Sony Loses The War On Piracy, Flees To Courtoom
Sony's attempts to prevent piracy on both the PS3 and PSP have taken a number of blows in recent weeks. Today, the company announced that it intends to sue the PS3 hacker GeoHot, who's been an increasingly large thorn in the company's side over the past 18 months. When Sony released the 3.21 firmware update that broke Other OS functionality, it was GeoHot who first demonstrated his own custom firmware running both 3.21 and Other OS simultaneously. For more information on the repercussions of Sony's decision and its anti-piracy efforts to that date, check our original coverage here.
Let's recap first. Last fall, Sony cut the price of its PSP Go from $249 to $199 in a purported attempt to boost the system's anemic sales. The PSP Go has a number of flaws when compared to the PSP, but the most significant is its inability to play UMD-based games. The PSP Go was designed without a UMD slot to make it harder to hack, but Sony was apparently unable to reconcile its desire to prevent piracy with the need to build a product people actually buy.
The PSP's mod kit in action. Unlike the PS3 modifications, the PSP Go's changes *were* intended to change what games people could play. On the other hand, it's Sony's fault the problem exists in the first place.
That's something of a moot point now. Less than two years after its launch, the PSP Go has been cracked and demonstrated running games previously available only to owners of a standard PSP. Exactly how the company will respond is unclear, but it's safe to assume it'll include a firmware update that once again prevents PSP Go owners from playing a compatible game they can legally purchase.
As for the PS3, the gates have split wide open. The group investigating the PS3, Fail0verflow, discovered a serious flaw in the algorithm used to generate the PS3's cryptographic keys. According to pytey, a member of the group, "The complete console is compromised - there is no recovery from this. This is as bad as it gets - someone is getting into serious trouble at Sony right now."
From Fail0verflow's presentation.
Step 2: Alienate your most technically proficient and hacker-friendly customer base: Penguinistas to arms!
According to pytey, this was the point at which Fail0verflow jumepd into the fray. "It became a valid target," pytey told BBC News. "That was the motivation for us to hack it. ...It was not trivial to do this."
In theory, the PS3 should never have been vulnerable to the attack method that's compromised it. At the most basic level, the system relies upon a master private key that's held by Sony to verify that any given console's firmware is legitimate/protected. Because this verification key is meant to incorporate a truly random number when generated, it should have taken millions of years to derive the master key by observing the public key used to verify the system. It should have worked—but Sony's signature software, which the company wrote itself, used a constant number rather than a random one.
The nature of the flaw makes it impossible to fix. Sony will undoubtedly claim to have 'fixed' the situation via firmware updates, but anything it tries will be the equivalent of surface repairs to a home with a broken foundation. Sony's only real option is to correct its algorithm and spin a new version of the PS3 that's designed to verify the correctly generated signature instead of the broken one. This is, at best, an imperfect solution and could cause major software problems. Even if it doesn't, there's no way for Sony to repair the 40 million-plus consoles its already sold. In the space of a few weeks, the company's entire antipiracy strategy has collapsed. Sony's response thus far has been to scurry into federal court to demand all copies of the relevant information be pulled offline; the company has apparently never heard of the "Streisand effect".
Step 4: The flawed public crypto key is what kills the system, but the other labels reflect other PS3 systems that have been independently hacked without using the flawed key.
It was inevitable that Sony would hurl every book it could find at the hackers in question, but it's not clear what the outcome will be. The individuals in question are on record as being strongly against piracy, they've painstakingly documented the flaws in the PS3's security systems, they aren't out for commercial gain, and they were working to restore functionality that existed when they purchased their consoles. When we covered the impact of killing Other OS last May, we concluded: "Even if the courts eventually rule Sony's removal of Other OS functionality doesn't constitute a breach of California law, there's still something to be said for not alienating a group of customers you openly courted just three years ago."
Them's words good enough to end on for a second time.
Let's recap first. Last fall, Sony cut the price of its PSP Go from $249 to $199 in a purported attempt to boost the system's anemic sales. The PSP Go has a number of flaws when compared to the PSP, but the most significant is its inability to play UMD-based games. The PSP Go was designed without a UMD slot to make it harder to hack, but Sony was apparently unable to reconcile its desire to prevent piracy with the need to build a product people actually buy.
The PSP's mod kit in action. Unlike the PS3 modifications, the PSP Go's changes *were* intended to change what games people could play. On the other hand, it's Sony's fault the problem exists in the first place.
That's something of a moot point now. Less than two years after its launch, the PSP Go has been cracked and demonstrated running games previously available only to owners of a standard PSP. Exactly how the company will respond is unclear, but it's safe to assume it'll include a firmware update that once again prevents PSP Go owners from playing a compatible game they can legally purchase.
As for the PS3, the gates have split wide open. The group investigating the PS3, Fail0verflow, discovered a serious flaw in the algorithm used to generate the PS3's cryptographic keys. According to pytey, a member of the group, "The complete console is compromised - there is no recovery from this. This is as bad as it gets - someone is getting into serious trouble at Sony right now."
From Fail0verflow's presentation.
GeoHot, aka George Hotz and Fail0verflow weren't formally working together. After viewing the latter's presentation, however, GeoHot was unable to crack and publish the PS3's master key. Both say they abhor piracy and were only interested in re-enabling Open OS and homebrew software. Hotz first announced he'd cracked the system in January of 2010, an event that prompted Sony to kill Other OS functionality altogether via firmware update.
Step 2: Alienate your most technically proficient and hacker-friendly customer base: Penguinistas to arms!
According to pytey, this was the point at which Fail0verflow jumepd into the fray. "It became a valid target," pytey told BBC News. "That was the motivation for us to hack it. ...It was not trivial to do this."
In theory, the PS3 should never have been vulnerable to the attack method that's compromised it. At the most basic level, the system relies upon a master private key that's held by Sony to verify that any given console's firmware is legitimate/protected. Because this verification key is meant to incorporate a truly random number when generated, it should have taken millions of years to derive the master key by observing the public key used to verify the system. It should have worked—but Sony's signature software, which the company wrote itself, used a constant number rather than a random one.
Step 3: Oops.
The nature of the flaw makes it impossible to fix. Sony will undoubtedly claim to have 'fixed' the situation via firmware updates, but anything it tries will be the equivalent of surface repairs to a home with a broken foundation. Sony's only real option is to correct its algorithm and spin a new version of the PS3 that's designed to verify the correctly generated signature instead of the broken one. This is, at best, an imperfect solution and could cause major software problems. Even if it doesn't, there's no way for Sony to repair the 40 million-plus consoles its already sold. In the space of a few weeks, the company's entire antipiracy strategy has collapsed. Sony's response thus far has been to scurry into federal court to demand all copies of the relevant information be pulled offline; the company has apparently never heard of the "Streisand effect".
Step 4: The flawed public crypto key is what kills the system, but the other labels reflect other PS3 systems that have been independently hacked without using the flawed key.
It was inevitable that Sony would hurl every book it could find at the hackers in question, but it's not clear what the outcome will be. The individuals in question are on record as being strongly against piracy, they've painstakingly documented the flaws in the PS3's security systems, they aren't out for commercial gain, and they were working to restore functionality that existed when they purchased their consoles. When we covered the impact of killing Other OS last May, we concluded: "Even if the courts eventually rule Sony's removal of Other OS functionality doesn't constitute a breach of California law, there's still something to be said for not alienating a group of customers you openly courted just three years ago."
Them's words good enough to end on for a second time.
