Tuesday, January 4, 2011

PlayStation 3 Opened Like a 7-Eleven

Like the Nintendo Wii and Microsoft's XBox 360 before it, Sony's PlayStation 3 fell before the might of the console modding and hacker community over the new year. The famed 'Geohot', known for the iPhone jailbreak put out the PS3's root key, and a team known as fail0verflow has released a tool allowing coders to sign their code to make it indistinguishable from Sony's own.

Some might ask why has this happened only now, just over four years past the console's launch. They'll point to the exploits used early on in Wii titles like The Legend of Zelda: Twilight Princess, or the various modchips and physical solutions for both it and the XBox 360. I think the answer to these questions comes from Sony's own actions. In order to do this, though, we'll need to look into the history of the PlayStation 3.

The Playstation 3 launched in November of 2006, just in time to enter the current generation's fight against the XBox 360 and the Wii. One of the things that set Sony's machine apart from Microsoft and Nintendo's offerings, was that they were throwing their substantial weight behind the Blu-Ray high-definition movie disc format, and even integrating it right into the console itself. The other, lesser-known, but much more important difference, especially for the scope of this article, is a feature known as OtherOS.

OtherOS is an option that allowed an installation of Linux or other alternative PC operating systems on the PlayStation 3. Sony included code, known as a hypervisor, that kept the operating system from accessing the most sensitive parts of the hardware, but for nearly every purpose, what was provided was more than enough. It wasn't until Sony became spooked at what the Linux community was potentially able to do with this, even with the hypervisor in place, and the removal of the OtherOS feature in the subsequent firmware release in April of 2010 that the PS3 was even considered a hacking target.

While many people may already know this, it must be said that Linux users are a very dedicated community, and a move this drastic was essentially a slap in the face. Nearly overnight, the focus was turned from showing off the latest homebrew games and clever applications, to finding a way to keep the ability to run Linux, and even crack the PlayStation 3's security. If Sony was scared when the first few drops came through the ceiling, they should have felt sheer panic at the thought of the whole roof collapsing on them. Lawsuits were filed over the feature's removal, and are still in the courts even now. But yet the timing of the feature's removal has yet to be explored.

Since the PlayStation 3 had its OtherOS feature from November 2006 until April 2010, the timeline for a hack coming has to start from its removal. In this sense, the PS3 fared no better than its competitors. In fact, it probably came out the worst in this way, because while game pirates are banned from Microsoft's XBox Live service, and game piracy is difficult and very risky for the Wii, pirated PS3 games can be played with Sony's own signature, and on PlayStation Network, a service that costs absolutely nothing for its use. Compounding the issue even further, this exploit is one that Sony is completely unable to patch out without opening themselves to even more lawsuits. The keys being used are the same ones used to sign official games, and to invalidate those renders their entire catalog unplayable. I doubt that a company even as arrogant as Sony has become would let themselves make that colossal a blunder.

But now that we've discussed why Sony's machine didn't really last as long as people want to think it did, let's see what can be learned for the next generation's consoles.

First, you must know that the ability to run Linux and develop their own homebrew games and applications is something that people want. It is therefore in a company's best interests to allow this out of the box, as Sony did initially.

Second, give them access to all the hardware. Put the keys somewhere else and open up the entire architecture for outside use. Sony's hypervisor and limiting access to one of its cores planted a giant sign that said, essentially, 'try to get in here'.

Third, don't panic when the limits are tested, or even broken. So long as you've kept the key in a place that's inconsequential to performance, nobody will want to get to it unless their goal was piracy. It was the fact that someone did get into that last core that prompted the OtherOS removal. All that was being done was widening the sandbox given to users, and had it been ignored or praised as being clever by Sony themselves, with a full unlocking of the last core as a response, we probably would still be thinking of the PlayStation 3 as being 'unhackable'.

Finally, once the genie is out of the bottle, putting it back in is impossible. The class-action suits against Sony, and the complete attention turned towards the total destruction of the PlayStation 3's security has shown what will happen when a freedom is restricted. Once a feature is in a console, there is no surefire way to remove it again. Even going so far as to require internet connectivity is useless, because simply forcing an update on people to remove a feature would lead to lawsuits even faster.

So when it really comes down to it, the PlayStation 3 really only lasted eight months before being hacked. It survived for three and a half years because it wasn't interesting to hackers. Because pirates ride on hacker's coattails, Sony was able to keep piracy at a near-zero level by opening the console up. Once they closed the hardware off, they dug their own graves. Now all we need to do is wait until the ISOs hit the torrent sites.


Anonymous said...

So what is a proper reaction to their entire system potentially being compromised due to a feature they added and were easily able to remove

Tiberious Neruda said...

The best bet would have been to do like Microsoft did with their Kinect.

Once the hackers had coded their own drivers, Microsoft answered by releasing official drivers for the PC.

Microsoft had their own slip-up as well. I'm not sure exactly what the program was called, but they had a service where indie devs could put out a game on the cheap.

Problem is, that cost a fair amount of money, and Microsoft still had final rejection rights.

Homebrew coders normally don't want to spend (or receive) money on/for their work. They do things because it's a hobby, and if people like it enough to drop them a donation, that's great.

I believe there's going to be quite a market for another entry into the next console generation; one that is essentially a PC with dedicated hardware, and is open for both commercial and homebrew developers. If they put this console out at a minor profit (like the Wii), and only charge a small part (maybe .5%) of the cost of a game for licensing fees, this startup will see great success, especially if the hardware follows the guidelines I mentioned in the post.