Endless Paradigm

Full Version: The many protections of the Playstation Vita
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
wololo Wrote:[Image: ps-vita-1.jpg]Last week, the shock of a Day1 exploit on the Playstation Vita generated lots of buzz, discussions, and other various related events (Kim Jong Il couldn’t take it anymore and decided that living in a world where consoles get hacked on the day of their release was not worth it)

Now, as I said before, don’t get your hopes too high, as this is not really a Vita exploit rather than a PSP exploit within the sandboxed emulator. That being said, in the current state of our knowledge, there is strong hope that this could lead to PSP homebrew running on the vita, possibly through HBL. Developer Teck4, with the help of J416, plans to try and port HBL to this exploit. J416 was the first person to adapt HBL to a new game after wee released it publicly for the patapon exploit, so I’m confident that the task is in good hands. I will of course do my best on my side to see if I can help solve some of the issues along the way.

That exploit set aside, I had the opportunity to look quickly at the PS Vita in the past few days. I don’t have the free time I wish I had to test everything within a few days, but what I can say so far is that Sony intends this console to be as secure as possible.


TECHNICAL PROTECTIONS

[Image: 200px-Playstation_vita_media.svg.png]

Sony introduced not one but two new formats of memory cards for the Vita.
explained by a spokesperson from the Hardware division at Sony, this is part of a plan to make piracy more difficult. Until the format of the cards is reverse engineered, no reader will exist to try and read/write what’s on those cards. It is arguable why Sony added two new formats instead of one, although the paranoid guy inside of me thinks it’s to prevent piracy as much as possible (manufacturers will probably focus their efforts on duplicating the read/write cards rather than the PSVita cards)

In order to make this even more efficient, Sony removed one of the key features of the PSP: the possibility to use it as a USB drive when you plug in to a computer. Instead, a piece of software (the content management assistant) needs to be run on your PC and your PS Vita, which will allow you to import files from the PC to the Vita. I will give details on that piece of crapware tool from a user’s perspective in another post (hint: it’s very bad), but from a security point of view, this is a strong system. Unlike the iTunes pattern where iTunes runs on your computer and copies files to your iPhone, the “contents management assistant” runs on the PS Vita while your PC is just a fairly passive client. This is clever because a PC binary could have easily been decompiled, analyzed, and modified, but in this case, the Vita is the one that chooses which files go in, which files don’t. I can already foresee updates coming to that tool for every hack wee will find involving the copy of files to the Vita.

[Image: IMG_5258-300x225.jpg]
The Content management assistant...yuck

In other words, Sony made it practically impossible to copy anything to the Vita, besides a very restricted list of file formats: jpg, png, tiff, mp3, wav, PSP savedata, psp games/apps, vita games/apps. The PSP/Vita games of course need to be correctly signed and packaged in the vita format (forget about your PSP homebrews for now), and potentially already linked one way or another to your Vita account. Bottom line: forget about using it as a convenient storage format, that super expensive memory card you bought for the Vita will be used exclusively to store stuff you buy on the Playstation Store. For the hackers, it means that attack vectors are limited.

[Image: IMG_5263-300x225.jpg]

Additionally, it seems the memory cards are tightly linked to the system itself. When a memory card is inserted/removed, the system requires a restart before being able to use the card. Is it in order to prevent some of the clever hacks that appeared in the early days of the PSP, and that consisted in quickly swapping 2 memory sticks? Whatever reason that is, it is highly probable that the data on the card is entirely encrypted, and bound to the playstation notwork account (which would be why switching accounts require a different memory card?).

[Image: IMG_5261.jpg]

I quickly tried some of the old crashes and exploits that were lying on my hard drives. Some of these involved for example mp3 files or image files… None of them was fully exploited, but I wanted to see the results on the Vita. So far all my “damaged” files that would make the PSP crash or display “hello world” types of messages are recognized as “corrupted” by the tool. It still agrees to copy damaged audio or photo files to the console, but simply refuses for games.

[Image: IMG_5260-300x225.jpg]

[Image: IMG_5259-300x225.jpg]


LEGAL PROTECTIONS

As mentioned before, the Terms and Conditions of the PS Vita are fairly restrictive. The “funny” part in particular is this one:

    You may not
    (i) use any unauthorized, illegal, counterfeit or modified hardware or software with System Software;

    (ii) use tools to bypass, disable or circumvent any PS Vita encryption, security or authentication mechanism;

    (iii) re-install earlier versions of the System Software (“downgrading”),

    (iv) violate any laws, regulations or statutes or rights of SCE or third parties in connection with your access to or use of System Software; (v) use any hardware or software to cause System Software to accept or use unauthorized, illegal or pirated software or hardware;

    (vi) obtain System Software in any manner other than through SCE’s authorized distribution methods; or

    (vii) exploit System Software in any manner other than to use it with your PS Vita according to the accompanying documentation and with authorized software or hardware, including use of System Software to design, develop, update or distribute unauthorized software or hardware for use in connection with the PS Vita.

    These restrictions will be construed to apply to the greatest extent permitted by the law in your jurisdiction.


The legality of this contract is doubtful, and this section is actually entirely illegal in some countries (at least in France as far as I know), but in some third-world countries where strong individual censorship is enforced such as the United States, this kind of contract has sometimes been used successfully in court.

There’s no choice but to accept that contract on the Vita as soon as you want to use the playstation store, which is the only way to acquire PSP games on the system. Hackers living in the US who would want to look for vulnerabilities in PSP games will need to take that into account.

On top of that, and as I mentioned a while ago, Sony is “learning” from some of their mistakes, and any firmware upgrade now contractually prevents US citizen from suing Sony in a class action, without some major constraints (this is in response to the class action suit that was taken against Sony for removing OtherOS from the PS3 in a firmware update). To be honest I don’t live in the US and I fell asleep in the middle of the second sentence, so I don’t know exactly what this does, I just find it creepy that there are countries in the world were Sony can change the way people can access their own country’s legal system…

    The following terms in this Section 8, to the fullest extent permitted under law, only apply to you if you are a resident of the United States or a country in North, Central or South America.
    [...]

    If you have a Dispute with any Sony Entity or a Sony Entity’s officers, directors, employees and agents (“Adverse Sony Entity”) that cannot be resolved through negotiation as required as further described below. Other than those matters listed in the Exclusions from Arbitration clause, you and the Adverse Sony Entity must seek resolution of the Dispute only through arbitration of that Dispute according to Section 8′s terms and not litigate that Dispute in court. Arbitration means that the Dispute will be resolved by a neutral arbitrator instead of in a court by a judge or jury.
    [...]

    IF YOU DO NOT WISH TO BE BOUND BY THE BINDING ARBITRATION AND CLASS ACTION WAIVER IN THIS SECTION 8, YOU MUST NOTIFY SCE IN WRITING WITHIN 30 DAYS OF THE DATE THAT YOU ACCEPT THIS AGREEMENT. YOUR WRITTEN NOTIFICATION MUST BE MAILED TO SONY COMPUTER ENTERTAINMENT INC. CARE OF SONY COMPUTER ENTERTAINMENT AMERICA LLC, 919 EAST HILLSDALE BLVD., FOSTER CITY, CA 94404, ATTN: LEGAL DEPARTMENT – WAIVER AND MUST INCLUDE: (1) YOUR NAME, (2) YOUR ADDRESS, (3) YOUR PLAYSTATION®NETWORK ID, IF YOU HAVE ONE, AND (4) A CLEAR STATEMENT THAT YOU DO NOT WISH TO RESOLVE DISPUTES WITH ANY SONY ENTITY THROUGH ARBITRATION.

    IF YOU HAVE A DISPUTE WITH ANY SONY ENTITY, YOU MUST SEND WRITTEN NOTICE TO SONY COMPUTER ENTERTAINMENT INC. CARE OF SONY COMPUTER ENTERTAINMENT AMERICA LLC, 919 EAST HILLSDALE BLVD., FOSTER CITY, CA 94404 ATTN: LEGAL DEPARTMENT – DISPUTE RESOLUTION TO GIVE THE ADVERSE SONY ENTITY AN OPPORTUNITY TO RESOLVE THE DISPUTE INFORMALLY THROUGH NEGOTIATION.

    [...]
    ANY DISPUTE RESOLUTION PROCEEDINGS, WHETHER IN ARBITRATION OR COURT, WILL BE CONDUCTED ONLY ON AN INDIVIDUAL BASIS AND NOT IN A CLASS OR REPRESENTATIVE ACTION OR AS A NAMED OR UNNAMED MEMBER IN A CLASS, CONSOLIDATED, REPRESENTATIVE OR PRIVATE ATTORNEY GENERAL ACTION, UNLESS BOTH YOU AND THE ADVERSE SONY ENTITY SPECIFICALLY AGREE TO DO SO IN WRITING FOLLOWING INITIATION OF THE ARBITRATION.

    [...]

    This Section 8 survives this Agreement’s termination.


WHAT"S NEXT?

This is only the surface of the security on the PS Vita. As wee dig more, wee will find more security, get more specific information about the system, find stronger locks, but also, who knows, weaknesses.

Sony are protecting their assets with any possible way. Personally I would have preferred if they had spent less time on security/legal terms and more time on making good games (*cough* ridge racer sucks *cough*), but given that they are probably today in the “hate list” of many hackers in the world, it’s understandable that they had to think about it a little bit.

Putting files (homebrews) on the Vita system seems to be the most interesting challenge for now. Clearly, updates to the content management tool will protect the console from hacks involving the copy of some specific files to the system, and that tool overall makes it fairly difficult to copy homebrews to the console. On that part, the help of hardware hacks will probably be needed, but I’m confident that Datel and the likes will be trying to provide third party memory cards as soon as possible… Or maybe other vectors such as the PS3 connectivity could be leveraged.

From the legal point of view…well basically until the US change their laws against reverse engineering, Sony is sending the message that they are not done harassing hackers if they find it’s the only way to protect their business. Those interesting to see details about how bad that can go can read the legal section of the excellent book “Hacking the XBox“. Good times ahead…

Source
Apparently modded consoles = sales of console
Urgh, this thing requires you to install crapware and can't be used as an arbitrary storage device?

What next, Sony start installing rootkits on your PC? (again)

Actually, I'm a bit critical as to whether that really improves security or not.  Copying files that the PSP doesn't recognise doesn't trigger an exploit - only files that it does recognise, like TIFFs or savegames were exploitable anyway.  For any other auxiliary files, they can be wrapped in formats like .wav anyway, assuming you already have executable permissions on the device.
At first I did not want the vita but now I'm imaging ff7 on it and it makes me cringe. I already bought the game legally on the PS store but if I can't emulate other old games I'll go nuts. At least this time past PSP owners won't update their system until wee get this thing hacked.

Updates = lol you can't run home brew :D
The software isn't yours, you have a license to use it for it's intended purpose.
Even ancient consoles had this licensing agreement, I don't see why people just think it is OK to hack the Vita and that they have the right to roam free on it.
It's like you taking software I have written, changing a few lines to make it do something I didn't want it to do for a good reason, and then releasing that to the world without me, the code author's permission. It would still be my code, not yours just because you have it in your possession.
I can understand perfectly why Sony would want people not to hack their stuff, because like it or not, one of the first things always made for hacked consoles is a way to run the poor excuse of piracy that is 'backups'.
Want PSP games? Nearly all of you have PSPs...
I'm glad Sony are stopping it, the only reason PSP was so severely hacked was because of a massive error in firmware v1.50, which hackers used as a base for everything else.
Like I said before, the only real reason people hack their PSPs nowadays is for free games, under the dumb guise of calling them 'backups'.
Old games, like NES and stuff, fine. You can't even buy them anymore, so no harm done, no money lost for the company that slaved to bring out entertainment for you.
I've become more critical of software piracy as I have begun to program myself.
It takes. A long. Long. Long. Long. Time. To Make. A Game.
And if someone just went and took those thousands of hours of work for free? I'd be pretty pissed too to be honest.
Piracy is bad, wee get it. Now get over it. The people who pirated weren't going to buy the game anyways.

Also isn't it insane to release this to millions of people and control what they do with it?

And wee have to pay a chocolateload of money for the "secured" version of that memory spoon.
well, I guess I won't be able to copy anything to my Vita with Linux.

oh well, not gonna stop me from buying it. I have a dedicated music player, so I'll have no need to put music on it anyway.

Although, I would like a way to backup savedata. D:
Complete control is a dictatorz job
I would not mind being in a secure system as long as I get complete compensation. Raising prices out $20-$50 is too high for my tastes and I wish they worked with us like Google does with their Android os. Thanks to that their Android powered devicez have taken down apple's empire in about 2 years. They are causing their own doom I can guarantee their PS store will fall quicker than when the PSP 1001 came to light. If they gave us a cheap 10$/month service like Netflix people would buy it faster than new iPhonez. Some might even stay loyal and not chose to pirate gamez. Steam understands our needs and they even said that in order to defeat piracy that they need to improve their services to the people to the point were it becomes a hassle to pirate.

Increased prices, no options given to the people and no other alternatives sound familiar? Its the same stuff that fueled the American war with the British back in the 18th century. Except this time the war is in the new world called the internet. (No offence people its just an example.)

Dam it.
I ranted sorry...
properbritish Wrote:Blah blah blah
You talk about how piracy is bad, and yet you recently paid a penny for a humble bundle, can you honestly say you no longer pirate?
Funnybutrandom Wrote: [ -> ]
properbritish Wrote:Blah blah blah
You talk about how piracy is bad, and yet you recently paid a penny for a humble bundle, can you honestly say you no longer pirate?

i didnt pay a penny
Pages: 1 2
Reference URL's