I think most people agree that if you hack your PS3 you shouldn't be allowed to use Sony's pipes to play online. I think the issue that separates the groups is whether Sony should have gone guns blazing against the hackers, regardless of how egotistical and annoying they may be.

Well anyone with a bit of common sense knows Sony ain't got shit here.
 
Feb 17, 2010
2,704
0
0
Everywhere
Billychu said:
What cheaters are ruining the online? The ones doing it 8 months ago? lol

Tell me about it. It's not like people couldn't cheat before. There just having an easier time now if anything. What's really causing sony trouble (IMHO) is the fact that information about the system security getting compromised and what that means is spreading faster then it did on the PSP.
 

Godslay

Banned
Sep 3, 2008
28,792
0
0
WrikaWrek said:
If i a buy a car, i do whatever i want with it. If it doesn't comply with road rules, then i don't use the car on the road.

If i buy a console, i do whatever i want with it. If it doesn't comply with online gaming rules, then i don't use the console online.

This is actual a decent analogy, considering all of the shitty ones I've seen related to the topic.
 

H_Prestige

Banned
Aug 2, 2008
15,476
0
0
pharmboy044 said:
oh wow, okay. I guess there is a lot misinformation being spread around regarding this topic. Also, in the article it states that the PS3 security is wide open now but if 3.56 has not been hacked and future titles require this firmware to function on the PS3 is it safe to assume Sony has "plugged" the leak for now?

Yes, the hole is plugged now and CFW is locked to 3.55 and games that don't require newer FW. Until one of these hackers proves otherwise (and without getting sued like a dumbass) Sony has won this one, despite all the grand doom and gloom claims that were made a couple of months ago.
 
Nov 20, 2008
8,022
0
0
Houston, TX
www.twitch.tv
Maddog said:
This is where you are misinformed. It didn't just restrict him from PSN. Sony started putting out games that required certain firmware which meant that you could either stick with otherOS and not play the latest games or lose otherOS and play them.

that still seems like a fair compromise if one is going to be using specialized hardware to make their own apps and games for use in their own closed ecosystem. as some on here have said before, own a hacked unit and a legit unit. keep them separated. if homebrewing on PS3 is that important of a hobby then it could almost be considered buying your own SDK for thousands cheaper.

i also thought that games weren't requiring the new firmware until after the USB dongle hack was released? again, they were only responding to more hacking- which again i feel like was just to protect their own ecosystem that they want to keep separate from the enthusiasts.

LovingSteam said:
Sure, but the manufacturer doesn't come to your home, remove the exhaust that it finds objectionable, does it? The manufacturer doesn't sue others who publicize the methods to mod your car in a way that it may find objectionable, does it?

Oh, and here we go with the analogies and metaphors.

true, but sony said when otherOS was removed that you're more than welcome to continue using the old version sans PSN if you want to use linux and play around with all that. only after hackers retaliated for otherOS removal did they actually put on the gloves. as i said before, i still don't feel like removing otherOS and then restricting games from the USB dongle trick was some attack on the hacking community. just responses to it to protect their legit userbase and yes, to curb the threat of pirating to appease publishers if anything.
 

expy

Banned
Dec 9, 2008
5,086
0
730
Montreal, Canada
LovingSteam said:
Sure, but the manufacturer doesn't come to your home, remove the exhaust that it finds objectionable, does it? The manufacturer doesn't sue others who publicize the methods to mod your car in a way that it may find objectionable, does it?
Modding your car doesn't open the doors to stealing parts/cars/etc. from the car manufacturer. Nor does it allow access to that manufacturer's closed systems, nor ways to bypass their closed system's security.
 
pharmboy044 said:
oh wow, okay. I guess there is a lot misinformation being spread around regarding this topic. Also, in the article it states that the PS3 security is wide open now but if 3.56 has not been hacked and future titles require this firmware to function on the PS3 is it safe to assume Sony has "plugged" the leak for now?

Yes and no. It's changed the private key for one that was generated with a truly random seed (existing games continue to work via whitelist, which some commentors had believed would be impossible to implement). It's certainly made PSN access a bit of a headache for CFW users (and it's only going to get more difficult if the remote code execution capability of OFW 3.56 starts being used to randomly change the authentication challenges), but off-line disk games will continue to be useable on CFW PS3's until the games start using function libraries that are specific to the latest OFW.

It's worth noting that once you install OFW 3.56 there is currently no way back that doesn't involve hardware modding. In conclusion, things are a hell of a lot less hopeless for Sony right now than everyone had been predicting, but only the test of time will prove whether or not they've managed to nip this one in the bud.
 

demosthenes

Member
May 17, 2009
22,263
6
1,130
Mama Robotnik said:
Yeah I did take issue with that bit, but there is a valid concern that as a result of opening up the console, future cheating will increase. As someone who mainly does my multiplayer gaming on an open system - my PC - I do wonder why some console developers find it so difficult securing their online functions.

On any PC game I've played on I've run into cheaters, that's why I tend to stick to only pretty close communities when it comes to playing these now. What games do you play that have no cheaters?
 

Jocchan

Ὁ μεμβερος -ου
Feb 16, 2007
17,255
0
0
Silent Hill
www.jocchan.com
Commanche Raisin Toast said:
that still seems like a fair compromise if one is going to be using specialized hardware to make their own apps and games for use in their own closed ecosystem. as some on here have said before, own a hacked unit and a legit unit. keep them separated. if homebrewing on PS3 is that important of a hobby then it could almost be considered buying your own SDK for thousands cheaper.

i also thought that games weren't requiring the new firmware until after the USB dongle hack was released? again, they were only responding to more hacking- which again i feel like was just to protect their own ecosystem that they want to keep separate from the enthusiasts.
Well, turning the choice into "you have to buy another system" doesn't really sound fair to me. If you bought a PS3 because it had two features you cared for, you should reasonably expect it to keep having both without having to buy another console later down the line.
 

Tonedeff

Member
Sep 10, 2007
953
0
0
I'm one of those people in the middle ground on this. Gamers should be able to homebrew their consoles, but Sony should be able to ban them from PSN. That seems to make the most sense to me.

Also, is cheating a big problem on Steam? I've never used it so I don't know

plainr_ said:
This is amazing by the way. It should have been Geohot's face instead of Stallone's though
 

Speevy

Banned
Jun 26, 2004
62,858
1
0
If I buy a fishing pole, and modify it so that its line becomes charged with enough electricity to instantly kill any fish in the vicinity, I may not enter into any tournaments.

However, this does not preclude me frying fish on my own private lake.
 

Momo

Banned
Aug 10, 2009
4,454
0
860
Speevy said:
If I buy a fishing pole, and modify it so that its line becomes charged with enough electricity to instantly kill any fish in the vicinity, I may not enter into any tournaments.

However, this does not preclude me frying fish on my own private lake.
What is this lol

rofl