That Sony is a company known for its rather… Unfortunate stance towards DRM and copyright infringement should come as no surprise to anyone, after they more or less crippled the MiniDisc format with DRM, installed rootkits on users’ machines, and started removing features from the PlayStation 3. That last one doesn’t seem to end well: George Hotz, the famous iPhone hacker and the first to crack the PS3’s security, has vowed to bring Linux support back to the PS3.
Only yesterday the news hit the web that an upcoming firmware update from Sony will remove the “Install other OS” feature of the PlayStation 3, a feature which allowed geeks, nerds, and researchers to install Linux on the Cell-powered device. While this feature most certainly isn’t high on most people’s priority lists, it’s still an advertised feature that is now being retroactively removed.
No, that PlayStation 3 isn’t yours. You may have given Sony money, but that’s it. This is how we do in the modern world, baby.
While Sony claims it’s about “security concerns”, we all know what it’s really about: protecting the rights of content providers – since they are way more important than you, the lousy customer. The security in the PlayStation 3 was finally cracked this January, and it seems this is Sony’s response.
However, that very same hacker has now vowed to combat Sony’s update. First, though, he expressed his disgust at Sony’s intentions. “What security concerns?,” he wonders, “It’s not like the exploit can be run even close to without the users knowledge. You have to open the fucking thing up. How could this harm users? Your blog post doesn’t list positive reasons for upgrading like I think most users expect. Instead it lists things you will lose if you don’t upgrade. Seriously?”
This isn’t the first thing Sony has removed from the PlayStation 3’s feature list. While Japanese and US models of the PS3 had hardware emulation for PS2 games, the European version had to settle for a less-compatible software version – PS2 support was removed altogether with the third generation PS3. SACD playback support also fell victim to Sony’s feature removal police at around the same time.
While Hotz had promised not to involve himself with custom firmware, he now no longer believes he has much of a choice. “A note to people interested in the exploit and retaining OtherOS support, DO NOT UPDATE,” he warns, “When 3.21 comes out, I will look into a safe way of updating to retain OtherOS support, perhaps something like Hellcat’s Recovery Flasher. I never intended to touch CFW, but if that’s how you want to play…”
“This is about more than this feature right now,” he continues, “It’s about whether these companies have the right to take away advertised features from a product you purchased. Imagine if an exploit were found in Safari on the iPhone, but instead of fixing it, Apple decides to pull web browsing altogether. Legally, they may be within their right to do so, but we have to show them it’s the wrong move for the future of the product and the company.”
How very early-Jobs-and-Wozniakian of him, but it’s hard to disagree with him. Sony’s behaviour here is despicable, and the company needs to know that. Owners of the fat PlayStation 3 have had this feature advertised to them, and as such, they are entitled to it. I hope the PR ramifications of this move will be massive, hurting the company. This kind of stuff – like Apple’s approach to jailbreaking iPhones – should not be possible.
Interestingly, this reaction is exactly what Sony tried to avoid with the Linux feature. Hackers these days are very enthusiastic and insistent when it comes to the task of bringing a Linux system on *any* kind of hardware. And gaming consoles are especially interesting to them due to their capabilities and perceived financial gain (as the hardware prizes are subsidized).
The linux-on-the-console hacking however nearly always opens the door for game piracy. It is the same as with DeCSS for DVDs. It was wrote to enable Linux playback, and used to copy disks.
With a tightly controlled vendor offer of Linux, Sony was quite successful on distracting hackers from the task of cracking the console. However, the Linux experience was just one bit too frustrating, it was far too crippled. So eventually they could not evade the hacking.
Still, it saved them several crucial years. Now as their strategy doesn’t work out anymore, there is no purpose in their Linux offer for them anymore. So they quit it.
Yeah, I can see why they did it, but that’s still not a valid excuse in my opinion.
In the Netherlands this is illegal, in the sense that you will (should) be allowed to declare the purchase agreement null and void should you choose so, because there’s no match between supply and acceptance (freely translated). The Dutch law requires that if a supplier states a certain feature of a product he has to deliver it.
I am aware that Sony has written something about this in their EULA, but that kind of article is sort-of blacklisted, which means that you can declare it null and void at any time.
It says that the terms of usage (eula) any agreement can be declared null and void at will if:
a. the other party is denied a claim on a feature that has been promised by the supplier
Again, freely translated, I really suck at translating legislative text.
Edited 2010-03-30 18:33 UTC
Similar legislature exists in Germany. The question is on what availability you can expect from the service provider. A low availability may be acceptable under specific circumstances and it may also be the case that the consumer should not expect availability after the warranty period.
So it is not 100% clear and a case-by-case thing. Still it is important that customers are aware of their rights.
“No, that PlayStation 3 isn’t yours. You may have given Sony money, but that’s it. This is how we do in the modern world, baby.”
Yes, you do own your PS3. What you don’t own is Sony’s developers, servers, software, services, etc. They don’t *owe* you particular features or services outside that which is contractually obligated. If you want to use PSN, etc. you have to go by their rules. Unless there was some breaking of contract (which I’m sure there isn’t) then they’ve done nothing illegitimate.
Of course they shouldn’t be able to stop people from using their box as they desire either. If CFW is released or a substitute PSN created Sony shouldn’t be able to use government to stop you.
Edited 2010-03-30 18:25 UTC
The thing is they are disabling features on your PS3 not on their servers. And they are doing it by “forcing” firmware update, because if you don’t update your PS3 firmware you won’t be able to use on-line services.
Edited 2010-03-30 19:24 UTC
First of all I think everybody should strongly denounce and opponent the artificial crippling of features, being it legal or not.
Second, the PS3 was advertised with a specific feature set. It includes the PSN services as well as the Install Other OS feature. If you make the consumer choose between them _after_ the purchase, you are not holding up to your claims on the product. There may very well be the possibility for legal action.
Edited 2010-03-30 19:45 UTC
This is complete nonsense.
You buy the hardware with certain specifications so your the owner.
You can do what ever you want with it. If you’d create your own firmware it would be completely legal to put it on the is device.
You’re confused with renting a product. That is indeed not yours. The advantage in this case with renting would be that you can cancel the contract right away as the changed the contract.
When you rent a product you’re never the owner.
The more you tighten your grip, Sony, the more hackers will slip through your fingers.
It has taken a long time and many iterations, but corporations are winning the DRM war for games.
The Xbox only made one stupid mistake to trust the DVD drive.
On a new Xbox you cannot install Linux PERIOD. Crackers aren’t able to enable Linux. The DRM is too strong.
The PS3 has even tighter control and so far not even a single game has been pirated.
And from the looks of it Ubisofts new online-DRM seems to work well for them. Assassins creed does not really work with a crack (it runs one level, but you can’t advance to the next). I haven’t seen copies of Settlers 7 anywhere.
So my guess is that next generation consoles will have in-CPU DRM that will be really hard to crack, just like the PS3 + a few new tricks. PC games from major publishers will only work in a hybrid online-mode where parts of the game are only online (maybe even encrypted). Cracking such a game is 1000x the work it used to be.
Nothing is impossible, but some things are so close that it will take more time than the products are on the market.
Pirating will be a lot lot harder in the 2010s.
Edited 2010-03-30 22:27 UTC
And the Wii out sells both of them, combined, where it is much easier to pirate.
The Wii is a hyperadvanced etch-a-sketch. Fun for 10 minutes, until you realise that people play games to relax and unwind, not to look like an idiot waving your arms in the air using a controller with a response delay of ten seconds.
The Wii wholly unimpressed me. It was fun as a gimmick for a few hours, but the novelty quickly wore off. It’s probably very well suited for casual gamers that want to play the same ten minigames over and over again, but to get any serious gaming done (Dragon Age, Fallout 3, Left 4 Dead, etc.), you’ll need a big boy console.
I won^aEURTMt disagree with you there, but the Wii is practically a PSX compared to a PS3, and it^aEURTMs whooping Sony^aEURTMs ass. Sony are doing a pretty good job of alienating their user base. Today is no exception.
While I agree that Sony is probably less friendly by far than Apple, Microsoft, or Nintendo, none of these companies are saints.
Nintendo has also used a heavy hand with homebrew after it appeared, but their security, like their hardware, is simply much less powerful.
See: http://wiibrew.org/wiki/System_Menu_4.2
People don’t realize that Nintendo was far worse than Sony back in the day. It took (guess who) Sony and the success of the PSX and PS2 to humble them. Especially after they screwed Sony on the SNES add-on.
Nintendo’s success comes from focusing on what they did best back in the day, focus on family oriented games and gimmicky controls (remember the power glove?). Its what made them successful in the 80’s and its what is making them successful now. However at some point the cycle begins again. They are already showing signs of hubris and they will get knocked down regardless of how popular they are now.
Yeah, it’s not like you can play CoD Modern Warfare on it… oh wait…
Seriously, I’m sick of all the Wii-dissing. Sure, it doesn’t have the sheer processing power of the other consoles. And some developers haven’t been taking it or its install-base seriously. But there are mature games for the Wii, games that have depth. And the motion controls and lightgun work very well in giving you a more immersive experience. You can better imagine you’re a US sniper in 1940s Italy when you’re actually pointing a gun-like apparatus at the Nazis, as opposed to sitting on the couch twiddling your thumbs.
Yes you can play a ps2-era looking version of Modern Warfare. Just don’t let yourself play MW2 on a 50″ plasma and it will seem OK.
No I feel like I’m playing last-gen 480p games with a projecter pointer that has been hacked into a controller.
There’s a hell of a lot more to the Wii than just the gimmicky Wii Sports and Wii Sports Resorts. Maybe you should spend more than 2 minutes wandering down the Wii aisle at the local game store.
Wow, FP shooters, whoopy. Every single one is the same. You don’t want gimmicky and then go on about systems that have 1 game … done 17,000 different ways.
Sorry its the good old waiting game. Once the firmware is under direct attack any flaw in the firmware will equal exploit of the DRM again. All MS did was by themselves some time. Nothing more. New boot is no mapped yet so weaknesses are not fully known. The old exploit point has been removed.
Remember once they find an exploit all systems that can load that code become unlocked.
Each attack they block the strong the counters become.
The other thing you have to take into account is the power of desktop machines is also increasing. So the power to attempt to take on code signing is also coming.
in-cpu drm is not a solution reason the more complex it is forced the worse performing the cpu becomes its a losing battle. Online yes is a solution. As long as user has direct access to the hardware breach is possible online removes that issue.
PS3 has never been firmware attacked. Simple point here Linux teams have the resources to put into attacking the firmware of the system. System crackers don’t have the resources to put into it.
PSP you do see cracked games for by the way. Linux was not allowed to run their. Pirated games on consoles are directly linked to Linux developers have motivation to go looking for flaws. If yes you will have pirated games because stuff they find in their research will make it possible. Looking for weaknesses exposed the xbox360 drive flaw. Game pirates did not find the weakness.
You miss something important. To counter free60 project the xbox360 risks bricking itself. The time to breach firmware of a device is getting less. The people in the Linux world doing it are getting more and more skilled. As well as more of them.
Now lets say they move the firmware inside the cpu. Yes possible. The result is now if a console bricks itself there is no possibility of restoring that console. Remember JTAG attacks now being used are the exact same path you use to restore a bricked console back to life. To prevent JTAG from being used you have to remove it Ie the anti bricking system destroyed basically.
So JTAG paths are designed to bipass large sections of the DRM system. They have to be. How else can you bring system back to life after a bad update that has screwed the DRM up. Resetting the DRM always has to be possible unless you want to loss a lot of consoles.
The attackers have moved on from game cracking to going direct.
So far they have not found the direct programming path into the xbox360 cpu with how to use it. Its only a matter of time. Particularly thinking MS action has forced them to look more in that direction so they cannot be locked out again.
Basically once they hold the keys to the cpu programming of the DRM they can effectively lockout all pushed out updates to the console.
In cpu drm is a double sided sword. If the other side gets it and you don’t have anyway of revering it your are screwed. Heck xbox360 they already have the system for update from usb key so why would the cracked consoles ever need to go back online for updates to make them look new once they hold cpu keys.
Too strong my ass. If you get past the drm and alter something so can someone else. Question is how long.
Oh are you directing the attacks Ohio?
The PS3 hasn’t been cracked which is a significant achievement given how long it has been on the market. The 360 would have lasted longer if MS didn’t go the cheap route with the DVD drive. Next gen consoles will be even stronger and I say good since there are a thousand people that want to buy pirated games off craigslist for every person that wants to run Linux. If you want a Linux server then buy an old machine off ebay.
That is absolute bullshit. That’s just as much bullshit as claiming that DeCSS was necessary to enable piracy even though I can rip and burn a DVD copy with nothing more than the dd utility if I wished to. Unless the media itself has some kind of magic two-way authentication with the hardware, piracy is easy as hell. It’s even easy when the device requires non-standard media; I’ve had two GBA games I bought through Ebay that were clear and obvious third-party pirated copies. Even if you can’t get your hands on the equipment (you can) there’s somebody in China who already has and is already mass producing pirated copies.
Also, Linux on the PS3 had nothing to do with game development. Half the hardware was locked down in Other OS mode, including video hardware functionality. The only use of Linux on a PS3 is to have a shitty equivalent to what you can do with a $50 CPU and a $70 GPU with CUDA/OpenCL/DirectCompute.
Oh and which PS3 games have been pirated?
What a bunch of utter nonsense! You can NOT create a working copy of a encrypted DVD with just dd.
And there are no illegal copies of PS3 games anywhere, not even China.
But I dare you to provide proof for your stupid claims. Waiting …
The author is mixing up two entirely different things. Yes, it’s highly remarkable and probably questionable for Sony to remove support for other OSs in the next PS3 system software ‘upgrade’ but there are hardly any precedents for this in PS3 history.
The examples mentioned, including PS2 compatibility and SACD playback, are features that have been left out of newer generations of hardware that were introduced at significantly lower prices. The features were *not* removed from the installed base of consoles.
That is true. I think these were cited due to the assertion that these are also “software features”, and not “hardware features”. This suggests that Sony is only removing them in order to restrict the capabilities of the PS3. Since they are still supporting those features on older PS3 machines, it really makes no sense to remove those features in newer versions of the hardware, other than to restrict features for the users.
The author (geohot) was mostly using this as an example for Sony’s backwards thinking – they remove features on newer versions of the product that otherwise shouldn’t need to be removed.
In the case of the OtherOS feature, I suspect they would like to eliminate it completely because it is 1) potentially a security hole for their DRM and 2) PITA to maintain moving forward.
I’m guessing offhand that they plan to add some firmware features that make the PS3 DRM even tighter, and they cannot do this effectively while OtherOS support continues to exist.
Maybe, but this assertion was a wrong one on GeoHot’s behalf. SACD playback requires dedicated hardware in the optical drive’s front end to deal with the format’s specific copy protection (see http://www.ps3sacd.com/faq.html#_Toc180147568 ). The ‘software emulation’ PS2 compatibility was in fact only partly in software and still partly hardware-based.
(I’ve posted these comments on his blog but they’re way down in the thread now.)
Edited 2010-03-30 21:55 UTC
FWIW, I believe you
I could almost believe the PS2 compatibility removal to be a conspiracy to prevent game manufacturers from continuing to write games for that platform… but the removal of SACD just seemed pointless unless there was some technical reason for it.
Look at it this way. You bought a machine and its yours. Run any firmware that you want on it. Run any app you want on it. But when you connect to PSN you are bound by the psn service aggreements that say you cant be running modified versions of consols, games, or firmware. You an keep the other os option, just don’t expect sony to let you play on thier network.
After saying that i have linux nstalled on my ps3, it occupies 10gb. how is sony going to recliam that space so i can use it for game. Or is it lost untill i format the entire thing?
I would like to add that newer ps3 games may include the update and require it in order to be played.
This is a very good question..I currently do not own a ps3 however I was planning on getting one at some point to tinker with, I would assume that when you use the otherOS option and start using the hypervisor, the harddrive linux sees is whatever the hypervisor creates. Like vmware or others it would be a virtual harddisk that would be a large file created on the ps3 partition. I’m sure that sony would have a method of detecting this file and deleting it with the firmware update.
You are missing the fact that you wont be able to play future games either and you don’t modify the firmware by installing Linux on the PS3, it was an advertised feature.
That is like saying it was okay for Sony to remove BlueRay playback in the next firmware because if you want to play games or use PSN you have to play by their rules. It is not that simple. Removing advertised features by blackmailing with the disability to use core functionality is illegal in many European countries.
I wonder about the puzzlement though. It is not like Sony didn’t have demonstrated earlier that they can’t be trusted and i halve expected this to happen sooner or later to linux support.
Ford Prefect on Tue 30th Mar 2010 18:06 UTC
The Other OS option was working to stop hackers. Since the Linux hackers were not attacking the firmware itself lot of games depend on the firmware to operate.
Also Linux Hackers were not attacking to attempt to get the PS3 disk open what would have been very handy cheats and save game editors.
Reason for shutting the Linux guys down would not be piracy. It would be the risk that game developers might stop paying for sony development kits.
Really I feel sorry for sony game developers. Sony just screwed them.
Linux developers don’t intentionally help pirates to pirate games. The Linux assistance comes from the fact their is no way to run Linux properly.
http://www.free60.org/Main_Page Not like this has lead to piracy of games. In-fact piracy of xbox 360 started with the firmware of the player being broken. Something the Linux developers had no interest in.
So really game developers you need to look at yourselves is it really worth keeping on paying sony or microsoft. For a platforms that will be broken and will not provide working copy protection any more.
What would really put the cat in the console camp is if a few game developers released games for them that required mod chipping to work.
That’s ridiculous.
Allowing a foreign OS to boot that exposes the system internals makes hacking it easier which makes piracy easier.
To be upset over Sony doing this is one thing but to say the reasoning behind it is poor is another. Allowing a foreign OS to boot is a security compromise plain and simple. They shouldn’t have allowed it in the first place.
Doesn’t the PS3 more or less rely on Blu-ray burners and blank media being damn expensive for its copy-protection? Unless you’re talking about ripping games to the HDD.
It has some pretty heavy protection. One of the SPUs exists entirely for DRM. The system is also built around firmware updates and games are encrypted with a key that is tied to the latest update. Thus if the PS3 was cracked it would likely only be for current games and only for the fat ps3.
Edited 2010-03-31 17:39 UTC
nt jerkface. Allowing a foreign OS really makes it no simpler. But it stops the research in key areas.
Because if it made it simpler breaches at the Xbox360 firmware level would not happened first. The locating of the JTAG inside the Xbox360 to roll back firmware updates would not have happened first. Patching the Xbox360 firmware for loading Linux also happened first on the Xbox360. But patching method could allow any alteration to be done to the Xbox360.
So forcing MS to use the in cpu drm to stop the attack. MS in the Xbox360 are down to there last line of defense. The Linux guys have the rest. Now when the in cpu drm method of reseting it is found in the Xbox 360 its game over. Its not if anymore its when.
Now lets look at the playstations
How much research has been done against the PS3 slim up until this point of Sony doing this. Answer none. So every level of defense is still in place.
Reason Linux personal had the old PS3 with the Other OS to play with. Now they have to break there way into the PS3 todo what they want all bets are now off.
Linux people would have kept the pressure up on to restore the other OS feature on the slim. Sony could have kept on stalling. And no attacks would have come.
Find me the documentation where the PS3 JTAG is. Its not out their. Same with all the other Software by passing attacks.
Reason Linux personal attacks found a flaw in the way the hyper-visor was done. Unfortunately hyper-visor is software and other cpu’s designed like PS3 also could have been at risk from the same attack.
Lets say I wanted to prevent a console from being attacked by Linux researchers ever and I want a DRM game system. Here is how.
Release a system with physical level separation.
Duel firmware. When the game playing firmware is on so is the access to game storage harddrive. When the Other OS firmware the game storage media is off line. Sell the other OS hard-drive as a optional extra.
Heck you would most likely even get away turning off the game media reading system in the device.
Now before you say but they will alter the circuit board. Have the media access controller in the cpu itself. Have the games directly coded to use the in cpu media access controller so off games don’t run. Same levels of encryption and tamper protection as now to prevent games code from being altered.
Now of course that does not mean the CPU cannot have two media access controllers. One for other OS and one for games. What mode the cpu is started in sets what one is active until the cpu is fully powered off and started up again.
Basically hardware level hypervisor. Not that hard to build really. All you really need is the game media controller and the game firmware on one power rail in cpu and the other os media controller and other os firmware on another and a simple wire if high when cpu starts locks power on other os circuit. If low when cpu starts start in game mode and stays that way until powered off. If gpu is integrated as well features of gpu could be turned off this way as well.
Defeating a physical hyper-visor inside chips does not happen if it does its a high risk of killing the chip. You have to defeat something contained in the side of the physical hyper-visor you want to get to. You cannot do this without having people research an find where the flaws are.
There is no legal reason anywhere to attack a system like that. So most places people could publish how to defeat the system you would be able to use take down notices.
Basically console makes build you hardware correctly by by Linux researchers breaking your consoles. By by most pirates because they don’t have the researchers to find the flaws.
Correctly designed hardware everyone is happy bar pirates. Linux people can use the device how they want. Game makers have DRM to make coping their games hard so happy. Poor poor pirates are on their own.
Now its that simple. Reason why it was not done is that sony and microsoft and others always try for the cheapest solution. Correctly done is about 30 USD more per unit. Nothing really compared to how much is lost to people pirating.
I don’t own any consoles but am still annoyed when I see companies pull these stunts.
Is there anything we can do to annoy Sony for this?
Yes, stop buying Sony products and tell the reason to everyone who may be interested. Buy and recommend products from the competition, as long as they behave more decently than Sony. I see the technical effort involved in pirating Sony’s products, and its benefit to owners of such products, but in the big picture it helps rather than hurt Sony. People still buy their products, media companies are happy because they get IP protection for a few months or years, and no-one sees the benefit of more open systems.
Oh give me a break. If their system was cracked they’d lose millions from piracy. There is no bigger picture here. The system would be cracked and craiglist would be filled with people selling $600 systems that come a dozen pirated games.
Hotz was the one who was talking about bootstrapping a modified Linux kernel as a way of cracking the system. So yes Sony is going to piss some people off by ending the OtherOS option but it is a security compromise. I was actually shocked that they allowed it in the first place. Of course that is where hackers will go first. You don’t allow instructions to the cpu from a foreign OS unless it is necessary.
This would be like spending hours locking down a public workstation only to leave the boot from cd option available.
For all of you on the PSN, you may want to vote … not that it’ll make much difference. Kind of like how I feel about voting in the US.
http://share.blog.us.playstation.com/ideas/2010/03/29/sony-should-a…
Edited 2010-03-31 05:19 UTC
Funny that the proposal has nearly 3 times more votes against it than for it.
I admit that it is a little confusing but you are wrong – the lower number is the total number of votes, and the upper number is positive if there are more votes for the proposed issue, and negative if there are more votes against it.
Since when has installing another OS been an ‘advertised feature’ of the PS3 like this article states?
I’ll help you out. It never has been.
BTW I hope people are realising that Sony had no option than to do this after George Hotz hacked the system. It was either this or risk PSN being completely ruined by hackers. If you want to be angry at anyone then he’s the person to be annoyed at.