PS3 security is "epic fail"

[ciento]

Yes, so by law in Aus everyone could return their PS3 and get their money back 'cos they can't run Linux.  

Stand clear for the stampede...........Naught but the sound of crickets chirping....

I don't understand the big deal in running Linux on a games machine..?
Sorry to tell the Linux fan boys but if Linux was freely available on the PS3 nothing would change.  Being able to run Linux on a PS3 won't make Linux miraculously popular.
Nor would it unleash a tide of spectacular software to the PS3 scene.

Let it play games.  There's nothing wrong with playing games.

It is a computer sold as a games machine to avoid taxes and regulations.  I would like to see sony release a computer PSx, so what if the price  is a bit higher to pay the federales?

If there was nothing to fear from linux using otheros, why did sony
choose to discontinue a (small) feature? A company
that locks horns with linux teams, had better have $$$ and battle plans,
and the superior coding army. I'm all for corporate profits, as long as
nobody breaks their deals, written or otherwise (no pun intended)
I'm not for piracy, and I'm confident the beancounters from Sony pad the prices so customers subsidize the criminals, instead of shareholders doing it.
Not so easy for the smaller devs, who can't spread the losses on such a large field. The world is changing. Cheers

[ciento]

Gonna chime in on the piracy part. People tend to think that it's a non-issue and that in some cases piracy even "helps" sales. There's _sometimes_ a grain of truth but it's not all of the time or all of the cases.

We've had projects canned and titles cancelled during development for the PC simply because the piracy rate has become so problematic that you might have most people _playing_ your game on the PC, but you've got the most people that have _bought_ your game on the consoles. As a result the publishers simply pull the plug on the PC version entirely.

It doesn't lose the publisher much revenue but for the developer they can have just lost an entire platforms profits and royalties. Of course the PC version can often have a much longer shelf life vs consoles so now you've also got to rely entirely on making your profits and royalties on the launch week of your game... so hopefully there's nothing like Gran Tourismo or something launching at the same time or you'll get literally NOTHING.

So, I think Sony were a bit crap when they removed the OtherOS option, especially as it still listed it on the boxes when the machines were on sale! Removing functionality that people have bought your hardware to use is dishonest I think.

However this does enable piracy, it will mean that it happens more now, and I have been personally affected by piracy in the past. In fact I'm redundant at the moment due to the games industry going through a lot of strife right now so I'm not keen on that side of things.

Dunno where I'm going with all this just bored and hungover on Jan 1st I guess!

Happy New Year everyone!

Andy

Has anyone tried having a 30 day pre-launch discount to get initial sales before the pirates can steal?

How about releasing a key each day to unlock a new level,  putting pirates and customers on more even footing?

Maybe its time to start your own company,  in a low cost of living state. Code an open ended game that can implement new campaigns, worlds, chapters, with fresh graphics/sounds, and a predictable release schedule a fan base can look forward to. Using cross platform dev tools.

Has anyone visited a pirate, wielding educational tools? :hammer: and posted the
the pirates modified GPA?

[ciento]

About the only people that might feel aggrieved is those that purchased the first version PS3's to run Linux, and their compensation would be to get a refund when they return the hardware.

No, in a court, users would demand personal and punitive damages while keeping the hardware.
In a class action suit, it could get ugly, and the spectre of the discovery process, is one that corporate giants greatly fear,
because the head man does not always know the tactics of his employees, for his own protections sake.
A long line of spear-catchers is guaranteed at corporate giants.

[A1260]

Allowing Morphos and OS4 ports would generate a few thousand PS3 sales, while
dissallowing them earns them nothing. Either they are morons, or elitists too rich to care.

Sony dont need Morphos and OS4 ports, so they would send their lawyers on you if they see any commercial os running on thir ps3. but for the open source x86 aros there shouldnt be any problem if they had the time and wanted to do the port, i think...

[guest7146]

Allowing Morphos and OS4 ports would generate a few thousand PS3 sales, while
dissallowing them earns them nothing. Either they are morons, or elitists too rich to care.

I think the problem for Sony is that they apparently sell the PS3s as a loss-leader.  They lose money on the initial hardware sale, but then they hope to recouperate when you purchase software and accessories.

If you're only buying the console so that you can run an OS on it, then they're on to a loser.

Of course, they could always have offered consoles with the OtherOS feature still implemented at a bit of a higher price.  I'm not sure if that would have been feasible or not - it depends how much money per console they are losing I suppose.

AH.

[stefcep2]

And why does this cause harm to the seller? Because, as I argued in an earlier post, Sony's business model is flawed. They're subsidizing the cost of their hardware with software. That was their decision, and the market is proving it to be a bad one. Technically, if I bought a PS3 and dumped it straight in the trash I'd be causing them the same financial harm, but no one would give me flak for that.

Once a product is out on the market, people will use it how they wish, EULAs be damned. It's where innovation comes from - repurposing and improving existing ideas. Look at this camera stabilizer made from pipes. That's not how the pipe manufacturer intended their pipes to be used, but do you think they're furious about it? No, they'd probably be delighted because it means more sales to consumers who might not ordinarily buy pipes - a new market segment. And it's instant profit, because their overhead costs are built into the price of their pipes.

In fact, take a look at just about anything at http://makezine.com. Or, closer to home, look at the Natami, which was derrived from a C-One board. These are all hacked and modified devices that most likely brought a little extra cash to the parts suppliers that might otherwise not have made those sales.

So if Sony is locking themselves out of this market - the market for hardware hackers, open-source enthusiasts, university researchers, cluster computing datacenters, governments - by failing to cost-reduce their hardware or to subsidize it from a less volatile corporate division, then it's their own damn fault for reaping the financial consequences when the market self-corrects to compensate for their shortsightedness.

And the piracy angle? Yeah, this might result in a bunch of 14-year-olds getting free games, but Sony really should have seen it coming; it's a fact of life. Pretty much every copy protection scheme ever designed has been cracked, so they need to be approaching anti-piracy the same way they'd approach poor sales - better marketing, lower software prices, better supply chain and stock management, promotions, and, dare I say it, better software products that people want to buy.

Do they "deserve" it? No, but they made a business decision and now they have to live with the consequences.

Let me get this straight:

It Sony's fault for putting a lock on their hardware to protect illegally copied software from running, and it was this action that FORCED the hackers to break that lock, plus its Sony's fault for making the PS3 too cheap and for not selling software at the price buyers want to pay, and its Sony's fault that people want their software for free?



So

1.  you have doors with locks in your house, or your businesses has doors with locks to the premises, and when a thief breaks in its your fault, because you fitted locks?

2.  I see a fridge I want to buy in a retail shop.  i walk in and want it for less.  The seller says no.  I drive a truck through the stores front door, take the fridge and leave the sum of money I wanted to pay for it, and this is OK, because its the retailers fault for not selling the fridge at the price I wanted to pay for it.  Afteral its just the market "self-correcting".  Sure, try that in front of a Court.

I've heard a lot of cocamamy justifications for piracy but this takes the cake:  its the IP owners fault.

[psxphill]

Anyone defending Sony, probably can't remember their previous anti piracy scandle involving rootkit installed on to windows PC from audio CD's, opening the OS to other malware. Sony deserves everything it gets.

That is a rather deranged argument.
 
Sony might be a big company, but it's made up of individuals. Also piracy on the PS3 mostly harms the software developers.
 
But that root kit means that eveyone who has any relationship with Sony deserves to be homeless.

[ElPolloDiabl]

@ above. Yeah I buy electronics from Hong Kong because it's a tenth of the price you get charged locally. I don't need to steal a fridge to get value.
But what about cases where Intel or Microsoft use thug tactics disadvantage the competition.
They fight each other with lawsuits what's wrong with us getting in on the act? Should we start lobbying for open systems by law?

[Matt_H]

Let me get this straight:

It Sony's fault for putting a lock on their hardware to protect illegally copied software from running, and it was this action that FORCED the hackers to break that lock, plus its Sony's fault for making the PS3 too cheap and for not selling software at the price buyers want to pay, and its Sony's fault that people want their software for free?

"Fault" may be too strong a word, but there was a market demand for powerful, open hardware that they weren't meeting. If they can't find a way to turn a profit on hardware alone (like other electronics manufacturers, where the customer's financial relationship with them begins and ends with the hardware purchase), then they've been out-competed. Tough, but that's how it works.

So

1.  you have doors with locks in your house, or your businesses has doors with locks to the premises, and when a thief breaks in its your fault, because you fitted locks?

If you didn't buy insurance or have a backup plan for such a contingency, then I'd say yes.

2.  I see a fridge I want to buy in a retail shop.  i walk in and want it for less.  The seller says no.  I drive a truck through the stores front door, take the fridge and leave the sum of money I wanted to pay for it, and this is OK, because its the retailers fault for not selling the fridge at the price I wanted to pay for it.  Afteral its just the market "self-correcting".  Sure, try that in front of a Court.

In this metaphor, is the fridge the hardware or the software? If it's the software, you may have a point, but software piracy doesn't result in collateral damage to sellers, just a denial of sales.

But I'm thinking in terms of hardware. If I buy the fridge and reconfigure it to do something else, for my own use, the seller can't come into my house and undo what I've done to it. In exchange for my modifications, though, I do think it's fair that I waive any claim to a warranty.

I've heard a lot of cocamamy justifications for piracy but this takes the cake:  its the IP owners fault.

My main point is that piracy is not the only outcome of this security failure. No question that it's not a good one, but it was a predictable one, and Sony failed to plan for it. They had no proverbial insurance behind their single layer of locks. But if you look at piracy as the ultimate form of competition, they might have better luck approaching it as a sales or access problem. Abusing the purchasers of their hardware isn't the kind of strategy that lends itself to a sustainable business.

[Kronos]

It's actually quite simple:

If I buy a piece of HW, I buy a piece of HW. It's my piece of HW and nooneelses !
Same goes for SW.

Sure I might be forced to click through some "terms of use aggreement", but clicking that one doesn't mean I've agreed with those terms but just that I've aggreed that I must click that gadget to make use of what I've bought....

Or in short : EULA my ......

I Sony sells HW at a loss and was somehow expecting to make up for it by SW-sales..... well thats their prob surely not mine.

And as such I've have the right to do ANY modifications to HW and SW (*) I've bought.


Just for the record:
The only Sony product I own (apart from music CDs that is) is a fat PS/2, still factory sealed. Just because I'm too lazy to mod that old chick doesn't mean I wouldn't have the rights to...


(*) I might consider hacking a light version to a full version as ethical questionable but thats really where it ends

[ciento]

It will be interesting if post-Christmas ps3 sales maintain or increase historical trends
with new buyers in hopes of homebrew taking off, and what percentage of those buyers will purchase a few games over the course of a year. I had no idea how bad Sony messed up the media/browser capabilities of ps3. Sales must have been good enough, that complacency replaced the pursuit of excellence. Now the tree is shaken.
And its time those security coders to put the resume' in the mail.
Hopefully Microsoft will be hiring

[A1260]

here is a interesting read......

Hacking the PlayStation 3

In the end of 2009, Hotz announced his efforts to hack the Sony PlayStation 3, a console widely regarded as being the only fully locked and secure system of the seventh generation era. Hotz opened a blog to document his progress, and five weeks later, on January 22, 2010, he announced that he had successfully hacked the machine by enabling himself read and write access to the machine's system memory and having hypervisor level access to the machine's processor. Hotz also detailed the many things his work could allow, such as homebrew and PlayStation 2 emulation (a feature removed by Sony in newer revisions of the console to tackle production costs).

On January 26, 2010, Hotz released the exploit to the public. It requires the OtherOS function of the machine, and consists of a Linux kernel module and gaining control of the machine's hypervisor via bus glitching. Hotz wrote that "Sony may have difficulty patching the exploit". On March 28, 2010, Sony has responded by announcing to release a PlayStation 3 firmware update that removes the OtherOS feature, a feature that was already absent on the newer Slim revisions of the machine. This generated an uproar by the PlayStation 3 community. Hotz had then announced plans of a custom firmware, similar to the custom firmware for the PlayStation Portable, to enable Linux and OtherOS support, while still retaining the features of newer firmwares.

As of April 7, 2010, Hotz had posted a video on the internet detailing his supposed progress with custom firmware on the machine, and showing a PlayStation 3 running and having the OtherOS feature enabled on firmware 3.21. He had named his custom firmware as 3.21OO, and said it may work on newer Slim models of the console, as the feature was removed altogether with the launch of the newer revision. However, he had never announced a release date for the alleged firmware nor had he mentioned whether he was working on the same hack for the latest firmware version of 3.41.

On July 13, 2010, Hotz posted a message on his Twitter account stating that he was giving up trying to crack the PS3 any further.

On December 30, 2010, following a presentation at Chaos Communication Congress where new vulnerabilities were published, Hotz released "dePKG", a firmware package decrypter for the Playstation 3.

On January 2, 2011, Hotz published the metldr key on his personal website, which allows users to decrypt and sign anything they wish on their Playstation 3 console using the key. This allows any developer to write and sign their own code to run on the Playstation 3 without Sony's consent.

source:
http://en.wikipedia.org/wiki/Geohot

[AJCopland]

Anyone defending Sony, probably can't remember their previous anti piracy scandle involving rootkit installed on to windows PC from audio CD's, opening the OS to other malware. Sony deserves everything it gets.

Gaz

However their employees, customers and the developers who might find it harder to get work probably don't.

That's all my post was talking about. I'm part of the local hackerspace community and I totally support hacking hardware, I just wish people would actually stop deploying the "screw Sony" argument without realising that it will also screw totally innocent people working for companies that aren't Sony.

You can't say it doesn't happen since it has happened, directly, to me and the company I worked for.

Andy

[AJCopland]

My main point is that piracy is not the only outcome of this security failure. No question that it's not a good one, but it was a predictable one, and Sony failed to plan for it. They had no proverbial insurance behind their single layer of locks. But if you look at piracy as the ultimate form of competition, they might have better luck approaching it as a sales or access problem. Abusing the purchasers of their hardware isn't the kind of strategy that lends itself to a sustainable business.

Piracy won't affect Sony at first, it'll affect publishers and then they'll pass that onto developers who will lose revenue and make people redundant like me.

I don't actually think that this will affect the PS3 too much at all actually. I mean it's largely screwed PC development over a barrel but the PS3 will be a harder hill to climb and there's so many non-techy types playing the PS3 that it shouldn't become an endemic problem.

I.e. this won't affect Sony, but if it affects anyone then it will be innocent and hard working people employed in the games industry.

I don't mind the hack itself, I think Sony lined itself up good and proper for a kicking for removing the OtherOS feature from the fat PS3's that had it. For those that want it I think it's good but peoples justifications about how piracy will affect Sony are way off. Sony will wriggle and squirm and it won't be them that gets hardest hit.

Andy

[gertsy]

Don't know if anyone has noticed this but if you spell Sony backward you get "Y N OS"
Which with a bit of imagination could be read "Why an OS?" or "Yes No OS ?"
Either way it spells trouble for Sony and OSs.

(o:

[kolla]

Piracy won't affect Sony at first, it'll affect publishers and then they'll pass that onto developers who will lose revenue and make people redundant like me.

So? Why should I feel more sorry for you than other people who lose revenue and become redundant, people who do far more important work and lose their jobs because of far more silly reasons than yours? You almost make Sony sound like some sort of charity organization, which I'm sure it's not.