February 27th, 2011, 20:34 Posted By: wraggster
PS3's security has been hacked, potentially opening the door for pirate games, with huge implications for publishers, developers, retailers and the games we play.
The hack is said to be irreversible, with little Sony can do - but is it really the apocalyptic situation it first sounds? We dig deeper to unearth the history of the PS3 hack - and what it means for the future of your console.
Back in January 2010, hacker George Hotz hacked the PS3. He opened the door for homemade code on the PS3 with an exploit which relied on the PS3's OtherOS function.
Sony responded with Firmware 3.21, removing OtherOS from the console altogether. Sony's castle had been built strong enough to withstand attacks from everything hackers threw at it for almost five years but by removing OtherOS they drew the attention of hackers more capable than any who had attempted to break the PS3's security before.
Hotz abandoned work on the PS3 in July but one month later Australian modders released the PSJailbreak dongle - a USB stick which opened the Playstation to unsigned software and 'backup' copies of games.
Within weeks Sony had blocked sales of the original device and rendereded it useless by Firmware 3.42's security update. Sony had been here before. The PSP had been hacked with a simple exploit early in its life and the company learned a valuable lesson; PS3 was built to resist exploits.
PlayStation had modchips, the Dreamcast was easily broken without any hardware modification, PS2 was chipped, and the Xbox 360's disc drive firmware was altered so it couldn't tell the difference between a copied game and the real thing. Hacking happens, but not to the PS3.
Before Christmas 2010, every attempt to run homemade software on the PS3 had been an exploit or hack - tunnels beneath the castle's walls and ladders over them.
Then, at December's Chaos Computer Conference, the hacker group failOverflow publicly demonstrated homebrew code running on PS3 without modification or exploitation.
Two years earlier the team had hacked the Wii with intentions of using it to run homebrew code but the PS3 was a far bigger catch.
Their route through PS3's security took them straight in the front door. The team were able to overflow PS3's bootup and nose around, where they soon found Sony's signing keys freely available on the system.
Enter George 'Geohot' Hotz, picking up where failOverflow left off and releasing the Metldr rootkey to the public - keys which encrypt every piece of code running on PS3 and let the console know the code is authorised by Sony.
With PS3 now unable to tell the difference between what's real and what's not, hacker KaKaRoTo made the first custom firmware for PS3 on January 4 to allow installation of homebrew files without the need for a jailbreak.
Hotz followed up two days later with his own custom firmware, adding extra functions for coders and PS3 users, and made it public. Hotz's firmware installs via Sony's usual update process from an ordinary memory stick.
Emulators and apps developed for the earlier PSJailbreak were soon up and running but backup loaders were locked out. The stated aim by both Fail0verflow and George Hotz was to restore Linux functionality to PS3.
Piracy requires a full 'level two' hack that gets you into the GameOS - something Hotz excluded from the custom firmware to prohibit pirates from running copied games.
However, hacker Riku.kh3ran worked around that and ran a backup copy of Castlevania: LOS straight from the hard drive, modifying the game's main executable to make the PS3 treat it like a legit PSN game.
God of War 3, Heavy Rain, Killzone 2, Hot Pursuit, and others soon followed. Sony's official response was brief. "We are aware of this, and are currently looking into it" they said, in a statement.
"We will fix the issues through network updates, but because this is a security issue we are not able to provide you with any more details."
Their response, according to hackers, is optimistic. "The complete console is compromised" explained failOverflow member Pytey to the BBC, "There is no recovery from this."
If you change the lock on your front door every existing key stops working; if Sony were to change the PS3's rootkey, every existing game on PS3 would stop working. It is, without question, the most catastrophic security failure in video game history.
On January 12 Sony launched their lawsuit against Hotz and the failOverflow team, suing the hackers for modifying Sony's software, circumventing PS3's protection, and distributing the means to do it.
If granted, the orders would force the hackers to hand over all tools and information to Sony's legal team, but it's not yet clear whether hackers have even broken the law.
Apple tried to stop hackers jailbreaking the iPhone and were blocked by US courts. The American Digital Millenium Copyright Act makes it illegal for a user to circumvent a company's protection on their electronic devices, but an exception was made for phones after Apple's case.
There's no similar exception for games consoles; with their new case Sony will either close or open the door to homebrew console developers and will change the way you can use the games consoles you've paid for.
Why? It's about your right as a consumer to use the product you bought in whatever way you please, and it's an argument about the sanctity of online gaming on a platform which was designed to be closed.
It's an argument about who owns the device you bought and just who is allowed to develop software for it, and an argument about whether publishers will even want to support a truly open console platform.
Just one day after Sony's lawsuit, failOverflow released all their tools and documentation to the public, effectively rendering Sony's legal claim and restraining orders moot.
The case against Hotz is stuck in legal limbo while US courts try to make up their mind about whether the New Jersey resident can be tried in California as Sony would like.
All the while, the hacking continues. On January 17 Wii hacker Waninkoko released a custom firmware of his own but bricked a few 60GB consoles in the process.
Hours later hacker Wutangrza followed it with firmware which does the same job without the bricking, and hours after that Kmeaw released a better firmware with complete backup support
What next? Well, the genie's not going back in the bottle, but Sony could attempt to ban pirates from PSN, preventing purchases and online play.
While the hack's significant, it's still far from accessible for the average gamer, so don't expect game sales to fall off a cliff just yet. With the situation still in the balance, it's currently hard to gauge its impact - but the battle for PS3's security should prove fascinating.
The biggest early developments will come from programmers working on devious stuff while the legit software waits for the open SDK to mature, but when it does, the PS3 could become the best bang-for-your-buck under-TV media box ever made.
When Microsoft's original Xbox was modchipped the development scene moved quickly to support it with tools, media players, emulators, and homemade games. Xbox Media Centre was a fully featured media player and operating system which would play just about anything.
It could stream video from your PC, had a built-in ISO loader for running "backups", and could snatch news, trailers, radio, and video straight off the internet. XBMC is the best frontend you could ever use for an under-TV Home Theatre PC.
HTPCs are expensive, but since the PC version of XBMC happily runs on Windows or Linux it's not impossible to imagine the program returning to consoles. A PS3 version could rip your Blu Rays to HDD and run them at the touch of a button, and would support every kind of codec used in the PC space.
Emulation is a grey issue, but so long as you own the original game you're entitled to emulate it. If you still have copies of Donkey Kong Country and Super Mario World in your SNES collection you can run those ROMS in the PS3 port of the famous SNES9X emulator. The emulators themselves aren't illegal.
Of course, there's the dark side to the argument. The PS3 is already happily booting modified copies of PS3 games straight from hard drive and cheaters are already ruining PSN's most popular shooters.
With a custom firmware and a backup loader you'll be able to borrow or download any game and copy it straight to the system. Don't listen to anyone who says "PS3 games are too big to download"; most PS3 games are developed with the PC as the lead platform and are optimised for one DVD.
If you're a pirate you're almost certainly already enjoying commercial-free HD TV and all the free music your ears can handle. Future developments in the PS3 scene will ensure you can stream MKV Blu Ray rips straight from your PC to your PS3 and turn your console into an all-in-one media box.
Emulators will mean almost every game ever made will eventually be made playable on PS3. Homebrew developers emulated everything from the SNES to the N64 on the original Xbox, with only the machine's puny 700 Mhz processor holding them back.
The PS3 is a beast of a console and will happily emulate everything from the ZX Spectrum to the latest MAME-supported arcade games. Don't expect it to emulate the Gamecube or Dreamcast, mind. Until devs implement server-side cheat detection you'll be able to run hacks in online games. See through walls! Have infinite ammo! Oh dear.
For more information and downloads, click here!
There are 3 comments - Join In and Discuss Here