The 'Final' Sony PS3 Hack

from the our-hardware-our-rules dept

Sony's awesome freakout over folks "hacking" their PS3 product to return the functionality they originally advertised, but then retroactively took away, has been a long and often times hilarious saga. That said, all that freaking out occurred when the PS3 was still in its prime. Now that the console, while still the latest generation of Sony gaming console on the market, is clearly in its twilight years, it will be interesting to see how they react to what Sophos is reporting -- the Playstation 3 being "hacked for good".
The PS3 has been hacked before, but Sony was able to inhibit the hack with an update to its own firmware. This is much like the history of jailbreaking on Apple's iOS, where hackers typically uncover a security vulnerability and exploit it, whereupon Apple patches the hole and suppresses the jailbreak.
But the latest PS3 break is being dubbed unpatchable and the final hack. That's because this hack isn't giving you an exploit to use against a programming hole. It's giving you Sony's so-called LV0 (level zero) cryptographic keys.
If true, the war is over and Sony lost. Hacker collective, the Three Musketeers, reportedly figured this all out some time ago, but now the LV0 keys have been leaked and it's open season on jailbreaking your PS3 (assuming you're technical enough to implement it). And, while it would be very easy to sit back and comment gleefully on the wonderful spirit of curiosity that propels this kind of work, and to likewise point out the futility of stopping people from tinkering with the products they legally bought, I find a different point more compelling.

Quite simply, this war that Sony lost did not need to be fought. They advertised a feature and it was only the subsequent and unilateral removal of that feature, which many customers very much wanted, that created all of this controversy. Without that removal, how much litigation money does Sony save? Without being anti-consumer, how much ill-will do they avoid? And all of that to fight a battle that, not only did they lose, but that they had to know they were overwhelmingly likely to lose over the long haul. Sophos touches on this point in hoping for a different approach in the future.
Let's hope, when the PS4 comes out, that Sony will give up on trying to lock out jailbreakers permanently, and instead provide a way for those who want to run alternative software to do so in official safety.
When King Cnut famously ordered the tide back and failed, he wasn't an arrogant absolute ruler trying to show off. He knew he would fail, and thereby demonstrated that to hold back the tide was impossible - and, in any case, unnecessary - even for a king.
Once I got done snickering at the name King Cnut, I found the analogy perfectly fitting. Hopefully Sony will avoid this war entirely the next go around, though with their track record, I won't be holding my breath.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    Hephaestus (profile), Oct 25th, 2012 @ 8:35pm

    "And all of that to fight a battle that, not only did they lose, but that they had to know they were overwhelmingly likely to lose over the long haul. "

    What is with the "And" at the beginning of your sentences?

    Also, when you run a company, what occurs is you think your every move is correct, even when it is not. That is what happened.

    ,,,, ;)

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    fogbugzd (profile), Oct 25th, 2012 @ 8:48pm

    Piracy paranoia was at its zenith when Sony decided to prohibit hacking. The massive hit to Sony's reputation and bottom line was one of many costs the big media companies have paid in their futile war on piracy.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      That Anonymous Coward (profile), Oct 25th, 2012 @ 9:36pm

      Re:

      They got portions of the community to accept this cat and mouse game by pointing out some people were running bots and aim helpers etc. So it was all about stopping the cheaters.

      Much like the fervor that was generated the 21 times ( http://attrition.org/security/rant/sony_aka_sownage.html )they were hacked. People screamed for the hackers blood and threatened harm because a gaming site was down, that they had to change their amazon and fb passwords and it was hard. There was very little anger at Sony for running a system that was EASILY infiltrated with known bugs time after time after time... etc. Even after the major hacks of their sites, they did NOTHING to audit their networks.

      The other OS feature was an attempt at bypassing a tax, that failed. Some people used it to "cheat" in an online game, rather than find the those cheaters and kick them, the opted to just remove the feature for everyone. Rather than allow people to keep the feature, they basically made it mandatory because newer games demanded newer firmwares be loaded to be played. So it was waste money on a game that was now an unreturnable coaster, no warning on the box, or give up the feature.

      People still fail to comprehend that while the hackers did take down the network and get account details, it is very possible they were not the first to do so. The details of the very wide security holes had been posted for Sony to see and it was cheaper to ignore than to fix.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        ltlw0lf (profile), Oct 26th, 2012 @ 4:59pm

        Re: Re:

        There was very little anger at Sony for running a system that was EASILY infiltrated with known bugs time after time after time... etc. Even after the major hacks of their sites, they did NOTHING to audit their networks.

        Oh, it was worse than that. They fired their administrators six months before the hacks started, since they felt they were paying them too much, bringing in replacements who didn't have a clue as to what they were doing, and then wondered why the hacks were successful when their replacement admins hadn't patched the systems in 6 months. A friend of mine was an administrator at Sony, who was let go. Then, after they were hacked, Sony called pleading with him and the others they had fired to come back and fix the problem. As far as he knew, nobody came back (he didn't, because he was already 5 months into a new, much better job.)

        And Sony still hasn't learned apparently, since no sooner did they have their systems back up when a security researcher informed them that their passwords were able to be hacked. The company is all about short term greed at the expense of all other things, including their customers, which is why I'll never buy anything from them ever again.

         

        reply to this | link to this | view in chronology ]

  •  
    icon
    Chronno S. Trigger (profile), Oct 25th, 2012 @ 8:48pm

    Obvious Outcome

    In a war with thousands of hackers working for free on one side and a few dozen professionals on the other, who do you think is going to win?

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    vegetaman (profile), Oct 25th, 2012 @ 9:10pm

    Well...

    Well, I guess using a LV0 key is at least better than storing your user's data in plain text... *cough*

    Apparently they like their hardware platform more than they care about their customer's data, lol.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      That Anonymous Coward (profile), Oct 25th, 2012 @ 11:58pm

      Re: Well...

      There is money in making sure you sell more discs vs the lack of damages you'll have to pay out to consumers you screwed.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    G Thompson (profile), Oct 25th, 2012 @ 9:26pm

    For a product that is over 4 yrs old and at it's end of life (PS4 out in less than a year supposedly) and its only now for the keys to be reverse engineered, is a major security and technical accomplishment no matter what you think of Sony's bullshit practices of removing marketed features [oops.. there's my opinion ;) ].

    So hats off to the team who designed the system in the first place.

    As for the keys themselves what I find fascinating is this information from Eurogamer.net
    So just how did LV0 come to be released at all? The original hackers who first found the master key - calling themselves "The Three Tuskateers" - apparently sat on its discovery for some time. However, the information leaked and ended up being the means by which a new Chinese hacking outfit - dubbed "BlueDiskCFW" planned to charge for and release new custom firmware updates. To stop these people profiteering from their work, the "Muskateers" released the LV0 key and within 24 hours, a free CFW update was released.

    "You can be sure that if it wouldn't have been for this leak, this key would never have seen the light of day, only the fear of our work being used by others to make money out of it has forced us to release this now," a statement from the hacker group says.
    Disclaimer: I am have been running otherOS on two PS3's for years (and yes they are classified as hacked now) as part of my business and am quite intrigued at this development.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      That Anonymous Coward (profile), Oct 25th, 2012 @ 9:41pm

      Re:

      Despite the laughable claims of the industry, most hackers aren't trying to steal bajillions of dollars.

      We have seen this time and time again, a group finds a hack and sits on it slowly exploring and tinkering. Someone else gets hold of it and thinks about how to make money and the original or another group then releases it into the wild to stop anyone profiting.

      It is about the exploration and tinkering, not making piles of cash. They fastest way to get many people to do something is to tell them not to.

      Imagine how much better the system could have been had they worked WITH the hackers rather than against them.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        G Thompson (profile), Oct 25th, 2012 @ 10:15pm

        Re: Re:

        Exactly!
        Reverse engineering (cracking) something and tinkering with it till you know it better than what the original manufacturer does and then seeing what it's true potential is nirvana to any good engineer!

        Nearly every innovation with the exception of the true 'new inventions' (eg: teflon, penicillin, dynamite, velcro (have been because people saw something... wanted to know how it worked.. reverse engineered it and then improved upon it.

         

        reply to this | link to this | view in chronology ]

      •  
        icon
        The eejit (profile), Oct 25th, 2012 @ 11:43pm

        Re: Re:

        I'm actually reminded of the film National Treasure. The Three Musketeers are kind of like Nicholas Cage's character (who simply wants to find the treasure) and Sean Bean's character (who wants to sell it.

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Oct 26th, 2012 @ 6:33am

        Re: Re:

        Honestly, you are perfectly correct. If they would of worked with graf_chokolo, fail0verflow, geohot, etc in the very beginning and allowed access to the graphics engine on the linux side, I doubt that many people would of even attempted to hack the system in the first place.

         

        reply to this | link to this | view in chronology ]

    •  
      identicon
      DCX2, Oct 25th, 2012 @ 9:53pm

      Re:

      It's a little wrong to look at the total life cycle of the PS3. The hackers only really attacked the PS3 in earnest once OtherOS was removed. OtherOS was removed in April, 2010. It's now October, 2012. That's a period of 18 months, which is about in line with how long it took to hack other consoles.

      The take home point is that allowing homebrew is the best way to keep pirates off your system, because the pirates almost always depend on the real hackers to do the heavy lifting, and the real hackers don't like enabling piracy.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        G Thompson (profile), Oct 25th, 2012 @ 10:07pm

        Re: Re:

        The PS3 has been analysed for reverse engineering since it first came out, though admittedly it was very much ramped up after the GeoHot debacle. GeoHot and others had been looking at the system for a long time previously.

        And yes Homebrew and allowing your system to be used for legal purposes in whatever method is the only way to go (Microsoft figured that out with Kinect and look at it now compared to PSMove).

        The XBOX though not hacked within 18 months was problematic nearly instantly due to CD duplication being very very easy. The same with the Wii. though Sony did have an ace up it's sleeve with copying due to it's usage of BlueRay and the rarity of blueray duplicators "in the wild' at the time.

        To me I use the OtherOS PS3's as *nix boxes with some proprietary software on one for analysis purposes and was the prime reason for purchasing them at the time (they were the fastest and most cost effective solution).

         

        reply to this | link to this | view in chronology ]

      •  
        icon
        That Anonymous Coward (profile), Oct 25th, 2012 @ 11:35pm

        Re: Re:

        Just because there wasn't media hype about it, doesn't mean it didn't happen.
        There are very few devices out there that some group of tinkerers somewhere isn't toying with.

        After OtherOS they became more vocal and open in their exploration, the stated goal time and time again was to bring back OtherOS and Sony stuck their fingers in their ears going LALALALALALALA Burned Copy Pirates & Game Cheaters!!!!

         

        reply to this | link to this | view in chronology ]

    •  
      identicon
      anon, Oct 25th, 2012 @ 10:34pm

      Re:

      I think that Sony realised there sales have tanked, not many people want a PS3 most all those that wanted one have one, I suspect this is a way to revitalise the ps3 and possibly have a few more sales than they would have had otherwise,possibly to make a last few dollars of the old console before releasing the new one. I would not be surprised if this was the case.

      All i am looking for is a safe way to hack my xbox 360 cos my discs are getting damaged from use and i think i should have the ability to back them up.And that for once is a real reason i want a hack, not to cheat or pirate, just to stop having to buy the kids new discs for games i have already bought for them.
      And if there is a hack i hope it is something simple that cannot be detected by MS something that will allow online gameplay and all the extras that go with it. The fact that MS charges for online play is seriously fubor.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        That Anonymous Coward (profile), Oct 25th, 2012 @ 11:39pm

        Re: Re:

        One would think with all of the "rights" they claim to have over items you purchased, we should have the right to have discs replaced for free as a trade off.

        Its never a sale its a license, until it might cost them a dollar. They avoided talking about some Xbox's eating discs left and right, trying to avoid any responsibility that might mean having to make sure their customers can do anything other than buy another copy.

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          anonymousgamer, Oct 26th, 2012 @ 1:23am

          Re: Re: Re:

          Have you heard latest? Game makers want to have a system where used games are no longer an option. They want to make it so your disc is licensed to our Console. if you sell game to gamestop and another person buys it, all they get is a demo. This is being considered because game makers dont make money on resales. Here is my idea to them. Make licenses transferable if you do this. Charge transfer fee, problem solved. If this does happen, we serious gamers are going to want a hack to circumvent this BS idea.

           

          reply to this | link to this | view in chronology ]

          •  
            icon
            That Anonymous Coward (profile), Oct 26th, 2012 @ 2:56am

            Re: Re: Re: Re:

            They have been trying things like this for a while, they are jumping up and down angry that resellers are making money they is "owed" to the developers.

            They have added in one use codes in games, so they can sell a new code.

            I have an even better idea...
            How about they lower the price of the game, sell more, and stop whining about the used market.

            They just see other people making money, decide they deserve it more, and try to screw everyone to "win".
            See Google vs Short sighted newspapers.

             

            reply to this | link to this | view in chronology ]

    •  
      icon
      Vincent Clement (profile), Oct 26th, 2012 @ 4:34pm

      Re:

      Make that 6 years old on Nov 11.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 25th, 2012 @ 9:47pm

    Sony brought some pretty bad Ill-will which started off this hacking fiasco anyways. In fact Vita has a hack out. Its a far lesser one but someone will eventually get to ones that will be scary for Sony.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 25th, 2012 @ 10:12pm

    Hopefully Sony will avoid this war entirely the next go around, though with their track record...

    Not bloody likely. This is the same company who distributed rootkits on music CDs. They'll chalk this down as a success and make a point of renting out thousands of PS4s to the stupid schmucks still throwing money their way.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      anon, Oct 25th, 2012 @ 10:36pm

      Re:

      ps4 will not sell that well, many people were burnt with the linux ability being removed and other things they did, if anything i think a lot of serious gamers will avoid the ps4

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        anonymousgamer, Oct 26th, 2012 @ 1:13am

        Re: Re:

        Serious gamers are very excited for ps4 and new ms machine. Serious gamers buy both major consoles to play the exclusives for both. Money is not an issue to a serious gamer. Gamers only cared about the hacking for 2 reasons:
        1: thought that cheaters would become more prevalent, so they were upset.
        2: etwor

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          anonymousgamer, Oct 26th, 2012 @ 1:15am

          Re: Re: Re:

          2: network downtime.

          Serious gamers only care that they can get online and compete, and that they aren't being cheated.

           

          reply to this | link to this | view in chronology ]

        •  
          icon
          That One Guy (profile), Oct 26th, 2012 @ 1:29am

          Re: Re: Re:

          If being a 'serious gamer' means being willing to throw money at a company that has proven time and time again it holds it's customers in contempt, and cares more about profit than the well being of said customers... then that is a title I will more certainly be happy to do without.

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Oct 26th, 2012 @ 8:56am

            Re: Re: Re: Re:

            then that is a title I will more certainly be happy to do without

            My sentiment exactly. I'm no longer a "serious" gamer, more like an "oldschool" gamer. I was gaming before the jocks were doing it.

             

            reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 18th, 2013 @ 5:12pm

          Re: Re: Re:

          serious gamers play on the PC -.0

           

          reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Oct 25th, 2012 @ 11:05pm

      Re:

      Those rootkits are why I haven't bought a Sony *anything* since they pulled that stunt. A company that declares war on my hardware will find me returning the favor.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Oct 26th, 2012 @ 12:42am

      Re:

      Oddly enough, out_of_the_ass will interpret this as some comeuppance for Masnick because in out_of_the_ass_world, Masnick supportz t3h corporations and t3h corporations r t3h suxxorz and out_of_the_ass has schooled everyone.

      And then he'll go on to say how everyone deserves to be rootkited because piracy kills puppies or something...

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        Niall (profile), Oct 26th, 2012 @ 3:06am

        Re: Re:

        Ah, but 'Masnick' only 'supports' corporations when they are 'Big Search' or 'Big Tech' or anyone who the 'Big Content' (Control) industry deems is 'against' them. If Mike supported a media company in anything, Out_of_the_Average_Bob would just scream 'hypocrisy' or whatever they could twist into an automatic attack on him. Doubly so if Mike didn't even write the post!

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 26th, 2012 @ 3:33am

    like so many other industries and producers of whatever, they have this inbuilt need to control what people can do with their legally purchased items. had Sony used their brains and not removed the function of 'the other OS', the hacking of the console would have been on the back burner, they, like so many other companies, are their own worse enemies and deserve all the wrath they get from customers. the only industries that insist that a customer doesn't buy their products but simply buys a license to be able to use them are the entertainment industries. nothing else people buy prevents them from doing what they want with it or gives them just the right to use it. voiding the warranty is the only thing that a customer may lose. on top of which, what other purchased item does a person have to get permission from the original producer so the item can be sold on? why should the original producer be paid again for something just because it is resold? eventually, the original price (eg $50) could become $500, simply because it was sold multiple times. this whole issue has become a total mess and it's about time it had a stop put to it!!

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    CaitlinP (profile), Oct 26th, 2012 @ 8:10am

    Not a Surprise

    They shouldn't have removed the feature in the first place. They should have had a group dedicated to hunting down the cheaters. If they didn't want to do that, they could have asked the players to do it. Most people are more than happy to tattle on those who tried to cheat the system.

    Same with the used game issues. Why don't they just form a contract with used game sellers so that they make a profit for every used game sold? There. Problem solved. Of course, they could always just make the games $20 cheaper. $50 is expensive for a new console game, and I'm barely willing to pay $40 for a handheld game. The prices are kind of insane. Especially since there are so many $50 or $40 games that are complete trash.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Travis, Oct 26th, 2012 @ 9:15am

    Much too much sense

    Lowering pricing to a more reasonable price range would make too much sense for these businesses. If they started selling games at a more achievable price range for the average household, say $20-30 they would sell far more volume and probably make even more profit.

    Keeping pricing over $50 ensures people buy fewer games, pirate more of them. Or wait until the price has dropped so abysmally low there's no profit to be made from them at all.

    How do they even run a business with this kind of losing business practice?

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Laroquod (profile), Oct 26th, 2012 @ 10:43am

    "Let's hope, when the PS4 comes out, that Sony will give up on trying to lock out jailbreakers..."

    Bwahahahaha! Er... sorry. Yes. Let's hope. Excuse me I have to wipe the tears out of my eyes.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    John Swanson, Oct 27th, 2012 @ 2:18am

    Sony PS3

    Our family purchased Sony PS3 Game Console to play movies recorded on blue ray media and upconvertion for movies recorded on DVD media. Sony PS3 can process 2.7 teraflops.

    Sony PS3 is export-controlled under Japanese law. Perhaps Sony was concerned about alternative millitary uses of product and export restrictions. Sony PS3 Game Consoles are manufactured in China.

    Are Sony PS3 Game Consoles in use by Chinese military?

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Ninja (profile), Oct 29th, 2012 @ 6:51am

    Oh Good, now that the prices are fair and I actually own the hardware and can do whatever I want to it I'll buy.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Archer, Oct 30th, 2012 @ 6:58am

    $ony is a money losing corporation...

    Travis - $ony for the last 4 -5 years has been losing a lot of money. They have been in the red, and they will NOT survive if this continues like this for the next few years. If the PS4 is a flop, it is game over for $ony...

    Who runs that company anyways? Its days are numbered, that is for sure. Another "Research In Motion" company in the news...

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Random Person, Nov 7th, 2012 @ 9:48pm

    If you prohibit something people are more likely to do it like smoke weed. But if you promote it it will dramatically reduce the chances of it happening.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    noobtube, Dec 10th, 2012 @ 3:34am

    who hacked the ps3 lolz

    the ps3 was not hacked or exploited until some sony worker in the factory leaked the dongle used to put the ps3 into factory mode that is when it all started before that their was nothing sure their was some java bugs allowing you to play snes games in the xmb but that was it

    it was the leak of the factory mode dongle that started the whole thing not Geohot and not anyone else its funny how noobs give geohot the credit when in fact it was some chinese guy working in a sony factory

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Mike, Jan 4th, 2013 @ 2:29pm

    Hello

    Very good article, good Sony hacks :)

    MechWarrior Hack

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Motherfuker, Feb 24th, 2013 @ 8:29pm

    Motherfuker stfu

    Motherfuker all ya r gamefreaks all ya play 2 much lazey fuckerz

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Mar 26th, 2013 @ 7:34pm

    eat a dick

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    6URF8O, Nov 12th, 2013 @ 3:35am

    'UI'PK:

    TYUIOP;LKJHGF

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This