Sony Has Lost the PS3 Hacking War

YokimaSun writes "Sony may have dealt a major blow to the PSjailbreak sellers, but the release last week of PSGroove, an open source version of the hack, has now opened the floodgates of ports to mobile phones such as the Nokia N900 and Palm Pre. The final kick in the teeth is that a port of the exploit has been released by Waninkoko of Wii custom firmware fame for the Dingoo Handheld, which is a homebrew console that is very popular amongst emulation fans. It makes you smile that you can use one homebrew console to hack another to get homebrew on that console. Awesome." pudge notes that you can apparently do the same with a TI-84 Plus graphing calculator (YouTube video).

Lost the war?

[socsoc]

Maybe this battle was a loss, but as long as Song can force firmware updates, the war is far from over.

There's aslo an iOS version being made that'll run from a jailbroken iPhone.

Shame it had to come to this...

[cesman]

It has been years since I owned a console (Turbografx 16), after reading about the power of the Cell, I wanted to get a PS3. Not just for games but for Linux! However it turned out one couldn't full harness the power of the PS3 with Linux. So, I didn't get one. Thru the years, I'd check and see if any breakthrus were made or if Sony changed their stance. Well, with the release of the Slim models, the stance changed all right.

Since I own a N900 (Great hardware, great OS, great community! Nokia however is frustrating.) and seeing the release of PSFreedom was interesting to say the least. However at the moment all one can do is backup one's games. While it will be interesting to watch what happens in the homebrew scene, where does that leave those like myself that would want to do something legitimate with the PS3?

In my case, for years I've wanted to port KnoppMyth (now LinHES) to the PS3. Now, it seems that things maybe falling in place that would allow that. However thanks to corporate decisions and the law (DMCA), I probably won't be able to do so. Talk about crippling innovation.

Re:Ridiculous submission

[Anonymous Coward]

You underestimate the consequences of this. To do anything exotic you would need to change the shellcode to launch your own unsigned bootloader instead of tricking the Sony system software into thinking we have a Jig; but if you do, you have complete control.

With more development, you could fake it perfectly - the PS3's own security capabilities (that were used to such effect in the OtherOS hypervisor that needed a hardware glitch to even come close to breaking) can also be used against it, to stealth DNAS and firmware updates and make any changes we like to the running code, undetectably.

An SPU in security mode is latched off the bus so that the CPU and other SPUs can't tamper with it. DNAS has to blindly trust it is running signed code - and that trust root is now gone, because if it isn't, and it lies, it lies convincingly. This is a design flaw in the trust root of Sony's DNAS ("Dynamic Network Authentication System") DRM - which actually encompasses the entire corpus of copy protection technologies on the PS3, including the clock (really), code signing, anti-cheat, disc authentication, rental timeouts (hence the clock), online store, update signing, (some) peripheral authentication, region lockouts (where enabled), console/disc unique IDs, Blu-Ray ROM-Mark, AACS and BD+ - and it's (of course) a fundamentally unfixable one. Once you've cracked the eggshell (so to speak), it's easier to root the PS3 on an ongoing basis than it is (say) the Xenon.

Plus, you now have complete firmware dumps for all components available without decapping, so you could maybe extend that hack to any future versions by simply finding new bugs in those dumps. This is the beginning, not the end, but it's the breakthrough that was being waited for, the one hole that opens the floodgates.

And let's face it, by being assholes and removing advertised features like OtherOS (and, I suppose, PS2 compatibility when the software is fully capable of it), Sony had it coming.

Re:The only thing Waninkoko is famous for...

[marcansoft]

Even worse, he's directly responsible for bricking hundreds of consoles due to shoddy code (his "custom updater" and "custom downgrader" saga; at one point running one of his tools bricked your console 100% of the time) and generally speaking hasn't made any contributions to homebrew, instead opting to cobble together pieces of homebrew code to make pirac^H^H^H^H^Hbackup tools, often without following the licences.

He's only jumping on the PS3 bandwagon to get some attention, which is something he loves. If he ever releases anything halfway meaningful for the PS3, I can pretty much guarantee it'll be a port or simple combination of existing tools in a slightly more "marketable" way, with a "healthy" dose of his sponsor's logos, as his Wii releases always have been.

True story: he released his USB loader about 20-30 days after someone actually wrote a high-speed USB driver, which was the final piece of the puzzle. For kicks, after his announcement but before the release, I proceeded to independently create an equivalent USB loader, to gauge how much work had to go into it. ~200 lines of code and 6 hours, not counting time spent writing a silly menu and slapping in logos.

Great.

[TheCount22]

Great can I have Linux on my PS3 now?

Now that Sony has lost maybe they can give me back the features I PAID FOR.

Thanks.

Re:Banned from PSN...

[Nikker]

If I can pick up a PS3 for $299CDN and use is as a HTPC, screw games. If after it's hacked I can play one out of 1000 games then I'm cool with that. The slim ones look cool enough have ethernet, HDMI and other jacks and most HTPC's will set you back $400+ from scratch (especially if you want a decent looking case). So if they get access to the GPU then I'll get one and the PSN will never get a ping from me.

Re:It does make homebrew *possible*.

[pecosdave]

I'm not sure what side of the pond you're on, but here in the U.S. about the only legitimate way to use an iPhone is not only to buy into Apple's hubris, but to buy into AT&T's also. Many people jailbreak iPhones so they can use T-Mobile or some other carrier, and from all reports I've heard they're better off for doing it.

Re:Sony won the war

[Belial6]

I don't know, I have a stack of Wii games, and I don't own a single PS3 game. In fact, as I look through my library of literally over a thousand original console games, a good 90% of the games were purchased for systems that had been hacked. Maybe I am really that unique of a human being... Somehow I doubt it though.

Re:Naturally, the usual OMGWTFPIRACY folks arrive.

[hedwards]

You mean it adds back functionality that they used to include with the PS3. Don't forget that they have removed functionality from recent firmware editions as a response to the threat to their exclusivity. And the latest report is that the next firmware update is going to disable the USB ports. Sony has learned very little from getting clobbered over that rootkit they installed on computers as DRM.

Re:It does make homebrew *possible*.

[marcansoft]

There is no "cheap" Cell SDK that is usable for the PSJailbreak. It allows booting apps... that were compiled using the leaked official SDK (much like the "Backup Manager" that they offer was). There are no libraries in existence currently that would enable people to compile for the PS3 using GCC and the like, and the PSJailbreak also does not allow reinstatement of Other OS because they blew their chance at incorporating that functionality into the dongle, and it can't be done using purely application software.

There probably will be legit homebrew for the PS3 at some stage, but the PSJailbreak is certainly more about piracy than anything else.

Re:It does make homebrew *possible*.

[magnusrex1280]

Because people who jailbreak iPhones are clearly doing it to pirate software, whereas that would never happen on the PS3.

No. Myself, and many of my iPhone-using friends have jailbroken their phones. All of my friends that have done so, have done it to use their iPhones on networks other than AT&T, and to run open-source apps they download from Cydia and other services. There is no pirating involved. Based on word of mouth, and the fact that Cydia and other services are so popular and have so much development activity, it looks like most other people who jailbreak their iPhones are *also* doing it for these purposes. I don't even know how you actually pirate software from the App Store.

Re:It does make homebrew *possible*.

[Nursie]

Sorry, what the hell?

Technically - it's using a flaw in the system to be able to run unsigned code, it's almost identical to an iPhone jailbreak.

Practically - It's just been announced in the last couple of weeks, so there's no SDK yet, let alone a software "scene"

Morally? what are you smoking? It's exactly the fscking same deal.

Re:pc piracy rates are the problem

[julesh]

While there is piracy on the consoles it isn't like the pc where most of the people playing the games aren't paying for them.

Yes. But until now, piracy on consoles has required hardware modifications, or at least unauthorized firmware updates that have a non-zero chance of bricking your console. This is now changing. IUIC, this hack allows you to run pirate games without modifying your console, just by hooking an external device (that large numbers of people already have) up to its USB port.

That is to say, unlike previous hacks, this is a no-risk, no-cost hack that doesn't invalidate your warranty. Uptake is going to be *much* higher.

Re:Lost the war?

[halfaperson]

Sony cannot force anyone to plug an ethernet cable into their ps3. Sure, they can exclude you from PSN, but a lot of us aren't really into online play anyway.