PSP Firmware Downgrader Released

roka writes "SonyxTeam has just released a downgrader for the PSP using the toc2rta 2.0 overflow in libtiff. This has been tested and found working by PSP news sites. This is basically opening all sold models of the PSP to homebrew applications and will boost homebrew software development for Sony's handheld."

Arrr!!

[lasmith05 (578697)]

I smell pirating goodness for all. :) I think its amazing how fast this downgrader came out after the buffer overflow was discovered in the photo section. Simply Amazing.

Re:Arrr!!

[Ravag3 (226941)]

I'd say Yarrr!! Monkey Island for PSP here we come!

Go on admit it.

[reality-bytes (119275)]

Admit it.

Now we're all just waiting for Sony to thow it's Intellectual Property Toys out of the pram and let the attack dogs (lawyers) loose.

A sorry state of affairs.

Re:Go on admit it.

[Pig Hogger (10379)]

Now we're all just waiting for Sony to thow it's Intellectual Property Toys out of the pram and let the attack dogs (lawyers) loose.

No need for that, thanks to the slashdot effect.

Re:Go on admit it.

[InvalidError (771317)]

It is only an overflow bug in a library, Sony will certainly patch it in the near future and the PSP will become increasingly tougher to crack open.

AFAIK, the PSP is the first major proprietary system with user-uppgradable firmware. In any case, the 1.00-2.00 trend indicates that Sony does not intend to let the PSP remain crackable indefinitely if it can do something about it... and fixing the exploit sounds like minimal effort.

I am betting that the PSP firmware and/or SDK has provisions for triggering automatic firmware upgrades when a disc containing a newer valid firmware is first loaded. Throw in firmware signature checks in new games and this either makes PSP hobbyists lives increasingly less convenient or forces them to choose between hobby and running Y2K6+ games.

Sony is in the business for profits... and profits come from title licenses for commercial PSP media. To get media endorsement for the PSP, Sony has to demonstrate that the media and platform are a perfect lock-in solution. Exploits like these un-upgrade hacks put a dent in Sony's PSP lock-in desires so they need to be ironed out to make content providers happy and keep the license money flowing in.

Does it suck? Yes. But that is how this particular business model works.

Re:Go on admit it.

[sabernet (751826)]

Need to correct you on something:

  The PSP games will never update the firmware automatically or their warranty offices will get a shitload of bricked units. Firmwares require AC power to be connected for a reason, you don't want your battery going out during flashing.

However, many newer games require a certain version of firmware to run. Currently, you can trick these by using software that modifies the flash to show a different version number. However, eventually, games will start looking for unique encrypted firmware features. There are teams already working on making newer firmwares run over the current ones to allow access to features not available on your flash. There is already a firmware emulator that allows someone to load up 1.0, 1.51 or 1.52 firmwares on a 1.5 PSP

However, I'm optimistic that an exploit will eventually be found that will use something the PSP requires to keep older games functional.

Never piss off the hackers, they always win:)

Hmm the next thing to do will be

[Solr_Flare (844465)]

Create a program that does all the downgrading and re-upgrading behind the scenes to allow full homebrew use but keep it all transparant to the user.

Finally!

[Spy der Mann (805235)]

This is the first time a buffer overflow is used for non-evil purposes.

*SIGH* Wish all the hackers out there were like this guy.

Re:Finally!

[Fjornir (516960)]

Er. I guess you missed the xbox buffer overflows used for the same purpose?

Re:and the PS2 and the Gamecube

[arodland (127775)]

When booting a PSX disc, the PS2 reads a file from the memory card for some silly purpose like providing icons for memory card files. As it turns out, the code that reads that file is vulnerable to a buffer overflow, and if exploited properly it allows one to execute any arbitrary ELF code stored on the memory card, the effect of which you can easily imagine.

Re:Finally!

[EggyToast (858951)]

Well, if by non-evil purposes you mean "Allow people to play bootleg ROMs of games they downloaded off the internet on their PSP."

I don't think people are excited over the ability to play various asteroids clones [edepot.com] on their PSP. Oh, maybe they're holding out for that killer homebrew Blackjack game, or they're really hoping they can downgrade their version to play Pong with their $250 device.

No, I think pretty much everyone just wants to run emulators of NES, SNES, and Genesis games for free.

Re:Finally!

[EggyToast (858951)]

I don't see how that's flamebait. I visit video game forums all the time, and never once have I met someone who actually wants to play homebrew games on the PSP -- they're talking about homebrew for emulators. A visit to any PSP development site pretty much confirms that the development exists for emulation, not actual new content, as the emulation sections are huge, with constant updates, while the "games" sections usually consist of a basic line game that serves little more than a proof of concept.

Re:Finally!

[The Grey Clone (770110)]

I'm half way through reading Phantom of the Opera on my PSP using a homebrew app. I've got something close to 40 out-of-copyright books that I've been reading via PSPReader, ranging from War of the Worlds to a rather large collection of Shakespeare plays, all that fit just fine on the PSPs screen.

Now, the PSP isn't the best thing to read on, but as long as the room is rather well lit, I avoid headaches/eyestrain and it's not that much different than reading from an actual book.

There is some benefit to the

Re:Finally!

[slapout (93640)]

Don't forget that games whose source have been released (like Quake) can also be ported too. These people [feetoffury.com] wrote a commerical game for the Dreamcast using homebrew tools. (See Question #10 of their faq for more details.)

Re:Finally!

[alan_dershowitz (586542)]

Actually, it's not the first time. When Texas Instruments released the TI-92, it only came programmable with a crappy version of BASIC. Then, some hackers figured out that if you used an overly large firmware image with their system restore tool, you could insert instructions into the calculator that let you execute arbitrary code on it. Someone built a hook that let you upload your own assembler instructions, and TI-92 homebrew took off.

The hack was so popular that Texas Instruments ended up releasing an assembler application so that people didn't have to hack their calculators to run their own custom code.

Different market, different situration

[MMaestro (585010)]

Texas Instruments sells their TI- calculators at a profit with little intention of making a profit on the accessories (the only thing you ever need to buy in its lifetime are batteries).

Sony sells the PSP at a huge loss (the fancy screen and marketing blitz couldn't have been cheap) and is designed to make up losses with PSP movie sales and PSP game sales. Neither of which have amounted to anything (yet).

Unless Texas Instruments launches their own 'Virtual Boy', they're pretty much the Nintendo of professional, high quality calculators. Don't expect double digit percentage growth, but constant and consistant growth. Sony on the other hand is already in the ditch. Yes they've made some headway into the market, but so did the Game Gear (arguably the Gameboy's strongest competitor) as did the Neo Geo Pocket/Color and they both lost, horribly for the latter.

The PSP isn't going to go anywhere if it just pushes itself with homebrewed software. It needs games. Badly. Movies are nice, but the DVD versions blow PSP versions out of the water. Sony needs to stop bashing Nintendo and give Sony fanboys something substancial to bash Nintendo.

PSP reign supreme?

[Eric(b0mb)Dennis (629047)]

Will this seal the PSP as THE homebrew enthusiasts handheld platform?

"homebrew software development " ?

[by Anonymous Coward]

Is "homebrew software development" the new euphemism for "piracy"? You know, how 99.99% of everyone who got mod chips for their ps2 and xbox was just so they could "run linux" ?

Re:"homebrew software development " ?

[bonk (13623)]

The 'homebrew software development' that people seem most intersted in are emulators.

Re:"homebrew software development " ?

[Dachannien (617929)]

Is "homebrew software development" the new euphemism for "piracy"? You know, how 99.99% of everyone who got mod chips for their ps2 and xbox was just so they could "run linux" ?

"Homebrew software development" is about making legal use of the technology we pay for. Piracy is just along for the ride.

It's sort of like how you can kill someone with a hammer. Murder-by-hammer is already illegal, but that doesn't mean that hammers should be encumbered by use management technology that both prevents homicides and blocks you from using nails made by someone other than the hammer manufacturer.

Re:"homebrew software development " ?

[quinxy (788909)]

Woah, that's not an accurate analogy. Because hammers are generally used for the purposes of construction rather than for illegal purposes. And that's an important point, at least practically speaking, and as the laws appear to often be applied. The right analogy would be about bongs/water pipes. Many states outlaw them outright because they are considered drug paraphernalia, because while they "can" be used for smoking tobacco, they rarely are. Other states allow their sale and the stores which sell them claim they are intended for tobacco use only, but of course, they know they will not be used that way. Anyway... not saying which is right. Just saying that is at least the right analogy, IMHO.

Quincy

Re:"homebrew software development " ?

[Dachannien (617929)]

The point is that safety devices can be removed or disabled, and they otherwise don't prevent you from making legal use of the tools to which they are attached. Not so in the electronic world, evidently, as these "safety devices" have the added bonus function of permanently restricting the legitimate uses of the tool.

If you buy a CD, do you have the right upload it to a torrent and obliterate the music marketplace?

No, of course not. And such activity is already illegal - there is no need for an additional

Re:"homebrew software development " ?

[rdewalt (13105)]

I'm not going to lie that there aren't pirated psp games out there. But I look at my psp. VNC Client, a text reader, sudoku, pspCalendar

I've even dabbled in coding for it myself.

I would gladly pay a reasonable amount of money, for a "Homebrew Compiler".

Look at bittorrent. Same arguments. "Look at all the piracy it supports!!!!*fap*" meanwhile, its legitimatized.

People will -always- pirate software. This isn't something that can be solved. I paid for my PSP with my honestly earned money. If I want to

Re:"homebrew software development " ?

[millennial (830897)]

I currently have 6 full-size games on my 512MB stick.

IT MUST BE STOPPED

[s388 (910768)]

consumers increasing the value of the products they've purchased? tailoring them to their own sinister ends? i predict massive retaliation.

and the best kind of retaliation! fruitless retaliation.

gg.

Re:IT MUST BE STOPPED

[interiot (50685)]

Like.. with vegetables?

No, far far more sinister. Retaliation... with meat [hatsofmeat.com]!

How long till they patch

[Brianech (791070)]

It didn't take long until they patched 1.50. This has been an ongoing process. They will patch the overflow, make the next gen of game require the patched update (Although there is a loader that fakes the psp's firmware). All this means is that everyone who buys a PSP up until the next firmware starts hitting the market will be able to run homebrew, and we will hear whining from all the 2.X people about being locked out of the homebrew scene. But its good news for a little while!

Long awaited

[Sv-Manowar (772313)]

At last, a second chance for those who upgraded their original 1.0 firmware and instantly regretted doing it once the homebrew hacks were discovered. This hack comes at a much better time for enthusiasts to benefit and make use of the hack, if they desire, before Sony patch the hole (not to mention leaving a large number of PSP's out there on the available market running a hackable firmware..). Of course all this would be moot if Sony would just embrace the developer community surrounding the PSP and support it appropriately, instead of them having to go to these lengths.

Re:Long awaited

[Brianech (791070)]

I use to feel that way about homebrew, BUT now that there are decent working ISO loaders out there, and memory sticks large enough to handle full games, or atleast decent rips, it is very understandable why Sony wants to stomp out these problems. If they found a way to somehow prevent images from working, then there would be no reason to fear hoembrew. Problem is, if you can run pong, you can run a loader...

The best part of the article is the credits...

[HotNeedleOfInquiry (598897)]

"Who we would like to give greetings: Every people devlopping on psp or making the psp scene going further, psp-spot for at least releasing the true side of alonetrio's story, maxconsole.com for their reliable news, killerx for his kxploit, the real founder of the 2.0 overflow (that isn't toc2rta)...

Who we say Fuck to: Alonetrio and what remains of the WAB team, Artik from SPAXXX, Toc2rta lamerz and especially Niacin (as they stole the 2.0 overflow discovery from a pspupdate's forum member) and released crappy code like a useless kernel dumper), Cpasjuste who said Yoshi is a liar but whose main hobby his to steal code form others. Any people who joined toc2rta, People who said shit about Yoshihiro or blamed him, people claiming we had to release the downgrader to them as they owned that priviledge, and people who forgot that devs have a life.

now you have the proof Yoshihiro knows to code and doesn't code shit !

The next one who will say shot about him or any respectable devlopper will get my kick on his ass.

To Those PSP V2.0 Owners who have Downgraded

[by Anonymous Coward]

Welcome to the world of Homebrew and Emulation on the PSP, theres emulators for most of the popular systems and nearly 150 games, demos, multimedia and apps for the PSP Emulation and Homebrew scenes, the 2 sites to visit to get all of these are http://psp-news.dcemu.co.uk/ [dcemu.co.uk] & http://psp-archive.de/ [psp-archive.de] Be sure to pay em a visit One quick comment i hope Sony havent noticed that a certain PSP site (pspupdates) are hosting the firmware file which im sure is illegal, oh well its up to them i supose. Thanks to Yoshihiro and JohnMPH for this great release :)

Maybe I should be more assertive...

[Brandon K (888791)]

Perhaps including a disclaimer like this with all my programs would help reduce the criticism:

The next one who will say shot about him or any respectable devlopper will get my kick on his ass.

I like it!

s/SonyxTeam/MPH/

[roka (211127)]

I learned from Skylark who was part of the downgrade developing group that SonyxTeam was NOT involved in the creation of this downgrade AT ALL. Instead MPH did released it.

Sorry for messing up, please update the story for I don't think SonyxTeam's name deserves to be mentioned in the news :(

Waiting for the GP2X.

[OpenGLFan (56206)]

Yes, I know it's less powerful and less sexy, but I'm still waiting for a GP2X. Should be cheaper and DESIGNED to run my own programs. I write silly little games for my laptop (not worthy to be sourceforged, mostly about the level of addictive flash games), and I want to write silly little games to play on the shuttle bus to campus. And I want to run other people's silly little games and Yar's Revenge, which I bought Back in the Day and feel no urge to buy again.

ALL LIES

[millennial (830897)]

According to PSPUpdates [pspupdates.com], SonyXTeam has NOTHING to do with this. It is the sole creation of Team MPH.
SonyXTeam is comprised of former members of Team WAB, a group that conned hundreds of people out of their money.
WAB said that they would be releasing a downgrader on September 1, and opened up a Paypal account for donations.
Then members of WAB claimed to have been arrested, and they claimed that their hard drive crashed. If anyone came on their IRC server and asked about the downgrader, they were kicked off. Then the team split up, and the "main coder" of the supposed downgrader went over to SonyXTeam.
This coder, Yoshihiro, is well known throughout the XBox scene as a fake who stole the code of others and claimed it as his own. He is doing the same thing here with the real downgrader.

SonyXteam Confirmed to be Liars

[brakken (607726)]

Yoshi, the ex-member of WAB who recently got kicked out for mischievous activities including stealing money in a PayPal SCAM and ripping off code from other authors now states on his new page that he created the PSP v2.0 Downgrader with MPH and that MPH simply "forgot" to include that in the readme. With his past history and apparent lack of ability to spell correctly I highly doubt that he had anything to do with this downgrader, but until MPH responds or if they don't respond we'll know who is telling the truth or not. UPDATE: MPH has just spent some time online and didn't mention a single word about Yoshi's involvement. Guess Yoshi is trying to take credit for something he had no part in afterall. UPDATE: www.wab.com the group Yoshi was kicked out of has an information article about Yoshi and the fact that he didn't have anything to do with the downgrader.

I've tried it - it works

[Dark Paladin (116525)]

I tried it about an hour ago, and it works. Scary procedure, as I:

1. Upgraded to 2.0 firmware from 1.5.
2. Installed the downloader.
3. Ran the downloader - the PSP had a weird screen. It wouldn't shut down, and just showed a screen of garbled text. I wound up having to take out the battery.
4. Put the battery back in, and turned it on. From here, I could run the 1.5 firmware installer. It went to 99% and failed. I had to take out the battery out again to reboot, and it came up fine.

So, a success. Now, there are only 3 PSP games I want to play, and one comes out next month, the other two over six months - and odds are, 2 out of 3 of those games will be made for a 2.01 firmware that removed this exploit. (Which is why the DS has 6 games coming out, two in this week alone, that I want to play, so there's a trade off.)

homebrew.....

[KillShill (877105)]

homebrew != arbitrary code execution.

and remember, each purchased unit belongs wholly and solely to you. you own the chips inside the machine, you own the lcd screen, you own the interconnects, you own the speakers, you own the right to fully access each of them.

calling it "homebrew" does a disservice to the property rights "movement". it makes it sound like you have no business using and programming the chips you paid good money for.

Arbitrary Code Execution, ACE.

using technical means to prevent you using your own property is a crime in my book.

and no, "business model" is no excuse in removing your lawful rights in using your own property any way you wish. sell it for 3 times as much but leave my access alone. i want it to make it illegal to rent products but call it buying. if you want people to have limited access, call it renting and then set prices accordingly. if you want to sell items outright, then behave accordingly. the problem is, they want the benefits of selling with the benefits of renting. that's a commerce no no not to mention unethical and immoral.

please don't use the word "homebrew" or if you feel you must, at least give it some thought each time you do.... see if it matches up with the world you want to live in. words have a lot of power... use it wisely.

Re:Sony should be happy

[PhoenixFlare (319467)]

How many people are really using this stuff, vs. the total user base?

The mainstream market isn't even aware hacks like this exist (much less where to find or how to use them), for the most part.

Re:Sony should be happy

[lasmith05 (578697)]

This is very true. A few months ago I started seeing a lot of used psps being sold on sites like craigslist.com. The ones I contacted about why they were selling their psps basically said that games/movies were pretty expensive.

Re:Sony should be happy

[Pantero Blanco (792776)]

Yeah, but are any people NOT going to buy a PSP because of homebrewing? The benefit isn't great, but I don't see any damage.

Re:Sony should be happy

[PhoenixFlare (319467)]

The benefit isn't great, but I don't see any damage.

If people are hacking the hardware and using free/semi-free/illegal homebrew software, they're not buying the "real" games. If you can explain how that would not lead to lower profits for Sony, i'd love to hear it.

Re:Sony should be happy

[Grym (725290)]

If people are hacking the hardware and using free/semi-free/illegal homebrew software, they're not buying the "real" games. If you can explain how that would not lead to lower profits for Sony, i'd love to hear it.

Easy. Make it marginally difficult to mod so that only those interested pursue it.

Now, what happens? A minority of people dedicated to doing so hack the PSP (don't fool yourself, this was going to happen anyway). The less you harass them, the more these people rant and rave on every G3 Atta

Re:Sony should be happy

[crasher35 (787091)]

Not true. I've had a Dreamcast since it launched, I've been downloading and burning homebrews for it since I've discovered them, yet I still loved and played the "real" games (when they were making them). The homebrews just gave more funciton to my Dreamcast, but it didn't replace the games.

Re:Sony should be happy

[supabeast! (84658)]

"The mainstream market isn't even aware hacks like this exist (much less where to find or how to use them), for the most part."

They aren't aware YET, and Sony doesn't want them to be aware ever. Unlike Nintendo's cartridge-based portable systems, on which loading homebrewed and pirated games requires special equipment that is being banned in the US and Western Europe as fast as it is created, once the details are worked out people will have little to no trouble burning PSP discs or booting games and watchin

Re:Sony should be happy

[Aspasia13 (700702)]

But Sony probably loses money on PSP base hardware sales. Their profit is in the sale of games and licenced accessories. The PSP (or GBA, or any of the consoles out there) don't make money for the company that makes them. They make their money from game sales. They charge a royalty on each game sold. So anything distributed outside that business model doesn't benefit them (homebrew apps) or is a penalty to them (pirated software).

So if someone bought the PSP just to use homebrew apps then Sony actually eith

Re:Sony should be happy

[poot_rootbeer (188613)]

It may make it easier to emulate a GameBoy Color and play pirated ROMs from ten years ago on your PSP, but I don't think Sony really has much to worry about from that.

Pirating PSP games isn't going to be feasible unless you own a UMD fabrication plant, or have a large supply of 1GB Memory Sticks.

Re:People Pay for Content!

[xwizbt (513040)]

What if they release hardware at a loss, hoping you'll pay for other software?

Weird business model, granted, but it's worked in the past...

Re:People Pay for Content!

[AuMatar (183847)]

THats their choice. Its a gamble, they're betting I'll buy enough games to make it worth their while. I'm still paying for the hardware, and should still have the right to do with it as I wish. If they don't like it, too bad, its mine. Don't complain about losing money, it was your choice to sell it that low.

And I'm not sure the PSP is losing money, given its high price point.

Re:I hate to mention this, but

[bitkari (195639)]

as far as piracy of UMD games goes, well that is one of the more boring uses of an 'unlocked' PSP.

the PSP is a rather nice piece of hardware, and you'd be amazed at the stuff that people have got running on it - much more than just 'homebrew pong'.

there are of course the multitude of emulators, so you can have your favourite 8-bit microcomputer, or home console with you on the bus. there is already a good implementation of the SCUMM Virtual Machine, so you can play all (well, most) of your favourite Lucasarts graphic adventures, there's a passable Doom engine running on it, a really promising LUA implementation, DOSBOX, and a zillion other things that are under development right this minute.

slashdot is not condoning piracy with this post, they are simply highlighting the truly creative use of computing hardware - a concept that warms the cockles of many slashdotters!