Eye of the storm on Jupiter


First off, let me state again, I totally think cheating on multiplayer games and illegal copying are wrong, ammoral acts. I do not condone any of that. I do believe people have a right to make backup copies of music, videos and video games. Accidents do happen, and CDs and DVDs do evenurally become unplayable. But this whole debacle has left me wondering what kind of security mindset Sony has. This might be indicative of the entire industry. Therefore it is worthwhile examing what is going on here.

If there is one thing I detest more than cheaters, it is lack of security. Let's see what Sony does for security.

So what does George Hotz's code do and how does it work?

His Jailbreak is written for the PS3 on 3.55 only, I believe.
It works like this:

First get a USB stick and with your computer: create a folder in the root directory PS3, and another inside that (PS3) folder called UPDATE, then find a copy of jailbreak.zip, unzip Jailbreak.zip to PS3UPDAT.PUP in the directory UPDATE that you just created, then plug the USB stick into your PS3, navigate to Settings Tab, choose System Update, choose Update via Storage Media. You will then get a message that it found Version 3.55-jb. You then: choose OK, accept Conditions and Install Update. The program will then run, your PS3 will update, beep 4 times then shut down. You then only need to power up your PS3 from the console and not by the controller.
Your PS3 is now jailbroken!

Now, it seems to me Sony is saying that this is some kind of circumvention device. I'm not sure how they conclude that. It seems to me that it is merely a way that you can update the software/firmware inside a device which you own. IT also seems to me, that the actions of George Hotz (GeoHot) are no more than the actions of a curious amatuer/professional researcher. Both actions seem to fall well within the Constitutional fair use right. At least in the US. Now, realize IANAL. A lawyer would most likely tell you to be afraid, to not do this, etc., etc.

Now, once you done the above it appears you still can't run copied commercial programs, or create pirated versions to run. This is a good thing. But it appears it does allow you to install packages, and thus perhaps add cheating software, which is bad.

To Install Packages you would have to put some homebrew package, like test.pkg, onto a stick at the root directory. Then you would: plug your USB stick into your PS3, navigate to the Game Tab, select Install Package Files, select the "pkg" file. After it installs to run it you need to look for the package in the Install Package Files folder.
GeoHot had some tool, and wrote some tools to help you get your own homebrewed applications to run in a jailbroken PS3.
So analyzing all this, which I admit is still in a very early stage, seems to indicate no wrongdoing or circumvention on anyone's part. It does appear that these researchers have found a way to upgrade and update their PS3 and to install software they want to. You can do your own research on this topic by using the tools these gifted researchers have created.
Again, for Sony's sake I don't know these guys. Seriously. Really. In all honestness, I know them not. I also don't live in California, NJ, or RI. I really, really do not know any of the people related to jailbreaking your pathetic game system security. They are a Smart Bunch of Dudes though.

I still see nothing infringing here.

I can neither confirm, nor deny, the keys, or code, nor say if they are all the keys or all the code. The fact is they are in the wild and Sony has no way to realistically recall them. Any bad guys out there already have them. Probably have had them before these researchers did, and there may be more keys still. Supposedly there is also a game signing key, if I'm not understanding the whole thread. I'm not sure if either GeoHot or the failoverflow guys published that. I'm fairly sure, though, they did not. Also, GeoHot hacked the metldr keys and the failOverflow team a different set. A set which GeoHot used in his hack. Which brings me to my pet peeve. Hacking is NOT cracking!!!!

Now you see a very public example of why security by obscurity doesn't work. It is a false sense of security and real security requires layers. One should also note that there is no unbreakable security. The DMCA is an exercise in futility. All it does is inect fear uncertainty and doubt into legal research and thus

When you outlaw research, only criminals will research.

Please note, I don't have a Sony PS3. Don't have an account with them. No longer have a FB account. Sorry, they just creep me out now. It's like joining the CIA's most watched list voluntarily. Don't twitter or tweet, and basically am old school. Or just plain old. I would never own a PS3, because, well let's face it, Sony has a lot issues and I'd rather not do business with them.

PS Sony if you're reading,

don't come and ask me how to secure your PS3. Because I'm likely to tell you to refer to the reply given in the case of

Arkell v. Pressdram

Everyone else, stay tuned. I'll do more research and talk more about this as time permits.

Page Hits

Debian Apache

copyright 2011, Brian J. Densmore. Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.