fail0verflow
Latest
Modders turn Nintendo Switch into a full-fledged Linux tablet
For all of its Nintendo customizations, the Switch is ultimately a tablet running a garden variety NVIDIA Tegra processor -- and that means it can potentially handle the same software as other mobile devices. To prove that point, the fail0verflow team has shown a Switch running an honest-to-goodness Linux distribution. The touchscreen, networking and accelerated 3D graphics are all functioning, as evidenced by the modders tweeting from the Switch and running a benchmark. You're not about to run Steam games on it (many Linux apps aren't built for ARM-based chips), but you could theoretically use the Switch as a basic computer.
Watch homebrew code run Steam games on the PS4
Ever since Sony switched to x86 processors with the PlayStation 4, gamers have been craving the chance to play PC games on the console -- it's much closer to your home computer than the PS3 was, after all. Well, we're glad to say that it's no longer just a dream: OsirisX recently demonstrated Steam running on a PS4 thanks to a combination of a jailbreak, Arch Linux and some software libraries from Fail0verflow. And yes, it plays games. The demo shows the action-RPG Bastion running at a decent pace, and OsirisX notes that most other titles run well enough at medium to low graphics settings.
Hackers get Linux running on a PlayStation 4
In the two years since the PlayStation 4 first went on sale, hackers have enjoyed limited success in their efforts to open up the console. In June, a Brazilian team claimed the first PS4 "jailbreak," which involved the cumbersome process of copying the entire hard drive of a hacked machine using a Raspberry Pi, but it took until this month for a tinkerer to fully circumvent Sony's content protections. With a proper exploit in the wild, homebrew group fail0verflow took on the challenge of installing a full version of Linux on the system. It achieved its goal this week, giving the homebrew community hope that the PlayStation 4 will soon become a worthy tool in their arsenal.
SCEA vs. Geohot: Sony wins a not-quite flawless victory
Well, after all the talk of TROs, tweets, and YouTube user info, it seems that the SCEA vs. Geohot litigation has come to a rather uneventful conclusion. According to Sony's Playstation Blog, the case has been settled, and Hotz has agreed to a permanent injunction preventing him from distributing his PS3 jailbreak hack ever again. Of course, while this settlement has cowed the man who did the initial distribution deed, the jailbreak genie's out of the bottle, and no court order can ever put it back. [Thanks to everyone who sent this in]
Judge in Sony vs. Geohot orders YouTube and others to give up users' personal info
Remember when Sony sued Geohot and demanded that YouTube hand over the user info of all the folks who posted comments to Geohot's PS3 jailbreak video? Well, score a victory for SCEA, as the judge overseeing the case's jurisdictional discovery process has ruled that Sony can get what it wanted -- information from: Bluehost (who hosts Geohot's website) regarding who downloaded the jailbreak, Twitter regarding any tweets made by Hotz, Google Blogspot regarding comments made on his blog, and the aforementioned YouTube user data. Keep in mind that Sony's getting this information to show that many of the downloaders and commenters are from Northern California and that Hotz's hacking efforts were aimed at Californians -- meaning the case should remain in the Bay Area instead of moving to New Jersey where Geohot hacked his PS3. With this new information at its disposal, Sony's better equipped to oppose Hotz's motion to dismiss in a hearing early next month, but this doesn't mean the company will succeed in its bid to keep the litigation a West Coast affair. We'll have to wait and see if this latest victory helps Sony win the war. Stay tuned.
Sony finally releases official statement on PS3 jailbreak
Though Sony has been dealing with the legal and metaphysical struggles associated with GeoHot's PS3 jailbreak discovery for some time now, the company had yet to release an official statement on the matter until today. The statement comes via a PlayStation Blog post and warns users: "Notice: Unauthorized circumvention devices for the PlayStation 3 system have been recently released by hackers. These devices permit the use of unauthorized or pirated software. Use of such devices or software violates the terms of the 'System Software License Agreement for the PlayStation 3 System' and the 'Terms of Services and User Agreement' for the PlayStation Network/Qriocity and its Community Code of Conduct provisions. Violation of the System Software Licence Agreement for the PlayStation 3 System invalidates the consumer guarantee for that system. In addition, copying or playing pirated software is a violation of International Copyright Laws. Consumers using circumvention devices or running unauthorized or pirated software will have access to the PlayStation Network and access to Qriocity services through PlayStation 3 system terminated permanently. "To avoid this, consumers must immediately cease use and remove all circumvention devices and delete all unauthorized or pirated software from their PlayStation 3 systems." We've provided a handy summation for our friends who lack long attention spans: Hey, you! Cut that out.
Sony vs. Geohot litigation heats up, SCEA demands YouTube give up Hotz and Fail0verflow's personal info
Now that Sony has started gathering the evidence it needs via discovery in the lawsuit over Hotz and friends' PS3 jailbreak, the company has dropped a hammer by moving to reduce the amount of time the hackers have to get Sony the information it wants. Sony filed the motion -- which will be heard by the court tomorrow -- to better arm itself with information to oppose Geohot's motion to dismiss, scheduled to be heard in early March. Casting its evidence-gathering net far and wide, SCEA has demanded that YouTube surrender not only information for Hotz's account where his jailbreak video was posted, but also how many users accessed the video, the usernames of those with access to the video, and all usernames and IP addresses of everyone who posted or published comments to the vid. In addition to hitting up YouTube for dirt, Wired reports that Sony has demanded Twitter hand over the personal info of fail0verflow's members -- we're waiting for Sony's lawyers to don TSA gear as the next step in their search. Geohot's attorney thinks the requests seem a bit much, but we think they make sense given Sony's strategy of going after the entire fail0verflow team. While these goings-on make for fairly standard legal tactics, they won't do much for Sony's public image.
Court grants Sony's temporary restraining order against Geohot, PS3 jailbreak still available everywhere
It looked for a moment like Geohot and fail0verflow might beat Sony's DMCA lawsuit over the PS3 jailbreak on a jurisdictional technicality, but things didn't go their way: the US District Court for the Northern District of California granted Sony's request for a temporary restraining order forbidding Mr. Hotz and his merry men from distributing or linking to the jailbreak, helping or encouraging others to jailbreak, hacking into the PS3 or PSN, or distributing any information they've found while hacking. What's more, they've been ordered to turn over any computers or storage media used to create the jailbreak to Sony's lawyers -- although we've got a feeling Geohot's attorneys will raise a bit of a fuss about that. Of course, this doesn't mean that Sony's won anything substantive -- it's just proven to the court that the jailbreak will cause it ongoing harm while the case continues, and it still has to actually win its formal lawsuit to collect any damages or a permanent injunction. And let's not forget that forcing Geohot to stop distributing it won't stop anyone else -- in almost an exact mirror of the deCSS case, we're already seeing the jailbreak mirrored all over the internet. Way to learn from history, Sony. [Thanks, Henry]
Geohot wins round one against Sony (kinda) -- judge declines to rule on SCEA restraining order (updated)
By now we all know that Sony filed a lawsuit against Geohot and fail0verflow for their distribution of PS3 jailbreak firmware and asked the court for a temporary restraining order (TRO) to stop said distribution of the offending code. Well, according to Geohot, the court denied declined to rule on Sony's motion earlier today. Geohot has reposted the code online, so it seems safe to say that the TRO is back for now, and the jailbreak can once again roam the internet unencumbered by any legal decrees. The decision, while favorable to the defendants, has little effect on the outcome of the litigation itself, so Hotz and company aren't out of the woods just yet. We'll keep you posted on the status of the order, and will also watch as the case progresses for the real fireworks to start. Update: Looks like we jumped the gun and got the story a little wrong, but thanks to our readers we've discovered that the judge declined to rule on the TRO. Instead she tabled the TRO issue because she was not satisfied that the Northern District of California has jurisdiction to rule on the matter because Geohot hacked the PS3 in New Jersey.
Massive co-founder worries effects of PS3 piracy could be worse than handhelds' plight
Wondering why there's such a hullabaloo over that PS3 security breach? According to Martin Walfisz, who co-founded Massive Entertainment (but left the company shortly after its purchase by Ubisoft to focus on development of new DRM strategies), it's because it's the end of the world. Well, okay, maybe it's not that bad -- but Walfisz paints a pretty grim picture for Sony, telling GamesIndustry.biz, "If that hack works as reported, I don't believe that Sony can regain any control." Walfisz predicts that Sony could employ a system similar to Microsoft's anti-piracy measures through Xbox Live, blocking hacked PS3s from connecting to the PlayStation Network; though if the hack works as reported, and doesn't require a mod chip to function, Walfisz worries Sony won't be able to detect which users are playing pirated games -- though Sony claims it can and will shut down "jailbroken" consoles. What's worse, Walfisz adds, "I would assume that pirated copies can be stored on the HDD as well, making it so easy to use that PS3 piracy, given time, might even surpass the handhelds." Piracy is pernicious enough on exposed systems, but super convenient piracy? Yikes.
Sony issues more court documents in hacking case, GeoHot's lawyer responds
More court documents have surfaced in the suit between Sony and PS3 hackers, mostly declarations on the part of each of Sony's lawyers in support of the restraining order against George "GeoHot" Hotz and other hackers. One document contains over 280 pages of "evidence" to provide cause for enjoining them against further hacking -- said evidence consisting of full, copy-and-pasted pages from Twitter accounts, forum posts, and news stories relating to the recent discoveries of the PS3's private and root keys. Also included are summons for the hackers, and a document from Sony declining to bring the case before a magistrate judge, requesting a district judge instead. According to PSX-Scene, there's also evidence that Sony sent $1 to Hotz's PayPal account through his email address, in order to prove he is accepting donations, even though he hadn't actually requested donations. NeoGAF's Sangreal also obtained responses from the lawyers representing Hotz. The opposition statement claims that the California court has no jurisdiction over Hotz or any of the other defendants, and that Hotz has no connection to the other hackers. More substantially, Hotz's attorneys' statement asserts that "Defendant Hotz has not produced, manufactured, sold, nor does he have any intent whatsoever to produce, manufacture, or sell, any devices that facilitate piracy." It dismisses Sony's use of other piracy cases for precedent, because those cases involve hardware used to circumvent the PS3's protection, and not software. Moreover, the statement makes the point that enjoining Hotz from his programming activities won't do anything. "Sony's own pleadings admit that the code necessary to jailbreak the Sony PlayStation computer is on the internet," the statement reads. "Sony speaks of 'closing the door', but the simple fact is that there is no door to close. The code sought to be restrained will always be a Google search away."
Sony follows up, officially sues Geohot and fail0verflow over PS3 jailbreak
We figured Sony would follow up last night's temporary restraining order against Geohot and fail0verflow for distribution of the PS3 jailbreak with a copyright infringement lawsuit, and well, here it is. It's actually pretty straightforward, as far as these things go -- Sony alleges that George Hotz, Hector Martin Cantero, Sven Peter, and the rest of fail0verflow are: Violating §1201 of the Digital Millennium Copyright Act, which forbids bypassing access control measures; Violating the federal Computer Fraud and Abuse Act, which forbids accessing computers without authorization; Guilty of contributory copyright infringement for encouraging and helping others to crack PS3s as well; Violating the California Computer Crime Law, which is the state computer fraud act (think of this as a backup fraud claim); Violating the PlayStation Network's Terms of Service (which feels meaningless, really); Interfering with Sony's relationships with other PSN customers (also meaningless); Trespassing on Sony's ownership right to the PS3 (this one feels weak) and; Misappropriating Sony's intellectual property (another weak argument, but there in case the copyright argument fails). Sony's asking the court to forbid Geohot and fail0verflow from distributing the jailbreak and turn over all computer hardware and software that contain the jailbreak code, as well as unspecified damages and attorneys' fees. Yep, these boys done got sued -- and we're sure there'll be some serious fireworks once they lawyer up and fight right back. Update: And here we go -- Carnegie Mellon professor David Touretzky has posted up the first mirror of Geohot's code as a First Amendment protest, openly challenging Sony to take action. That's moxie -- we love it. [Thanks, Pedro G]
Sony begins legal action against PS3 hackers
Last week, hacking group fail0verflow and well-known iPhone hacker George "GeoHot" Hotz revealed new hacks for the PS3 allowing pretty much anyone to run unsigned code on the system. Sony has yet to nullify this through "network updates" as promised, and has instead chosen to address this problem by filing temporary restraining orders against the hackers. Hotz posted the court documents on his own site after receiving them. The court documents claim that the hacks violate the DMCA, and that "Already, pirated games are being packaged and distributed with these circumvention devices." Sony's restraining order is designed to "restrain" Hotz and the others from continuing to hack the PS3's protection measures, and from distributing their exploits. Hotz doesn't seem worried about Sony's ire. "I would expect a company that prides itself on intellectual property to be well versed in the provisions of the law, so I am disappointed in Sony's current action," Hotz told the BBC. "I have spoken with legal counsel and I feel comfortable that Sony's action against me doesn't have any basis." [Thanks, Mike]
Sony asks for restraining order against Geohot, fail0verflow over PS3 exploits
We knew Sony would be non-plussed about the PlayStation 3 jailbreak, and now we have a better idea as to the full extent of its anger. The company has filed suit (not yet, see below) asked for a restraining order against George "Geohot" Hotz, the "hacking group" fail0verflow (Hector Cantero, Sven Peter, "Bushing," and "Segher"), and numerous John / Jane Does over the exploit and its release. To be more specific, the company cites violations of Digital Millennium Copyright Act, the Computer Fraud and Abuse Act, various copyright infringements, and other acts of binary malfeasance. A temporary restraining order has also been sought, asking that all "circumvention tools" be taken offline and his computers and related media (i.e. anything storing said tools) be impounded. It looks like Geohot's servers are being slammed at the moment, so we've gone ahead and hosted the relevant PDFs ourselves below. We're still sifting through ourselves and will let you know what we unearth. Update: Nilay here -- let's take a look at what's going on. This isn't a "lawsuit" in the traditional sense, since Sony hasn't filed a complaint for copyright infringement or whatever against Geohot and friends. Instead, the company appears to be trying to shove the genie back in the bottle and have the jailbreak and any information about the jailbreak removed from the web by filing a temporary restraining order. That might work in the short term -- Geohot's already pulled his pages down -- but history suggests that the forces of paperwork rarely triumph over the righteous anger of nerds, and that this code is out there for good. That said, we'll see what the court says tomorrow; although we very much doubt Sony's melodramatic proposed motion and order will be granted as written, we wouldn't be surprised if some sort of order is eventually granted -- and then from there a formal lawsuit is likely just a few days away. [Thanks to everyone who sent this in]
PS3 homebrew caught on video, Sony promises 'fix'
The PS3 root key saga continues, with hacker Geohot posting a video demonstrating homemade software running on a PS3 using firmware 3.55. There's not much to the software, essentially a reworked "Hello World" that says "sup dawg, it's geohot," but it's more than enough to prove viability of homebrew software on the PS3. Sony, for its part, has stated to Edge that it will "fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details." However, fail0verflow hacking group member pytey recently told the BBC, "The complete console is compromised - there is no recovery from this." He added that the only possible way to correct the hack would be for Sony to "issue new hardware."
Geohot demos homebrew on 'jailbroken' PS3, Sony vows to 'fix' via software update (video)
We just saw how you can now add an Install Package Files option to the PS3 using some custom firmware, but that darn hacker George "Geohot" Hotz has taken it a step further by demonstrating homebrew in a quick, Mr. Blurrycam-approved video. It's a barebones app that only says "sup dawg, it's geohot," but in reality it's a pretty huge step. Geohot's provided the file on his website along with a copy of the METLDR root key that enables the homebrew. Sony, meanwhile, has issued a statement saying it'll "fix the issues through network updates, but because this is a security issue, we are not able to provide you with any more details." This runs counter to what pytey from fail0verflow (the famed group that kickstarted this new round of hacking) just told the BBC, "the only way to fix this is to issue new hardware... Sony will have to accept this." Hey, at least you'll be in good company, eh Sony? Check out geohot's proof of concept video after the break. [Thanks to everyone who sent this in]
PS3 custom firmware lets you 'Install Package Files,' piracy not allowed
Well, that didn't take long! Just one week after hacking collective (and chr0nic misspellers) fail0verflow revealed a hack that delivered the PS3's private cryptography key on a platter, another hacker going by the MoNiKeR "KaKaRoToKS" has taken the next step, delivering tools that will convert your plain ol' vanilla PS3 firmware (yup, even the latest security-minded 3.55 patch) into a fancy new custom firmware. One capable of running signed and encrypted executable .PKG files ... not unlike the ones that Sony itself uses to distribute PSN games. But this custom firmware isn't all about piracy. KaKaRoToKS writes, "Since the kernel is left unmodified, this means that this custom firmware is really meant for future homebrew installation, and it will not allow piracy. I plan on keeping it that way." We suspect that myriad other, less scrupulous hackers don't share that sentiment. If you want an "Install Package Files" option the Game section of your XMB, PS3-hacks.com has a guide just for you. Peep a video of a custom firmware installation after the break.
First PS3 'custom firmware' working, doesn't allow piracy
Building upon the exploits of the fail0verflow hacking troupe, a tinkerer known as "KaKaRoToKS" has got the first "custom firmware" (CFW) running on PS3. The modification can be applied to any version of the system's official firmware, including the latest 3.55 patch, and simply adds an "Install Package Files" option in the Game section of the XMB. Importantly, this unauthorized option isn't an open flood gate for pirated games, but rather a means by which users could install signed and encrypted executable files -- in other words, "retail" .pkg files like the ones Sony uses for PSN downloads. While no current homebrew application is packaged like this (and therefore compatible with the custom firmware), it would be possible for homebrew developers to re-package their files to be installed through the CFW. (PSJailbreak offers similar functionality, DigitalFoundry explains, but as its name implies, Jailbreak allows for the installation of unsigned, unencrypted code.) "Since the kernel is left unmodified, this means that this custom firmware is really meant for future homebrew installation, and it will not allow piracy," writes KaKaRoToKS in a blog post about the CFW. "I plan on keeping it that way." [Thanks, Roland]
Hacker GeoHot claims release of PS3 root key
Last week, hacking group fail0verflow claimed to have found a method for discovering a PlayStation 3's "private key," each system's unique code restricting access to unsigned code. GeoHot (who found another PS3 exploit a year ago) says he has released the PS3's METLDR root key to the public, which allows access to the PS3's loaders, and reportedly could be used to allow any unsigned code to be run on the system. In addition, fail0verflow has started releasing development tools for the PS3. In a brief note on his site, GeoHot congratulated the fail0verflow team and noted that "I do not condone piracy," and then suggested that the three current console manufacturers contact him if they want secure systems. "It'd be fun to be on the other side."
Hackers obtain PS3 private cryptography key due to epic programming fail? (update)
The 27th annual Chaos Communication Conference already hacked encrypted GSM calls with a $15 cellphone, but there was a second surprise in store this morn -- the souls who unlocked the Nintendo Wii's homebrew potential (and defended it time and again) claim to have broken into the PlayStation 3 as well. Last we left the black monolith, Sony had won a round, forcing the community to downgrade their firmware for any hope at hacking into the console. Well, the newly formed fail0verflow hacking squad says that won't be a problem any longer, because they've found a way to get the PS3 to reveal its own private cryptography key -- the magic password that could let the community sign its very own code. So far, the team hasn't provided any proof that the deed's been done, but they have provided quite an extensive explanation of how they managed the feat: apparently, Sony didn't bother generating any random numbers to secure the blasted thing. (We don't really know how it works, but we have it on good authority that dead cryptography professors are rapidly spinning in their graves.) The group intends to generate a proof-of-concept video tomorrow, and release the tools sometime next month, which they claim should eventually enable the installation of Linux on every PS3 ever sold. Catch the whole presentation after the break in video form, or skip to 33:00 for the good stuff. Update: The proof-of-concept vid is a bit underwhelming -- fail0verflow had to SSH into a PS3 over ethernet -- but it's here nonetheless. See it after the break, and find the team's full set of presentation slides at our more coverage link. [Thanks, Paolo S.]
