The 'Final' Sony PS3 Hack
from the our-hardware-our-rules dept
Sony’s awesome freakout over folks “hacking” their PS3 product to return the functionality they originally advertised, but then retroactively took away, has been a long and often times hilarious saga. That said, all that freaking out occurred when the PS3 was still in its prime. Now that the console, while still the latest generation of Sony gaming console on the market, is clearly in its twilight years, it will be interesting to see how they react to what Sophos is reporting — the Playstation 3 being “hacked for good”.
The PS3 has been hacked before, but Sony was able to inhibit the hack with an update to its own firmware. This is much like the history of jailbreaking on Apple’s iOS, where hackers typically uncover a security vulnerability and exploit it, whereupon Apple patches the hole and suppresses the jailbreak.
But the latest PS3 break is being dubbed unpatchable and the final hack. That’s because this hack isn’t giving you an exploit to use against a programming hole. It’s giving you Sony’s so-called LV0 (level zero) cryptographic keys.
If true, the war is over and Sony lost. Hacker collective, the Three Musketeers, reportedly figured this all out some time ago, but now the LV0 keys have been leaked and it’s open season on jailbreaking your PS3 (assuming you’re technical enough to implement it). And, while it would be very easy to sit back and comment gleefully on the wonderful spirit of curiosity that propels this kind of work, and to likewise point out the futility of stopping people from tinkering with the products they legally bought, I find a different point more compelling.
Quite simply, this war that Sony lost did not need to be fought. They advertised a feature and it was only the subsequent and unilateral removal of that feature, which many customers very much wanted, that created all of this controversy. Without that removal, how much litigation money does Sony save? Without being anti-consumer, how much ill-will do they avoid? And all of that to fight a battle that, not only did they lose, but that they had to know they were overwhelmingly likely to lose over the long haul. Sophos touches on this point in hoping for a different approach in the future.
Let’s hope, when the PS4 comes out, that Sony will give up on trying to lock out jailbreakers permanently, and instead provide a way for those who want to run alternative software to do so in official safety.
When King Cnut famously ordered the tide back and failed, he wasn’t an arrogant absolute ruler trying to show off. He knew he would fail, and thereby demonstrated that to hold back the tide was impossible – and, in any case, unnecessary – even for a king.
Once I got done snickering at the name King Cnut, I found the analogy perfectly fitting. Hopefully Sony will avoid this war entirely the next go around, though with their track record, I won’t be holding my breath.
Comments on “The 'Final' Sony PS3 Hack”
“And all of that to fight a battle that, not only did they lose, but that they had to know they were overwhelmingly likely to lose over the long haul. “
What is with the “And” at the beginning of your sentences?
Also, when you run a company, what occurs is you think your every move is correct, even when it is not. That is what happened.
,,,, 😉
Re: Re:
And then executive pride and ego comes into play.
“I don’t care how much evidence you show me. I’m right and I’ll never stop trying to prove it!”
Re: Re:
That’s just further proof that Tim is in the deep pockets of Big Conjunction.
Re: Re: Re:
“And”:
That’s an additive, like “this and that”.
“But”:
That’s sort of the opposite,
“Not this but that”.
And then there’s “or”:
O-R, when you have a choice like
“This or that”.
“And”, “but”, and “or”,
Get you pretty far.
Wooo hoooo, its Friday!!!!!!!
Piracy paranoia was at its zenith when Sony decided to prohibit hacking. The massive hit to Sony’s reputation and bottom line was one of many costs the big media companies have paid in their futile war on piracy.
Re: Re:
They got portions of the community to accept this cat and mouse game by pointing out some people were running bots and aim helpers etc. So it was all about stopping the cheaters.
Much like the fervor that was generated the 21 times ( http://attrition.org/security/rant/sony_aka_sownage.html )they were hacked. People screamed for the hackers blood and threatened harm because a gaming site was down, that they had to change their amazon and fb passwords and it was hard. There was very little anger at Sony for running a system that was EASILY infiltrated with known bugs time after time after time… etc. Even after the major hacks of their sites, they did NOTHING to audit their networks.
The other OS feature was an attempt at bypassing a tax, that failed. Some people used it to “cheat” in an online game, rather than find the those cheaters and kick them, the opted to just remove the feature for everyone. Rather than allow people to keep the feature, they basically made it mandatory because newer games demanded newer firmwares be loaded to be played. So it was waste money on a game that was now an unreturnable coaster, no warning on the box, or give up the feature.
People still fail to comprehend that while the hackers did take down the network and get account details, it is very possible they were not the first to do so. The details of the very wide security holes had been posted for Sony to see and it was cheaper to ignore than to fix.
Re: Re: Re:
There was very little anger at Sony for running a system that was EASILY infiltrated with known bugs time after time after time… etc. Even after the major hacks of their sites, they did NOTHING to audit their networks.
Oh, it was worse than that. They fired their administrators six months before the hacks started, since they felt they were paying them too much, bringing in replacements who didn’t have a clue as to what they were doing, and then wondered why the hacks were successful when their replacement admins hadn’t patched the systems in 6 months. A friend of mine was an administrator at Sony, who was let go. Then, after they were hacked, Sony called pleading with him and the others they had fired to come back and fix the problem. As far as he knew, nobody came back (he didn’t, because he was already 5 months into a new, much better job.)
And Sony still hasn’t learned apparently, since no sooner did they have their systems back up when a security researcher informed them that their passwords were able to be hacked. The company is all about short term greed at the expense of all other things, including their customers, which is why I’ll never buy anything from them ever again.
Obvious Outcome
In a war with thousands of hackers working for free on one side and a few dozen professionals on the other, who do you think is going to win?
Re: Obvious Outcome
It depends on the ratio of competence/arrogance in that “few dozen professionals”.
Well...
Well, I guess using a LV0 key is at least better than storing your user’s data in plain text… *cough*
Apparently they like their hardware platform more than they care about their customer’s data, lol.
Re: Well...
There is money in making sure you sell more discs vs the lack of damages you’ll have to pay out to consumers you screwed.
For a product that is over 4 yrs old and at it’s end of life (PS4 out in less than a year supposedly) and its only now for the keys to be reverse engineered, is a major security and technical accomplishment no matter what you think of Sony’s bullshit practices of removing marketed features [oops.. there’s my opinion 😉 ].
So hats off to the team who designed the system in the first place.
As for the keys themselves what I find fascinating is this information from Eurogamer.net
Disclaimer: I am have been running otherOS on two PS3’s for years (and yes they are classified as hacked now) as part of my business and am quite intrigued at this development.
Re: Re:
Despite the laughable claims of the industry, most hackers aren’t trying to steal bajillions of dollars.
We have seen this time and time again, a group finds a hack and sits on it slowly exploring and tinkering. Someone else gets hold of it and thinks about how to make money and the original or another group then releases it into the wild to stop anyone profiting.
It is about the exploration and tinkering, not making piles of cash. They fastest way to get many people to do something is to tell them not to.
Imagine how much better the system could have been had they worked WITH the hackers rather than against them.
Re: Re: Re:
Exactly!
Reverse engineering (cracking) something and tinkering with it till you know it better than what the original manufacturer does and then seeing what it’s true potential is nirvana to any good engineer!
Nearly every innovation with the exception of the true ‘new inventions’ (eg: teflon, penicillin, dynamite, velcro (have been because people saw something… wanted to know how it worked.. reverse engineered it and then improved upon it.
Re: Re: Re:
I’m actually reminded of the film National Treasure. The Three Musketeers are kind of like Nicholas Cage’s character (who simply wants to find the treasure) and Sean Bean’s character (who wants to sell it.
Re: Re: Re: Re:
On the upside Sean Bean always dies in films.
Re: Re: Re:2 Re:
Not in this one, although he does go to prison for stealing the Declaration of Independence.
Re: Re: Re:3 Re:
But he didn’t even get to give it to the Queen! Declaration Revoked!
Re: Re: Re:
Honestly, you are perfectly correct. If they would of worked with graf_chokolo, fail0verflow, geohot, etc in the very beginning and allowed access to the graphics engine on the linux side, I doubt that many people would of even attempted to hack the system in the first place.
Re: Re:
It’s a little wrong to look at the total life cycle of the PS3. The hackers only really attacked the PS3 in earnest once OtherOS was removed. OtherOS was removed in April, 2010. It’s now October, 2012. That’s a period of 18 months, which is about in line with how long it took to hack other consoles.
The take home point is that allowing homebrew is the best way to keep pirates off your system, because the pirates almost always depend on the real hackers to do the heavy lifting, and the real hackers don’t like enabling piracy.
Re: Re: Re:
The PS3 has been analysed for reverse engineering since it first came out, though admittedly it was very much ramped up after the GeoHot debacle. GeoHot and others had been looking at the system for a long time previously.
And yes Homebrew and allowing your system to be used for legal purposes in whatever method is the only way to go (Microsoft figured that out with Kinect and look at it now compared to PSMove).
The XBOX though not hacked within 18 months was problematic nearly instantly due to CD duplication being very very easy. The same with the Wii. though Sony did have an ace up it’s sleeve with copying due to it’s usage of BlueRay and the rarity of blueray duplicators “in the wild’ at the time.
To me I use the OtherOS PS3’s as *nix boxes with some proprietary software on one for analysis purposes and was the prime reason for purchasing them at the time (they were the fastest and most cost effective solution).
Re: Re: Re:
Just because there wasn’t media hype about it, doesn’t mean it didn’t happen.
There are very few devices out there that some group of tinkerers somewhere isn’t toying with.
After OtherOS they became more vocal and open in their exploration, the stated goal time and time again was to bring back OtherOS and Sony stuck their fingers in their ears going LALALALALALALA Burned Copy Pirates & Game Cheaters!!!!
Re: Re:
I think that Sony realised there sales have tanked, not many people want a PS3 most all those that wanted one have one, I suspect this is a way to revitalise the ps3 and possibly have a few more sales than they would have had otherwise,possibly to make a last few dollars of the old console before releasing the new one. I would not be surprised if this was the case.
All i am looking for is a safe way to hack my xbox 360 cos my discs are getting damaged from use and i think i should have the ability to back them up.And that for once is a real reason i want a hack, not to cheat or pirate, just to stop having to buy the kids new discs for games i have already bought for them.
And if there is a hack i hope it is something simple that cannot be detected by MS something that will allow online gameplay and all the extras that go with it. The fact that MS charges for online play is seriously fubor.
Re: Re: Re:
One would think with all of the “rights” they claim to have over items you purchased, we should have the right to have discs replaced for free as a trade off.
Its never a sale its a license, until it might cost them a dollar. They avoided talking about some Xbox’s eating discs left and right, trying to avoid any responsibility that might mean having to make sure their customers can do anything other than buy another copy.
Re: Re: Re: Re:
Have you heard latest? Game makers want to have a system where used games are no longer an option. They want to make it so your disc is licensed to our Console. if you sell game to gamestop and another person buys it, all they get is a demo. This is being considered because game makers dont make money on resales. Here is my idea to them. Make licenses transferable if you do this. Charge transfer fee, problem solved. If this does happen, we serious gamers are going to want a hack to circumvent this BS idea.
Re: Re: Re:2 Re:
They have been trying things like this for a while, they are jumping up and down angry that resellers are making money they is “owed” to the developers.
They have added in one use codes in games, so they can sell a new code.
I have an even better idea…
How about they lower the price of the game, sell more, and stop whining about the used market.
They just see other people making money, decide they deserve it more, and try to screw everyone to “win”.
See Google vs Short sighted newspapers.
Re: Re:
Make that 6 years old on Nov 11.
Sony brought some pretty bad Ill-will which started off this hacking fiasco anyways. In fact Vita has a hack out. Its a far lesser one but someone will eventually get to ones that will be scary for Sony.
Re: Re:
Can you imagine the shitstorm if Sony’s PSV was prevented from accessing legitimately purchased games through a hack?
Not bloody likely. This is the same company who distributed rootkits on music CDs. They’ll chalk this down as a success and make a point of renting out thousands of PS4s to the stupid schmucks still throwing money their way.
Re: Re:
ps4 will not sell that well, many people were burnt with the linux ability being removed and other things they did, if anything i think a lot of serious gamers will avoid the ps4
Re: Re: Re:
Serious gamers are very excited for ps4 and new ms machine. Serious gamers buy both major consoles to play the exclusives for both. Money is not an issue to a serious gamer. Gamers only cared about the hacking for 2 reasons:
1: thought that cheaters would become more prevalent, so they were upset.
2: etwor
Re: Re: Re: Re:
2: network downtime.
Serious gamers only care that they can get online and compete, and that they aren’t being cheated.
Re: Re: Re: Re:
If being a ‘serious gamer’ means being willing to throw money at a company that has proven time and time again it holds it’s customers in contempt, and cares more about profit than the well being of said customers… then that is a title I will more certainly be happy to do without.
Re: Re: Re:2 Re:
My sentiment exactly. I’m no longer a “serious” gamer, more like an “oldschool” gamer. I was gaming before the jocks were doing it.
Re: Re: Re: Re:
serious gamers play on the PC -.0
Re: Re:
Those rootkits are why I haven’t bought a Sony *anything* since they pulled that stunt. A company that declares war on my hardware will find me returning the favor.
Re: Re:
Oddly enough, out_of_the_ass will interpret this as some comeuppance for Masnick because in out_of_the_ass_world, Masnick supportz t3h corporations and t3h corporations r t3h suxxorz and out_of_the_ass has schooled everyone.
And then he’ll go on to say how everyone deserves to be rootkited because piracy kills puppies or something…
Re: Re: Re:
Ah, but ‘Masnick’ only ‘supports’ corporations when they are ‘Big Search’ or ‘Big Tech’ or anyone who the ‘Big Content’ (Control) industry deems is ‘against’ them. If Mike supported a media company in anything, Out_of_the_Average_Bob would just scream ‘hypocrisy’ or whatever they could twist into an automatic attack on him. Doubly so if Mike didn’t even write the post!
like so many other industries and producers of whatever, they have this inbuilt need to control what people can do with their legally purchased items. had Sony used their brains and not removed the function of ‘the other OS’, the hacking of the console would have been on the back burner, they, like so many other companies, are their own worse enemies and deserve all the wrath they get from customers. the only industries that insist that a customer doesn’t buy their products but simply buys a license to be able to use them are the entertainment industries. nothing else people buy prevents them from doing what they want with it or gives them just the right to use it. voiding the warranty is the only thing that a customer may lose. on top of which, what other purchased item does a person have to get permission from the original producer so the item can be sold on? why should the original producer be paid again for something just because it is resold? eventually, the original price (eg $50) could become $500, simply because it was sold multiple times. this whole issue has become a total mess and it’s about time it had a stop put to it!!
Not a Surprise
They shouldn’t have removed the feature in the first place. They should have had a group dedicated to hunting down the cheaters. If they didn’t want to do that, they could have asked the players to do it. Most people are more than happy to tattle on those who tried to cheat the system.
Same with the used game issues. Why don’t they just form a contract with used game sellers so that they make a profit for every used game sold? There. Problem solved. Of course, they could always just make the games $20 cheaper. $50 is expensive for a new console game, and I’m barely willing to pay $40 for a handheld game. The prices are kind of insane. Especially since there are so many $50 or $40 games that are complete trash.
Much too much sense
Lowering pricing to a more reasonable price range would make too much sense for these businesses. If they started selling games at a more achievable price range for the average household, say $20-30 they would sell far more volume and probably make even more profit.
Keeping pricing over $50 ensures people buy fewer games, pirate more of them. Or wait until the price has dropped so abysmally low there’s no profit to be made from them at all.
How do they even run a business with this kind of losing business practice?
Re: Much too much sense
they look at ways to double dip from the used game market.
Re: Much too much sense
Isn’t $20-30 the price of a DS game? They didn’t sel- wait, yes they did. They sold quite well infact.
“Let’s hope, when the PS4 comes out, that Sony will give up on trying to lock out jailbreakers…”
Bwahahahaha! Er… sorry. Yes. Let’s hope. Excuse me I have to wipe the tears out of my eyes.
Sony PS3
Our family purchased Sony PS3 Game Console to play movies recorded on blue ray media and upconvertion for movies recorded on DVD media. Sony PS3 can process 2.7 teraflops.
Sony PS3 is export-controlled under Japanese law. Perhaps Sony was concerned about alternative millitary uses of product and export restrictions. Sony PS3 Game Consoles are manufactured in China.
Are Sony PS3 Game Consoles in use by Chinese military?
Oh Good, now that the prices are fair and I actually own the hardware and can do whatever I want to it I’ll buy.
$ony is a money losing corporation...
Travis – $ony for the last 4 -5 years has been losing a lot of money. They have been in the red, and they will NOT survive if this continues like this for the next few years. If the PS4 is a flop, it is game over for $ony…
Who runs that company anyways? Its days are numbered, that is for sure. Another “Research In Motion” company in the news…
If you prohibit something people are more likely to do it like smoke weed. But if you promote it it will dramatically reduce the chances of it happening.
who hacked the ps3 lolz
the ps3 was not hacked or exploited until some sony worker in the factory leaked the dongle used to put the ps3 into factory mode that is when it all started before that their was nothing sure their was some java bugs allowing you to play snes games in the xmb but that was it
it was the leak of the factory mode dongle that started the whole thing not Geohot and not anyone else its funny how noobs give geohot the credit when in fact it was some chinese guy working in a sony factory
Hello
Very good article, good Sony hacks 🙂
MechWarrior Hack
Re:
Bitch stfu
Motherfuker stfu
Motherfuker all ya r gamefreaks all ya play 2 much lazey fuckerz
Sunofabitch
eat a dick
'UI'PK:
TYUIOP;LKJHGF