Sections

Feature: Sony in the Hotz seat

Thursday, 13th January 2011 06:47 GMT By Justin Kranzl

geohot2

When hacker George (Geohot) Hotz was served with a temporary restraining order early in the evening of January 11, he had to have a good idea what was coming. So too must the other defendants on the stark legal papers prepared by Sony Computer Entertainment’s legal team – Hector Cantero, Sven Peter and 100 yet-to-be-named persons. One does not thumb their nose at mega-corporations lightly.

After a torrid fortnight, where PlayStation 3’s system security – namely its ability to determine whether code running is legitimate or not – has been laid bare by hacker group fail0verflow, Sony’s finally made its move.

Here, VG247 presents a report breaking down the the implications of the PS3 hack, what’s come already, what’s happening now, and who the real losers are in this complete fiasco.

How did we get to here?

In a world which recognises the Matrix more than William Gibson, George Hotz is the closest thing the public gets to a cocky version of Neo – a fresh-faced (he’s 21) tech genius who always seems two steps ahead. After achieving cult status by releasing to the public a jailbreak for Apple’s iPhone in 2009, Hotz turned his attention towards another giant in Sony, and its high profile device, the PlayStation 3.

By the end of January 2010 Hotz had released a public exploit for the PS3 with a stated aim of enabling PS2 compatibility and homebrew software. The catch: it relied on using the PS3’s “Install OtherOS” function – which had made access to some – not all – of the system hardware only a Linux kernel away.

Sony countered at the end of March 2010 by releasing Firmware version 3.21, removing the OtherOS function. Users could retain the feature, but if they didn’t install the new upgrade everything from online gaming to new games and Blu-ray releases wouldn’t function. The removal of OtherOS brought “older” PS3s in line with the revamped PS3 Slim, which was released August 2009 – the new SKU didn’t offer the feature at all.

Game, set and match to Sony? Without the ability to address the system hardware, it seemed so. While Hotz initially showed work in progress of a custom Firmware enabling the “OtherOS” function running on Firmware 3.21, he publicly (via Twitter) walked away from the project in July 2010.

By the the end of the year, the issue seemed to have died down. But for parts of the hacking community it was a different matter. Sony – praised earlier for enabling an open platform on their console – had done the annoying -not including the OtherOS function on the highly successful PS3 Slim – followed by the unthinkable – removing it entirely from all PS3 consoles.

Enter fail0verflow

If the past three decades or so has taught us anything, it’s that hackers will rise to the challenge. The fail0verflow group didn’t disappoint. As anyone who hasn’t been in a cave the past three weeks can tell you, at the 2010 Chaos Computer Congress in Berlin, fail0verflow members gave a public presentation where they outlined how secure code signing – the PS3’s ability to determine if code running on the console was legitimate or not – could be spoofed.

The team had previously earned its stripes, having managed to defeat Wii’s code-signing process in order to allow homebrew software to run on the device. But PS3 was a much bigger catch. Unlike Wii (and Microsoft’s Xbox 360), the PS3’s layers of encryption on its hard drive and Blu-ray player – with the unfamiliar Cell’s chip’s architecture as gatekeeper – made it a tough cookie.

The stated reason for defeating PS3’s code-signing? To return Linux functionality to the machine. Judging by entries on fail0verflow’s twitter account that message isn’t necessarily getting through to some of their fans, with the group repeatedly stating they will not be working on software piracy tools.

Hotz, meanwhile, hadn’t been idle. By the end of the first week of the new year, Hotz had demonstrated homebrew applications running on Sony’s current 3.55 Firmware, and followed up by releasing tools that allowed homebrew makers to “sign” their files so they would be recognised as legitimate on the PS3.

The “P” word

The obvious knock on effect, one already in evidence, is that if PS3 can be fooled into running “homebrew” code as legitimate, it’s only a short jump for pirated software to be run in the same fashion. Would-be pirates materialised on all manner of homebrew and hacking sites, begging, pleading and in some cases demanding a convenient manner to enable pirated games to run on PS3.

For Sony, it’s a potential nightmare. Illicit copies of PlayStation 3 titles being able to be run on unmodified PS3 hardware is exactly the opposite of their pitch to content partners. Hardware “mods” to piracy are one thing – they need to be physically obtained and installed, they’re usually easy to detect by the platform holder once the user goes online, and there’s always the attendant risk of “bricking” several hundred dollars worth of kit . But a software-based hack – conveniently available, able to be updated with impunity to match whatever new Firmware Sony brings out – has the makings of a calamity.

Or does it? Wedbush analyst Michael Pachter told VG247 the financial hit will be short lived – if at all.

“I don’t cover Sony as a stock, but it seems that the potential monetary loss is very small,” he wrote. “Most people are not inclined to steal, and half of the market (at least) is well-regulated and won’t see meaningful erosion.

“At most, I’d guess that this will impact game sales by 5 percent while there is no solution, and as I am confident Sony will crack the code, I don’t see it as having lasting impact.”

Pachter’s comments – issued to VG247 prior to Sony serving papers on Hotz – predicted legal action, and also suggested the US, where Hotz and at least one of the fail0verflow defendants reside, is not the best place to be a hacker or pirate.

“Sony is pretty aggressive in pursuing legal remedies, and I expect them to keep piracy to a minimum in the US. It’s harder to accomplish in parts of Europe that have more relaxed regulation, so there is some potential that piracy will impact software sales there,” he said.

The analyst also noted that fail0verflow did Sony a favour by publicly exposing the exploit.

“Clearly, knowing about the threat before it materializes or contemporaneously is a better outcome for Sony than learning about it after millions of illegal downloads have been made; I think that Sony will quickly produce a software patch that adds another layer of DRM to PS3 games, and we will likely see a system update shortly,” he added.

Knock knock

Which brings us to the present – and Sony’s legal action. Hotz promptly published online copies of the three documents he has been served with – essentially orders that, if granted, would compel Hotz and his co-defendants to hand over any hardware or information about their PS3 code-signing defeats to Sony’s legal team.

As part of the legal filings, Sony has included a full transcript of the terms of use agreement PS3 owners are forced to agree to should they wish to use the system they paid for, an onerous document rarely read in full by consumers.

The short version is Sony wants to sue Hotz and failoverfl0w for modifying PS3 software, circumventing what they describe as the PS3’s TPM (“technological prevention measures”), and distributing the means to do so.

The actions of Hotz and fail0verflow, the legal document claims, are “knowing, deliberate, willful and in utter regard” of Sony’s rights. Sony also has to consider its relationships with third party software developers, who will be monitoring the situation closely.

“Yes, of course it impacts Sony’s relationship with third party content providers, as those people want assurances that they will be paid for their work,” said Pachter.

“That’s one key reason why Sony will move quickly to address the threat. I’m not sure that any third-party will stop supporting the PS3, which saw phenomenal software sales growth in 2010 and is expected to see further growth in 2011, but piracy affects all content providers.

“If Sony can’t stop the hack, yes, I think it will impact their relationship with all content providers in games, movies and music,” he concluded.

If Sony doesn’t want to get served with papers of its own, it needs to be seen to be protecting not only its own intellectual property, but also those of other companies putting their work on the PlayStation Network.

While Pachter may peg the hit of unchecked piracy at around 5 percent of game sales, PlayStation 3’s reputation is on the line. With EA head John Riccitiello on record stating his belief EA’s digital business will outsell their traditional boxed goods in 2011, Sony has to be seen to be making its best effort to secure the platform, even as hacking groups claim the cat’s out of the bag.

Whose rights are more at risk?

Though Sony wouldn’t be drawn to comment on specific questions, and US industry lobby group the Entertainment Software Association wasn’t prepared to speak on the record, the risks for the games industry are pretty clear: brand damage, the potential for lost sales, and the risk of competitors getting a leg up are the obvious ones.

What isn’t so clear is the rights of the individual consumer. When a team embarks on a systematic reverse engineering of complex technology, can it be called an an innocent hobbyist pursuit? Is “homebrew” just a nice camouflage for pirates to manoeuvre around, as some commentators have suggested?

The problem for users tweaking their game consoles, at least in comparison to the smartphone market, is the legalities are anything but clear. When Apple tried to outlaw jailbreaking on the iPhone under the auspices of the Digital Millennium Copyright Act (DMCA), it was rebuffed. The DMCA granted an exemption to iPhone users: you couldn’t be sued for jailbreaking your phone.

However no such exemption exists for the distributors of console jailbreaks, leaving people like Hotz potentially liable, although as consumer digital rights organisation the Electronic Frontiers Foundation has observed the mere act of distributing a jailbreak has to be accompanied by an infringement of some sort.

The papers served by Sony include exactly that: allegations of DMCA infringements, which could spell trouble if Hotz or his co-defendants go down the legal route of seeking an exemption for their activities.

EFF technical director Chris Palmer is empathetic to Hotz and fail0verflow’s predicament.

“No, there is no direct or necessary correlation between taking full ownership of hardware that you paid for and copyright infringement,” he told VG247.

“People want to run Linux, people want to run homebrew games, people want to add new features to all sorts of devices in this class. Such activity is legitimate, but unfortunately requires some hacking. It’d be better for everyone if console and other device manufacturers worked with their customers instead of against them. The same phenomenon occurs in the smartphone and DVR markets.”

Palmer’s EFF bio lists him as having worked for Google on Android’s security, as well as hacking “a wide variety of applications and platforms” as a security consultant. He has no problems at all believing fail0verflow’s motives were as stated – opening up the PS3 for Linux and homebrew use.

“The stated rationale is plausible: homebrew games and alternative, open operating systems are useful and fun on these machines.” he told VG247.

“As they state in their presentation, fail0verflow’s Homebrew Channel for the Wii has over 1 million users, which is 1 percent of the Wii userbase. Thus, a proportionally small (but large in absolute terms) number of users want the platform to be opened. And that’s just the portion of the user base that is willing and able to apply one of the hacks – if it were easier to open the device to alternative software, that number would likely be higher.”

Palmer believes console owners wanting to mess with their machines are largely in the clear.

“Hobbyist tinkering is always legitimate and there should be nothing illegal about it. People do and should have the fundamental right to tinker with their legally acquired property,” he wrote, before adding a caveat: ”Individuals have the responsibility to acquire their property legally, such as by paying for it; after that, it’s theirs – end of story.”

The convenience-popularity argument Palmer puts forward makes sense, but puts game developers in a potentially tight spot. If the easier the exploit is to enact, the more popular it becomes, the logical interpretation is not only that there will be a lot more homebrew fans making the change, but also people bypassing security for piracy reasons.

Just how much time and money should platform holders have to devote to security? Won’t there always be a fail0verflow or George Hotz, brilliant minds (misguided or not) who devote themselves to opening what is closed? Does the money spent on increasingly sophisticated protection mechanisms ultimately make paying gamers the real losers, forced to either jump through arcane copy protection hoops or use hardware with a featureset eroded by the expense of making the platform temporarily secure? Nobody seems fully satisfied with the current state of affairs, except for perhaps intellectual property lawyers and media outlets.

The final, long view

Perhaps the best perspective amongst the sea of hacker braggadocio, excited homebrew enthusiasts, grasping would-be pirates and waves of ominous legal missives comes from independent game developer Jonathan Blow.

The maker of Braid, currently working on The Witness, would much rather talk about the games themselves than pontificate about platform foibles, but when pressed to comment he suggested lost consumer rights around their devices could overshadow lost sales.

“I don’t like software piracy, and I do wish many fewer people would pirate games, and I would certainly like to sell more copies of my games if possible,” he told us.

“But if we start talking about a future in which all common computing devices are locked down – which is what we seem to be looking at, as the market shifts away from PCs toward tablets, and so on – then that is a worrisome future that may well be worse than rampant piracy.

“If there’s one thing I have learned on the business side as a developer, it’s that Sony, Microsoft, Apple, etc, are not my friends; they are especially [Emphasis Blow's own - Ed] not the friends of their customers.

“As a resident of the USA, I find the country to be alarmingly fascist in 2011, compared to the USA I was born in. I am not eager to push things further in that direction, even if it costs myself and other software developers money.”

Latest

19 Comments

  1. Rhythm

    What a fantastic summary of the situation. Love Blow’s comment at the end. EULAs aren’t worth a jot over here in Europe but in the US corporations are seemingly able to rewrite the law, one additional T&C at a time.

    #1 4 years ago
  2. Michael O’Connor

    Wait, this is the same guy who created blackra1n? I didn’t realise that was him.

    #2 4 years ago
  3. Justin Kranzl

    @2 Yep – one and the same.

    #3 4 years ago
  4. Deacon

    Great summary Justin!

    I don’t know whether these guys are truly all about the ego, or if they’re pinning their sights on a high-paid security job with one of the big three (as previously mentioned by George).

    They’ll obviously gain even more notoriety through this.

    Once I buy something I do whatever I can / want to with it. It’s mine. So technically I see no criminal activity here.

    Even though it’s merely a way of showing people how to get MORE out of the console THEY bought and own, I sure as hell wouldn’t stand out in front of Sony and tell people how to do it.

    But that’s mainly because I’m a bit of a pussy.

    #4 4 years ago
  5. KrazyKraut

    what is this braid guy talking about? Locked down devices…lol. The PS3 had just a protection. The PS3 main purpose is to play games. And you can play all games (US, EU, JAP). So this time there less restrictions for a game device. I have no problem with protections again piracy. Yes, the Linux removement was shit as hell.
    But what is he thinking what will happen now, when piracy will rise on the PS3? We, the customers are the real losers. And not because of Sony.

    #5 4 years ago
  6. SplatteredHouse

    “It’d be better for everyone if console and other device manufacturers worked with their customers instead of against them.” THIS. Countless times over. An enemy of my enemy, is my friend, perhaps?

    I just don’t get why “they” think they’re going to get anywhere without that approach, particularly with an active mod community, who would determinedly step in and do the work regardless (why not have the “mod” a feature, sanctioned and supported, and retain control whilst removing the majority of the tinkering urge from the situation) A mod has to have a purpose, so they don’t have to even include the desired functionality, merely remove the point of modding to that end, and they help stem the flow.

    If I understand correctly, something prompted Sony (existing exploit) to remove OtherOS. In that case, why didn’t a part of the hierarchy/community of hackers…Did they just dig too deep, and Sony threw up the barriers?

    Is there any culture of responsibility not to cause the platform holder to want to try to pull the rug from under the hackers, by pulling features, in the name of security?

    But then, there’s the motivations of the original hackers (the ones that learn, and put time in with the code). How often is their end goal to enable community requested features, denied by the platform holder? My guess is that they want to know their tech, that in this case, they don’t like Sony’s walls, and if something can be run, enabled to do so, they want to be able to run it on a machine they count that they own. But is that usually the end of it. What is the common motivation for these steps? :)
    Good article, absolutely.

    #6 4 years ago
  7. mojo

    nice writeup.
    blows comment is the shit!

    #7 4 years ago
  8. xino

    actually no one hinted hacking the PS3 via OtherOS. Sony assumed so, in fact used the excuse to get rid of it!

    I’m still saying: if Sony knew hackers can hack the ps3, why include it on ps3 in the first place for advertising?

    Good article man. Not as long as the Inafune interview though:P

    Sony should learn that if people buy a pS3, it’s their farking system! Sony do not own the right, they only own PSN right!

    #8 4 years ago
  9. MrBambinoDent

    I really hope GeoHot and all his likes are thrown into jail.
    They deserve it and I hate them.

    #9 4 years ago
  10. Psychotext

    Arguably one of the best articles on this subject on the internet right now.

    /applauds

    #10 4 years ago
  11. Aimless

    Good write up.

    I think it would have been worth mentioning the PS Jailbreak angle; as far as I’m aware without the access it granted things wouldn’t be where they are now, which raises several questions.

    #11 4 years ago
  12. Kuwabara

    o.4% or less would probably use the hack on the ps3, and less would pirate games. I wouldn’t risk it, but if i did, id only play pirated games id never have paid for.

    #12 4 years ago
  13. theevilaires

    I just wanted to see homebrew apps and features. I would never condone piracy because I actually love the games industry. Music and movies….yea go fuck yourself I don’t care.

    But this is what happens when you mess with the beast known as SONY. You get your ass handed to you. Mike Bowden and psychotext I hope you’re reading this as you two were at the fore front of trying to spread that the PS3 was hack all over the net first (making numerous threads and flaming the fires of the topic much).

    Now go spread the word that SONY strikes back! Still thinking about hacking your PS3 psychotext? :D

    #13 4 years ago
  14. Psychotext

    I already did it. Fairly painless procedure.

    Had a blast on a couple of apps / an emulator and then put the official firmware back on. Will do it again when something like XBMC gets released.

    Oh, and I think you’ll find that I never made a single thread on the subject. Not like you to get your facts wrong TEA… lol. BTW, are you suggesting that Sony are going to sue me for discussing the hack? I’d really like to see that… no, actually I’d LOVE to see it. Mostly by virtue of the fact that I don’t live in a country that has an arse backwards legal system.

    #14 4 years ago
  15. theevilaires

    Er no I wasn’t suggesting SONY suing you only that you went to a large amount of effort to troll those SONY topics of the PS3 being hacked. You post more in those threads than regular articles combined so far this year.

    and as for your tough guy act spare me the charm. Try doing that when SONY activates its ban hammer and sign in connected with hacked hardware oh fearless one.

    and besides I wouldn’t expect a euro to have the balls to show his face running the hack so hide behind your monitor. SONY knows everytime you log on and what you’re playing. I hope your precious XBMC is great enough to risk getting your PS3 disabled for good.

    #15 4 years ago
  16. Psychotext

    “I wasn’t suggesting SONY suing you only that you went to a large amount of effort to troll those SONY topics of the PS3 being hacked. ”

    Discussion = Trolling? I’ll keep that in mind.

    As for my “tough guy act”… the fuck? You asked if I was still interested, and I said I’d given it a blast. Do me a favour TEA, don’t bother asking me for my opinion in future if you don’t actually want it.

    Also, if Sony was to “disable” PS3s then they’d be facing a shitstorm. Disabling PSN, yes… but that’s a different story. I’d lose PSN for XBMC without a moment’s hesitation.

    #16 4 years ago
  17. theevilaires

    well folks you heard it from the horse’s mouth himself. I rest my case. No further questions your honor.

    #17 4 years ago
  18. Psychotext

    There’s something wrong in your head. Seek help.

    #18 4 years ago
  19. Mike

    Good work.

    “pontificate platform foibles” doesn’t sit well with me, but we’re all allowed one from time to time! :)

    Great summary.

    #19 4 years ago

Comments are now closed on this article.